last executing test programs: 18.441383882s ago: executing program 0 (id=1263): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x800400007, 0x65d, 0xffff, 0xffffffffffffffff, 0x20000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram6\x00', 0xc6fc1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) r0 = epoll_create$auto(0x5) fremovexattr$auto(r0, &(0x7f0000000000)='&\x00') read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000280)=""/54, 0x36) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x2, 0x88) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xbff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) connect$auto(0x3, 0x0, 0x54) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r1 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) recvmmsg$auto(0x3, 0x0, 0x10000, 0x4ff, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) 18.189670042s ago: executing program 0 (id=1265): r0 = memfd_create$auto(&(0x7f0000000300)='/sys/kernel/debug/x86/boot_params/data\x00\"F\xb6\xcd\x06\xd6\x97\\L\xe1\xb2\xee\xb8\x8e\xd6O\xa1j\x90w\xc7\x94\xb7yi\x01&\x04b/\xaa\xfb#s\xc4\xa3\xa7\xacj\xc6\x8e\xf4L\x9a\xf8\xcc\xdcy\x9f\x93\xbc\xf6\xc8\xdb\x05w,|B\xfc\x04\x97\xd3\x0f\x8b\x81\xe8\xbc\x81\x0e\xd7o\xd2\xcd\x18z\xc2\xb7|\xe1\xa6\x9a~\x96\x10rnLnt\xdb\xdb-\x1b\x99\xd4\xed;\xf8\x13a\r\xf2\a\x85%\xef\xa7\x7f#\x96\xf2S\xb0\xf1Hq\x0f;\x83\xb7\x0fz\x9dN\xc9\x1e\x15r\x97|\xbfE\xce\"', 0x4) fallocate$auto(r0, 0x0, 0x10, 0xccbd5d) fallocate$auto(0x8000000000000003, 0x3, 0xf, 0x200000004) r1 = socket(0x1a, 0x2, 0x0) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000000c0)='/\x00R\xa6\x00\xc8\xda\xdc\xb1\xb4#\xe4\xeb\xe1c_\x1b/\xb9L\xc6P\x82\xba\x90@\xb8\xb5\xb1\xe8\"\x88s\xdf\x15\xaa\x18\xa9\x86\xc7\x87g>8\xae\x99\xd4~\xc6\xa7\\\xcc\xfeV\x83\f\xdc\xdc~\x8e\xd5\x18\x13\x16\xc5\x93E\x10\xcb\x1c\x02\x00\xd2\xa4_\xa3\xdcS\xe2\xe2\xc6\x85p\xfa\xc3/G\x86\xea\x9f\xb0\x9a\xcc6\x1a\x06\x91\x9f\xcfC\xedU\x00f`\x02\x04\xef\xfe\x10\xec\x17\x83%K\x04\xd5s\x86\xe4\x9d\x15\f\x8c\xd9wj\xe5t\x82o7\xc05ul\xacU\xbf\xc0\xee\xb4\xd7\t\xe0s]\xcd\xac\x87\xa5\xa6.t\xa9\xe8\xa6>\xf2\xd0\xb1\x83\x83\x91\a\xdc\xe9\xaa\x1dx\x06\xa77\xd6\xe1\xe9\x94\xb9Xi\xbbv_\x9a_bv%\xcb\xc7\xdd\xa3\xb4\tpr%\xdf\xc9\x06\xa2\xe7\xe1\xde\x16\xf7\x03x\xf8\v\v\x1a\xfcm\x87r\xc1\b\xca\x97\xb0\xeb\xd6F\x8f^\x94\xdf\x9ax\xf4\x03e[l\xa5', &(0x7f0000000240)={0x81, 0x6, "c1b57301b9869adab1fdd6c995cff9eae7b39be1606e9cd8700875d4795a3db70e9ecfe6623d35bfeda2d7a5fc5728403e88a528bbd781a412be76a28e712d7036bc9b3ff2e2a292e0466d46c0f21fd755fa547193bc8e8ddd6dec206fd170cda4da3bd4dcff826699398f8f684d13f05f5e26732ef41d7a44f3e166724933b201"}, 0x0, 0x1001) setsockopt$auto(r1, 0x29, 0x6, &(0x7f0000000400)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1\x87`\xce\xe5MI\x934e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8c=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5;\xaad\r\x00C\xb42\x01I=\xa3\xabI\xfaP\xc3k\\\xeb\xbf1\xdcHu\xd8P\xab\xfd&b\xff}\x008\x05Q\x1b\xe2\xaaS\x16\x9a9zg\x96(\x8f\xc2<\xce\x94\xa0\xc4\xe1\xa7\xaf\xf9\xcbz\xa8\tG\x0fO\"\xea{\x02\x8c\xc7\x9a#\xfa\x99\xb6W|Ig\x81\xc6\x9bq\x86\x16x\xa5\xd2H+5\b\xea\xb8\xc8\x1c\xe82\x8b\xf9B\x9c\x18\xc0\xf0\x9e\xc8b[\xcb\xdcs\xf6R\xe1Xn\x11\xa6\xd7\xf6\xd6\xf7|\x9fOr\xb2c=2<\xdc\x0e\xfa\xd9\x00&\xb6', 0x10f) connect$auto(0x3, 0x0, 0x58) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) rt_sigtimedwait$auto(&(0x7f0000000040)={0x3}, &(0x7f0000000080)={@_si_pad}, &(0x7f0000000100)={0xb0, 0xb}, 0x8) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x700003a) mmap$auto(0x0, 0x4, 0x4000000000e2, 0x40eb1, 0x401, 0x300000000000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/advisor_target_scan_time\x00', 0x201, 0x0) mmap$auto(0x0, 0x2020009, 0x1, 0x9000000eb1, 0xfffffffffffffffa, 0xfff) getrlimit$auto(0x3, 0x0) r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) ioctl$auto_FS_IOC_FSSETXATTR(r3, 0x401c5820, 0x9) write$auto(r2, 0x0, 0xfdef) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_SESSION_CREATE(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008015}, 0x48004) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="1b0026bd7000fddbdf250300000004000800100008000a00000000000000", @ANYRES32, @ANYBLOB], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) capset$auto(&(0x7f00000003c0)={0x20080522}, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r6, 0x4b47, 0x1) write$auto_proc_clear_refs_operations_internal(0xffffffffffffffff, &(0x7f0000000280)="fdf5a2faab850d51b144f731c3cd2b99fc6163f8676c73cd47b2836587533211d1e940cdb9afdf00a47f49edbeaea201f0ec40c0eb6e93a2af02fb8f476565e29833d02a11d3d363f8714d16f4a386683728f6", 0x53) close_range$auto(r0, r0, 0x0) getsockopt$auto_SO_PASSPIDFD(r0, 0x8, 0x4c, &(0x7f0000000000)='/}:(\x00', &(0x7f0000000040)=0x61c) 17.222008993s ago: executing program 0 (id=1270): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_VENDOR(r0, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="05076ebd7000fbdbdf2567"], 0x1c}, 0x1, 0xf0ffff, 0x0, 0x4000}, 0x80) 17.094260029s ago: executing program 0 (id=1271): r0 = memfd_create$auto(&(0x7f0000000300)='/sys/kernel/debug/x86/boot_params/data\x00\"F\xb6\xcd\x06\xd6\x97\\L\xe1\xb2\xee\xb8\x8e\xd6O\xa1j\x90w\xc7\x94\xb7yi\x01&\x04b/\xaa\xfb#s\xc4\xa3\xa7\xacj\xc6\x8e\xf4L\x9a\xf8\xcc\xdcy\x9f\x93\xbc\xf6\xc8\xdb\x05w,|B\xfc\x04\x97\xd3\x0f\x8b\x81\xe8\xbc\x81\x0e\xd7o\xd2\xcd\x18z\xc2\xb7|\xe1\xa6\x9a~\x96\x10rnLnt\xdb\xdb-\x1b\x99\xd4\xed;\xf8\x13a\r\xf2\a\x85%\xef\xa7\x7f#\x96\xf2S\xb0\xf1Hq\x0f;\x83\xb7\x0fz\x9dN\xc9\x1e\x15r\x97|\xbfE\xce\"', 0x4) fallocate$auto(r0, 0x0, 0x10, 0xccbd5d) fallocate$auto(0x8000000000000003, 0x3, 0xf, 0x200000004) r1 = socket(0x1a, 0x2, 0x0) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000000c0)='/\x00R\xa6\x00\xc8\xda\xdc\xb1\xb4#\xe4\xeb\xe1c_\x1b/\xb9L\xc6P\x82\xba\x90@\xb8\xb5\xb1\xe8\"\x88s\xdf\x15\xaa\x18\xa9\x86\xc7\x87g>8\xae\x99\xd4~\xc6\xa7\\\xcc\xfeV\x83\f\xdc\xdc~\x8e\xd5\x18\x13\x16\xc5\x93E\x10\xcb\x1c\x02\x00\xd2\xa4_\xa3\xdcS\xe2\xe2\xc6\x85p\xfa\xc3/G\x86\xea\x9f\xb0\x9a\xcc6\x1a\x06\x91\x9f\xcfC\xedU\x00f`\x02\x04\xef\xfe\x10\xec\x17\x83%K\x04\xd5s\x86\xe4\x9d\x15\f\x8c\xd9wj\xe5t\x82o7\xc05ul\xacU\xbf\xc0\xee\xb4\xd7\t\xe0s]\xcd\xac\x87\xa5\xa6.t\xa9\xe8\xa6>\xf2\xd0\xb1\x83\x83\x91\a\xdc\xe9\xaa\x1dx\x06\xa77\xd6\xe1\xe9\x94\xb9Xi\xbbv_\x9a_bv%\xcb\xc7\xdd\xa3\xb4\tpr%\xdf\xc9\x06\xa2\xe7\xe1\xde\x16\xf7\x03x\xf8\v\v\x1a\xfcm\x87r\xc1\b\xca\x97\xb0\xeb\xd6F\x8f^\x94\xdf\x9ax\xf4\x03e[l\xa5', &(0x7f0000000240)={0x80, 0x6, "c1b57301b9869adab1fdd6c995cff9eae7b39be1606e9cd8700875d4795a3db70e9ecfe6623d35bfeda2d7a5fc5728403e88a528bbd781a412be76a28e712d7036bc9b3ff2e2a292e0466d46c0f21fd755fa547193bc8e8ddd6dec206fd170cda4da3bd4dcff826699398f8f684d13f05f5e26732ef41d7a44f3e166724933b2"}, 0x0, 0x1001) setsockopt$auto(r1, 0x29, 0x6, &(0x7f0000000400)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1\x87`\xce\xe5MI\x934e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8c=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5;\xaad\r\x00C\xb42\x01I=\xa3\xabI\xfaP\xc3k\\\xeb\xbf1\xdcHu\xd8P\xab\xfd&b\xff}\x008\x05Q\x1b\xe2\xaaS\x16\x9a9zg\x96(\x8f\xc2<\xce\x94\xa0\xc4\xe1\xa7\xaf\xf9\xcbz\xa8\tG\x0fO\"\xea{\x02\x8c\xc7\x9a#\xfa\x99\xb6W|Ig\x81\xc6\x9bq\x86\x16x\xa5\xd2H+5\b\xea\xb8\xc8\x1c\xe82\x8b\xf9B\x9c\x18\xc0\xf0\x9e\xc8b[\xcb\xdcs\xf6R\xe1Xn\x11\xa6\xd7\xf6\xd6\xf7|\x9fOr\xb2c=2<\xdc\x0e\xfa\xd9\x00&\xb6', 0x10f) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) rt_sigtimedwait$auto(&(0x7f0000000040)={0x3}, &(0x7f0000000080)={@_si_pad}, &(0x7f0000000100)={0xb0, 0xb}, 0x8) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x700003a) mmap$auto(0x0, 0x4, 0x4000000000e2, 0x40eb1, 0x401, 0x300000000000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/advisor_target_scan_time\x00', 0x201, 0x0) mmap$auto(0x0, 0x2020009, 0x1, 0x9000000eb1, 0xfffffffffffffffa, 0xfff) getrlimit$auto(0x3, 0x0) r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) ioctl$auto_FS_IOC_FSSETXATTR(r3, 0x401c5820, 0x9) write$auto(r2, 0x0, 0xfdef) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_SESSION_CREATE(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008015}, 0x48004) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="1b0026bd7000fddbdf250300000004000800100008000a00000000000000", @ANYRES32, @ANYBLOB], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) capset$auto(&(0x7f00000003c0)={0x20080522}, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r6, 0x4b47, 0x1) write$auto_proc_clear_refs_operations_internal(0xffffffffffffffff, &(0x7f0000000280)="fdf5a2faab850d51b144f731c3cd2b99fc6163f8676c73cd47b2836587533211d1e940cdb9afdf00a47f49edbeaea201f0ec40c0eb6e93a2af02fb8f476565e29833d02a11d3d363f8714d16f4a386683728f6", 0x53) close_range$auto(r0, r0, 0x0) getsockopt$auto_SO_PASSPIDFD(r0, 0x8, 0x4c, &(0x7f0000000000)='/}:(\x00', &(0x7f0000000040)=0x61c) 16.117610023s ago: executing program 0 (id=1274): close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x40400, 0x48) write$auto(0x3, 0x0, 0xfffffdef) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/veth0_macvtap/anycast_delay\x00', 0x202, 0x0) sendfile$auto(r1, r1, 0x0, 0x1) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000000), r0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000140), 0x60e83, 0x0) r4 = getpgrp(0x0) prctl$auto(0x8, 0xfffffffffffffffc, r4, 0xb9, 0x8) ioctl$auto(r3, 0x3b8e, 0xffffffffffffffff) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages_mempolicy\x00', 0xa001, 0x0) write$auto(r5, &(0x7f0000000040)='\x00'/13, 0x81) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) 15.698677297s ago: executing program 0 (id=1276): io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) 10.674330865s ago: executing program 1 (id=1289): socket(0x15, 0x5, 0x0) socket(0xa, 0x3, 0x5) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) open_tree_attr$auto(0xffffffffffffff9c, 0x0, 0x1, 0x0, 0x800) r0 = socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r1}, 0x6a) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x40000403c6f2b, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x801ffde, 0x1, 0x2000000000000006, 0x3, 0x8, 0x5, 0x6, 0x7, 0x1, 0x7fff, 0x2, 0x3, 0x5, 0xffffffffffffffea, 0x0, 0x3, 0x0, 0x0, 0x3bc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffff00000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x2000000000000002, 0x0, 0x5, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc]}, 0x5, 0x2) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x20, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0xffffff9e}, 0x40000) (fail_nth: 3) 9.690541651s ago: executing program 1 (id=1291): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2a, 0x2, 0x1) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0x5, 0x2000000000000002, 0x9, 0x8, 0x400000000ff, 0xa, 0x4, 0xaab, 0x8, 0x7]}, 0x0, 0x0) setresgid$auto(0x0, 0xee01, 0xffffffffffffffff) getegid() mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40100, 0x0) pread64$auto(r0, 0x0, 0x10001, 0x830) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7e}, 0x40000000000009) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = eventfd$auto(0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) getsockopt$auto_SO_PEEK_OFF(r1, 0x3, 0x2a, &(0x7f0000000000)='!($\x00', &(0x7f0000000040)=0x40) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101c40, 0x0) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r2, 0x5602, r3) io_uring_setup$auto(0x5, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFSD_CMD_THREADS_GET(r4, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000001780)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44848}, 0x4000000) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000019c0), r4) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r4) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000002280)={0x0, 0x0, &(0x7f0000002240)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="030527bd7000fbdbdf25040000000c0001800800010050b890f9"], 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x40) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/bdi/31:0/strict_limit\x00', 0xa0666, 0x0) write$auto(r6, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00p\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x1d\b\xd7\xe2\xae\xfek\xbbw\x8c\x00\x00\x00\x00\t\x00\x00\x00k\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x85) readv$auto(r6, &(0x7f0000000a80)={0x0, 0xfffd}, 0x9) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x1) 9.429283116s ago: executing program 1 (id=1294): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) write$auto(0x6, 0x0, 0x100000001) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) inotify_init1$auto(0x4000000) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC0\x00', 0x80, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) r2 = fanotify_init$auto(0x5, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x85, 0x0, &(0x7f0000000000)=0x7ffe) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) fanotify_mark$auto(r2, 0x205, 0xa, 0x4, 0x0) ioctl$auto(r1, 0xc038563b, r0) 8.466593832s ago: executing program 1 (id=1297): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) r1 = socket(0x2, 0x2, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) bind$auto(r1, 0x0, 0x6a) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x20003b46, 0x6, 0x0, 0x0, 0x5) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) setgroups$auto(0xa1, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862) statx$auto(r0, &(0x7f00000001c0)='.\x00', 0x9, 0xffffffff, &(0x7f0000000200)={0x62, 0x0, 0x6, 0xfffffffc, 0x0, 0x0, 0x4, 0x7ff, 0x4, 0x7f, 0x6, 0x1, {0x9, 0x4}, {0x401, 0x9}, {0x2, 0x4}, {0xd, 0x40}, 0xa, 0x0, 0x5, 0xf, 0x6, 0x0, 0x3ff, 0x80000, 0x0, 0x0, 0x200, 0x0, [0xe9, 0x6, 0x401, 0x8001, 0x5, 0xf, 0x4, 0x3, 0x5]}) r2 = getegid() r3 = socket(0x29, 0x2, 0x0) getsockopt$auto(r3, 0x119, 0x5, 0x0, 0x0) setregid$auto(r2, r2) capset$auto(&(0x7f0000000380)={0x10000}, &(0x7f00000003c0)={0x1, 0x7fff, 0x9}) fcntl$getown(r0, 0x9) mprotect$auto(0x0, 0x8000000000000001, 0x8) 7.613848573s ago: executing program 1 (id=1299): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x4d, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r0, 0x540a, 0x0) socket(0xa, 0x5, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0xe, 0x100000000007) timer_create$auto(0x0, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/blkio.bfq.time_recursive\x00', 0x182b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x7, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x10, &(0x7f0000000180)={0x7, 0x1, 0xb9, 0xd, 0x18da, 0x3, r0, [0x6, 0x7, 0x2], {0xff, 0x1ffe00, 0x75, 0x6, 0x2, 0x800, 0xf, 0x7db, 0x8}, {0x7, 0x80000000, 0xa99, 0x8001, 0x4, 0x7, 0x3, 0x9, 0x6}}) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) 6.113783166s ago: executing program 3 (id=1305): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) write$auto(0x6, 0x0, 0x100000001) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) inotify_init1$auto(0x4000000) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC0\x00', 0x80, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) r2 = fanotify_init$auto(0x5, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x85, 0x0, &(0x7f0000000000)=0x7ffe) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) fanotify_mark$auto(r2, 0x205, 0xa, 0x4, 0x0) ioctl$auto(r1, 0xc038563b, r0) 5.395577991s ago: executing program 1 (id=1306): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x20904, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x3, 0x1002, 0xfffffffc, 0x5, 0x2}, "654c6dbc7a4d30983899a7e1325b6a29ba1e18441074052a3fa6c3ccf1bf00"}) r1 = socket(0xa, 0x80002, 0x73) msgctl$auto_MSG_STAT(0xbf, 0xb, &(0x7f0000000180)={{0x922, 0xee01, 0xffffffffffffffff, 0x4, 0x6, 0xff, 0x3}, 0x0, 0x0, 0x80000000, 0x9, 0x80000001, 0x8000000000000000, 0x3, 0x2, 0xc, 0x0, @raw=0x3, @inferred=0xffffffffffffffff}) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0xffffffffffffffff, @ANYBLOB="000126bd7000fbdbdf2502000000080001"], 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x8080) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="06000000", @ANYRES16=0x0, @ANYBLOB="0100"], 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0xd561, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) timer_create$auto(0x2, 0x0, 0x0) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r6, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) kexec_load$auto(0x200000000007, 0x1, &(0x7f0000000040)={@kbuf=0x0, 0x2aaa, 0x6c0000c000, 0xc000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYRES32=r2, @ANYRESHEX=r4, @ANYRESHEX=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x4010}, 0x80) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0x96bc}, 0x2, &(0x7f0000000380), 0x7, 0xa505}, 0x9}, 0x7, 0x4008) setsockopt$auto(r1, 0xfefb, 0x1d, 0x0, 0x28) readv$auto(r0, &(0x7f00000000c0)={0x0, 0x4c786f70}, 0x2) r7 = ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, &(0x7f0000000080)=0x859) fcntl$auto_F_DUPFD(r0, 0x0, r7) socket$nl_generic(0x10, 0x3, 0x10) 5.243956135s ago: executing program 3 (id=1307): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) r1 = socket(0x2, 0x2, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) bind$auto(r1, 0x0, 0x6a) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x20003b46, 0x6, 0x0, 0x0, 0x5) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) setgroups$auto(0xa1, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862) statx$auto(r0, &(0x7f00000001c0)='.\x00', 0x9, 0xffffffff, &(0x7f0000000200)={0x62, 0x0, 0x6, 0xfffffffc, 0x0, 0x0, 0x4, 0x7ff, 0x4, 0x7f, 0x6, 0x1, {0x9, 0x4}, {0x401, 0x9}, {0x2, 0x4}, {0xd, 0x40}, 0xa, 0x0, 0x5, 0xf, 0x6, 0x0, 0x3ff, 0x80000, 0x0, 0x0, 0x200, 0x0, [0xe9, 0x6, 0x401, 0x8001, 0x5, 0xf, 0x4, 0x3, 0x5]}) r2 = getegid() r3 = socket(0x29, 0x2, 0x0) getsockopt$auto(r3, 0x119, 0x5, 0x0, 0x0) setregid$auto(r2, r2) capset$auto(&(0x7f0000000380)={0x10000}, &(0x7f00000003c0)={0x1, 0x7fff, 0x9}) fcntl$getown(r0, 0x9) mprotect$auto(0x0, 0x8000000000000001, 0x8) 4.63186759s ago: executing program 2 (id=1309): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000022fc0), r0) sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000023280)={0x0, 0x0, &(0x7f0000023240)={&(0x7f0000000100)={0x4c, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_BEACON_HEAD={0x35, 0xe, "1c11b753147d3f4bf365f6f66676508731aeed1d2c56c93b878f73058e2cf1085657d8cb00000001000000000000000000"}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44}, 0x20000000) 4.35231396s ago: executing program 2 (id=1310): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async) mmap$auto(0xd, 0x2020209, 0x10002, 0xeb1, 0xfffffffffffffffa, 0x240008000) r0 = socket(0xa, 0x3, 0x3a) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) pipe2$auto(0x0, 0x80) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_score_adj\x00', 0x142, 0x0) (async) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xfa}, 0x7) (async) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) (async, rerun: 64) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async, rerun: 64) r1 = socket(0x1e, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) socket(0x2b, 0x1, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) (async) mmap$auto(0x0, 0x3000f, 0x4000000000df, 0x4000eb1, 0x401, 0x10000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) (async) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto(r3, 0x89f2, r2) (async, rerun: 64) r4 = pipe2$auto(0x0, 0x80) (rerun: 64) r5 = socket(0x1e, 0x2, 0x8) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PHY_GET(r6, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="32846a0a828d77d6708e4623407d7b24c6d8c9a10f93656d", @ANYRES16=r7, @ANYBLOB="010326bd7000ffdbdf252d000000180001801400020069705f76746930000000000000000000"], 0x2c}, 0x1, 0x1000000, 0x0, 0x2404c012}, 0x80) (async) ioctl$auto_VHOST_SET_LOG_FD2(r4, 0x4004af07, &(0x7f0000000040)=r0) (async) sendmsg$auto_NBD_CMD_DISCONNECT(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x20004080) mmap$auto(0x0, 0x40000b, 0xe1, 0x9b7e, 0xffffffffffffffff, 0x0) (async) getsockopt$auto(r5, 0x11d, 0x1, 0x0, 0x0) (async) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) close_range$auto(0x0, 0xffffffffffffffff, 0x2) 4.274335256s ago: executing program 3 (id=1311): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x20904, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0) readv$auto(r0, &(0x7f00000000c0)={0x0, 0x4c786f70}, 0x2) ioctl$auto_SNDRV_TIMER_IOCTL_CREATE(r0, 0xc02054a5, &(0x7f0000000080)={0xfffffffffffffffc, 0xffffffffffffffff, 0x80000001, "0a7229855624472d5d001e83b8c6aa72"}) 3.695758702s ago: executing program 2 (id=1312): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/memory.force_empty\x00', 0xa001, 0x0) write$auto(r0, &(0x7f0000000000)='3\xc7\xff\xff\xff\xdd\x00\b(Ks\x0f\x87|P\x11\xd1li0\x89\x85\x90QM\xd6wfF\xf1x\xb3;c\tP\x03\x84\x97\x99\x83\x97\x81:\xf3\xa3o5\xc5\x86\xed\xa4\x18]\xa3\xc9\x0f\xff\xdak\xb0m\xe1U\xb3\xa2\xee\xdcTJQO\x98\xc8w\x8c\xe7\x00\x00\x00\x1dj\x1e\xebQT\xdd\x9b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 ', 0x9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/thread-self/net/stat/rt_cache\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000180)=""/250, 0xfa) mmap$auto(0x5, 0x2020009, 0xb, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) 3.694106382s ago: executing program 3 (id=1313): socket(0x15, 0x5, 0x0) socket(0xa, 0x3, 0x5) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) open_tree_attr$auto(0xffffffffffffff9c, 0x0, 0x1, 0x0, 0x800) r0 = socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r1}, 0x6a) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x40000403c6f2b, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x801ffde, 0x1, 0x2000000000000006, 0x3, 0x8, 0x5, 0x6, 0x7, 0x1, 0x7fff, 0x2, 0x3, 0x5, 0xffffffffffffffea, 0x0, 0x3, 0x0, 0x0, 0x3bc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffff00000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x2000000000000002, 0x0, 0x5, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc]}, 0x5, 0x2) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x20, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0xffffff9e}, 0x40000) (fail_nth: 4) 2.546128694s ago: executing program 3 (id=1314): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) r1 = socket(0x2, 0x2, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) bind$auto(r1, 0x0, 0x6a) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x20003b46, 0x6, 0x0, 0x0, 0x5) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) setgroups$auto(0xa1, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862) statx$auto(r0, &(0x7f00000001c0)='.