last executing test programs: 16m40.242769954s ago: executing program 2 (id=2977): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/122, 0x7a) 16m40.131735094s ago: executing program 2 (id=2979): close_range$auto(0x2, 0x8, 0x0) (async) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) mmap$auto(0x0, 0xfffffffffffffffe, 0x6, 0xebd, r0, 0x6) (async) socket(0x10, 0x2, 0x2) (async) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vidtv.0/i2c-0/delete_device\x00', 0x1, 0x0) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/rfkill3/hard_block_reasons\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x8) (async) write$auto(0x3, 0x0, 0xfdef) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (async) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x725f00, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) ioctl$auto_SNDCTL_SEQ_THRESHOLD(r2, 0x4004510d, &(0x7f0000000200)) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000005880)='/proc/sys/kernel/panic_print\x00', 0x80801, 0x0) (async) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) (async) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) (async) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) (async) ioctl$auto_KVM_GET_MSRS(r3, 0x4068aea3, &(0x7f0000000080)={0xa8}) (async) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) mmap$auto(0x0, 0x2, 0xdb, 0x109b72, 0x5, 0x9) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) socket(0x11, 0x80003, 0x300) 16m39.853491145s ago: executing program 2 (id=2982): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.15/usb40/40-0:1.0/usb40-port6/power/runtime_active_time\x00', 0x101040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000010c0)=""/100, 0x64) 16m39.714922518s ago: executing program 2 (id=2983): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/neigh/wlan0/retrans_time_ms\x00', 0xa2202, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000200), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0xc, 0x400009, 0xdf, 0x7b, 0xffffffffffffffff, 0x10000000400000) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"}) ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) mmap$auto(0x80000, 0x400008, 0x407, 0xffff, 0x2, 0x8000) mmap$auto(0x0, 0x80000000006, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x161343, 0x580f790b2ef4c33) copy_file_range$auto(r3, 0x0, r4, 0x0, 0x21c3, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/btrfs/features/supported_checksums\x00', 0x40a00, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0180, 0x0) read$auto_l2cap_debugfs_fops_(r4, &(0x7f0000000140)=""/115, 0x73) ioctl$auto(0xffffffffffffffff, 0x4020ae76, 0xffffffffffffffff) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptye4\x00', 0x20080, 0x0) ioctl$auto_SNDCTL_TMR_CONTINUE(r5, 0x802c542a, 0x0) sendmsg$auto_TCP_METRICS_CMD_GET(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYBLOB="000025bd7000ffdbdf2501000000080001fedf00000114000c082001000000000000000000000000000108000b00901414aa08001c5858b2ffff08000100ac1e010108000b00ac1414bbc59166ff29602d7689373008e0b92b52b2af83f17b4d053d1392445e7173bc1642eafccf414ec2833af1186d45a148c47ff61643ddd233f329bf1c5ed7ddb86e3655dd12354d958c91504c1aea245734cc219be9d21c43b51ad14b40daed492a174d63b346d55babe8dcdff260da190f085919f9851c9107835f63845071e68047744eeb09578beca1d2b2ef341ebaa5445743887d58313b5dd28a180dcd87fd894d780c4b88e1678ba2d5ff79cb9bc4fe8afc949f004d87253f6ec87b09214ebcf7b300"/282], 0x50}}, 0x0) sendfile$auto(r0, r0, 0x0, 0x100200400f) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r6) sendmsg$auto_SMC_PNETID_ADD(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x20, r7, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@SMC_PNETID_NAME={0xb, 0x1, 'dummy0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x44c0) sendmsg$auto_SMC_PNETID_GET(r1, &(0x7f0000000540)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x58, r7, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@SMC_PNETID_IBNAME={0x33, 0x3, '/proc/sys/net/ipv4/neigh/wlan0/retrans_time_ms\x00'}, @SMC_PNETID_NAME={0x10, 0x1, 'tcp_metrics\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000840) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x4, 0x4) r8 = syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/user\x00') readv$auto(r0, &(0x7f0000000140)={&(0x7f0000000040)="cac8efa4aa028ada6c3eeb1473e13adb487e3d0ecd24cd33a66464ff4d42269e3817fd0a76851e7ec893468d7bf344335a47f0f5727e8496e90796365ce63dcd266953c440a15a79b186f60b584ad17364b2820bb0a556f85f825ad0c8529b7ce52555fc2e6137e5a699ad3cda3a41079c0cd2f16b36992b00066cba5222515bf5f2cc66cf1859dba534e686b50a5ef239319363f245b276d600413ffba87428b9c6ea1544836febee4834cc932eba283252c28ab26cfd1201c9e653772a42c9db16cefb88f66b521826d6208715c7401a0d1afefab8b5dae4504b67b399aee22a89045b3a7b2a9d616bf53555f6355e29f90ad1ee0368c23168ea608f1fd5", 0x13ed}, 0x80) sched_setaffinity$auto(0xffffffffffffffff, 0x6, &(0x7f00000017c0)=0x8) setns(r8, 0x10000000) 16m39.176412735s ago: executing program 2 (id=2986): mmap$auto(0x0, 0x5db, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) waitid$auto(0x3, r0, 0x0, 0x2, &(0x7f00000001c0)={{0x2, 0x3}, {0x7, 0xc}, 0xf5, 0x75, 0x8, 0x9c7, 0x6, 0x1, 0x3, 0x4, 0x1ca, 0x9, 0x2, 0x6, 0x80000001}) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x480, 0x0) mmap$auto(0x0, 0x400000, 0x7, 0x19b72, 0x5, 0x9000) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x5, &(0x7f0000000200)=@iter_create={r1, 0x7fff}, 0x1ff) mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x141401, 0x0) r2 = socket(0xa, 0x1, 0x84) mmap$auto(0xfffffffffffffffc, 0xa, 0x3, 0xeb1, 0x3ff, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) getsockopt$auto(r2, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400) r3 = epoll_create$auto(0x8) epoll_ctl$auto(r3, 0x1, 0x8000000000000000, 0x0) write$auto_rfkill_fops_core(r3, &(0x7f0000000180)="da1a7e624a10260ea1e4099494f84c088905e99c93a17dad106dc46366518f169e8c8d20adda9553c37074023717a6c5d6d932673d3eb05b4bc620f39ed7523f3738366479aa10f1f12bc8bdccb1962b71f6eccf14b3d8af177ae5fc0f2a1e5e2ad4fc4eec6e2543140afc8468cf892c60ae56441971408b42daa24217ea7b975ee0606e511d772b6d6d6db26b0cad1fa0c01f3d1cd3755c449be8305066a402e4cc02d2ee51b4b242db948b14343b8cb968e08cc0e925af507babd2cf54dc5efc77619c6976008875b0dccb0d5881a6d9329969215a11167bf72d3dbf7c7a2046a255caeed3af52981c4a32d5d55b76ef00ec2cc5c77ffd", 0xf8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$auto(0x3, 0x404c534a, 0x38) 16m38.827818637s ago: executing program 2 (id=2988): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb9, 0xf, 0x7, 0x400004, 0xffffffffffffffff, 0x7, "00000000000000e3ffffffffffffff00", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r0, 0x3, 0x81, @uprobe_multi={0x81, 0x1fd, 0x9, 0x8, 0x1, 0x4}}, 0x92) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty48\x00', 0x40000, 0x0) mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_GET(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x18, r3, 0x303, 0x70bd29, 0x25dfdbfb, {}, [@OVS_VPORT_ATTR_UPCALL_PID={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8804}, 0x4004010) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) socket(0x1, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x0, 0x0) fsopen$auto(0x0, 0x1) epoll_create$auto(0x4) sysfs$auto(0x2, 0x1e, 0x0) epoll_ctl$auto(0x5, 0x5, 0x8000000000000000, 0x0) write$auto(r4, 0x0, 0x800000006) ioctl$auto_SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000240)="ae") ioctl$auto_TIOCSWINSZ2(r1, 0x541b, &(0x7f0000000380)) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x40400, 0x0) 16m23.496774553s ago: executing program 32 (id=2988): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb9, 0xf, 0x7, 0x400004, 0xffffffffffffffff, 0x7, "00000000000000e3ffffffffffffff00", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r0, 0x3, 0x81, @uprobe_multi={0x81, 0x1fd, 0x9, 0x8, 0x1, 0x4}}, 0x92) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty48\x00', 0x40000, 0x0) mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_GET(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x18, r3, 0x303, 0x70bd29, 0x25dfdbfb, {}, [@OVS_VPORT_ATTR_UPCALL_PID={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8804}, 0x4004010) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) socket(0x1, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x0, 0x0) fsopen$auto(0x0, 0x1) epoll_create$auto(0x4) sysfs$auto(0x2, 0x1e, 0x0) epoll_ctl$auto(0x5, 0x5, 0x8000000000000000, 0x0) write$auto(r4, 0x0, 0x800000006) ioctl$auto_SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000240)="ae") ioctl$auto_TIOCSWINSZ2(r1, 0x541b, &(0x7f0000000380)) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x40400, 0x0) 6.704188843s ago: executing program 3 (id=6664): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ttyxd\x00', 0x470000, 0x0) ioctl$auto_TIOCGICOUNT(r1, 0x545d, &(0x7f0000000340)="ae825633b5d5fec372f782f4ce6e3af0a2bfeefe7fc68bdbae419dff822340ebdee41bb791820537255cdf324ef7c6a09745b0076bb9048a97e3605b8d594a2da37a58483e97d476bbddd60e6e05fec33de58a672302d691478e390ab9298edf14f5ca9305576aa60516e5f388d6a19c2219176a96e77d930a7f299746d818f855402859d1c21db123fce4135de3bc2408509e520815f4e61af76a11e4b7d4442879cb4b063e7eba81fe74b5bf814a3228a7d37c5f789e89e00fb96ce36e") sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) read$auto(r0, 0x0, 0x20) socket(0x2, 0x1, 0x106) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x8, 0x2, 0x7ff, 0x9, 0x0, 0x0, 0x0, 0xfa9a, 0x8, 0x7fffffffffffffff, 0x8000000004, 0x8, 0x8000000005, 0x0, 0x7, 0x8000000004, 0x3}) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/nbd8/rqos/wbt/curr_win_nsec\x00', 0x2000, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) unshare$auto(0x40000080) 5.370716206s ago: executing program 0 (id=6667): openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd10/sched/read1_fifo_list\x00', 0x141100, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) 5.081712675s ago: executing program 0 (id=6669): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8008000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd12, &(0x7f00000001c0)) getsockopt$auto_SO_BROADCAST(r0, 0x14, 0x6, &(0x7f0000000000)='/dev/snd/controlC1\x00', &(0x7f0000000040)=0x81) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x64842, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/ptyq3\x00', 0x40001, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x42000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000300)={{@raw=0x6, 0x0, 0x8001, 0x2, "da14cf93e7670976d4df4660872c34e34ab92824711bacf3578dcec408cf5180d03a4d126edb3169db6d48ac"}, 0x1, @iec958={"28f6a86309b1e098a7dfa272f95c4c28615313f81f02a4eb", "77a2e9b1b0224a8ef0ac25ff0db0b6ec20c55cccbf4e9b253241777363b62fbe19f64f49f5ed0205399a691cb53e4086d6ec9dcbc5173fee439c2db7f3d5f2d4dd2a267a11e3c0cc771cdddef6bdb02a85cf5ea2ecc26fa3fe291d1e45404619547117c0d45a0de14bc3b9c22d705152efa9d2cfb220c6210dd7606723fb4d6d8ea3e197b19203c65d90e3c761870cbd392bea", 0x0, "e8134be5"}, "a8949c7d9c57acd66da4c5f111166031ad47ebfed172b36a28d7b0204e3a90e9a6c41064df45da18212d9c4e61a29b8146bd0c0284d89751eb5c58cb32c2abf739599063c9a0820f08f1c1b3645f00006dcd033a712822785eeb6a2c41b6d7c00f5e965c1d0000000000000000000000000400"}) fcntl$auto_F_GETOWN(r1, 0x9, 0x98e) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x37be80, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x149942, 0x0) ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r3, 0x5452, &(0x7f00000001c0)={0x40007, 0xbed0}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x84) getpid() 5.043013622s ago: executing program 3 (id=6670): close_range$auto(0x2, 0x8, 0x0) futex$auto(0x0, 0x6, 0x4, &(0x7f0000000080)={0x10000, 0x37f}, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x6c, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IFINDEX={0x8}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @random="431396a271ac"}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF2_AGE={0x8, 0x4, 0x10}, @HSR_A_IF1_AGE={0x8, 0x3, 0x5}, @HSR_A_NODE_ADDR={0xa, 0x1, @remote}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x20, 0x0, 0x9) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) write$auto(0x3, 0x0, 0xfdf3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptywf\x00', 0x1, 0x0) msgget$auto(0x0, 0x5) msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4) msgctl$auto(0x0, 0x0, 0x0) mmap$auto_sg_fops_sg(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x40010, r1, 0x3ff) 4.691214291s ago: executing program 0 (id=6674): openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd2/hctx0/sched_tags_bitmap\x00', 0xa2140, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0) setresuid$auto(0x0, 0x0, 0x0) ioctl$auto_BLKALIGNOFF(r0, 0x127a, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mtd/mtd0/bitflip_threshold\x00', 0x2062, 0x0) r4 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000008c0)=ANY=[@ANYRES32=r4, @ANYBLOB="4faea360ceeaab43e40d00ba47bb93289a9995ba975e1a224d14c87e57a189eeb6827b3e3aece106a3bf00db0a5c8981b27edc8b06629ecb64f0360b905b47e1686aba03ecc3d45f8d7a02af43d9959d138a610411271739fc3d8246ce5cb5c1cf6d24330d6032a95a57e5110f4d54139c7d39dc8b18a1cdd6d78475fef61ecce31610ad8ed726a20b2845e8194821b146f052e29d45a4721c9bb89b0b63260697e510d1f8fc88899e65ac6bc9084b1947b3a1d5c825c3ece9ab07b80ae03dda80bc28ab2661183d4c49acef070b969a13234e471fb57bdd815ce8eb2add40eb186deb91d84e7817355c202022bd751ce7352874f0b3065c667c6e549c59908e6b8cabe03f4dcd04bc6d7a0076ddcfee9945cbb5e63413bb5d9bf5b511147291d5585dea40ac183747c3daaa6543f5d1f3ef76e60ac08eeecad2", @ANYRESDEC=r1, @ANYRES8, @ANYRES16], 0x24}, 0x1, 0x0, 0x0, 0x24000015}, 0xc000) r5 = syz_clone(0x80010000, &(0x7f0000000280)="09f02056818e7acf47e882612806b616d8", 0x11, &(0x7f00000007c0), 0x0, &(0x7f00000002c0)="2918758169251555183442853a27ba37074b62633f338d1a7b74c6ff4c91676d9a5e0078ab1db0f30dc404f23fd5820a80ed88704e71ac2c5f3169cb36f22141f45b3500004fe71b8618ec46671bf5d28d8d26ce4970c811a8b669c7011c3e9ff8b2109640c07450f5b7b624fde03bb975adc229120a3b8750efcf8a4846f0a7ac6a36f60f348190044854f04b55f429540f9fc390d24df293299b9ceb2f6d4e5212fdd9a1597ffcfaf9b3008f77bcc5a393486eb62527560aa974af592514e14d7d34584ee8665cdecbd991fe575d59a4f9c6583a485022f9791b0532d16ecdffdabc91e082640c04c5382fe1aae6484683b91366aafa6e876fbbc7042060bfa86af873f56443d67db514c1cdb4d8b14f96b22dd4683ce4877dc06173474376e79a7b81c20901e86f322be0d272e66e16c14c948266dbaa0e9cba48631863c7aa8e8f797217b42a3d9c019f3a919db8f140bab26c00b5d05032aa38b396305fbfeaa1f6368e7d8c542f4f46ed117c5398e7d5c4b1ac78bfe39181ba7e8114cdf7d9fd3c2f253fa6fd7dc96061eb3d92b8d560c2f203f2e913ef3cdc817974d742e6f19b3f6e0af687d28d8c59c85d12ebe29ed46e1dcc8c02e9fa76d7ab2e9627412426522d9d8272a063ee286dfcb0cae11fca488b386c12b99fa3453b8c62d320e67ca146be") r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/mm/transparent_hugepage/khugepaged/alloc_sleep_millisecs\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f00000000c0)='5', 0x1) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x5, 0x10, 0x0, 0x7f, 0xffff, 0xffffffffffffffff, 0x97, "b3be20b60af2baa925ab5ed7fbf10be2", 0x0, 0xffffffffffffffff, 0x2, 0x10, 0x1000, 0x100000000}, 0x10) set_tid_address$auto(&(0x7f0000000500)=0x5) r7 = getpgid$auto(0x0) sendmsg$auto_IPVS_CMD_SET_SERVICE(r2, &(0x7f0000000ac0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000a80)={&(0x7f0000000540)=ANY=[@ANYBLOB="3405", @ANYRES16=r4, @ANYBLOB="000226bd7000fbdbdf25020000000800050007000000080006000300000008000400050000001001028075ff83876574dcf7444c53b88992e69a471bfa58053dc94ad66d0953fb1b9cb401c147df5f31671dfc0f9284424129a2c5ce70c649ade9aae6d814619bf71bbd80efe680cd9bc3e7aa59478b4e3e4d0ce05691deebfebdb666888d6f5549d48d92470028f2ccb239e0e683f1107459a18b09a092829949129087a8c782cb94fd36de9315f583a56ceee0e6023fa204fdb92ada8640c18311479406aa31ba39687f786747f4eaef95", @ANYRES32, @ANYBLOB="19e833e93fdf0b102a18ee6b8436634483ed5729eb26e2267dcf5d3a2eaf51db79c25d370c37cf662d480e08f268f1743cd215589548d9cb71", @ANYRES32=r5, @ANYBLOB="1800fd80040086807290395bf5dd39680400b5800400098021011a800400", @ANYRES32, @ANYRES32=0x0, @ANYRES16=r0, @ANYBLOB="0800e300", @ANYRES32=r7, @ANYRES64=r3], 0x534}, 0x1, 0x0, 0x0, 0x28014044}, 0x0) r8 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x8203, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000040)) ioctl$auto(r8, 0x80046f45, 0x38) 4.513771691s ago: executing program 4 (id=6675): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8008000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd12, &(0x7f00000001c0)) getsockopt$auto_SO_BROADCAST(r0, 0x14, 0x6, &(0x7f0000000000)='/dev/snd/controlC1\x00', &(0x7f0000000040)=0x81) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x64842, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/ptyq3\x00', 0x40001, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x42000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000300)={{@raw=0x6, 0x0, 0x8001, 0x2, "da14cf93e7670976d4df4660872c34e34ab92824711bacf3578dcec408cf5180d03a4d126edb3169db6d48ac"}, 0x1, @iec958={"28f6a86309b1e098a7dfa272f95c4c28615313f81f02a4eb", "77a2e9b1b0224a8ef0ac25ff0db0b6ec20c55cccbf4e9b253241777363b62fbe19f64f49f5ed0205399a691cb53e4086d6ec9dcbc5173fee439c2db7f3d5f2d4dd2a267a11e3c0cc771cdddef6bdb02a85cf5ea2ecc26fa3fe291d1e45404619547117c0d45a0de14bc3b9c22d705152efa9d2cfb220c6210dd7606723fb4d6d8ea3e197b19203c65d90e3c761870cbd392bea", 0x0, "e8134be5"}, "a8949c7d9c57acd66da4c5f111166031ad47ebfed172b36a28d7b0204e3a90e9a6c41064df45da18212d9c4e61a29b8146bd0c0284d89751eb5c58cb32c2abf739599063c9a0820f08f1c1b3645f00006dcd033a712822785eeb6a2c41b6d7c00f5e965c1d0000000000000000000000000400"}) fcntl$auto_F_GETOWN(r1, 0x9, 0x98e) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x37be80, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x149942, 0x0) ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r3, 0x5452, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x84) getpid() 4.43286902s ago: executing program 3 (id=6676): close_range$auto(0x2, 0x8, 0x0) futex$auto(0x0, 0x6, 0x4, &(0x7f0000000080)={0x10000, 0x37f}, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x6c, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IFINDEX={0x8}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @random="431396a271ac"}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF2_AGE={0x8, 0x4, 0x10}, @HSR_A_IF1_AGE={0x8, 0x3, 0x5}, @HSR_A_NODE_ADDR={0xa, 0x1, @remote}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x20, 0x0, 0x9) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) write$auto(0x3, 0x0, 0xfdf3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptywf\x00', 0x1, 0x0) msgget$auto(0x0, 0x5) msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4) msgctl$auto(0x0, 0x0, 0x0) mmap$auto_sg_fops_sg(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x40010, r1, 0x3ff) 3.638183006s ago: executing program 4 (id=6677): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r0, 0x545c, 0x0) unshare$auto(0x0) mbind$auto(0x0, 0x6, 0x100000000, 0x0, 0x9, 0x2) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) r1 = socket(0x23, 0x5, 0x0) bind$auto(r1, &(0x7f0000000140)=@phonet={0x23, 0x6, 0x3, 0xa3}, 0x80) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r2, 0x0, 0x1ff) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x402, 0x0) write$auto(r4, &(0x7f0000000200)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8\xe4\x145\x90e\xd3\xe0);\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C\x1e\xe1\xdb\x03\x19\xba\xda\x19\xbbW\xc6\x8c\xd54\x0eJ\xcdpq\xedv\x93\x89\r\xb5\xe06:\x85\xc0\x982]dyf\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) 2.445493867s ago: executing program 1 (id=6684): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r0, 0x545c, 0x0) unshare$auto(0x0) mbind$auto(0x0, 0x6, 0x100000000, 0x0, 0x9, 0x2) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) r1 = socket(0x23, 0x5, 0x0) bind$auto(r1, &(0x7f0000000140)=@phonet={0x23, 0x6, 0x3, 0xa3}, 0x80) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r2, 0x0, 0x1ff) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x402, 0x0) write$auto(r4, &(0x7f0000000200)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8\xe4\x145\x90e\xd3\xe0);\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C\x1e\xe1\xdb\x03\x19\xba\xda\x19\xbbW\xc6\x8c\xd54\x0eJ\xcdpq\xedv\x93\x89\r\xb5\xe06:\x85\xc0\x982]dy0x0, @enumerated={0x0, 0x6, "ad75b255b5cdd64a6b7a755de55f8e3b81e6c4e6fbf4f15a5ca5dc29f056113e9b60cd7bd82081ec90b01a6c1ae79b9fd0930da366e011ae30c0a636577776a6", 0x2003, 0xcac}, "18a801006a0900000000000000c4bd5359eeadc8357752b72fa176254d8797cdffd02555ac83a07983eeddcd24b626f54ad9d763dcdc9120af8b7c848ceb55a7"}) r3 = socket(0x10, 0x2, 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55) setreuid$auto(0xee01, 0x0) keyctl$auto(0x0, 0xfffff7ffffffffff, 0x0, 0x0, 0xd564) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0xffffffffffffffff, 0x4b49, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00', @ANYRES32, @ANYRES32, @ANYRES64=r2, @ANYRES32], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/algorithm_params\x00', 0xa001, 0x0) write$auto(r4, &(0x7f0000000540)='\"\x81=\"\xad\xff\x8d\xf9;\x18\xa4\xb0\xb4\xd9\x82=\xe1P~\x17\xfb&L\xeb=j\a\xf1y\xb3\"', 0x4) fcntl$auto(0x3, 0x4, 0xa553) r5 = socket(0x22, 0x2, 0x0) setsockopt$auto(r5, 0x29, 0x10, 0x0, 0x56b) read$auto_snd_ctl_f_ops_control(r1, &(0x7f0000000340)=""/70, 0x46) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000001700)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189082, 0x0) msync$auto(0x2, 0x3, 0x1000) getrlimit$auto(0x8000, &(0x7f00000001c0)={0x4, 0x200}) sysfs$auto(0x6, 0x7, 0xffffffff) r6 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r7 = epoll_create$auto(0x8800001) epoll_ctl$auto(r7, 0x1, r6, 0x0) 1.817416358s ago: executing program 4 (id=6687): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0xfffffffffffffffd, 0x810004, 0xffb, 0x15, r0, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mlock$auto(0x7c88, 0x7fff) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setresuid$auto(0x8, 0x0, 0x4) setpriority$auto(0x2, 0x8, 0x8) 1.782600249s ago: executing program 3 (id=6688): openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0xffffffff, 0xdd, 0x1a010, 0xffffffffffffffff, 0x8000) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nbd12\x00', 0x6600, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x0, 0x0) mmap$auto(0x0, 0x40006, 0xdf, 0x200009b72, 0x7, 0x28000) r0 = io_uring_setup$auto(0x10003, 0x0) r1 = socket(0x2, 0x1, 0x106) ustat$auto(0x801, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0xe2c1, 0x157) socket(0x2, 0x5, 0xf7) r2 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0xae281, 0xee) socket(0x2, 0x1, 0x106) syz_clone3(&(0x7f0000000400)={0x148000400, 0x0, 0x0, 0x0, {0x2a}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) kill$auto(0x0, 0x21) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) listen$auto(0x3, 0x81) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) sendmsg$auto_TCP_METRICS_CMD_DEL(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00022bbd7000fcdbdf250200000045139a844f30d6a0a3e289dd64d211977a948a70eff52ccb653fb63cceded9488a15ae0b5d58b0ba"], 0x14}, 0x1, 0x0, 0x0, 0x88800}, 0x4000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x0) 1.503747886s ago: executing program 0 (id=6689): unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000540)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x3) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r0, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) ioctl$auto_SNDRV_PCM_IOCTL_PREPARE2(r0, 0x4140, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) write$auto_proc_uid_map_operations_base(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) timer_create$auto_CLOCK_BOOTTIME_ALARM(0x9, &(0x7f00000004c0)={@sival_ptr=&(0x7f0000000380)="4a057f4f89d731f73e8cc7b1573661ae93f1b7aa4dc226f6d01e85f151f4e8c86f5947306f505cf30b83dc92757f996f0cbda574d6c8343f0fb1b009e539f5229d2ccdd717c73e932cf29a076e04add9a04086ff6f233dd55fd9e23dd5fae42d0a8b7963326b34d31486d7adf911437c472168f93261f1cd6775aae93af50a3a88f64c71cc9c900373a6c4ff73f5d2b8c52f67fd9a3aa7c7ba0a4b317d2481a7f92a5c53b52936", @raw=0x7, 0x659b}, &(0x7f0000000500)=0x10000) r3 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r3, 0x65, 0x7, 0x0, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r2, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/037/001\x00', 0x4a901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000100)={0x2, 0x80, 0xffff, 0x5, &(0x7f0000000240)="2303", 0xc694, 0x3, 0x80005, @stream_id=0x7, 0x2004b, 0xc, 0x0}) madvise$auto(0x0, 0xffffffffffff0005, 0x19) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x1a, 0x80000, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) write$auto_drm_edid_fops_drm_debugfs(r0, 0x0, 0x0) mq_timedsend$auto(0xffffffffffffffff, &(0x7f0000000040)='/proc/thread-self/pa\x00\x00\x00\x00\x00\x00', 0x990, 0x3ff, &(0x7f00000002c0)={0xa, 0x81}) 1.015654779s ago: executing program 1 (id=6690): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/dynamic_debug/control\x00', 0x482, 0x0) ioctl$auto_BLKTRACESETUP32(0xffffffffffffffff, 0xc0401273, &(0x7f0000000140)={"2955c6e10e7fb9f306df79c56b8cf136dd0ddd1ed52f70ef7baa0d0e281f96e4", 0x58, 0x10001, 0x10, 0x9, 0xdba, 0xffffffffffffffff}) process_vm_readv$auto(r1, 0x0, 0x1, &(0x7f0000000040)={0x0, 0xffffffff}, 0x6, 0x1) writev$auto(r0, &(0x7f0000000200)={&(0x7f00000000c0)="3d3d6805f7afef83be3e882d64c6b20ded718da676c1b19752aaa5716060c25de8bbfdffffffffffffff9fa21e499a268c375ecec9004f000100a57717fc59776fab9a9d1d49532488854f5ea60232e3f1a044d60bf45808c0a1ee5d020e497fb1427028f17add9c7e6c95", 0x1}, 0xb) mmap$auto(0x0, 0x3, 0x1000000000001, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x22a00, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000000), r2) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000280)=ANY=[@ANYBLOB="aa2abebf", @ANYRES16=r3, @ANYBLOB="010029bd710002dcdf0d040000000800040001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x2000083c}, 0x200008d0) r4 = socket(0xa, 0x802, 0x3a) r5 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000180), r6) r7 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0109080000000000002502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) r9 = fcntl$auto_F_DUPFD(r5, 0x0, r5) ioctl$auto_vmwgfx_driver_fops_vmwgfx_drv(r9, 0x0, &(0x7f0000000000)="090bdb70d726e558a345cb58a01a9260fe797efced430832e041e5b4448edc94099e69b14ff229aaffe01b8c7cc0a4e4685c3e05699f4688b1ff06722e58877038caeb5a907ed463f4133ad88082cdf0207393724e3701ee9dcb69af2261a670ad24917121a7db34b8152aca9292b1bed9034d4e7baa6b6a23ea437a5995faf65fafa7b0df371cd7322417527efa70e95d3a3d32a69abd7e859e1057223c308821049e83e5e3399c65eddd235c0b2a35b1170f1800ea040a5dffa5c5d23151138887d66d85828b3bc39683280490b449a1029e8c7b7de03345f0d2625869fa1dfbc5ae982dcbc2ceda") read$auto_tun_fops_tun(r9, &(0x7f00000003c0)=""/121, 0x79) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) landlock_create_ruleset$auto(&(0x7f0000000140)={0x7, 0xdd4, 0x9}, 0x8000000000000002, 0x0) mprotect$auto(0x110c238000, 0x1, 0x3) close_range$auto(0x0, r4, 0x4000000000002) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r10 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x0, 0x0) landlock_add_rule$auto(r10, 0x2, 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x2, 0x5aa, 0x5, 0x5, 0x6, 0x10000, 0x1, 0xa, 0x8, 0x6, 0x9, 0x200015, 0x4, 0x1ff, 0x2, 0x8, 0x10000, 0xfffffffe, 0x6, 0xfffffffe, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, [0x80, 0x0, 0x4, 0x400000000, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x100]}, 0x6, 0x1000000) 676.182768ms ago: executing program 4 (id=6691): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rt6_stats\x00', 0x141502, 0x0) mprotect$auto(0x200000000000, 0x806122, 0xc) sched_setscheduler$auto(0x0, 0x5, &(0x7f0000000040)={0x2}) ioprio_set$auto(0x2, 0x800000000, 0x8) r0 = openat$auto_clk_dump_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/clk/clk_dump\x00', 0x20000, 0x0) read$auto_clk_dump_fops_(r0, &(0x7f00000005c0)=""/4096, 0x1000) 526.50132ms ago: executing program 4 (id=6692): mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) r1 = socket(0xa, 0x5, 0x84) sendto$auto(r1, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c) openat$auto_autofs_root_operations_autofs_i(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bluetooth/hci4/power\x00', 0x80000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x39, 0x2, 0x3) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) io_uring_setup$auto(0x59, 0x0) getpid() unshare$auto(0x40000080) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd) fanotify_init$auto(0x65, 0x2) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) 0s ago: executing program 1 (id=6693): openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002180)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0) sendfile$auto(r1, r1, 0x0, 0x7fffe000) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) socket(0xa, 0x801, 0x84) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f00000006c0)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00", @raw=0x4}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x8, 0x5266e334, 0x9}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, &(0x7f0000000080)={{@raw=0x1002, 0x6, 0xa, 0x7, "26d718b7d3ee69350e4ede7079dcb0c24c8aa1e3c7ee2e00308b8a7d74b0a707f7045e6d035b196ca83379bb"}, 0x7, 0xfffffffc, 0x82, @inferred, @enumerated={0x0, 0x6, "ad75b255b5cdd64a6b7a755de55f8e3b81e6c4e6fbf4f15a5ca5dc29f056113e9b60cd7bd82081ec90b01a6c1ae79b9fd0930da366e011ae30c0a636577776a6", 0x2003, 0xcac}, "18a801006a0900000000000000c4bd5359eeadc8357752b72fa176254d8797cdffd02555ac83a07983eeddcd24b626f54ad9d763dcdc9120af8b7c848ceb55a7"}) r3 = socket(0x10, 0x2, 0x0) r4 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55) setreuid$auto(0xee01, 0x0) keyctl$auto(0x0, 0xfffff7ffffffffff, 0x0, 0x0, 0xd564) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0xffffffffffffffff, 0x4b49, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00', @ANYRES32, @ANYBLOB="278660e629b3448c980338ff0a46827b070d5754919ec8a07afef6a3c6df78848f4688abf6597df547e6e78b3986d0f1b02b0d024c96fee72fc3645af5d2a5e22ae7cd90f7958ff325223b206ac0c3760806b3d610c373ba042a72ba914357", @ANYRESDEC=r4, @ANYRES32], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/algorithm_params\x00', 0xa001, 0x0) write$auto(r5, &(0x7f0000000540)='\"\x81=\"\xad\xff\x8d\xf9;\x18\xa4\xb0\xb4\xd9\x82=\xe1P~\x17\xfb&L\xeb=j\a\xf1y\xb3\"', 0x4) fcntl$auto(0x3, 0x4, 0xa553) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000001700)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189082, 0x0) msync$auto(0x2, 0x3, 0x1000) getrlimit$auto(0x8000, &(0x7f00000001c0)={0x4, 0x200}) sysfs$auto(0x6, 0x7, 0xffffffff) r6 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) r7 = epoll_create$auto(0x8800001) epoll_ctl$auto(r7, 0x1, r6, 0x0) ioctl$auto_RTC_PARAM_SET(r7, 0x40187014, &(0x7f0000000000)={0x100000000, @uvalue=0x64f, 0x5}) kernel console output (not intermixed with test programs): ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1839.272268][ T2320] ? hook_file_ioctl_common+0x146/0x410 [ 1839.272325][ T2320] security_file_ioctl+0xd3/0x230 [ 1839.272364][ T2320] __x64_sys_ioctl+0xb7/0x210 [ 1839.272411][ T2320] do_syscall_64+0x106/0xf80 [ 1839.272440][ T2320] ? clear_bhb_loop+0x40/0x90 [ 1839.272477][ T2320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1839.272508][ T2320] RIP: 0033:0x7f7e8fb9c819 [ 1839.272534][ T2320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1839.272563][ T2320] RSP: 002b:00007f7e90ab3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1839.272592][ T2320] RAX: ffffffffffffffda RBX: 00007f7e8fe15fa0 RCX: 00007f7e8fb9c819 [ 1839.272611][ T2320] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002 [ 1839.272629][ T2320] RBP: 00007f7e90ab3090 R08: 0000000000000000 R09: 0000000000000000 [ 1839.272647][ T2320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1839.272664][ T2320] R13: 00007f7e8fe16038 R14: 00007f7e8fe15fa0 R15: 00007ffce11cf2f8 [ 1839.272706][ T2320] [ 1839.273775][ T2320] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1839.750274][ T2300] kexec: Could not allocate control_code_buffer [ 1842.702117][ T30] audit: type=1800 audit(4294967607.554:152): pid=2359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6230" name="lu_gp_id" dev="configfs" ino=144371 res=0 errno=0 syzkaller syzkaller login: [ 1843.550474][ T30] audit: type=1800 audit(4294967608.394:153): pid=2370 uid=60929 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6234" name="lu_gp_id" dev="configfs" ino=145410 res=0 errno=0 [ 1844.001504][ T2377] lo: entered allmulticast mode [ 1844.002180][ T2377] lo: left allmulticast mode [ 1844.071117][ T2379] warn_alloc: 1 callbacks suppressed [ 1844.071141][ T2379] syz.3.6235: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1844.148182][ T2379] CPU: 0 UID: 0 PID: 2379 Comm: syz.3.6235 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1844.148251][ T2379] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1844.148269][ T2379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1844.148288][ T2379] Call Trace: [ 1844.148298][ T2379] [ 1844.148311][ T2379] dump_stack_lvl+0x100/0x190 [ 1844.148364][ T2379] warn_alloc.cold+0x95/0x1c1 [ 1844.148419][ T2379] ? __pfx_warn_alloc+0x10/0x10 [ 1844.148471][ T2379] ? __lock_acquire+0x4a5/0x2630 [ 1844.148532][ T2379] __vmalloc_node_range_noprof+0x1252/0x1530 [ 1844.148578][ T2379] ? rcu_is_watching+0x12/0xc0 [ 1844.148634][ T2379] ? trace_contention_end+0x140/0x180 [ 1844.148680][ T2379] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 1844.148723][ T2379] ? dvb_dvr_do_ioctl+0x7e/0x270 [ 1844.148759][ T2379] ? tomoyo_path_number_perm+0x28f/0x580 [ 1844.148798][ T2379] ? tomoyo_path_number_perm+0x28f/0x580 [ 1844.148840][ T2379] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1844.148879][ T2379] ? __pfx___mutex_lock+0x10/0x10 [ 1844.148922][ T2379] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1844.148960][ T2379] ? futex_wait+0x125/0x380 [ 1844.149013][ T2379] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 1844.149050][ T2379] __vmalloc_node_noprof+0xad/0xf0 [ 1844.149091][ T2379] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 1844.149132][ T2379] dvb_dvr_do_ioctl+0x15d/0x270 [ 1844.149173][ T2379] dvb_usercopy+0x167/0x340 [ 1844.149210][ T2379] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 1844.149247][ T2379] ? __pfx_dvb_usercopy+0x10/0x10 [ 1844.149296][ T2379] ? __fget_files+0x21f/0x3d0 [ 1844.149333][ T2379] dvb_dvr_ioctl+0x29/0x40 [ 1844.149365][ T2379] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 1844.149397][ T2379] __x64_sys_ioctl+0x18e/0x210 [ 1844.149443][ T2379] do_syscall_64+0x106/0xf80 [ 1844.149472][ T2379] ? clear_bhb_loop+0x40/0x90 [ 1844.149507][ T2379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1844.149535][ T2379] RIP: 0033:0x7f09fb39c819 [ 1844.149563][ T2379] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1844.149593][ T2379] RSP: 002b:00007f09fc293028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1844.149631][ T2379] RAX: ffffffffffffffda RBX: 00007f09fb616180 RCX: 00007f09fb39c819 [ 1844.149653][ T2379] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 1844.149673][ T2379] RBP: 00007f09fb432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1844.149692][ T2379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1844.149711][ T2379] R13: 00007f09fb616218 R14: 00007f09fb616180 R15: 00007ffcfa7c48e8 [ 1844.149756][ T2379] [ 1844.421394][ T2379] Mem-Info: [ 1844.452003][ T2379] active_anon:33473 inactive_anon:64 isolated_anon:0 [ 1844.452003][ T2379] active_file:8833 inactive_file:55033 isolated_file:0 [ 1844.452003][ T2379] unevictable:1775 dirty:8619 writeback:0 [ 1844.452003][ T2379] slab_reclaimable:13827 slab_unreclaimable:97972 [ 1844.452003][ T2379] mapped:32242 shmem:14986 pagetables:1355 [ 1844.452003][ T2379] sec_pagetables:0 bounce:0 [ 1844.452003][ T2379] kernel_misc_reclaimable:0 [ 1844.452003][ T2379] free:1282144 free_pcp:13154 free_cma:0 [ 1844.527314][ T2379] Node 0 active_anon:127592kB inactive_anon:256kB active_file:35732kB inactive_file:219840kB unevictable:5496kB isolated(anon):0kB isolated(file):0kB mapped:120780kB dirty:34472kB writeback:0kB shmem:52208kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12280kB pagetables:5312kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1844.630396][ T2379] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:292kB unevictable:1604kB isolated(anon):0kB isolated(file):0kB mapped:88kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:108kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1844.681363][ T2379] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1844.713082][ T2379] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 1844.719748][ T2379] Node 0 DMA32 free:1209104kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:106192kB inactive_anon:256kB active_file:35832kB inactive_file:219840kB unevictable:5496kB writepending:34472kB zspages:20kB present:3129332kB managed:2537264kB mlocked:3960kB bounce:0kB free_pcp:42028kB local_pcp:32984kB free_cma:0kB [ 1844.756905][ T2379] lowmem_reserve[]: 0 0 1 1 1 [ 1844.767223][ T2379] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1052kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:24kB free_cma:0kB [ 1844.851924][ T2379] lowmem_reserve[]: 0 0 0 0 0 [ 1844.857654][ T2379] Node 1 Normal free:3930468kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:352kB unevictable:1544kB writepending:8kB zspages:0kB present:4194300kB managed:4111100kB mlocked:8kB bounce:0kB free_pcp:11228kB local_pcp:10980kB free_cma:0kB [ 1844.912610][ T2379] lowmem_reserve[]: 0 0 0 0 0 [ 1844.917575][ T2379] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1844.936255][ T2379] Node 0 DMA32: 8240*4kB (UME) 9835*8kB (UME) 6116*16kB (UME) 1409*32kB (UME) 721*64kB (UME) 899*128kB (UM) 612*256kB (UM) 380*512kB (UM) 289*1024kB (UME) 39*2048kB (UME) 17*4096kB (M) = 1212472kB [ 1845.010369][ T2379] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 1845.089741][ T2379] Node 1 Normal: 15*4kB (UM) 15*8kB (UM) 11*16kB (UM) 14*32kB (UM) 7*64kB (UM) 5*128kB (UM) 6*256kB (UM) 6*512kB (UM) 4*1024kB (UM) 2*2048kB (UM) 956*4096kB (UM) = 3930468kB [ 1845.111788][ T2379] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1845.128081][ T2379] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 1845.141820][ T2379] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1845.154593][ T2379] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1845.182125][ T2379] 66068 total pagecache pages [ 1845.187307][ T2379] 7 pages in swap cache [ 1845.197451][ T2379] Free swap = 124996kB [ 1845.209448][ T2379] Total swap = 124996kB [ 1845.236055][ T2379] 2097051 pages RAM [ 1845.246357][ T2379] 0 pages HighMem/MovableOnly [ 1845.251453][ T2379] 430857 pages reserved [ 1845.260327][ T2379] 0 pages cma reserved [ 1845.496963][ T2392] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1845.520244][T30843] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 1845.762268][ T2404] FAULT_INJECTION: forcing a failure. [ 1845.762268][ T2404] name failslab, interval 1, probability 0, space 0, times 0 [ 