last executing test programs: 6.727474024s ago: executing program 1 (id=681): close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x86, 0x0) open(0x0, 0x305481, 0x3b5) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) fcntl$auto(0x3, 0x4, 0xa553) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9aa, 0x6) r0 = socket(0x2b, 0x1, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video33\x00', 0x80382, 0x0) ioctl$auto(r1, 0xc0045627, r0) 4.844843864s ago: executing program 1 (id=685): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xfdef) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) timer_create$auto(0x3, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x2c, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_MODULE_FW_FLASH_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x2c}, 0x1, 0x1000000}, 0x8094) setitimer$auto(0x1, &(0x7f0000000000)={{0x2, 0x4}, {0x5, 0x6}}, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 4.678089378s ago: executing program 2 (id=688): openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0) setgroups$auto(0x3, 0xfffffffffffffffc) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) r0 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) r1 = socket(0x11, 0x80003, 0x300) r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000140), r1) r3 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000180)='ns/time_for_children\x00') sendmsg$auto_NL802154_CMD_SET_SHORT_ADDR(r1, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f00000001c0)={0x220, r2, 0x4, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, 0x900}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r3}, @NL802154_ATTR_WPAN_PHY_CAPS={0x1f0, 0x18, 0x0, 0x1, [@generic="2d782d01e46874f8181dfcdbf77d00c19216bb11023f24c92496e4317dd1b760453e8d713a33d71a2d755dd41601dbd0228f42c1673ba78e5ad3279b3ff1dba5dd293db62a60515fdbd5b61470", @typed={0x8, 0x11d, 0x0, 0x0, @u32=0xff}, @generic="743183348746f5d304032ff1de0b1583a6d06ccbfe0ec3ae198a00da5a437110a81dc3c2d7bdbc13b21b87c348cc75bebf79f17e82eb955e33448a0a53c1c445f685b7875451d9115ff1f0898c50b3e3d3f9c41756dd30066b0872ff36727f639a82b7bde2928a98c12c4285353529c974810c88d3c7cae40cdd5114204c5e8e02f84bbb7dfafd2e6a45d55d9b580d25b76797acd4a87d438c1e8313ee5b214f4bcc5a1c64089987d2bb77b18a3f78", @generic="acf4ebfe6c524839b929e85896f3d7bf69e5d87c7c60d272297b020de938fd43370f8581a2484f103c4a6a37d049e2535aa06bb710d335353abe7358453e9149c83cea801c7ea66c1a77d203ef6ebe03d0fde84dbc2bcca997508da69538d34bbdf3b495b2ad0466e0677c5b4c974d9018c176fce4770cd05a0ccefc80ccbea14f206398daa0ce2f2fb1075130d9019afb2679783e70870f441353b507c27edd69de1164213b8a92546d1f0aa0c5ec", @generic="fde2232530fa8ae3d3fbcf1a50f2607ea37eb556dc4762fbd9de4d1749c8a0cc6c933ec3e04ee67df4fd4025abfe34e53883728f00c47912f2"]}, @NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x2}]}, 0x220}}, 0x4880) ioctl$auto(0x3, 0x80108907, 0x38) r4 = clone3$auto(&(0x7f00000000c0)={0x9, 0xf, 0x4, 0x7fffffff, 0x6b9, 0xa41, 0x756, 0xed51, 0x7, 0x9, 0x4}, 0x6) prctl$auto(0x59616d61, 0xffffffffffffffff, r4, 0x1004, 0xfffffffffffffffb) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000980), 0xffffffffffffffff) write$auto_uhid_fops_uhid(r0, 0x0, 0xfccd) 4.205408199s ago: executing program 2 (id=690): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x8800, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000240)={0x50, r2, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_RADIO_NAME={0x2d, 0x11, '/P\x13jE\f\xf9r\xf5\xa3\xd2\x84y\xf9*\x9b\"\x1c\xa4l-\x19\xfd\xa4\xf4y\x02\xc2\x96\xfa\x84L\x12\xcd\x83\xf7\x12\xd3\xc4\x1e]'}, @HWSIM_ATTR_PMSR_SUPPORT={0xc, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}]}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000002c0), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TSCONFIG_GET(r4, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002040)={&(0x7f0000000000)={0x2c, r3, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_TSCONFIG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000054}, 0x8c0) sendmsg$auto_THERMAL_GENL_CMD_CDEV_GET(r1, &(0x7f0000000540)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000580)={{@inferred, 0x0, 0x80000001, 0x8, "38bb12675b108bfdfa7d2961095f3ca29d0aedd51d86393ea1b9ee40b31a8e613beef27b09deea134d6a93d8", @raw=0x8}, 0x1, @bytes=@data="2ea62a25a8538a7df30bccc36e9a4b0057ae5e43762e3b0846b48690aeb3c1825190908af5462c38ba7857f734369ae3ecdc58394a1f522949a6d80f941b1b377bf8d3641c1aa13cd6bb30ccb2ebb64c2098b22d37f70456cbc22868d0f6cf6fe0d1f3a35ceb1b9cbe00d7cda746f0c24aed1555223bd3d36c8903054622ad73859ca39539d2b6549559ed2e8c6213bb2295f0fc9052227604208ed1bbac17b74313a8214bdccc1951fe5d4191584decaa7ce798a8f2d531ace1c3d5286f579e301b4b1208f9e00c3008825c3be1ca278609f11c7a997e29212d8d39298edf8c92dcc882b4c9bb3d98e1037df55290431f323f26867d8221d3229dbc3ffa8f4c02b8eaffe886c5451b973f8ba676a0d913de88f5a216a737c2feb9267ab04f6562c3b1af4d126dabe8cd34210315d72283207769c4aefb66e35d2af3d5f5316468bf6128136bfc80efbf12255b231d7f2657f81f95de57e2e34db8a35b11698074fd45b6f615a2b2bf46d86f1de78e0a9fd1ac068dcd82d90b4f94c3cd42932a17d6114c8b91f9b6671711c53a20d891acdf2ab9728cbfbdc81806d07a7dd6b255ef6f26929a1819ed0fe819eb5980f7186de0b6d0b24a41acfb2a9466e426551ef0f4ffef83405738fdd3bbba126f746ceadfa916ef5a619a593d39676e60dbed55180226df224d4644f95ccc7444f464f6b214065702421926fa58467a1344", "62a135d7c8417ba52094f0f5dd790446f15b001874c402f1f53194ea79f2c638398bdbd2ba9e1e0e4423742e78c76b22ee51ea1c5b8005536e5fa4cfc662363b05caff9ceee1ec3c14072260c43d9587ffe5208d02ed93fce63715f54b26507ca172205b4aeeb011263da711c12ed341bbe4311ee96646d68723de6ae09a2f5b"}) sendmsg$auto_ETHTOOL_MSG_FEC_SET(0xffffffffffffffff, 0x0, 0x20004000) r5 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, 0x0, 0x22202, 0x0) pread64$auto(r5, 0x0, 0x0, 0x9) r6 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x2400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_WRITE(r6, 0xc008551b, &(0x7f0000000080)={0x4, 0x10001}) 3.905602793s ago: executing program 2 (id=693): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram10/queue/max_sectors_kb\x00', 0xe3102, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000640)={0x8, 0x100009}, 0x283) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pts/ptmx\x00', 0xa0540, 0x0) lstat$auto(0x0, 0x0) ioctl$auto(r1, 0x5419, 0x38) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D0p\x00', 0x4000, 0x0) ioctl$auto_FBIO_CURSOR(0xffffffffffffffff, 0xc0684608, &(0x7f00000001c0)={0x6, 0x1, 0x600, &(0x7f0000000240)='!\x00', {0x1003, 0x9b72}, {0x5, 0x3, 0x2, 0x9, 0x4, 0x7f, 0x9, 0x0, {0x1fe, 0xffffff81, 0x0, 0x0, 0x0, 0x0}}}) write$auto(0xca, &(0x7f0000000040)='\x04>\x01\r\xfb\xff\xf6OL\xc8\xbe\x94\xf2\xa2\x00\x00', 0x2d9) 3.791831432s ago: executing program 1 (id=694): openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x60042, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/auto_online_blocks\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xc080aebe, 0x0) 3.406208121s ago: executing program 1 (id=696): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000100eb1, r1, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) socket(0x11, 0x3, 0xfffff958) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) socket(0xa, 0x800, 0xb7) semget$auto(0x1, 0x3, 0x3ff) 3.230673833s ago: executing program 2 (id=697): mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x999, 0x0) ustat$auto(0x801, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) r1 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) accept$auto(r0, 0x0, 0x0) 2.507164752s ago: executing program 1 (id=700): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r0 = socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0x9, 0xdf, 0x18, r0, 0x8000) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x8000, 0xfa9d, 0x2, 0x0, 0x3, 0x1) clone$auto(0x10051c, 0x6, 0x0, 0xffffffffffffffff, 0x80000001) r1 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/numa_maps\x00', 0x22000, 0x0) read$auto_proc_sessionid_operations_base(r1, &(0x7f00000000c0)=""/4096, 0x1000) 2.311799483s ago: executing program 3 (id=701): close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = socket(0x11, 0x3, 0x9) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/version\x00', 0x208a80, 0x0) socket(0xa, 0x2, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) 2.228037619s ago: executing program 0 (id=702): r0 = openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000006640), 0x2, 0x0) read$auto(r0, &(0x7f0000000080)='/dev/cpu_dma_latency\x00', 0x86c1) r1 = bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, r0, 0x8201, 0x8, 0x0, 0xc, 0xe3, 0x4e, 0x3}, 0x6f4) r4 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x480, 0x0) epoll_ctl$auto_EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000040)={0xffff8000, 0x7}) r5 = socket(0x10, 0x3, 0x6) r6 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x50, r6, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x7}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x40}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x2000000}]}, 0x50}, 0x1, 0x0, 0x0, 0x4048081}, 0x0) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="c0090000", @ANYRES16=r7, @ANYBLOB="131f2cbd700023723ab36bf877ac08000300", @ANYRES32=r9], 0x9c0}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wg2\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'bridge_slave_0\x00', 0x0}) sendmsg$auto_NETDEV_CMD_BIND_RX(r2, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40200004}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x90, r6, 0x0, 0x70bd26, 0x25dfdbfd, {}, [@NETDEV_A_DMABUF_QUEUES={0x34, 0x2, 0x0, 0x1, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x8}, @NETDEV_A_QUEUE_TYPE={0x8}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x7}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x2}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x6}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x2}]}, @NETDEV_A_DMABUF_QUEUES={0x14, 0x2, 0x0, 0x1, [@NETDEV_A_QUEUE_ID={0x8, 0x1, 0x3}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0xffffffff}]}, @NETDEV_A_DMABUF_FD={0x8, 0x3, r2}, @NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r9}, @NETDEV_A_DMABUF_FD={0x8, 0x3, r4}, @NETDEV_A_DMABUF_QUEUES={0xc, 0x2, 0x0, 0x1, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0xb7b0}]}, @NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r10}, @NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r11}]}, 0x90}, 0x1, 0x0, 0x0, 0x4}, 0x4010) 2.12147078s ago: executing program 2 (id=703): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xfdef) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) timer_create$auto(0x3, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x2c, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_MODULE_FW_FLASH_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x2c}, 0x1, 0x1000000}, 0x8094) setitimer$auto(0x1, &(0x7f0000000000)={{0x2, 0x4}, {0x5, 0x6}}, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 2.068672959s ago: executing program 3 (id=704): mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r0, r3, 0x3, 0x1ff, r2, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000000c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0x91) 1.949526093s ago: executing program 0 (id=705): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x10, 0x2, 0x14) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x40, 0x0) socket(0x2, 0x2, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(0x0, 0x6) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4010}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) 1.893796102s ago: executing program 3 (id=706): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x1, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) open(0x0, 0x161342, 0x100) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b4a, 0x8, 0x0, 0x0, 0x2) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r2, r1, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x1, &(0x7f0000000380)=@raw_tracepoint={0x5, r0, 0x0, 0x6}, 0xc) 1.811480727s ago: executing program 3 (id=707): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) close_range$auto(0x2, r0, 0x0) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0x4048aec9, r2) 1.658097198s ago: executing program 3 (id=708): mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pidfd_open$auto(0x1, 0x0) r0 = socket(0x2, 0x1, 0x0) setsockopt$auto(r0, 0x6, 0x1f, 0x0, 0x3d) setsockopt$auto(0x4, 0x0, 0x484, 0xfffffffffffffffe, 0x20) socket(0x23, 0x3, 0x2) unshare$auto(0x40000080) dup2$auto(0xffffffffffffffff, 0xffffffffffffffff) unshare$auto(0x7) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x22a40, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) 1.579210583s ago: executing program 0 (id=709): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000140)='./file0\x00', 0x2ac41, 0x0) r0 = socket(0xa, 0x5, 0x0) socket(0x23, 0x2, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x40, 0x18) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x15) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f0000000300)=@test={r1, 0x4, 0x10, 0x9, 0x133, 0x8, 0xf4, 0xec56, 0x1, 0xd0, 0x2, 0x1, 0x5, 0x7, 0x7150}, 0x10) bpf$auto(0x18, &(0x7f0000000040)=@prog_bind_map={r0, 0xffffffffffffffff, 0x4}, 0xb2) 1.332650956s ago: executing program 2 (id=710): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/nbd6/trace/act_mask\x00', 0xb02, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) readahead$auto(r3, 0x8000, 0x9) sendmsg$auto_KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x0, 0x10, 0x70bd2a, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x400c040}, 0x40004854) ioctl$auto(r3, 0x5600, r4) getcwd$auto(0x0, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(r2, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 1.276445665s ago: executing program 0 (id=711): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) getsockname$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x1, 0x0, 0x2}}, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0x13c, 0x0, 0x0, 0xd}, 0x5af}, 0x40, 0x100) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/workqueue/nvme_tcp_wq/max_active\x00', 0x182b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) 810.429256ms ago: executing program 0 (id=712): close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0xd2, 0x0, 0x567) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/oom_adj\x00', 0xe8200, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, 0x0, 0xd0) ioctl$auto_TCSBRKP2(r0, 0x5425, 0x0) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) 176.791849ms ago: executing program 3 (id=713): mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) sysfs$auto(0x2, 0x1f, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x80002, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x80002, 0x0) close_range$auto(0x2, 0x8000, 0x0) timerfd_create$auto(0x8, 0x0) timerfd_settime$auto(r1, 0x3, 0x0, 0x0) timerfd_settime$auto(r0, 0x3, 0x0, 0x0) 142.926652ms ago: executing program 0 (id=714): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/vivid.0/video4linux/swradio11/dev\x00', 0x20240, 0x0) io_uring_setup$auto(0x6, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') open(0x0, 0x261c2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x3, 0x800019b72, 0x9, 0x8000000000008000) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC0D0p\x00', 0x20002, 0x0) bpf$auto(0x0, &(0x7f00000002c0)=@bpf_attr_5={@target_fd=r0, r2, 0x4, 0x401, r1, @relative_fd=r2, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@enable_stats={0x6}, 0xc) 0s ago: executing program 1 (id=715): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x2000a, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) r0 = syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, r0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) getgid() recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.156' (ED25519) to the list of known hosts. [ 75.364877][ T5823] cgroup: Unknown subsys name 'net' [ 75.509983][ T5823] cgroup: Unknown subsys name 'cpuset' [ 75.518524][ T5823] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 77.004059][ T5823] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 78.933178][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 78.946707][ T5849] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.948270][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 78.955391][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 78.963584][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 78.970013][ T5849] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.977792][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 78.984542][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 78.998616][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 78.998729][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.006085][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.015839][ T5851] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.022319][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.029924][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.041684][ T5851] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.041943][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.051423][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.063379][ T5851] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.070605][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.089213][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.542550][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 79.591394][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 79.663546][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 79.788794][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.796603][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.804674][ T5835] bridge_slave_0: entered allmulticast mode [ 79.811904][ T5835] bridge_slave_0: entered promiscuous mode [ 79.829678][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 79.853273][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.860502][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.867936][ T5835] bridge_slave_1: entered allmulticast mode [ 79.874894][ T5835] bridge_slave_1: entered promiscuous mode [ 79.901946][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.909182][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.916368][ T5837] bridge_slave_0: entered allmulticast mode [ 79.923601][ T5837] bridge_slave_0: entered promiscuous mode [ 79.953282][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.960582][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.967988][ T5837] bridge_slave_1: entered allmulticast mode [ 79.974947][ T5837] bridge_slave_1: entered promiscuous mode [ 80.027135][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.051771][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.059894][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.067139][ T5839] bridge_slave_0: entered allmulticast mode [ 80.074148][ T5839] bridge_slave_0: entered promiscuous mode [ 80.083628][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.100248][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.109909][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.117381][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.124637][ T5839] bridge_slave_1: entered allmulticast mode [ 80.132539][ T5839] bridge_slave_1: entered promiscuous mode [ 80.160768][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.219113][ T5835] team0: Port device team_slave_0 added [ 80.224896][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.233148][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.240440][ T5834] bridge_slave_0: entered allmulticast mode [ 80.247648][ T5834] bridge_slave_0: entered promiscuous mode [ 80.266614][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.278477][ T5835] team0: Port device team_slave_1 added [ 80.284383][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.291696][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.299132][ T5834] bridge_slave_1: entered allmulticast mode [ 80.306249][ T5834] bridge_slave_1: entered promiscuous mode [ 80.314863][ T5837] team0: Port device team_slave_0 added [ 80.322970][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.352916][ T5837] team0: Port device team_slave_1 added [ 80.405867][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.412954][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.439244][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.453646][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.474519][ T5839] team0: Port device team_slave_0 added [ 80.487625][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.494610][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.520995][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.533985][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.543920][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.550994][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.577830][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.591173][ T5839] team0: Port device team_slave_1 added [ 80.597542][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.604487][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.631072][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.705282][ T5834] team0: Port device team_slave_0 added [ 80.711983][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.720054][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.746750][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.778131][ T5834] team0: Port device team_slave_1 added [ 80.784419][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.791512][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.817823][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.870258][ T5837] hsr_slave_0: entered promiscuous mode [ 80.876655][ T5837] hsr_slave_1: entered promiscuous mode [ 80.888993][ T5835] hsr_slave_0: entered promiscuous mode [ 80.895278][ T5835] hsr_slave_1: entered promiscuous mode [ 80.901779][ T5835] debugfs: 'hsr0' already exists in 'hsr' [ 80.907784][ T5835] Cannot create hsr debugfs directory [ 80.927070][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.934124][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.960532][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.992452][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.999743][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 81.025992][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.057549][ T5153] Bluetooth: hci1: command tx timeout [ 81.096405][ T5839] hsr_slave_0: entered promiscuous mode [ 81.102939][ T5839] hsr_slave_1: entered promiscuous mode [ 81.109344][ T5839] debugfs: 'hsr0' already exists in 'hsr' [ 81.115082][ T5839] Cannot create hsr debugfs directory [ 81.136878][ T5846] Bluetooth: hci0: command tx timeout [ 81.142613][ T5848] Bluetooth: hci2: command tx timeout [ 81.148583][ T5153] Bluetooth: hci3: command tx timeout [ 81.229417][ T5834] hsr_slave_0: entered promiscuous mode [ 81.235708][ T5834] hsr_slave_1: entered promiscuous mode [ 81.242104][ T5834] debugfs: 'hsr0' already exists in 'hsr' [ 81.248596][ T5834] Cannot create hsr debugfs directory [ 81.572083][ T5837] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 81.590540][ T5837] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.610681][ T5837] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 81.630546][ T5837] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.679449][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 81.701723][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 81.718665][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 81.738675][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 81.812659][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 81.829889][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 81.848295][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 81.871923][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 81.949755][ T5839] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 81.964880][ T5839] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 81.985398][ T5839] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 82.001337][ T5839] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 82.016580][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.089446][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.114560][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.142189][ T4519] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.149459][ T4519] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.178878][ T4519] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.185980][ T4519] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.200642][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.228849][ T4765] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.235965][ T4765] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.258137][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.265275][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.324651][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.420135][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.443035][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.474298][ T4519] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.481606][ T4519] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.504561][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.519402][ T4519] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.526696][ T4519] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.560806][ T4519] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.568045][ T4519] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.607847][ T4519] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.615037][ T4519] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.741573][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.903140][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.941338][ T5837] veth0_vlan: entered promiscuous mode [ 82.985511][ T5837] veth1_vlan: entered promiscuous mode [ 83.080519][ T5835] veth0_vlan: entered promiscuous mode [ 83.105669][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.116078][ T5837] veth0_macvtap: entered promiscuous mode [ 83.131857][ T5837] veth1_macvtap: entered promiscuous mode [ 83.141588][ T5848] Bluetooth: hci1: command tx timeout [ 83.159378][ T5835] veth1_vlan: entered promiscuous mode [ 83.193460][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.204737][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.217733][ T5848] Bluetooth: hci2: command tx timeout [ 83.217785][ T5153] Bluetooth: hci3: command tx timeout [ 83.223154][ T5846] Bluetooth: hci0: command tx timeout [ 83.242450][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.267524][ T4519] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.279623][ T4519] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.291220][ T4519] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.302052][ T4519] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.345460][ T5834] veth0_vlan: entered promiscuous mode [ 83.376279][ T5835] veth0_macvtap: entered promiscuous mode [ 83.413757][ T5834] veth1_vlan: entered promiscuous mode [ 83.422266][ T5835] veth1_macvtap: entered promiscuous mode [ 83.473153][ T5839] veth0_vlan: entered promiscuous mode [ 83.486257][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.502969][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.524496][ T5839] veth1_vlan: entered promiscuous mode [ 83.533990][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.571864][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.585588][ T3420] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.597674][ T3420] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.605846][ T50] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.626509][ T5834] veth0_macvtap: entered promiscuous mode [ 83.640816][ T50] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.656853][ T50] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.667881][ T5834] veth1_macvtap: entered promiscuous mode [ 83.679448][ T50] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.720152][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 83.738875][ T5839] veth0_macvtap: entered promiscuous mode [ 83.759225][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.785605][ T5839] veth1_macvtap: entered promiscuous mode [ 83.824570][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.868900][ T3472] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.882520][ T3472] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.897184][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.906616][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.915459][ T3472] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.926320][ T3472] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.953924][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.024913][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.032983][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 84.059203][ T3420] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.067877][ T3420] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.102148][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.147951][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.180539][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.200326][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.332629][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.403095][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.411015][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 84.506973][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 84.650207][ T4519] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.684238][ T3472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.777272][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 84.790567][ T4519] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.798482][ T3472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.927174][ T4519] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.967381][ T4519] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.987374][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 85.157875][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 85.216968][ T5846] Bluetooth: hci1: command tx timeout [ 85.298795][ T5848] Bluetooth: hci2: command tx timeout [ 85.298806][ T5153] Bluetooth: hci3: command tx timeout [ 85.311136][ T5846] Bluetooth: hci0: command tx timeout [ 85.622442][ T5949] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 85.705131][ T5945] FAULT_INJECTION: forcing a failure. [ 85.705131][ T5945] name failslab, interval 1, probability 0, space 0, times 1 [ 85.726932][ T5945] CPU: 1 UID: 0 PID: 5945 Comm: syz.3.6 Not tainted syzkaller #0 PREEMPT(full) [ 85.726966][ T5945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 85.726985][ T5945] Call Trace: [ 85.726994][ T5945] [ 85.727006][ T5945] dump_stack_lvl+0x16c/0x1f0 [ 85.727054][ T5945] should_fail_ex+0x512/0x640 [ 85.727082][ T5945] ? __kmalloc_noprof+0xca/0x910 [ 85.727111][ T5945] should_failslab+0xc2/0x120 [ 85.727149][ T5945] __kmalloc_noprof+0xeb/0x910 [ 85.727174][ T5945] ? __list_lru_init+0xe8/0x4c0 [ 85.727202][ T5945] ? __list_lru_init+0xe8/0x4c0 [ 85.727226][ T5945] __list_lru_init+0xe8/0x4c0 [ 85.727263][ T5945] alloc_super+0x8ce/0xd00 [ 85.727304][ T5945] sget_fc+0x116/0xc20 [ 85.727336][ T5945] ? __pfx_set_anon_super_fc+0x10/0x10 [ 85.727368][ T5945] ? __pfx_mqueue_fill_super+0x10/0x10 [ 85.727404][ T5945] get_tree_nodev+0x28/0x190 [ 85.727437][ T5945] mqueue_get_tree+0xf1/0x130 [ 85.727471][ T5945] vfs_get_tree+0x8e/0x330 [ 85.727497][ T5945] fc_mount_longterm+0x1a/0x270 [ 85.727526][ T5945] mq_init_ns+0x482/0x810 [ 85.727554][ T5945] copy_ipcs+0x3db/0x7d0 [ 85.727583][ T5945] create_new_namespaces+0x20a/0xab0 [ 85.727615][ T5945] ? security_capable+0x7e/0x260 [ 85.727644][ T5945] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 85.727679][ T5945] ksys_unshare+0x45b/0xa40 [ 85.727702][ T5945] ? __pfx_ksys_unshare+0x10/0x10 [ 85.727739][ T5945] ? xfd_validate_state+0x61/0x180 [ 85.727773][ T5945] __x64_sys_unshare+0x31/0x40 [ 85.727794][ T5945] do_syscall_64+0xcd/0xf80 [ 85.727820][ T5945] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.727845][ T5945] RIP: 0033:0x7f3a6a38f7c9 [ 85.727872][ T5945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.727895][ T5945] RSP: 002b:00007f3a6b163038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 85.727919][ T5945] RAX: ffffffffffffffda RBX: 00007f3a6a5e5fa0 RCX: 00007f3a6a38f7c9 [ 85.727936][ T5945] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 85.727951][ T5945] RBP: 00007f3a6a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 85.727966][ T5945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.727980][ T5945] R13: 00007f3a6a5e6038 R14: 00007f3a6a5e5fa0 R15: 00007ffd9b927ec8 [ 85.728015][ T5945] [ 86.591472][ T0] NOHZ tick-stop error: local softirq work is pending, handler #148!!! [ 86.728037][ T5971] netlink: 25 bytes leftover after parsing attributes in process `syz.0.12'. [ 86.777567][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.787206][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.907696][ T5974] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 87.031947][ T5977] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 87.296883][ T5846] Bluetooth: hci1: command tx timeout [ 87.379593][ T5848] Bluetooth: hci3: command tx timeout [ 87.381167][ T5153] Bluetooth: hci2: command tx timeout [ 87.385050][ T5846] Bluetooth: hci0: command tx timeout [ 87.538050][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.551030][ T5848] Bluetooth: hci1: unexpected subevent 0x01 length: 3 < 18 [ 87.587452][ T5986] Zero length message leads to an empty skb [ 87.845345][ T5954] kexec: Could not allocate control_code_buffer [ 88.605916][ T6012] netlink: 4 bytes leftover after parsing attributes in process `syz.3.25'. [ 88.664180][ T6012] netlink: 25 bytes leftover after parsing attributes in process `syz.3.25'. [ 90.513446][ T6044] warning: `syz.1.34' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 91.955416][ T48] cfg80211: failed to load regulatory.db [ 92.793510][ T5848] Bluetooth: hci0: unexpected subevent 0x03 length: 253 > 9 [ 94.189756][ T6112] netlink: 44 bytes leftover after parsing attributes in process `syz.2.52'. [ 94.217131][ T6112] netlink: 44 bytes leftover after parsing attributes in process `syz.2.52'. [ 94.757923][ T6124] netlink: 330 bytes leftover after parsing attributes in process `syz.2.57'. [ 95.266309][ T6126] FAULT_INJECTION: forcing a failure. [ 95.266309][ T6126] name failslab, interval 1, probability 0, space 0, times 0 [ 95.298378][ T6126] CPU: 1 UID: 0 PID: 6126 Comm: syz.1.55 Not tainted syzkaller #0 PREEMPT(full) [ 95.298406][ T6126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 95.298416][ T6126] Call Trace: [ 95.298422][ T6126] [ 95.298429][ T6126] dump_stack_lvl+0x16c/0x1f0 [ 95.298468][ T6126] should_fail_ex+0x512/0x640 [ 95.298488][ T6126] ? fs_reclaim_acquire+0xae/0x150 [ 95.298516][ T6126] should_failslab+0xc2/0x120 [ 95.298538][ T6126] __kmalloc_noprof+0xeb/0x910 [ 95.298553][ T6126] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 95.298578][ T6126] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 95.298595][ T6126] tomoyo_realpath_from_path+0xc2/0x6e0 [ 95.298619][ T6126] tomoyo_check_open_permission+0x2ab/0x3c0 [ 95.298636][ T6126] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 95.298671][ T6126] ? do_raw_spin_lock+0x12c/0x2b0 [ 95.298695][ T6126] tomoyo_file_open+0x6b/0x90 [ 95.298709][ T6126] security_file_open+0x84/0x1e0 [ 95.298727][ T6126] do_dentry_open+0x597/0x1590 [ 95.298749][ T6126] ? security_inode_permission+0xbf/0x260 [ 95.298768][ T6126] vfs_open+0x82/0x3f0 [ 95.298785][ T6126] path_openat+0x2078/0x3140 [ 95.298811][ T6126] ? __pfx_path_openat+0x10/0x10 [ 95.298838][ T6126] do_filp_open+0x20b/0x470 [ 95.298858][ T6126] ? __pfx_do_filp_open+0x10/0x10 [ 95.298884][ T6126] ? __pfx_kfree_link+0x10/0x10 [ 95.298906][ T6126] ? alloc_fd+0x471/0x7d0 [ 95.298930][ T6126] do_sys_openat2+0x121/0x290 [ 95.298945][ T6126] ? __pfx_do_sys_openat2+0x10/0x10 [ 95.298958][ T6126] ? __do_sys_ustat+0x126/0x1f0 [ 95.298982][ T6126] __x64_sys_openat+0x174/0x210 [ 95.298997][ T6126] ? __pfx___x64_sys_openat+0x10/0x10 [ 95.299020][ T6126] do_syscall_64+0xcd/0xf80 [ 95.299035][ T6126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.299049][ T6126] RIP: 0033:0x7f60cb18f7c9 [ 95.299063][ T6126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.299076][ T6126] RSP: 002b:00007f60cbff8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 95.299090][ T6126] RAX: ffffffffffffffda RBX: 00007f60cb3e6090 RCX: 00007f60cb18f7c9 [ 95.299100][ T6126] RDX: 0000000000183200 RSI: 00002000000003c0 RDI: ffffffffffffff9c [ 95.299109][ T6126] RBP: 00007f60cb213f91 R08: 0000000000000000 R09: 0000000000000000 [ 95.299118][ T6126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 95.299126][ T6126] R13: 00007f60cb3e6128 R14: 00007f60cb3e6090 R15: 00007ffd11e6c068 [ 95.299148][ T6126] [ 95.299156][ T6126] ERROR: Out of memory at tomoyo_realpath_from_path. [ 95.697386][ T5848] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 97.068342][ T6147] netlink: 44 bytes leftover after parsing attributes in process `syz.0.63'. [ 97.112751][ T6147] netlink: 44 bytes leftover after parsing attributes in process `syz.0.63'. [ 97.852808][ T6172] netlink: 338 bytes leftover after parsing attributes in process `syz.1.70'. [ 100.746864][ T6195] sp0: Synchronizing with TNC [ 104.540424][ T6264] netlink: 354 bytes leftover after parsing attributes in process `syz.3.98'. [ 104.654774][ T6270] FAULT_INJECTION: forcing a failure. [ 104.654774][ T6270] name failslab, interval 1, probability 0, space 0, times 0 [ 104.667744][ T6270] CPU: 1 UID: 0 PID: 6270 Comm: syz.3.100 Tainted: G L syzkaller #0 PREEMPT(full) [ 104.667767][ T6270] Tainted: [L]=SOFTLOCKUP [ 104.667772][ T6270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 104.667781][ T6270] Call Trace: [ 104.667786][ T6270] [ 104.667792][ T6270] dump_stack_lvl+0x16c/0x1f0 [ 104.667825][ T6270] should_fail_ex+0x512/0x640 [ 104.667842][ T6270] ? __kmalloc_noprof+0xca/0x910 [ 104.667862][ T6270] should_failslab+0xc2/0x120 [ 104.667885][ T6270] __kmalloc_noprof+0xeb/0x910 [ 104.667903][ T6270] ? lsm_blob_alloc+0x68/0x90 [ 104.667941][ T6270] ? lsm_blob_alloc+0x68/0x90 [ 104.667964][ T6270] lsm_blob_alloc+0x68/0x90 [ 104.667984][ T6270] security_prepare_creds+0x2f/0x270 [ 104.668003][ T6270] prepare_creds+0x5d6/0x940 [ 104.668020][ T6270] lookup_user_key+0xf76/0x1300 [ 104.668039][ T6270] ? __pfx_lookup_user_key+0x10/0x10 [ 104.668059][ T6270] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 104.668078][ T6270] ? _raw_spin_unlock_irq+0x2e/0x50 [ 104.668097][ T6270] ? do_sigaltstack.constprop.0+0x547/0x800 [ 104.668114][ T6270] keyctl_restrict_keyring+0x99/0x250 [ 104.668128][ T6270] ? __pfx_keyctl_restrict_keyring+0x10/0x10 [ 104.668144][ T6270] ? xfd_validate_state+0x61/0x180 [ 104.668161][ T6270] __do_sys_keyctl+0x4c1/0x590 [ 104.668176][ T6270] do_syscall_64+0xcd/0xf80 [ 104.668191][ T6270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.668204][ T6270] RIP: 0033:0x7f3a6a38f7c9 [ 104.668217][ T6270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 104.668229][ T6270] RSP: 002b:00007f3a6b163038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 104.668242][ T6270] RAX: ffffffffffffffda RBX: 00007f3a6a5e5fa0 RCX: 00007f3a6a38f7c9 [ 104.668250][ T6270] RDX: 0000000000000002 RSI: fffffffffffffffd RDI: 000000000000001d [ 104.668258][ T6270] RBP: 00007f3a6a413f91 R08: fffffffffffffffd R09: 0000000000000000 [ 104.668267][ T6270] R10: 0000000000000628 R11: 0000000000000246 R12: 0000000000000000 [ 104.668275][ T6270] R13: 00007f3a6a5e6038 R14: 00007f3a6a5e5fa0 R15: 00007ffd9b927ec8 [ 104.668293][ T6270] [ 105.679170][ T6286] vhci_hcd vhci_hcd.2: invalid port number 255 [ 106.401685][ T6304] process 'syz.2.110' launched './file0' with NULL argv: empty string added [ 106.442496][ T6304] FAULT_INJECTION: forcing a failure. [ 106.442496][ T6304] name failslab, interval 1, probability 0, space 0, times 0 [ 106.492664][ T6304] CPU: 1 UID: 0 PID: 6304 Comm: syz.2.110 Tainted: G L syzkaller #0 PREEMPT(full) [ 106.492711][ T6304] Tainted: [L]=SOFTLOCKUP [ 106.492719][ T6304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 106.492734][ T6304] Call Trace: [ 106.492743][ T6304] [ 106.492753][ T6304] dump_stack_lvl+0x16c/0x1f0 [ 106.492800][ T6304] should_fail_ex+0x512/0x640 [ 106.492847][ T6304] ? kmem_cache_alloc_noprof+0x62/0x770 [ 106.492881][ T6304] should_failslab+0xc2/0x120 [ 106.492919][ T6304] kmem_cache_alloc_noprof+0x83/0x770 [ 106.492947][ T6304] ? find_held_lock+0x2b/0x80 [ 106.492977][ T6304] ? seq_open+0x55/0x170 [ 106.493010][ T6304] ? seq_open+0x55/0x170 [ 106.493034][ T6304] seq_open+0x55/0x170 [ 106.493062][ T6304] dyn_event_open+0xdd/0x120 [ 106.493089][ T6304] do_dentry_open+0x748/0x1590 [ 106.493123][ T6304] ? __pfx_dyn_event_open+0x10/0x10 [ 106.493159][ T6304] vfs_open+0x82/0x3f0 [ 106.493192][ T6304] path_openat+0x2078/0x3140 [ 106.493237][ T6304] ? __pfx_path_openat+0x10/0x10 [ 106.493286][ T6304] do_filp_open+0x20b/0x470 [ 106.493322][ T6304] ? __pfx_do_filp_open+0x10/0x10 [ 106.493381][ T6304] ? alloc_fd+0x471/0x7d0 [ 106.493425][ T6304] do_sys_openat2+0x121/0x290 [ 106.493452][ T6304] ? __pfx_do_sys_openat2+0x10/0x10 [ 106.493504][ T6304] __x64_sys_openat+0x174/0x210 [ 106.493534][ T6304] ? __pfx___x64_sys_openat+0x10/0x10 [ 106.493576][ T6304] do_syscall_64+0xcd/0xf80 [ 106.493601][ T6304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.493625][ T6304] RIP: 0033:0x7fe49038f7c9 [ 106.493647][ T6304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 106.493669][ T6304] RSP: 002b:00007fe48e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 106.493693][ T6304] RAX: ffffffffffffffda RBX: 00007fe4905e5fa0 RCX: 00007fe49038f7c9 [ 106.493709][ T6304] RDX: 0000000000000001 RSI: 0000200000000bc0 RDI: ffffffffffffff9c [ 106.493724][ T6304] RBP: 00007fe490413f91 R08: 0000000000000000 R09: 0000000000000000 [ 106.493739][ T6304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 106.493752][ T6304] R13: 00007fe4905e6038 R14: 00007fe4905e5fa0 R15: 00007ffdf3b8adc8 [ 106.493787][ T6304] [ 107.061488][ T6310] netlink: 306 bytes leftover after parsing attributes in process `syz.2.113'. [ 111.116635][ T6380] futex_wake_op: syz.0.131 tries to shift op by -2048; fix this program [ 112.413659][ T6383] netlink: 354 bytes leftover after parsing attributes in process `syz.0.132'. [ 112.548807][ T6389] loop6: detected capacity change from 0 to 4194304 [ 115.208347][ T6439] netlink: 'syz.0.149': attribute type 27 has an invalid length. [ 115.226674][ T6439] netlink: 'syz.0.149': attribute type 28 has an invalid length. [ 115.234921][ T6439] netlink: 'syz.0.149': attribute type 29 has an invalid length. [ 115.254196][ T6439] netlink: 'syz.0.149': attribute type 30 has an invalid length. [ 115.275008][ T6439] netlink: 'syz.0.149': attribute type 31 has an invalid length. [ 115.283856][ T6439] netlink: 'syz.0.149': attribute type 32 has an invalid length. [ 115.294372][ T6439] netlink: 'syz.0.149': attribute type 33 has an invalid length. [ 115.305785][ T6439] netlink: 'syz.0.149': attribute type 35 has an invalid length. [ 115.316302][ T6439] netlink: 'syz.0.149': attribute type 37 has an invalid length. [ 115.348385][ T6439] netlink: 'syz.0.149': attribute type 39 has an invalid length. [ 115.360662][ T6439] netlink: 14 bytes leftover after parsing attributes in process `syz.0.149'. [ 115.952623][ T6444] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 116.019609][ T6447] netlink: 28 bytes leftover after parsing attributes in process `syz.0.153'. [ 117.005480][ T5848] Bluetooth: hci3: unexpected subevent 0x01 length: 3 < 18 [ 118.048021][ T6498] FAULT_INJECTION: forcing a failure. [ 118.048021][ T6498] name failslab, interval 1, probability 0, space 0, times 0 [ 118.119000][ T6498] CPU: 0 UID: 0 PID: 6498 Comm: syz.1.165 Tainted: G L syzkaller #0 PREEMPT(full) [ 118.119041][ T6498] Tainted: [L]=SOFTLOCKUP [ 118.119049][ T6498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 118.119064][ T6498] Call Trace: [ 118.119073][ T6498] [ 118.119082][ T6498] dump_stack_lvl+0x16c/0x1f0 [ 118.119126][ T6498] should_fail_ex+0x512/0x640 [ 118.119152][ T6498] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 118.119191][ T6498] should_failslab+0xc2/0x120 [ 118.119226][ T6498] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 118.119260][ T6498] ? kvasprintf_const+0x66/0x1a0 [ 118.119294][ T6498] ? kvasprintf+0xbc/0x150 [ 118.119318][ T6498] kvasprintf+0xbc/0x150 [ 118.119344][ T6498] ? __pfx_kvasprintf+0x10/0x10 [ 118.119374][ T6498] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 118.119408][ T6498] ? __debug_object_init+0x2de/0x3d0 [ 118.119448][ T6498] kvasprintf_const+0x66/0x1a0 [ 118.119478][ T6498] kobject_set_name_vargs+0x5a/0x140 [ 118.119506][ T6498] dev_set_name+0xc7/0x100 [ 118.119528][ T6498] ? __pfx_dev_set_name+0x10/0x10 [ 118.119553][ T6498] ? lockdep_init_map_type+0x5c/0x270 [ 118.119578][ T6498] ? __init_waitqueue_head+0xca/0x150 [ 118.119607][ T6498] ? input_allocate_device+0x271/0x350 [ 118.119641][ T6498] input_allocate_device+0x293/0x350 [ 118.119673][ T6498] uinput_write+0x9cc/0xff0 [ 118.119704][ T6498] ? __pfx_uinput_write+0x10/0x10 [ 118.119730][ T6498] ? bpf_lsm_file_permission+0x9/0x10 [ 118.119757][ T6498] ? security_file_permission+0x71/0x210 [ 118.119805][ T6498] ? rw_verify_area+0xcf/0x6c0 [ 118.119835][ T6498] ? __pfx_uinput_write+0x10/0x10 [ 118.119858][ T6498] vfs_write+0x2a0/0x11d0 [ 118.119897][ T6498] ? __pfx_vfs_write+0x10/0x10 [ 118.119926][ T6498] ? find_held_lock+0x2b/0x80 [ 118.119961][ T6498] ? __fget_files+0x204/0x3c0 [ 118.120000][ T6498] ? __fget_files+0x20e/0x3c0 [ 118.120043][ T6498] ksys_write+0x1f8/0x250 [ 118.120073][ T6498] ? __pfx_ksys_write+0x10/0x10 [ 118.120111][ T6498] do_syscall_64+0xcd/0xf80 [ 118.120134][ T6498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.120156][ T6498] RIP: 0033:0x7f60cb18f7c9 [ 118.120174][ T6498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.120195][ T6498] RSP: 002b:00007f60cc019038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 118.120216][ T6498] RAX: ffffffffffffffda RBX: 00007f60cb3e5fa0 RCX: 00007f60cb18f7c9 [ 118.120231][ T6498] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000003 [ 118.120245][ T6498] RBP: 00007f60cb213f91 R08: 0000000000000000 R09: 0000000000000000 [ 118.120257][ T6498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.120270][ T6498] R13: 00007f60cb3e6038 R14: 00007f60cb3e5fa0 R15: 00007ffd11e6c068 [ 118.120301][ T6498] [ 118.607856][ T6505] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 118.944941][ T5848] Bluetooth: hci2: unexpected subevent 0x01 length: 3 < 18 [ 119.999395][ T6540] netlink: 226 bytes leftover after parsing attributes in process `syz.2.174'. [ 120.017629][ T6540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.174'. [ 121.057943][ T6555] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 121.183085][ T6555] File: /dev/nullb0 PID: 6555 Comm: syz.3.176 [ 121.947027][ T6571] futex_wake_op: syz.2.182 tries to shift op by -2048; fix this program [ 123.241391][ T6586] netlink: 330 bytes leftover after parsing attributes in process `syz.1.188'. [ 125.525246][ T6628] hub 1-0:1.0: USB hub found [ 125.551553][ T6628] hub 1-0:1.0: 1 port detected [ 125.592067][ T6630] hub 1-0:1.0: USB hub found [ 125.600839][ T6630] hub 1-0:1.0: 1 port detected [ 125.733549][ T6626] FAULT_INJECTION: forcing a failure. [ 125.733549][ T6626] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 125.805310][ T6626] CPU: 1 UID: 0 PID: 6626 Comm: syz.0.199 Tainted: G L syzkaller #0 PREEMPT(full) [ 125.805335][ T6626] Tainted: [L]=SOFTLOCKUP [ 125.805340][ T6626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 125.805348][ T6626] Call Trace: [ 125.805353][ T6626] [ 125.805359][ T6626] dump_stack_lvl+0x16c/0x1f0 [ 125.805389][ T6626] should_fail_ex+0x512/0x640 [ 125.805409][ T6626] should_fail_alloc_page+0xe7/0x130 [ 125.805431][ T6626] prepare_alloc_pages+0x401/0x670 [ 125.805455][ T6626] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 125.805474][ T6626] ? stack_trace_save+0x8e/0xc0 [ 125.805494][ T6626] ? __pfx_stack_trace_save+0x10/0x10 [ 125.805513][ T6626] ? stack_depot_save_flags+0x29/0x9b0 [ 125.805532][ T6626] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 125.805547][ T6626] ? kasan_save_stack+0x33/0x60 [ 125.805564][ T6626] ? __kasan_kmalloc+0xaa/0xb0 [ 125.805580][ T6626] ? do_sys_poll+0x24a/0xdf0 [ 125.805596][ T6626] ? __x64_sys_poll+0x1a6/0x450 [ 125.805612][ T6626] ? do_syscall_64+0xcd/0xf80 [ 125.805623][ T6626] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.805640][ T6626] ? __lock_acquire+0x436/0x2890 [ 125.805655][ T6626] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 125.805675][ T6626] ? policy_nodemask+0xea/0x4e0 [ 125.805696][ T6626] alloc_pages_mpol+0x1fb/0x550 [ 125.805716][ T6626] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 125.805740][ T6626] alloc_pages_noprof+0x131/0x390 [ 125.805759][ T6626] get_free_pages_noprof+0x10/0xb0 [ 125.805777][ T6626] __pollwait+0x295/0x460 [ 125.805796][ T6626] pipe_poll+0x23c/0x660 [ 125.805813][ T6626] ? __pfx___pollwait+0x10/0x10 [ 125.805830][ T6626] ? __pfx_pipe_poll+0x10/0x10 [ 125.805847][ T6626] do_sys_poll+0x55c/0xdf0 [ 125.805871][ T6626] ? __pfx_do_sys_poll+0x10/0x10 [ 125.805903][ T6626] ? __lock_acquire+0x436/0x2890 [ 125.805916][ T6626] ? __pfx___pollwait+0x10/0x10 [ 125.805935][ T6626] ? __pfx_pollwake+0x10/0x10 [ 125.805952][ T6626] ? __pfx_pollwake+0x10/0x10 [ 125.805970][ T6626] ? __pfx_pollwake+0x10/0x10 [ 125.805988][ T6626] ? __pfx_pollwake+0x10/0x10 [ 125.806006][ T6626] ? __pfx_pollwake+0x10/0x10 [ 125.806024][ T6626] ? __pfx_pollwake+0x10/0x10 [ 125.806042][ T6626] ? __pfx_pollwake+0x10/0x10 [ 125.806059][ T6626] ? __pfx_pollwake+0x10/0x10 [ 125.806077][ T6626] ? __pfx_pollwake+0x10/0x10 [ 125.806094][ T6626] ? __pfx_timespec64_add_safe+0x10/0x10 [ 125.806109][ T6626] ? ktime_get_ts64+0x2d2/0x400 [ 125.806122][ T6626] ? read_tsc+0x9/0x20 [ 125.806150][ T6626] ? ktime_get_ts64+0x256/0x400 [ 125.806169][ T6626] __x64_sys_poll+0x1a6/0x450 [ 125.806187][ T6626] ? __pfx___x64_sys_poll+0x10/0x10 [ 125.806207][ T6626] ? trace_irq_enable.constprop.0+0x2f/0x110 [ 125.806232][ T6626] do_syscall_64+0xcd/0xf80 [ 125.806246][ T6626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.806259][ T6626] RIP: 0033:0x7f26bdf8f7c9 [ 125.806271][ T6626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.806284][ T6626] RSP: 002b:00007f26bed3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 125.806297][ T6626] RAX: ffffffffffffffda RBX: 00007f26be1e5fa0 RCX: 00007f26bdf8f7c9 [ 125.806306][ T6626] RDX: 00000000000ffffc RSI: 0000000000000040 RDI: 00002000000002c0 [ 125.806314][ T6626] RBP: 00007f26be013f91 R08: 0000000000000000 R09: 0000000000000000 [ 125.806322][ T6626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.806330][ T6626] R13: 00007f26be1e6038 R14: 00007f26be1e5fa0 R15: 00007ffdb819a3f8 [ 125.806353][ T6626] [ 126.192710][ T6635] netlink: 28 bytes leftover after parsing attributes in process `syz.1.202'. [ 126.540770][ T6643] sp0: Synchronizing with TNC [ 126.939420][ T6648] netlink: 62 bytes leftover after parsing attributes in process `syz.1.206'. [ 129.160307][ T6687] mkiss: ax0: crc mode is auto. [ 129.528781][ T6701] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 130.433918][ T6727] vivid-007: ================= START STATUS ================= [ 130.460956][ T6727] vivid-007: Enable Output Cropping: true [ 130.473511][ T6727] vivid-007: Enable Output Composing: true [ 130.479745][ T6727] vivid-007: Enable Output Scaler: true [ 130.493242][ T6727] vivid-007: Tx RGB Quantization Range: Automatic [ 130.526023][ T6728] 0x000200000001-0xa29656a63616329 : "" [ 130.533270][ T6727] vivid-007: Transmit Mode: HDMI [ 130.548859][ T6728] mtd: partition "" is out of reach -- disabled [ 130.555362][ T6727] vivid-007: Hotplug Present: 0x00000000 [ 130.564170][ T6727] vivid-007: RxSense Present: 0x00000000 [ 130.618430][ T6728] ftl_cs: FTL header not found. [ 130.636813][ T6727] vivid-007: EDID Present: 0x00000000 [ 130.642266][ T6727] vivid-007: ================== END STATUS ================== [ 131.010135][ T6738] syz.0.229 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 131.257801][ T6739] cougar: G6 mapped to space [ 131.931472][ T6747] zswap: compressor not available [ 132.604535][ T6761] netlink: 186 bytes leftover after parsing attributes in process `syz.1.234'. [ 132.618373][ T6761] netlink: 186 bytes leftover after parsing attributes in process `syz.1.234'. [ 132.901159][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.909741][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.744096][ T30] audit: type=1800 audit(1768756139.325:2): pid=6799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.254" name="members" dev="configfs" ino=12278 res=0 errno=0 [ 134.836046][ T6799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.254'. [ 135.022940][ T30] audit: type=1800 audit(1768756139.605:3): pid=6806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.247" name="discovery_nqn" dev="configfs" ino=13324 res=0 errno=0 [ 135.529833][ T6817] netlink: 28 bytes leftover after parsing attributes in process `syz.1.250'. [ 135.696022][ T6811] FAULT_INJECTION: forcing a failure. [ 135.696022][ T6811] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 135.719979][ T6811] CPU: 0 UID: 0 PID: 6811 Comm: syz.2.248 Tainted: G L syzkaller #0 PREEMPT(full) [ 135.720020][ T6811] Tainted: [L]=SOFTLOCKUP [ 135.720027][ T6811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 135.720042][ T6811] Call Trace: [ 135.720049][ T6811] [ 135.720057][ T6811] dump_stack_lvl+0x16c/0x1f0 [ 135.720097][ T6811] should_fail_ex+0x512/0x640 [ 135.720129][ T6811] should_fail_alloc_page+0xe7/0x130 [ 135.720169][ T6811] prepare_alloc_pages+0x401/0x670 [ 135.720208][ T6811] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 135.720242][ T6811] ? stack_trace_save+0x8e/0xc0 [ 135.720277][ T6811] ? __pfx_stack_trace_save+0x10/0x10 [ 135.720312][ T6811] ? stack_depot_save_flags+0x29/0x9b0 [ 135.720340][ T6811] ? kvm_sched_clock_read+0x11/0x20 [ 135.720379][ T6811] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 135.720408][ T6811] ? kasan_save_stack+0x33/0x60 [ 135.720437][ T6811] ? __kasan_kmalloc+0xaa/0xb0 [ 135.720476][ T6811] ? do_sys_poll+0x24a/0xdf0 [ 135.720505][ T6811] ? __x64_sys_poll+0x1a6/0x450 [ 135.720530][ T6811] ? do_syscall_64+0xcd/0xf80 [ 135.720546][ T6811] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.720575][ T6811] ? __lock_acquire+0x436/0x2890 [ 135.720601][ T6811] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 135.720633][ T6811] ? policy_nodemask+0xea/0x4e0 [ 135.720666][ T6811] alloc_pages_mpol+0x1fb/0x550 [ 135.720696][ T6811] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 135.720735][ T6811] alloc_pages_noprof+0x131/0x390 [ 135.720770][ T6811] get_free_pages_noprof+0x10/0xb0 [ 135.720802][ T6811] __pollwait+0x295/0x460 [ 135.720835][ T6811] pipe_poll+0x23c/0x660 [ 135.720865][ T6811] ? __pfx___pollwait+0x10/0x10 [ 135.720895][ T6811] ? __pfx_pipe_poll+0x10/0x10 [ 135.720924][ T6811] do_sys_poll+0x55c/0xdf0 [ 135.720964][ T6811] ? __pfx_do_sys_poll+0x10/0x10 [ 135.721025][ T6811] ? __futex_wait+0x24b/0x2f0 [ 135.721058][ T6811] ? __pfx___pollwait+0x10/0x10 [ 135.721092][ T6811] ? __pfx_pollwake+0x10/0x10 [ 135.721124][ T6811] ? __pfx_pollwake+0x10/0x10 [ 135.721157][ T6811] ? __pfx_pollwake+0x10/0x10 [ 135.721189][ T6811] ? __pfx_pollwake+0x10/0x10 [ 135.721222][ T6811] ? __pfx_pollwake+0x10/0x10 [ 135.721255][ T6811] ? __pfx_pollwake+0x10/0x10 [ 135.721287][ T6811] ? __pfx_pollwake+0x10/0x10 [ 135.721321][ T6811] ? __pfx_pollwake+0x10/0x10 [ 135.721353][ T6811] ? __pfx_pollwake+0x10/0x10 [ 135.721383][ T6811] ? __pfx_timespec64_add_safe+0x10/0x10 [ 135.721411][ T6811] ? ktime_get_ts64+0x2d2/0x400 [ 135.721436][ T6811] ? read_tsc+0x9/0x20 [ 135.721473][ T6811] ? ktime_get_ts64+0x256/0x400 [ 135.721502][ T6811] __x64_sys_poll+0x1a6/0x450 [ 135.721531][ T6811] ? __pfx___x64_sys_poll+0x10/0x10 [ 135.721569][ T6811] do_syscall_64+0xcd/0xf80 [ 135.721593][ T6811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.721616][ T6811] RIP: 0033:0x7fe49038f7c9 [ 135.721637][ T6811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.721659][ T6811] RSP: 002b:00007fe48e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 135.721682][ T6811] RAX: ffffffffffffffda RBX: 00007fe4905e5fa0 RCX: 00007fe49038f7c9 [ 135.721698][ T6811] RDX: 00000000000ffffc RSI: 0000000000000040 RDI: 00002000000002c0 [ 135.721713][ T6811] RBP: 00007fe490413f91 R08: 0000000000000000 R09: 0000000000000000 [ 135.721727][ T6811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 135.721741][ T6811] R13: 00007fe4905e6038 R14: 00007fe4905e5fa0 R15: 00007ffdf3b8adc8 [ 135.721771][ T6811] [ 136.315264][ T6824] netlink: 4 bytes leftover after parsing attributes in process `syz.3.251'. [ 136.440624][ T6824] netlink: 25 bytes leftover after parsing attributes in process `syz.3.251'. [ 136.701446][ T6835] netlink: 25 bytes leftover after parsing attributes in process `syz.1.258'. [ 137.558227][ T6853] FAULT_INJECTION: forcing a failure. [ 137.558227][ T6853] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 137.576842][ T6853] CPU: 1 UID: 0 PID: 6853 Comm: syz.1.264 Tainted: G L syzkaller #0 PREEMPT(full) [ 137.576881][ T6853] Tainted: [L]=SOFTLOCKUP [ 137.576890][ T6853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 137.576903][ T6853] Call Trace: [ 137.576912][ T6853] [ 137.576922][ T6853] dump_stack_lvl+0x16c/0x1f0 [ 137.576968][ T6853] should_fail_ex+0x512/0x640 [ 137.577003][ T6853] should_fail_alloc_page+0xe7/0x130 [ 137.577046][ T6853] prepare_alloc_pages+0x401/0x670 [ 137.577088][ T6853] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 137.577123][ T6853] ? stack_trace_save+0x8e/0xc0 [ 137.577159][ T6853] ? __pfx_stack_trace_save+0x10/0x10 [ 137.577196][ T6853] ? stack_depot_save_flags+0x29/0x9b0 [ 137.577231][ T6853] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 137.577261][ T6853] ? kasan_save_stack+0x33/0x60 [ 137.577292][ T6853] ? __kasan_kmalloc+0xaa/0xb0 [ 137.577322][ T6853] ? do_sys_poll+0x24a/0xdf0 [ 137.577363][ T6853] ? __x64_sys_poll+0x1a6/0x450 [ 137.577395][ T6853] ? do_syscall_64+0xcd/0xf80 [ 137.577417][ T6853] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.577451][ T6853] ? __lock_acquire+0x436/0x2890 [ 137.577479][ T6853] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 137.577517][ T6853] ? policy_nodemask+0xea/0x4e0 [ 137.577555][ T6853] alloc_pages_mpol+0x1fb/0x550 [ 137.577591][ T6853] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 137.577637][ T6853] alloc_pages_noprof+0x131/0x390 [ 137.577674][ T6853] get_free_pages_noprof+0x10/0xb0 [ 137.577707][ T6853] __pollwait+0x295/0x460 [ 137.577742][ T6853] pipe_poll+0x23c/0x660 [ 137.577773][ T6853] ? __pfx___pollwait+0x10/0x10 [ 137.577805][ T6853] ? __pfx_pipe_poll+0x10/0x10 [ 137.577836][ T6853] do_sys_poll+0x55c/0xdf0 [ 137.577880][ T6853] ? __pfx_do_sys_poll+0x10/0x10 [ 137.577938][ T6853] ? __futex_wait+0x24b/0x2f0 [ 137.577966][ T6853] ? __pfx___pollwait+0x10/0x10 [ 137.577998][ T6853] ? __pfx_pollwake+0x10/0x10 [ 137.578032][ T6853] ? __pfx_pollwake+0x10/0x10 [ 137.578065][ T6853] ? __pfx_pollwake+0x10/0x10 [ 137.578098][ T6853] ? __pfx_pollwake+0x10/0x10 [ 137.578132][ T6853] ? __pfx_pollwake+0x10/0x10 [ 137.578165][ T6853] ? __pfx_pollwake+0x10/0x10 [ 137.578199][ T6853] ? __pfx_pollwake+0x10/0x10 [ 137.578233][ T6853] ? __pfx_pollwake+0x10/0x10 [ 137.578266][ T6853] ? __pfx_pollwake+0x10/0x10 [ 137.578297][ T6853] ? __pfx_timespec64_add_safe+0x10/0x10 [ 137.578325][ T6853] ? ktime_get_ts64+0x2d2/0x400 [ 137.578360][ T6853] ? read_tsc+0x9/0x20 [ 137.578393][ T6853] ? ktime_get_ts64+0x256/0x400 [ 137.578427][ T6853] __x64_sys_poll+0x1a6/0x450 [ 137.578461][ T6853] ? __pfx___x64_sys_poll+0x10/0x10 [ 137.578504][ T6853] do_syscall_64+0xcd/0xf80 [ 137.578530][ T6853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.578555][ T6853] RIP: 0033:0x7f60cb18f7c9 [ 137.578576][ T6853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.578600][ T6853] RSP: 002b:00007f60cc019038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 137.578622][ T6853] RAX: ffffffffffffffda RBX: 00007f60cb3e5fa0 RCX: 00007f60cb18f7c9 [ 137.578637][ T6853] RDX: 00000000000ffffc RSI: 0000000000000040 RDI: 00002000000002c0 [ 137.578650][ T6853] RBP: 00007f60cb213f91 R08: 0000000000000000 R09: 0000000000000000 [ 137.578663][ T6853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.578677][ T6853] R13: 00007f60cb3e6038 R14: 00007f60cb3e5fa0 R15: 00007ffd11e6c068 [ 137.578711][ T6853] [ 138.467338][ T6864] netlink: 306 bytes leftover after parsing attributes in process `syz.1.267'. [ 138.774176][ T6869] netlink: 28 bytes leftover after parsing attributes in process `syz.2.268'. [ 139.407398][ T6877] FAULT_INJECTION: forcing a failure. [ 139.407398][ T6877] name failslab, interval 1, probability 0, space 0, times 0 [ 139.420418][ T6877] CPU: 1 UID: 0 PID: 6877 Comm: syz.1.272 Tainted: G L syzkaller #0 PREEMPT(full) [ 139.420460][ T6877] Tainted: [L]=SOFTLOCKUP [ 139.420467][ T6877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 139.420482][ T6877] Call Trace: [ 139.420490][ T6877] [ 139.420500][ T6877] dump_stack_lvl+0x16c/0x1f0 [ 139.420542][ T6877] should_fail_ex+0x512/0x640 [ 139.420566][ T6877] ? __kmalloc_noprof+0xca/0x910 [ 139.420592][ T6877] should_failslab+0xc2/0x120 [ 139.420624][ T6877] __kmalloc_noprof+0xeb/0x910 [ 139.420647][ T6877] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 139.420678][ T6877] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 139.420700][ T6877] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 139.420730][ T6877] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 139.420754][ T6877] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 139.420776][ T6877] ? genl_get_cmd+0x194/0x580 [ 139.420802][ T6877] ? bpf_lsm_capable+0x9/0x10 [ 139.420829][ T6877] ? security_capable+0x7e/0x260 [ 139.420850][ T6877] ? ns_capable+0xd7/0x110 [ 139.420878][ T6877] genl_rcv_msg+0x55c/0x800 [ 139.420903][ T6877] ? __pfx_genl_rcv_msg+0x10/0x10 [ 139.420926][ T6877] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 139.420962][ T6877] netlink_rcv_skb+0x158/0x420 [ 139.420992][ T6877] ? __pfx_genl_rcv_msg+0x10/0x10 [ 139.421015][ T6877] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 139.421057][ T6877] ? netlink_deliver_tap+0x1ae/0xd30 [ 139.421091][ T6877] genl_rcv+0x28/0x40 [ 139.421108][ T6877] netlink_unicast+0x5aa/0x870 [ 139.421143][ T6877] ? __pfx_netlink_unicast+0x10/0x10 [ 139.421184][ T6877] netlink_sendmsg+0x8c8/0xdd0 [ 139.421219][ T6877] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.421253][ T6877] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 139.421280][ T6877] ____sys_sendmsg+0xa5d/0xc30 [ 139.421301][ T6877] ? copy_msghdr_from_user+0x10a/0x160 [ 139.421328][ T6877] ? __pfx_____sys_sendmsg+0x10/0x10 [ 139.421346][ T6877] ? preempt_schedule_thunk+0x16/0x30 [ 139.421373][ T6877] ? try_to_wake_up+0xa67/0x1860 [ 139.421417][ T6877] ___sys_sendmsg+0x134/0x1d0 [ 139.421448][ T6877] ? __pfx____sys_sendmsg+0x10/0x10 [ 139.421477][ T6877] ? futex_private_hash_put+0x160/0x1b0 [ 139.421537][ T6877] __sys_sendmsg+0x16d/0x220 [ 139.421566][ T6877] ? __pfx___sys_sendmsg+0x10/0x10 [ 139.421592][ T6877] ? __x64_sys_futex+0x1e0/0x4c0 [ 139.421634][ T6877] do_syscall_64+0xcd/0xf80 [ 139.421656][ T6877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.421676][ T6877] RIP: 0033:0x7f60cb18f7c9 [ 139.421695][ T6877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.421713][ T6877] RSP: 002b:00007f60cc019038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 139.421733][ T6877] RAX: ffffffffffffffda RBX: 00007f60cb3e5fa0 RCX: 00007f60cb18f7c9 [ 139.421747][ T6877] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 139.421760][ T6877] RBP: 00007f60cb213f91 R08: 0000000000000000 R09: 0000000000000000 [ 139.421773][ T6877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.421785][ T6877] R13: 00007f60cb3e6038 R14: 00007f60cb3e5fa0 R15: 00007ffd11e6c068 [ 139.421816][ T6877] [ 139.952244][ T6887] FAULT_INJECTION: forcing a failure. [ 139.952244][ T6887] name failslab, interval 1, probability 0, space 0, times 0 [ 139.963642][ T6888] netlink: 4 bytes leftover after parsing attributes in process `syz.1.277'. [ 139.965435][ T6887] CPU: 1 UID: 0 PID: 6887 Comm: syz.2.275 Tainted: G L syzkaller #0 PREEMPT(full) [ 139.965472][ T6887] Tainted: [L]=SOFTLOCKUP [ 139.965481][ T6887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 139.965495][ T6887] Call Trace: [ 139.965503][ T6887] [ 139.965512][ T6887] dump_stack_lvl+0x16c/0x1f0 [ 139.965555][ T6887] should_fail_ex+0x512/0x640 [ 139.965582][ T6887] ? fs_reclaim_acquire+0xae/0x150 [ 139.965621][ T6887] should_failslab+0xc2/0x120 [ 139.965658][ T6887] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 139.965692][ T6887] ? kstrdup_const+0x63/0x80 [ 139.965725][ T6887] ? kstrdup+0x53/0x100 [ 139.965750][ T6887] kstrdup+0x53/0x100 [ 139.965778][ T6887] kstrdup_const+0x63/0x80 [ 139.965805][ T6887] __kernfs_new_node+0x9b/0x9b0 [ 139.965836][ T6887] ? __pfx___kernfs_new_node+0x10/0x10 [ 139.965872][ T6887] ? find_held_lock+0x2b/0x80 [ 139.965903][ T6887] ? kernfs_root+0xee/0x2a0 [ 139.965936][ T6887] kernfs_new_node+0x13c/0x1e0 [ 139.965973][ T6887] kernfs_create_link+0xcc/0x240 [ 139.965997][ T6887] sysfs_do_create_link_sd+0x90/0x140 [ 139.966026][ T6887] sysfs_create_link+0x61/0xc0 [ 139.966053][ T6887] device_add+0xb3a/0x1980 [ 139.966091][ T6887] ? __pfx_device_add+0x10/0x10 [ 139.966121][ T6887] ? __pfx___might_resched+0x10/0x10 [ 139.966150][ T6887] ? lockdep_hardirqs_on+0x7c/0x110 [ 139.966198][ T6887] __add_disk+0x457/0xf00 [ 139.966238][ T6887] add_disk_fwnode+0x13f/0x5d0 [ 139.966277][ T6887] loop_add+0x903/0xb70 [ 139.966302][ T6887] ? __pfx_loop_add+0x10/0x10 [ 139.966348][ T6887] ? find_held_lock+0x2b/0x80 [ 139.966389][ T6887] loop_control_ioctl+0x13e/0x640 [ 139.966415][ T6887] ? __pfx_loop_control_ioctl+0x10/0x10 [ 139.966464][ T6887] ? __pfx_loop_control_ioctl+0x10/0x10 [ 139.966492][ T6887] __x64_sys_ioctl+0x18e/0x210 [ 139.966526][ T6887] do_syscall_64+0xcd/0xf80 [ 139.966550][ T6887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.966574][ T6887] RIP: 0033:0x7fe49038f7c9 [ 139.966594][ T6887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.966617][ T6887] RSP: 002b:00007fe48e5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 139.966638][ T6887] RAX: ffffffffffffffda RBX: 00007fe4905e6090 RCX: 00007fe49038f7c9 [ 139.966653][ T6887] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000003 [ 139.966668][ T6887] RBP: 00007fe490413f91 R08: 0000000000000000 R09: 0000000000000000 [ 139.966683][ T6887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.966702][ T6887] R13: 00007fe4905e6128 R14: 00007fe4905e6090 R15: 00007ffdf3b8adc8 [ 139.966735][ T6887] [ 140.194005][ T6891] netlink: 354 bytes leftover after parsing attributes in process `syz.1.277'. [ 140.532231][ T6894] : renamed from gre0 (while UP) [ 140.555280][ T6894] capability: warning: `syz.0.278' uses 32-bit capabilities (legacy support in use) [ 140.667212][ T6897] netlink: 186 bytes leftover after parsing attributes in process `syz.2.280'. [ 140.723240][ T6897] netlink: 186 bytes leftover after parsing attributes in process `syz.2.280'. [ 140.821101][ T6904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.281'. [ 141.483021][ T6916] netlink: 16 bytes leftover after parsing attributes in process `syz.2.286'. [ 141.499165][ T6913] netlink: 28 bytes leftover after parsing attributes in process `syz.3.285'. [ 141.517086][ T6917] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 141.995248][ T6910] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 142.004811][ T6910] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 142.025538][ T6910] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 142.039035][ T6910] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 142.046875][ T6910] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 142.068442][ T6910] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 142.079868][ T6910] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 142.086042][ T6910] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 142.111305][ T6910] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 142.128261][ T6910] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 142.134344][ T6910] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 142.149945][ T6910] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 143.297583][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout [ 143.552866][ T6959] sd 0:0:1:0: PR command failed: 1026 [ 143.560620][ T6959] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 143.567816][ T6959] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 143.653181][ T6964] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 144.096946][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 144.096975][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 144.176787][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 144.850545][ T6992] netlink: 4 bytes leftover after parsing attributes in process `syz.1.308'. [ 144.888840][ T6992] netlink: 13 bytes leftover after parsing attributes in process `syz.1.308'. [ 145.192839][ T6995] validate_nla: 2 callbacks suppressed [ 145.192854][ T6995] netlink: 'syz.1.309': attribute type 10 has an invalid length. [ 145.226904][ T6995] netlink: 330 bytes leftover after parsing attributes in process `syz.1.309'. [ 145.295522][ T7001] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 145.381513][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 145.545776][ T7010] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 145.932845][ T7017] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 145.946348][ T7017] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 146.078954][ T7021] hub 1-0:1.0: USB hub found [ 146.083999][ T7021] hub 1-0:1.0: 1 port detected [ 146.115643][ T7021] hub 1-0:1.0: USB hub found [ 146.122013][ T7021] hub 1-0:1.0: 1 port detected [ 146.176840][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 146.177309][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 146.256775][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout [ 147.466827][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout [ 148.257946][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 148.270149][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout [ 148.336854][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout [ 148.514354][ T7067] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 148.542379][ T7071] netlink: 28 bytes leftover after parsing attributes in process `syz.2.330'. [ 149.287098][ T7085] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 149.569778][ T7096] netlink: 25 bytes leftover after parsing attributes in process `syz.0.338'. [ 150.676798][ T7129] FAULT_INJECTION: forcing a failure. [ 150.676798][ T7129] name failslab, interval 1, probability 0, space 0, times 0 [ 150.691487][ T7129] CPU: 1 UID: 0 PID: 7129 Comm: syz.0.346 Tainted: G L syzkaller #0 PREEMPT(full) [ 150.691527][ T7129] Tainted: [L]=SOFTLOCKUP [ 150.691536][ T7129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 150.691560][ T7129] Call Trace: [ 150.691569][ T7129] [ 150.691579][ T7129] dump_stack_lvl+0x16c/0x1f0 [ 150.691625][ T7129] should_fail_ex+0x512/0x640 [ 150.691653][ T7129] ? fs_reclaim_acquire+0xae/0x150 [ 150.691693][ T7129] should_failslab+0xc2/0x120 [ 150.691730][ T7129] kmem_cache_alloc_noprof+0x83/0x770 [ 150.691759][ T7129] ? __pfx_map_id_range_down+0x10/0x10 [ 150.691792][ T7129] ? security_inode_alloc+0x3b/0x2b0 [ 150.691828][ T7129] ? security_inode_alloc+0x3b/0x2b0 [ 150.691855][ T7129] security_inode_alloc+0x3b/0x2b0 [ 150.691884][ T7129] inode_init_always_gfp+0xced/0x1040 [ 150.691926][ T7129] alloc_inode+0x86/0x240 [ 150.691953][ T7129] new_inode+0x22/0x1c0 [ 150.691978][ T7129] ? dput.part.0+0xd8/0x570 [ 150.692007][ T7129] proc_setup_thread_self+0xad/0x280 [ 150.692039][ T7129] proc_fill_super+0x4c7/0x750 [ 150.692074][ T7129] ? __pfx_proc_fill_super+0x10/0x10 [ 150.692105][ T7129] get_tree_nodev+0xdd/0x190 [ 150.692140][ T7129] vfs_get_tree+0x8e/0x330 [ 150.692169][ T7129] vfs_cmd_create+0xd7/0x2a0 [ 150.692198][ T7129] __do_sys_fsconfig+0x7b8/0xbe0 [ 150.692230][ T7129] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 150.692277][ T7129] do_syscall_64+0xcd/0xf80 [ 150.692303][ T7129] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.692328][ T7129] RIP: 0033:0x7f26bdf8f7c9 [ 150.692348][ T7129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.692370][ T7129] RSP: 002b:00007f26bed3e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 150.692393][ T7129] RAX: ffffffffffffffda RBX: 00007f26be1e5fa0 RCX: 00007f26bdf8f7c9 [ 150.692409][ T7129] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000006 [ 150.692423][ T7129] RBP: 00007f26be013f91 R08: 0000000000000000 R09: 0000000000000000 [ 150.692439][ T7129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.692454][ T7129] R13: 00007f26be1e6038 R14: 00007f26be1e5fa0 R15: 00007ffdb819a3f8 [ 150.692497][ T7129] [ 150.692828][ T7129] proc_fill_super: can't allocate /proc/thread-self [ 151.210827][ T7148] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 151.222659][ T7148] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 152.374971][ T7173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.354'. [ 152.416587][ T7173] netlink: 'syz.2.354': attribute type 1 has an invalid length. [ 152.446823][ T7173] netlink: 'syz.2.354': attribute type 6 has an invalid length. [ 154.289927][ T7217] netlink: 4 bytes leftover after parsing attributes in process `syz.3.360'. [ 157.596558][ T7278] netlink: 28 bytes leftover after parsing attributes in process `syz.2.379'. [ 157.605826][ T7278] bridge_slave_1: left allmulticast mode [ 157.614261][ T7278] bridge_slave_1: left promiscuous mode [ 158.052920][ T7278] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.307590][ T7278] bridge_slave_0: left allmulticast mode [ 158.313417][ T7278] bridge_slave_0: left promiscuous mode [ 158.325463][ T7278] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.692988][ T7293] netlink: 330 bytes leftover after parsing attributes in process `syz.3.382'. [ 159.377115][ T7318] FAULT_INJECTION: forcing a failure. [ 159.377115][ T7318] name failslab, interval 1, probability 0, space 0, times 0 [ 159.389960][ T7318] CPU: 0 UID: 60928 PID: 7318 Comm: syz.3.388 Tainted: G L syzkaller #0 PREEMPT(full) [ 159.389983][ T7318] Tainted: [L]=SOFTLOCKUP [ 159.389988][ T7318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 159.389997][ T7318] Call Trace: [ 159.390002][ T7318] [ 159.390008][ T7318] dump_stack_lvl+0x16c/0x1f0 [ 159.390033][ T7318] should_fail_ex+0x512/0x640 [ 159.390049][ T7318] ? __kmalloc_noprof+0xca/0x910 [ 159.390065][ T7318] should_failslab+0xc2/0x120 [ 159.390086][ T7318] __kmalloc_noprof+0xeb/0x910 [ 159.390100][ T7318] ? lsm_blob_alloc+0x68/0x90 [ 159.390123][ T7318] ? lsm_blob_alloc+0x68/0x90 [ 159.390143][ T7318] lsm_blob_alloc+0x68/0x90 [ 159.390162][ T7318] security_prepare_creds+0x2f/0x270 [ 159.390182][ T7318] prepare_creds+0x5d6/0x940 [ 159.390199][ T7318] __do_sys_capset+0x26c/0x460 [ 159.390215][ T7318] ? __pfx___do_sys_capset+0x10/0x10 [ 159.390236][ T7318] ? __x64_sys_futex+0x1e0/0x4c0 [ 159.390255][ T7318] ? xfd_validate_state+0x61/0x180 [ 159.390271][ T7318] ? rcu_is_watching+0x12/0xc0 [ 159.390292][ T7318] do_syscall_64+0xcd/0xf80 [ 159.390305][ T7318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.390318][ T7318] RIP: 0033:0x7f3a6a38f7c9 [ 159.390330][ T7318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.390342][ T7318] RSP: 002b:00007f3a6b163038 EFLAGS: 00000246 ORIG_RAX: 000000000000007e [ 159.390355][ T7318] RAX: ffffffffffffffda RBX: 00007f3a6a5e5fa0 RCX: 00007f3a6a38f7c9 [ 159.390364][ T7318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 159.390371][ T7318] RBP: 00007f3a6a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 159.390378][ T7318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.390385][ T7318] R13: 00007f3a6a5e6038 R14: 00007f3a6a5e5fa0 R15: 00007ffd9b927ec8 [ 159.390403][ T7318] [ 160.015830][ T7311] syz.1.387 (7311) used greatest stack depth: 17576 bytes left [ 162.309971][ T7358] netlink: 'syz.0.401': attribute type 1 has an invalid length. [ 163.881942][ T7380] netlink: 246 bytes leftover after parsing attributes in process `syz.1.406'. [ 163.976020][ T7383] FAULT_INJECTION: forcing a failure. [ 163.976020][ T7383] name failslab, interval 1, probability 0, space 0, times 0 [ 163.992652][ T7383] CPU: 1 UID: 0 PID: 7383 Comm: syz.2.407 Tainted: G L syzkaller #0 PREEMPT(full) [ 163.992701][ T7383] Tainted: [L]=SOFTLOCKUP [ 163.992710][ T7383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 163.992724][ T7383] Call Trace: [ 163.992732][ T7383] [ 163.992742][ T7383] dump_stack_lvl+0x16c/0x1f0 [ 163.992788][ T7383] should_fail_ex+0x512/0x640 [ 163.992816][ T7383] ? __kmalloc_cache_noprof+0x5f/0x800 [ 163.992846][ T7383] should_failslab+0xc2/0x120 [ 163.992878][ T7383] __kmalloc_cache_noprof+0x80/0x800 [ 163.992902][ T7383] ? vma_wants_writenotify+0x10b/0x390 [ 163.992931][ T7383] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 163.992961][ T7383] ? __mt_destroy+0xa8/0x3e0 [ 163.992983][ T7383] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 163.993010][ T7383] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 163.993041][ T7383] hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 163.993072][ T7383] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 163.993110][ T7383] mmap_action_complete+0x236/0x3f0 [ 163.993141][ T7383] __mmap_region+0xcd8/0x2a00 [ 163.993172][ T7383] ? __pfx___mmap_region+0x10/0x10 [ 163.993223][ T7383] ? kernel_text_address+0x8d/0x100 [ 163.993249][ T7383] ? __kernel_text_address+0xd/0x40 [ 163.993276][ T7383] ? unwind_get_return_address+0x59/0xa0 [ 163.993322][ T7383] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 163.993363][ T7383] ? stack_trace_save+0x8e/0xc0 [ 163.993448][ T7383] ? rcu_is_watching+0x12/0xc0 [ 163.993491][ T7383] mmap_region+0x32b/0x3f0 [ 163.993526][ T7383] do_mmap+0xa3e/0x1210 [ 163.993568][ T7383] ? __pfx_do_mmap+0x10/0x10 [ 163.993603][ T7383] ? __pfx_down_write_killable+0x10/0x10 [ 163.993638][ T7383] vm_mmap_pgoff+0x29e/0x470 [ 163.993678][ T7383] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 163.993718][ T7383] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 163.993745][ T7383] ? hugetlbfs_get_inode+0x31f/0x700 [ 163.993777][ T7383] ksys_mmap_pgoff+0x1c8/0x5c0 [ 163.993814][ T7383] __x64_sys_mmap+0x125/0x190 [ 163.993843][ T7383] do_syscall_64+0xcd/0xf80 [ 163.993869][ T7383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.993892][ T7383] RIP: 0033:0x7fe49038f7c9 [ 163.993914][ T7383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.993937][ T7383] RSP: 002b:00007fe48e5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 163.993961][ T7383] RAX: ffffffffffffffda RBX: 00007fe4905e6090 RCX: 00007fe49038f7c9 [ 163.993977][ T7383] RDX: 0000000000000003 RSI: 0000000000a00006 RDI: 0000000000000000 [ 163.993992][ T7383] RBP: 00007fe490413f91 R08: ffffffffffffffff R09: 0000000000000000 [ 163.994009][ T7383] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 163.994023][ T7383] R13: 00007fe4905e6128 R14: 00007fe4905e6090 R15: 00007ffdf3b8adc8 [ 163.994059][ T7383] [ 164.342034][ T7383] HugeTLB: unable to allocate vma specific lock [ 165.088945][ T7393] netlink: 342 bytes leftover after parsing attributes in process `syz.2.410'. [ 165.629732][ T7410] netlink: 338 bytes leftover after parsing attributes in process `syz.0.415'. [ 165.681738][ T7410] netlink: 338 bytes leftover after parsing attributes in process `syz.0.415'. [ 165.719848][ T7410] netlink: 338 bytes leftover after parsing attributes in process `syz.0.415'. [ 165.810774][ T7410] netlink: 338 bytes leftover after parsing attributes in process `syz.0.415'. [ 165.876454][ T7411] netlink: 306 bytes leftover after parsing attributes in process `syz.0.415'. [ 165.977702][ T7410] netlink: 338 bytes leftover after parsing attributes in process `syz.0.415'. [ 166.085298][ T7410] netlink: 338 bytes leftover after parsing attributes in process `syz.0.415'. [ 166.283958][ T7410] netlink: 338 bytes leftover after parsing attributes in process `syz.0.415'. [ 167.198645][ T7431] FAULT_INJECTION: forcing a failure. [ 167.198645][ T7431] name failslab, interval 1, probability 0, space 0, times 0 [ 167.342098][ T7431] CPU: 1 UID: 0 PID: 7431 Comm: syz.0.419 Tainted: G L syzkaller #0 PREEMPT(full) [ 167.342138][ T7431] Tainted: [L]=SOFTLOCKUP [ 167.342147][ T7431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 167.342161][ T7431] Call Trace: [ 167.342170][ T7431] [ 167.342181][ T7431] dump_stack_lvl+0x16c/0x1f0 [ 167.342228][ T7431] should_fail_ex+0x512/0x640 [ 167.342256][ T7431] ? __kmalloc_cache_noprof+0x5f/0x800 [ 167.342289][ T7431] should_failslab+0xc2/0x120 [ 167.342326][ T7431] __kmalloc_cache_noprof+0x80/0x800 [ 167.342352][ T7431] ? vma_wants_writenotify+0x10b/0x390 [ 167.342383][ T7431] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 167.342415][ T7431] ? __mt_destroy+0xa8/0x3e0 [ 167.342449][ T7431] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 167.342486][ T7431] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 167.342523][ T7431] hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 167.342555][ T7431] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 167.342595][ T7431] mmap_action_complete+0x236/0x3f0 [ 167.342630][ T7431] __mmap_region+0xcd8/0x2a00 [ 167.342664][ T7431] ? __pfx___mmap_region+0x10/0x10 [ 167.342718][ T7431] ? kernel_text_address+0x8d/0x100 [ 167.342746][ T7431] ? __kernel_text_address+0xd/0x40 [ 167.342771][ T7431] ? unwind_get_return_address+0x59/0xa0 [ 167.342815][ T7431] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 167.342855][ T7431] ? stack_trace_save+0x8e/0xc0 [ 167.342940][ T7431] ? rcu_is_watching+0x12/0xc0 [ 167.342982][ T7431] mmap_region+0x32b/0x3f0 [ 167.343018][ T7431] do_mmap+0xa3e/0x1210 [ 167.343060][ T7431] ? __pfx_do_mmap+0x10/0x10 [ 167.343095][ T7431] ? __pfx_down_write_killable+0x10/0x10 [ 167.343129][ T7431] vm_mmap_pgoff+0x29e/0x470 [ 167.343166][ T7431] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 167.343192][ T7431] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 167.343219][ T7431] ? hugetlbfs_get_inode+0x31f/0x700 [ 167.343252][ T7431] ksys_mmap_pgoff+0x1c8/0x5c0 [ 167.343289][ T7431] __x64_sys_mmap+0x125/0x190 [ 167.343317][ T7431] do_syscall_64+0xcd/0xf80 [ 167.343343][ T7431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.343368][ T7431] RIP: 0033:0x7f26bdf8f7c9 [ 167.343388][ T7431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.343411][ T7431] RSP: 002b:00007f26bc1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 167.343442][ T7431] RAX: ffffffffffffffda RBX: 00007f26be1e6090 RCX: 00007f26bdf8f7c9 [ 167.343460][ T7431] RDX: 0000000000000003 RSI: 0000000000a00006 RDI: 0000000000000000 [ 167.343475][ T7431] RBP: 00007f26be013f91 R08: ffffffffffffffff R09: 0000000000000000 [ 167.343491][ T7431] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 167.343506][ T7431] R13: 00007f26be1e6128 R14: 00007f26be1e6090 R15: 00007ffdb819a3f8 [ 167.343542][ T7431] [ 167.388642][ T5848] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 168.910901][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout [ 168.927045][ T7422] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 169.076138][ T7422] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 169.092817][ T7422] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 169.187068][ T7422] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 169.240267][ T7422] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 170.416374][ T7468] zswap: compressor 000 not available [ 170.522821][ T7469] __nla_validate_parse: 5 callbacks suppressed [ 170.522843][ T7469] netlink: 342 bytes leftover after parsing attributes in process `syz.1.430'. [ 171.136836][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout [ 171.216825][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout [ 171.216834][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 171.254833][ T7486] FAULT_INJECTION: forcing a failure. [ 171.254833][ T7486] name failslab, interval 1, probability 0, space 0, times 0 [ 171.268359][ T7486] CPU: 1 UID: 0 PID: 7486 Comm: syz.2.436 Tainted: G L syzkaller #0 PREEMPT(full) [ 171.268399][ T7486] Tainted: [L]=SOFTLOCKUP [ 171.268408][ T7486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 171.268423][ T7486] Call Trace: [ 171.268432][ T7486] [ 171.268441][ T7486] dump_stack_lvl+0x16c/0x1f0 [ 171.268486][ T7486] should_fail_ex+0x512/0x640 [ 171.268515][ T7486] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 171.268556][ T7486] should_failslab+0xc2/0x120 [ 171.268595][ T7486] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 171.268631][ T7486] ? kasprintf+0xc7/0x100 [ 171.268670][ T7486] ? kvasprintf+0xbc/0x150 [ 171.268695][ T7486] kvasprintf+0xbc/0x150 [ 171.268723][ T7486] ? __pfx_kvasprintf+0x10/0x10 [ 171.268754][ T7486] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 171.268790][ T7486] ? lockdep_hardirqs_on+0x7c/0x110 [ 171.268827][ T7486] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 171.268867][ T7486] kasprintf+0xc7/0x100 [ 171.268894][ T7486] ? __pfx_kasprintf+0x10/0x10 [ 171.268939][ T7486] ieee80211_alloc_led_names+0x11b/0x420 [ 171.268971][ T7486] ieee80211_alloc_hw_nm+0x197c/0x22b0 [ 171.269006][ T7486] mac80211_hwsim_new_radio+0x1d3/0x5150 [ 171.269054][ T7486] ? __asan_memset+0x23/0x50 [ 171.269085][ T7486] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 171.269127][ T7486] hwsim_new_radio_nl+0xba2/0x1330 [ 171.269169][ T7486] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 171.269213][ T7486] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 171.269241][ T7486] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 171.269276][ T7486] genl_family_rcv_msg_doit+0x209/0x2f0 [ 171.269306][ T7486] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 171.269332][ T7486] ? genl_get_cmd+0x194/0x580 [ 171.269363][ T7486] ? bpf_lsm_capable+0x9/0x10 [ 171.269394][ T7486] ? security_capable+0x7e/0x260 [ 171.269420][ T7486] ? ns_capable+0xd7/0x110 [ 171.269454][ T7486] genl_rcv_msg+0x55c/0x800 [ 171.269484][ T7486] ? __pfx_genl_rcv_msg+0x10/0x10 [ 171.269511][ T7486] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 171.269554][ T7486] netlink_rcv_skb+0x158/0x420 [ 171.269590][ T7486] ? __pfx_genl_rcv_msg+0x10/0x10 [ 171.269618][ T7486] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 171.269669][ T7486] ? netlink_deliver_tap+0x1ae/0xd30 [ 171.269709][ T7486] genl_rcv+0x28/0x40 [ 171.269731][ T7486] netlink_unicast+0x5aa/0x870 [ 171.269772][ T7486] ? __pfx_netlink_unicast+0x10/0x10 [ 171.269822][ T7486] netlink_sendmsg+0x8c8/0xdd0 [ 171.269872][ T7486] ? __pfx_netlink_sendmsg+0x10/0x10 [ 171.269912][ T7486] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 171.269945][ T7486] ____sys_sendmsg+0xa5d/0xc30 [ 171.269974][ T7486] ? copy_msghdr_from_user+0x10a/0x160 [ 171.270006][ T7486] ? __pfx_____sys_sendmsg+0x10/0x10 [ 171.270041][ T7486] ? __pfx_futex_wake_mark+0x10/0x10 [ 171.270081][ T7486] ___sys_sendmsg+0x134/0x1d0 [ 171.270118][ T7486] ? __pfx____sys_sendmsg+0x10/0x10 [ 171.270159][ T7486] ? futex_private_hash_put+0x160/0x1b0 [ 171.270230][ T7486] __sys_sendmsg+0x16d/0x220 [ 171.270267][ T7486] ? __pfx___sys_sendmsg+0x10/0x10 [ 171.270300][ T7486] ? __x64_sys_futex+0x1e0/0x4c0 [ 171.270352][ T7486] do_syscall_64+0xcd/0xf80 [ 171.270380][ T7486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.270404][ T7486] RIP: 0033:0x7fe49038f7c9 [ 171.270425][ T7486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.270450][ T7486] RSP: 002b:00007fe48e5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 171.270472][ T7486] RAX: ffffffffffffffda RBX: 00007fe4905e5fa0 RCX: 00007fe49038f7c9 [ 171.270489][ T7486] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 171.270504][ T7486] RBP: 00007fe490413f91 R08: 0000000000000000 R09: 0000000000000000 [ 171.270519][ T7486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.270534][ T7486] R13: 00007fe4905e6038 R14: 