\x00', 0x9, 0xffffffff, &(0x7f0000000200)={0x62, 0x0, 0x6, 0xfffffffc, 0x0, 0x0, 0x4, 0x7ff, 0x4, 0x7f, 0x6, 0x1, {0x9, 0x4}, {0x401, 0x9}, {0x2, 0x4}, {0xd, 0x40}, 0xa, 0x0, 0x5, 0xf, 0x6, 0x0, 0x3ff, 0x80000, 0x0, 0x0, 0x200, 0x0, [0xe9, 0x6, 0x401, 0x8001, 0x5, 0xf, 0x4, 0x3, 0x5]}) r3 = getegid() r4 = socket(0x29, 0x2, 0x0) getsockopt$auto(r4, 0x119, 0x5, 0x0, 0x0) setregid$auto(r3, r3) capset$auto(&(0x7f0000000380)={0x10000, 0x0}, &(0x7f00000003c0)={0x1, 0x7fff, 0x9}) r6 = fcntl$getown(r0, 0x9) msgctl$auto_MSG_INFO(0xfffffff7, 0xc, &(0x7f0000000400)={{0x10001, r2, r3, 0x627, 0x1, 0x2, 0x4}, &(0x7f0000000300)=0x9, &(0x7f0000000340)=0x7, 0xdec, 0x7, 0xf526, 0x7, 0x401, 0x54, 0x9, 0x7, @inferred=r5, @inferred=r6}) mprotect$auto(0x0, 0x8000000000000001, 0x8) 1.819898447s ago: executing program 2 (id=1315): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x4d, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r0, 0x540a, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/ip6_mr_cache\x00', 0x1900, 0x0) pread64$auto(r1, 0x0, 0xe, 0x100000000007) timer_create$auto(0x0, 0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/blkio.bfq.time_recursive\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x7, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x10, &(0x7f0000000180)={0x7, 0x1, 0xb9, 0xd, 0x18da, 0x3, r0, [0x6, 0x7, 0x2], {0xff, 0x1ffe00, 0x75, 0x6, 0x2, 0x800, 0xf, 0x7db, 0x8}, {0x7, 0x80000000, 0xa99, 0x8001, 0x4, 0x7, 0x3, 0x9, 0x6}}) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) 504.693101ms ago: executing program 32 (id=1276): io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) 493.833645ms ago: executing program 3 (id=1317): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) write$auto(0x6, 0x0, 0x100000001) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) inotify_init1$auto(0x4000000) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC0\x00', 0x80, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) r2 = fanotify_init$auto(0x5, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x85, 0x0, &(0x7f0000000000)=0x7ffe) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) fanotify_mark$auto(r2, 0x205, 0xa, 0x4, 0x0) ioctl$auto(r1, 0xc038563b, r0) 435.613831ms ago: executing program 2 (id=1318): socket(0x15, 0x5, 0x0) socket(0xa, 0x3, 0x5) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) open_tree_attr$auto(0xffffffffffffff9c, 0x0, 0x1, 0x0, 0x800) r0 = socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r1}, 0x6a) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x40000403c6f2b, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x801ffde, 0x1, 0x2000000000000006, 0x3, 0x8, 0x5, 0x6, 0x7, 0x1, 0x7fff, 0x2, 0x3, 0x5, 0xffffffffffffffea, 0x0, 0x3, 0x0, 0x0, 0x3bc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffff00000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x2000000000000002, 0x0, 0x5, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc]}, 0x5, 0x2) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x20, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0xffffff9e, 0x700}, 0x40000) 0s ago: executing program 2 (id=1319): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x9, 0x400008, 0x3, 0x9b72, 0x2, 0x2) r1 = socket(0x2, 0x1, 0x0) getsockopt$auto(r1, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x3b) r2 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000140), r0) sendmsg$auto_IOAM6_CMD_DUMP_SCHEMAS(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001ec0)={0x14, r2, 0x721, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x4008004) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x400, 0x80001c, 0xffffffffffffffff, 0x400000000a, 0x3}, 0x6f4) socket(0xa, 0x1, 0x84) r4 = socket(0x2, 0x3, 0xa) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r6 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000240), r5) sendmsg$auto_NLBL_UNLABEL_C_STATICLISTDEF(r4, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000840)=ANY=[@ANYRESOCT=r2, @ANYRES16=r6, @ANYBLOB="00082dbd7000fcdbdf2508000000bc00070019fbf2869ff43352049da7c752e911d3b6f14e61453dff90895adedfe0c18bbc1ee2762d4d327caff3403f1dd7d57be05ed9670f2feb94603b560d777313654ee0649396939883a41d376ba6bda2003e4baced84e990199753b96023be8f19be60ce93f3fc129b26a9ba91d88d65792a1afe3aedae3fc06050c3aba7cb04b6d7b43ec155e6777264ea2c31564e6234691f2922c178a1e78d619ac8aef69b366efb53265aa2808f23c3e481cbf9fad3628ee3cac0fc4e78c608000400ac1414aa410509f7b42a63a1186075ccb9d6438427cfafae91381afb3704c72d6e32c5326a82ea53e67a1c868969e471204b82506106c31a8266d7ee8842e9f8014f981d0e3318882640f0e2a9497e2ed9d48a97528bbade111e955621a3717e41e34b29fe929a7adca820cd6b8c26ab2651d04bb1a6de391ef27eaf4cb6808b32221b0d3a917cf8c98746eb4e8ebd97ec80da374fbeac00e89190e04ea810497dfa6a1d77ca9f110dcaa71169738dcf55265f1462684611592778e60cc3dd907d5120fd5bc7f870"], 0xd8}, 0x1, 0x0, 0x0, 0x41}, 0x4000000) sendmsg$auto_NLBL_UNLABEL_C_LIST(r3, &(0x7f0000000640)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000500)=ANY=[@ANYBLOB="01cb49c9b5c2b8530b74c22b7dd62ca901be8e19b7f46b7c67be81312619b6a42f0d58545d400841e11237449558166e2d72d3ccfd6b98d93577fa8f91d71d4d0383f948cba08f3a84504657a124db9c04a0608e7d9bb77a7346e61a3b90af60957093a251fe5d0f3a99d7710cee5779d40181416bbbd90cbd5e1cd3e334e6", @ANYRES16=r6, @ANYBLOB="514265fc7950df12d7285b23844be83b8b0f8a5c354a4224ac8c0eb97006768588394d6c4aee10ca7624a902047aea92cbcc8dd7a8c6269d3776994592b0f53a59a87cf7023aef31aadb9e5148443bbddd05589351a1bec7a5205b150dd73505ebaf"], 0x170}, 0x1, 0x0, 0x0, 0x20008002}, 0x60040040) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) unshare$auto(0x40000080) mmap$auto(0x0, 0x7, 0xde, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r7 = socket(0x39, 0x805, 0x80000000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x3, 0x0) r8 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="37bf3a07b3ccc7a68818ac00dfb188e1367113a8f857d477218f2c997dd5e05154fd4d96cf91ad8096cf4b25e798e9e62423e60a1c4d6e9be3be76468960f9ff6b21ce191886ad2fcceadbd41313e6d1ef7d7b7feb0dd1304d171bd739577f14e6cd3c17", @ANYRES16=r8, @ANYRESHEX=0x0, @ANYRESOCT=r7], 0x2c}, 0x1, 0x0, 0x0, 0x20008094}, 0x0) sendmsg$auto_NBD_CMD_RECONFIGURE(r5, &(0x7f0000000c40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000c00)={&(0x7f0000001f00)=ANY=[@ANYBLOB="f8090000", @ANYRES16=0x0, @ANYBLOB="04002abd7000fedbdf25030000000c0004000c0000000000000008000100f7ffffff0c0005000200000000000000ab0907801c00ae8014008e00ff01000000000000000000000000000104009c80a3ec795810ae978dbd1f1fdd2be781184f479de3cda589a7068f143c031bc3f9523f8242bba78e52d188fee0974914f1f0f4205cab4e4e75778694a6eaa77244c61f7ad3a55aad7fd0ce59c234e72b67d4ed3f78ece255d4c328d0c95de0263c5e2c7dd59290b39cbbb66d764685788dfb867c53da5b8e1ca0bc4a138f25d686d1b80447cd74c3dab64666d487bcbc14f26111173b5d17584b5489f8771f2eafb51708cbdce4645bc83d282d680e90377378782d9fe7bac4b83dcc07b221cf93926a81f486f8c4c931ad364a29e096e0bbc4589c9f2ead3662c54d472736972b172d481db099164303ecc10747862404d8afdc99638a636e036d610155c9211b344c66fd0acc218afb5d9e861b54f154e38f0bc585fc7b3e645dbd5397fe2edfd2ccc567427203ee6ed2a5f56b7975c899d4eca306e4a55c0b972b7f068a12bc0276da11ea1cf6805f56f76b21ed6da2152bacff70ab6a3df07aeb5d1bf6cde938a01b33d0537984ac7343a02f8e9c0c8dbb941234e8cf1408a0801400a100ff0200000000000000000000000000015801cf800400110045019c800a007500292629ef2b0000000800b300", @ANYRES32=0x0, @ANYBLOB="04003f800800950005000000b730758f6e268da088e1bca11e8fc4d32d4ad5e93a212eba72ff7e8dd2681ee577ab9fc517877c642dc72ef1656ef726871ad419b43437258ed2462eca0a5c7888552890fbbd4b782a0578ddde254c08c6b512fec45840981c45710896993f55dc727c156d24e6b20e80fe68a251289f117a2cc98c97511d59b1cd0a8465e0d083357c3f39e833cdd0921736e5f9f7801db7b2102b92a7b8f1e06fea89061f94fefc195faf9203c31860c2e262b5e533e242374ba0db9faf8b3ded13379492dc86b0a661b5d8789cb6a07239c88810675cee8e51c51ea62f3291c592717b85ed626b31ed318a6e2c0ce0aa3894ca5c6a190cc6686ef41d6c999213afc156eb6f57c9c067c53b4e09110717360e8cb889c7e89a8b40b772ddaa2ee23daed01e40e2000000050059000000000022059280ae7a5e94a9d32505557c04cb78c138b908302c2d458998cf14e045eb7ca1dc90fd8e6203624a23f46c5b0400d600379ea2a2cbcc3cf014c19d6fec072d1d737bb368ed5c5f078d397a9e8f2f5d8411a17658bee2e415adec6e34079b06dae9c10241991f0d847857ab2d19003555949101bdb8ba19e1b94c386383bba2dc3c091e3f56c510b81c0a22a62b7704c82338a104bcd2b22127c4cb70e9a3764841e635fe541713f770261fc06313e5f50214293277b73478e6d38f0bf692254899a6cbd02f977cc6d531490b1c14fb63ec0dffc60234665e73045b31d05307784a9c22eb4b6b6988782f67d44422e20c4f2865877c86f7a99f933618e90dee30549bdb98755ae527d61343243b1548d4353a8551fae1effedda344d60cc2c1a94bde4f8ba819f8cec68bb3ee8c49c4a395b0f2f9b6c9199553204f9ff66d90b411cf3e9f08db805a76a56401bdaf4a99006b7155a7d32dc9b522df75b425357d135c5f42739349a4e9a74e812016797063d60ab3b0d577b5ba67b3d8a76282e97b92b93b5b4c74254420e1d775c071ef377ebe1a87435bc795067507904adb461194eb30a5fb1caec7e6a5e952020c7b5d2911259e42ddbbb1d6bb6058e473e50aa445b263fc8b46ae21df051d6be08af7b87aa56b6b7f97bbb05cb55389736097b7a0d800d581af65dfa1a5bfa73633a6f597038b9d1f87468f985de2d58df30b7fe3ed008006fad76555fd9ee01360edb061c264cf9c3ae05bb2ae8e67e52fbfaba25ee60017937581e86013f28f1a0c69ad728c20684a7a94aca4d9b16de6f7e5662daf6895746310c98fc9dfc04a9d33b2aea65fcc2168cd35718253099c9d82ed5dc699c90325603110ebc146d6de6c985603712d0da8020a8021198a10450425b547cea9501deae3124b4efe4af173dadd93ddc6a882b0751672b94ba6a7ec604f2dc05cbf815965ac962289b0a8a82bec221affd581bd52b84313114668bd1e119f8cc6c3f07d15e6b72e23eb2afd457430f14213c29c4b96e28360dfe8fdba105c2581bf7c6c49ea79f8f7a7c5d7a314be4a2b171bb6c3efb1047d49a3c1905a8cc26bf25273f9f6132b42700b20cdcd778f26c2e2abce80e4989dcd69b175909c4c8d32affe90b7541faf0cc01d0b4c5f5df8a285991547d0434a56cabc122c5637649097789c45987584a4b7aca5273e39a6e0d2c1d984b9a2f15d7e150aa6bcd85b967f72eb3a6add22db12f15d9c94db3ea5a5f84b4490baf1b19eaa47feef3fa7d43ad740c00ff8a0fa4779fac9e5e124216189764d0bae958b74464ee9859ad54b6698f6e76d71dc24ffbdae6f33f00825430cfb1842a02a180b02f6d5cbd54d3677ba6b1bba73c85138b0cadae7133816c235c78fa3e45d1a35c3324a3979ea4adfa75d7889d5e6794895566dba6cef2167659940df9d9118d9b08f1c743d3cb9f9a0ab62db38a9fca6033f9766b0a4b66f843dc14c2276288bad586f47a0684d174d189f48f983bd3ae9f133042e0bb0d41266b9ffad66ddb2839304ed3a8825b2665789daee289fe7ba4943e4cb007080040043800c008a00ff0f00000000000004002680080011", @ANYRES32, @ANYBLOB="04002080e4309b1b489f38ef320fa970b50ace75bd99106d464fa8256e0f3a6c6309bc042799d3f62b0078ee07807e742b04fd1c280e83c6d9955737f7c9a1f9f3bb2a60615160a91f31c147c87555b32d3bc654cefe8822f18745bc05fbcb8ff1f5fa8e713cb4bda943f6c70d468f065b572eb99d26b260ad7720bb9cbb9f9b820a3cb4e4f9d0787e31f73dcd970f72f2809a559b4e0a5e61c4840af271cd08000800ac1414aa04005080000000272b678d3da03e37afb9323cd38f3a2780f22caed5481f7abf26ca5ebafb4240a3f2cb1b7ec1f7f9580ef7b73e758d8269f655fba1256bcdb05714d9926a882f3620feadb2dfaac9726066d5019b13f6dc05436da6a1d8f949f3775ebf6cf4b24d0a80dd13e750c055127fdd1e1caf0c40cc694518c1c6d3c55f9d47f9e92fcd39d88dd3a4f636397fbc7a6f017f9fc09bd92d52c69b06c10b9f41303dfeed1966c3cf0ad3ce91536b3f85362bd90f0d67c5b3c4c33a4869d8fb03ad6294b1b7dd2ac2396067b687c7363df36f10dec73549e7e3bce7af207a1b9a3afe4feba19fe624570823ef35fb563206f7925b0655ca007201398e8bdf14404decc0dde8ba6d7c468cd0e82f609bba2da934fdbef840d95cf4a525ffb8b4608ac1a3d4cc883cf2e8dcc5d2b5f03540ccfb45ebc040de58773e602d96b4745267ef938032b313fa70bf57a8cf330742209f3802fde3120ea7e8f29fc97465380e8b6e09a42b276b5a15c551a6992d53fe5e33429078a1dd18fdf6a03b5f73fed87465dd6b000c00080004000000000000000c0006000b15000000000000"], 0x9f8}, 0x1, 0x0, 0x0, 0x4800}, 0x4040015) mmap$auto(0x0, 0x20000400005, 0xdf, 0x9b72, 0x5, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) kernel console output (not intermixed with test programs): 48] ? __pfx_fib_net_init+0x10/0x10 [ 88.063925][ T5848] ops_init+0x1e2/0x5f0 [ 88.063962][ T5848] setup_net+0x118/0x3a0 [ 88.063996][ T5848] ? __pfx_setup_net+0x10/0x10 [ 88.064030][ T5848] ? mutex_init_lockdep+0xf1/0x120 [ 88.064068][ T5848] copy_net_ns+0x46f/0x7c0 [ 88.064109][ T5848] create_new_namespaces+0x3ea/0xac0 [ 88.064155][ T5848] unshare_nsproxy_namespaces+0xf2/0x220 [ 88.064197][ T5848] ksys_unshare+0x438/0xab0 [ 88.064242][ T5848] ? __pfx_ksys_unshare+0x10/0x10 [ 88.064282][ T5848] ? xfd_validate_state+0x129/0x190 [ 88.064326][ T5848] __x64_sys_unshare+0x31/0x40 [ 88.064372][ T5848] do_syscall_64+0x10b/0xf80 [ 88.064412][ T5848] ? clear_bhb_loop+0x40/0x90 [ 88.064449][ T5848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.064480][ T5848] RIP: 0033:0x7f192a39cdd9 [ 88.064504][ T5848] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 88.064532][ T5848] RSP: 002b:00007f19285f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 88.064560][ T5848] RAX: ffffffffffffffda RBX: 00007f192a615fa0 RCX: 00007f192a39cdd9 [ 88.064580][ T5848] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 88.064597][ T5848] RBP: 00007f192a432d69 R08: 0000000000000000 R09: 0000000000000000 [ 88.064615][ T5848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.064632][ T5848] R13: 00007f192a616038 R14: 00007f192a615fa0 R15: 00007fff13519d48 [ 88.064671][ T5848] [ 88.591705][ T5855] WARNING! power/level is deprecated; use power/control instead [ 88.848109][ T5858] zram: Added device: zram1 [ 89.204204][ T5869] netlink: 28 bytes leftover after parsing attributes in process `syz.2.21'. [ 89.464537][ T5870] netlink: 28 bytes leftover after parsing attributes in process `syz.1.19'. [ 91.912645][ T10] cfg80211: failed to load regulatory.db [ 92.073847][ T5920] netlink: 206 bytes leftover after parsing attributes in process `syz.3.31'. [ 92.148301][ T5932] FAULT_INJECTION: forcing a failure. [ 92.148301][ T5932] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 92.173831][ T5932] CPU: 1 UID: 0 PID: 5932 Comm: syz.1.32 Tainted: G L syzkaller #0 PREEMPT(full) [ 92.173875][ T5932] Tainted: [L]=SOFTLOCKUP [ 92.173885][ T5932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 92.173902][ T5932] Call Trace: [ 92.173910][ T5932] [ 92.173920][ T5932] dump_stack_lvl+0x100/0x190 [ 92.173956][ T5932] should_fail_ex.cold+0x5/0xa [ 92.173991][ T5932] _copy_to_iter+0x1f3/0x1720 [ 92.174025][ T5932] ? __pfx__copy_to_iter+0x10/0x10 [ 92.174049][ T5932] ? __up_read+0x2c1/0x6e0 [ 92.174080][ T5932] ? __pfx___up_read+0x10/0x10 [ 92.174107][ T5932] ? seq_read_iter+0xd33/0x1270 [ 92.174135][ T5932] ? seq_read_iter+0xd33/0x1270 [ 92.174171][ T5932] seq_read_iter+0xdab/0x1270 [ 92.174210][ T5932] ? __pfx_seq_read_iter+0x10/0x10 [ 92.174239][ T5932] vfs_read+0x825/0xb30 [ 92.174273][ T5932] ? __pfx_vfs_read+0x10/0x10 [ 92.174323][ T5932] ksys_read+0x12a/0x250 [ 92.174352][ T5932] ? __pfx_ksys_read+0x10/0x10 [ 92.174389][ T5932] ? rcu_is_watching+0x12/0xc0 [ 92.174424][ T5932] do_syscall_64+0x10b/0xf80 [ 92.174463][ T5932] ? clear_bhb_loop+0x40/0x90 [ 92.174495][ T5932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.174522][ T5932] RIP: 0033:0x7f192a39cdd9 [ 92.174559][ T5932] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 92.174584][ T5932] RSP: 002b:00007f19285d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 92.174610][ T5932] RAX: ffffffffffffffda RBX: 00007f192a616090 RCX: 00007f192a39cdd9 [ 92.174627][ T5932] RDX: 0000000000001036 RSI: 0000200000000040 RDI: 0000000000000005 [ 92.174644][ T5932] RBP: 00007f192a432d69 R08: 0000000000000000 R09: 0000000000000000 [ 92.174660][ T5932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 92.174676][ T5932] R13: 00007f192a616128 R14: 00007f192a616090 R15: 00007fff13519d48 [ 92.174711][ T5932] [ 92.694346][ T5940] netlink: 'syz.2.34': attribute type 5 has an invalid length. [ 92.750000][ T5940] netlink: 4158 bytes leftover after parsing attributes in process `syz.2.34'. [ 92.841760][ T5949] ubi9: attaching mtd0 [ 92.864342][ T5949] ubi9 error: ubi_attach_mtd_dev: bad VID header (32768) or data offsets (32832) [ 93.156697][ T5952] bond0: invalid ARP target specified [ 93.178621][ T5954] input: f¬ as /devices/virtual/input/input5 [ 94.190289][ T5978] FAULT_INJECTION: forcing a failure. [ 94.190289][ T5978] name failslab, interval 1, probability 0, space 0, times 0 [ 94.203131][ T5978] CPU: 0 UID: 0 PID: 5978 Comm: syz.0.43 Tainted: G L syzkaller #0 PREEMPT(full) [ 94.203175][ T5978] Tainted: [L]=SOFTLOCKUP [ 94.203185][ T5978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 94.203201][ T5978] Call Trace: [ 94.203210][ T5978] [ 94.203220][ T5978] dump_stack_lvl+0x100/0x190 [ 94.203257][ T5978] should_fail_ex.cold+0x5/0xa [ 94.203293][ T5978] ? __register_sysctl_table+0xac/0x1650 [ 94.203330][ T5978] should_failslab+0xc2/0x120 [ 94.203362][ T5978] __kmalloc_noprof+0xe0/0x850 [ 94.203396][ T5978] __register_sysctl_table+0xac/0x1650 [ 94.203432][ T5978] ? is_module_address+0x5f/0xf0 [ 94.203465][ T5978] ? __pfx___register_sysctl_table+0x10/0x10 [ 94.203501][ T5978] ? is_module_address+0x69/0xf0 [ 94.203528][ T5978] ? register_net_sysctl_sz+0x222/0x430 [ 94.203555][ T5978] ? __asan_memmove+0x50/0x60 [ 94.203596][ T5978] ? kmemdup_noprof+0x49/0x60 [ 94.203629][ T5978] ipv6_sysctl_net_init+0xe2/0x2b0 [ 94.203672][ T5978] ? __pfx_ipv6_sysctl_net_init+0x10/0x10 [ 94.203713][ T5978] ops_init+0x1e2/0x5f0 [ 94.203749][ T5978] setup_net+0x118/0x3a0 [ 94.203781][ T5978] ? __pfx_setup_net+0x10/0x10 [ 94.203814][ T5978] ? mutex_init_lockdep+0xf1/0x120 [ 94.203851][ T5978] copy_net_ns+0x46f/0x7c0 [ 94.203889][ T5978] create_new_namespaces+0x3ea/0xac0 [ 94.203934][ T5978] unshare_nsproxy_namespaces+0xf2/0x220 [ 94.203974][ T5978] ksys_unshare+0x438/0xab0 [ 94.204013][ T5978] ? __pfx_ksys_unshare+0x10/0x10 [ 94.204046][ T5978] ? xfd_validate_state+0x129/0x190 [ 94.204069][ T5978] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 94.204111][ T5978] __x64_sys_unshare+0x31/0x40 [ 94.204146][ T5978] do_syscall_64+0x10b/0xf80 [ 94.204181][ T5978] ? clear_bhb_loop+0x40/0x90 [ 94.204210][ T5978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.204234][ T5978] RIP: 0033:0x7f53ba79cdd9 [ 94.204254][ T5978] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 94.204276][ T5978] RSP: 002b:00007f53bb68f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 94.204299][ T5978] RAX: ffffffffffffffda RBX: 00007f53baa15fa0 RCX: 00007f53ba79cdd9 [ 94.204315][ T5978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 94.204329][ T5978] RBP: 00007f53ba832d69 R08: 0000000000000000 R09: 0000000000000000 [ 94.204344][ T5978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 94.204357][ T5978] R13: 00007f53baa16038 R14: 00007f53baa15fa0 R15: 00007ffd5c0ed108 [ 94.204388][ T5978] [ 95.450313][ T5997] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 95.891975][ T4946] block nbd0: Receive control failed (result -32) [ 95.960958][ T6008] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 96.918611][ T6040] Line length is too long: Should be less than 4094 [ 97.038163][ T6043] usb usb3: usbfs: process 6043 (syz.3.60) did not claim interface 1 before use [ 97.497127][ T6048] nvme_fabrics: missing parameter 'transport=%s' [ 97.513545][ T6048] nvme_fabrics: missing parameter 'nqn=%s' [ 98.100342][ T6053] ovs_: entered promiscuous mode [ 98.871825][ T6070] input: f¬ as /devices/virtual/input/input6 [ 99.521713][ T4946] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 99.529593][ T4946] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff [ 100.303728][ T6089] netlink: 16 bytes leftover after parsing attributes in process `syz.1.71'. [ 100.704000][ T6058] syz.3.65 (6058) used greatest stack depth: 19720 bytes left [ 102.153105][ T6125] mmap: syz.3.79 (6125) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 102.170024][ T6120] zswap: compressor not available [ 103.172659][ T6140] netlink: 28 bytes leftover after parsing attributes in process `syz.2.82'. [ 103.211793][ T6140] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 103.282011][ T6140] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 103.614207][ T6149] netlink: 28 bytes leftover after parsing attributes in process `syz.2.85'. [ 104.937322][ T6180] netlink: 28 bytes leftover after parsing attributes in process `syz.0.94'. [ 104.947461][ T6180] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 104.961936][ T6180] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 105.922119][ T6211] Invalid ELF header magic: != ELF [ 106.210446][ T6215] openvswitch: netlink: Key 27 has unexpected len 4 expected 40 [ 106.812592][ T6226] netlink: 346 bytes leftover after parsing attributes in process `syz.0.106'. [ 107.402792][ T6235] smpboot: CPU 1 is now offline [ 107.795303][ T6249] FAULT_INJECTION: forcing a failure. [ 107.795303][ T6249] name fail_futex, interval 1, probability 0, space 0, times 1 [ 107.856908][ T6249] CPU: 0 UID: 0 PID: 6249 Comm: syz.3.112 Tainted: G L syzkaller #0 PREEMPT(full) [ 107.856936][ T6249] Tainted: [L]=SOFTLOCKUP [ 107.856941][ T6249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 107.856950][ T6249] Call Trace: [ 107.856955][ T6249] [ 107.856961][ T6249] dump_stack_lvl+0x100/0x190 [ 107.856983][ T6249] should_fail_ex.cold+0x5/0xa [ 107.857003][ T6249] get_futex_key+0x1d2/0x1510 [ 107.857021][ T6249] ? __pfx_get_futex_key+0x10/0x10 [ 107.857042][ T6249] futex_wake+0xea/0x530 [ 107.857063][ T6249] ? __pfx_futex_wake+0x10/0x10 [ 107.857085][ T6249] ? do_vfs_ioctl+0x226/0x13e0 [ 107.857102][ T6249] do_futex+0x32b/0x350 [ 107.857118][ T6249] ? __pfx_do_futex+0x10/0x10 [ 107.857135][ T6249] ? find_held_lock+0x2b/0x80 [ 107.857156][ T6249] __x64_sys_futex+0x34f/0x4d0 [ 107.857173][ T6249] ? __fget_files+0x21f/0x3d0 [ 107.857189][ T6249] ? __pfx___x64_sys_futex+0x10/0x10 [ 107.857209][ T6249] ? rcu_is_watching+0x12/0xc0 [ 107.857228][ T6249] do_syscall_64+0x10b/0xf80 [ 107.857254][ T6249] ? clear_bhb_loop+0x40/0x90 [ 107.857280][ T6249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.857295][ T6249] RIP: 0033:0x7f985079cdd9 [ 107.857308][ T6249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 107.857322][ T6249] RSP: 002b:00007f98516b30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 107.857340][ T6249] RAX: ffffffffffffffda RBX: 00007f9850a15fa8 RCX: 00007f985079cdd9 [ 107.857353][ T6249] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9850a15fac [ 107.857362][ T6249] RBP: 00007f9850a15fa0 R08: 0000000000000001 R09: 0000000000000000 [ 107.857370][ T6249] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 107.857379][ T6249] R13: 00007f9850a16038 R14: 00007ffe09aea9f0 R15: 00007ffe09aeaad8 [ 107.857397][ T6249] [ 108.057109][ T6252] syz.3.112 uses obsolete (PF_INET,SOCK_PACKET) [ 108.801340][ T6257] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 108.960638][ T29] audit: type=1800 audit(1778506413.329:2): pid=6257 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.114" name="trace_pipe" dev="tracefs" ino=3172 res=0 errno=0 [ 109.923486][ T6276] zswap: compressor not available [ 110.519370][ T6298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.123'. [ 110.804634][ T6307] can: request_module (can-proto-3) failed. [ 110.973667][ T29] audit: type=1800 audit(1778506415.339:3): pid=6288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.122" name="trace_pipe" dev="tracefs" ino=3172 res=0 errno=0 [ 111.207712][ T6300] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 111.243538][ T6300] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 111.316232][ T6300] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 111.403564][ T6300] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 111.457797][ T6300] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 111.534822][ T6300] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 111.591342][ T6300] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 111.621585][ T6300] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 111.684009][ T6300] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 111.741338][ T6300] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 111.795295][ T6300] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 111.856434][ T6300] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 112.173712][ T6340] input: f¬ as /devices/virtual/input/input7 [ 112.273846][ T29] audit: type=1800 audit(1778506416.639:4): pid=6329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.127" name="file0" dev="tmpfs" ino=192 res=0 errno=0 [ 112.745837][ T4946] Bluetooth: hci0: command 0x0c1a tx timeout [ 113.136011][ T6366] process 'syz.0.138' launched '/dev/fd/6' with NULL argv: empty string added [ 113.466163][ T4946] Bluetooth: hci1: command 0x0c1a tx timeout [ 113.628055][ T4946] Bluetooth: hci2: command 0x0c1a tx timeout [ 113.638162][ T6385] netlink: 28 bytes leftover after parsing attributes in process `syz.0.142'. [ 113.786826][ T4946] Bluetooth: hci3: command 0x0c1a tx timeout [ 113.871501][ T6391] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 113.904087][ T6391] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 113.943100][ T6391] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 113.983763][ T6391] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 114.483906][ T6423] netlink: 28 bytes leftover after parsing attributes in process `syz.0.151'. [ 114.542484][ T6423] geneve0: entered promiscuous mode [ 114.557619][ T6423] geneve0: entered allmulticast mode [ 114.786250][ T4946] Bluetooth: hci2: Unexpected cc 0x7c89 with no status [ 115.738320][ T6438] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.865830][ T4946] Bluetooth: hci0: command 0x0c1a tx timeout [ 115.946077][ T4946] Bluetooth: hci2: command 0x0c1a tx timeout [ 115.952619][ T5629] Bluetooth: hci1: command 0x0c1a tx timeout [ 116.025831][ T5629] Bluetooth: hci3: command 0x0c1a tx timeout [ 117.148887][ T6488] netlink: 8 bytes leftover after parsing attributes in process `syz.3.165'. [ 117.884720][ T6493] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 117.929433][ T6493] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 117.959190][ T6493] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 117.996467][ T6493] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 118.329622][ T6519] netlink: 12 bytes leftover after parsing attributes in process `syz.3.171'. [ 119.026668][ T6537] ecryptfs_miscdev_write: Invalid packet size [0] [ 119.305736][ T5629] Bluetooth: hci0: command 0x0c1a tx timeout [ 119.946232][ T5629] Bluetooth: hci1: command 0x0c1a tx timeout [ 120.026065][ T4946] Bluetooth: hci2: command 0x0c1a tx timeout [ 120.032344][ T5629] Bluetooth: hci3: command 0x0c1a tx timeout [ 122.320609][ T6618] ubi0: attaching mtd0 [ 122.402284][ T6618] ubi0: scanning is finished [ 122.438808][ T6618] ubi0: empty MTD device detected [ 123.324202][ T6618] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 123.509650][ T6618] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 123.661289][ T6618] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 123.815537][ T6618] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 123.970439][ T6618] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 124.089579][ T6618] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 124.217208][ T6618] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1990301454 [ 124.387995][ T6618] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 124.555287][ T6641] ubi0: background thread "ubi_bgt0d" started, PID 6641 [ 124.583250][ T6621] ubi0: detaching mtd0 [ 124.806510][ T6621] ubi0: mtd0 is detached [ 125.081498][ T6664] FAULT_INJECTION: forcing a failure. [ 125.081498][ T6664] name failslab, interval 1, probability 0, space 0, times 0 [ 125.161551][ T6664] CPU: 0 UID: 0 PID: 6664 Comm: syz.1.191 Tainted: G L syzkaller #0 PREEMPT(full) [ 125.161578][ T6664] Tainted: [L]=SOFTLOCKUP [ 125.161584][ T6664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 125.161592][ T6664] Call Trace: [ 125.161597][ T6664] [ 125.161604][ T6664] dump_stack_lvl+0x100/0x190 [ 125.161626][ T6664] should_fail_ex.cold+0x5/0xa [ 125.161646][ T6664] ? constrain_params_by_rules+0x175/0xcc0 [ 125.161661][ T6664] should_failslab+0xc2/0x120 [ 125.161678][ T6664] __kmalloc_noprof+0xe0/0x850 [ 125.161691][ T6664] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 125.161716][ T6664] constrain_params_by_rules+0x175/0xcc0 [ 125.161730][ T6664] ? unwind_get_return_address+0x59/0xa0 [ 125.161757][ T6664] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 125.161772][ T6664] ? stack_trace_save+0x8e/0xc0 [ 125.161791][ T6664] ? __pfx_stack_trace_save+0x10/0x10 [ 125.161811][ T6664] ? snd_pcm_oss_change_params_locked+0xa6d/0x39f0 [ 125.161838][ T6664] ? snd_pcm_oss_change_params_locked+0xae1/0x39f0 [ 125.161859][ T6664] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 125.161879][ T6664] ? snd_pcm_oss_read+0x3d4/0x730 [ 125.161899][ T6664] ? vfs_read+0x1e4/0xb30 [ 125.161913][ T6664] ? ksys_read+0x12a/0x250 [ 125.161928][ T6664] ? do_syscall_64+0x10b/0xf80 [ 125.161951][ T6664] ? snd_interval_refine+0x2d0/0x580 [ 125.161970][ T6664] snd_pcm_hw_refine+0x7e7/0xad0 [ 125.161988][ T6664] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 125.162015][ T6664] snd_pcm_hw_param_first+0x2b0/0x680 [ 125.162042][ T6664] snd_pcm_hw_param_near.constprop.0+0x739/0x850 [ 125.162064][ T6664] ? lockdep_hardirqs_on+0x78/0x100 [ 125.162085][ T6664] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 125.162106][ T6664] ? snd_pcm_oss_change_params_locked+0xa20/0x39f0 [ 125.162134][ T6664] ? snd_pcm_oss_change_params_locked+0xa6d/0x39f0 [ 125.162157][ T6664] ? kfree+0x223/0x6c0 [ 125.162181][ T6664] snd_pcm_oss_change_params_locked+0xae1/0x39f0 [ 125.162212][ T6664] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 125.162250][ T6664] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 125.162273][ T6664] snd_pcm_oss_read+0x3d4/0x730 [ 125.162297][ T6664] ? __pfx_snd_pcm_oss_read+0x10/0x10 [ 125.162320][ T6664] vfs_read+0x1e4/0xb30 [ 125.162338][ T6664] ? __pfx_vfs_read+0x10/0x10 [ 125.162352][ T6664] ? find_held_lock+0x2b/0x80 [ 125.162370][ T6664] ? __fget_files+0x215/0x3d0 [ 125.162387][ T6664] ? __fget_files+0x215/0x3d0 [ 125.162406][ T6664] ? __fget_files+0x21f/0x3d0 [ 125.162428][ T6664] ksys_read+0x12a/0x250 [ 125.162443][ T6664] ? __pfx_ksys_read+0x10/0x10 [ 125.162461][ T6664] ? rcu_is_watching+0x12/0xc0 [ 125.162481][ T6664] do_syscall_64+0x10b/0xf80 [ 125.162501][ T6664] ? clear_bhb_loop+0x40/0x90 [ 125.162518][ T6664] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.162533][ T6664] RIP: 0033:0x7f192a39cdd9 [ 125.162547][ T6664] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 125.162572][ T6664] RSP: 002b:00007f19285f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 125.162586][ T6664] RAX: ffffffffffffffda RBX: 00007f192a615fa0 RCX: 00007f192a39cdd9 [ 125.162597][ T6664] RDX: 0000000000008080 RSI: 0000000000000000 RDI: 0000000000000003 [ 125.162605][ T6664] RBP: 00007f192a432d69 R08: 0000000000000000 R09: 0000000000000000 [ 125.162614][ T6664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.162623][ T6664] R13: 00007f192a616038 R14: 00007f192a615fa0 R15: 00007fff13519d48 [ 125.162642][ T6664] [ 127.100393][ T6694] input: f¬ as /devices/virtual/input/input8 [ 128.272019][ T6732] FAULT_INJECTION: forcing a failure. [ 128.272019][ T6732] name failslab, interval 1, probability 0, space 0, times 0 [ 128.333560][ T6732] CPU: 0 UID: 0 PID: 6732 Comm: syz.1.207 Tainted: G L syzkaller #0 PREEMPT(full) [ 128.333587][ T6732] Tainted: [L]=SOFTLOCKUP [ 128.333592][ T6732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 128.333601][ T6732] Call Trace: [ 128.333606][ T6732] [ 128.333612][ T6732] dump_stack_lvl+0x100/0x190 [ 128.333633][ T6732] should_fail_ex.cold+0x5/0xa [ 128.333654][ T6732] ? tomoyo_realpath_from_path+0xb6/0x690 [ 128.333674][ T6732] should_failslab+0xc2/0x120 [ 128.333693][ T6732] __kmalloc_noprof+0xe0/0x850 [ 128.333707][ T6732] ? kfree+0x1dd/0x6c0 [ 128.333731][ T6732] tomoyo_realpath_from_path+0xb6/0x690 [ 128.333755][ T6732] tomoyo_check_open_permission+0x2af/0x3c0 [ 128.333778][ T6732] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 128.333803][ T6732] ? hook_file_open+0x24e/0x7a0 [ 128.333834][ T6732] ? path_get+0x61/0x80 [ 128.333857][ T6732] tomoyo_file_open+0x6b/0x90 [ 128.333880][ T6732] security_file_open+0xb5/0x1e0 [ 128.333899][ T6732] do_dentry_open+0x5aa/0x1660 [ 128.333919][ T6732] ? security_inode_permission+0xbf/0x250 [ 128.333938][ T6732] vfs_open+0x82/0x3f0 [ 128.333962][ T6732] path_openat+0x208c/0x31a0 [ 128.333987][ T6732] ? __pfx_path_openat+0x10/0x10 [ 128.334013][ T6732] do_file_open+0x20e/0x430 [ 128.334033][ T6732] ? __pfx_do_file_open+0x10/0x10 [ 128.334065][ T6732] ? alloc_fd+0x476/0x790 [ 128.334085][ T6732] ? do_getname+0x191/0x390 [ 128.334108][ T6732] do_sys_openat2+0x10d/0x1e0 [ 128.334130][ T6732] ? __pfx_do_sys_openat2+0x10/0x10 [ 128.334159][ T6732] __x64_sys_openat+0x12d/0x210 [ 128.334183][ T6732] ? __pfx___x64_sys_openat+0x10/0x10 [ 128.334208][ T6732] ? rcu_is_watching+0x12/0xc0 [ 128.334229][ T6732] do_syscall_64+0x10b/0xf80 [ 128.334251][ T6732] ? clear_bhb_loop+0x40/0x90 [ 128.334269][ T6732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.334284][ T6732] RIP: 0033:0x7f192a39cdd9 [ 128.334298][ T6732] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 128.334312][ T6732] RSP: 002b:00007f19285f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 128.334327][ T6732] RAX: ffffffffffffffda RBX: 00007f192a615fa0 RCX: 00007f192a39cdd9 [ 128.334338][ T6732] RDX: 0000000000141143 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 128.334349][ T6732] RBP: 00007f192a432d69 R08: 0000000000000000 R09: 0000000000000000 [ 128.334359][ T6732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.334369][ T6732] R13: 00007f192a616038 R14: 00007f192a615fa0 R15: 00007fff13519d48 [ 128.334389][ T6732] [ 128.334396][ T6732] ERROR: Out of memory at tomoyo_realpath_from_path. [ 129.272503][ T6742] binder: 6741:6742 ioctl c018620c 200000000180 returned -22 [ 131.552339][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 131.562736][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.657207][ T29] audit: type=1800 audit(1778506439.019:5): pid=6862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.229" name="trace_pipe" dev="tracefs" ino=3172 res=0 errno=0 [ 135.730503][ T6876] input: f¬ as /devices/virtual/input/input9 [ 136.111260][ T6877] ima: policy update failed [ 136.130761][ T29] audit: type=1802 audit(1778506440.499:6): pid=6877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.234" res=0 errno=0 [ 136.841528][ T6897] ubi0: attaching mtd0 [ 136.860697][ T6897] ubi0: scanning is finished [ 136.878807][ T6897] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 136.997207][ T6897] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 137.258354][ T6909] netlink: 'syz.2.241': attribute type 2 has an invalid length. [ 137.749069][ T6916] program syz.2.243 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 138.583498][ T6928] netlink: 4 bytes leftover after parsing attributes in process `syz.1.245'. [ 138.657723][ T6929] netlink: 5 bytes leftover after parsing attributes in process `syz.1.245'. [ 138.702195][ T6919] ima: policy update failed [ 138.710369][ T29] audit: type=1802 audit(1778506443.079:7): pid=6919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.244" res=0 errno=0 [ 138.741790][ T6930] netlink: 8 bytes leftover after parsing attributes in process `syz.0.252'. [ 138.763877][ T6929] netlink: 12 bytes leftover after parsing attributes in process `syz.1.245'. [ 140.814131][ T6969] input: f¬ as /devices/virtual/input/input10 [ 141.504077][ T6980] HfR: entered promiscuous mode [ 141.526526][ T6980] netlink: 12 bytes leftover after parsing attributes in process `syz.2.262'. [ 141.559686][ T6980] HfR: left promiscuous mode [ 142.269779][ T6987] netlink: 28 bytes leftover after parsing attributes in process `syz.1.263'. [ 142.546106][ T6996] input: f¬ as /devices/virtual/input/input11 [ 142.595387][ T6998] random: crng reseeded on system resumption [ 143.956828][ T7020] netlink: 28 bytes leftover after parsing attributes in process `syz.3.274'. [ 146.605526][ T7066] zswap: compressor not available [ 147.720579][ T7081] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 147.783877][ T29] audit: type=1800 audit(182.400:8): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.287" name="trace_pipe" dev="tracefs" ino=3172 res=0 errno=0 [ 149.722277][ T29] audit: type=1800 audit(184.340:9): pid=7120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.295" name="trace_pipe" dev="tracefs" ino=3172 res=0 errno=0 [ 150.166578][ T29] audit: type=1800 audit(184.780:10): pid=7137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.299" name="trace_pipe" dev="tracefs" ino=3172 res=0 errno=0 [ 150.553539][ T7147] FAULT_INJECTION: forcing a failure. [ 150.553539][ T7147] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 150.672129][ T7147] CPU: 0 UID: 0 PID: 7147 Comm: syz.0.301 Tainted: G L syzkaller #0 PREEMPT(full) [ 150.672154][ T7147] Tainted: [L]=SOFTLOCKUP [ 150.672159][ T7147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 150.672168][ T7147] Call Trace: [ 150.672173][ T7147] [ 150.672179][ T7147] dump_stack_lvl+0x100/0x190 [ 150.672200][ T7147] should_fail_ex.cold+0x5/0xa [ 150.672216][ T7147] ? prepare_alloc_pages+0x16d/0x5f0 [ 150.672239][ T7147] should_fail_alloc_page+0xeb/0x140 [ 150.672257][ T7147] prepare_alloc_pages+0x1f0/0x5f0 [ 150.672278][ T7147] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 150.672306][ T7147] ? rcu_read_unlock+0x17/0x60 [ 150.672329][ T7147] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 150.672356][ T7147] ? __lock_acquire+0x4a5/0x2630 [ 150.672371][ T7147] ? __lock_acquire+0x4a5/0x2630 [ 150.672390][ T7147] ? lock_acquire+0x1b1/0x370 [ 150.672402][ T7147] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 150.672424][ T7147] ? policy_nodemask+0xed/0x4f0 [ 150.672442][ T7147] alloc_pages_mpol+0x1fb/0x540 [ 150.672459][ T7147] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 150.672476][ T7147] ? swap_entry_swapped+0x20c/0x2a0 [ 150.672493][ T7147] ? __pfx_swap_entry_swapped+0x10/0x10 [ 150.672512][ T7147] folio_alloc_mpol_noprof+0x36/0x260 [ 150.672532][ T7147] swap_cache_alloc_folio+0x1a8/0x300 [ 150.672556][ T7147] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 150.672577][ T7147] ? __pfx_get_swap_device+0x10/0x10 [ 150.672593][ T7147] ? mpol_shared_policy_lookup+0xf6/0x150 [ 150.672613][ T7147] read_swap_cache_async+0xd9/0x480 [ 150.672654][ T7147] ? __pfx_read_swap_cache_async+0x10/0x10 [ 150.672678][ T7147] ? find_held_lock+0x2b/0x80 [ 150.672696][ T7147] ? madvise_vma_behavior+0x178a/0x2200 [ 150.672714][ T7147] ? madvise_vma_behavior+0x178a/0x2200 [ 150.672736][ T7147] madvise_vma_behavior+0x17c6/0x2200 [ 150.672758][ T7147] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 150.672790][ T7147] ? __futex_wait+0x256/0x300 [ 150.672813][ T7147] madvise_walk_vmas+0x2fe/0xa90 [ 150.672835][ T7147] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 150.672859][ T7147] madvise_do_behavior+0x1ea/0x510 [ 150.672880][ T7147] ? __pfx_madvise_do_behavior+0x10/0x10 [ 150.672899][ T7147] ? down_read+0x13b/0x450 [ 150.672922][ T7147] do_madvise+0x195/0x240 [ 150.672940][ T7147] ? __pfx_do_madvise+0x10/0x10 [ 150.672958][ T7147] ? do_futex+0x192/0x350 [ 150.672977][ T7147] ? find_held_lock+0x2b/0x80 [ 150.673007][ T7147] __x64_sys_madvise+0xa9/0x110 [ 150.673026][ T7147] ? lockdep_hardirqs_on+0x78/0x100 [ 150.673047][ T7147] do_syscall_64+0x10b/0xf80 [ 150.673066][ T7147] ? clear_bhb_loop+0x40/0x90 [ 150.673084][ T7147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.673099][ T7147] RIP: 0033:0x7f53ba79cdd9 [ 150.673111][ T7147] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 150.673124][ T7147] RSP: 002b:00007f53bb66e028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 150.673139][ T7147] RAX: ffffffffffffffda RBX: 00007f53baa16090 RCX: 00007f53ba79cdd9 [ 150.673148][ T7147] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 150.673156][ T7147] RBP: 00007f53ba832d69 R08: 0000000000000000 R09: 0000000000000000 [ 150.673165][ T7147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.673173][ T7147] R13: 00007f53baa16128 R14: 00007f53baa16090 R15: 00007ffd5c0ed108 [ 150.673191][ T7147] [ 151.122960][ T7146] openvswitch: netlink: IPv4 tunnel dst address is zero [ 153.044634][ T7184] netlink: 28 bytes leftover after parsing attributes in process `syz.3.309'. [ 153.181429][ T29] audit: type=1800 audit(187.790:11): pid=7189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.310" name="trace_pipe" dev="tracefs" ino=3172 res=0 errno=0 [ 154.733288][ T7206] KVM: debugfs: duplicate directory 7206-4 [ 157.754322][ T29] audit: type=1800 audit(192.370:12): pid=7313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.325" name="trace_pipe" dev="tracefs" ino=3172 res=0 errno=0 [ 158.152981][ T5629] block nbd1: Receive control failed (result -32) [ 158.327888][ T7320] netlink: 4 bytes leftover after parsing attributes in process `syz.0.327'. [ 159.164971][ T7347] FAULT_INJECTION: forcing a failure. [ 159.164971][ T7347] name failslab, interval 1, probability 0, space 0, times 0 [ 159.198519][ T7347] CPU: 0 UID: 8 PID: 7347 Comm: syz.2.334 Tainted: G L syzkaller #0 PREEMPT(full) [ 159.198545][ T7347] Tainted: [L]=SOFTLOCKUP [ 159.198551][ T7347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 159.198560][ T7347] Call Trace: [ 159.198565][ T7347] [ 159.198571][ T7347] dump_stack_lvl+0x100/0x190 [ 159.198594][ T7347] should_fail_ex.cold+0x5/0xa [ 159.198613][ T7347] should_failslab+0xc2/0x120 [ 159.198630][ T7347] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 159.198654][ T7347] ? sock_alloc_inode+0x26/0x290 [ 159.198675][ T7347] ? __pfx_sock_alloc_inode+0x10/0x10 [ 159.198694][ T7347] sock_alloc_inode+0x26/0x290 [ 159.198712][ T7347] ? __pfx_sock_alloc_inode+0x10/0x10 [ 159.198730][ T7347] alloc_inode+0x68/0x250 [ 159.198753][ T7347] sock_alloc+0x44/0x280 [ 159.198768][ T7347] ? security_socket_create+0x7f/0x250 [ 159.198798][ T7347] __sock_create+0xc2/0x860 [ 159.198822][ T7347] __sys_socket+0x14d/0x260 [ 159.198843][ T7347] ? __pfx___sys_socket+0x10/0x10 [ 159.198864][ T7347] ? ksys_write+0x1ac/0x250 [ 159.198886][ T7347] __x64_sys_socket+0x72/0xb0 [ 159.198906][ T7347] ? lockdep_hardirqs_on+0x78/0x100 [ 159.198927][ T7347] do_syscall_64+0x10b/0xf80 [ 159.198947][ T7347] ? clear_bhb_loop+0x40/0x90 [ 159.198964][ T7347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.198979][ T7347] RIP: 0033:0x7f638b39cdd9 [ 159.198992][ T7347] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 159.199006][ T7347] RSP: 002b:00007f638c2a8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 159.199021][ T7347] RAX: ffffffffffffffda RBX: 00007f638b616090 RCX: 00007f638b39cdd9 [ 159.199030][ T7347] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000010 [ 159.199038][ T7347] RBP: 00007f638b432d69 R08: 0000000000000000 R09: 0000000000000000 [ 159.199047][ T7347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.199055][ T7347] R13: 00007f638b616128 R14: 00007f638b616090 R15: 00007ffe81a26598 [ 159.199073][ T7347] [ 159.199081][ T7347] socket: no more sockets [ 160.244515][ T7362] sd 0:0:1:0: PR command failed: 1026 [ 160.268926][ T7362] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 160.305180][ T7362] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 160.440245][ T7367] usb usb3: usbfs: process 7367 (syz.1.338) did not claim interface 1 before use [ 161.606708][ T7380] ovs_: entered promiscuous mode [ 161.789389][ T7399] netlink: 28 bytes leftover after parsing attributes in process `syz.3.347'. [ 162.036223][ T7402] input: f¬ as /devices/virtual/input/input12 [ 162.163492][ T29] audit: type=1800 audit(196.780:13): pid=7407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.348" name="trace_pipe" dev="tracefs" ino=3172 res=0 errno=0 [ 162.392152][ T7415] random: crng reseeded on system resumption [ 162.790760][ T7426] netlink: 'syz.0.354': attribute type 11 has an invalid length. [ 162.875648][ T7426] netlink: 'syz.0.354': attribute type 11 has an invalid length. [ 162.950638][ T7426] netlink: 'syz.0.354': attribute type 11 has an invalid length. [ 163.023336][ T7435] netlink: 28 bytes leftover after parsing attributes in process `syz.2.356'. [ 163.337183][ T7441] netlink: 16 bytes leftover after parsing attributes in process `syz.2.358'. [ 164.367779][ T29] audit: type=1800 audit(198.990:14): pid=7465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.363" name=04 dev="tmpfs" ino=528 res=0 errno=0 [ 165.037577][ T7471] random: crng reseeded on system resumption [ 165.377978][ T29] audit: type=1804 audit(199.980:15): pid=7481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.366" name="/newroot/94/file0" dev="tmpfs" ino=509 res=1 errno=0 [ 165.532718][ T29] audit: type=1804 audit(200.050:16): pid=7474 uid=2 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.366" name="/newroot/94/file0" dev="tmpfs" ino=509 res=1 errno=0 [ 165.978027][ T7491] netlink: 28 bytes leftover after parsing attributes in process `syz.0.367'. [ 166.276360][ T7498] FAULT_INJECTION: forcing a failure. [ 166.276360][ T7498] name failslab, interval 1, probability 0, space 0, times 0 [ 166.370489][ T7498] CPU: 0 UID: 0 PID: 7498 Comm: syz.3.371 Tainted: G L syzkaller #0 PREEMPT(full) [ 166.370516][ T7498] Tainted: [L]=SOFTLOCKUP [ 166.370522][ T7498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 166.370531][ T7498] Call Trace: [ 166.370536][ T7498] [ 166.370545][ T7498] dump_stack_lvl+0x100/0x190 [ 166.370566][ T7498] should_fail_ex.cold+0x5/0xa [ 166.370587][ T7498] should_failslab+0xc2/0x120 [ 166.370604][ T7498] __kmalloc_cache_noprof+0x7a/0x6f0 [ 166.370624][ T7498] ? sctp_endpoint_new+0xfc/0xb20 [ 166.370641][ T7498] ? __debug_object_init+0x2de/0x3d0 [ 166.370666][ T7498] sctp_endpoint_new+0xfc/0xb20 [ 166.370684][ T7498] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 166.370702][ T7498] ? lockdep_init_map_type+0x5c/0x250 [ 166.370718][ T7498] ? lockdep_init_map_type+0x5c/0x250 [ 166.370732][ T7498] ? lockdep_init_map_type+0x5c/0x250 [ 166.370749][ T7498] sctp_init_sock+0xe2b/0x1300 [ 166.370765][ T7498] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 166.370781][ T7498] sctp_v6_init_sock+0x16/0x70 [ 166.370797][ T7498] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 166.370812][ T7498] inet6_create+0xb21/0x12b0 [ 166.370833][ T7498] ? inet6_create+0x7f/0x12b0 [ 166.370854][ T7498] __sock_create+0x339/0x860 [ 166.370879][ T7498] __sys_socket+0x14d/0x260 [ 166.370900][ T7498] ? __pfx___sys_socket+0x10/0x10 [ 166.370919][ T7498] ? ksys_write+0x1ac/0x250 [ 166.370940][ T7498] __x64_sys_socket+0x72/0xb0 [ 166.370960][ T7498] ? lockdep_hardirqs_on+0x78/0x100 [ 166.370981][ T7498] do_syscall_64+0x10b/0xf80 [ 166.371001][ T7498] ? clear_bhb_loop+0x40/0x90 [ 166.371018][ T7498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.371033][ T7498] RIP: 0033:0x7f985079cdd9 [ 166.371046][ T7498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 166.371059][ T7498] RSP: 002b:00007f98516b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 166.371073][ T7498] RAX: ffffffffffffffda RBX: 00007f9850a15fa0 RCX: 00007f985079cdd9 [ 166.371083][ T7498] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 166.371091][ T7498] RBP: 00007f9850832d69 R08: 0000000000000000 R09: 0000000000000000 [ 166.371100][ T7498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.371108][ T7498] R13: 00007f9850a16038 R14: 00007f9850a15fa0 R15: 00007ffe09aeaad8 [ 166.371133][ T7498] [ 167.894557][ T7534] netlink: 48 bytes leftover after parsing attributes in process `syz.0.380'. [ 168.331425][ T7545] netlink: 28 bytes leftover after parsing attributes in process `syz.2.383'. [ 169.119297][ T7567] netlink: 'syz.2.390': attribute type 2 has an invalid length. [ 169.158514][ T7567] netlink: 'syz.2.390': attribute type 3 has an invalid length. [ 169.219972][ T7567] netlink: 158 bytes leftover after parsing attributes in process `syz.2.390'. [ 169.309280][ T7567] netlink: 4 bytes leftover after parsing attributes in process `syz.2.390'. [ 169.634788][ T7584] usbcore.quirks: string doesn't fit in 127 chars. [ 169.860626][ T7591] FAULT_INJECTION: forcing a failure. [ 169.860626][ T7591] name failslab, interval 1, probability 0, space 0, times 0 [ 169.918567][ T7591] CPU: 0 UID: 0 PID: 7591 Comm: syz.2.395 Tainted: G L syzkaller #0 PREEMPT(full) [ 169.918594][ T7591] Tainted: [L]=SOFTLOCKUP [ 169.918599][ T7591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 169.918608][ T7591] Call Trace: [ 169.918613][ T7591] [ 169.918619][ T7591] dump_stack_lvl+0x100/0x190 [ 169.918640][ T7591] should_fail_ex.cold+0x5/0xa [ 169.918659][ T7591] should_failslab+0xc2/0x120 [ 169.918677][ T7591] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 169.918700][ T7591] ? sock_alloc_inode+0x26/0x290 [ 169.918720][ T7591] ? __pfx_sock_alloc_inode+0x10/0x10 [ 169.918766][ T7591] sock_alloc_inode+0x26/0x290 [ 169.918785][ T7591] ? __pfx_sock_alloc_inode+0x10/0x10 [ 169.918804][ T7591] alloc_inode+0x68/0x250 [ 169.918827][ T7591] sock_alloc+0x44/0x280 [ 169.918843][ T7591] ? security_socket_create+0x7f/0x250 [ 169.918867][ T7591] __sock_create+0xc2/0x860 [ 169.918890][ T7591] __sys_socket+0x14d/0x260 [ 169.918912][ T7591] ? __pfx___sys_socket+0x10/0x10 [ 169.918932][ T7591] ? ksys_write+0x1ac/0x250 [ 169.918953][ T7591] __x64_sys_socket+0x72/0xb0 [ 169.918973][ T7591] ? lockdep_hardirqs_on+0x78/0x100 [ 169.918993][ T7591] do_syscall_64+0x10b/0xf80 [ 169.919013][ T7591] ? clear_bhb_loop+0x40/0x90 [ 169.919031][ T7591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.919046][ T7591] RIP: 0033:0x7f638b39cdd9 [ 169.919059][ T7591] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 169.919073][ T7591] RSP: 002b:00007f638c2c9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 169.919088][ T7591] RAX: ffffffffffffffda RBX: 00007f638b615fa0 RCX: 00007f638b39cdd9 [ 169.919098][ T7591] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 169.919106][ T7591] RBP: 00007f638b432d69 R08: 0000000000000000 R09: 0000000000000000 [ 169.919114][ T7591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.919126][ T7591] R13: 00007f638b616038 R14: 00007f638b615fa0 R15: 00007ffe81a26598 [ 169.919145][ T7591] [ 169.919204][ T7591] socket: no more sockets [ 170.132735][ T7573] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 170.156474][ T7573] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 170.177242][ T7573] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 170.201118][ T7573] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 171.023515][ T29] audit: type=1800 audit(205.640:17): pid=7618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.399" name=04 dev="tmpfs" ino=486 res=0 errno=0 [ 171.388177][ T4946] Bluetooth: hci0: command 0x0c1a tx timeout [ 171.462897][ T7629] sd 0:0:1:0: PR command failed: 1026 [ 171.486003][ T7629] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 171.521545][ T7629] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 172.266210][ T4946] Bluetooth: hci3: command 0x0c1a tx timeout [ 172.272264][ T5629] Bluetooth: hci2: command 0x0c1a tx timeout [ 172.278428][ T5629] Bluetooth: hci1: command 0x0c1a tx timeout [ 172.313158][ T7651] netlink: 'syz.3.408': attribute type 11 has an invalid length. [ 172.355051][ T7651] netlink: 'syz.3.408': attribute type 11 has an invalid length. [ 172.417350][ T7651] netlink: 'syz.3.408': attribute type 11 has an invalid length. [ 173.132981][ T7672] netlink: 28 bytes leftover after parsing attributes in process `syz.0.411'. [ 173.427941][ T7651] netlink: 504 bytes leftover after parsing attributes in process `syz.3.408'. [ 173.860684][ T7696] openvswitch: netlink: Flow actions attr not present in new flow. [ 174.303609][ T7714] FAULT_INJECTION: forcing a failure. [ 174.303609][ T7714] name fail_futex, interval 1, probability 0, space 0, times 0 [ 174.420695][ T7714] CPU: 0 UID: 0 PID: 7714 Comm: syz.3.420 Tainted: G L syzkaller #0 PREEMPT(full) [ 174.420720][ T7714] Tainted: [L]=SOFTLOCKUP [ 174.420726][ T7714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 174.420734][ T7714] Call Trace: [ 174.420740][ T7714] [ 174.420745][ T7714] dump_stack_lvl+0x100/0x190 [ 174.420779][ T7714] should_fail_ex.cold+0x5/0xa [ 174.420798][ T7714] get_futex_key+0x1d2/0x1510 [ 174.420815][ T7714] ? __pfx_get_futex_key+0x10/0x10 [ 174.420828][ T7714] ? do_raw_spin_lock+0x128/0x260 [ 174.420844][ T7714] ? find_held_lock+0x2b/0x80 [ 174.420865][ T7714] ? lock_acquire+0x1b1/0x370 [ 174.420880][ T7714] futex_wake+0xea/0x530 [ 174.420900][ T7714] ? __pfx_futex_wake+0x10/0x10 [ 174.420918][ T7714] ? rcu_is_watching+0x12/0xc0 [ 174.420942][ T7714] do_futex+0x32b/0x350 [ 174.420958][ T7714] ? __pfx_do_futex+0x10/0x10 [ 174.420977][ T7714] __x64_sys_futex+0x34f/0x4d0 [ 174.420995][ T7714] ? __pfx___x64_sys_futex+0x10/0x10 [ 174.421014][ T7714] ? rcu_is_watching+0x12/0xc0 [ 174.421033][ T7714] do_syscall_64+0x10b/0xf80 [ 174.421054][ T7714] ? clear_bhb_loop+0x40/0x90 [ 174.421071][ T7714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.421086][ T7714] RIP: 0033:0x7f985079cdd9 [ 174.421101][ T7714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 174.421115][ T7714] RSP: 002b:00007f98516920e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 174.421129][ T7714] RAX: ffffffffffffffda RBX: 00007f9850a16098 RCX: 00007f985079cdd9 [ 174.421138][ T7714] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9850a1609c [ 174.421146][ T7714] RBP: 00007f9850a16090 R08: 0000000000000001 R09: 0000000000000000 [ 174.421155][ T7714] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 174.421163][ T7714] R13: 00007f9850a16128 R14: 00007ffe09aea9f0 R15: 00007ffe09aeaad8 [ 174.421181][ T7714] [ 174.904277][ T7737] netlink: 28 bytes leftover after parsing attributes in process `syz.3.424'. [ 175.659616][ T7761] ======================================================= [ 175.659616][ T7761] WARNING: The mand mount option has been deprecated and [ 175.659616][ T7761] and is ignored by this kernel. Remove the mand [ 175.659616][ T7761] option from the mount to silence this warning. [ 175.659616][ T7761] ======================================================= [ 176.436730][ T7780] netlink: 28 bytes leftover after parsing attributes in process `syz.0.435'. [ 176.654513][ T7768] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 176.692998][ T7768] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 176.731379][ T7768] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 176.767669][ T7768] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 177.523356][ T7809] zram: Added device: zram2 [ 177.761176][ T7822] netlink: 28 bytes leftover after parsing attributes in process `syz.0.445'. [ 178.106917][ T4946] Bluetooth: hci0: command 0x0c1a tx timeout [ 178.589067][ T7844] random: crng reseeded on system resumption [ 178.745704][ T49] Bluetooth: hci1: command 0x0c1a tx timeout [ 178.751777][ T4946] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.825726][ T4946] Bluetooth: hci3: command 0x0c1a tx timeout [ 180.191239][ T7881] netlink: 4 bytes leftover after parsing attributes in process `syz.1.459'. [ 180.245151][ T7885] netlink: 354 bytes leftover after parsing attributes in process `syz.1.459'. [ 180.405444][ T7885] vivid-008: ================= START STATUS ================= [ 180.513836][ T7885] vivid-008: ================== END STATUS ================== [ 180.535211][ T7887] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 180.558373][ T7887] pci 0000:00:01.3: PCI INT A: no GSI [ 181.315778][ T7916] random: crng reseeded on system resumption [ 181.526932][ T7914] FAULT_INJECTION: forcing a failure. [ 181.526932][ T7914] name failslab, interval 1, probability 0, space 0, times 0 [ 181.630178][ T7914] CPU: 0 UID: 0 PID: 7914 Comm: syz.2.465 Tainted: G L syzkaller #0 PREEMPT(full) [ 181.630204][ T7914] Tainted: [L]=SOFTLOCKUP [ 181.630210][ T7914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 181.630218][ T7914] Call Trace: [ 181.630223][ T7914] [ 181.630230][ T7914] dump_stack_lvl+0x100/0x190 [ 181.630253][ T7914] should_fail_ex.cold+0x5/0xa [ 181.630272][ T7914] should_failslab+0xc2/0x120 [ 181.630290][ T7914] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 181.630313][ T7914] ? __d_alloc+0x34/0xa40 [ 181.630336][ T7914] __d_alloc+0x34/0xa40 [ 181.630356][ T7914] d_alloc_pseudo+0x1c/0xc0 [ 181.630371][ T7914] alloc_file_pseudo+0xcf/0x230 [ 181.630393][ T7914] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 181.630414][ T7914] ? alloc_fd+0x476/0x790 [ 181.630434][ T7914] sock_alloc_file+0x50/0x210 [ 181.630452][ T7914] __sys_socket+0x1c0/0x260 [ 181.630473][ T7914] ? __pfx___sys_socket+0x10/0x10 [ 181.630493][ T7914] ? ksys_write+0x1ac/0x250 [ 181.630514][ T7914] __x64_sys_socket+0x72/0xb0 [ 181.630535][ T7914] ? lockdep_hardirqs_on+0x78/0x100 [ 181.630563][ T7914] do_syscall_64+0x10b/0xf80 [ 181.630585][ T7914] ? clear_bhb_loop+0x40/0x90 [ 181.630603][ T7914] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.630618][ T7914] RIP: 0033:0x7f638b39cdd9 [ 181.630638][ T7914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 181.630653][ T7914] RSP: 002b:00007f638c2a8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 181.630668][ T7914] RAX: ffffffffffffffda RBX: 00007f638b616090 RCX: 00007f638b39cdd9 [ 181.630678][ T7914] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002d [ 181.630686][ T7914] RBP: 00007f638b432d69 R08: 0000000000000000 R09: 0000000000000000 [ 181.630695][ T7914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 181.630704][ T7914] R13: 00007f638b616128 R14: 00007f638b616090 R15: 00007ffe81a26598 [ 181.630723][ T7914] [ 183.829485][ T7951] input: f¬ as /devices/virtual/input/input16 [ 185.645551][ T7955] kexec: Could not allocate control_code_buffer [ 185.948871][ T29] audit: type=1800 audit(220.560:18): pid=7967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.478" name="file0" dev="tmpfs" ino=642 res=0 errno=0 [ 186.262835][ T7994] can: request_module (can-proto-0) failed. [ 186.715038][ T8016] input: f¬ as /devices/virtual/input/input17 [ 189.630174][ T8099] random: crng reseeded on system resumption [ 191.000730][ T8122] futex_wake_op: syz.3.505 tries to shift op by -2048; fix this program [ 191.065100][ T8122] 0x000000000001-0x000000020000 : "" [ 191.252859][ T8122] ftl_cs: FTL header corrupt! [ 193.544864][ T8172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 193.718930][ T8172] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 193.900133][ T8172] memcg:ffff88803446eb01 [ 193.987644][ T8189] can: request_module (can-proto-0) failed. [ 194.002355][ T8172] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 194.099544][ T8172] page_type: f5(slab) [ 194.134157][ T8172] raw: 00fff00000000040 ffff88801ce93780 dead000000000100 dead000000000122 [ 194.187988][ T8172] raw: 0000000000000000 0000000800150015 00000000f5000000 ffff88803446eb01 [ 194.234064][ T8172] head: 00fff00000000040 ffff88801ce93780 dead000000000100 dead000000000122 [ 194.270913][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.277344][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.343580][ T8172] head: 0000000000000000 0000000800150015 00000000f5000000 ffff88803446eb01 [ 194.482852][ T8172] head: 00fff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff [ 194.622197][ T8172] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 194.683181][ T8172] page dumped because: unmovable page [ 194.738771][ T8172] page_owner tracks the page as allocated [ 194.823399][ T8172] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5009, tgid 5009 (udevd), ts 34261022294, free_ts 26618726823 [ 194.901335][ T8172] post_alloc_hook+0x153/0x170 [ 194.956927][ T8172] get_page_from_freelist+0x11a6/0x33b0 [ 195.003507][ T8172] __alloc_frozen_pages_noprof+0x27c/0x2bc0 [ 195.057065][ T8172] new_slab+0xa6/0x6c0 [ 195.076446][ T8172] refill_objects+0x277/0x420 [ 195.108963][ T8172] __pcs_replace_empty_main+0x375/0x650 [ 195.138897][ T8172] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 195.178967][ T8172] __d_alloc+0x34/0xa40 [ 195.205744][ T8172] d_alloc_parallel+0x111/0x14e0 [ 195.227933][ T8172] lookup_open.isra.0+0x57c/0x11b0 [ 195.247676][ T8172] path_openat+0x2291/0x31a0 [ 195.263009][ T8172] do_file_open+0x20e/0x430 [ 195.276442][ T8172] do_sys_openat2+0x10d/0x1e0 [ 195.291307][ T8172] __x64_sys_openat+0x12d/0x210 [ 195.315747][ T8172] do_syscall_64+0x10b/0xf80 [ 195.334735][ T8172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.363079][ T8172] page last free pid 1 tgid 1 stack trace: [ 195.386123][ T8172] __free_frozen_pages+0x747/0x1040 [ 195.409480][ T8172] free_contig_range+0xda/0x140 [ 195.431054][ T8172] destroy_args+0xa8/0x7a0 [ 195.449604][ T8172] debug_vm_pgtable+0x1d69/0x3490 [ 195.471841][ T8172] do_one_initcall+0x121/0x750 [ 195.490833][ T8172] kernel_init_freeable+0x6ea/0x7b0 [ 195.518254][ T8172] kernel_init+0x1f/0x1e0 [ 195.534179][ T8172] ret_from_fork+0x72b/0xd50 [ 195.560292][ T8172] ret_from_fork_asm+0x1a/0x30 [ 196.269421][ T8243] netlink: 28 bytes leftover after parsing attributes in process `syz.0.521'. [ 196.385528][ T8246] netlink: 4 bytes leftover after parsing attributes in process `syz.1.522'. [ 196.777052][ T8262] netlink: 8 bytes leftover after parsing attributes in process `syz.0.525'. [ 197.042548][ T8270] random: crng reseeded on system resumption [ 197.270558][ T8274] FAULT_INJECTION: forcing a failure. [ 197.270558][ T8274] name failslab, interval 1, probability 0, space 0, times 0 [ 197.321043][ T8274] CPU: 0 UID: 0 PID: 8274 Comm: syz.1.528 Tainted: G L syzkaller #0 PREEMPT(full) [ 197.321068][ T8274] Tainted: [L]=SOFTLOCKUP [ 197.321074][ T8274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 197.321089][ T8274] Call Trace: [ 197.321094][ T8274] [ 197.321101][ T8274] dump_stack_lvl+0x100/0x190 [ 197.321124][ T8274] should_fail_ex.cold+0x5/0xa [ 197.321145][ T8274] should_failslab+0xc2/0x120 [ 197.321162][ T8274] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 197.321186][ T8274] ? alloc_empty_file+0x5b/0x1c0 [ 197.321206][ T8274] ? __pfx_stack_trace_save+0x10/0x10 [ 197.321229][ T8274] alloc_empty_file+0x5b/0x1c0 [ 197.321250][ T8274] path_openat+0xe8/0x31a0 [ 197.321267][ T8274] ? kasan_save_stack+0x3f/0x50 [ 197.321280][ T8274] ? kasan_save_stack+0x30/0x50 [ 197.321293][ T8274] ? kasan_save_track+0x14/0x30 [ 197.321306][ T8274] ? __kasan_slab_alloc+0x89/0x90 [ 197.321320][ T8274] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 197.321341][ T8274] ? do_getname+0x35/0x390 [ 197.321360][ T8274] ? do_sys_openat2+0xc5/0x1e0 [ 197.321381][ T8274] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.321398][ T8274] ? __pfx_path_openat+0x10/0x10 [ 197.321422][ T8274] do_file_open+0x20e/0x430 [ 197.321441][ T8274] ? __pfx_do_file_open+0x10/0x10 [ 197.321472][ T8274] ? alloc_fd+0x476/0x790 [ 197.321491][ T8274] ? do_getname+0x191/0x390 [ 197.321513][ T8274] do_sys_openat2+0x10d/0x1e0 [ 197.321535][ T8274] ? __pfx_do_sys_openat2+0x10/0x10 [ 197.321558][ T8274] ? __sys_sendmsg+0x18f/0x220 [ 197.321578][ T8274] __x64_sys_openat+0x12d/0x210 [ 197.321600][ T8274] ? __pfx___x64_sys_openat+0x10/0x10 [ 197.321625][ T8274] ? rcu_is_watching+0x12/0xc0 [ 197.321646][ T8274] do_syscall_64+0x10b/0xf80 [ 197.321667][ T8274] ? clear_bhb_loop+0x40/0x90 [ 197.321684][ T8274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.321698][ T8274] RIP: 0033:0x7f192a39cdd9 [ 197.321711][ T8274] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 197.321725][ T8274] RSP: 002b:00007f19285f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 197.321739][ T8274] RAX: ffffffffffffffda RBX: 00007f192a615fa0 RCX: 00007f192a39cdd9 [ 197.321749][ T8274] RDX: 0000000000020000 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 197.321758][ T8274] RBP: 00007f192a432d69 R08: 0000000000000000 R09: 0000000000000000 [ 197.321766][ T8274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 197.321775][ T8274] R13: 00007f192a616038 R14: 00007f192a615fa0 R15: 00007fff13519d48 [ 197.321794][ T8274] [ 199.819981][ T8320] input: f¬ as /devices/virtual/input/input21 [ 200.240093][ T8329] input: f¬ as /devices/virtual/input/input22 [ 200.523911][ T8337] input: f¬ as /devices/virtual/input/input23 [ 201.726514][ T8357] FAULT_INJECTION: forcing a failure. [ 201.726514][ T8357] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 201.726578][ T8357] CPU: 0 UID: 0 PID: 8357 Comm: syz.1.543 Tainted: G L syzkaller #0 PREEMPT(full) [ 201.726598][ T8357] Tainted: [L]=SOFTLOCKUP [ 201.726603][ T8357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 201.726612][ T8357] Call Trace: [ 201.726616][ T8357] [ 201.726622][ T8357] dump_stack_lvl+0x100/0x190 [ 201.726642][ T8357] should_fail_ex.cold+0x5/0xa [ 201.726658][ T8357] ? prepare_alloc_pages+0x16d/0x5f0 [ 201.726686][ T8357] should_fail_alloc_page+0xeb/0x140 [ 201.726704][ T8357] prepare_alloc_pages+0x1f0/0x5f0 [ 201.726722][ T8357] ? ima_match_policy+0x8c4/0x2350 [ 201.726741][ T8357] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 201.726775][ T8357] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 201.726799][ T8357] ? __pfx___might_resched+0x10/0x10 [ 201.726816][ T8357] ? find_held_lock+0x2b/0x80 [ 201.726834][ T8357] ? process_measurement+0x4c8/0x2350 [ 201.726855][ T8357] ? process_measurement+0x4c8/0x2350 [ 201.726879][ T8357] ? up_write+0x28c/0x4f0 [ 201.726895][ T8357] ? vma_is_special_huge+0x23f/0x2d0 [ 201.726911][ T8357] ? __pfx_vma_is_special_huge+0x10/0x10 [ 201.726928][ T8357] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 201.726950][ T8357] ? policy_nodemask+0xed/0x4f0 [ 201.726968][ T8357] alloc_pages_mpol+0x1fb/0x540 [ 201.726986][ T8357] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 201.727004][ T8357] ? __pfx___thp_vma_allowable_orders+0x10/0x10 [ 201.727025][ T8357] alloc_pages_noprof+0x1a/0x160 [ 201.727045][ T8357] __pmd_alloc+0x3b/0x950 [ 201.727065][ T8357] __handle_mm_fault+0xa9c/0x2a00 [ 201.727089][ T8357] ? mt_find+0x45e/0x8e0 [ 201.727112][ T8357] ? __pfx___handle_mm_fault+0x10/0x10 [ 201.727132][ T8357] ? __pfx_mt_find+0x10/0x10 [ 201.727163][ T8357] ? find_vma+0xbf/0x140 [ 201.727178][ T8357] ? __pfx_find_vma+0x10/0x10 [ 201.727195][ T8357] handle_mm_fault+0x36d/0xa20 [ 201.727220][ T8357] do_user_addr_fault+0x74c/0x12f0 [ 201.727240][ T8357] ? trace_page_fault_kernel+0x7a/0x200 [ 201.727258][ T8357] exc_page_fault+0x6f/0xd0 [ 201.727279][ T8357] asm_exc_page_fault+0x26/0x30 [ 201.727294][ T8357] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 201.727311][ T8357] Code: c4 10 e9 84 9b 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 9b 04 00 66 66 [ 201.727325][ T8357] RSP: 0018:ffffc90004c27bd0 EFLAGS: 00050202 [ 201.727337][ T8357] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 201.727346][ T8357] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90004c27cf0 [ 201.727354][ T8357] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52000984f9e [ 201.727363][ T8357] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 201.727371][ T8357] R13: ffffc90004c27cf0 R14: 0000000000000000 R15: 0000000000000114 [ 201.727389][ T8357] _copy_from_user+0x98/0xd0 [ 201.727404][ T8357] copy_from_sockptr_offset.constprop.0+0x12c/0x150 [ 201.727427][ T8357] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 201.727453][ T8357] do_sock_getsockopt+0x530/0x6e0 [ 201.727471][ T8357] ? __lock_acquire+0x4a5/0x2630 [ 201.727486][ T8357] ? 0xffffffffff600000 [ 201.727498][ T8357] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 201.727516][ T8357] ? find_held_lock+0x2b/0x80 [ 201.727537][ T8357] ? ksys_write+0x190/0x250 [ 201.727555][ T8357] ? 0xffffffffff600000 [ 201.727567][ T8357] ? find_held_lock+0x2b/0x80 [ 201.727590][ T8357] ? __fget_files+0x21f/0x3d0 [ 201.727611][ T8357] __sys_getsockopt+0x133/0x1d0 [ 201.727627][ T8357] ? 0xffffffffff600000 [ 201.727637][ T8357] ? __pfx_ksys_write+0x10/0x10 [ 201.727656][ T8357] ? __x64_sys_getsockopt+0xbd/0x160 [ 201.727674][ T8357] __x64_sys_getsockopt+0xbd/0x160 [ 201.727689][ T8357] ? do_syscall_64+0x90/0xf80 [ 201.727709][ T8357] ? lockdep_hardirqs_on+0x78/0x100 [ 201.727729][ T8357] do_syscall_64+0x10b/0xf80 [ 201.727748][ T8357] ? clear_bhb_loop+0x40/0x90 [ 201.727766][ T8357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.727780][ T8357] RIP: 0033:0x7f192a39cdd9 [ 201.727791][ T8357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 201.727803][ T8357] RSP: 002b:00007f19285f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 201.727816][ T8357] RAX: ffffffffffffffda RBX: 00007f192a615fa0 RCX: 00007f192a39cdd9 [ 201.727825][ T8357] RDX: 000000000000271b RSI: 0000000000000114 RDI: 0000000000000003 [ 201.727833][ T8357] RBP: 00007f19285f6090 R08: 0000000000000000 R09: 0000000000000000 [ 201.727841][ T8357] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001 [ 201.727850][ T8357] R13: 00007f192a616038 R14: 00007f192a615fa0 R15: 00007fff13519d48 [ 201.727862][ T8357] ? 0xffffffffff600000 [ 201.727878][ T8357] [ 202.826769][ T8375] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 203.838923][ T8388] netlink: 16 bytes leftover after parsing attributes in process `syz.1.547'. [ 204.535149][ T8363] kexec: Could not allocate control_code_buffer [ 205.217441][ T8412] input: f¬ as /devices/virtual/input/input24 [ 205.672610][ T8421] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 209.355072][ T8492] random: crng reseeded on system resumption [ 209.491267][ T8494] random: crng reseeded on system resumption [ 211.770136][ T8533] netlink: 25 bytes leftover after parsing attributes in process `syz.0.577'. [ 213.604135][ T29] audit: type=1326 audit(248.220:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.0.582" exe="/root/ci-qemu-gce-upstream-auto/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f53ba79cdd9 code=0x0 [ 215.650482][ T8587] snd_aloop snd_aloop.0: control 16781581:65538:6:é'x?F¢é/èìzFË·fCªáª:7 is already present [ 216.610689][ T8611] FAULT_INJECTION: forcing a failure. [ 216.610689][ T8611] name failslab, interval 1, probability 0, space 0, times 0 [ 216.688161][ T8611] CPU: 0 UID: 0 PID: 8611 Comm: syz.3.594 Tainted: G L syzkaller #0 PREEMPT(full) [ 216.688188][ T8611] Tainted: [L]=SOFTLOCKUP [ 216.688193][ T8611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 216.688202][ T8611] Call Trace: [ 216.688207][ T8611] [ 216.688213][ T8611] dump_stack_lvl+0x100/0x190 [ 216.688235][ T8611] should_fail_ex.cold+0x5/0xa [ 216.688254][ T8611] should_failslab+0xc2/0x120 [ 216.688272][ T8611] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 216.688295][ T8611] ? __proc_create+0x2cb/0x8c0 [ 216.688317][ T8611] __proc_create+0x2cb/0x8c0 [ 216.688336][ T8611] ? __pfx___proc_create+0x10/0x10 [ 216.688356][ T8611] ? _raw_write_unlock+0x28/0x50 [ 216.688376][ T8611] ? proc_register+0x559/0x8a0 [ 216.688396][ T8611] proc_create_reg+0x75/0x170 [ 216.688416][ T8611] ? __pfx_can_rcvlist_eff_proc_show+0x10/0x10 [ 216.688439][ T8611] proc_create_net_single+0x86/0x180 [ 216.688458][ T8611] ? __pfx_proc_create_net_single+0x10/0x10 [ 216.688487][ T8611] ? round_jiffies+0x10a/0x160 [ 216.688514][ T8611] can_init_proc+0x319/0x4b0 [ 216.688537][ T8611] can_pernet_init+0x1e4/0x370 [ 216.688558][ T8611] ? __pfx_can_pernet_init+0x10/0x10 [ 216.688577][ T8611] ops_init+0x1e2/0x5f0 [ 216.688597][ T8611] setup_net+0x118/0x3a0 [ 216.688614][ T8611] ? __pfx_setup_net+0x10/0x10 [ 216.688630][ T8611] ? mutex_init_lockdep+0xf1/0x120 [ 216.688649][ T8611] copy_net_ns+0x46f/0x7c0 [ 216.688670][ T8611] create_new_namespaces+0x3ea/0xac0 [ 216.688693][ T8611] unshare_nsproxy_namespaces+0xf2/0x220 [ 216.688714][ T8611] ksys_unshare+0x438/0xab0 [ 216.688736][ T8611] ? __pfx_ksys_unshare+0x10/0x10 [ 216.688756][ T8611] ? xfd_validate_state+0x129/0x190 [ 216.688777][ T8611] __x64_sys_unshare+0x31/0x40 [ 216.688798][ T8611] do_syscall_64+0x10b/0xf80 [ 216.688818][ T8611] ? clear_bhb_loop+0x40/0x90 [ 216.688835][ T8611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.688850][ T8611] RIP: 0033:0x7f985079cdd9 [ 216.688863][ T8611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 216.688877][ T8611] RSP: 002b:00007f98516b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 216.688892][ T8611] RAX: ffffffffffffffda RBX: 00007f9850a15fa0 RCX: 00007f985079cdd9 [ 216.688902][ T8611] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 216.688910][ T8611] RBP: 00007f9850832d69 R08: 0000000000000000 R09: 0000000000000000 [ 216.688922][ T8611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.688930][ T8611] R13: 00007f9850a16038 R14: 00007f9850a15fa0 R15: 00007ffe09aeaad8 [ 216.688949][ T8611] [ 217.480853][ T8571] netlink: 4 bytes leftover after parsing attributes in process `syz.1.585'. [ 218.173384][ T8622] netlink: 28 bytes leftover after parsing attributes in process `syz.0.596'. [ 218.931734][ T8632] random: crng reseeded on system resumption [ 221.134730][ T8674] input: f¬ as /devices/virtual/input/input26 [ 222.297274][ T8697] netlink: 28 bytes leftover after parsing attributes in process `syz.1.615'. [ 222.403944][ T8700] random: crng reseeded on system resumption [ 222.868162][ T4946] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 223.176512][ T8720] input: f¬ as /devices/virtual/input/input27 [ 223.515420][ T8713] ubi0: attaching mtd0 [ 223.547769][ T8713] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 223.744909][ T8731] ima: policy update failed [ 223.768116][ T29] audit: type=1802 audit(258.380:20): pid=8731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.624" res=0 errno=0 [ 224.158362][ T8741] netlink: 25 bytes leftover after parsing attributes in process `syz.1.628'. [ 224.317729][ T8742] can: request_module (can-proto-0) failed. [ 224.907996][ T4946] Bluetooth: hci0: command 0x0c1a tx timeout [ 225.400977][ T8773] random: crng reseeded on system resumption [ 225.408269][ T8770] input: f¬ as /devices/virtual/input/input28 [ 225.892983][ T8794] ubi0: attaching mtd0 [ 225.930463][ T8794] ubi0: scanning is finished [ 225.962204][ T8794] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 226.261371][ T8794] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 226.715521][ T8810] vhci_hcd vhci_hcd.1: invalid port number 14 [ 226.769083][ T8810] vhci_hcd vhci_hcd.1: Wrong hub descriptor type for USB 3.0 roothub. [ 226.988368][ T4946] Bluetooth: hci0: command 0x0c1a tx timeout [ 228.382209][ T8841] netlink: 28 bytes leftover after parsing attributes in process `syz.2.646'. [ 228.544121][ T8843] netlink: 8 bytes leftover after parsing attributes in process `syz.0.647'. [ 229.099015][ T8857] netlink: 28 bytes leftover after parsing attributes in process `syz.0.651'. [ 231.026566][ T8905] random: crng reseeded on system resumption [ 231.167649][ T8905] usb usb26: usbfs: process 8905 (syz.0.663) did not claim interface 0 before use [ 233.541400][ T8974] input: f¬ as /devices/virtual/input/input29 [ 233.687858][ T8982] netlink: 28 bytes leftover after parsing attributes in process `syz.3.681'. [ 234.001979][ T8990] netlink: 28 bytes leftover after parsing attributes in process `syz.2.682'. [ 234.413563][ T8999] bridge0: port 3(dummy0) entered blocking state [ 234.457566][ T8999] bridge0: port 3(dummy0) entered disabled state [ 234.498330][ T8999] dummy0: entered allmulticast mode [ 234.535055][ T8999] dummy0: entered promiscuous mode [ 234.561641][ T8999] bridge0: port 3(dummy0) entered blocking state [ 234.569066][ T8999] bridge0: port 3(dummy0) entered forwarding state [ 235.114348][ T9013] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 236.373749][ T9034] input: f¬ as /devices/virtual/input/input30 [ 236.868160][ T9042] FAULT_INJECTION: forcing a failure. [ 236.868160][ T9042] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 237.009499][ T9042] CPU: 0 UID: 0 PID: 9042 Comm: syz.2.699 Tainted: G L syzkaller #0 PREEMPT(full) [ 237.009523][ T9042] Tainted: [L]=SOFTLOCKUP [ 237.009528][ T9042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 237.009546][ T9042] Call Trace: [ 237.009554][ T9042] [ 237.009560][ T9042] dump_stack_lvl+0x100/0x190 [ 237.009582][ T9042] should_fail_ex.cold+0x5/0xa [ 237.009601][ T9042] _copy_to_user+0x32/0xd0 [ 237.009618][ T9042] simple_read_from_buffer+0xcb/0x170 [ 237.009636][ T9042] proc_fail_nth_read+0x1af/0x230 [ 237.009660][ T9042] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 237.009684][ T9042] ? rw_verify_area+0xce/0x6d0 [ 237.009698][ T9042] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 237.009720][ T9042] vfs_read+0x1e4/0xb30 [ 237.009738][ T9042] ? __pfx_vfs_read+0x10/0x10 [ 237.009753][ T9042] ? __fget_files+0x215/0x3d0 [ 237.009774][ T9042] ? __fget_files+0x21f/0x3d0 [ 237.009795][ T9042] ksys_read+0x12a/0x250 [ 237.009811][ T9042] ? __pfx_ksys_read+0x10/0x10 [ 237.009828][ T9042] ? rcu_is_watching+0x12/0xc0 [ 237.009848][ T9042] do_syscall_64+0x10b/0xf80 [ 237.009869][ T9042] ? clear_bhb_loop+0x40/0x90 [ 237.009886][ T9042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.009901][ T9042] RIP: 0033:0x7f638b35d60e [ 237.009914][ T9042] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 237.009927][ T9042] RSP: 002b:00007f638c2c8fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 237.009941][ T9042] RAX: ffffffffffffffda RBX: 00007f638c2c96c0 RCX: 00007f638b35d60e [ 237.009950][ T9042] RDX: 000000000000000f RSI: 00007f638c2c90a0 RDI: 0000000000000004 [ 237.009959][ T9042] RBP: 00007f638c2c9090 R08: 0000000000000000 R09: 0000000000000000 [ 237.009967][ T9042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 237.009975][ T9042] R13: 00007f638b616038 R14: 00007f638b615fa0 R15: 00007ffe81a26598 [ 237.009994][ T9042] [ 237.780629][ T29] audit: type=1800 audit(272.340:21): pid=9051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.702" name="features" dev="configfs" ino=27303 res=0 errno=0 [ 238.343479][ T9071] FAULT_INJECTION: forcing a failure. [ 238.343479][ T9071] name failslab, interval 1, probability 0, space 0, times 0 [ 238.389081][ T9071] CPU: 0 UID: 0 PID: 9071 Comm: syz.3.709 Tainted: G L syzkaller #0 PREEMPT(full) [ 238.389105][ T9071] Tainted: [L]=SOFTLOCKUP [ 238.389110][ T9071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 238.389118][ T9071] Call Trace: [ 238.389123][ T9071] [ 238.389129][ T9071] dump_stack_lvl+0x100/0x190 [ 238.389150][ T9071] should_fail_ex.cold+0x5/0xa [ 238.389176][ T9071] ? iovec_from_user+0x8d/0x140 [ 238.389191][ T9071] should_failslab+0xc2/0x120 [ 238.389209][ T9071] __kmalloc_noprof+0xe0/0x850 [ 238.389226][ T9071] iovec_from_user+0x8d/0x140 [ 238.389242][ T9071] __import_iovec+0x81/0x640 [ 238.389261][ T9071] import_iovec+0x82/0xb0 [ 238.389277][ T9071] copy_msghdr_from_user+0x2ed/0x4f0 [ 238.389300][ T9071] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 238.389324][ T9071] ? futex_unqueue+0x133/0x2c0 [ 238.389343][ T9071] ___sys_sendmsg+0x106/0x1e0 [ 238.389365][ T9071] ? __pfx____sys_sendmsg+0x10/0x10 [ 238.389385][ T9071] ? __pfx___futex_wait+0x10/0x10 [ 238.389411][ T9071] ? find_held_lock+0x2b/0x80 [ 238.389440][ T9071] __sys_sendmmsg+0x205/0x430 [ 238.389458][ T9071] ? __pfx___sys_sendmmsg+0x10/0x10 [ 238.389480][ T9071] ? __pfx_do_futex+0x10/0x10 [ 238.389503][ T9071] ? xfd_validate_state+0x129/0x190 [ 238.389529][ T9071] __x64_sys_sendmmsg+0x9c/0x100 [ 238.389545][ T9071] ? lockdep_hardirqs_on+0x78/0x100 [ 238.389567][ T9071] do_syscall_64+0x10b/0xf80 [ 238.389587][ T9071] ? clear_bhb_loop+0x40/0x90 [ 238.389607][ T9071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.389622][ T9071] RIP: 0033:0x7f985079cdd9 [ 238.389634][ T9071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 238.389648][ T9071] RSP: 002b:00007f98516b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 238.389662][ T9071] RAX: ffffffffffffffda RBX: 00007f9850a15fa0 RCX: 00007f985079cdd9 [ 238.389671][ T9071] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000004 [ 238.389680][ T9071] RBP: 00007f9850832d69 R08: 0000000000000000 R09: 0000000000000000 [ 238.389688][ T9071] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.389697][ T9071] R13: 00007f9850a16038 R14: 00007f9850a15fa0 R15: 00007ffe09aeaad8 [ 238.389715][ T9071] [ 239.017648][ T9085] input: f¬ as /devices/virtual/input/input31 [ 239.327117][ T9093] FAULT_INJECTION: forcing a failure. [ 239.327117][ T9093] name failslab, interval 1, probability 0, space 0, times 0 [ 239.358410][ T9093] CPU: 0 UID: 0 PID: 9093 Comm: syz.3.715 Tainted: G L syzkaller #0 PREEMPT(full) [ 239.358435][ T9093] Tainted: [L]=SOFTLOCKUP [ 239.358440][ T9093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 239.358449][ T9093] Call Trace: [ 239.358454][ T9093] [ 239.358461][ T9093] dump_stack_lvl+0x100/0x190 [ 239.358482][ T9093] should_fail_ex.cold+0x5/0xa [ 239.358501][ T9093] should_failslab+0xc2/0x120 [ 239.358518][ T9093] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 239.358540][ T9093] ? alloc_empty_file+0x5b/0x1c0 [ 239.358565][ T9093] alloc_empty_file+0x5b/0x1c0 [ 239.358587][ T9093] alloc_file_pseudo+0x13a/0x230 [ 239.358608][ T9093] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 239.358630][ T9093] ? alloc_fd+0x476/0x790 [ 239.358650][ T9093] sock_alloc_file+0x50/0x210 [ 239.358668][ T9093] __sys_socket+0x1c0/0x260 [ 239.358688][ T9093] ? __pfx___sys_socket+0x10/0x10 [ 239.358708][ T9093] ? ksys_write+0x1ac/0x250 [ 239.358729][ T9093] __x64_sys_socket+0x72/0xb0 [ 239.358749][ T9093] ? lockdep_hardirqs_on+0x78/0x100 [ 239.358770][ T9093] do_syscall_64+0x10b/0xf80 [ 239.358790][ T9093] ? clear_bhb_loop+0x40/0x90 [ 239.358808][ T9093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.358822][ T9093] RIP: 0033:0x7f985079cdd9 [ 239.358836][ T9093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 239.358850][ T9093] RSP: 002b:00007f98516b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 239.358864][ T9093] RAX: ffffffffffffffda RBX: 00007f9850a15fa0 RCX: 00007f985079cdd9 [ 239.358873][ T9093] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 239.358882][ T9093] RBP: 00007f9850832d69 R08: 0000000000000000 R09: 0000000000000000 [ 239.358890][ T9093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.358898][ T9093] R13: 00007f9850a16038 R14: 00007f9850a15fa0 R15: 00007ffe09aeaad8 [ 239.358917][ T9093] [ 239.913101][ T9099] random: crng reseeded on system resumption [ 241.984920][ T9134] input: f¬ as /devices/virtual/input/input32 [ 242.137976][ T9139] input: f¬ as /devices/virtual/input/input33 [ 242.643066][ T9151] netlink: 28 bytes leftover after parsing attributes in process `syz.3.729'. [ 244.381599][ T9189] ubi0: attaching mtd0 [ 244.404538][ T9189] ubi0: scanning is finished [ 244.423758][ T9189] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 244.567955][ T9189] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 244.850186][ T9198] netlink: 28 bytes leftover after parsing attributes in process `syz.2.741'. [ 245.208269][ T9205] netlink: 12 bytes leftover after parsing attributes in process `syz.3.743'. [ 245.531682][ T9219] random: crng reseeded on system resumption [ 246.129948][ T9231] random: crng reseeded on system resumption [ 247.422840][ T9262] netlink: 28 bytes leftover after parsing attributes in process `syz.3.753'. [ 248.276388][ T9275] netlink: 8 bytes leftover after parsing attributes in process `syz.1.758'. [ 248.837702][ T9290] random: crng reseeded on system resumption [ 249.379911][ T9300] netlink: 28 bytes leftover after parsing attributes in process `syz.0.763'. [ 251.335466][ T9334] input: f¬ as /devices/virtual/input/input34 [ 251.552324][ T9340] netlink: 28 bytes leftover after parsing attributes in process `syz.2.775'. [ 251.662791][ T9343] FAULT_INJECTION: forcing a failure. [ 251.662791][ T9343] name failslab, interval 1, probability 0, space 0, times 0 [ 251.708509][ T9343] CPU: 0 UID: 0 PID: 9343 Comm: syz.3.776 Tainted: G L syzkaller #0 PREEMPT(full) [ 251.708536][ T9343] Tainted: [L]=SOFTLOCKUP [ 251.708541][ T9343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 251.708550][ T9343] Call Trace: [ 251.708555][ T9343] [ 251.708561][ T9343] dump_stack_lvl+0x100/0x190 [ 251.708583][ T9343] should_fail_ex.cold+0x5/0xa [ 251.708602][ T9343] should_failslab+0xc2/0x120 [ 251.708620][ T9343] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 251.708643][ T9343] ? security_file_alloc+0x34/0x2c0 [ 251.708660][ T9343] ? trace_kmem_cache_alloc+0xd5/0x100 [ 251.708680][ T9343] security_file_alloc+0x34/0x2c0 [ 251.708697][ T9343] init_file+0x95/0x480 [ 251.708717][ T9343] alloc_empty_file+0x79/0x1c0 [ 251.708738][ T9343] path_openat+0xe8/0x31a0 [ 251.708754][ T9343] ? kasan_save_stack+0x3f/0x50 [ 251.708768][ T9343] ? kasan_save_stack+0x30/0x50 [ 251.708780][ T9343] ? kasan_save_track+0x14/0x30 [ 251.708793][ T9343] ? __kasan_slab_alloc+0x89/0x90 [ 251.708807][ T9343] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 251.708829][ T9343] ? do_getname+0x35/0x390 [ 251.708856][ T9343] ? do_sys_openat2+0xc5/0x1e0 [ 251.708877][ T9343] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.708895][ T9343] ? __pfx_path_openat+0x10/0x10 [ 251.708923][ T9343] do_file_open+0x20e/0x430 [ 251.708942][ T9343] ? __pfx_do_file_open+0x10/0x10 [ 251.708973][ T9343] ? alloc_fd+0x476/0x790 [ 251.708991][ T9343] ? do_getname+0x191/0x390 [ 251.709013][ T9343] do_sys_openat2+0x10d/0x1e0 [ 251.709034][ T9343] ? __pfx_do_sys_openat2+0x10/0x10 [ 251.709062][ T9343] __x64_sys_openat+0x12d/0x210 [ 251.709084][ T9343] ? __pfx___x64_sys_openat+0x10/0x10 [ 251.709105][ T9343] ? ksys_write+0x1ac/0x250 [ 251.709123][ T9343] ? rcu_is_watching+0x12/0xc0 [ 251.709143][ T9343] do_syscall_64+0x10b/0xf80 [ 251.709164][ T9343] ? clear_bhb_loop+0x40/0x90 [ 251.709181][ T9343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.709196][ T9343] RIP: 0033:0x7f985079cdd9 [ 251.709209][ T9343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 251.709223][ T9343] RSP: 002b:00007f98516b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 251.709237][ T9343] RAX: ffffffffffffffda RBX: 00007f9850a15fa0 RCX: 00007f985079cdd9 [ 251.709247][ T9343] RDX: 0000000000038000 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 251.709256][ T9343] RBP: 00007f9850832d69 R08: 0000000000000000 R09: 0000000000000000 [ 251.709265][ T9343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 251.709273][ T9343] R13: 00007f9850a16038 R14: 00007f9850a15fa0 R15: 00007ffe09aeaad8 [ 251.709292][ T9343] [ 252.900886][ T9353] random: crng reseeded on system resumption [ 253.104498][ T9363] FAULT_INJECTION: forcing a failure. [ 253.104498][ T9363] name failslab, interval 1, probability 0, space 0, times 0 [ 253.186362][ T9363] CPU: 0 UID: 0 PID: 9363 Comm: syz.3.781 Tainted: G L syzkaller #0 PREEMPT(full) [ 253.186388][ T9363] Tainted: [L]=SOFTLOCKUP [ 253.186393][ T9363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 253.186401][ T9363] Call Trace: [ 253.186406][ T9363] [ 253.186411][ T9363] dump_stack_lvl+0x100/0x190 [ 253.186432][ T9363] should_fail_ex.cold+0x5/0xa [ 253.186451][ T9363] ? tomoyo_realpath_from_path+0xb6/0x690 [ 253.186470][ T9363] should_failslab+0xc2/0x120 [ 253.186487][ T9363] __kmalloc_noprof+0xe0/0x850 [ 253.186499][ T9363] ? kfree+0x1dd/0x6c0 [ 253.186522][ T9363] tomoyo_realpath_from_path+0xb6/0x690 [ 253.186544][ T9363] tomoyo_path_number_perm+0x23c/0x580 [ 253.186558][ T9363] ? tomoyo_path_number_perm+0x22e/0x580 [ 253.186575][ T9363] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 253.186608][ T9363] ? find_held_lock+0x2b/0x80 [ 253.186626][ T9363] ? __fget_files+0x215/0x3d0 [ 253.186642][ T9363] ? hook_file_ioctl_common+0x149/0x410 [ 253.186657][ T9363] ? __fget_files+0x215/0x3d0 [ 253.186684][ T9363] ? __fget_files+0x21f/0x3d0 [ 253.186704][ T9363] security_file_ioctl+0xd3/0x230 [ 253.186720][ T9363] __x64_sys_ioctl+0xb7/0x210 [ 253.186736][ T9363] do_syscall_64+0x10b/0xf80 [ 253.186756][ T9363] ? clear_bhb_loop+0x40/0x90 [ 253.186774][ T9363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.186788][ T9363] RIP: 0033:0x7f985079cdd9 [ 253.186801][ T9363] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 253.186814][ T9363] RSP: 002b:00007f9851692028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 253.186828][ T9363] RAX: ffffffffffffffda RBX: 00007f9850a16090 RCX: 00007f985079cdd9 [ 253.186838][ T9363] RDX: 0000000000000000 RSI: 0000000080089203 RDI: 0000000000000004 [ 253.186846][ T9363] RBP: 00007f9851692090 R08: 0000000000000000 R09: 0000000000000000 [ 253.186854][ T9363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 253.186862][ T9363] R13: 00007f9850a16128 R14: 00007f9850a16090 R15: 00007ffe09aeaad8 [ 253.186881][ T9363] [ 253.186886][ T9363] ERROR: Out of memory at tomoyo_realpath_from_path. [ 254.003113][ T9382] ubi0: attaching mtd0 [ 254.041949][ T9382] ubi0: scanning is finished [ 254.061213][ T9382] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 254.289415][ T9382] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 254.371098][ T9394] netlink: 8 bytes leftover after parsing attributes in process `syz.1.788'. [ 255.360981][ T9415] netlink: 8 bytes leftover after parsing attributes in process `syz.1.791'. [ 255.711277][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.723646][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.900287][ T9422] netlink: 'syz.1.793': attribute type 9 has an invalid length. [ 255.984105][ T9431] netlink: 342 bytes leftover after parsing attributes in process `syz.3.794'. [ 256.589411][ T9449] FAULT_INJECTION: forcing a failure. [ 256.589411][ T9449] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 256.661284][ T9449] CPU: 0 UID: 0 PID: 9449 Comm: syz.2.799 Tainted: G L syzkaller #0 PREEMPT(full) [ 256.661309][ T9449] Tainted: [L]=SOFTLOCKUP [ 256.661314][ T9449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 256.661323][ T9449] Call Trace: [ 256.661328][ T9449] [ 256.661333][ T9449] dump_stack_lvl+0x100/0x190 [ 256.661354][ T9449] should_fail_ex.cold+0x5/0xa [ 256.661372][ T9449] _copy_from_iter+0x1f4/0x1690 [ 256.661390][ T9449] ? __asan_memset+0x23/0x50 [ 256.661413][ T9449] ? __pfx__copy_from_iter+0x10/0x10 [ 256.661427][ T9449] ? __pfx___alloc_skb+0x10/0x10 [ 256.661452][ T9449] netlink_sendmsg+0x808/0xda0 [ 256.661476][ T9449] ? __pfx_netlink_sendmsg+0x10/0x10 [ 256.661495][ T9449] ? __import_iovec+0x1d2/0x640 [ 256.661512][ T9449] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 256.661537][ T9449] ____sys_sendmsg+0x9e1/0xb70 [ 256.661556][ T9449] ? __pfx_netlink_sendmsg+0x10/0x10 [ 256.661577][ T9449] ? __pfx_____sys_sendmsg+0x10/0x10 [ 256.661605][ T9449] ___sys_sendmsg+0x190/0x1e0 [ 256.661632][ T9449] ? __pfx____sys_sendmsg+0x10/0x10 [ 256.661674][ T9449] __sys_sendmsg+0x170/0x220 [ 256.661691][ T9449] ? __pfx___sys_sendmsg+0x10/0x10 [ 256.661714][ T9449] ? rcu_is_watching+0x12/0xc0 [ 256.661738][ T9449] do_syscall_64+0x10b/0xf80 [ 256.661768][ T9449] ? clear_bhb_loop+0x40/0x90 [ 256.661786][ T9449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.661801][ T9449] RIP: 0033:0x7f638b39cdd9 [ 256.661813][ T9449] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 256.661826][ T9449] RSP: 002b:00007f638c2c9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 256.661840][ T9449] RAX: ffffffffffffffda RBX: 00007f638b615fa0 RCX: 00007f638b39cdd9 [ 256.661850][ T9449] RDX: 0000000000000080 RSI: 0000200000001780 RDI: 0000000000000003 [ 256.661858][ T9449] RBP: 00007f638c2c9090 R08: 0000000000000000 R09: 0000000000000000 [ 256.661866][ T9449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 256.661875][ T9449] R13: 00007f638b616038 R14: 00007f638b615fa0 R15: 00007ffe81a26598 [ 256.661893][ T9449] [ 257.279807][ T9457] FAULT_INJECTION: forcing a failure. [ 257.279807][ T9457] name failslab, interval 1, probability 0, space 0, times 0 [ 257.320485][ T9457] CPU: 0 UID: 0 PID: 9457 Comm: syz.2.801 Tainted: G L syzkaller #0 PREEMPT(full) [ 257.320511][ T9457] Tainted: [L]=SOFTLOCKUP [ 257.320516][ T9457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 257.320525][ T9457] Call Trace: [ 257.320530][ T9457] [ 257.320536][ T9457] dump_stack_lvl+0x100/0x190 [ 257.320568][ T9457] should_fail_ex.cold+0x5/0xa [ 257.320588][ T9457] should_failslab+0xc2/0x120 [ 257.320605][ T9457] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 257.320629][ T9457] ? vm_area_alloc+0x1f/0x160 [ 257.320649][ T9457] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 257.320676][ T9457] vm_area_alloc+0x1f/0x160 [ 257.320696][ T9457] __mmap_region+0x104d/0x2da0 [ 257.320720][ T9457] ? kasan_save_stack+0x3f/0x50 [ 257.320733][ T9457] ? kasan_save_stack+0x30/0x50 [ 257.320747][ T9457] ? __pfx___mmap_region+0x10/0x10 [ 257.320779][ T9457] ? do_raw_spin_lock+0x128/0x260 [ 257.320799][ T9457] ? __lock_acquire+0x4a5/0x2630 [ 257.320814][ T9457] ? do_raw_spin_unlock+0x145/0x1e0 [ 257.320839][ T9457] ? find_held_lock+0x2b/0x80 [ 257.320858][ T9457] ? rcu_is_watching+0x12/0xc0 [ 257.320884][ T9457] ? mark_held_locks+0x40/0x70 [ 257.320897][ T9457] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 257.320940][ T9457] ? rcu_is_watching+0x12/0xc0 [ 257.320961][ T9457] mmap_region+0x35d/0x620 [ 257.320975][ T9457] ? rcu_is_watching+0x12/0xc0 [ 257.320992][ T9457] ? __pfx_mmap_region+0x10/0x10 [ 257.321008][ T9457] ? cap_mmap_addr+0x4b/0x120 [ 257.321029][ T9457] ? bpf_lsm_mmap_addr+0x9/0x30 [ 257.321042][ T9457] ? security_mmap_addr+0x71/0x1e0 [ 257.321059][ T9457] ? __get_unmapped_area+0x255/0x3e0 [ 257.321079][ T9457] do_mmap+0xc63/0x12f0 [ 257.321100][ T9457] ? __pfx_do_mmap+0x10/0x10 [ 257.321117][ T9457] ? __pfx_down_write_killable+0x10/0x10 [ 257.321136][ T9457] vm_mmap_pgoff+0x29e/0x470 [ 257.321158][ T9457] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 257.321177][ T9457] ? do_futex+0x192/0x350 [ 257.321194][ T9457] ? __pfx_do_futex+0x10/0x10 [ 257.321210][ T9457] ? fdget+0x18b/0x210 [ 257.321228][ T9457] ksys_mmap_pgoff+0xe4/0x610 [ 257.321246][ T9457] ? __x64_sys_futex+0x358/0x4d0 [ 257.321262][ T9457] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 257.321279][ T9457] ? xfd_validate_state+0x129/0x190 [ 257.321298][ T9457] __x64_sys_mmap+0x125/0x190 [ 257.321317][ T9457] do_syscall_64+0x10b/0xf80 [ 257.321337][ T9457] ? clear_bhb_loop+0x40/0x90 [ 257.321354][ T9457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.321368][ T9457] RIP: 0033:0x7f638b39cdd9 [ 257.321382][ T9457] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 257.321395][ T9457] RSP: 002b:00007f638c2a8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 257.321410][ T9457] RAX: ffffffffffffffda RBX: 00007f638b616090 RCX: 00007f638b39cdd9 [ 257.321420][ T9457] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 257.321429][ T9457] RBP: 00007f638b432d69 R08: fffffffffffffffa R09: 0000000000008000 [ 257.321438][ T9457] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 257.321447][ T9457] R13: 00007f638b616128 R14: 00007f638b616090 R15: 00007ffe81a26598 [ 257.321466][ T9457] [ 258.293142][ T29] audit: type=1800 audit(292.870:22): pid=9462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.798" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 258.467281][ T9460] netlink: 8 bytes leftover after parsing attributes in process `syz.3.803'. [ 259.182568][ T9481] netlink: 'syz.2.807': attribute type 2 has an invalid length. [ 259.431014][ T9487] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 259.472896][ T9487] capability: warning: `syz.2.809' uses 32-bit capabilities (legacy support in use) [ 260.128952][ T9497] netlink: 8 bytes leftover after parsing attributes in process `syz.1.813'. [ 260.159713][ T9499] ubi0: attaching mtd0 [ 260.179987][ T9499] ubi0: scanning is finished [ 260.205235][ T9499] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 260.587584][ T9499] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 260.673010][ T9495] ubi0: attaching mtd0 [ 260.789753][ T9495] ubi0: scanning is finished [ 260.809807][ T9495] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 260.916563][ T9495] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 263.929508][ T9571] FAULT_INJECTION: forcing a failure. [ 263.929508][ T9571] name failslab, interval 1, probability 0, space 0, times 0 [ 264.170539][ T9571] CPU: 0 UID: 0 PID: 9571 Comm: syz.1.824 Tainted: G L syzkaller #0 PREEMPT(full) [ 264.170566][ T9571] Tainted: [L]=SOFTLOCKUP [ 264.170571][ T9571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 264.170580][ T9571] Call Trace: [ 264.170585][ T9571] [ 264.170591][ T9571] dump_stack_lvl+0x100/0x190 [ 264.170612][ T9571] should_fail_ex.cold+0x5/0xa [ 264.170633][ T9571] should_failslab+0xc2/0x120 [ 264.170650][ T9571] __kmalloc_cache_noprof+0x7a/0x6f0 [ 264.170677][ T9571] ? assoc_array_delete+0x101/0xd10 [ 264.170698][ T9571] ? __lock_acquire+0x4a5/0x2630 [ 264.170715][ T9571] assoc_array_delete+0x101/0xd10 [ 264.170741][ T9571] ? __pfx_assoc_array_delete+0x10/0x10 [ 264.170768][ T9571] ? __pfx_down_write+0x10/0x10 [ 264.170787][ T9571] key_unlink+0xbc/0x310 [ 264.170805][ T9571] ? __pfx_key_unlink+0x10/0x10 [ 264.170824][ T9571] ? xfd_validate_state+0x129/0x190 [ 264.170838][ T9571] ? ksys_write+0x1ac/0x250 [ 264.170857][ T9571] keyctl_keyring_unlink+0xdc/0x1b0 [ 264.170879][ T9571] __do_sys_keyctl+0x3dd/0x5a0 [ 264.170894][ T9571] do_syscall_64+0x10b/0xf80 [ 264.170913][ T9571] ? clear_bhb_loop+0x40/0x90 [ 264.170930][ T9571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.170946][ T9571] RIP: 0033:0x7f192a39cdd9 [ 264.170958][ T9571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 264.170972][ T9571] RSP: 002b:00007f19285f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 264.170986][ T9571] RAX: ffffffffffffffda RBX: 00007f192a615fa0 RCX: 00007f192a39cdd9 [ 264.170996][ T9571] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000009 [ 264.171005][ T9571] RBP: 00007f192a432d69 R08: 0000000000000008 R09: 0000000000000000 [ 264.171013][ T9571] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 264.171022][ T9571] R13: 00007f192a616038 R14: 00007f192a615fa0 R15: 00007fff13519d48 [ 264.171042][ T9571] [ 264.673417][ T9597] ubi0: attaching mtd0 [ 264.716587][ T9597] ubi0: scanning is finished [ 264.803371][ T9597] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 265.267434][ T9597] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 266.008967][ T9611] netlink: 5 bytes leftover after parsing attributes in process `syz.0.830'. [ 266.562742][ T9635] input: f¬ as /devices/virtual/input/input35 [ 266.902479][ T9645] ubi0: attaching mtd0 [ 266.938129][ T9645] ubi0: scanning is finished [ 266.959970][ T9645] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 266.976002][ T9647] netlink: 8 bytes leftover after parsing attributes in process `syz.2.840'. [ 267.007572][ T9647] FAULT_INJECTION: forcing a failure. [ 267.007572][ T9647] name failslab, interval 1, probability 0, space 0, times 0 [ 267.051230][ T9647] CPU: 0 UID: 0 PID: 9647 Comm: syz.2.840 Tainted: G L syzkaller #0 PREEMPT(full) [ 267.051254][ T9647] Tainted: [L]=SOFTLOCKUP [ 267.051260][ T9647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 267.051268][ T9647] Call Trace: [ 267.051273][ T9647] [ 267.051279][ T9647] dump_stack_lvl+0x100/0x190 [ 