1845.778616][ T2404] CPU: 0 UID: 0 PID: 2404 Comm: syz.4.6243 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1845.778686][ T2404] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1845.778702][ T2404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1845.778719][ T2404] Call Trace: [ 1845.778730][ T2404] [ 1845.778742][ T2404] dump_stack_lvl+0x100/0x190 [ 1845.778793][ T2404] should_fail_ex.cold+0x5/0xa [ 1845.778831][ T2404] should_failslab+0xc2/0x120 [ 1845.778868][ T2404] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1845.778913][ T2404] ? io_uring_alloc_task_context+0xa7/0x54b [ 1845.778973][ T2404] io_uring_alloc_task_context+0xa7/0x54b [ 1845.779022][ T2404] ? file_init_path+0x48e/0x670 [ 1845.779063][ T2404] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 1845.779115][ T2404] ? alloc_file_pseudo+0x1a5/0x230 [ 1845.779163][ T2404] __io_uring_add_tctx_node.cold+0x10/0x195 [ 1845.779213][ T2404] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 1845.779256][ T2404] ? __anon_inode_getfile+0x17c/0x280 [ 1845.779300][ T2404] io_uring_setup.cold+0x1a83/0x1d79 [ 1845.779352][ T2404] ? __pfx_io_uring_setup+0x10/0x10 [ 1845.779402][ T2404] ? __pfx_do_futex+0x10/0x10 [ 1845.779461][ T2404] ? xfd_validate_state+0x129/0x190 [ 1845.779513][ T2404] __x64_sys_io_uring_setup+0xc2/0x170 [ 1845.779567][ T2404] do_syscall_64+0x106/0xf80 [ 1845.779598][ T2404] ? clear_bhb_loop+0x40/0x90 [ 1845.779635][ T2404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1845.779666][ T2404] RIP: 0033:0x7f519e39c819 [ 1845.779692][ T2404] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1845.779722][ T2404] RSP: 002b:00007f519c5ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1845.779751][ T2404] RAX: ffffffffffffffda RBX: 00007f519e615fa0 RCX: 00007f519e39c819 [ 1845.779772][ T2404] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1845.779790][ T2404] RBP: 00007f519e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1845.779807][ T2404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1845.779824][ T2404] R13: 00007f519e616038 R14: 00007f519e615fa0 R15: 00007ffee69e59c8 [ 1845.779863][ T2404] [ 1846.565620][ T2404] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1846.574200][ T2404] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1846.580396][ T2404] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1846.623715][ T2404] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1847.220473][ T2431] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1847.309269][ T2435] HfR: entered promiscuous mode [ 1847.319075][ T2437] nbd: illegal input index 37139 [ 1847.348028][ T30] audit: type=1800 audit(4294967612.202:154): pid=2426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6247" name="lu_gp_id" dev="configfs" ino=144669 res=0 errno=0 [ 1847.388044][ T2435] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6249'. [ 1847.409770][ T2435] HfR: left promiscuous mode [ 1847.515348][ T2447] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6250'. [ 1847.921966][ T2455] nbd: illegal input index 37139 [ 1848.078356][ T2464] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6253'. [ 1848.126294][ T2466] vivid-007: ================= START STATUS ================= [ 1848.143956][ T2466] vivid-007: Generate PTS: true [ 1848.170728][ T2466] vivid-007: Generate SCR: true [ 1848.183647][ T2466] tpg source WxH: 320x240 (Y'CbCr) [ 1848.195601][T21897] Bluetooth: hci3: command 0x0c1a tx timeout [ 1848.200222][ T2466] tpg field: 1 [ 1848.211946][ T2466] tpg crop: (0,0)/320x240 [ 1848.243955][ T2466] tpg compose: (0,0)/320x240 [ 1848.248849][ T2466] tpg colorspace: 8 [ 1848.270119][ T2466] tpg transfer function: 0/0 [ 1848.276057][ T2466] tpg Y'CbCr encoding: 0/0 [ 1848.280569][ T2466] tpg quantization: 0/0 [ 1848.285075][ T2466] tpg RGB range: 0/2 [ 1848.289203][ T2466] vivid-007: ================== END STATUS ================== [ 1848.597227][T21897] Bluetooth: hci4: command 0x0c1a tx timeout [ 1848.597311][T30843] Bluetooth: hci0: command 0x0c1a tx timeout [ 1848.713959][T30843] Bluetooth: hci1: command 0x0c1a tx timeout [ 1849.993347][T30843] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 1850.094274][ T2511] HfR: entered promiscuous mode [ 1850.181230][ T2511] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6264'. [ 1850.190678][ T2511] HfR: left promiscuous mode [ 1850.232714][ T2515] vivid-007: ================= START STATUS ================= [ 1850.261496][ T2515] vivid-007: Generate PTS: true [ 1850.292350][ T2515] vivid-007: Generate SCR: true [ 1850.320710][ T2515] tpg source WxH: 320x240 (Y'CbCr) [ 1850.342093][ T2515] tpg field: 1 [ 1850.356121][ T2515] tpg crop: (0,0)/320x240 [ 1850.378603][ T2515] tpg compose: (0,0)/320x240 [ 1850.398061][ T2515] tpg colorspace: 8 [ 1850.414565][ T2515] tpg transfer function: 0/0 [ 1850.426141][ T2515] tpg Y'CbCr encoding: 0/0 [ 1850.439489][ T2515] tpg quantization: 0/0 [ 1850.473126][ T2515] tpg RGB range: 0/2 [ 1850.480448][ T2515] vivid-007: ================== END STATUS ================== [ 1850.995168][ T2523] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1851.527783][ T2532] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1851.793238][ T2546] nbd: illegal input index 37139 [ 1852.027017][ T2549] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6270'. [ 1852.568250][ T2561] FAULT_INJECTION: forcing a failure. [ 1852.568250][ T2561] name failslab, interval 1, probability 0, space 0, times 0 [ 1852.585848][ T2561] CPU: 0 UID: 0 PID: 2561 Comm: syz.3.6273 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1852.585916][ T2561] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1852.585933][ T2561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1852.585951][ T2561] Call Trace: [ 1852.585962][ T2561] [ 1852.585975][ T2561] dump_stack_lvl+0x100/0x190 [ 1852.586029][ T2561] should_fail_ex.cold+0x5/0xa [ 1852.586070][ T2561] should_failslab+0xc2/0x120 [ 1852.586106][ T2561] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1852.586154][ T2561] ? __proc_create+0x2cb/0x8c0 [ 1852.586195][ T2561] __proc_create+0x2cb/0x8c0 [ 1852.586228][ T2561] ? __pfx___proc_create+0x10/0x10 [ 1852.586265][ T2561] ? _raw_write_unlock+0x28/0x50 [ 1852.586296][ T2561] ? proc_register+0x559/0x8a0 [ 1852.586334][ T2561] proc_create_reg+0x75/0x170 [ 1852.586371][ T2561] proc_create_net_data+0x8e/0x1c0 [ 1852.586407][ T2561] ? __pfx_proc_create_net_data+0x10/0x10 [ 1852.586441][ T2561] ? __pfx_proc_create_net_data+0x10/0x10 [ 1852.586472][ T2561] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1852.586517][ T2561] ? __pfx_dev_proc_net_init+0x10/0x10 [ 1852.586563][ T2561] dev_proc_net_init+0x100/0x230 [ 1852.586610][ T2561] ops_init+0x1e2/0x5f0 [ 1852.586646][ T2561] setup_net+0x118/0x3a0 [ 1852.586680][ T2561] ? __pfx_setup_net+0x10/0x10 [ 1852.586707][ T2561] ? lockdep_init_map_type+0x5c/0x250 [ 1852.586754][ T2561] ? mutex_init_lockep+0x110/0x150 [ 1852.586799][ T2561] copy_net_ns+0x46f/0x7c0 [ 1852.586836][ T2561] create_new_namespaces+0x3ea/0xac0 [ 1852.586879][ T2561] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1852.586917][ T2561] ksys_unshare+0x473/0xad0 [ 1852.586960][ T2561] ? __pfx_ksys_unshare+0x10/0x10 [ 1852.587016][ T2561] __x64_sys_unshare+0x31/0x40 [ 1852.587055][ T2561] do_syscall_64+0x106/0xf80 [ 1852.587086][ T2561] ? clear_bhb_loop+0x40/0x90 [ 1852.587124][ T2561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1852.587156][ T2561] RIP: 0033:0x7f09fb39c819 [ 1852.587185][ T2561] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1852.587214][ T2561] RSP: 002b:00007f09fc2d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1852.587245][ T2561] RAX: ffffffffffffffda RBX: 00007f09fb615fa0 RCX: 00007f09fb39c819 [ 1852.587266][ T2561] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1852.587286][ T2561] RBP: 00007f09fb432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1852.587306][ T2561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1852.587326][ T2561] R13: 00007f09fb616038 R14: 00007f09fb615fa0 R15: 00007ffcfa7c48e8 [ 1852.587370][ T2561] [ 1852.940212][ T2564] FAULT_INJECTION: forcing a failure. [ 1852.940212][ T2564] name failslab, interval 1, probability 0, space 0, times 0 [ 1852.953273][ T2564] CPU: 0 UID: 0 PID: 2564 Comm: syz.4.6274 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1852.953342][ T2564] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1852.953358][ T2564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1852.953375][ T2564] Call Trace: [ 1852.953386][ T2564] [ 1852.953396][ T2564] dump_stack_lvl+0x100/0x190 [ 1852.953438][ T2564] should_fail_ex.cold+0x5/0xa [ 1852.953467][ T2564] should_failslab+0xc2/0x120 [ 1852.953496][ T2564] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1852.953533][ T2564] ? alloc_empty_file+0x55/0x1c0 [ 1852.953571][ T2564] alloc_empty_file+0x55/0x1c0 [ 1852.953604][ T2564] alloc_file_pseudo+0x13a/0x230 [ 1852.953638][ T2564] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1852.953670][ T2564] ? security_inode_init_security_anon+0x7b/0x230 [ 1852.953706][ T2564] __anon_inode_getfile+0xe8/0x280 [ 1852.953735][ T2564] ? _copy_to_user+0xaf/0xd0 [ 1852.953767][ T2564] io_uring_setup.cold+0x1a41/0x1d79 [ 1852.953808][ T2564] ? __pfx_io_uring_setup+0x10/0x10 [ 1852.953857][ T2564] ? __pfx_do_futex+0x10/0x10 [ 1852.953905][ T2564] ? xfd_validate_state+0x129/0x190 [ 1852.953948][ T2564] __x64_sys_io_uring_setup+0xc2/0x170 [ 1852.953985][ T2564] do_syscall_64+0x106/0xf80 [ 1852.954009][ T2564] ? clear_bhb_loop+0x40/0x90 [ 1852.954038][ T2564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1852.954063][ T2564] RIP: 0033:0x7f519e39c819 [ 1852.954085][ T2564] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1852.954107][ T2564] RSP: 002b:00007f519c5ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1852.954133][ T2564] RAX: ffffffffffffffda RBX: 00007f519e615fa0 RCX: 00007f519e39c819 [ 1852.954150][ T2564] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1852.954165][ T2564] RBP: 00007f519e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1852.954181][ T2564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1852.954195][ T2564] R13: 00007f519e616038 R14: 00007f519e615fa0 R15: 00007ffee69e59c8 [ 1852.954226][ T2564] [ 1853.314451][ T2562] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1853.320740][ T2562] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1853.327246][ T2562] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1853.334447][ T2562] Bluetooth: hci1: Opcode 0x0c1a failed: -4 syzkaller syzkaller login: [ 1853.695869][ T2575] HfR: entered promiscuous mode [ 1853.711990][ T2575] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6276'. [ 1853.723019][ T2575] HfR: left promiscuous mode [ 1854.123577][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1854.130323][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1854.699748][ T2602] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1855.032379][ T2609] nbd: illegal input index 37139 [ 1855.335588][ T2613] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6284'. [ 1855.404006][T21897] Bluetooth: hci1: command 0x0c1a tx timeout [ 1855.410994][T30843] Bluetooth: hci4: command 0x0c1a tx timeout [ 1855.417272][T30843] Bluetooth: hci0: command 0x0c1a tx timeout [ 1855.418805][T28085] Bluetooth: hci3: command 0x0c1a tx timeout [ 1855.732595][ T2632] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1856.095067][ T2644] FAULT_INJECTION: forcing a failure. [ 1856.095067][ T2644] name failslab, interval 1, probability 0, space 0, times 0 syzkaller syzkaller login: [ 1856.149390][ T2644] CPU: 1 UID: 0 PID: 2644 Comm: syz.1.6291 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1856.149466][ T2644] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1856.149485][ T2644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1856.149503][ T2644] Call Trace: [ 1856.149514][ T2644] [ 1856.149527][ T2644] dump_stack_lvl+0x100/0x190 [ 1856.149580][ T2644] should_fail_ex.cold+0x5/0xa [ 1856.149616][ T2644] should_failslab+0xc2/0x120 [ 1856.149652][ T2644] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1856.149692][ T2644] ? __io_uring_add_tctx_node+0x16f/0x3b0 [ 1856.149725][ T2644] ? alloc_file_pseudo+0x1a5/0x230 [ 1856.149773][ T2644] __io_uring_add_tctx_node+0x16f/0x3b0 [ 1856.149810][ T2644] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 1856.149849][ T2644] ? __anon_inode_getfile+0x17c/0x280 [ 1856.149891][ T2644] io_uring_setup.cold+0x1a83/0x1d79 [ 1856.149946][ T2644] ? __pfx_io_uring_setup+0x10/0x10 [ 1856.149999][ T2644] ? __pfx_do_futex+0x10/0x10 [ 1856.150059][ T2644] ? xfd_validate_state+0x129/0x190 [ 1856.150115][ T2644] __x64_sys_io_uring_setup+0xc2/0x170 [ 1856.150165][ T2644] do_syscall_64+0x106/0xf80 [ 1856.150195][ T2644] ? clear_bhb_loop+0x40/0x90 [ 1856.150233][ T2644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1856.150264][ T2644] RIP: 0033:0x7f7e8fb9c819 [ 1856.150292][ T2644] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1856.150323][ T2644] RSP: 002b:00007f7e90ab3028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1856.150354][ T2644] RAX: ffffffffffffffda RBX: 00007f7e8fe15fa0 RCX: 00007f7e8fb9c819 [ 1856.150374][ T2644] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1856.150392][ T2644] RBP: 00007f7e8fc32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1856.150410][ T2644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1856.150504][ T2644] R13: 00007f7e8fe16038 R14: 00007f7e8fe15fa0 R15: 00007ffce11cf2f8 [ 1856.150547][ T2644] [ 1857.138162][ T2644] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1857.157175][ T2644] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1857.211619][ T2644] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1857.241426][ T2644] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1857.295241][ T30] audit: type=1800 audit(4294967622.127:155): pid=2663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6295" name="lu_gp_id" dev="configfs" ino=145037 res=0 errno=0 [ 1857.385433][ T2675] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1857.615017][ T2679] nbd: illegal input index 37139 [ 1857.748670][ T30] audit: type=1800 audit(4294967622.557:156): pid=2677 uid=60929 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6300" name="lu_gp_id" dev="configfs" ino=146211 res=0 errno=0 [ 1857.858886][ T2681] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1857.871910][ T2692] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6298'. [ 1858.438980][T28085] Bluetooth: hci3: command 0x0c1a tx timeout syzkaller syzkaller login: [ 1858.694151][ T2715] nbd: illegal input index 37139 [ 1858.944537][ T2728] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6306'. [ 1859.159277][T28085] Bluetooth: hci0: command 0x0c1a tx timeout [ 1859.226147][ T30] audit: type=1800 audit(4294967624.066:157): pid=2735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6310" name="lu_gp_id" dev="configfs" ino=146302 res=0 errno=0 [ 1859.249204][T28085] Bluetooth: hci4: command 0x0c1a tx timeout [ 1859.319245][T28085] Bluetooth: hci1: command 0x0c1a tx timeout [ 1859.816696][ T30] audit: type=1800 audit(4294967624.656:158): pid=2742 uid=60929 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6312" name="lu_gp_id" dev="configfs" ino=145217 res=0 errno=0 [ 1859.861665][ T2747] HfR: entered promiscuous mode [ 1859.872608][ T2747] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6314'. [ 1859.882792][ T2747] HfR: left promiscuous mode [ 1860.236719][ T2758] nbd: illegal input index 37139 [ 1860.383747][ T2767] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6315'. [ 1861.249284][T28085] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1861.545704][ T2786] bond0: invalid ARP target specified [ 1862.517257][ T2808] HfR: entered promiscuous mode [ 1862.540458][ T2808] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6327'. [ 1862.550913][ T2808] HfR: left promiscuous mode [ 1862.589873][ T2814] nbd: illegal input index 37139 [ 1862.745604][ T2823] nbd: illegal input index 37139 [ 1862.788209][ T2825] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6328'. [ 1862.922051][ T2833] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6329'. syzkaller syzkaller login: [ 1863.249300][T28085] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 1863.686672][ T30] audit: type=1800 audit(4294967628.534:159): pid=2856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6332" name="lu_gp_id" dev="configfs" ino=145370 res=0 errno=0 [ 1864.166922][ T2867] FAULT_INJECTION: forcing a failure. [ 1864.166922][ T2867] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1864.185705][ T2867] CPU: 0 UID: 0 PID: 2867 Comm: syz.0.6335 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1864.185768][ T2867] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1864.185784][ T2867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1864.185801][ T2867] Call Trace: [ 1864.185813][ T2867] [ 1864.185825][ T2867] dump_stack_lvl+0x100/0x190 [ 1864.185879][ T2867] should_fail_ex.cold+0x5/0xa [ 1864.185910][ T2867] ? prepare_alloc_pages+0x16d/0x5f0 [ 1864.185951][ T2867] should_fail_alloc_page+0xeb/0x140 [ 1864.185987][ T2867] prepare_alloc_pages+0x1f0/0x5f0 [ 1864.186034][ T2867] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1864.186101][ T2867] ? rcu_is_watching+0x12/0xc0 [ 1864.186152][ T2867] ? trace_mm_page_alloc+0x17a/0x1d0 [ 1864.186247][ T2867] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 1864.186304][ T2867] ? kernel_text_address+0xd1/0x100 [ 1864.186352][ T2867] ? unwind_get_return_address+0x59/0xa0 [ 1864.186388][ T2867] ? arch_stack_walk+0xa6/0xf0 [ 1864.186420][ T2867] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1864.186475][ T2867] ? stack_depot_save_flags+0x27/0x9d0 [ 1864.186518][ T2867] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1864.186562][ T2867] ? pcpu_get_vm_areas+0x520/0x55d0 [ 1864.186590][ T2867] ? pcpu_create_chunk+0x254/0x730 [ 1864.186644][ T2867] ? pcpu_create_chunk+0x254/0x730 [ 1864.186725][ T2867] ? pcpu_alloc_noprof+0x18c4/0x1c50 [ 1864.186780][ T2867] alloc_pages_bulk_noprof+0x782/0x1490 [ 1864.186849][ T2867] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1864.186916][ T2867] ? alloc_pages_noprof+0x238/0x390 [ 1864.186957][ T2867] __kasan_populate_vmalloc+0xf0/0x210 [ 1864.187017][ T2867] pcpu_get_vm_areas+0x2df1/0x55d0 [ 1864.187087][ T2867] ? __pfx_pcpu_get_vm_areas+0x10/0x10 [ 1864.187135][ T2867] pcpu_create_chunk+0x254/0x730 [ 1864.187180][ T2867] pcpu_alloc_noprof+0x18c4/0x1c50 [ 1864.187241][ T2867] bpf_map_alloc_percpu+0x9a/0xf0 [ 1864.187266][ T2867] ? __pfx_bpf_map_alloc_percpu+0x10/0x10 [ 1864.187288][ T2867] ? __pfx___might_resched+0x10/0x10 [ 1864.187317][ T2867] ? __bpf_map_area_alloc+0x13a/0x200 [ 1864.187346][ T2867] htab_map_alloc+0x1054/0x14e0 [ 1864.187370][ T2867] ? ns_capable+0xd2/0xf0 [ 1864.187391][ T2867] ? __pfx_htab_map_mem_usage+0x10/0x10 [ 1864.187411][ T2867] map_create+0x84e/0x2ba0 [ 1864.187431][ T2867] ? futex_unqueue+0x13d/0x2c0 [ 1864.187457][ T2867] ? __futex_wait+0x256/0x300 [ 1864.187502][ T2867] ? __pfx_map_create+0x10/0x10 [ 1864.187522][ T2867] ? __might_fault+0xc5/0x140 [ 1864.187551][ T2867] ? __might_fault+0xc5/0x140 [ 1864.187588][ T2867] __sys_bpf+0x2091/0x4b90 [ 1864.187614][ T2867] ? __pfx___sys_bpf+0x10/0x10 [ 1864.187638][ T2867] ? __pfx_futex_wait+0x10/0x10 [ 1864.187690][ T2867] ? do_writev+0x214/0x340 [ 1864.187714][ T2867] ? do_futex+0x192/0x350 [ 1864.187756][ T2867] ? __pfx___x64_sys_futex+0x10/0x10 [ 1864.187784][ T2867] ? __pfx_do_writev+0x10/0x10 [ 1864.187806][ T2867] __x64_sys_bpf+0x7b/0xc0 [ 1864.187830][ T2867] ? lockdep_hardirqs_on+0x78/0x100 [ 1864.187851][ T2867] do_syscall_64+0x106/0xf80 [ 1864.187871][ T2867] ? clear_bhb_loop+0x40/0x90 [ 1864.187894][ T2867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1864.187915][ T2867] RIP: 0033:0x7f703039c819 [ 1864.187935][ T2867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1864.187955][ T2867] RSP: 002b:00007f70311f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1864.187973][ T2867] RAX: ffffffffffffffda RBX: 00007f7030616180 RCX: 00007f703039c819 [ 1864.187986][ T2867] RDX: 00000000000000a3 RSI: 0000200000000780 RDI: 0000000000000000 [ 1864.187997][ T2867] RBP: 00007f7030432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1864.188008][ T2867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1864.188020][ T2867] R13: 00007f7030616218 R14: 00007f7030616180 R15: 00007fffbe68fe98 [ 1864.188045][ T2867] [ 1865.506179][ T2879] can: request_module (can-proto-0) failed. [ 1865.696120][T28085] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1865.940244][ T2888] nbd: illegal input index 37139 [ 1866.079761][ T2885] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1866.104901][ T2892] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6340'. [ 1866.850932][ T2898] FAULT_INJECTION: forcing a failure. [ 1866.850932][ T2898] name failslab, interval 1, probability 0, space 0, times 0 [ 1866.865769][ T2898] CPU: 0 UID: 0 PID: 2898 Comm: syz.1.6338 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1866.865843][ T2898] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1866.865860][ T2898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1866.865879][ T2898] Call Trace: [ 1866.865890][ T2898] [ 1866.865903][ T2898] dump_stack_lvl+0x100/0x190 [ 1866.865956][ T2898] should_fail_ex.cold+0x5/0xa [ 1866.865996][ T2898] should_failslab+0xc2/0x120 [ 1866.866030][ T2898] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1866.866073][ T2898] ? __anon_vma_prepare+0xae/0x5e0 [ 1866.866112][ T2898] __anon_vma_prepare+0xae/0x5e0 [ 1866.866138][ T2898] ? __pfx___pte_alloc+0x10/0x10 [ 1866.866161][ T2898] __vmf_anon_prepare+0x11f/0x250 [ 1866.866185][ T2898] do_anonymous_page+0x552/0x1fb0 [ 1866.866223][ T2898] __handle_mm_fault+0x1d48/0x2b60 [ 1866.866253][ T2898] ? mt_find+0x45e/0x8e0 [ 1866.866276][ T2898] ? __pfx___handle_mm_fault+0x10/0x10 [ 1866.866301][ T2898] ? __pfx_mt_find+0x10/0x10 [ 1866.866350][ T2898] handle_mm_fault+0x36d/0xa20 [ 1866.866381][ T2898] __get_user_pages+0xf9c/0x34d0 [ 1866.866411][ T2898] ? __pfx___get_user_pages+0x10/0x10 [ 1866.866440][ T2898] populate_vma_page_range+0x267/0x3f0 [ 1866.866467][ T2898] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1866.866490][ T2898] ? __pfx_find_vma_intersection+0x10/0x10 [ 1866.866519][ T2898] __mm_populate+0x107/0x3a0 [ 1866.866544][ T2898] ? __pfx___mm_populate+0x10/0x10 [ 1866.866570][ T2898] ? up_write+0x290/0x4f0 [ 1866.866601][ T2898] vm_mmap_pgoff+0x37f/0x470 [ 1866.866626][ T2898] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1866.866651][ T2898] ? do_futex+0x192/0x350 [ 1866.866676][ T2898] ? __pfx_do_futex+0x10/0x10 [ 1866.866704][ T2898] ksys_mmap_pgoff+0xe1/0x650 [ 1866.866726][ T2898] ? __x64_sys_futex+0x34f/0x4d0 [ 1866.866753][ T2898] ? __x64_sys_futex+0x358/0x4d0 [ 1866.866783][ T2898] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1866.866804][ T2898] ? xfd_validate_state+0x129/0x190 [ 1866.866839][ T2898] __x64_sys_mmap+0x125/0x190 [ 1866.866870][ T2898] do_syscall_64+0x106/0xf80 [ 1866.866889][ T2898] ? clear_bhb_loop+0x40/0x90 [ 1866.866912][ T2898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1866.866931][ T2898] RIP: 0033:0x7f7e8fb9c819 [ 1866.866949][ T2898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1866.866972][ T2898] RSP: 002b:00007f7e90a71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1866.866993][ T2898] RAX: ffffffffffffffda RBX: 00007f7e8fe16180 RCX: 00007f7e8fb9c819 [ 1866.867005][ T2898] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 1866.867016][ T2898] RBP: 00007f7e8fc32c91 R08: 0000000000000007 R09: 0000000000028000 [ 1866.867027][ T2898] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1866.867038][ T2898] R13: 00007f7e8fe16218 R14: 00007f7e8fe16180 R15: 00007ffce11cf2f8 [ 1866.867061][ T2898] [ 1867.829217][T28085] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1868.109906][ T2919] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 1868.269839][ T2930] FAULT_INJECTION: forcing a failure. [ 1868.269839][ T2930] name failslab, interval 1, probability 0, space 0, times 0 [ 1868.332183][ T2930] CPU: 0 UID: 0 PID: 2930 Comm: syz.0.6348 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1868.332251][ T2930] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1868.332269][ T2930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1868.332285][ T2930] Call Trace: [ 1868.332296][ T2930] [ 1868.332323][ T2930] dump_stack_lvl+0x100/0x190 [ 1868.332374][ T2930] should_fail_ex.cold+0x5/0xa [ 1868.332411][ T2930] should_failslab+0xc2/0x120 [ 1868.332445][ T2930] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1868.332491][ T2930] ? ptlock_alloc+0x1f/0x70 [ 1868.332540][ T2930] ptlock_alloc+0x1f/0x70 [ 1868.332579][ T2930] pte_alloc_one+0x82/0x3d0 [ 1868.332616][ T2930] do_fault+0x88e/0x18e0 [ 1868.332653][ T2930] ? __pmd_alloc+0x3fb/0x950 [ 1868.332696][ T2930] __handle_mm_fault+0x1815/0x2b60 [ 1868.332751][ T2930] ? mt_find+0x45e/0x8e0 [ 1868.332801][ T2930] ? __pfx___handle_mm_fault+0x10/0x10 [ 1868.332844][ T2930] ? __pfx_mt_find+0x10/0x10 [ 1868.332904][ T2930] ? find_vma+0xbf/0x140 [ 1868.332937][ T2930] ? __pfx_find_vma+0x10/0x10 [ 1868.332976][ T2930] handle_mm_fault+0x36d/0xa20 [ 1868.333032][ T2930] do_user_addr_fault+0x74c/0x12f0 [ 1868.333077][ T2930] exc_page_fault+0x6f/0xd0 [ 1868.333111][ T2930] asm_exc_page_fault+0x26/0x30 [ 1868.333143][ T2930] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 1868.333185][ T2930] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 1868.333214][ T2930] RSP: 0018:ffffc90005affe38 EFLAGS: 00050202 [ 1868.333241][ T2930] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000c [ 1868.333259][ T2930] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90005affe90 [ 1868.333278][ T2930] RBP: 000000000000000c R08: 0000000000000001 R09: fffff52000b5ffd3 [ 1868.333296][ T2930] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 1868.333324][ T2930] R13: ffffc90005affe90 R14: 0000000000000001 R15: 00000000ffffffff [ 1868.333366][ T2930] _copy_from_user+0x98/0xd0 [ 1868.333411][ T2930] __x64_sys_epoll_ctl+0x131/0x1e0 [ 1868.333450][ T2930] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 1868.333501][ T2930] do_syscall_64+0x106/0xf80 [ 1868.333534][ T2930] ? clear_bhb_loop+0x40/0x90 [ 1868.333569][ T2930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1868.333597][ T2930] RIP: 0033:0x7f703039c819 [ 1868.333623][ T2930] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1868.333648][ T2930] RSP: 002b:00007f70311f5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 1868.333675][ T2930] RAX: ffffffffffffffda RBX: 00007f7030616180 RCX: 00007f703039c819 [ 1868.333695][ T2930] RDX: ffffffffffffffff RSI: 0000000000000001 RDI: ffffffffffffffff [ 1868.333713][ T2930] RBP: 00007f7030432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1868.333732][ T2930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1868.333750][ T2930] R13: 00007f7030616218 R14: 00007f7030616180 R15: 00007fffbe68fe98 [ 1868.333793][ T2930] [ 1868.703194][ T2935] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1868.910659][ T2940] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input231 [ 1869.499695][ T30] audit: type=1800 audit(4294967634.341:160): pid=2961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6359" name="lu_gp_id" dev="configfs" ino=147622 res=0 errno=0 [ 1869.584645][ T2964] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6361'. [ 1869.728829][ T30] audit: type=1800 audit(4294967634.531:161): pid=2965 uid=60929 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6360" name="lu_gp_id" dev="configfs" ino=146738 res=0 errno=0 syzkaller syzkaller login: [ 1871.889727][ T3003] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6369'. [ 1872.115147][ T3008] FAULT_INJECTION: forcing a failure. [ 1872.115147][ T3008] name failslab, interval 1, probability 0, space 0, times 0 [ 1872.135063][ T3008] CPU: 0 UID: 0 PID: 3008 Comm: syz.1.6372 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1872.135131][ T3008] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1872.135149][ T3008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1872.135167][ T3008] Call Trace: [ 1872.135179][ T3008] [ 1872.135193][ T3008] dump_stack_lvl+0x100/0x190 [ 1872.135246][ T3008] should_fail_ex.cold+0x5/0xa [ 1872.135283][ T3008] should_failslab+0xc2/0x120 [ 1872.135319][ T3008] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1872.135367][ T3008] ? alloc_empty_file+0x55/0x1c0 [ 1872.135416][ T3008] alloc_empty_file+0x55/0x1c0 [ 1872.135459][ T3008] alloc_file_pseudo+0x13a/0x230 [ 1872.135503][ T3008] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1872.135551][ T3008] ? security_inode_init_security_anon+0x7b/0x230 [ 1872.135601][ T3008] __anon_inode_getfile+0xe8/0x280 [ 1872.135641][ T3008] ? _copy_to_user+0xaf/0xd0 [ 1872.135684][ T3008] io_uring_setup.cold+0x1a41/0x1d79 [ 1872.135737][ T3008] ? __pfx_io_uring_setup+0x10/0x10 [ 1872.135790][ T3008] ? __pfx_do_futex+0x10/0x10 [ 1872.135853][ T3008] ? xfd_validate_state+0x129/0x190 [ 1872.135910][ T3008] __x64_sys_io_uring_setup+0xc2/0x170 [ 1872.135959][ T3008] do_syscall_64+0x106/0xf80 [ 1872.135988][ T3008] ? clear_bhb_loop+0x40/0x90 [ 1872.136028][ T3008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1872.136061][ T3008] RIP: 0033:0x7f7e8fb9c819 [ 1872.136089][ T3008] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1872.136118][ T3008] RSP: 002b:00007f7e90ab3028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1872.136147][ T3008] RAX: ffffffffffffffda RBX: 00007f7e8fe15fa0 RCX: 00007f7e8fb9c819 [ 1872.136168][ T3008] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1872.136185][ T3008] RBP: 00007f7e8fc32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1872.136204][ T3008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1872.136222][ T3008] R13: 00007f7e8fe16038 R14: 00007f7e8fe15fa0 R15: 00007ffce11cf2f8 [ 1872.136263][ T3008] [ 1872.460827][ T2998] zswap: compressor not available [ 1872.953632][ T3008] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1872.975978][ T3008] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1872.982586][ T3008] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1872.990462][ T3008] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1873.612239][ T3030] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1874.526835][T28085] Bluetooth: hci3: command 0x0c1a tx timeout [ 1874.782332][ T3052] FAULT_INJECTION: forcing a failure. [ 1874.782332][ T3052] name failslab, interval 1, probability 0, space 0, times 0 [ 1874.816436][ T3052] CPU: 0 UID: 0 PID: 3052 Comm: syz.1.6383 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1874.816494][ T3052] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1874.816505][ T3052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1874.816517][ T3052] Call Trace: [ 1874.816525][ T3052] [ 1874.816533][ T3052] dump_stack_lvl+0x100/0x190 [ 1874.816570][ T3052] should_fail_ex.cold+0x5/0xa [ 1874.816594][ T3052] should_failslab+0xc2/0x120 [ 1874.816617][ T3052] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1874.816647][ T3052] ? mas_alloc_nodes+0x280/0x390 [ 1874.816681][ T3052] mas_alloc_nodes+0x280/0x390 [ 1874.816713][ T3052] mas_preallocate+0x39c/0xf10 [ 1874.816739][ T3052] ? __pfx_mas_preallocate+0x10/0x10 [ 1874.816766][ T3052] ? vm_area_alloc+0x1f/0x160 [ 1874.816795][ T3052] ? lockdep_init_map_type+0x5c/0x250 [ 1874.816842][ T3052] __mmap_region+0x12b5/0x29e0 [ 1874.816892][ T3052] ? __pfx___mmap_region+0x10/0x10 [ 1874.816931][ T3052] ? process_measurement+0x1f4/0x2350 [ 1874.816965][ T3052] ? css_rstat_updated+0x1ce/0x5a0 [ 1874.817004][ T3052] ? __pfx_css_rstat_updated+0x10/0x10 [ 1874.817053][ T3052] ? __lock_acquire+0x4a5/0x2630 [ 1874.817092][ T3052] ? update_cfs_rq_load_avg+0x51/0x550 [ 1874.817145][ T3052] ? find_held_lock+0x2b/0x80 [ 1874.817174][ T3052] ? finish_task_switch.isra.0+0x200/0xb80 [ 1874.817209][ T3052] ? finish_task_switch.isra.0+0x200/0xb80 [ 1874.817260][ T3052] ? trace_sched_exit_tp+0x13a/0x180 [ 1874.817311][ T3052] ? __schedule+0x1000/0x6120 [ 1874.817419][ T3052] ? rcu_is_watching+0x12/0xc0 [ 1874.817469][ T3052] ? cap_capable+0x107/0x460 [ 1874.817508][ T3052] mmap_region+0x180/0x3e0 [ 1874.817563][ T3052] do_mmap+0xc63/0x12f0 [ 1874.817607][ T3052] ? __pfx_do_mmap+0x10/0x10 [ 1874.817645][ T3052] ? __pfx_down_write_killable+0x10/0x10 [ 1874.817689][ T3052] vm_mmap_pgoff+0x29e/0x470 [ 1874.817719][ T3052] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1874.817744][ T3052] ? do_futex+0x192/0x350 [ 1874.817771][ T3052] ? __pfx_do_futex+0x10/0x10 [ 1874.817801][ T3052] ksys_mmap_pgoff+0xe1/0x650 [ 1874.817823][ T3052] ? __x64_sys_futex+0x34f/0x4d0 [ 1874.817847][ T3052] ? __x64_sys_futex+0x358/0x4d0 [ 1874.817874][ T3052] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1874.817896][ T3052] ? xfd_validate_state+0x129/0x190 [ 1874.817929][ T3052] __x64_sys_mmap+0x125/0x190 [ 1874.817960][ T3052] do_syscall_64+0x106/0xf80 [ 1874.817979][ T3052] ? clear_bhb_loop+0x40/0x90 [ 1874.818002][ T3052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1874.818022][ T3052] RIP: 0033:0x7f7e8fb9c819 [ 1874.818040][ T3052] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1874.818059][ T3052] RSP: 002b:00007f7e90ab3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1874.818079][ T3052] RAX: ffffffffffffffda RBX: 00007f7e8fe15fa0 RCX: 00007f7e8fb9c819 [ 1874.818091][ T3052] RDX: 0000000000000001 RSI: 000000000000007f RDI: 0000000000000000 [ 1874.818113][ T3052] RBP: 00007f7e8fc32c91 R08: 0000000000000401 R09: 0000000000008000 [ 1874.818125][ T3052] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1874.818137][ T3052] R13: 00007f7e8fe16038 R14: 00007f7e8fe15fa0 R15: 00007ffce11cf2f8 [ 1874.818163][ T3052] [ 1875.043783][T28085] Bluetooth: hci1: command 0x0c1a tx timeout [ 1875.266444][T28085] Bluetooth: hci4: command 0x0c1a tx timeout [ 1875.275260][T28085] Bluetooth: hci0: command 0x0c1a tx timeout syzkaller syzkaller login: [ 1875.497708][ T3063] FAULT_INJECTION: forcing a failure. [ 1875.497708][ T3063] name failslab, interval 1, probability 0, space 0, times 0 [ 1875.523395][ T3063] CPU: 1 UID: 0 PID: 3063 Comm: syz.1.6386 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1875.523464][ T3063] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1875.523483][ T3063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1875.523499][ T3063] Call Trace: [ 1875.523510][ T3063] [ 1875.523522][ T3063] dump_stack_lvl+0x100/0x190 [ 1875.523575][ T3063] should_fail_ex.cold+0x5/0xa [ 1875.523611][ T3063] should_failslab+0xc2/0x120 [ 1875.523646][ T3063] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1875.523693][ T3063] ? mas_alloc_nodes+0x280/0x390 [ 1875.523748][ T3063] mas_alloc_nodes+0x280/0x390 [ 1875.523799][ T3063] mas_preallocate+0x39c/0xf10 [ 1875.523840][ T3063] ? __pfx_mas_preallocate+0x10/0x10 [ 1875.523881][ T3063] ? vm_area_alloc+0x1f/0x160 [ 1875.523928][ T3063] ? lockdep_init_map_type+0x5c/0x250 [ 1875.523976][ T3063] __mmap_region+0x12b5/0x29e0 [ 1875.524027][ T3063] ? __pfx___mmap_region+0x10/0x10 [ 1875.524069][ T3063] ? process_measurement+0x1f4/0x2350 [ 1875.524104][ T3063] ? css_rstat_updated+0x1ce/0x5a0 [ 1875.524143][ T3063] ? kvm_sched_clock_read+0x11/0x20 [ 1875.524174][ T3063] ? sched_clock+0x38/0x60 [ 1875.524237][ T3063] ? __lock_acquire+0x4a5/0x2630 [ 1875.524277][ T3063] ? trace_pelt_se_tp+0x159/0x1b0 [ 1875.524334][ T3063] ? find_held_lock+0x2b/0x80 [ 1875.524363][ T3063] ? finish_task_switch.isra.0+0x200/0xb80 [ 1875.524397][ T3063] ? finish_task_switch.isra.0+0x200/0xb80 [ 1875.524448][ T3063] ? trace_sched_exit_tp+0x13a/0x180 [ 1875.524487][ T3063] ? __schedule+0x1000/0x6120 [ 1875.524588][ T3063] ? rcu_is_watching+0x12/0xc0 [ 1875.524634][ T3063] ? cap_capable+0x107/0x460 [ 1875.524674][ T3063] mmap_region+0x180/0x3e0 [ 1875.524727][ T3063] do_mmap+0xc63/0x12f0 [ 1875.524769][ T3063] ? __pfx_do_mmap+0x10/0x10 [ 1875.524806][ T3063] ? __pfx_down_write_killable+0x10/0x10 [ 1875.524852][ T3063] vm_mmap_pgoff+0x29e/0x470 [ 1875.524898][ T3063] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1875.524937][ T3063] ? do_futex+0x192/0x350 [ 1875.524979][ T3063] ? __pfx_do_futex+0x10/0x10 [ 1875.525028][ T3063] ksys_mmap_pgoff+0xe1/0x650 [ 1875.525063][ T3063] ? __x64_sys_futex+0x34f/0x4d0 [ 1875.525102][ T3063] ? __x64_sys_futex+0x358/0x4d0 [ 1875.525144][ T3063] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1875.525180][ T3063] ? xfd_validate_state+0x129/0x190 [ 1875.525244][ T3063] __x64_sys_mmap+0x125/0x190 [ 1875.525295][ T3063] do_syscall_64+0x106/0xf80 [ 1875.525325][ T3063] ? clear_bhb_loop+0x40/0x90 [ 1875.525362][ T3063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1875.525394][ T3063] RIP: 0033:0x7f7e8fb9c819 [ 1875.525420][ T3063] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1875.525450][ T3063] RSP: 002b:00007f7e90ab3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1875.525480][ T3063] RAX: ffffffffffffffda RBX: 00007f7e8fe15fa0 RCX: 00007f7e8fb9c819 [ 1875.525500][ T3063] RDX: 0000000000000002 RSI: 0000000000400008 RDI: 0000000000000000 [ 1875.525519][ T3063] RBP: 00007f7e8fc32c91 R08: 0000000000000002 R09: 0000000000008000 [ 1875.525538][ T3063] R10: 0400000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1875.525557][ T3063] R13: 00007f7e8fe16038 R14: 00007f7e8fe15fa0 R15: 00007ffce11cf2f8 [ 1875.525598][ T3063] [ 1875.953544][ T30] audit: type=1800 audit(4294967640.788:162): pid=3069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6388" name="lu_gp_id" dev="configfs" ino=147896 res=0 errno=0 [ 1876.364537][ T3076] FAULT_INJECTION: forcing a failure. [ 1876.364537][ T3076] name failslab, interval 1, probability 0, space 0, times 0 [ 1876.377401][ T3076] CPU: 1 UID: 0 PID: 3076 Comm: syz.0.6390 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1876.377443][ T3076] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1876.377469][ T3076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1876.377480][ T3076] Call Trace: [ 1876.377488][ T3076] [ 1876.377496][ T3076] dump_stack_lvl+0x100/0x190 [ 1876.377531][ T3076] should_fail_ex.cold+0x5/0xa [ 1876.377554][ T3076] should_failslab+0xc2/0x120 [ 1876.377577][ T3076] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1876.377619][ T3076] ? alloc_pipe_info+0x10e/0x590 [ 1876.377651][ T3076] ? find_held_lock+0x2b/0x80 [ 1876.377684][ T3076] alloc_pipe_info+0x10e/0x590 [ 1876.377710][ T3076] splice_direct_to_actor+0x78f/0xa30 [ 1876.377734][ T3076] ? __lock_acquire+0x4a5/0x2630 [ 1876.377758][ T3076] ? __pfx_direct_splice_actor+0x10/0x10 [ 1876.377779][ T3076] ? __pfx_aa_file_perm+0x10/0x10 [ 1876.377809][ T3076] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1876.377837][ T3076] do_splice_direct+0x174/0x240 [ 1876.377858][ T3076] ? __pfx_do_splice_direct+0x10/0x10 [ 1876.377879][ T3076] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1876.377902][ T3076] ? rw_verify_area+0xce/0x6d0 [ 1876.377933][ T3076] do_sendfile+0xadc/0xe20 [ 1876.377968][ T3076] ? __pfx_do_sendfile+0x10/0x10 [ 1876.377999][ T3076] ? __fget_files+0x21f/0x3d0 [ 1876.378024][ T3076] __x64_sys_sendfile64+0x1d8/0x220 [ 1876.378047][ T3076] ? ksys_write+0x1ac/0x250 [ 1876.378065][ T3076] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1876.378095][ T3076] do_syscall_64+0x106/0xf80 [ 1876.378115][ T3076] ? clear_bhb_loop+0x40/0x90 [ 1876.378138][ T3076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1876.378158][ T3076] RIP: 0033:0x7f703039c819 [ 1876.378175][ T3076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1876.378193][ T3076] RSP: 002b:00007f7031237028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1876.378211][ T3076] RAX: ffffffffffffffda RBX: 00007f7030615fa0 RCX: 00007f703039c819 [ 1876.378223][ T3076] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1876.378234][ T3076] RBP: 00007f7031237090 R08: 0000000000000000 R09: 0000000000000000 [ 1876.378245][ T3076] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 1876.378256][ T3076] R13: 00007f7030616038 R14: 00007f7030615fa0 R15: 00007fffbe68fe98 [ 1876.378279][ T3076] [ 1878.499609][ T3104] FAULT_INJECTION: forcing a failure. [ 1878.499609][ T3104] name failslab, interval 1, probability 0, space 0, times 0 [ 1878.539100][ T3104] CPU: 0 UID: 0 PID: 3104 Comm: syz.3.6398 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1878.539169][ T3104] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1878.539186][ T3104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1878.539203][ T3104] Call Trace: [ 1878.539214][ T3104] [ 1878.539226][ T3104] dump_stack_lvl+0x100/0x190 [ 1878.539280][ T3104] should_fail_ex.cold+0x5/0xa [ 1878.539317][ T3104] should_failslab+0xc2/0x120 [ 1878.539354][ T3104] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1878.539412][ T3104] ? alloc_empty_file+0x55/0x1c0 [ 1878.539461][ T3104] alloc_empty_file+0x55/0x1c0 [ 1878.539504][ T3104] alloc_file_pseudo+0x13a/0x230 [ 1878.539549][ T3104] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1878.539593][ T3104] ? security_inode_init_security_anon+0x7b/0x230 [ 1878.539641][ T3104] __anon_inode_getfile+0xe8/0x280 [ 1878.539679][ T3104] ? _copy_to_user+0xaf/0xd0 [ 1878.539722][ T3104] io_uring_setup.cold+0x1a41/0x1d79 [ 1878.539772][ T3104] ? __pfx_io_uring_setup+0x10/0x10 [ 1878.539818][ T3104] ? __pfx_do_futex+0x10/0x10 [ 1878.539875][ T3104] ? xfd_validate_state+0x129/0x190 [ 1878.539927][ T3104] __x64_sys_io_uring_setup+0xc2/0x170 [ 1878.539976][ T3104] do_syscall_64+0x106/0xf80 [ 1878.540008][ T3104] ? clear_bhb_loop+0x40/0x90 [ 1878.540043][ T3104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1878.540076][ T3104] RIP: 0033:0x7f09fb39c819 [ 1878.540104][ T3104] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1878.540132][ T3104] RSP: 002b:00007f09fc2d5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1878.540162][ T3104] RAX: ffffffffffffffda RBX: 00007f09fb615fa0 RCX: 00007f09fb39c819 [ 1878.540178][ T3104] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1878.540193][ T3104] RBP: 00007f09fb432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1878.540209][ T3104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1878.540226][ T3104] R13: 00007f09fb616038 R14: 00007f09fb615fa0 R15: 00007ffcfa7c48e8 [ 1878.540266][ T3104] [ 1879.313332][ T3104] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1879.339787][ T3104] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1879.346035][ T3104] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1879.392973][ T3104] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1880.324024][ T3123] FAULT_INJECTION: forcing a failure. [ 1880.324024][ T3123] name failslab, interval 1, probability 0, space 0, times 0 [ 1880.384329][ T3127] nbd: illegal input index 37139 [ 1880.409838][ T3123] CPU: 0 UID: 0 PID: 3123 Comm: syz.0.6403 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1880.409906][ T3123] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1880.409924][ T3123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1880.409942][ T3123] Call Trace: [ 1880.409953][ T3123] [ 1880.409965][ T3123] dump_stack_lvl+0x100/0x190 [ 1880.410016][ T3123] should_fail_ex.cold+0x5/0xa [ 1880.410053][ T3123] ? lsm_blob_alloc+0x68/0x90 [ 1880.410097][ T3123] should_failslab+0xc2/0x120 [ 1880.410157][ T3123] __kmalloc_noprof+0xe0/0x850 [ 1880.410205][ T3123] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1880.410247][ T3123] lsm_blob_alloc+0x68/0x90 [ 1880.410295][ T3123] security_prepare_creds+0x2d/0x290 [ 1880.410348][ T3123] prepare_creds+0x5d6/0x950 [ 1880.410400][ T3123] __sys_setresuid+0x458/0x1280 [ 1880.410439][ T3123] do_syscall_64+0x106/0xf80 [ 1880.410472][ T3123] ? clear_bhb_loop+0x40/0x90 [ 1880.410519][ T3123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1880.410551][ T3123] RIP: 0033:0x7f703039c819 [ 1880.410578][ T3123] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1880.410607][ T3123] RSP: 002b:00007f7031237028 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 1880.410644][ T3123] RAX: ffffffffffffffda RBX: 00007f7030615fa0 RCX: 00007f703039c819 [ 1880.410665][ T3123] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000002 [ 1880.410684][ T3123] RBP: 00007f7030432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1880.410704][ T3123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1880.410722][ T3123] R13: 00007f7030616038 R14: 00007f7030615fa0 R15: 00007fffbe68fe98 [ 1880.410764][ T3123] syzkaller syzkaller login: [ 1880.881365][ T3139] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6402'. [ 1881.145758][ T3123] zswap: compressor not available [ 1881.253929][T28085] Bluetooth: hci3: command 0x0c1a tx timeout [ 1881.346334][ T30] audit: type=1800 audit(4294967646.175:163): pid=3128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6404" name="lu_gp_id" dev="configfs" ino=149902 res=0 errno=0 [ 1881.413059][T28085] Bluetooth: hci0: command 0x0c1a tx timeout [ 1881.413082][ T5143] Bluetooth: hci1: command 0x0c1a tx timeout [ 1881.413123][ T5143] Bluetooth: hci4: command 0x0c1a tx timeout [ 1881.477426][ T3148] FAULT_INJECTION: forcing a failure. [ 1881.477426][ T3148] name failslab, interval 1, probability 0, space 0, times 0 [ 1881.526475][ T3148] CPU: 0 UID: 0 PID: 3148 Comm: syz.3.6406 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1881.526544][ T3148] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1881.526562][ T3148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1881.526580][ T3148] Call Trace: [ 1881.526591][ T3148] [ 1881.526605][ T3148] dump_stack_lvl+0x100/0x190 [ 1881.526657][ T3148] should_fail_ex.cold+0x5/0xa [ 1881.526697][ T3148] should_failslab+0xc2/0x120 [ 1881.526732][ T3148] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1881.526780][ T3148] ? sock_alloc_inode+0x25/0x1c0 [ 1881.526821][ T3148] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1881.526860][ T3148] sock_alloc_inode+0x25/0x1c0 [ 1881.526896][ T3148] alloc_inode+0x68/0x250 [ 1881.526939][ T3148] sock_alloc+0x44/0x280 [ 1881.526969][ T3148] ? security_socket_create+0x7f/0x250 [ 1881.527006][ T3148] __sock_create+0xc2/0x860 [ 1881.527052][ T3148] __sys_socket+0x14d/0x260 [ 1881.527095][ T3148] ? __pfx___sys_socket+0x10/0x10 [ 1881.527145][ T3148] __x64_sys_socket+0x72/0xb0 [ 1881.527185][ T3148] ? lockdep_hardirqs_on+0x78/0x100 [ 1881.527219][ T3148] do_syscall_64+0x106/0xf80 [ 1881.527251][ T3148] ? clear_bhb_loop+0x40/0x90 [ 1881.527291][ T3148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1881.527323][ T3148] RIP: 0033:0x7f09fb39c819 [ 1881.527352][ T3148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1881.527383][ T3148] RSP: 002b:00007f09fc2d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1881.527430][ T3148] RAX: ffffffffffffffda RBX: 00007f09fb615fa0 RCX: 00007f09fb39c819 [ 1881.527453][ T3148] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1881.527471][ T3148] RBP: 00007f09fb432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1881.527489][ T3148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1881.527516][ T3148] R13: 00007f09fb616038 R14: 00007f09fb615fa0 R15: 00007ffcfa7c48e8 [ 1881.527558][ T3148] [ 1881.527575][ T3148] socket: no more sockets [ 1882.009216][ T3159] FAULT_INJECTION: forcing a failure. [ 1882.009216][ T3159] name failslab, interval 1, probability 0, space 0, times 0 [ 1882.089429][ T3159] CPU: 0 UID: 0 PID: 3159 Comm: syz.3.6410 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1882.089496][ T3159] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1882.089515][ T3159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1882.089531][ T3159] Call Trace: [ 1882.089542][ T3159] [ 1882.089555][ T3159] dump_stack_lvl+0x100/0x190 [ 1882.089607][ T3159] should_fail_ex.cold+0x5/0xa [ 1882.089647][ T3159] should_failslab+0xc2/0x120 [ 1882.089683][ T3159] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1882.089723][ T3159] ? io_wq_create+0x6a/0x9a0 [ 1882.089775][ T3159] io_wq_create+0x6a/0x9a0 [ 1882.089820][ T3159] io_uring_alloc_task_context+0x2db/0x54b [ 1882.089873][ T3159] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 1882.089925][ T3159] ? alloc_file_pseudo+0x1a5/0x230 [ 1882.089974][ T3159] __io_uring_add_tctx_node.cold+0x10/0x195 [ 1882.090026][ T3159] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 1882.090066][ T3159] ? __anon_inode_getfile+0x17c/0x280 [ 1882.090131][ T3159] io_uring_setup.cold+0x1a83/0x1d79 [ 1882.090183][ T3159] ? __pfx_io_uring_setup+0x10/0x10 [ 1882.090236][ T3159] ? __pfx_do_futex+0x10/0x10 [ 1882.090292][ T3159] ? xfd_validate_state+0x129/0x190 [ 1882.090341][ T3159] __x64_sys_io_uring_setup+0xc2/0x170 [ 1882.090394][ T3159] do_syscall_64+0x106/0xf80 [ 1882.090425][ T3159] ? clear_bhb_loop+0x40/0x90 [ 1882.090465][ T3159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1882.090495][ T3159] RIP: 0033:0x7f09fb39c819 [ 1882.090523][ T3159] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1882.090550][ T3159] RSP: 002b:00007f09fc2d5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1882.090581][ T3159] RAX: ffffffffffffffda RBX: 00007f09fb615fa0 RCX: 00007f09fb39c819 [ 1882.090601][ T3159] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1882.090626][ T3159] RBP: 00007f09fb432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1882.090645][ T3159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1882.090662][ T3159] R13: 00007f09fb616038 R14: 00007f09fb615fa0 R15: 00007ffcfa7c48e8 [ 1882.090704][ T3159] [ 1882.758385][ T3171] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6412'. [ 1882.788901][ T3161] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1882.796512][ T3161] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1882.811851][ T3161] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1882.821317][ T3161] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1884.003321][ T3192] FAULT_INJECTION: forcing a failure. [ 1884.003321][ T3192] name failslab, interval 1, probability 0, space 0, times 0 [ 1884.037549][ T3192] CPU: 1 UID: 0 PID: 3192 Comm: syz.4.6418 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1884.037621][ T3192] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1884.037640][ T3192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1884.037659][ T3192] Call Trace: [ 1884.037671][ T3192] [ 1884.037685][ T3192] dump_stack_lvl+0x100/0x190 [ 1884.037739][ T3192] should_fail_ex.cold+0x5/0xa [ 1884.037777][ T3192] should_failslab+0xc2/0x120 [ 1884.037814][ T3192] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1884.037862][ T3192] ? prepare_creds+0x2c/0x950 [ 1884.037907][ T3192] ? apparmor_capable+0x1d7/0x4d0 [ 1884.037942][ T3192] ? __x64_sys_futex+0x358/0x4d0 [ 1884.037991][ T3192] prepare_creds+0x2c/0x950 [ 1884.038040][ T3192] __sys_setresuid+0x458/0x1280 [ 1884.038077][ T3192] do_syscall_64+0x106/0xf80 [ 1884.038109][ T3192] ? clear_bhb_loop+0x40/0x90 [ 1884.038146][ T3192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1884.038180][ T3192] RIP: 0033:0x7f519e39c819 [ 1884.038220][ T3192] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1884.038247][ T3192] RSP: 002b:00007f519c5ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 1884.038277][ T3192] RAX: ffffffffffffffda RBX: 00007f519e615fa0 RCX: 00007f519e39c819 [ 1884.038297][ T3192] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000002 [ 1884.038314][ T3192] RBP: 00007f519e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1884.038331][ T3192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1884.038345][ T3192] R13: 00007f519e616038 R14: 00007f519e615fa0 R15: 00007ffee69e59c8 [ 1884.038378][ T3192] [ 1884.574291][ T5143] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1884.692196][ T5143] Bluetooth: hci3: command 0x0c1a tx timeout [ 1884.853339][ T5143] Bluetooth: hci1: command 0x0c1a tx timeout [ 1884.859640][T21897] Bluetooth: hci0: command 0x0c1a tx timeout [ 1885.080706][ T30] audit: type=1800 audit(4294967649.913:164): pid=3206 uid=60929 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6422" name="lu_gp_id" dev="configfs" ino=151177 res=0 errno=0 [ 1885.290091][ T5143] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 1885.823280][ T5143] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1886.645557][ T3230] netlink: 5 bytes leftover after parsing attributes in process `syz.3.6430'. [ 1886.730384][ T3232] HfR: entered promiscuous mode [ 1886.788259][ T3232] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6432'. [ 1886.849274][ T3232] HfR: left promiscuous mode [ 1887.297461][ T3239] nbd: illegal input index 37139 [ 1887.527182][ T3244] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6434'. [ 1889.391028][ T3271] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1890.535315][ T3287] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6447'. syzkaller syzkaller login: [ 1890.772711][ T30] audit: type=1800 audit(4294967655.600:165): pid=3277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6444" name="lu_gp_id" dev="configfs" ino=156448 res=0 errno=0 [ 1891.472276][ T3298] FAULT_INJECTION: forcing a failure. [ 1891.472276][ T3298] name failslab, interval 1, probability 0, space 0, times 0 [ 1891.564364][ T3298] CPU: 1 UID: 0 PID: 3298 Comm: syz.4.6451 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1891.564426][ T3298] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1891.564443][ T3298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1891.564461][ T3298] Call Trace: [ 1891.564470][ T3298] [ 1891.564482][ T3298] dump_stack_lvl+0x100/0x190 [ 1891.564532][ T3298] should_fail_ex.cold+0x5/0xa [ 1891.564568][ T3298] should_failslab+0xc2/0x120 [ 1891.564600][ T3298] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1891.564642][ T3298] ? alloc_empty_file+0x55/0x1c0 [ 1891.564688][ T3298] alloc_empty_file+0x55/0x1c0 [ 1891.564726][ T3298] alloc_file_pseudo+0x13a/0x230 [ 1891.564766][ T3298] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1891.564804][ T3298] ? security_inode_init_security_anon+0x7b/0x230 [ 1891.564847][ T3298] __anon_inode_getfile+0xe8/0x280 [ 1891.564882][ T3298] ? _copy_to_user+0xaf/0xd0 [ 1891.564922][ T3298] io_uring_setup.cold+0x1a41/0x1d79 [ 1891.564956][ T3298] ? __pfx_io_uring_setup+0x10/0x10 [ 1891.564988][ T3298] ? __pfx_do_futex+0x10/0x10 [ 1891.565033][ T3298] ? xfd_validate_state+0x129/0x190 [ 1891.565069][ T3298] __x64_sys_io_uring_setup+0xc2/0x170 [ 1891.565099][ T3298] do_syscall_64+0x106/0xf80 [ 1891.565119][ T3298] ? clear_bhb_loop+0x40/0x90 [ 1891.565142][ T3298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1891.565161][ T3298] RIP: 0033:0x7f519e39c819 [ 1891.565190][ T3298] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1891.565216][ T3298] RSP: 002b:00007f519c5ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1891.565245][ T3298] RAX: ffffffffffffffda RBX: 00007f519e615fa0 RCX: 00007f519e39c819 [ 1891.565264][ T3298] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1891.565280][ T3298] RBP: 00007f519e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1891.565297][ T3298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1891.565315][ T3298] R13: 00007f519e616038 R14: 00007f519e615fa0 R15: 00007ffee69e59c8 [ 1891.565356][ T3298] [ 1891.996949][ T3297] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1892.213827][ T3299] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1892.227709][ T3299] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1892.234174][ T3299] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1892.267217][ T3299] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1892.617633][ T3309] nbd: illegal input index 37139 [ 1892.812541][ T3315] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6454'. [ 1894.151884][T21897] Bluetooth: hci3: command 0x0c1a tx timeout [ 1894.296992][T21897] Bluetooth: hci1: command 0x0c1a tx timeout [ 1894.303487][ T5143] Bluetooth: hci4: command 0x0c1a tx timeout [ 1894.306751][T28085] Bluetooth: hci0: command 0x0c1a tx timeout [ 1894.563301][ T3313] FAULT_INJECTION: forcing a failure. [ 1894.563301][ T3313] name failslab, interval 1, probability 0, space 0, times 0 [ 1894.680115][ T3313] CPU: 0 UID: 0 PID: 3313 Comm: syz.0.6455 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1894.680158][ T3313] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1894.680169][ T3313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1894.680181][ T3313] Call Trace: [ 1894.680188][ T3313] [ 1894.680235][ T3313] dump_stack_lvl+0x100/0x190 [ 1894.680271][ T3313] should_fail_ex.cold+0x5/0xa [ 1894.680296][ T3313] should_failslab+0xc2/0x120 [ 1894.680318][ T3313] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1894.680348][ T3313] ? mas_alloc_nodes+0x280/0x390 [ 1894.680382][ T3313] mas_alloc_nodes+0x280/0x390 [ 1894.680420][ T3313] mas_preallocate+0x39c/0xf10 [ 1894.680445][ T3313] ? __pfx_mas_preallocate+0x10/0x10 [ 1894.680465][ T3313] ? __lock_acquire+0x4a5/0x2630 [ 1894.680497][ T3313] ? __asan_memset+0x23/0x50 [ 1894.680524][ T3313] ? init_multi_vma_prep+0x33c/0x650 [ 1894.680553][ T3313] commit_merge+0x3e3/0xbd0 [ 1894.680583][ T3313] ? __pfx_commit_merge+0x10/0x10 [ 1894.680609][ T3313] ? do_raw_spin_unlock+0x145/0x1e0 [ 1894.680653][ T3313] vma_expand+0x7df/0xcf0 [ 1894.680683][ T3313] ? __pfx_vma_expand+0x10/0x10 [ 1894.680711][ T3313] ? can_vma_merge_right+0xa5/0x530 [ 1894.680741][ T3313] vma_merge_new_range+0x2ce/0xa30 [ 1894.680767][ T3313] ? __sanitizer_cov_trace_const_cmp4+0x11/0x20 [ 1894.680800][ T3313] __mmap_region+0x900/0x29e0 [ 1894.680846][ T3313] ? __pfx___mmap_region+0x10/0x10 [ 1894.680883][ T3313] ? process_measurement+0x1f4/0x2350 [ 1894.680931][ T3313] ? __lock_acquire+0x4a5/0x2630 [ 1894.680969][ T3313] ? find_held_lock+0x2b/0x80 [ 1894.680987][ T3313] ? finish_task_switch.isra.0+0x200/0xb80 [ 1894.681008][ T3313] ? finish_task_switch.isra.0+0x200/0xb80 [ 1894.681038][ T3313] ? trace_sched_exit_tp+0x13a/0x180 [ 1894.681061][ T3313] ? __schedule+0x1000/0x6120 [ 1894.681119][ T3313] ? rcu_is_watching+0x12/0xc0 [ 1894.681148][ T3313] ? cap_capable+0x107/0x460 [ 1894.681171][ T3313] mmap_region+0x180/0x3e0 [ 1894.681214][ T3313] do_mmap+0xc63/0x12f0 [ 1894.681241][ T3313] ? __pfx_do_mmap+0x10/0x10 [ 1894.681264][ T3313] ? __pfx_down_write_killable+0x10/0x10 [ 1894.681292][ T3313] vm_mmap_pgoff+0x29e/0x470 [ 1894.681321][ T3313] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1894.681346][ T3313] ? do_futex+0x192/0x350 [ 1894.681372][ T3313] ? __pfx_do_futex+0x10/0x10 [ 1894.681401][ T3313] ksys_mmap_pgoff+0xe1/0x650 [ 1894.681424][ T3313] ? __x64_sys_futex+0x34f/0x4d0 [ 1894.681448][ T3313] ? __x64_sys_futex+0x358/0x4d0 [ 1894.681475][ T3313] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1894.681496][ T3313] ? xfd_validate_state+0x129/0x190 [ 1894.681528][ T3313] __x64_sys_mmap+0x125/0x190 [ 1894.681559][ T3313] do_syscall_64+0x106/0xf80 [ 1894.681578][ T3313] ? clear_bhb_loop+0x40/0x90 [ 1894.681600][ T3313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1894.681619][ T3313] RIP: 0033:0x7f703039c819 [ 1894.681636][ T3313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1894.681654][ T3313] RSP: 002b:00007f7031237028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1894.681673][ T3313] RAX: ffffffffffffffda RBX: 00007f7030615fa0 RCX: 00007f703039c819 [ 1894.681686][ T3313] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 1894.681697][ T3313] RBP: 00007f7030432c91 R08: 0000000000000007 R09: 0000000000028000 [ 1894.681708][ T3313] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1894.681719][ T3313] R13: 00007f7030616038 R14: 00007f7030615fa0 R15: 00007fffbe68fe98 [ 1894.681742][ T3313] [ 1895.456418][ T3342] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1895.798578][ T3345] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1895.942108][ T3349] HfR: entered promiscuous mode [ 1895.999858][ T3349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6464'. [ 1896.043427][ T3349] HfR: left promiscuous mode [ 1896.626220][ T3365] FAULT_INJECTION: forcing a failure. [ 1896.626220][ T3365] name failslab, interval 1, probability 0, space 0, times 0 [ 1896.679704][ T3365] CPU: 0 UID: 0 PID: 3365 Comm: syz.1.6468 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1896.679776][ T3365] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1896.679794][ T3365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1896.679813][ T3365] Call Trace: [ 1896.679824][ T3365] [ 1896.679838][ T3365] dump_stack_lvl+0x100/0x190 [ 1896.679891][ T3365] should_fail_ex.cold+0x5/0xa [ 1896.679938][ T3365] should_failslab+0xc2/0x120 [ 1896.679975][ T3365] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1896.680024][ T3365] ? security_file_alloc+0x34/0x2c0 [ 1896.680061][ T3365] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1896.680101][ T3365] security_file_alloc+0x34/0x2c0 [ 1896.680143][ T3365] init_file+0x95/0x480 [ 1896.680192][ T3365] alloc_empty_file+0x73/0x1c0 [ 1896.680232][ T3365] alloc_file_pseudo+0x13a/0x230 [ 1896.680278][ T3365] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1896.680320][ T3365] ? security_inode_init_security_anon+0x7b/0x230 [ 1896.680367][ T3365] __anon_inode_getfile+0xe8/0x280 [ 1896.680404][ T3365] ? _copy_to_user+0xaf/0xd0 [ 1896.680447][ T3365] io_uring_setup.cold+0x1a41/0x1d79 [ 1896.680501][ T3365] ? __pfx_io_uring_setup+0x10/0x10 [ 1896.680551][ T3365] ? __pfx_do_futex+0x10/0x10 [ 1896.680613][ T3365] ? xfd_validate_state+0x129/0x190 [ 1896.680663][ T3365] __x64_sys_io_uring_setup+0xc2/0x170 [ 1896.680711][ T3365] do_syscall_64+0x106/0xf80 [ 1896.680743][ T3365] ? clear_bhb_loop+0x40/0x90 [ 1896.680782][ T3365] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1896.680813][ T3365] RIP: 0033:0x7f7e8fb9c819 [ 1896.680841][ T3365] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1896.680870][ T3365] RSP: 002b:00007f7e90ab3028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1896.680902][ T3365] RAX: ffffffffffffffda RBX: 00007f7e8fe15fa0 RCX: 00007f7e8fb9c819 [ 1896.680921][ T3365] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1896.680939][ T3365] RBP: 00007f7e8fc32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1896.680957][ T3365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1896.680976][ T3365] R13: 00007f7e8fe16038 R14: 00007f7e8fe15fa0 R15: 00007ffce11cf2f8 [ 1896.681018][ T3365] syzkaller syzkaller login: [ 1897.576246][ T3365] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1897.590735][ T3357] kexec: Could not allocate control_code_buffer [ 1897.637335][ T3365] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1897.656037][ T3365] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1897.662765][ T3365] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1897.851840][ T3378] nbd: illegal input index 37139 [ 1898.012920][ T3383] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6472'. [ 1898.222666][ T3376] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1899.179154][T28085] Bluetooth: hci3: command 0x0c1a tx timeout [ 1899.659332][T28085] Bluetooth: hci4: command 0x0c1a tx timeout [ 1899.662005][T21897] Bluetooth: hci0: command 0x0c1a tx timeout [ 1899.740838][T21897] Bluetooth: hci1: command 0x0c1a tx timeout [ 1900.170080][ T3430] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1900.182293][ T3430] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1900.292376][ T3430] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1900.298610][ T3430] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1900.531880][ T30] audit: type=1800 audit(4294967665.345:166): pid=3434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6484" name="lu_gp_id" dev="configfs" ino=162444 res=0 errno=0 [ 1902.221027][T21897] Bluetooth: hci0: command 0x0c1a tx timeout [ 1902.221040][T28085] Bluetooth: hci3: command 0x0c1a tx timeout [ 1902.308894][T21897] Bluetooth: hci1: command 0x0c1a tx timeout [ 1902.308911][T28085] Bluetooth: hci4: command 0x0c1a tx timeout [ 1905.231294][ T30] audit: type=1800 audit(4294967670.023:167): pid=3467 uid=60929 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6493" name="lu_gp_id" dev="configfs" ino=164920 res=0 errno=0 [ 1905.483524][ T3477] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1905.571679][ T3475] FAULT_INJECTION: forcing a failure. [ 1905.571679][ T3475] name failslab, interval 1, probability 0, space 0, times 0 [ 1905.623739][ T3475] CPU: 0 UID: 0 PID: 3475 Comm: syz.4.6494 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1905.623809][ T3475] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1905.623828][ T3475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1905.623847][ T3475] Call Trace: [ 1905.623859][ T3475] [ 1905.623873][ T3475] dump_stack_lvl+0x100/0x190 [ 1905.623925][ T3475] should_fail_ex.cold+0x5/0xa [ 1905.623964][ T3475] should_failslab+0xc2/0x120 [ 1905.624000][ T3475] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1905.624045][ T3475] ? __d_alloc+0x34/0xa80 [ 1905.624088][ T3475] __d_alloc+0x34/0xa80 [ 1905.624120][ T3475] ? security_inode_alloc+0xcf/0x2c0 [ 1905.624159][ T3475] d_alloc_pseudo+0x1c/0xc0 [ 1905.624217][ T3475] alloc_file_pseudo+0xcf/0x230 [ 1905.624263][ T3475] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1905.624305][ T3475] ? security_inode_init_security_anon+0x7b/0x230 [ 1905.624351][ T3475] __anon_inode_getfile+0xe8/0x280 [ 1905.624388][ T3475] ? _copy_to_user+0xaf/0xd0 [ 1905.624429][ T3475] io_uring_setup.cold+0x1a41/0x1d79 [ 1905.624482][ T3475] ? __pfx_io_uring_setup+0x10/0x10 [ 1905.624532][ T3475] ? __pfx_do_futex+0x10/0x10 [ 1905.624591][ T3475] ? xfd_validate_state+0x129/0x190 [ 1905.624641][ T3475] __x64_sys_io_uring_setup+0xc2/0x170 [ 1905.624691][ T3475] do_syscall_64+0x106/0xf80 [ 1905.624722][ T3475] ? clear_bhb_loop+0x40/0x90 [ 1905.624760][ T3475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1905.624788][ T3475] RIP: 0033:0x7f519e39c819 [ 1905.624814][ T3475] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1905.624842][ T3475] RSP: 002b:00007f519c5ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1905.624872][ T3475] RAX: ffffffffffffffda RBX: 00007f519e615fa0 RCX: 00007f519e39c819 [ 1905.624892][ T3475] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1905.624909][ T3475] RBP: 00007f519e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1905.624926][ T3475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1905.624942][ T3475] R13: 00007f519e616038 R14: 00007f519e615fa0 R15: 00007ffee69e59c8 [ 1905.624982][ T3475] [ 1906.264478][ T3475] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1906.286549][ T3475] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1906.336038][ T3475] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1906.352356][ T3475] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1906.968890][ T30] audit: type=1800 audit(4294967671.782:168): pid=3487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6498" name="lu_gp_id" dev="configfs" ino=165558 res=0 errno=0 syzkaller syzkaller login: [ 1907.006288][ T3499] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6500'. [ 1907.027565][ T3497] HfR: entered promiscuous mode [ 1907.032716][ T3499] HfR: left promiscuous mode [ 1907.828772][ T3514] nbd: illegal input index 37139 [ 1908.063866][T21897] Bluetooth: hci3: command 0x0c1a tx timeout [ 1908.303651][T21897] Bluetooth: hci0: command 0x0c1a tx timeout [ 1908.385694][T21897] Bluetooth: hci1: command 0x0c1a tx timeout [ 1908.385706][T28085] Bluetooth: hci4: command 0x0c1a tx timeout [ 1909.479703][ T3533] HfR: entered promiscuous mode [ 1910.325743][ T30] audit: type=1800 audit(4294967675.150:169): pid=3547 uid=60929 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6511" name="lu_gp_id" dev="configfs" ino=168969 res=0 errno=0 [ 1910.812311][ T3554] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1911.086918][ T3562] nbd: illegal input index 37139 [ 1911.436511][ T30] audit: type=1800 audit(4294967676.260:170): pid=3559 uid=60929 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6516" name="lu_gp_id" dev="configfs" ino=168369 res=0 errno=0 [ 1911.918102][ T3578] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6520'. [ 1911.940296][ T3578] device-mapper: ioctl: only supply one of name or uuid, cmd(7) syzkaller syzkaller login: [ 1912.544740][ T3589] FAULT_INJECTION: forcing a failure. [ 1912.544740][ T3589] name failslab, interval 1, probability 0, space 0, times 0 [ 1912.654669][ T3589] CPU: 1 UID: 0 PID: 3589 Comm: syz.0.6524 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1912.654726][ T3589] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1912.654740][ T3589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1912.654755][ T3589] Call Trace: [ 1912.654766][ T3589] [ 1912.654776][ T3589] dump_stack_lvl+0x100/0x190 [ 1912.654862][ T3589] should_fail_ex.cold+0x5/0xa [ 1912.654894][ T3589] ? tracepoint_add_func+0x2c5/0xf30 [ 1912.654921][ T3589] should_failslab+0xc2/0x120 [ 1912.654957][ T3589] __kmalloc_noprof+0xe0/0x850 [ 1912.655003][ T3589] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 1912.655031][ T3589] tracepoint_add_func+0x2c5/0xf30 [ 1912.655058][ T3589] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 1912.655084][ T3589] ? __pfx___mutex_lock+0x10/0x10 [ 1912.655111][ T3589] ? rcu_is_watching+0x12/0xc0 [ 1912.655156][ T3589] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 1912.655183][ T3589] tracepoint_probe_register+0xc4/0x110 [ 1912.655213][ T3589] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 1912.655241][ T3589] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 1912.655269][ T3589] ? __lock_acquire+0x4a5/0x2630 [ 1912.655312][ T3589] tracing_start_sched_switch+0xaf/0x170 [ 1912.655338][ T3589] __ftrace_event_enable_disable+0x557/0x6f0 [ 1912.655373][ T3589] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 1912.655416][ T3589] ftrace_set_clr_event+0x16e/0x330 [ 1912.655452][ T3589] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 1912.655486][ T3589] ? trace_get_user+0x3ae/0xa70 [ 1912.655524][ T3589] ftrace_event_write+0x259/0x2c0 [ 1912.655560][ T3589] ? __pfx_ftrace_event_write+0x10/0x10 [ 1912.655609][ T3589] vfs_write+0x2aa/0x1070 [ 1912.655637][ T3589] ? __pfx_ftrace_event_write+0x10/0x10 [ 1912.655676][ T3589] ? __pfx_vfs_write+0x10/0x10 [ 1912.655700][ T3589] ? __fget_files+0x215/0x3d0 [ 1912.655737][ T3589] ? __fget_files+0x21f/0x3d0 [ 1912.655777][ T3589] ksys_write+0x12a/0x250 [ 1912.655804][ T3589] ? __pfx_ksys_write+0x10/0x10 [ 1912.655851][ T3589] do_syscall_64+0x106/0xf80 [ 1912.655879][ T3589] ? clear_bhb_loop+0x40/0x90 [ 1912.655914][ T3589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1912.655942][ T3589] RIP: 0033:0x7f703039c819 [ 1912.655967][ T3589] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1912.655994][ T3589] RSP: 002b:00007f7031237028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1912.656022][ T3589] RAX: ffffffffffffffda RBX: 00007f7030615fa0 RCX: 00007f703039c819 [ 1912.656042][ T3589] RDX: 0000000000000af0 RSI: 0000000000000000 RDI: 0000000000000003 [ 1912.656059][ T3589] RBP: 00007f7031237090 R08: 0000000000000000 R09: 0000000000000000 [ 1912.656075][ T3589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1912.656092][ T3589] R13: 00007f7030616038 R14: 00007f7030615fa0 R15: 00007fffbe68fe98 [ 1912.656134][ T3589] [ 1913.094008][ T3589] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup [ 1913.474650][ T3598] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1913.745298][ T30] audit: type=1800 audit(4294967678.559:171): pid=3603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6528" name="lu_gp_id" dev="configfs" ino=168925 res=0 errno=0 [ 1913.793385][T21897] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1914.467417][ T3612] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 36 out of range (51000000..2150000000) syzkaller syzkaller login: [ 1915.083225][ T3616] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 36 out of range (51000000..2150000000) [ 1915.291592][ T3627] FAULT_INJECTION: forcing a failure. [ 1915.291592][ T3627] name failslab, interval 1, probability 0, space 0, times 0 [ 1915.325894][ T3627] CPU: 1 UID: 0 PID: 3627 Comm: syz.3.6532 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1915.325963][ T3627] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1915.325995][ T3627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1915.326014][ T3627] Call Trace: [ 1915.326025][ T3627] [ 1915.326039][ T3627] dump_stack_lvl+0x100/0x190 [ 1915.326092][ T3627] should_fail_ex.cold+0x5/0xa [ 1915.326130][ T3627] should_failslab+0xc2/0x120 [ 1915.326166][ T3627] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1915.326213][ T3627] ? sk_prot_alloc+0x60/0x2a0 [ 1915.326255][ T3627] sk_prot_alloc+0x60/0x2a0 [ 1915.326296][ T3627] sk_alloc+0x36/0xe80 [ 1915.326343][ T3627] pn_socket_create+0x22d/0x560 [ 1915.326392][ T3627] __sock_create+0x339/0x860 [ 1915.326441][ T3627] __sys_socket+0x14d/0x260 [ 1915.326483][ T3627] ? __pfx___sys_socket+0x10/0x10 [ 1915.326534][ T3627] __x64_sys_socket+0x72/0xb0 [ 1915.326572][ T3627] ? lockdep_hardirqs_on+0x78/0x100 [ 1915.326605][ T3627] do_syscall_64+0x106/0xf80 [ 1915.326636][ T3627] ? clear_bhb_loop+0x40/0x90 [ 1915.326673][ T3627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1915.326704][ T3627] RIP: 0033:0x7f09fb39c819 [ 1915.326731][ T3627] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1915.326761][ T3627] RSP: 002b:00007f09fc293028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1915.326790][ T3627] RAX: ffffffffffffffda RBX: 00007f09fb616180 RCX: 00007f09fb39c819 [ 1915.326811][ T3627] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000023 [ 1915.326830][ T3627] RBP: 00007f09fb432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1915.326849][ T3627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1915.326867][ T3627] R13: 00007f09fb616218 R14: 00007f09fb616180 R15: 00007ffcfa7c48e8 [ 1915.326906][ T3627] [ 1915.619935][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1915.628081][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1915.761596][ T3636] nvme_fcloop: unknown parameter or missing value 'Ù' [ 1915.789013][ T30] audit: type=1807 audit(4294967680.598:172): UNKNOWN= res=0 [ 1915.837770][ T30] audit: type=1802 audit(4294967680.618:173): pid=3636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.4.6536" res=0 errno=0 [ 1915.926300][ T3638] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6536'. [ 1916.979745][ T3635] ima: policy update failed [ 1916.993211][ T30] audit: type=1802 audit(4294967681.807:174): pid=3635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.6536" res=0 errno=0 [ 1917.355590][ T3658] openvswitch: HfR: Dropping previously announced user features [ 1917.395748][ T30] audit: type=1804 audit(4294967682.207:175): pid=3656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.6539" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 1917.952889][ T3676] netlink: 338 bytes leftover after parsing attributes in process `syz.0.6545'. [ 1917.962844][ T3676] bridge0: port 2(bridge_slave_1) entered disabled state [ 1917.970355][ T3676] bridge0: port 1(bridge_slave_0) entered disabled state [ 1918.356526][T21897] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 1919.552917][ T3705] HfR: entered promiscuous mode [ 1920.882234][ T3714] zswap: compressor not available [ 1921.743344][T21897] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 1923.455586][ T3741] openvswitch: HfR: Dropping previously announced user features [ 1923.797739][ T30] audit: type=1800 audit(4294967688.614:176): pid=3750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6568" name="lu_gp_id" dev="configfs" ino=175326 res=0 errno=0 [ 1924.462712][ T3743] FAULT_INJECTION: forcing a failure. [ 1924.462712][ T3743] name failslab, interval 1, probability 0, space 0, times 0 [ 1924.469009][ T3760] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6571'. [ 1924.489077][ T3743] CPU: 1 UID: 0 PID: 3743 Comm: syz.1.6566 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1924.489148][ T3743] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1924.489166][ T3743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1924.489185][ T3743] Call Trace: [ 1924.489196][ T3743] [ 1924.489209][ T3743] dump_stack_lvl+0x100/0x190 [ 1924.489263][ T3743] should_fail_ex.cold+0x5/0xa [ 1924.489303][ T3743] should_failslab+0xc2/0x120 [ 1924.489337][ T3743] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1924.489382][ T3743] ? mas_alloc_nodes+0x280/0x390 [ 1924.489434][ T3743] mas_alloc_nodes+0x280/0x390 [ 1924.489485][ T3743] mas_preallocate+0x39c/0xf10 [ 1924.489529][ T3743] ? __pfx_mas_preallocate+0x10/0x10 [ 1924.489560][ T3743] ? __lock_acquire+0x4a5/0x2630 [ 1924.489627][ T3743] ? __asan_memset+0x23/0x50 [ 1924.489673][ T3743] ? init_multi_vma_prep+0x33c/0x650 [ 1924.489720][ T3743] commit_merge+0x3e3/0xbd0 [ 1924.489769][ T3743] ? __pfx_commit_merge+0x10/0x10 [ 1924.489809][ T3743] ? do_raw_spin_unlock+0x145/0x1e0 [ 1924.489881][ T3743] vma_expand+0x7df/0xcf0 [ 1924.489932][ T3743] ? __pfx_vma_expand+0x10/0x10 [ 1924.489976][ T3743] ? can_vma_merge_right+0xa5/0x530 [ 1924.490028][ T3743] vma_merge_new_range+0x2ce/0xa30 [ 1924.490070][ T3743] ? __sanitizer_cov_trace_const_cmp4+0x11/0x20 [ 1924.490112][ T3743] __mmap_region+0x900/0x29e0 [ 1924.490166][ T3743] ? __pfx___mmap_region+0x10/0x10 [ 1924.490208][ T3743] ? process_measurement+0x1f4/0x2350 [ 1924.490249][ T3743] ? __pfx_css_rstat_updated+0x10/0x10 [ 1924.490300][ T3743] ? __lock_acquire+0x4a5/0x2630 [ 1924.490358][ T3743] ? lock_acquire+0x1cf/0x380 [ 1924.490395][ T3743] ? find_held_lock+0x2b/0x80 [ 1924.490440][ T3743] ? trace_sched_exit_tp+0x13a/0x180 [ 1924.490526][ T3743] ? rcu_is_watching+0x12/0xc0 [ 1924.490571][ T3743] ? cap_capable+0x107/0x460 [ 1924.490606][ T3743] mmap_region+0x180/0x3e0 [ 1924.490659][ T3743] do_mmap+0xc63/0x12f0 [ 1924.490701][ T3743] ? __pfx_do_mmap+0x10/0x10 [ 1924.490737][ T3743] ? __pfx_down_write_killable+0x10/0x10 [ 1924.490785][ T3743] vm_mmap_pgoff+0x29e/0x470 [ 1924.490829][ T3743] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1924.490878][ T3743] ? do_futex+0x192/0x350 [ 1924.490921][ T3743] ? __pfx_do_futex+0x10/0x10 [ 1924.490969][ T3743] ksys_mmap_pgoff+0xe1/0x650 [ 1924.491004][ T3743] ? __x64_sys_futex+0x34f/0x4d0 [ 1924.491044][ T3743] ? __x64_sys_futex+0x358/0x4d0 [ 1924.491086][ T3743] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1924.491123][ T3743] ? xfd_validate_state+0x129/0x190 [ 1924.491177][ T3743] __x64_sys_mmap+0x125/0x190 [ 1924.491228][ T3743] do_syscall_64+0x106/0xf80 [ 1924.491260][ T3743] ? clear_bhb_loop+0x40/0x90 [ 1924.491295][ T3743] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1924.491326][ T3743] RIP: 0033:0x7f7e8fb9c819 [ 1924.491354][ T3743] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1924.491385][ T3743] RSP: 002b:00007f7e90ab3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1924.491416][ T3743] RAX: ffffffffffffffda RBX: 00007f7e8fe15fa0 RCX: 00007f7e8fb9c819 [ 1924.491435][ T3743] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 1924.491453][ T3743] RBP: 00007f7e8fc32c91 R08: 0000000000000007 R09: 0000000000028000 [ 1924.491473][ T3743] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1924.491491][ T3743] R13: 00007f7e8fe16038 R14: 00007f7e8fe15fa0 R15: 00007ffce11cf2f8 [ 1924.491533][ T3743] [ 1924.862889][ T3762] netlink: 'syz.3.6572': attribute type 11 has an invalid length. [ 1924.870844][ T3762] netlink: 'syz.3.6572': attribute type 11 has an invalid length. [ 1924.879112][ T3762] netlink: 'syz.3.6572': attribute type 11 has an invalid length. [ 1925.367139][ T3760] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1925.588074][ T3760] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1925.682956][ T3760] bond0 (unregistering): Released all slaves [ 1927.368364][ T30] audit: type=1800 audit(4294967692.182:177): pid=3797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6582" name="lu_gp_id" dev="configfs" ino=177807 res=0 errno=0 [ 1927.429695][ T3799] nbd: illegal input index 37139 [ 1927.431816][ T30] audit: type=1107 audit(4294967692.242:178): pid=3796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1927.486534][ T30] audit: type=1107 audit(4294967692.262:179): pid=3796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1928.615920][ T3826] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6588'. [ 1928.680249][ T3826] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6588'. [ 1929.233069][ T3834] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1929.338507][ T3816] netlink: 'syz.0.6585': attribute type 27 has an invalid length. [ 1929.359181][ T3816] netlink: 146 bytes leftover after parsing attributes in process `syz.0.6585'. [ 1929.429030][ T3825] FAULT_INJECTION: forcing a failure. [ 1929.429030][ T3825] name failslab, interval 1, probability 0, space 0, times 0 [ 1929.519244][ T3825] CPU: 1 UID: 0 PID: 3825 Comm: syz.1.6584 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1929.519316][ T3825] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1929.519335][ T3825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1929.519353][ T3825] Call Trace: [ 1929.519364][ T3825] [ 1929.519378][ T3825] dump_stack_lvl+0x100/0x190 [ 1929.519433][ T3825] should_fail_ex.cold+0x5/0xa [ 1929.519472][ T3825] should_failslab+0xc2/0x120 [ 1929.519509][ T3825] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1929.519556][ T3825] ? mas_alloc_nodes+0x280/0x390 [ 1929.519621][ T3825] mas_alloc_nodes+0x280/0x390 [ 1929.519674][ T3825] mas_preallocate+0x39c/0xf10 [ 1929.519718][ T3825] ? __pfx_mas_preallocate+0x10/0x10 [ 1929.519751][ T3825] ? __lock_acquire+0x4a5/0x2630 [ 1929.519803][ T3825] ? __asan_memset+0x23/0x50 [ 1929.519845][ T3825] ? init_multi_vma_prep+0x33c/0x650 [ 1929.519890][ T3825] commit_merge+0x3e3/0xbd0 [ 1929.519939][ T3825] ? __pfx_commit_merge+0x10/0x10 [ 1929.519978][ T3825] ? do_raw_spin_unlock+0x145/0x1e0 [ 1929.520045][ T3825] vma_expand+0x7df/0xcf0 [ 1929.520096][ T3825] ? __pfx_vma_expand+0x10/0x10 [ 1929.520142][ T3825] ? can_vma_merge_right+0xa5/0x530 [ 1929.520191][ T3825] vma_merge_new_range+0x2ce/0xa30 [ 1929.520236][ T3825] ? __sanitizer_cov_trace_const_cmp4+0x11/0x20 [ 1929.520279][ T3825] __mmap_region+0x900/0x29e0 [ 1929.520330][ T3825] ? update_cfs_rq_load_avg+0x51/0x550 [ 1929.520366][ T3825] ? __pfx___mmap_region+0x10/0x10 [ 1929.520419][ T3825] ? set_next_entity+0x11e/0x9c0 [ 1929.520472][ T3825] ? __lock_acquire+0x4a5/0x2630 [ 1929.520524][ T3825] ? lock_acquire+0x1cf/0x380 [ 1929.520565][ T3825] ? find_held_lock+0x2b/0x80 [ 1929.520702][ T3825] ? trace_sched_exit_tp+0x13a/0x180 [ 1929.520798][ T3825] ? rcu_is_watching+0x12/0xc0 [ 1929.520849][ T3825] ? cap_capable+0x107/0x460 [ 1929.520886][ T3825] mmap_region+0x180/0x3e0 [ 1929.520940][ T3825] do_mmap+0xc63/0x12f0 [ 1929.520984][ T3825] ? __pfx_do_mmap+0x10/0x10 [ 1929.521020][ T3825] ? __pfx_down_write_killable+0x10/0x10 [ 1929.521069][ T3825] vm_mmap_pgoff+0x29e/0x470 [ 1929.521112][ T3825] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1929.521162][ T3825] ? do_futex+0x192/0x350 [ 1929.521204][ T3825] ? __pfx_do_futex+0x10/0x10 [ 1929.521252][ T3825] ksys_mmap_pgoff+0xe1/0x650 [ 1929.521289][ T3825] ? __x64_sys_futex+0x34f/0x4d0 [ 1929.521329][ T3825] ? __x64_sys_futex+0x358/0x4d0 [ 1929.521372][ T3825] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1929.521408][ T3825] ? xfd_validate_state+0x129/0x190 [ 1929.521459][ T3825] __x64_sys_mmap+0x125/0x190 [ 1929.521509][ T3825] do_syscall_64+0x106/0xf80 [ 1929.521540][ T3825] ? clear_bhb_loop+0x40/0x90 [ 1929.521578][ T3825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1929.521618][ T3825] RIP: 0033:0x7f7e8fb9c819 [ 1929.521647][ T3825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1929.521678][ T3825] RSP: 002b:00007f7e90a71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1929.521709][ T3825] RAX: ffffffffffffffda RBX: 00007f7e8fe16180 RCX: 00007f7e8fb9c819 [ 1929.521731][ T3825] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 1929.521751][ T3825] RBP: 00007f7e8fc32c91 R08: 0000000000000007 R09: 0000000000028000 [ 1929.521770][ T3825] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1929.521787][ T3825] R13: 00007f7e8fe16218 R14: 00007f7e8fe16180 R15: 00007ffce11cf2f8 [ 1929.521830][ T3825] [ 1930.224284][ T3842] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1930.308927][ T3844] nbd: illegal input index 37139 syzkaller syzkaller login: [ 1930.819483][ T3861] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1930.834891][ T3861] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1930.851854][ T3861] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1930.915642][ T3861] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1931.886541][ T3887] FAULT_INJECTION: forcing a failure. [ 1931.886541][ T3887] name failslab, interval 1, probability 0, space 0, times 0 [ 1931.942085][ T3887] CPU: 0 UID: 0 PID: 3887 Comm: syz.3.6601 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1931.942157][ T3887] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1931.942175][ T3887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1931.942192][ T3887] Call Trace: [ 1931.942204][ T3887] [ 1931.942217][ T3887] dump_stack_lvl+0x100/0x190 [ 1931.942270][ T3887] should_fail_ex.cold+0x5/0xa [ 1931.942309][ T3887] should_failslab+0xc2/0x120 [ 1931.942345][ T3887] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1931.942396][ T3887] ? __d_alloc+0x34/0xa80 [ 1931.942442][ T3887] __d_alloc+0x34/0xa80 [ 1931.942482][ T3887] d_alloc_pseudo+0x1c/0xc0 [ 1931.942539][ T3887] alloc_file_pseudo+0xcf/0x230 [ 1931.942582][ T3887] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1931.942625][ T3887] ? alloc_fd+0x476/0x790 [ 1931.942665][ T3887] sock_alloc_file+0x50/0x210 [ 1931.942699][ T3887] __sys_socket+0x1c0/0x260 [ 1931.942741][ T3887] ? __pfx___sys_socket+0x10/0x10 [ 1931.942791][ T3887] __x64_sys_socket+0x72/0xb0 [ 1931.942831][ T3887] ? lockdep_hardirqs_on+0x78/0x100 [ 1931.942864][ T3887] do_syscall_64+0x106/0xf80 [ 1931.942895][ T3887] ? clear_bhb_loop+0x40/0x90 [ 1931.942934][ T3887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1931.942967][ T3887] RIP: 0033:0x7f09fb39c819 [ 1931.942994][ T3887] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1931.943025][ T3887] RSP: 002b:00007f09fc293028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1931.943056][ T3887] RAX: ffffffffffffffda RBX: 00007f09fb616180 RCX: 00007f09fb39c819 [ 1931.943078][ T3887] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000023 [ 1931.943097][ T3887] RBP: 00007f09fb432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1931.943116][ T3887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1931.943134][ T3887] R13: 00007f09fb616218 R14: 00007f09fb616180 R15: 00007ffcfa7c48e8 [ 1931.943174][ T3887] [ 1932.293197][ T3890] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6602'. [ 1932.485811][ T3893] FAULT_INJECTION: forcing a failure. [ 1932.485811][ T3893] name failslab, interval 1, probability 0, space 0, times 0 [ 1932.570426][ T3893] CPU: 0 UID: 0 PID: 3893 Comm: syz.1.6603 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1932.570495][ T3893] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1932.570513][ T3893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1932.570531][ T3893] Call Trace: [ 1932.570541][ T3893] [ 1932.570554][ T3893] dump_stack_lvl+0x100/0x190 [ 1932.570615][ T3893] should_fail_ex.cold+0x5/0xa [ 1932.570646][ T3893] should_failslab+0xc2/0x120 [ 1932.570675][ T3893] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1932.570711][ T3893] ? alloc_uid+0x13d/0x4c0 [ 1932.570738][ T3893] ? rcu_is_watching+0x12/0xc0 [ 1932.570779][ T3893] alloc_uid+0x13d/0x4c0 [ 1932.570807][ T3893] ? __pfx_alloc_uid+0x10/0x10 [ 1932.570843][ T3893] ? bpf_lsm_cred_prepare+0x9/0x10 [ 1932.570873][ T3893] ? security_prepare_creds+0xa8/0x290 [ 1932.570920][ T3893] __sys_setresuid+0x4f2/0x1280 [ 1932.570958][ T3893] do_syscall_64+0x106/0xf80 [ 1932.570988][ T3893] ? clear_bhb_loop+0x40/0x90 [ 1932.571018][ T3893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1932.571044][ T3893] RIP: 0033:0x7f7e8fb9c819 [ 1932.571068][ T3893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1932.571094][ T3893] RSP: 002b:00007f7e90ab3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 1932.571124][ T3893] RAX: ffffffffffffffda RBX: 00007f7e8fe15fa0 RCX: 00007f7e8fb9c819 [ 1932.571143][ T3893] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000002 [ 1932.571161][ T3893] RBP: 00007f7e8fc32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1932.571178][ T3893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1932.571195][ T3893] R13: 00007f7e8fe16038 R14: 00007f7e8fe15fa0 R15: 00007ffce11cf2f8 [ 1932.571234][ T3893] [ 1932.913651][T21897] Bluetooth: hci4: command 0x0c1a tx timeout [ 1932.913707][T21897] Bluetooth: hci0: command 0x0c1a tx timeout [ 1932.913743][T21897] Bluetooth: hci3: command 0x0c1a tx timeout [ 1932.992198][T21897] Bluetooth: hci1: command 0x0c1a tx timeout [ 1934.091117][ T3916] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1934.337998][ T3923] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1934.384782][ T3925] FAULT_INJECTION: forcing a failure. [ 1934.384782][ T3925] name failslab, interval 1, probability 0, space 0, times 0 [ 1934.485040][ T3925] CPU: 0 UID: 0 PID: 3925 Comm: syz.3.6615 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1934.485112][ T3925] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1934.485130][ T3925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1934.485150][ T3925] Call Trace: [ 1934.485161][ T3925] [ 1934.485174][ T3925] dump_stack_lvl+0x100/0x190 [ 1934.485228][ T3925] should_fail_ex.cold+0x5/0xa [ 1934.485267][ T3925] should_failslab+0xc2/0x120 [ 1934.485303][ T3925] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1934.485353][ T3925] ? alloc_uid+0x13d/0x4c0 [ 1934.485389][ T3925] ? rcu_is_watching+0x12/0xc0 [ 1934.485444][ T3925] alloc_uid+0x13d/0x4c0 [ 1934.485483][ T3925] ? __pfx_alloc_uid+0x10/0x10 [ 1934.485529][ T3925] ? bpf_lsm_cred_prepare+0x9/0x10 [ 1934.485562][ T3925] ? security_prepare_creds+0xa8/0x290 [ 1934.485616][ T3925] __sys_setresuid+0x4f2/0x1280 [ 1934.485656][ T3925] do_syscall_64+0x106/0xf80 [ 1934.485688][ T3925] ? clear_bhb_loop+0x40/0x90 [ 1934.485726][ T3925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1934.485757][ T3925] RIP: 0033:0x7f09fb39c819 [ 1934.485783][ T3925] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1934.485814][ T3925] RSP: 002b:00007f09fc2d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 1934.485845][ T3925] RAX: ffffffffffffffda RBX: 00007f09fb615fa0 RCX: 00007f09fb39c819 [ 1934.485867][ T3925] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000002 [ 1934.485886][ T3925] RBP: 00007f09fb432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1934.485905][ T3925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1934.485924][ T3925] R13: 00007f09fb616038 R14: 00007f09fb615fa0 R15: 00007ffcfa7c48e8 [ 1934.485972][ T3925] [ 1935.079500][ T3930] FAULT_INJECTION: forcing a failure. [ 1935.079500][ T3930] name failslab, interval 1, probability 0, space 0, times 0 [ 1935.229995][ T3930] CPU: 1 UID: 0 PID: 3930 Comm: syz.1.6617 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1935.230039][ T3930] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1935.230050][ T3930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1935.230061][ T3930] Call Trace: [ 1935.230068][ T3930] [ 1935.230076][ T3930] dump_stack_lvl+0x100/0x190 [ 1935.230110][ T3930] should_fail_ex.cold+0x5/0xa [ 1935.230132][ T3930] should_failslab+0xc2/0x120 [ 1935.230153][ T3930] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1935.230183][ T3930] ? security_file_alloc+0x34/0x2c0 [ 1935.230208][ T3930] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1935.230234][ T3930] security_file_alloc+0x34/0x2c0 [ 1935.230259][ T3930] init_file+0x95/0x480 [ 1935.230282][ T3930] alloc_empty_file+0x73/0x1c0 [ 1935.230307][ T3930] alloc_file_pseudo+0x13a/0x230 [ 1935.230333][ T3930] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1935.230358][ T3930] ? security_inode_init_security_anon+0x7b/0x230 [ 1935.230386][ T3930] __anon_inode_getfile+0xe8/0x280 [ 1935.230409][ T3930] ? _copy_to_user+0xaf/0xd0 [ 1935.230435][ T3930] io_uring_setup.cold+0x1a41/0x1d79 [ 1935.230466][ T3930] ? __pfx_io_uring_setup+0x10/0x10 [ 1935.230498][ T3930] ? __pfx_do_futex+0x10/0x10 [ 1935.230533][ T3930] ? xfd_validate_state+0x129/0x190 [ 1935.230576][ T3930] __x64_sys_io_uring_setup+0xc2/0x170 [ 1935.230605][ T3930] do_syscall_64+0x106/0xf80 [ 1935.230625][ T3930] ? clear_bhb_loop+0x40/0x90 [ 1935.230652][ T3930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1935.230672][ T3930] RIP: 0033:0x7f7e8fb9c819 [ 1935.230688][ T3930] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1935.230707][ T3930] RSP: 002b:00007f7e90ab3028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1935.230725][ T3930] RAX: ffffffffffffffda RBX: 00007f7e8fe15fa0 RCX: 00007f7e8fb9c819 [ 1935.230737][ T3930] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1935.230748][ T3930] RBP: 00007f7e8fc32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1935.230759][ T3930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1935.230770][ T3930] R13: 00007f7e8fe16038 R14: 00007f7e8fe15fa0 R15: 00007ffce11cf2f8 [ 1935.230792][ T3930] [ 1935.686220][ T3936] nbd: illegal input index 37139 [ 1935.859429][ T3933] Bluetooth: hci3: Opcode 0x0c1a failed: -4 syzkaller syzkaller login: [ 1935.917827][ T3933] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1935.924147][ T3933] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1936.027963][ T3933] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1936.306255][ T3952] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1937.368408][T28085] Bluetooth: hci3: command 0x0c1a tx timeout [ 1937.428999][ T3969] openvswitch: HfR: Dropping previously announced user features [ 1937.502169][ T3971] nbd: illegal input index 37139 [ 1937.919105][T28085] Bluetooth: hci0: command 0x0c1a tx timeout [ 1938.000839][T28085] Bluetooth: hci4: command 0x0c1a tx timeout [ 1938.078905][T28085] Bluetooth: hci1: command 0x0c1a tx timeout [ 1938.475177][ T30] audit: type=1800 audit(4294967703.276:180): pid=3989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6634" name="lu_gp_id" dev="configfs" ino=183697 res=0 errno=0 [ 1938.565949][ T30] audit: type=1107 audit(4294967703.326:181): pid=3987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1940.344375][ T30] audit: type=1800 audit(4294967705.145:182): pid=4021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6643" name="lu_gp_id" dev="configfs" ino=185284 res=0 errno=0 [ 1941.165554][ T4044] nbd: illegal input index 37139 [ 1944.868484][ T4094] FAULT_INJECTION: forcing a failure. [ 1944.868484][ T4094] name failslab, interval 1, probability 0, space 0, times 0 [ 1944.912369][ T4094] CPU: 1 UID: 0 PID: 4094 Comm: syz.4.6663 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1944.912438][ T4094] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1944.912456][ T4094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1944.912476][ T4094] Call Trace: [ 1944.912487][ T4094] [ 1944.912499][ T4094] dump_stack_lvl+0x100/0x190 [ 1944.912553][ T4094] should_fail_ex.cold+0x5/0xa [ 1944.912593][ T4094] should_failslab+0xc2/0x120 [ 1944.912637][ T4094] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1944.912685][ T4094] ? mas_alloc_nodes+0x280/0x390 [ 1944.912741][ T4094] mas_alloc_nodes+0x280/0x390 [ 1944.912795][ T4094] mas_preallocate+0x39c/0xf10 [ 1944.912838][ T4094] ? __pfx_mas_preallocate+0x10/0x10 [ 1944.912871][ T4094] ? __lock_acquire+0x4a5/0x2630 [ 1944.912923][ T4094] ? __asan_memset+0x23/0x50 [ 1944.912969][ T4094] ? init_multi_vma_prep+0x33c/0x650 [ 1944.913016][ T4094] commit_merge+0x3e3/0xbd0 [ 1944.913066][ T4094] ? __pfx_commit_merge+0x10/0x10 [ 1944.913116][ T4094] ? do_raw_spin_unlock+0x145/0x1e0 [ 1944.913186][ T4094] vma_expand+0x7df/0xcf0 [ 1944.913238][ T4094] ? __pfx_vma_expand+0x10/0x10 [ 1944.913296][ T4094] ? can_vma_merge_right+0xa5/0x530 [ 1944.913346][ T4094] vma_merge_new_range+0x2ce/0xa30 [ 1944.913389][ T4094] ? __sanitizer_cov_trace_const_cmp4+0x11/0x20 [ 1944.913432][ T4094] __mmap_region+0x900/0x29e0 [ 1944.913486][ T4094] ? __pfx___mmap_region+0x10/0x10 [ 1944.913529][ T4094] ? process_measurement+0x1f4/0x2350 [ 1944.913570][ T4094] ? __pfx_css_rstat_updated+0x10/0x10 [ 1944.913633][ T4094] ? __lock_acquire+0x4a5/0x2630 [ 1944.913691][ T4094] ? lock_acquire+0x1cf/0x380 [ 1944.913730][ T4094] ? find_held_lock+0x2b/0x80 [ 1944.913781][ T4094] ? trace_sched_exit_tp+0x13a/0x180 [ 1944.913877][ T4094] ? rcu_is_watching+0x12/0xc0 [ 1944.913925][ T4094] ? cap_capable+0x107/0x460 [ 1944.913964][ T4094] mmap_region+0x180/0x3e0 [ 1944.914020][ T4094] do_mmap+0xc63/0x12f0 [ 1944.914064][ T4094] ? __pfx_do_mmap+0x10/0x10 [ 1944.914106][ T4094] ? __pfx_down_write_killable+0x10/0x10 [ 1944.914153][ T4094] vm_mmap_pgoff+0x29e/0x470 [ 1944.914199][ T4094] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1944.914239][ T4094] ? do_futex+0x192/0x350 [ 1944.914282][ T4094] ? __pfx_do_futex+0x10/0x10 [ 1944.914331][ T4094] ksys_mmap_pgoff+0xe1/0x650 [ 1944.914374][ T4094] ? __x64_sys_futex+0x34f/0x4d0 [ 1944.914420][ T4094] ? __x64_sys_futex+0x358/0x4d0 [ 1944.914463][ T4094] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1944.914499][ T4094] ? xfd_validate_state+0x129/0x190 [ 1944.914552][ T4094] __x64_sys_mmap+0x125/0x190 [ 1944.914605][ T4094] do_syscall_64+0x106/0xf80 [ 1944.914645][ T4094] ? clear_bhb_loop+0x40/0x90 [ 1944.914687][ T4094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1944.914727][ T4094] RIP: 0033:0x7f519e39c819 [ 1944.914756][ T4094] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1944.914786][ T4094] RSP: 002b:00007f519c5ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1944.914817][ T4094] RAX: ffffffffffffffda RBX: 00007f519e615fa0 RCX: 00007f519e39c819 [ 1944.914837][ T4094] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 1944.914856][ T4094] RBP: 00007f519e432c91 R08: 0000000000000007 R09: 0000000000028000 [ 1944.914876][ T4094] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1944.914901][ T4094] R13: 00007f519e616038 R14: 00007f519e615fa0 R15: 00007ffee69e59c8 [ 1944.914942][ T4094] [ 1945.593302][ T4099] FAULT_INJECTION: forcing a failure. [ 1945.593302][ T4099] name failslab, interval 1, probability 0, space 0, times 0 [ 1945.606465][ T4099] CPU: 1 UID: 0 PID: 4099 Comm: syz.3.6664 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1945.606530][ T4099] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1945.606546][ T4099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1945.606564][ T4099] Call Trace: [ 1945.606575][ T4099] [ 1945.606587][ T4099] dump_stack_lvl+0x100/0x190 [ 1945.606647][ T4099] should_fail_ex.cold+0x5/0xa [ 1945.606686][ T4099] should_failslab+0xc2/0x120 [ 1945.606720][ T4099] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1945.606767][ T4099] ? alloc_empty_file+0x55/0x1c0 [ 1945.606811][ T4099] alloc_empty_file+0x55/0x1c0 [ 1945.606851][ T4099] alloc_file_pseudo+0x13a/0x230 [ 1945.606893][ T4099] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1945.606936][ T4099] ? security_inode_init_security_anon+0x7b/0x230 [ 1945.606979][ T4099] __anon_inode_getfile+0xe8/0x280 [ 1945.607014][ T4099] ? _copy_to_user+0xaf/0xd0 [ 1945.607053][ T4099] io_uring_setup.cold+0x1a41/0x1d79 [ 1945.607104][ T4099] ? __pfx_io_uring_setup+0x10/0x10 [ 1945.607156][ T4099] ? __pfx_do_futex+0x10/0x10 [ 1945.607217][ T4099] ? xfd_validate_state+0x129/0x190 [ 1945.607272][ T4099] __x64_sys_io_uring_setup+0xc2/0x170 [ 1945.607320][ T4099] do_syscall_64+0x106/0xf80 [ 1945.607352][ T4099] ? clear_bhb_loop+0x40/0x90 [ 1945.607389][ T4099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1945.607419][ T4099] RIP: 0033:0x7f09fb39c819 [ 1945.607446][ T4099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1945.607478][ T4099] RSP: 002b:00007f09fc2d5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1945.607510][ T4099] RAX: ffffffffffffffda RBX: 00007f09fb615fa0 RCX: 00007f09fb39c819 [ 1945.607529][ T4099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1945.607547][ T4099] RBP: 00007f09fb432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1945.607566][ T4099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1945.607584][ T4099] R13: 00007f09fb616038 R14: 00007f09fb615fa0 R15: 00007ffcfa7c48e8 [ 1945.607633][ T4099] [ 1946.280715][ T4099] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1946.313387][ T4099] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1946.352914][ T4099] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1946.375964][ T4099] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1946.622813][ T4112] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1946.766472][ T4118] netlink: 338 bytes leftover after parsing attributes in process `syz.4.6672'. [ 1946.803457][ T4118] bridge0: port 2(bridge_slave_1) entered disabled state [ 1946.810990][ T4118] bridge0: port 1(bridge_slave_0) entered disabled state [ 1946.893963][ T4121] nbd: illegal input index 37139 [ 1947.277052][ T4132] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(18) [ 1948.219225][ T4147] FAULT_INJECTION: forcing a failure. [ 1948.219225][ T4147] name failslab, interval 1, probability 0, space 0, times 0 [ 1948.232888][ T4146] FAULT_INJECTION: forcing a failure. [ 1948.232888][ T4146] name failslab, interval 1, probability 0, space 0, times 0 [ 1948.255070][T28085] Bluetooth: hci3: command 0x0c1a tx timeout [ 1948.287596][ T4147] CPU: 0 UID: 0 PID: 4147 Comm: syz.4.6677 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1948.287667][ T4147] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1948.287686][ T4147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1948.287704][ T4147] Call Trace: [ 1948.287715][ T4147] [ 1948.287728][ T4147] dump_stack_lvl+0x100/0x190 [ 1948.287781][ T4147] should_fail_ex.cold+0x5/0xa [ 1948.287818][ T4147] should_failslab+0xc2/0x120 [ 1948.287855][ T4147] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1948.287905][ T4147] ? __d_alloc+0x34/0xa80 [ 1948.287950][ T4147] __d_alloc+0x34/0xa80 [ 1948.287991][ T4147] d_alloc_pseudo+0x1c/0xc0 [ 1948.288037][ T4147] alloc_file_pseudo+0xcf/0x230 [ 1948.288082][ T4147] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1948.288125][ T4147] ? alloc_fd+0x476/0x790 [ 1948.288165][ T4147] sock_alloc_file+0x50/0x210 [ 1948.288200][ T4147] __sys_socket+0x1c0/0x260 [ 1948.288242][ T4147] ? __pfx___sys_socket+0x10/0x10 [ 1948.288296][ T4147] __x64_sys_socket+0x72/0xb0 [ 1948.288346][ T4147] ? lockdep_hardirqs_on+0x78/0x100 [ 1948.288379][ T4147] do_syscall_64+0x106/0xf80 [ 1948.288411][ T4147] ? clear_bhb_loop+0x40/0x90 [ 1948.288450][ T4147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1948.288482][ T4147] RIP: 0033:0x7f519e39c819 [ 1948.288509][ T4147] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1948.288541][ T4147] RSP: 002b:00007f519c5ac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1948.288571][ T4147] RAX: ffffffffffffffda RBX: 00007f519e616180 RCX: 00007f519e39c819 [ 1948.288590][ T4147] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000023 [ 1948.288609][ T4147] RBP: 00007f519e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1948.288628][ T4147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1948.288647][ T4147] R13: 00007f519e616218 R14: 00007f519e616180 R15: 00007ffee69e59c8 [ 1948.288690][ T4147] [ 1948.338618][ T4146] CPU: 1 UID: 0 PID: 4146 Comm: syz.0.6679 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1948.338678][ T4146] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1948.338693][ T4146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1948.338710][ T4146] Call Trace: [ 1948.338720][ T4146] [ 1948.338731][ T4146] dump_stack_lvl+0x100/0x190 [ 1948.338785][ T4146] should_fail_ex.cold+0x5/0xa [ 1948.338818][ T4146] should_failslab+0xc2/0x120 [ 1948.338849][ T4146] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1948.338886][ T4146] ? io_uring_alloc_task_context+0xa7/0x54b [ 1948.338936][ T4146] io_uring_alloc_task_context+0xa7/0x54b [ 1948.338976][ T4146] ? file_init_path+0x48e/0x670 [ 1948.339010][ T4146] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 1948.339052][ T4146] ? alloc_file_pseudo+0x1a5/0x230 [ 1948.339092][ T4146] __io_uring_add_tctx_node.cold+0x10/0x195 [ 1948.339154][ T4146] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 1948.339200][ T4146] ? __anon_inode_getfile+0x17c/0x280 [ 1948.339238][ T4146] io_uring_setup.cold+0x1a83/0x1d79 [ 1948.339283][ T4146] ? __pfx_io_uring_setup+0x10/0x10 [ 1948.339328][ T4146] ? __pfx_do_futex+0x10/0x10 [ 1948.339381][ T4146] ? xfd_validate_state+0x129/0x190 [ 1948.339428][ T4146] __x64_sys_io_uring_setup+0xc2/0x170 [ 1948.339468][ T4146] do_syscall_64+0x106/0xf80 [ 1948.339496][ T4146] ? clear_bhb_loop+0x40/0x90 [ 1948.339529][ T4146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1948.339557][ T4146] RIP: 0033:0x7f703039c819 [ 1948.339580][ T4146] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1948.339606][ T4146] RSP: 002b:00007f7031237028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1948.339640][ T4146] RAX: ffffffffffffffda RBX: 00007f7030615fa0 RCX: 00007f703039c819 [ 1948.339658][ T4146] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1948.339674][ T4146] RBP: 00007f7030432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1948.339690][ T4146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1948.339705][ T4146] R13: 00007f7030616038 R14: 00007f7030615fa0 R15: 00007fffbe68fe98 [ 1948.339741][ T4146] [ 1948.767126][T21897] Bluetooth: hci1: command 0x0c1a tx timeout [ 1948.773258][ T5143] Bluetooth: hci4: command 0x0c1a tx timeout [ 1948.783282][T28085] Bluetooth: hci0: command 0x0c1a tx timeout [ 1949.042142][ T4146] Bluetooth: hci3: Opcode 0x0c1a failed: -4 syzkaller syzkaller login: [ 1949.143792][ T4146] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1949.198628][ T4146] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1949.245881][ T4146] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1949.797988][ T30] audit: type=1800 audit(4294967714.601:183): pid=4169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6686" name="lu_gp_id" dev="configfs" ino=189329 res=0 errno=0 [ 1950.087345][ T4163] FAULT_INJECTION: forcing a failure. [ 1950.087345][ T4163] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1950.135660][ T4163] CPU: 1 UID: 0 PID: 4163 Comm: syz.1.6684 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1950.135724][ T4163] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1950.135741][ T4163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1950.135759][ T4163] Call Trace: [ 1950.135769][ T4163] [ 1950.135781][ T4163] dump_stack_lvl+0x100/0x190 [ 1950.135831][ T4163] should_fail_ex.cold+0x5/0xa [ 1950.135866][ T4163] get_futex_key+0x1d2/0x1620 [ 1950.135905][ T4163] ? __pfx_get_futex_key+0x10/0x10 [ 1950.135938][ T4163] ? lock_acquire+0x1cf/0x380 [ 1950.135991][ T4163] futex_wake+0xea/0x530 [ 1950.136041][ T4163] ? __pfx_futex_wake+0x10/0x10 [ 1950.136087][ T4163] ? exit_mm_release+0x19/0x30 [ 1950.136137][ T4163] do_futex+0x32b/0x350 [ 1950.136177][ T4163] ? __pfx_do_futex+0x10/0x10 [ 1950.136213][ T4163] ? __might_fault+0xc5/0x140 [ 1950.136265][ T4163] mm_release+0x24a/0x2f0 [ 1950.136296][ T4163] do_exit+0x704/0x2b60 [ 1950.136338][ T4163] ? __pfx_do_exit+0x10/0x10 [ 1950.136376][ T4163] ? do_raw_spin_lock+0x128/0x260 [ 1950.136416][ T4163] ? find_held_lock+0x2b/0x80 [ 1950.136443][ T4163] ? get_signal+0x7e0/0x21e0 [ 1950.136476][ T4163] do_group_exit+0xd5/0x2a0 [ 1950.136515][ T4163] get_signal+0x1ec7/0x21e0 [ 1950.136570][ T4163] ? __pfx_get_signal+0x10/0x10 [ 1950.136602][ T4163] ? do_futex+0x192/0x350 [ 1950.136644][ T4163] arch_do_signal_or_restart+0x91/0x770 [ 1950.136684][ T4163] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1950.136731][ T4163] ? __pfx___x64_sys_futex+0x10/0x10 [ 1950.136779][ T4163] exit_to_user_mode_loop+0x86/0x4a0 [ 1950.136820][ T4163] do_syscall_64+0x668/0xf80 [ 1950.136850][ T4163] ? clear_bhb_loop+0x40/0x90 [ 1950.136884][ T4163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1950.136913][ T4163] RIP: 0033:0x7f7e8fb9c819 [ 1950.136938][ T4163] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1950.136966][ T4163] RSP: 002b:00007f7e90a920e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1950.136994][ T4163] RAX: fffffffffffffe00 RBX: 00007f7e8fe16098 RCX: 00007f7e8fb9c819 [ 1950.137015][ T4163] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e8fe16098 [ 1950.137033][ T4163] RBP: 00007f7e8fe16090 R08: 0000000000000000 R09: 0000000000000000 [ 1950.137051][ T4163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1950.137067][ T4163] R13: 00007f7e8fe16128 R14: 00007ffce11cf210 R15: 00007ffce11cf2f8 [ 1950.137103][ T4163] [ 1950.755260][ T4188] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6690'. [ 1950.808129][T28085] Bluetooth: hci3: command 0x0c1a tx timeout [ 1951.205138][T28085] Bluetooth: hci0: command 0x0c1a tx timeout [ 1951.252785][ T4185] usb usb37: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1951.273947][ T4185] vhci_hcd vhci_hcd.2: invalid port number 111 [ 1951.285179][T21897] Bluetooth: hci4: command 0x0c1a tx timeout [ 1951.294822][T28085] Bluetooth: hci1: command 0x0c1a tx timeout [ 1951.353873][ T4181] NFSD: Failed to start, no listeners configured. [ 1951.363543][ T4185] vhci_hcd vhci_hcd.2: invalid port number 111 [ 1952.140135][ T4198] ------------[ cut here ]------------ [ 1952.146777][ T4198] IS_ERR(old) [ 1952.146790][ T4198] WARNING: kernel/tracepoint.c:367 at tracepoint_probe_unregister+0x837/0xd10, CPU#1: syz.4.6692/4198 [ 1952.161755][ T4198] Modules linked in: [ 1952.166531][ T4198] CPU: 1 UID: 0 PID: 4198 Comm: syz.4.6692 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1952.177757][ T4198] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1952.188538][ T4198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1952.199877][ T4198] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10 [ 1952.205231][ T30] audit: type=1800 audit(4294967716.999:184): pid=4202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6693" name="lu_gp_id" dev="configfs" ino=192094 res=0 errno=0 [ 1952.207408][ T4198] Code: 09 e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 00 07 0a 82 48 c7 c7 80 37 87 8e e8 26 6b e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00 [ 1952.249420][ T4198] RSP: 0018:ffffc90003cef8a8 EFLAGS: 00010283 [ 1952.255906][ T4198] RAX: 00000000000640d5 RBX: 00000000fffffffe RCX: ffffc9001389c000 [ 1952.264106][ T4198] RDX: 0000000000080000 RSI: ffffffff820a17f6 RDI: ffff888027f40000 [ 1952.272991][ T4198] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 1952.281376][ T4198] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff82103130 [ 1952.289573][ T4198] R13: 0000000000000302 R14: 0000000000000002 R15: ffffffff8ec401c0 [ 1952.298047][ T4198] FS: 00007f519c5cd6c0(0000) GS:ffff888124440000(0000) knlGS:0000000000000000 [ 1952.307767][ T4198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1952.314713][ T4198] CR2: 0000001b3017bff8 CR3: 000000002cf9a000 CR4: 00000000003526f0 [ 1952.323408][ T4198] Call Trace: [ 1952.326791][ T4198] [ 1952.329880][ T4198] tracing_stop_cmdline_record+0x66/0xa0 [ 1952.335760][ T4198] __ftrace_event_enable_disable+0x5c4/0x6f0 [ 1952.341904][ T4198] ftrace_event_set_open+0x224/0x380 [ 1952.347549][ T4198] do_dentry_open+0x6d8/0x1660 [ 1952.352476][ T4198] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 1952.358570][ T4198] vfs_open+0x82/0x3f0 [ 1952.363043][ T4198] path_openat+0x208c/0x31a0 [ 1952.368191][ T4198] ? __pfx_path_openat+0x10/0x10 [ 1952.373795][ T4198] do_file_open+0x20e/0x430 [ 1952.378394][ T4198] ? __pfx_do_file_open+0x10/0x10 [ 1952.383717][ T4198] ? alloc_fd+0x476/0x790 [ 1952.388263][ T4198] ? do_getname+0x191/0x390 [ 1952.392917][ T4198] do_sys_openat2+0x10d/0x1e0 [ 1952.397789][ T4198] ? __pfx_do_sys_openat2+0x10/0x10 [ 1952.403937][ T4198] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 1952.410504][ T4198] __x64_sys_openat+0x12d/0x210 [ 1952.415426][ T4198] ? __pfx___x64_sys_openat+0x10/0x10 [ 1952.420971][ T4198] do_syscall_64+0x106/0xf80 [ 1952.425642][ T4198] ? clear_bhb_loop+0x40/0x90 [ 1952.430544][ T4198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1952.436853][ T4198] RIP: 0033:0x7f519e39c819 [ 1952.441651][ T4198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1952.461862][ T4198] RSP: 002b:00007f519c5cd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1952.470673][ T4198] RAX: ffffffffffffffda RBX: 00007f519e616090 RCX: 00007f519e39c819 [ 1952.479178][ T4198] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1952.487541][ T4198] RBP: 00007f519e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1952.496746][ T4198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1952.505245][ T4198] R13: 00007f519e616128 R14: 00007f519e616090 R15: 00007ffee69e59c8 [ 1952.514276][ T4198] [ 1952.517918][ T4198] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1952.525778][ T4198] CPU: 1 UID: 0 PID: 4198 Comm: syz.4.6692 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1952.537800][ T4198] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1952.548415][ T4198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1952.558485][ T4198] Call Trace: [ 1952.561787][ T4198] [ 1952.564740][ T4198] dump_stack_lvl+0x100/0x190 [ 1952.569564][ T4198] vpanic+0x552/0x970 [ 1952.573685][ T4198] ? __pfx_vpanic+0x10/0x10 [ 1952.578243][ T4198] panic+0xd1/0xe0 [ 1952.582192][ T4198] ? __pfx_panic+0x10/0x10 [ 1952.587024][ T4198] check_panic_on_warn.cold+0x19/0x34 [ 1952.592519][ T4198] ? tracepoint_probe_unregister+0x837/0xd10 [ 1952.598831][ T4198] __warn.cold+0x191/0x348 [ 1952.603658][ T4198] __report_bug+0x296/0x3d0 [ 1952.608215][ T4198] ? tracepoint_probe_unregister+0x837/0xd10 [ 1952.614274][ T4198] ? __pfx___report_bug+0x10/0x10 [ 1952.619355][ T4198] ? rcu_is_watching+0x12/0xc0 [ 1952.624357][ T4198] ? trace_contention_end+0x140/0x180 [ 1952.630053][ T4198] ? __mutex_lock+0x26a/0x1b90 [ 1952.635327][ T4198] ? tracepoint_probe_unregister+0x31/0xd10 [ 1952.641477][ T4198] ? tracepoint_probe_unregister+0x837/0xd10 [ 1952.647584][ T4198] report_bug+0xb2/0x220 [ 1952.652119][ T4198] ? tracepoint_probe_unregister+0x837/0xd10 [ 1952.658379][ T4198] handle_bug+0x16a/0x2a0 [ 1952.662745][ T4198] exc_invalid_op+0x17/0x50 [ 1952.667281][ T4198] asm_exc_invalid_op+0x1a/0x20 [ 1952.672358][ T4198] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10 [ 1952.679277][ T4198] Code: 09 e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 00 07 0a 82 48 c7 c7 80 37 87 8e e8 26 6b e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00 [ 1952.700226][ T4198] RSP: 0018:ffffc90003cef8a8 EFLAGS: 00010283 [ 1952.706580][ T4198] RAX: 00000000000640d5 RBX: 00000000fffffffe RCX: ffffc9001389c000 [ 1952.714923][ T4198] RDX: 0000000000080000 RSI: ffffffff820a17f6 RDI: ffff888027f40000 [ 1952.723136][ T4198] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 1952.731772][ T4198] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff82103130 [ 1952.740214][ T4198] R13: 0000000000000302 R14: 0000000000000002 R15: ffffffff8ec401c0 [ 1952.749887][ T4198] ? __pfx_probe_sched_switch+0x10/0x10 [ 1952.755700][ T4198] ? tracepoint_probe_unregister+0x836/0xd10 [ 1952.761816][ T4198] ? tracepoint_probe_unregister+0x836/0xd10 [ 1952.768328][ T4198] tracing_stop_cmdline_record+0x66/0xa0 [ 1952.774256][ T4198] __ftrace_event_enable_disable+0x5c4/0x6f0 [ 1952.780906][ T4198] ftrace_event_set_open+0x224/0x380 [ 1952.786980][ T4198] do_dentry_open+0x6d8/0x1660 [ 1952.792463][ T4198] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 1952.798674][ T4198] vfs_open+0x82/0x3f0 [ 1952.803099][ T4198] path_openat+0x208c/0x31a0 [ 1952.807907][ T4198] ? __pfx_path_openat+0x10/0x10 [ 1952.812907][ T4198] do_file_open+0x20e/0x430 [ 1952.817744][ T4198] ? __pfx_do_file_open+0x10/0x10 [ 1952.823052][ T4198] ? alloc_fd+0x476/0x790 [ 1952.827528][ T4198] ? do_getname+0x191/0x390 [ 1952.832102][ T4198] do_sys_openat2+0x10d/0x1e0 [ 1952.836832][ T4198] ? __pfx_do_sys_openat2+0x10/0x10 [ 1952.842376][ T4198] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 1952.848994][ T4198] __x64_sys_openat+0x12d/0x210 [ 1952.854227][ T4198] ? __pfx___x64_sys_openat+0x10/0x10 [ 1952.859829][ T4198] do_syscall_64+0x106/0xf80 [ 1952.864737][ T4198] ? clear_bhb_loop+0x40/0x90 [ 1952.869898][ T4198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1952.876570][ T4198] RIP: 0033:0x7f519e39c819 [ 1952.881035][ T4198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1952.901112][ T4198] RSP: 002b:00007f519c5cd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1952.909732][ T4198] RAX: ffffffffffffffda RBX: 00007f519e616090 RCX: 00007f519e39c819 [ 1952.918852][ T4198] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1952.927055][ T4198] RBP: 00007f519e432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1952.935143][ T4198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1952.943236][ T4198] R13: 00007f519e616128 R14: 00007f519e616090 R15: 00007ffee69e59c8 [ 1952.951519][ T4198] [ 1952.955012][ T4198] Kernel Offset: disabled [ 1952.959360][ T4198] Rebooting in 86400 seconds..