00007fe4905e5fa0 R15: 00007ffdf3b8adc8 [ 171.270570][ T7486] [ 171.833333][ T7493] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2043405638 (4086811276 ns) > initial count (3875379206 ns). Using initial count to start timer. [ 173.216783][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 173.584430][ T7527] netlink: 13 bytes leftover after parsing attributes in process `syz.3.445'. [ 173.729270][ T7502] kexec: Could not allocate control_code_buffer [ 174.560963][ T7535] mmap: syz.3.452 (7535) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 176.414796][ T7580] syz.3.460 uses obsolete (PF_INET,SOCK_PACKET) [ 180.567527][ T7643] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 181.161327][ T7664] FAULT_INJECTION: forcing a failure. [ 181.161327][ T7664] name failslab, interval 1, probability 0, space 0, times 0 [ 181.185356][ T7664] CPU: 1 UID: 0 PID: 7664 Comm: syz.2.483 Tainted: G L syzkaller #0 PREEMPT(full) [ 181.185397][ T7664] Tainted: [L]=SOFTLOCKUP [ 181.185406][ T7664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 181.185420][ T7664] Call Trace: [ 181.185429][ T7664] [ 181.185440][ T7664] dump_stack_lvl+0x16c/0x1f0 [ 181.185487][ T7664] should_fail_ex+0x512/0x640 [ 181.185517][ T7664] ? fs_reclaim_acquire+0xae/0x150 [ 181.185560][ T7664] should_failslab+0xc2/0x120 [ 181.185599][ T7664] __kmalloc_noprof+0xeb/0x910 [ 181.185627][ T7664] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 181.185669][ T7664] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 181.185702][ T7664] tomoyo_realpath_from_path+0xc2/0x6e0 [ 181.185740][ T7664] ? tomoyo_profile+0x47/0x60 [ 181.185780][ T7664] tomoyo_path_number_perm+0x245/0x580 [ 181.185808][ T7664] ? tomoyo_path_number_perm+0x237/0x580 [ 181.185841][ T7664] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 181.185904][ T7664] ? d_alloc_parallel+0xb4e/0x1510 [ 181.185936][ T7664] ? current_check_access_path+0x33b/0x460 [ 181.185971][ T7664] ? __pfx_current_check_access_path+0x10/0x10 [ 181.186016][ T7664] tomoyo_path_mknod+0x10c/0x190 [ 181.186040][ T7664] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 181.186066][ T7664] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 181.186112][ T7664] security_path_mknod+0x161/0x310 [ 181.186144][ T7664] lookup_open.isra.0+0xc10/0x1780 [ 181.186187][ T7664] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 181.186225][ T7664] ? find_held_lock+0x2b/0x80 [ 181.186273][ T7664] ? __pfx_down_write+0x10/0x10 [ 181.186310][ T7664] path_openat+0xa95/0x3140 [ 181.186359][ T7664] ? __pfx_path_openat+0x10/0x10 [ 181.186411][ T7664] do_filp_open+0x20b/0x470 [ 181.186448][ T7664] ? __pfx_do_filp_open+0x10/0x10 [ 181.186508][ T7664] ? alloc_fd+0x471/0x7d0 [ 181.186553][ T7664] do_sys_openat2+0x121/0x290 [ 181.186582][ T7664] ? __pfx_do_sys_openat2+0x10/0x10 [ 181.186623][ T7664] __x64_sys_openat+0x174/0x210 [ 181.186651][ T7664] ? __pfx___x64_sys_openat+0x10/0x10 [ 181.186692][ T7664] do_syscall_64+0xcd/0xf80 [ 181.186712][ T7664] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.186734][ T7664] RIP: 0033:0x7fe49038f7c9 [ 181.186752][ T7664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.186775][ T7664] RSP: 002b:00007fe48e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 181.186797][ T7664] RAX: ffffffffffffffda RBX: 00007fe4905e5fa0 RCX: 00007fe49038f7c9 [ 181.186811][ T7664] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 181.186824][ T7664] RBP: 00007fe490413f91 R08: 0000000000000000 R09: 0000000000000000 [ 181.186836][ T7664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 181.186848][ T7664] R13: 00007fe4905e6038 R14: 00007fe4905e5fa0 R15: 00007ffdf3b8adc8 [ 181.186879][ T7664] [ 181.537018][ T7664] ERROR: Out of memory at tomoyo_realpath_from_path. [ 182.324096][ T7673] tipc: Withdrawal distribution failure [ 182.594574][ T7676] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 182.608110][ T7676] File: /dev/nullb0 PID: 7676 Comm: syz.0.487 [ 186.255243][ T7752] netlink: 4 bytes leftover after parsing attributes in process `syz.1.501'. [ 186.323473][ T7753] netlink: 25 bytes leftover after parsing attributes in process `syz.1.501'. [ 188.442866][ T7776] netlink: 4 bytes leftover after parsing attributes in process `syz.2.509'. [ 188.453863][ T7776] netlink: 25 bytes leftover after parsing attributes in process `syz.2.509'. [ 190.957585][ T7814] netlink: 25 bytes leftover after parsing attributes in process `syz.0.517'. [ 191.188491][ T7818] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 191.297631][ T7818] dyndbg: expected <4096 bytes into control [ 191.321410][ T7818] dyndbg: bad flag-op /, at start of /%*^[ [ 191.343537][ T7818] dyndbg: flags parse failed [ 192.876913][ T7853] netlink: 'syz.2.528': attribute type 1 has an invalid length. [ 193.114881][ T7856] netlink: 4 bytes leftover after parsing attributes in process `syz.1.530'. [ 193.188567][ T7860] netlink: 4 bytes leftover after parsing attributes in process `syz.2.531'. [ 193.199470][ T7860] netlink: 'syz.2.531': attribute type 1 has an invalid length. [ 193.201906][ T7856] netlink: 25 bytes leftover after parsing attributes in process `syz.1.530'. [ 193.207260][ T7860] netlink: 13 bytes leftover after parsing attributes in process `syz.2.531'. [ 194.344232][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.350668][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.405239][ T7887] FAULT_INJECTION: forcing a failure. [ 195.405239][ T7887] name failslab, interval 1, probability 0, space 0, times 0 [ 195.456907][ T7887] CPU: 1 UID: 0 PID: 7887 Comm: syz.2.539 Tainted: G L syzkaller #0 PREEMPT(full) [ 195.456948][ T7887] Tainted: [L]=SOFTLOCKUP [ 195.456956][ T7887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 195.456969][ T7887] Call Trace: [ 195.456976][ T7887] [ 195.456991][ T7887] dump_stack_lvl+0x16c/0x1f0 [ 195.457038][ T7887] should_fail_ex+0x512/0x640 [ 195.457065][ T7887] ? __kmalloc_noprof+0xca/0x910 [ 195.457092][ T7887] should_failslab+0xc2/0x120 [ 195.457123][ T7887] __kmalloc_noprof+0xeb/0x910 [ 195.457147][ T7887] ? sk_prot_alloc+0x1a8/0x2a0 [ 195.457173][ T7887] ? sk_prot_alloc+0x1a8/0x2a0 [ 195.457188][ T7887] sk_prot_alloc+0x1a8/0x2a0 [ 195.457202][ T7887] sk_alloc+0x36/0xe30 [ 195.457226][ T7887] pptp_create+0x32/0x340 [ 195.457247][ T7887] pppox_create+0x15c/0x2c0 [ 195.457267][ T7887] __sock_create+0x339/0x8a0 [ 195.457286][ T7887] __sys_socket+0x14d/0x260 [ 195.457300][ T7887] ? __pfx___sys_socket+0x10/0x10 [ 195.457314][ T7887] ? xfd_validate_state+0x61/0x180 [ 195.457331][ T7887] __x64_sys_socket+0x72/0xb0 [ 195.457344][ T7887] ? lockdep_hardirqs_on+0x7c/0x110 [ 195.457364][ T7887] do_syscall_64+0xcd/0xf80 [ 195.457378][ T7887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.457392][ T7887] RIP: 0033:0x7fe49038f7c9 [ 195.457404][ T7887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.457417][ T7887] RSP: 002b:00007fe48e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 195.457429][ T7887] RAX: ffffffffffffffda RBX: 00007fe4905e5fa0 RCX: 00007fe49038f7c9 [ 195.457438][ T7887] RDX: 0000000000000002 RSI: 0000000000000005 RDI: 0000000000000018 [ 195.457445][ T7887] RBP: 00007fe490413f91 R08: 0000000000000000 R09: 0000000000000000 [ 195.457453][ T7887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 195.457461][ T7887] R13: 00007fe4905e6038 R14: 00007fe4905e5fa0 R15: 00007ffdf3b8adc8 [ 195.457481][ T7887] [ 196.277334][ T7893] random: crng reseeded on system resumption [ 196.292518][ T7894] sg_write: data in/out 262169/4198358 bytes for SCSI command 0x0-- guessing data in; [ 196.292518][ T7894] program syz.1.542 not setting count and/or reply_len properly [ 196.312400][ T7894] program syz.1.542 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 197.225953][ T7918] FAULT_INJECTION: forcing a failure. [ 197.225953][ T7918] name failslab, interval 1, probability 0, space 0, times 0 [ 197.301498][ T7918] CPU: 1 UID: 0 PID: 7918 Comm: syz.1.548 Tainted: G L syzkaller #0 PREEMPT(full) [ 197.301523][ T7918] Tainted: [L]=SOFTLOCKUP [ 197.301528][ T7918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 197.301536][ T7918] Call Trace: [ 197.301541][ T7918] [ 197.301547][ T7918] dump_stack_lvl+0x16c/0x1f0 [ 197.301573][ T7918] should_fail_ex+0x512/0x640 [ 197.301588][ T7918] ? __kvmalloc_node_noprof+0x129/0xa40 [ 197.301609][ T7918] should_failslab+0xc2/0x120 [ 197.301631][ T7918] __kvmalloc_node_noprof+0x14a/0xa40 [ 197.301651][ T7918] ? alloc_netdev_mqs+0xf8a/0x1550 [ 197.301674][ T7918] ? alloc_netdev_mqs+0xf8a/0x1550 [ 197.301692][ T7918] alloc_netdev_mqs+0xf8a/0x1550 [ 197.301713][ T7918] ? __pfx_loopback_net_init+0x10/0x10 [ 197.301735][ T7918] loopback_net_init+0x38/0x170 [ 197.301752][ T7918] ? __pfx_loopback_net_init+0x10/0x10 [ 197.301767][ T7918] ops_init+0x1e2/0x5f0 [ 197.301789][ T7918] setup_net+0x11d/0x3a0 [ 197.301808][ T7918] ? __pfx_setup_net+0x10/0x10 [ 197.301825][ T7918] ? lockdep_init_map_type+0x5c/0x270 [ 197.301839][ T7918] ? mutex_init_lockep+0x110/0x150 [ 197.301855][ T7918] copy_net_ns+0x351/0x7c0 [ 197.301868][ T7918] create_new_namespaces+0x3ea/0xab0 [ 197.301890][ T7918] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 197.301909][ T7918] ksys_unshare+0x45b/0xa40 [ 197.301922][ T7918] ? __pfx_ksys_unshare+0x10/0x10 [ 197.301942][ T7918] ? xfd_validate_state+0x61/0x180 [ 197.301960][ T7918] __x64_sys_unshare+0x31/0x40 [ 197.301971][ T7918] do_syscall_64+0xcd/0xf80 [ 197.301986][ T7918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.302000][ T7918] RIP: 0033:0x7f60cb18f7c9 [ 197.302011][ T7918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 197.302023][ T7918] RSP: 002b:00007f60cc019038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 197.302037][ T7918] RAX: ffffffffffffffda RBX: 00007f60cb3e5fa0 RCX: 00007f60cb18f7c9 [ 197.302046][ T7918] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 197.302053][ T7918] RBP: 00007f60cb213f91 R08: 0000000000000000 R09: 0000000000000000 [ 197.302061][ T7918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 197.302078][ T7918] R13: 00007f60cb3e6038 R14: 00007f60cb3e5fa0 R15: 00007ffd11e6c068 [ 197.302098][ T7918] [ 197.970415][ T7926] FAULT_INJECTION: forcing a failure. [ 197.970415][ T7926] name failslab, interval 1, probability 0, space 0, times 0 [ 197.997133][ T7926] CPU: 1 UID: 0 PID: 7926 Comm: syz.3.551 Tainted: G L syzkaller #0 PREEMPT(full) [ 197.997173][ T7926] Tainted: [L]=SOFTLOCKUP [ 197.997182][ T7926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 197.997196][ T7926] Call Trace: [ 197.997204][ T7926] [ 197.997215][ T7926] dump_stack_lvl+0x16c/0x1f0 [ 197.997260][ T7926] should_fail_ex+0x512/0x640 [ 197.997288][ T7926] ? kmem_cache_alloc_noprof+0x62/0x770 [ 197.997324][ T7926] should_failslab+0xc2/0x120 [ 197.997376][ T7926] kmem_cache_alloc_noprof+0x83/0x770 [ 197.997406][ T7926] ? __kernfs_new_node+0xd2/0x9b0 [ 197.997440][ T7926] ? __kernfs_new_node+0xd2/0x9b0 [ 197.997465][ T7926] __kernfs_new_node+0xd2/0x9b0 [ 197.997497][ T7926] ? __pfx___kernfs_new_node+0x10/0x10 [ 197.997535][ T7926] ? find_held_lock+0x2b/0x80 [ 197.997567][ T7926] ? kernfs_root+0xee/0x2a0 [ 197.997603][ T7926] kernfs_new_node+0x13c/0x1e0 [ 197.997641][ T7926] __kernfs_create_file+0x53/0x350 [ 197.997681][ T7926] sysfs_add_file_mode_ns+0x207/0x3c0 [ 197.997716][ T7926] internal_create_group+0x597/0xf70 [ 197.997755][ T7926] ? __pfx_internal_create_group+0x10/0x10 [ 197.997791][ T7926] ? kernfs_create_link+0x1bd/0x240 [ 197.997819][ T7926] internal_create_groups+0x9d/0x150 [ 197.997851][ T7926] device_add+0x6f7/0x1980 [ 197.997883][ T7926] ? __pfx_device_add+0x10/0x10 [ 197.997914][ T7926] ? lockdep_init_map_type+0x5c/0x270 [ 197.997937][ T7926] ? __init_waitqueue_head+0xca/0x150 [ 197.997991][ T7926] netdev_register_kobject+0x1a9/0x3d0 [ 197.998030][ T7926] register_netdevice+0x13c1/0x21e0 [ 197.998076][ T7926] ? __pfx_register_netdevice+0x10/0x10 [ 197.998124][ T7926] register_netdev+0x34/0x50 [ 197.998156][ T7926] mkiss_open+0x4cd/0x9a0 [ 197.998184][ T7926] ? __pfx_mkiss_open+0x10/0x10 [ 197.998214][ T7926] tty_ldisc_open+0x9f/0x120 [ 197.998246][ T7926] tty_set_ldisc+0x32b/0x780 [ 197.998282][ T7926] tty_ioctl+0xc2d/0x1650 [ 197.998317][ T7926] ? __pfx_tty_ioctl+0x10/0x10 [ 197.998363][ T7926] ? do_raw_spin_unlock+0x172/0x230 [ 197.998390][ T7926] ? hook_file_ioctl_common+0x144/0x410 [ 197.998427][ T7926] ? __x64_sys_openat+0x174/0x210 [ 197.998457][ T7926] ? __pfx_tty_ioctl+0x10/0x10 [ 197.998488][ T7926] __x64_sys_ioctl+0x18e/0x210 [ 197.998519][ T7926] do_syscall_64+0xcd/0xf80 [ 197.998545][ T7926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.998570][ T7926] RIP: 0033:0x7f3a6a38f7c9 [ 197.998591][ T7926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 197.998613][ T7926] RSP: 002b:00007f3a6b163038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 197.998635][ T7926] RAX: ffffffffffffffda RBX: 00007f3a6a5e5fa0 RCX: 00007f3a6a38f7c9 [ 197.998651][ T7926] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000005 [ 197.998666][ T7926] RBP: 00007f3a6a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 197.998680][ T7926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 197.998693][ T7926] R13: 00007f3a6a5e6038 R14: 00007f3a6a5e5fa0 R15: 00007ffd9b927ec8 [ 197.998730][ T7926] [ 200.516624][ T7979] netlink: 28 bytes leftover after parsing attributes in process `syz.3.566'. [ 200.791473][ T7979] team0 (unregistering): Port device team_slave_0 removed [ 200.821987][ T7979] team0 (unregistering): Port device team_slave_1 removed [ 201.854373][ T7990] FAULT_INJECTION: forcing a failure. [ 201.854373][ T7990] name failslab, interval 1, probability 0, space 0, times 0 [ 201.907038][ T7990] CPU: 1 UID: 0 PID: 7990 Comm: syz.0.569 Tainted: G L syzkaller #0 PREEMPT(full) [ 201.907078][ T7990] Tainted: [L]=SOFTLOCKUP [ 201.907087][ T7990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 201.907101][ T7990] Call Trace: [ 201.907110][ T7990] [ 201.907119][ T7990] dump_stack_lvl+0x16c/0x1f0 [ 201.907163][ T7990] should_fail_ex+0x512/0x640 [ 201.907191][ T7990] ? kmem_cache_alloc_noprof+0x62/0x770 [ 201.907224][ T7990] should_failslab+0xc2/0x120 [ 201.907260][ T7990] kmem_cache_alloc_noprof+0x83/0x770 [ 201.907285][ T7990] ? vm_area_dup+0x27/0x8d0 [ 201.907315][ T7990] ? vm_area_dup+0x27/0x8d0 [ 201.907336][ T7990] vm_area_dup+0x27/0x8d0 [ 201.907359][ T7990] dup_mmap+0x6a4/0x20e0 [ 201.907391][ T7990] ? __pfx_dup_mmap+0x10/0x10 [ 201.907440][ T7990] copy_process+0x3b9f/0x7430 [ 201.907477][ T7990] ? __pfx___futex_wait+0x10/0x10 [ 201.907509][ T7990] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 201.907557][ T7990] ? __pfx_copy_process+0x10/0x10 [ 201.907590][ T7990] ? find_held_lock+0x2b/0x80 [ 201.907626][ T7990] ? futex_private_hash_put+0x160/0x1b0 [ 201.907657][ T7990] kernel_clone+0xfc/0x910 [ 201.907691][ T7990] ? __pfx_kernel_clone+0x10/0x10 [ 201.907747][ T7990] __do_sys_clone+0xce/0x120 [ 201.907786][ T7990] ? __pfx___do_sys_clone+0x10/0x10 [ 201.907835][ T7990] ? xfd_validate_state+0x61/0x180 [ 201.907855][ T7990] ? __pfx_do_writev+0x10/0x10 [ 201.907897][ T7990] do_syscall_64+0xcd/0xf80 [ 201.907923][ T7990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.907947][ T7990] RIP: 0033:0x7f26bdf8f7c9 [ 201.907964][ T7990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.907985][ T7990] RSP: 002b:00007f26bed3dfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 201.908009][ T7990] RAX: ffffffffffffffda RBX: 00007f26be1e5fa0 RCX: 00007f26bdf8f7c9 [ 201.908025][ T7990] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 201.908039][ T7990] RBP: 00007f26be013f91 R08: 0000000000000000 R09: 0000000000000000 [ 201.908053][ T7990] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 201.908065][ T7990] R13: 00007f26be1e6038 R14: 00007f26be1e5fa0 R15: 00007ffdb819a3f8 [ 201.908102][ T7990] [ 202.479018][ T7946] delete_channel: no stack [ 205.645124][ T8056] FAULT_INJECTION: forcing a failure. [ 205.645124][ T8056] name failslab, interval 1, probability 0, space 0, times 0 [ 205.658983][ T8056] CPU: 1 UID: 0 PID: 8056 Comm: syz.2.586 Tainted: G L syzkaller #0 PREEMPT(full) [ 205.659024][ T8056] Tainted: [L]=SOFTLOCKUP [ 205.659033][ T8056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 205.659048][ T8056] Call Trace: [ 205.659057][ T8056] [ 205.659067][ T8056] dump_stack_lvl+0x16c/0x1f0 [ 205.659114][ T8056] should_fail_ex+0x512/0x640 [ 205.659143][ T8056] ? kmem_cache_alloc_noprof+0x62/0x770 [ 205.659178][ T8056] should_failslab+0xc2/0x120 [ 205.659217][ T8056] kmem_cache_alloc_noprof+0x83/0x770 [ 205.659247][ T8056] ? __kernfs_new_node+0xd2/0x9b0 [ 205.659281][ T8056] ? __kernfs_new_node+0xd2/0x9b0 [ 205.659309][ T8056] __kernfs_new_node+0xd2/0x9b0 [ 205.659341][ T8056] ? __pfx___kernfs_new_node+0x10/0x10 [ 205.659383][ T8056] ? find_held_lock+0x2b/0x80 [ 205.659417][ T8056] ? kernfs_root+0xee/0x2a0 [ 205.659455][ T8056] kernfs_new_node+0x13c/0x1e0 [ 205.659494][ T8056] __kernfs_create_file+0x53/0x350 [ 205.659535][ T8056] sysfs_add_file_mode_ns+0x207/0x3c0 [ 205.659588][ T8056] internal_create_group+0x597/0xf70 [ 205.659626][ T8056] ? __pfx_internal_create_group+0x10/0x10 [ 205.659663][ T8056] ? kernfs_create_link+0x1bd/0x240 [ 205.659691][ T8056] internal_create_groups+0x9d/0x150 [ 205.659731][ T8056] device_add+0xf56/0x1980 [ 205.659772][ T8056] ? __pfx_device_add+0x10/0x10 [ 205.659809][ T8056] ? lockdep_init_map_type+0x5c/0x270 [ 205.659835][ T8056] ? __init_waitqueue_head+0xca/0x150 [ 205.659873][ T8056] netdev_register_kobject+0x1a9/0x3d0 [ 205.659904][ T8056] register_netdevice+0x13c1/0x21e0 [ 205.659948][ T8056] ? __pfx_register_netdevice+0x10/0x10 [ 205.659995][ T8056] __tun_chr_ioctl+0x1eb6/0x4880 [ 205.660023][ T8056] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 205.660058][ T8056] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 