267.051300][ T9647] should_fail_ex.cold+0x5/0xa [ 267.051319][ T9647] should_failslab+0xc2/0x120 [ 267.051336][ T9647] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 267.051359][ T9647] ? skb_clone+0x190/0x400 [ 267.051384][ T9647] skb_clone+0x190/0x400 [ 267.051401][ T9647] netlink_deliver_tap+0xaed/0xcc0 [ 267.051425][ T9647] netlink_dump+0x909/0xd00 [ 267.051446][ T9647] ? __pfx_netlink_dump+0x10/0x10 [ 267.051471][ T9647] ? __asan_memset+0x23/0x50 [ 267.051492][ T9647] ? genl_start+0x67a/0x970 [ 267.051515][ T9647] __netlink_dump_start+0x6d6/0x990 [ 267.051537][ T9647] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 267.051561][ T9647] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 267.051588][ T9647] ? rcu_is_watching+0x12/0xc0 [ 267.051606][ T9647] ? __pfx_genl_start+0x10/0x10 [ 267.051626][ T9647] ? __pfx_genl_dumpit+0x10/0x10 [ 267.051646][ T9647] ? __pfx_genl_done+0x10/0x10 [ 267.051667][ T9647] ? bpf_lsm_capable+0x9/0x10 [ 267.051684][ T9647] ? security_capable+0x80/0x260 [ 267.051706][ T9647] ? ns_capable+0xd2/0xf0 [ 267.051725][ T9647] genl_rcv_msg+0x471/0x800 [ 267.051750][ T9647] ? __pfx_genl_rcv_msg+0x10/0x10 [ 267.051772][ T9647] ? __pfx_nl80211_vendor_cmd_dump+0x10/0x10 [ 267.051802][ T9647] netlink_rcv_skb+0x159/0x420 [ 267.051822][ T9647] ? __pfx_genl_rcv_msg+0x10/0x10 [ 267.051845][ T9647] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 267.051872][ T9647] ? rcu_is_watching+0x12/0xc0 [ 267.051892][ T9647] genl_rcv+0x28/0x40 [ 267.051912][ T9647] netlink_unicast+0x585/0x850 [ 267.051935][ T9647] ? __pfx_netlink_unicast+0x10/0x10 [ 267.051960][ T9647] netlink_sendmsg+0x8b0/0xda0 [ 267.051983][ T9647] ? __pfx_netlink_sendmsg+0x10/0x10 [ 267.052002][ T9647] ? __import_iovec+0x1d2/0x640 [ 267.052019][ T9647] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 267.052045][ T9647] ____sys_sendmsg+0x9e1/0xb70 [ 267.052064][ T9647] ? __pfx_netlink_sendmsg+0x10/0x10 [ 267.052085][ T9647] ? __pfx_____sys_sendmsg+0x10/0x10 [ 267.052114][ T9647] ___sys_sendmsg+0x190/0x1e0 [ 267.052136][ T9647] ? __pfx____sys_sendmsg+0x10/0x10 [ 267.052182][ T9647] __sys_sendmsg+0x170/0x220 [ 267.052199][ T9647] ? __pfx___sys_sendmsg+0x10/0x10 [ 267.052223][ T9647] ? rcu_is_watching+0x12/0xc0 [ 267.052242][ T9647] do_syscall_64+0x10b/0xf80 [ 267.052262][ T9647] ? clear_bhb_loop+0x40/0x90 [ 267.052280][ T9647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.052294][ T9647] RIP: 0033:0x7f638b39cdd9 [ 267.052307][ T9647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 267.052320][ T9647] RSP: 002b:00007f638c2c9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 267.052334][ T9647] RAX: ffffffffffffffda RBX: 00007f638b615fa0 RCX: 00007f638b39cdd9 [ 267.052344][ T9647] RDX: 0000000000000080 RSI: 0000200000001780 RDI: 0000000000000003 [ 267.052352][ T9647] RBP: 00007f638c2c9090 R08: 0000000000000000 R09: 0000000000000000 [ 267.052361][ T9647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 267.052373][ T9647] R13: 00007f638b616038 R14: 00007f638b615fa0 R15: 00007ffe81a26598 [ 267.052392][ T9647] [ 268.197073][ T9645] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 268.377528][ T9658] netlink: 'syz.3.843': attribute type 22 has an invalid length. [ 268.402640][ T9658] netlink: 330 bytes leftover after parsing attributes in process `syz.3.843'. [ 268.564216][ T9660] netlink: 28 bytes leftover after parsing attributes in process `syz.3.843'. [ 268.604747][ T9660] macvlan0: entered promiscuous mode [ 268.632336][ T9660] macvlan0: entered allmulticast mode [ 268.683825][ T9660] veth1_vlan: entered allmulticast mode [ 268.859523][ T9668] random: crng reseeded on system resumption [ 269.593333][ T9688] input: f¬ as /devices/virtual/input/input36 [ 270.640254][ T9714] kafs: addr_prefs: Invalid Command [ 270.869163][ T9693] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 270.892766][ T9693] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 270.911329][ T9693] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 270.930358][ T9693] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 272.346548][ T49] Bluetooth: hci0: command 0x0c1a tx timeout [ 272.905798][ T49] Bluetooth: hci1: command 0x0c1a tx timeout [ 272.987133][ T49] Bluetooth: hci3: command 0x0c1a tx timeout [ 272.993772][ T4946] Bluetooth: hci2: command 0x0c1a tx timeout [ 273.352350][ T9764] ubi0: attaching mtd0 [ 273.370688][ T9764] ubi0: scanning is finished [ 273.395157][ T9764] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 273.667850][ T9764] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 274.741357][ T9793] input: f¬ as /devices/virtual/input/input37 [ 275.427755][ T9805] random: crng reseeded on system resumption [ 275.939875][ T4946] Bluetooth: hci0: unexpected event 0x01 length: 124 > 1 [ 276.230047][ T9821] ubi0: attaching mtd0 [ 276.416540][ T9821] ubi0: scanning is finished [ 276.473090][ T9821] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 276.821838][ T9821] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 277.629881][ T9851] input: f¬ as /devices/virtual/input/input38 [ 277.831382][ T9854] random: crng reseeded on system resumption [ 279.011795][ T9881] ubi0: attaching mtd0 [ 279.044535][ T9881] ubi0: scanning is finished [ 279.077569][ T9881] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 279.313017][ T9881] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 279.661007][ T9897] netlink: 'syz.1.894': attribute type 22 has an invalid length. [ 279.708721][ T9897] netlink: 330 bytes leftover after parsing attributes in process `syz.1.894'. [ 279.943061][ T9897] netlink: 28 bytes leftover after parsing attributes in process `syz.1.894'. [ 280.166608][ T9897] macvlan0: entered promiscuous mode [ 280.193294][ T9897] macvlan0: entered allmulticast mode [ 280.212876][ T9897] veth1_vlan: entered allmulticast mode [ 280.478300][ T9909] netlink: 8 bytes leftover after parsing attributes in process `syz.1.897'. [ 281.044835][ T9926] FAULT_INJECTION: forcing a failure. [ 281.044835][ T9926] name failslab, interval 1, probability 0, space 0, times 0 [ 281.102268][ T9926] CPU: 0 UID: 0 PID: 9926 Comm: syz.1.902 Tainted: G L syzkaller #0 PREEMPT(full) [ 281.102293][ T9926] Tainted: [L]=SOFTLOCKUP [ 281.102299][ T9926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 281.102307][ T9926] Call Trace: [ 281.102312][ T9926] [ 281.102318][ T9926] dump_stack_lvl+0x100/0x190 [ 281.102339][ T9926] should_fail_ex.cold+0x5/0xa [ 281.102358][ T9926] ? tomoyo_realpath_from_path+0xb6/0x690 [ 281.102377][ T9926] should_failslab+0xc2/0x120 [ 281.102394][ T9926] __kmalloc_noprof+0xe0/0x850 [ 281.102407][ T9926] ? kfree+0x1dd/0x6c0 [ 281.102430][ T9926] tomoyo_realpath_from_path+0xb6/0x690 [ 281.102452][ T9926] tomoyo_path_number_perm+0x23c/0x580 [ 281.102466][ T9926] ? tomoyo_path_number_perm+0x22e/0x580 [ 281.102483][ T9926] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 281.102517][ T9926] ? find_held_lock+0x2b/0x80 [ 281.102542][ T9926] ? __fget_files+0x215/0x3d0 [ 281.102558][ T9926] ? hook_file_ioctl_common+0x149/0x410 [ 281.102576][ T9926] ? __fget_files+0x215/0x3d0 [ 281.102596][ T9926] ? __fget_files+0x21f/0x3d0 [ 281.102615][ T9926] security_file_ioctl+0xd3/0x230 [ 281.102632][ T9926] __x64_sys_ioctl+0xb7/0x210 [ 281.102648][ T9926] do_syscall_64+0x10b/0xf80 [ 281.102669][ T9926] ? clear_bhb_loop+0x40/0x90 [ 281.102687][ T9926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.102702][ T9926] RIP: 0033:0x7f192a39cdd9 [ 281.102714][ T9926] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 281.102728][ T9926] RSP: 002b:00007f19285f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 281.102743][ T9926] RAX: ffffffffffffffda RBX: 00007f192a615fa0 RCX: 00007f192a39cdd9 [ 281.102752][ T9926] RDX: 0000200000000000 RSI: 0000000040345410 RDI: 0000000000000003 [ 281.102761][ T9926] RBP: 00007f19285f6090 R08: 0000000000000000 R09: 0000000000000000 [ 281.102770][ T9926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 281.102778][ T9926] R13: 00007f192a616038 R14: 00007f192a615fa0 R15: 00007fff13519d48 [ 281.102797][ T9926] [ 281.105061][ T9926] ERROR: Out of memory at tomoyo_realpath_from_path. [ 282.202508][ T9962] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 282.930698][ T9976] netlink: 8 bytes leftover after parsing attributes in process `syz.3.915'. [ 283.483525][ T9985] FAULT_INJECTION: forcing a failure. [ 283.483525][ T9985] name failslab, interval 1, probability 0, space 0, times 0 [ 283.643330][ T9985] CPU: 0 UID: 0 PID: 9985 Comm: syz.3.917 Tainted: G L syzkaller #0 PREEMPT(full) [ 283.643358][ T9985] Tainted: [L]=SOFTLOCKUP [ 283.643363][ T9985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 283.643373][ T9985] Call Trace: [ 283.643380][ T9985] [ 283.643386][ T9985] dump_stack_lvl+0x100/0x190 [ 283.643409][ T9985] should_fail_ex.cold+0x5/0xa [ 283.643430][ T9985] should_failslab+0xc2/0x120 [ 283.643449][ T9985] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 283.643466][ T9985] ? landlock_restrict_sibling_threads+0x4f5/0x1490 [ 283.643491][ T9985] krealloc_node_align_noprof+0x321/0x3e0 [ 283.643510][ T9985] landlock_restrict_sibling_threads+0x4f5/0x1490 [ 283.643536][ T9985] ? __pfx_landlock_restrict_sibling_threads+0x10/0x10 [ 283.643557][ T9985] ? rcu_is_watching+0x12/0xc0 [ 283.643592][ T9985] ? __pfx___might_resched+0x10/0x10 [ 283.643611][ T9985] ? landlock_merge_ruleset+0x213/0x830 [ 283.643633][ T9985] __do_sys_landlock_restrict_self+0x5d2/0x9e0 [ 283.643660][ T9985] do_syscall_64+0x10b/0xf80 [ 283.643682][ T9985] ? clear_bhb_loop+0x40/0x90 [ 283.643701][ T9985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.643717][ T9985] RIP: 0033:0x7f985079cdd9 [ 283.643737][ T9985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 283.643753][ T9985] RSP: 002b:00007f9851671028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 283.643769][ T9985] RAX: ffffffffffffffda RBX: 00007f9850a16180 RCX: 00007f985079cdd9 [ 283.643780][ T9985] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000006 [ 283.643790][ T9985] RBP: 00007f9850832d69 R08: 0000000000000000 R09: 0000000000000000 [ 283.643799][ T9985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.643809][ T9985] R13: 00007f9850a16218 R14: 00007f9850a16180 R15: 00007ffe09aeaad8 [ 283.643829][ T9985] [ 284.069238][ T9991] ecryptfs_miscdev_write: Invalid packet size [0] [ 286.276823][ T4946] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 syzkaller syzkaller login: [ 287.832223][T10067] input: f¬ as /devices/virtual/input/input39 [ 287.988791][T10071] netlink: 330 bytes leftover after parsing attributes in process `syz.0.932'. [ 288.348263][ T49] Bluetooth: hci3: command 0x0c1a tx timeout [ 290.431348][ T4946] Bluetooth: hci3: command 0x0c1a tx timeout [ 290.937049][T10129] input: f¬ as /devices/virtual/input/input40 [ 292.228360][T10165] random: crng reseeded on system resumption [ 292.486210][T10175] netlink: 8 bytes leftover after parsing attributes in process `syz.3.960'. [ 294.917305][T10234] FAULT_INJECTION: forcing a failure. [ 294.917305][T10234] name failslab, interval 1, probability 0, space 0, times 0 [ 295.011532][T10234] CPU: 0 UID: 0 PID: 10234 Comm: syz.1.977 Tainted: G L syzkaller #0 PREEMPT(full) [ 295.011559][T10234] Tainted: [L]=SOFTLOCKUP [ 295.011565][T10234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 295.011574][T10234] Call Trace: [ 295.011580][T10234] [ 295.011586][T10234] dump_stack_lvl+0x100/0x190 [ 295.011608][T10234] should_fail_ex.cold+0x5/0xa [ 295.011654][T10234] should_failslab+0xc2/0x120 [ 295.011673][T10234] __kmalloc_cache_noprof+0x7a/0x6f0 [ 295.011694][T10234] ? vb2_vmalloc_alloc+0xf9/0x410 [ 295.011711][T10234] ? trace_kmalloc+0xe3/0x110 [ 295.011727][T10234] ? __kasan_kmalloc+0xaa/0xb0 [ 295.011744][T10234] vb2_vmalloc_alloc+0xf9/0x410 [ 295.011761][T10234] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 295.011781][T10234] __vb2_queue_alloc+0x8d5/0x1160 [ 295.011808][T10234] vb2_core_reqbufs+0x899/0xf30 [ 295.011829][T10234] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 295.011857][T10234] __vb2_init_fileio+0x32d/0x1000 [ 295.011874][T10234] ? aa_file_perm+0x7f3/0x14d0 [ 295.011901][T10234] __vb2_perform_fileio+0x91e/0x1380 [ 295.011924][T10234] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 295.011942][T10234] ? __pfx___might_resched+0x10/0x10 [ 295.011964][T10234] vb2_fop_read+0x211/0x520 [ 295.011984][T10234] v4l2_read+0x229/0x2c0 [ 295.011999][T10234] ? __pfx_v4l2_read+0x10/0x10 [ 295.012014][T10234] vfs_read+0x1e4/0xb30 [ 295.012033][T10234] ? __pfx_vfs_read+0x10/0x10 [ 295.012048][T10234] ? find_held_lock+0x2b/0x80 [ 295.012066][T10234] ? __fget_files+0x215/0x3d0 [ 295.012082][T10234] ? __fget_files+0x215/0x3d0 [ 295.012102][T10234] ? __fget_files+0x21f/0x3d0 [ 295.012123][T10234] ksys_read+0x12a/0x250 [ 295.012139][T10234] ? __pfx_ksys_read+0x10/0x10 [ 295.012157][T10234] ? rcu_is_watching+0x12/0xc0 [ 295.012177][T10234] do_syscall_64+0x10b/0xf80 [ 295.012197][T10234] ? clear_bhb_loop+0x40/0x90 [ 295.012215][T10234] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.012230][T10234] RIP: 0033:0x7f192a39cdd9 [ 295.012244][T10234] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 295.012258][T10234] RSP: 002b:00007f19285d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 295.012272][T10234] RAX: ffffffffffffffda RBX: 00007f192a616090 RCX: 00007f192a39cdd9 [ 295.012282][T10234] RDX: 0000000000000028 RSI: 0000200000000280 RDI: 0000000000000005 [ 295.012292][T10234] RBP: 00007f192a432d69 R08: 0000000000000000 R09: 0000000000000000 [ 295.012301][T10234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 295.012309][T10234] R13: 00007f192a616128 R14: 00007f192a616090 R15: 00007fff13519d48 [ 295.012329][T10234] [ 296.651697][T10272] random: crng reseeded on system resumption [ 297.714746][T10299] netlink: 8 bytes leftover after parsing attributes in process `syz.2.990'. [ 298.311527][T10304] random: crng reseeded on system resumption [ 299.694687][T10320] input: f¬ as /devices/virtual/input/input41 [ 301.102386][T10349] random: crng reseeded on system resumption [ 305.102817][T10433] input: f¬ as /devices/virtual/input/input42 [ 309.095192][T10521] FAULT_INJECTION: forcing a failure. [ 309.095192][T10521] name failslab, interval 1, probability 0, space 0, times 0 [ 309.123869][T10521] CPU: 0 UID: 0 PID: 10521 Comm: syz.1.1037 Tainted: G L syzkaller #0 PREEMPT(full) [ 309.123899][T10521] Tainted: [L]=SOFTLOCKUP [ 309.123906][T10521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 309.123920][T10521] Call Trace: [ 309.123925][T10521] [ 309.123932][T10521] dump_stack_lvl+0x100/0x190 [ 309.123956][T10521] should_fail_ex.cold+0x5/0xa [ 309.123978][T10521] should_failslab+0xc2/0x120 [ 309.123996][T10521] __kmalloc_cache_noprof+0x7a/0x6f0 [ 309.124018][T10521] ? mem_cgroup_css_online+0x155/0xbf0 [ 309.124045][T10521] mem_cgroup_css_online+0x155/0xbf0 [ 309.124070][T10521] ? __pfx_mem_cgroup_css_online+0x10/0x10 [ 309.124093][T10521] online_css+0xb2/0x350 [ 309.124111][T10521] cgroup_apply_control_enable+0xa8d/0xdd0 [ 309.124138][T10521] cgroup_mkdir+0x59c/0x1310 [ 309.124162][T10521] ? __pfx_cgroup_mkdir+0x10/0x10 [ 309.124183][T10521] kernfs_iop_mkdir+0x111/0x190 [ 309.124201][T10521] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 309.124223][T10521] vfs_mkdir+0x361/0x850 [ 309.124240][T10521] filename_mkdirat+0x48b/0x5e0 [ 309.124261][T10521] ? __pfx_filename_mkdirat+0x10/0x10 [ 309.124281][T10521] ? strncpy_from_user+0x19d/0x2d0 [ 309.124299][T10521] ? do_getname+0x191/0x390 [ 309.124337][T10521] __x64_sys_mkdir+0x6b/0x90 [ 309.124357][T10521] do_syscall_64+0x10b/0xf80 [ 309.124379][T10521] ? clear_bhb_loop+0x40/0x90 [ 309.124396][T10521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.124412][T10521] RIP: 0033:0x7f192a39cdd9 [ 309.124426][T10521] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 309.124440][T10521] RSP: 002b:00007f19285f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 309.124457][T10521] RAX: ffffffffffffffda RBX: 00007f192a615fa0 RCX: 00007f192a39cdd9 [ 309.124468][T10521] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 309.124478][T10521] RBP: 00007f192a432d69 R08: 0000000000000000 R09: 0000000000000000 [ 309.124487][T10521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 309.124496][T10521] R13: 00007f192a616038 R14: 00007f192a615fa0 R15: 00007fff13519d48 [ 309.124517][T10521] [ 309.664661][T10532] input: f¬ as /devices/virtual/input/input43 [ 310.244094][T10542] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1042'. [ 311.602721][T10569] syz.2.1047 (10569): attempted to duplicate a private mapping with mremap. This is not supported. [ 311.721912][T10567] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1047'. [ 312.152091][T10585] random: crng reseeded on system resumption [ 315.016598][T10650] input: f¬ as /devices/virtual/input/input44 [ 315.290471][T10661] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1067'. [ 317.150799][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.159780][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.719367][T10721] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1081'. [ 317.763729][T10724] random: crng reseeded on system resumption [ 319.673114][T10758] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 319.972631][T10770] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1094'. [ 320.273848][T10782] nbd: must specify at least one socket [ 321.746236][T10816] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 322.278597][T10823] netlink: 62 bytes leftover after parsing attributes in process `syz.2.1107'. [ 323.008174][T10846] random: crng reseeded on system resumption [ 323.224746][T10842] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 323.224746][T10842] The task syz.3.1112 (10842) triggered the difference, watch for misbehavior. [ 324.158166][ T29] audit: type=1800 audit(4156.040:23): pid=10867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1118" name="error_log" dev="tracefs" ino=3189 res=0 errno=0 [ 326.127149][ T49] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 326.134683][ T49] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff [ 328.399330][T10988] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 328.807944][T10999] random: crng reseeded on system resumption [ 329.652363][T11013] can: request_module (can-proto-5) failed. [ 330.249803][T11040] input: f¬ as /devices/virtual/input/input46 [ 330.264288][T11021] netlink: 206 bytes leftover after parsing attributes in process `syz.2.1152'. [ 330.325249][T11038] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1152'. [ 330.817292][T11046] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1159'. [ 333.015698][T11106] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1172'. [ 333.380261][T11112] random: crng reseeded on system resumption [ 333.579443][T11115] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 335.375467][T11151] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1183'. [ 335.523659][T11151] bond0: (slave bond_slave_0): Releasing backup interface [ 336.652935][T11183] random: crng reseeded on system resumption [ 337.546263][T11200] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 338.034174][T11209] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1197'. [ 338.676080][T11232] random: crng reseeded on system resumption [ 338.741368][T11234] input: f¬ as /devices/virtual/input/input47 [ 339.115132][T11245] random: crng reseeded on system resumption [ 339.977314][ T4946] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 340.861624][T11271] zswap: compressor not available [ 341.071512][T11265] random: crng reseeded on system resumption [ 342.025747][ T49] Bluetooth: hci0: command 0x0c1a tx timeout [ 342.351846][T11313] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1220'. [ 343.558060][T11331] zswap: compressor not available [ 343.708171][T11342] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 344.109246][ T4946] Bluetooth: hci0: command 0x0c1a tx timeout [ 345.642632][T11371] zswap: compressor not available [ 346.652574][T11391] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 347.882348][T11408] random: crng reseeded on system resumption [ 348.993331][T11415] FAULT_INJECTION: forcing a failure. [ 348.993331][T11415] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 349.053740][T11415] CPU: 0 UID: 0 PID: 11415 Comm: syz.1.1250 Tainted: G L syzkaller #0 PREEMPT(full) [ 349.053766][T11415] Tainted: [L]=SOFTLOCKUP [ 349.053771][T11415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 349.053781][T11415] Call Trace: [ 349.053787][T11415] [ 349.053793][T11415] dump_stack_lvl+0x100/0x190 [ 349.053815][T11415] should_fail_ex.cold+0x5/0xa [ 349.053834][T11415] _copy_to_user+0x32/0xd0 [ 349.053851][T11415] simple_read_from_buffer+0xcb/0x170 [ 349.053870][T11415] proc_fail_nth_read+0x1af/0x230 [ 349.053894][T11415] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 349.053917][T11415] ? rw_verify_area+0xce/0x6d0 [ 349.053932][T11415] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 349.053957][T11415] vfs_read+0x1e4/0xb30 [ 349.053976][T11415] ? __pfx_vfs_read+0x10/0x10 [ 349.053991][T11415] ? __fget_files+0x215/0x3d0 [ 349.054012][T11415] ? __fget_files+0x21f/0x3d0 [ 349.054034][T11415] ksys_read+0x12a/0x250 [ 349.054050][T11415] ? __pfx_ksys_read+0x10/0x10 [ 349.054067][T11415] ? rcu_is_watching+0x12/0xc0 [ 349.054088][T11415] do_syscall_64+0x10b/0xf80 [ 349.054109][T11415] ? clear_bhb_loop+0x40/0x90 [ 349.054127][T11415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.054142][T11415] RIP: 0033:0x7f192a35d60e [ 349.054154][T11415] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 349.054169][T11415] RSP: 002b:00007f19285f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 349.054184][T11415] RAX: ffffffffffffffda RBX: 00007f19285f66c0 RCX: 00007f192a35d60e [ 349.054193][T11415] RDX: 000000000000000f RSI: 00007f19285f60a0 RDI: 0000000000000004 [ 349.054202][T11415] RBP: 00007f19285f6090 R08: 0000000000000000 R09: 0000000000000000 [ 349.054210][T11415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 349.054218][T11415] R13: 00007f192a616038 R14: 00007f192a615fa0 R15: 00007fff13519d48 [ 349.054238][T11415] [ 349.497557][T11417] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1242'. [ 349.916177][T11426] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1244'. [ 350.065484][T11417] bond0: (slave bond_slave_0): Releasing backup interface [ 350.080076][T11417] bond_slave_0 (unregistering): left promiscuous mode [ 350.318236][T11434] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1246'. [ 351.452671][T11450] program syz.1.1248 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 351.940694][ T49] block nbd2: Receive control failed (result -32) [ 351.954726][ T29] audit: type=1800 audit(4183.830:24): pid=11449 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1248" name="discovery_nqn" dev="configfs" ino=38949 res=0 errno=0 [ 354.783736][T11521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1264'. [ 355.593262][T11538] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1268'. [ 355.673223][T11540] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1270'. [ 355.900776][T11544] random: crng reseeded on system resumption [ 359.536364][T11591] random: crng reseeded on system resumption [ 361.337712][T11612] input: f¬ as /devices/virtual/input/input48 [ 361.621591][T11617] ubi0: attaching mtd0 [ 361.665465][T11617] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 362.275762][T11627] FAULT_INJECTION: forcing a failure. [ 362.275762][T11627] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 362.360029][T11627] CPU: 0 UID: 0 PID: 11627 Comm: syz.1.1289 Tainted: G L syzkaller #0 PREEMPT(full) [ 362.360055][T11627] Tainted: [L]=SOFTLOCKUP [ 362.360060][T11627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 362.360069][T11627] Call Trace: [ 362.360074][T11627] [ 362.360080][T11627] dump_stack_lvl+0x100/0x190 [ 362.360102][T11627] should_fail_ex.cold+0x5/0xa [ 362.360121][T11627] _copy_from_iter+0x1f4/0x1690 [ 362.360139][T11627] ? __asan_memset+0x23/0x50 [ 362.360167][T11627] ? __pfx__copy_from_iter+0x10/0x10 [ 362.360181][T11627] ? __pfx___alloc_skb+0x10/0x10 [ 362.360204][T11627] netlink_sendmsg+0x808/0xda0 [ 362.360228][T11627] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.360247][T11627] ? __import_iovec+0x1d2/0x640 [ 362.360263][T11627] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 362.360289][T11627] ____sys_sendmsg+0x9e1/0xb70 [ 362.360308][T11627] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.360330][T11627] ? __pfx_____sys_sendmsg+0x10/0x10 [ 362.360358][T11627] ___sys_sendmsg+0x190/0x1e0 [ 362.360381][T11627] ? __pfx____sys_sendmsg+0x10/0x10 [ 362.360423][T11627] __sys_sendmsg+0x170/0x220 [ 362.360439][T11627] ? __pfx___sys_sendmsg+0x10/0x10 [ 362.360463][T11627] ? rcu_is_watching+0x12/0xc0 [ 362.360483][T11627] do_syscall_64+0x10b/0xf80 [ 362.360504][T11627] ? clear_bhb_loop+0x40/0x90 [ 362.360521][T11627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.360536][T11627] RIP: 0033:0x7f192a39cdd9 [ 362.360549][T11627] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 362.360563][T11627] RSP: 002b:00007f19285d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 362.360578][T11627] RAX: ffffffffffffffda RBX: 00007f192a616090 RCX: 00007f192a39cdd9 [ 362.360587][T11627] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000006 [ 362.360596][T11627] RBP: 00007f19285d5090 R08: 0000000000000000 R09: 0000000000000000 [ 362.360605][T11627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 362.360613][T11627] R13: 00007f192a616128 R14: 00007f192a616090 R15: 00007fff13519d48 [ 362.360632][T11627] [ 363.938771][T11644] random: crng reseeded on system resumption [ 365.667552][T11668] random: crng reseeded on system resumption [ 366.048061][T11677] FAULT_INJECTION: forcing a failure. [ 366.048061][T11677] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 366.124506][T11677] CPU: 0 UID: 0 PID: 11677 Comm: syz.3.1302 Tainted: G L syzkaller #0 PREEMPT(full) [ 366.124532][T11677] Tainted: [L]=SOFTLOCKUP [ 366.124537][T11677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 366.124546][T11677] Call Trace: [ 366.124551][T11677] [ 366.124556][T11677] dump_stack_lvl+0x100/0x190 [ 366.124578][T11677] should_fail_ex.cold+0x5/0xa [ 366.124597][T11677] _copy_from_user+0x2e/0xd0 [ 366.124612][T11677] copy_msghdr_from_user+0x9f/0x4f0 [ 366.124635][T11677] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 366.124659][T11677] ? rcu_is_watching+0x12/0xc0 [ 366.124677][T11677] ? ___sys_recvmsg+0x177/0x1a0 [ 366.124696][T11677] ? kfree+0x1dd/0x6c0 [ 366.124719][T11677] ___sys_recvmsg+0xdd/0x1a0 [ 366.124746][T11677] ? __pfx____sys_recvmsg+0x10/0x10 [ 366.124776][T11677] ? __pfx___might_resched+0x10/0x10 [ 366.124797][T11677] do_recvmmsg+0x301/0x760 [ 366.124820][T11677] ? __pfx_do_recvmmsg+0x10/0x10 [ 366.124840][T11677] ? ksys_write+0x190/0x250 [ 366.124860][T11677] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 366.124882][T11677] ? kernel_write+0x5e3/0x6c0 [ 366.124902][T11677] ? __fget_files+0x21f/0x3d0 [ 366.124923][T11677] __x64_sys_recvmmsg+0x22a/0x280 [ 366.124941][T11677] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 366.124960][T11677] ? rcu_is_watching+0x12/0xc0 [ 366.124979][T11677] do_syscall_64+0x10b/0xf80 [ 366.124999][T11677] ? clear_bhb_loop+0x40/0x90 [ 366.125017][T11677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.125032][T11677] RIP: 0033:0x7f985079cdd9 [ 366.125045][T11677] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 366.125059][T11677] RSP: 002b:00007f98516b3028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 366.125073][T11677] RAX: ffffffffffffffda RBX: 00007f9850a15fa0 RCX: 00007f985079cdd9 [ 366.125083][T11677] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 366.125091][T11677] RBP: 00007f98516b3090 R08: 0000000000000000 R09: 0000000000000000 [ 366.125100][T11677] R10: 00000000000004ff R11: 0000000000000246 R12: 0000000000000001 [ 366.125112][T11677] R13: 00007f9850a16038 R14: 00007f9850a15fa0 R15: 00007ffe09aeaad8 [ 366.125130][T11677] [ 369.401761][T11730] FAULT_INJECTION: forcing a failure. [ 369.401761][T11730] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 369.563650][T11730] CPU: 0 UID: 0 PID: 11730 Comm: syz.3.1313 Tainted: G L syzkaller #0 PREEMPT(full) [ 369.563676][T11730] Tainted: [L]=SOFTLOCKUP [ 369.563681][T11730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 369.563690][T11730] Call Trace: [ 369.563694][T11730] [ 369.563700][T11730] dump_stack_lvl+0x100/0x190 [ 369.563722][T11730] should_fail_ex.cold+0x5/0xa [ 369.563742][T11730] _copy_from_iter+0x1f4/0x1690 [ 369.563759][T11730] ? __asan_memset+0x23/0x50 [ 369.563782][T11730] ? __pfx__copy_from_iter+0x10/0x10 [ 369.563799][T11730] ? __pfx___alloc_skb+0x10/0x10 [ 369.563822][T11730] netlink_sendmsg+0x808/0xda0 [ 369.563846][T11730] ? __pfx_netlink_sendmsg+0x10/0x10 [ 369.563865][T11730] ? __import_iovec+0x1d2/0x640 [ 369.563881][T11730] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 369.563908][T11730] ____sys_sendmsg+0x9e1/0xb70 [ 369.563934][T11730] ? __pfx_netlink_sendmsg+0x10/0x10 [ 369.563956][T11730] ? __pfx_____sys_sendmsg+0x10/0x10 [ 369.563984][T11730] ___sys_sendmsg+0x190/0x1e0 [ 369.564006][T11730] ? __pfx____sys_sendmsg+0x10/0x10 [ 369.564048][T11730] __sys_sendmsg+0x170/0x220 [ 369.564065][T11730] ? __pfx___sys_sendmsg+0x10/0x10 [ 369.564088][T11730] ? rcu_is_watching+0x12/0xc0 [ 369.564108][T11730] do_syscall_64+0x10b/0xf80 [ 369.564130][T11730] ? clear_bhb_loop+0x40/0x90 [ 369.564147][T11730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.564162][T11730] RIP: 0033:0x7f985079cdd9 [ 369.564176][T11730] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 369.564190][T11730] RSP: 002b:00007f9851692028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 369.564204][T11730] RAX: ffffffffffffffda RBX: 00007f9850a16090 RCX: 00007f985079cdd9 [ 369.564214][T11730] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000006 [ 369.564223][T11730] RBP: 00007f9851692090 R08: 0000000000000000 R09: 0000000000000000 [ 369.564231][T11730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 369.564239][T11730] R13: 00007f9850a16128 R14: 00007f9850a16090 R15: 00007ffe09aeaad8 [ 369.564258][T11730] [ 371.131947][T11743] random: crng reseeded on system resumption [ 372.921962][ T4946] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 372.935849][ T4946] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 372.945351][ T4946] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 372.954424][ T4946] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 372.971895][ T4946] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 373.494496][ T7658] ------------[ cut here ]------------ [ 373.500108][ T7658] ODEBUG: free active (active state 0) object: ffff88807e7c9438 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 373.512926][ T7658] WARNING: lib/debugobjects.c:629 at debug_print_object+0x18e/0x2a0, CPU#0: syz.0.409/7658 [ 373.522980][ T7658] Modules linked in: [ 373.526902][ T7658] CPU: 0 UID: 0 PID: 7658 Comm: syz.0.409 Tainted: G L syzkaller #0 PREEMPT(full) [ 373.537757][ T7658] Tainted: [L]=SOFTLOCKUP [ 373.542060][ T7658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 373.552373][ T7658] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 373.558927][ T7658] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 52 a9 e2 0b 41 56 48 8b 14 dd c0 39 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 ac 25 d8 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 373.578771][ T7658] RSP: 0018:ffffc90004c076f8 EFLAGS: 00010246 [ 373.585629][ T7658] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 373.593590][ T7658] RDX: ffffffff8c1c3900 RSI: ffffffff8c1c3520 RDI: ffffffff90e29360 [ 373.601994][ T7658] RBP: 0000000000000001 R08: ffff88807e7c9438 R09: ffffffff8bb2b700 [ 373.610224][ T7658] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1c3520 [ 373.618265][ T7658] R13: ffffffff8bb2b740 R14: ffffffff8a92bd10 R15: ffffc90004c077f8 [ 373.626294][ T7658] FS: 0000000000000000(0000) GS:ffff888124377000(0000) knlGS:0000000000000000 [ 373.635222][ T7658] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 373.641848][ T7658] CR2: 00007f581c3b3e9c CR3: 000000005ec46000 CR4: 00000000003526f0 [ 373.649865][ T7658] Call Trace: [ 373.653144][ T7658] [ 373.656195][ T7658] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 373.661668][ T7658] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 373.667506][ T7658] debug_check_no_obj_freed+0x4da/0x630 [ 373.673051][ T7658] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 373.679292][ T7658] ? __page_table_check_zero+0x333/0x410 [ 373.684918][ T7658] ? __page_table_check_zero+0x333/0x410 [ 373.691348][ T7658] ? __page_table_check_zero+0x338/0x410 [ 373.697366][ T7658] __free_frozen_pages+0x3f5/0x1040 [ 373.702561][ T7658] hci_release_dev+0x4ef/0x630 [ 373.707348][ T7658] ? __pfx_hci_release_dev+0x10/0x10 [ 373.712621][ T7658] ? device_release+0x97/0x270 [ 373.717419][ T7658] ? rcu_is_watching+0x12/0xc0 [ 373.722170][ T7658] ? device_release+0x97/0x270 [ 373.726953][ T7658] bt_host_release+0x6a/0xb0 [ 373.731541][ T7658] ? __pfx_bt_host_release+0x10/0x10 [ 373.736849][ T7658] device_release+0xd2/0x270 [ 373.741427][ T7658] kobject_put+0x1f7/0x640 [ 373.745846][ T7658] put_device+0x1f/0x30 [ 373.749992][ T7658] vhci_release+0x185/0x230 [ 373.754488][ T7658] ? __pfx_vhci_release+0x10/0x10 [ 373.759524][ T7658] __fput+0x3ff/0xb50 [ 373.763502][ T7658] task_work_run+0x150/0x240 [ 373.768100][ T7658] ? __pfx_task_work_run+0x10/0x10 [ 373.773202][ T7658] do_exit+0x8d2/0x2a60 [ 373.777392][ T7658] ? __pfx_do_exit+0x10/0x10 [ 373.782146][ T7658] ? cgroup_update_frozen_flag+0x107/0x210 [ 373.788714][ T7658] ? find_held_lock+0x2b/0x80 [ 373.793412][ T7658] ? get_signal+0x184f/0x21e0 [ 373.798523][ T7658] do_group_exit+0xd5/0x2a0 [ 373.803012][ T7658] get_signal+0x1ec7/0x21e0 [ 373.807551][ T7658] ? __pfx_get_signal+0x10/0x10 [ 373.812387][ T7658] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 373.817873][ T7658] arch_do_signal_or_restart+0x91/0x7a0 [ 373.823414][ T7658] ? get_timespec64+0x136/0x1b0 [ 373.828297][ T7658] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 373.834448][ T7658] ? __x64_sys_clock_nanosleep+0x347/0x480 [ 373.840280][ T7658] ? rcu_is_watching+0x12/0xc0 [ 373.845036][ T7658] exit_to_user_mode_loop+0x8b/0x4f0 [ 373.850339][ T7658] ? rcu_is_watching+0x12/0xc0 [ 373.855096][ T7658] do_syscall_64+0x6f2/0xf80 [ 373.859706][ T7658] ? clear_bhb_loop+0x40/0x90 [ 373.864371][ T7658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.870314][ T7658] RIP: 0033:0x7f53ba75d60e [ 373.874712][ T7658] Code: Unable to access opcode bytes at 0x7f53ba75d5e4. [ 373.881902][ T7658] RSP: 002b:00007f53bb66df58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 [ 373.891090][ T7658] RAX: fffffffffffffdfc RBX: 00007f53bb66e6c0 RCX: 00007f53ba75d60e [ 373.899455][ T7658] RDX: 00007f53bb66dfb0 RSI: 0000000000000000 RDI: 0000000000000000 [ 373.907488][ T7658] RBP: 00007f53ba832d69 R08: 0000000000000000 R09: 0000000000000000 [ 373.915453][ T7658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 373.923453][ T7658] R13: 00007f53baa16128 R14: 00007f53baa16090 R15: 00007ffd5c0ed108 [ 373.931462][ T7658] [ 373.934477][ T7658] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 373.941742][ T7658] CPU: 0 UID: 0 PID: 7658 Comm: syz.0.409 Tainted: G L syzkaller #0 PREEMPT(full) [ 373.952486][ T7658] Tainted: [L]=SOFTLOCKUP [ 373.956788][ T7658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 373.966826][ T7658] Call Trace: [ 373.970094][ T7658] [ 373.973011][ T7658] dump_stack_lvl+0x100/0x190 [ 373.977677][ T7658] vpanic+0x552/0x970 [ 373.981645][ T7658] ? __pfx_vpanic+0x10/0x10 [ 373.986133][ T7658] panic+0xd1/0xe0 [ 373.989836][ T7658] ? __pfx_panic+0x10/0x10 [ 373.994264][ T7658] ? check_panic_on_warn+0x1f/0x90 [ 373.999364][ T7658] check_panic_on_warn.cold+0x19/0x34 [ 374.004727][ T7658] ? debug_print_object+0x18e/0x2a0 [ 374.009919][ T7658] __warn.cold+0x191/0x328 [ 374.014324][ T7658] __report_bug+0x296/0x3d0 [ 374.018818][ T7658] ? debug_print_object+0x18e/0x2a0 [ 374.024018][ T7658] ? __pfx___report_bug+0x10/0x10 [ 374.029036][ T7658] ? __lock_acquire+0x4a5/0x2630 [ 374.034016][ T7658] ? unwind_next_frame+0x3c8/0x2090 [ 374.039232][ T7658] report_bug_entry+0xe1/0x290 [ 374.043987][ T7658] ? debug_print_object+0x19b/0x2a0 [ 374.049180][ T7658] handle_bug+0x1cd/0x2a0 [ 374.053494][ T7658] exc_invalid_op+0x17/0x50 [ 374.057980][ T7658] asm_exc_invalid_op+0x1a/0x20 [ 374.062820][ T7658] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 374.068615][ T7658] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 52 a9 e2 0b 41 56 48 8b 14 dd c0 39 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 ac 25 d8 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 374.088204][ T7658] RSP: 0018:ffffc90004c076f8 EFLAGS: 00010246 [ 374.094257][ T7658] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 374.102213][ T7658] RDX: ffffffff8c1c3900 RSI: ffffffff8c1c3520 RDI: ffffffff90e29360 [ 374.110168][ T7658] RBP: 0000000000000001 R08: ffff88807e7c9438 R09: ffffffff8bb2b700 [ 374.118137][ T7658] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1c3520 [ 374.126098][ T7658] R13: ffffffff8bb2b740 R14: ffffffff8a92bd10 R15: ffffc90004c077f8 [ 374.134061][ T7658] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 374.139521][ T7658] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 374.144999][ T7658] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 374.150797][ T7658] debug_check_no_obj_freed+0x4da/0x630 [ 374.156345][ T7658] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 374.162405][ T7658] ? __page_table_check_zero+0x333/0x410 [ 374.168028][ T7658] ? __page_table_check_zero+0x333/0x410 [ 374.173646][ T7658] ? __page_table_check_zero+0x338/0x410 [ 374.179270][ T7658] __free_frozen_pages+0x3f5/0x1040 [ 374.184462][ T7658] hci_release_dev+0x4ef/0x630 [ 374.189218][ T7658] ? __pfx_hci_release_dev+0x10/0x10 [ 374.194488][ T7658] ? device_release+0x97/0x270 [ 374.199240][ T7658] ? rcu_is_watching+0x12/0xc0 [ 374.203992][ T7658] ? device_release+0x97/0x270 [ 374.208747][ T7658] bt_host_release+0x6a/0xb0 [ 374.213328][ T7658] ? __pfx_bt_host_release+0x10/0x10 [ 374.218604][ T7658] device_release+0xd2/0x270 [ 374.223184][ T7658] kobject_put+0x1f7/0x640 [ 374.227587][ T7658] put_device+0x1f/0x30 [ 374.231733][ T7658] vhci_release+0x185/0x230 [ 374.236239][ T7658] ? __pfx_vhci_release+0x10/0x10 [ 374.241265][ T7658] __fput+0x3ff/0xb50 [ 374.245252][ T7658] task_work_run+0x150/0x240 [ 374.249920][ T7658] ? __pfx_task_work_run+0x10/0x10 [ 374.255029][ T7658] do_exit+0x8d2/0x2a60 [ 374.259187][ T7658] ? __pfx_do_exit+0x10/0x10 [ 374.263781][ T7658] ? cgroup_update_frozen_flag+0x107/0x210 [ 374.269575][ T7658] ? find_held_lock+0x2b/0x80 [ 374.274240][ T7658] ? get_signal+0x184f/0x21e0 [ 374.278902][ T7658] do_group_exit+0xd5/0x2a0 [ 374.283387][ T7658] get_signal+0x1ec7/0x21e0 [ 374.287883][ T7658] ? __pfx_get_signal+0x10/0x10 [ 374.292835][ T7658] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 374.298287][ T7658] arch_do_signal_or_restart+0x91/0x7a0 [ 374.303828][ T7658] ? get_timespec64+0x136/0x1b0 [ 374.308666][ T7658] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 374.314814][ T7658] ? __x64_sys_clock_nanosleep+0x347/0x480 [ 374.320608][ T7658] ? rcu_is_watching+0x12/0xc0 [ 374.325359][ T7658] exit_to_user_mode_loop+0x8b/0x4f0 [ 374.330626][ T7658] ? rcu_is_watching+0x12/0xc0 [ 374.335376][ T7658] do_syscall_64+0x6f2/0xf80 [ 374.339987][ T7658] ? clear_bhb_loop+0x40/0x90 [ 374.344652][ T7658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.350530][ T7658] RIP: 0033:0x7f53ba75d60e [ 374.354931][ T7658] Code: Unable to access opcode bytes at 0x7f53ba75d5e4. [ 374.361931][ T7658] RSP: 002b:00007f53bb66df58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 [ 374.370344][ T7658] RAX: fffffffffffffdfc RBX: 00007f53bb66e6c0 RCX: 00007f53ba75d60e [ 374.378363][ T7658] RDX: 00007f53bb66dfb0 RSI: 0000000000000000 RDI: 0000000000000000 [ 374.386328][ T7658] RBP: 00007f53ba832d69 R08: 0000000000000000 R09: 0000000000000000 [ 374.394285][ T7658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 374.402238][ T7658] R13: 00007f53baa16128 R14: 00007f53baa16090 R15: 00007ffd5c0ed108 [ 374.410204][ T7658] [ 374.413284][ T7658] Kernel Offset: disabled [ 374.417606][ T7658] Rebooting in 86400 seconds..