205.660090][ T8056] ? hook_file_ioctl_common+0x144/0x410 [ 205.660128][ T8056] ? __fget_files+0x20e/0x3c0 [ 205.660167][ T8056] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 205.660197][ T8056] __x64_sys_ioctl+0x18e/0x210 [ 205.660229][ T8056] do_syscall_64+0xcd/0xf80 [ 205.660255][ T8056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.660280][ T8056] RIP: 0033:0x7fe49038f7c9 [ 205.660301][ T8056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.660323][ T8056] RSP: 002b:00007fe48e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 205.660348][ T8056] RAX: ffffffffffffffda RBX: 00007fe4905e5fa0 RCX: 00007fe49038f7c9 [ 205.660365][ T8056] RDX: 0000000000000038 RSI: 00000000400454ca RDI: 0000000000000005 [ 205.660380][ T8056] RBP: 00007fe490413f91 R08: 0000000000000000 R09: 0000000000000000 [ 205.660395][ T8056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 205.660410][ T8056] R13: 00007fe4905e6038 R14: 00007fe4905e5fa0 R15: 00007ffdf3b8adc8 [ 205.660447][ T8056] [ 206.405819][ T8075] netlink: 252 bytes leftover after parsing attributes in process `syz.3.592'. [ 206.415762][ T8075] netlink: 252 bytes leftover after parsing attributes in process `syz.3.592'. [ 206.816016][ T8081] netlink: 350 bytes leftover after parsing attributes in process `syz.3.594'. [ 207.092986][ T5846] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 207.941985][ T8103] netlink: 12 bytes leftover after parsing attributes in process `syz.1.600'. [ 207.954913][ T8103] unsupported nlmsg_type 40 [ 208.041529][ T5846] Bluetooth: hci1: unexpected event 0x20 length: 123 > 7 [ 208.349553][ T8112] FAULT_INJECTION: forcing a failure. [ 208.349553][ T8112] name failslab, interval 1, probability 0, space 0, times 0 [ 208.386838][ T8112] CPU: 1 UID: 0 PID: 8112 Comm: syz.3.603 Tainted: G L syzkaller #0 PREEMPT(full) [ 208.386883][ T8112] Tainted: [L]=SOFTLOCKUP [ 208.386892][ T8112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 208.386907][ T8112] Call Trace: [ 208.386915][ T8112] [ 208.386926][ T8112] dump_stack_lvl+0x16c/0x1f0 [ 208.386971][ T8112] should_fail_ex+0x512/0x640 [ 208.386998][ T8112] ? __kmalloc_cache_noprof+0x5f/0x800 [ 208.387030][ T8112] should_failslab+0xc2/0x120 [ 208.387067][ T8112] __kmalloc_cache_noprof+0x80/0x800 [ 208.387093][ T8112] ? __lock_acquire+0x436/0x2890 [ 208.387116][ T8112] ? tty_open+0x13e/0xf90 [ 208.387143][ T8112] ? tty_open+0x13e/0xf90 [ 208.387162][ T8112] ? __pfx_tty_open+0x10/0x10 [ 208.387193][ T8112] tty_open+0x13e/0xf90 [ 208.387223][ T8112] ? __pfx_tty_open+0x10/0x10 [ 208.387257][ T8112] ? chrdev_open+0x10b/0x6a0 [ 208.387297][ T8112] ? __pfx_tty_open+0x10/0x10 [ 208.387340][ T8112] chrdev_open+0x234/0x6a0 [ 208.387376][ T8112] ? __pfx_apparmor_file_open+0x10/0x10 [ 208.387403][ T8112] ? __pfx_chrdev_open+0x10/0x10 [ 208.387441][ T8112] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 208.387484][ T8112] do_dentry_open+0x748/0x1590 [ 208.387516][ T8112] ? __pfx_chrdev_open+0x10/0x10 [ 208.387561][ T8112] vfs_open+0x82/0x3f0 [ 208.387588][ T8112] path_openat+0x2078/0x3140 [ 208.387634][ T8112] ? __pfx_path_openat+0x10/0x10 [ 208.387681][ T8112] do_filp_open+0x20b/0x470 [ 208.387717][ T8112] ? __pfx_do_filp_open+0x10/0x10 [ 208.387777][ T8112] ? alloc_fd+0x471/0x7d0 [ 208.387821][ T8112] do_sys_openat2+0x121/0x290 [ 208.387847][ T8112] ? __pfx_do_sys_openat2+0x10/0x10 [ 208.387888][ T8112] __x64_sys_openat+0x174/0x210 [ 208.387915][ T8112] ? __pfx___x64_sys_openat+0x10/0x10 [ 208.387955][ T8112] do_syscall_64+0xcd/0xf80 [ 208.387979][ T8112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.388002][ T8112] RIP: 0033:0x7f3a6a38f7c9 [ 208.388022][ T8112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.388044][ T8112] RSP: 002b:00007f3a6b163038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 208.388069][ T8112] RAX: ffffffffffffffda RBX: 00007f3a6a5e5fa0 RCX: 00007f3a6a38f7c9 [ 208.388086][ T8112] RDX: 0000000000000800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 208.388102][ T8112] RBP: 00007f3a6a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 208.388117][ T8112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 208.388131][ T8112] R13: 00007f3a6a5e6038 R14: 00007f3a6a5e5fa0 R15: 00007ffd9b927ec8 [ 208.388163][ T8112] [ 210.304344][ T8116] kexec: Could not allocate control_code_buffer [ 210.322234][ T8141] netlink: 'syz.0.612': attribute type 29 has an invalid length. [ 210.330034][ T8141] netlink: 'syz.0.612': attribute type 30 has an invalid length. [ 210.356994][ T8141] netlink: 'syz.0.612': attribute type 31 has an invalid length. [ 210.372185][ T8141] netlink: 'syz.0.612': attribute type 32 has an invalid length. [ 210.390598][ T8141] netlink: 'syz.0.612': attribute type 33 has an invalid length. [ 210.414008][ T8141] netlink: 'syz.0.612': attribute type 35 has an invalid length. [ 210.432318][ T8141] netlink: 'syz.0.612': attribute type 37 has an invalid length. [ 210.447800][ T8141] netlink: 18 bytes leftover after parsing attributes in process `syz.0.612'. [ 210.515373][ T8143] netlink: 354 bytes leftover after parsing attributes in process `syz.3.613'. [ 210.844938][ T8154] netlink: 314 bytes leftover after parsing attributes in process `syz.3.617'. [ 213.052052][ T8197] FAULT_INJECTION: forcing a failure. [ 213.052052][ T8197] name failslab, interval 1, probability 0, space 0, times 0 [ 213.126852][ T8197] CPU: 1 UID: 0 PID: 8197 Comm: syz.2.626 Tainted: G L syzkaller #0 PREEMPT(full) [ 213.126894][ T8197] Tainted: [L]=SOFTLOCKUP [ 213.126903][ T8197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 213.126917][ T8197] Call Trace: [ 213.126925][ T8197] [ 213.126943][ T8197] dump_stack_lvl+0x16c/0x1f0 [ 213.126989][ T8197] should_fail_ex+0x512/0x640 [ 213.127016][ T8197] ? kmem_cache_alloc_noprof+0x62/0x770 [ 213.127051][ T8197] should_failslab+0xc2/0x120 [ 213.127090][ T8197] kmem_cache_alloc_noprof+0x83/0x770 [ 213.127119][ T8197] ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10 [ 213.127150][ T8197] ? acpi_ut_create_thread_state+0x6d/0x170 [ 213.127186][ T8197] ? acpi_ut_create_thread_state+0x6d/0x170 [ 213.127213][ T8197] acpi_ut_create_thread_state+0x6d/0x170 [ 213.127244][ T8197] acpi_ps_parse_aml+0x12e/0x1170 [ 213.127271][ T8197] ? acpi_ut_ptr_exit+0xfe/0x180 [ 213.127308][ T8197] acpi_ps_execute_method+0x5c4/0xe90 [ 213.127349][ T8197] acpi_ns_evaluate+0x98c/0x16d0 [ 213.127391][ T8197] acpi_evaluate_object+0x4ca/0xdf0 [ 213.127419][ T8197] ? ksys_read+0x12a/0x250 [ 213.127457][ T8197] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 213.127488][ T8197] ? __pfx___might_resched+0x10/0x10 [ 213.127526][ T8197] acpi_evaluate_integer+0xdd/0x230 [ 213.127563][ T8197] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 213.127616][ T8197] ? __pfx_status_show+0x10/0x10 [ 213.127641][ T8197] status_show+0xa0/0x120 [ 213.127668][ T8197] ? __pfx_status_show+0x10/0x10 [ 213.127703][ T8197] dev_attr_show+0x56/0xe0 [ 213.127739][ T8197] ? __pfx_dev_attr_show+0x10/0x10 [ 213.127770][ T8197] sysfs_kf_seq_show+0x216/0x3e0 [ 213.127803][ T8197] seq_read_iter+0x50e/0x12d0 [ 213.127852][ T8197] kernfs_fop_read_iter+0x46c/0x610 [ 213.127890][ T8197] ? rw_verify_area+0xcf/0x6c0 [ 213.127923][ T8197] vfs_read+0x8bf/0xcf0 [ 213.127973][ T8197] ? __pfx_vfs_read+0x10/0x10 [ 213.128034][ T8197] ksys_read+0x12a/0x250 [ 213.128067][ T8197] ? __pfx_ksys_read+0x10/0x10 [ 213.128112][ T8197] do_syscall_64+0xcd/0xf80 [ 213.128139][ T8197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.128163][ T8197] RIP: 0033:0x7fe49038f7c9 [ 213.128184][ T8197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.128208][ T8197] RSP: 002b:00007fe48e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 213.128232][ T8197] RAX: ffffffffffffffda RBX: 00007fe4905e5fa0 RCX: 00007fe49038f7c9 [ 213.128249][ T8197] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 213.128264][ T8197] RBP: 00007fe490413f91 R08: 0000000000000000 R09: 0000000000000000 [ 213.128279][ T8197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 213.128293][ T8197] R13: 00007fe4905e6038 R14: 00007fe4905e5fa0 R15: 00007ffdf3b8adc8 [ 213.128329][ T8197] [ 213.128517][ T8197] ACPI Error: ffff88807c93d000 walk still has a scope list (20250807/dswstate-694) [ 213.621983][ T8201] random: crng reseeded on system resumption [ 213.751273][ T5846] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 214.666623][ T8191] kexec: Could not allocate control_code_buffer [ 215.323258][ T8228] netlink: 186 bytes leftover after parsing attributes in process `syz.3.634'. [ 215.960265][ T8242] vhci_hcd vhci_hcd.2: invalid port number 16 [ 215.984528][ T8242] vhci_hcd vhci_hcd.2: invalid port number 16 [ 217.731603][ T8258] netlink: 'syz.0.650': attribute type 4 has an invalid length. [ 217.749876][ T8258] netlink: 'syz.0.650': attribute type 5 has an invalid length. [ 217.767248][ T8258] netlink: 10 bytes leftover after parsing attributes in process `syz.0.650'. [ 219.520367][ T8257] kexec: Could not allocate control_code_buffer [ 219.738460][ T8287] netlink: 28 bytes leftover after parsing attributes in process `syz.3.649'. [ 220.448524][ T30] audit: type=1800 audit(1768756225.035:4): pid=8297 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.653" name="lu_gp_id" dev="configfs" ino=20696 res=0 errno=0 [ 221.334581][ T8323] FAULT_INJECTION: forcing a failure. [ 221.334581][ T8323] name failslab, interval 1, probability 0, space 0, times 0 [ 221.450078][ T8323] CPU: 0 UID: 0 PID: 8323 Comm: syz.1.658 Tainted: G L syzkaller #0 PREEMPT(full) [ 221.450104][ T8323] Tainted: [L]=SOFTLOCKUP [ 221.450108][ T8323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 221.450117][ T8323] Call Trace: [ 221.450122][ T8323] [ 221.450128][ T8323] dump_stack_lvl+0x16c/0x1f0 [ 221.450156][ T8323] should_fail_ex+0x512/0x640 [ 221.450172][ T8323] ? __kmalloc_cache_noprof+0x5f/0x800 [ 221.450200][ T8323] should_failslab+0xc2/0x120 [ 221.450230][ T8323] __kmalloc_cache_noprof+0x80/0x800 [ 221.450259][ T8323] ? drm_atomic_helper_setup_commit+0x63a/0x15d0 [ 221.450290][ T8323] ? drm_atomic_helper_setup_commit+0x63a/0x15d0 [ 221.450306][ T8323] ? __pfx___drm_dev_dbg+0x10/0x10 [ 221.450326][ T8323] drm_atomic_helper_setup_commit+0x63a/0x15d0 [ 221.450354][ T8323] drm_atomic_helper_commit+0xa9/0x380 [ 221.450372][ T8323] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 221.450389][ T8323] drm_atomic_commit+0x234/0x300 [ 221.450405][ T8323] ? __pfx_drm_atomic_commit+0x10/0x10 [ 221.450419][ T8323] ? __pfx___drm_printfn_info+0x10/0x10 [ 221.450441][ T8323] ? drm_client_rotation+0x4da/0x6a0 [ 221.450461][ T8323] drm_client_modeset_commit_atomic+0x69d/0x7e0 [ 221.450483][ T8323] ? __mutex_lock+0x27b/0x1ca0 [ 221.450497][ T8323] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 221.450513][ T8323] ? trace_contention_end+0xdd/0x110 [ 221.450547][ T8323] drm_client_modeset_commit_locked+0x14d/0x580 [ 221.450568][ T8323] drm_client_modeset_commit+0x4f/0x80 [ 221.450586][ T8323] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 221.450613][ T8323] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 221.450633][ T8323] drm_fbdev_client_restore+0x1b/0x30 [ 221.450648][ T8323] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 221.450664][ T8323] drm_client_dev_restore+0x200/0x2a0 [ 221.450700][ T8323] drm_release+0x2c6/0x360 [ 221.450727][ T8323] ? __pfx_drm_release+0x10/0x10 [ 221.450752][ T8323] __fput+0x402/0xb70 [ 221.450773][ T8323] task_work_run+0x150/0x240 [ 221.450789][ T8323] ? __pfx_task_work_run+0x10/0x10 [ 221.450802][ T8323] ? __do_sys_close_range+0x278/0x730 [ 221.450827][ T8323] exit_to_user_mode_loop+0xfb/0x540 [ 221.450846][ T8323] do_syscall_64+0x4ee/0xf80 [ 221.450860][ T8323] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.450874][ T8323] RIP: 0033:0x7f60cb18f7c9 [ 221.450887][ T8323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.450901][ T8323] RSP: 002b:00007f60cc019038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 221.450914][ T8323] RAX: 0000000000000000 RBX: 00007f60cb3e5fa0 RCX: 00007f60cb18f7c9 [ 221.450922][ T8323] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 221.450929][ T8323] RBP: 00007f60cb213f91 R08: 0000000000000000 R09: 0000000000000000 [ 221.450937][ T8323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.450944][ T8323] R13: 00007f60cb3e6038 R14: 00007f60cb3e5fa0 R15: 00007ffd11e6c068 [ 221.450965][ T8323] [ 222.511951][ T8335] netlink: 29 bytes leftover after parsing attributes in process `syz.3.661'. [ 222.525756][ T5846] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 223.231050][ T8341] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 223.318109][ T8346] __vm_enough_memory: pid: 8346, comm: syz.2.664, bytes: 4398046511104 not enough memory for the allocation [ 223.723044][ T8331] kexec: Could not allocate control_code_buffer [ 224.366045][ T8370] netlink: 86 bytes leftover after parsing attributes in process `syz.2.671'. [ 224.678065][ T8379] netlink: 9 bytes leftover after parsing attributes in process `syz.3.674'. [ 227.027258][ T8387] kexec: Could not allocate control_code_buffer [ 227.683037][ T8413] FAULT_INJECTION: forcing a failure. [ 227.683037][ T8413] name failslab, interval 1, probability 0, space 0, times 0 [ 227.695884][ T8413] CPU: 1 UID: 0 PID: 8413 Comm: syz.3.682 Tainted: G L syzkaller #0 PREEMPT(full) [ 227.695908][ T8413] Tainted: [L]=SOFTLOCKUP [ 227.695912][ T8413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 227.695921][ T8413] Call Trace: [ 227.695926][ T8413] [ 227.695933][ T8413] dump_stack_lvl+0x16c/0x1f0 [ 227.695985][ T8413] should_fail_ex+0x512/0x640 [ 227.696003][ T8413] ? __kvmalloc_node_noprof+0x129/0xa40 [ 227.696024][ T8413] should_failslab+0xc2/0x120 [ 227.696045][ T8413] __kvmalloc_node_noprof+0x14a/0xa40 [ 227.696064][ T8413] ? __pfx___debug_object_init+0x10/0x10 [ 227.696084][ T8413] ? bucket_table_alloc.isra.0+0x88/0x460 [ 227.696102][ T8413] ? bucket_table_alloc.isra.0+0x88/0x460 [ 227.696114][ T8413] bucket_table_alloc.isra.0+0x88/0x460 [ 227.696128][ T8413] rhashtable_init_noprof+0x41a/0x7e0 [ 227.696141][ T8413] ? __init_waitqueue_head+0xca/0x150 [ 227.696158][ T8413] rhltable_init_noprof+0x20/0x60 [ 227.696172][ T8413] sta_info_init+0x27/0x160 [ 227.696192][ T8413] ieee80211_alloc_hw_nm+0x87b/0x22b0 [ 227.696208][ T8413] ? __local_bh_enable_ip+0xa4/0x120 [ 227.696229][ T8413] mac80211_hwsim_new_radio+0x1d3/0x5150 [ 227.696254][ T8413] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 227.696275][ T8413] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 227.696297][ T8413] hwsim_new_radio_nl+0xba2/0x1330 [ 227.696315][ T8413] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 227.696337][ T8413] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 227.696352][ T8413] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 227.696370][ T8413] genl_family_rcv_msg_doit+0x209/0x2f0 [ 227.696386][ T8413] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 227.696400][ T8413] ? genl_get_cmd+0x194/0x580 [ 227.696416][ T8413] ? bpf_lsm_capable+0x9/0x10 [ 227.696432][ T8413] ? security_capable+0x7e/0x260 [ 227.696446][ T8413] ? ns_capable+0xd7/0x110 [ 227.696464][ T8413] genl_rcv_msg+0x55c/0x800 [ 227.696480][ T8413] ? __pfx_genl_rcv_msg+0x10/0x10 [ 227.696494][ T8413] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 227.696516][ T8413] netlink_rcv_skb+0x158/0x420 [ 227.696536][ T8413] ? __pfx_genl_rcv_msg+0x10/0x10 [ 227.696551][ T8413] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 227.696578][ T8413] ? netlink_deliver_tap+0x1ae/0xd30 [ 227.696599][ T8413] genl_rcv+0x28/0x40 [ 227.696610][ T8413] netlink_unicast+0x5aa/0x870 [ 227.696632][ T8413] ? __pfx_netlink_unicast+0x10/0x10 [ 227.696659][ T8413] netlink_sendmsg+0x8c8/0xdd0 [ 227.696700][ T8413] ? __pfx_netlink_sendmsg+0x10/0x10 [ 227.696732][ T8413] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 227.696760][ T8413] ____sys_sendmsg+0xa5d/0xc30 [ 227.696782][ T8413] ? copy_msghdr_from_user+0x10a/0x160 [ 227.696808][ T8413] ? __pfx_____sys_sendmsg+0x10/0x10 [ 227.696837][ T8413] ? __pfx_futex_wake_mark+0x10/0x10 [ 227.696870][ T8413] ___sys_sendmsg+0x134/0x1d0 [ 227.696900][ T8413] ? __pfx____sys_sendmsg+0x10/0x10 [ 227.696927][ T8413] ? futex_private_hash_put+0x160/0x1b0 [ 227.696998][ T8413] __sys_sendmsg+0x16d/0x220 [ 227.697020][ T8413] ? __pfx___sys_sendmsg+0x10/0x10 [ 227.697038][ T8413] ? __x64_sys_futex+0x1e0/0x4c0 [ 227.697065][ T8413] do_syscall_64+0xcd/0xf80 [ 227.697080][ T8413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.697095][ T8413] RIP: 0033:0x7f3a6a38f7c9 [ 227.697108][ T8413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.697121][ T8413] RSP: 002b:00007f3a6b163038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 227.697135][ T8413] RAX: ffffffffffffffda RBX: 00007f3a6a5e5fa0 RCX: 00007f3a6a38f7c9 [ 227.697144][ T8413] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 227.697152][ T8413] RBP: 00007f3a6a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 227.697159][ T8413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.697167][ T8413] R13: 00007f3a6a5e6038 R14: 00007f3a6a5e5fa0 R15: 00007ffd9b927ec8 [ 227.697186][ T8413] [ 228.841754][ T8424] netlink: 62 bytes leftover after parsing attributes in process `syz.3.686'. [ 228.899844][ T8424] netlink: 62 bytes leftover after parsing attributes in process `syz.3.686'. [ 228.939434][ T8424] netlink: 62 bytes leftover after parsing attributes in process `syz.3.686'. [ 228.959106][ T8424] netlink: 62 bytes leftover after parsing attributes in process `syz.3.686'. [ 228.979007][ T8424] netlink: 62 bytes leftover after parsing attributes in process `syz.3.686'. [ 229.007607][ T8424] netlink: 62 bytes leftover after parsing attributes in process `syz.3.686'. [ 229.027249][ T8424] netlink: 62 bytes leftover after parsing attributes in process `syz.3.686'. [ 229.057206][ T8424] netlink: 62 bytes leftover after parsing attributes in process `syz.3.686'. [ 229.086322][ T8424] netlink: 62 bytes leftover after parsing attributes in process `syz.3.686'. [ 229.115468][ T8424] netlink: 62 bytes leftover after parsing attributes in process `syz.3.686'. [ 229.484328][ T8438] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 229.706612][ T8443] netlink: 'syz.3.692': attribute type 1 has an invalid length. [ 229.903382][ T5846] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 229.903479][ T5846] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 229.921477][ T5846] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 229.921524][ T5846] Bluetooth: hci2: adv larger than maximum supported [ 229.929843][ T5846] Bluetooth: hci2: adv larger than maximum supported [ 229.936535][ T5846] Bluetooth: hci2: Malformed LE Event: 0x0d [ 230.506890][ T8456] zswap: compressor not available [ 232.455287][ T5922] smpboot: CPU 1 is now offline [ 232.994180][ T8501] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 233.035252][ T8501] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 233.134571][ T8501] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 233.203933][ T8501] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 233.248086][ T8501] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 233.579124][ T8505] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 233.586717][ T18] ------------[ cut here ]------------ [ 233.587272][ T18] [ 233.587278][ T18] ====================================================== [ 233.587284][ T18] WARNING: possible circular locking dependency detected [ 233.587293][ T18] syzkaller #0 Tainted: G L [ 233.587302][ T18] ------------------------------------------------------ [ 233.587308][ T18] rcu_exp_gp_kthr/18 is trying to acquire lock: [ 233.587317][ T18] ffffffff8e2d6ac0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x61/0x80 [ 233.587358][ T18] [ 233.587358][ T18] but task is already holding lock: [ 233.587362][ T18] ffff8880b843add8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 233.587393][ T18] [ 233.587393][ T18] which lock already depends on the new lock. [ 233.587393][ T18] [ 233.587397][ T18] [ 233.587397][ T18] the existing dependency chain (in reverse order) is: [ 233.587400][ T18] [ 233.587400][ T18] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 233.587415][ T18] _raw_spin_lock_nested+0x31/0x40 [ 233.587435][ T18] raw_spin_rq_lock_nested+0x29/0x130 [ 233.587450][ T18] task_rq_lock+0xcf/0x490 [ 233.587465][ T18] cgroup_move_task+0x81/0x2a0 [ 233.587485][ T18] css_set_move_task+0x288/0x5f0 [ 233.587504][ T18] cgroup_post_fork+0x201/0x9e0 [ 233.587522][ T18] copy_process+0x56b6/0x7430 [ 233.587540][ T18] kernel_clone+0xfc/0x910 [ 233.587557][ T18] user_mode_thread+0xc8/0x110 [ 233.587574][ T18] rest_init+0x23/0x2b0 [ 233.587588][ T18] start_kernel+0x3ef/0x4d0 [ 233.587602][ T18] x86_64_start_reservations+0x18/0x30 [ 233.587617][ T18] x86_64_start_kernel+0x130/0x190 [ 233.587630][ T18] common_startup_64+0x13e/0x148 [ 233.587645][ T18] [ 233.587645][ T18] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 233.587660][ T18] _raw_spin_lock_irqsave+0x3a/0x60 [ 233.587678][ T18] try_to_wake_up+0xb7/0x1860 [ 233.587692][ T18] autoremove_wake_function+0x16/0x150 [ 233.587710][ T18] __wake_up_common+0x135/0x1f0 [ 233.587720][ T18] __wake_up+0x31/0x60 [ 233.587742][ T18] tty_port_default_wakeup+0x4d/0x60 [ 233.587763][ T18] serial8250_tx_chars+0x68e/0x860 [ 233.587782][ T18] serial8250_handle_irq+0x761/0xcb0 [ 233.587793][ T18] serial8250_default_handle_irq+0x9e/0x270 [ 233.587805][ T18] serial8250_interrupt+0xf8/0x1d0 [ 233.587818][ T18] __handle_irq_event_percpu+0x236/0x890 [ 233.587834][ T18] handle_irq_event+0xab/0x1e0 [ 233.587849][ T18] handle_edge_irq+0x3ca/0x9e0 [ 233.587863][ T18] __common_interrupt+0xd0/0x2f0 [ 233.587881][ T18] common_interrupt+0xba/0xe0 [ 233.587895][ T18] asm_common_interrupt+0x26/0x40 [ 233.587907][ T18] kasan_check_range+0x12/0x1b0 [ 233.587919][ T18] page_table_check_set+0x4ca/0xa40 [ 233.587936][ T18] __page_table_check_ptes_set+0x276/0x4e0 [ 233.587952][ T18] copy_page_range+0x2669/0x6780 [ 233.587964][ T18] dup_mmap+0xbea/0x20e0 [ 233.587973][ T18] copy_process+0x3b9f/0x7430 [ 233.587989][ T18] kernel_clone+0xfc/0x910 [ 233.588006][ T18] __do_sys_clone+0xce/0x120 [ 233.588022][ T18] do_syscall_64+0xcd/0xf80 [ 233.588033][ T18] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.588044][ T18] [ 233.588044][ T18] -> #2 (&tty->write_wait){-.-.}-{3:3}: [ 233.588059][ T18] _raw_spin_lock_irqsave+0x3a/0x60 [ 233.588076][ T18] __wake_up+0x1c/0x60 [ 233.588092][ T18] tty_port_default_wakeup+0x4d/0x60 [ 233.588111][ T18] serial8250_tx_chars+0x68e/0x860 [ 233.588129][ T18] serial8250_handle_irq+0x761/0xcb0 [ 233.588140][ T18] serial8250_default_handle_irq+0x9e/0x270 [ 233.588152][ T18] serial8250_interrupt+0xf8/0x1d0 [ 233.588165][ T18] __handle_irq_event_percpu+0x236/0x890 [ 233.588180][ T18] handle_irq_event+0xab/0x1e0 [ 233.588195][ T18] handle_edge_irq+0x3ca/0x9e0 [ 233.588209][ T18] __common_interrupt+0xd0/0x2f0 [ 233.588226][ T18] common_interrupt+0xba/0xe0 [ 233.588240][ T18] asm_common_interrupt+0x26/0x40 [ 233.588251][ T18] _raw_spin_unlock_irqrestore+0x31/0x80 [ 233.588268][ T18] uart_write+0x2a4/0xb30 [ 233.588286][ T18] n_tty_write+0x434/0x1280 [ 233.588298][ T18] file_tty_write.constprop.0+0x503/0x9b0 [ 233.588316][ T18] redirected_tty_write+0xd4/0x120 [ 233.588333][ T18] vfs_write+0x7d3/0x11d0 [ 233.588350][ T18] ksys_write+0x12a/0x250 [ 233.588366][ T18] do_syscall_64+0xcd/0xf80 [ 233.588376][ T18] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.588387][ T18] [ 233.588387][ T18] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 233.588403][ T18] _raw_spin_lock_irqsave+0x3a/0x60 [ 233.588420][ T18] serial8250_console_write+0x181/0x1890 [ 233.588432][ T18] console_flush_one_record+0x796/0xc60 [ 233.588447][ T18] console_unlock+0xef/0x240 [ 233.588461][ T18] vprintk_emit+0x407/0x6b0 [ 233.588478][ T18] _printk+0xc7/0x100 [ 233.588490][ T18] register_console+0x823/0x1210 [ 233.588505][ T18] univ8250_console_init+0x5f/0x90 [ 233.588522][ T18] console_init+0x152/0x600 [ 233.588536][ T18] start_kernel+0x298/0x4d0 [ 233.588549][ T18] x86_64_start_reservations+0x18/0x30 [ 233.588562][ T18] x86_64_start_kernel+0x130/0x190 [ 233.588576][ T18] common_startup_64+0x13e/0x148 [ 233.588589][ T18] [ 233.588589][ T18] -> #0 (console_owner){-.-.}-{0:0}: [ 233.588604][ T18] __lock_acquire+0x1669/0x2890 [ 233.588615][ T18] lock_acquire+0x179/0x330 [ 233.588624][ T18] console_lock_spinning_enable+0x72/0x80 [ 233.588639][ T18] console_flush_one_record+0x73f/0xc60 [ 233.588654][ T18] console_unlock+0xef/0x240 [ 233.588668][ T18] vprintk_emit+0x407/0x6b0 [ 233.588683][ T18] _printk+0xc7/0x100 [ 233.588694][ T18] __report_bug+0x3a6/0x520 [ 233.588710][ T18] report_bug+0xb2/0x220 [ 233.588730][ T18] handle_bug+0x127/0x260 [ 233.588742][ T18] exc_invalid_op+0x17/0x50 [ 233.588754][ T18] asm_exc_invalid_op+0x1a/0x20 [ 233.588764][ T18] update_rq_clock+0x34a/0xc70 [ 233.588780][ T18] __schedule+0x212d/0x6150 [ 233.588797][ T18] schedule+0xe7/0x3a0 [ 233.588812][ T18] schedule_timeout+0x123/0x290 [ 233.588827][ T18] __sync_rcu_exp_select_node_cpus+0x673/0xd50 [ 233.588847][ T18] sync_rcu_exp_select_cpus+0x3cb/0xab0 [ 233.588858][ T18] wait_rcu_exp_gp+0x2c/0x40 [ 233.588871][ T18] kthread_worker_fn+0x310/0xbf0 [ 233.588881][ T18] kthread+0x3c5/0x780 [ 233.588891][ T18] ret_from_fork+0x983/0xb10 [ 233.588902][ T18] ret_from_fork_asm+0x1a/0x30 [ 233.588920][ T18] [ 233.588920][ T18] other info that might help us debug this: [ 233.588920][ T18] [ 233.588924][ T18] Chain exists of: [ 233.588924][ T18] console_owner --> &p->pi_lock --> &rq->__lock [ 233.588924][ T18] [ 233.588941][ T18] Possible unsafe locking scenario: [ 233.588941][ T18] [ 233.588944][ T18] CPU0 CPU1 [ 233.588947][ T18] ---- ---- [ 233.588950][ T18] lock(&rq->__lock); [ 233.588957][ T18] lock(&p->pi_lock); [ 233.588965][ T18] lock(&rq->__lock); [ 233.588972][ T18] lock(console_owner); [ 233.588980][ T18] [ 233.588980][ T18] *** DEADLOCK *** [ 233.588980][ T18] [ 233.588982][ T18] 3 locks held by rcu_exp_gp_kthr/18: [ 233.588989][ T18] #0: ffff8880b843add8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 233.589021][ T18] #1: ffffffff8e3b6f00 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100 [ 233.589047][ T18] #2: ffffffff8e3b6f78 (console_srcu){....}-{0:0}, at: console_flush_one_record+0x103/0xc60 [ 233.589079][ T18] [ 233.589079][ T18] stack backtrace: [ 233.589088][ T18] CPU: 0 UID: 0 PID: 18 Comm: rcu_exp_gp_kthr Tainted: G L syzkaller #0 PREEMPT(full) [ 233.589105][ T18] Tainted: [L]=SOFTLOCKUP [ 233.589109][ T18] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 233.589117][ T18] Call Trace: [ 233.589122][ T18] [ 233.589127][ T18] dump_stack_lvl+0x116/0x1f0 [ 233.589148][ T18] print_circular_bug+0x275/0x340 [ 233.589168][ T18] check_noncircular+0x146/0x160 [ 233.589189][ T18] __lock_acquire+0x1669/0x2890 [ 233.589203][ T18] lock_acquire+0x179/0x330 [ 233.589214][ T18] ? console_lock_spinning_enable+0x61/0x80 [ 233.589231][ T18] ? console_lock_spinning_enable+0x4a/0x80 [ 233.589249][ T18] console_lock_spinning_enable+0x72/0x80 [ 233.589264][ T18] ? console_lock_spinning_enable+0x61/0x80 [ 233.589280][ T18] console_flush_one_record+0x73f/0xc60 [ 233.589299][ T18] ? __pfx_console_flush_one_record+0x10/0x10 [ 233.589316][ T18] ? __lock_acquire+0x436/0x2890 [ 233.589329][ T18] ? is_printk_cpu_sync_owner+0x32/0x40 [ 233.589370][ T18] console_unlock+0xef/0x240 [ 233.589386][ T18] ? __pfx_console_unlock+0x10/0x10 [ 233.589403][ T18] ? do_raw_spin_unlock+0x100/0x230 [ 233.589418][ T18] ? _printk+0xc7/0x100 [ 233.589430][ T18] ? __down_trylock_console_sem+0xb0/0x140 [ 233.589444][ T18] vprintk_emit+0x407/0x6b0 [ 233.589461][ T18] ? __pfx_vprintk_emit+0x10/0x10 [ 233.589480][ T18] ? kvm_sched_clock_read+0x11/0x20 [ 233.589500][ T18] ? sched_clock+0x38/0x60 [ 233.589519][ T18] _printk+0xc7/0x100 [ 233.589531][ T18] ? __pfx__printk+0x10/0x10 [ 233.589542][ T18] ? find_held_lock+0x2b/0x80 [ 233.589558][ T18] ? finish_task_switch.isra.0+0x202/0xbd0 [ 233.589576][ T18] ? rcu_is_watching+0x12/0xc0 [ 233.589593][ T18] ? __report_bug+0x396/0x520 [ 233.589610][ T18] ? __report_bug+0x385/0x520 [ 233.589627][ T18] __report_bug+0x3a6/0x520 [ 233.589644][ T18] ? update_rq_clock+0x34a/0xc70 [ 233.589661][ T18] ? __pfx___report_bug+0x10/0x10 [ 233.589680][ T18] ? rcu_is_watching+0x12/0xc0 [ 233.589698][ T18] ? update_rq_clock+0x34a/0xc70 [ 233.589716][ T18] report_bug+0xb2/0x220 [ 233.589737][ T18] ? update_rq_clock+0x34a/0xc70 [ 233.589753][ T18] handle_bug+0x127/0x260 [ 233.589767][ T18] exc_invalid_op+0x17/0x50 [ 233.589781][ T18] asm_exc_invalid_op+0x1a/0x20 [ 233.589792][ T18] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 233.589811][ T18] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 233.589824][ T18] RSP: 0018:ffffc900001779d0 EFLAGS: 00010046 [ 233.589834][ T18] RAX: 0000000000000000 RBX: ffff8880b853adc0 RCX: 0000000000000001 [ 233.589842][ T18] RDX: 0000000000000000 RSI: ffffffff8daa58ea RDI: ffffffff8bf2b400 [ 233.589850][ T18] RBP: 0000000000000001 R08: ffff8880b843b8c8 R09: fffffbfff2111fba [ 233.589858][ T18] R10: ffffffff9088fdd7 R11: 0000000000000001 R12: ffffffff90892e54 [ 233.589866][ T18] R13: ffffffff8dd66460 R14: ffff88802ed53d00 R15: ffff8880b853adc0 [ 233.589878][ T18] ? pick_task_fair+0x85/0x350 [ 233.589895][ T18] __schedule+0x212d/0x6150 [ 233.589931][ T18] ? __pfx___schedule+0x10/0x10 [ 233.589948][ T18] ? find_held_lock+0x2b/0x80 [ 233.589964][ T18] ? schedule+0x2d7/0x3a0 [ 233.589983][ T18] schedule+0xe7/0x3a0 [ 233.590000][ T18] schedule_timeout+0x123/0x290 [ 233.590017][ T18] ? __pfx_schedule_timeout+0x10/0x10 [ 233.590034][ T18] ? __pfx_process_timeout+0x10/0x10 [ 233.590054][ T18] ? rcu_is_watching+0x12/0xc0 [ 233.590071][ T18] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 233.590091][ T18] __sync_rcu_exp_select_node_cpus+0x673/0xd50 [ 233.590120][ T18] sync_rcu_exp_select_cpus+0x3cb/0xab0 [ 233.590133][ T18] ? rcu_is_watching+0x12/0xc0 [ 233.590151][ T18] wait_rcu_exp_gp+0x2c/0x40 [ 233.590165][ T18] kthread_worker_fn+0x310/0xbf0 [ 233.590184][ T18] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 233.590199][ T18] ? __pfx_kthread_worker_fn+0x10/0x10 [ 233.590211][ T18] kthread+0x3c5/0x780 [ 233.590222][ T18] ? __pfx_kthread+0x10/0x10 [ 233.590235][ T18] ? rcu_is_watching+0x12/0xc0 [ 233.590252][ T18] ? __pfx_kthread+0x10/0x10 [ 233.590264][ T18] ret_from_fork+0x983/0xb10 [ 233.590276][ T18] ? __pfx_ret_from_fork+0x10/0x10 [ 233.590289][ T18] ? __switch_to+0x7af/0x10d0 [ 233.590305][ T18] ? __pfx_kthread+0x10/0x10 [ 233.590317][ T18] ret_from_fork_asm+0x1a/0x30 [ 233.590339][ T18] [ 234.785621][ T18] WARNING: kernel/sched/sched.h:1549 at update_rq_clock+0x34a/0xc70, CPU#0: rcu_exp_gp_kthr/18 [ 234.795946][ T18] Modules linked in: [ 234.800008][ T18] CPU: 0 UID: 0 PID: 18 Comm: rcu_exp_gp_kthr Tainted: G L syzkaller #0 PREEMPT(full) [ 234.811103][ T18] Tainted: [L]=SOFTLOCKUP [ 234.815443][ T18] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 234.825572][ T18] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 234.831212][ T18] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 234.850821][ T18] RSP: 0018:ffffc900001779d0 EFLAGS: 00010046 [ 234.856876][ T18] RAX: 0000000000000000 RBX: ffff8880b853adc0 RCX: 0000000000000001 [ 234.864944][ T18] RDX: 0000000000000000 RSI: ffffffff8daa58ea RDI: ffffffff8bf2b400 [ 234.872906][ T18] RBP: 0000000000000001 R08: ffff8880b843b8c8 R09: fffffbfff2111fba [ 234.880866][ T18] R10: ffffffff9088fdd7 R11: 0000000000000001 R12: ffffffff90892e54 [ 234.888829][ T18] R13: ffffffff8dd66460 R14: ffff88802ed53d00 R15: ffff8880b853adc0 [ 234.896810][ T18] FS: 0000000000000000(0000) GS:ffff8881248f8000(0000) knlGS:0000000000000000 [ 234.905878][ T18] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.912541][ T18] CR2: 00007f26bdf26890 CR3: 0000000079106000 CR4: 00000000003526f0 [ 234.920523][ T18] Call Trace: [ 234.923791][ T18] [ 234.926740][ T18] ? pick_task_fair+0x85/0x350 [ 234.931505][ T18] __schedule+0x212d/0x6150 [ 234.936007][ T18] ? __pfx___schedule+0x10/0x10 [ 234.940856][ T18] ? find_held_lock+0x2b/0x80 [ 234.945523][ T18] ? schedule+0x2d7/0x3a0 [ 234.949849][ T18] schedule+0xe7/0x3a0 [ 234.953919][ T18] schedule_timeout+0x123/0x290 [ 234.958771][ T18] ? __pfx_schedule_timeout+0x10/0x10 [ 234.964136][ T18] ? __pfx_process_timeout+0x10/0x10 [ 234.969417][ T18] ? rcu_is_watching+0x12/0xc0 [ 234.974175][ T18] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 234.980063][ T18] __sync_rcu_exp_select_node_cpus+0x673/0xd50 [ 234.986307][ T18] sync_rcu_exp_select_cpus+0x3cb/0xab0 [ 234.991842][ T18] ? rcu_is_watching+0x12/0xc0 [ 234.996597][ T18] wait_rcu_exp_gp+0x2c/0x40 [ 235.001178][ T18] kthread_worker_fn+0x310/0xbf0 [ 235.006105][ T18] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 235.011393][ T18] ? __pfx_kthread_worker_fn+0x10/0x10 [ 235.016846][ T18] kthread+0x3c5/0x780 [ 235.020909][ T18] ? __pfx_kthread+0x10/0x10 [ 235.025554][ T18] ? rcu_is_watching+0x12/0xc0 [ 235.030308][ T18] ? __pfx_kthread+0x10/0x10 [ 235.034889][ T18] ret_from_fork+0x983/0xb10 [ 235.039467][ T18] ? __pfx_ret_from_fork+0x10/0x10 [ 235.044567][ T18] ? __switch_to+0x7af/0x10d0 [ 235.049235][ T18] ? __pfx_kthread+0x10/0x10 [ 235.053812][ T18] ret_from_fork_asm+0x1a/0x30 [ 235.058573][ T18] [ 235.061581][ T18] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 235.068855][ T18] CPU: 0 UID: 0 PID: 18 Comm: rcu_exp_gp_kthr Tainted: G L syzkaller #0 PREEMPT(full) [ 235.079952][ T18] Tainted: [L]=SOFTLOCKUP [ 235.084260][ T18] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 235.094302][ T18] Call Trace: [ 235.097571][ T18] [ 235.100485][ T18] dump_stack_lvl+0x3d/0x1f0 [ 235.105070][ T18] vpanic+0x640/0x6f0 [ 235.109038][ T18] ? update_rq_clock+0x34a/0xc70 [ 235.113967][ T18] panic+0xca/0xd0 [ 235.117676][ T18] ? __pfx_panic+0x10/0x10 [ 235.122091][ T18] ? check_panic_on_warn+0x1f/0xb0 [ 235.127197][ T18] check_panic_on_warn+0xab/0xb0 [ 235.132215][ T18] __warn+0x108/0x3c0 [ 235.136205][ T18] __report_bug+0x2a0/0x520 [ 235.140700][ T18] ? update_rq_clock+0x34a/0xc70 [ 235.145628][ T18] ? __pfx___report_bug+0x10/0x10 [ 235.150648][ T18] ? rcu_is_watching+0x12/0xc0 [ 235.155410][ T18] ? update_rq_clock+0x34a/0xc70 [ 235.160337][ T18] report_bug+0xb2/0x220 [ 235.164575][ T18] ? update_rq_clock+0x34a/0xc70 [ 235.169505][ T18] handle_bug+0x127/0x260 [ 235.173831][ T18] exc_invalid_op+0x17/0x50 [ 235.178320][ T18] asm_exc_invalid_op+0x1a/0x20 [ 235.183154][ T18] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 235.188719][ T18] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 235.208317][ T18] RSP: 0018:ffffc900001779d0 EFLAGS: 00010046 [ 235.214374][ T18] RAX: 0000000000000000 RBX: ffff8880b853adc0 RCX: 0000000000000001 [ 235.222334][ T18] RDX: 0000000000000000 RSI: ffffffff8daa58ea RDI: ffffffff8bf2b400 [ 235.230297][ T18] RBP: 0000000000000001 R08: ffff8880b843b8c8 R09: fffffbfff2111fba [ 235.238259][ T18] R10: ffffffff9088fdd7 R11: 0000000000000001 R12: ffffffff90892e54 [ 235.246220][ T18] R13: ffffffff8dd66460 R14: ffff88802ed53d00 R15: ffff8880b853adc0 [ 235.254189][ T18] ? pick_task_fair+0x85/0x350 [ 235.259048][ T18] __schedule+0x212d/0x6150 [ 235.263568][ T18] ? __pfx___schedule+0x10/0x10 [ 235.268418][ T18] ? find_held_lock+0x2b/0x80 [ 235.273091][ T18] ? schedule+0x2d7/0x3a0 [ 235.277425][ T18] schedule+0xe7/0x3a0 [ 235.281488][ T18] schedule_timeout+0x123/0x290 [ 235.286351][ T18] ? __pfx_schedule_timeout+0x10/0x10 [ 235.291739][ T18] ? __pfx_process_timeout+0x10/0x10 [ 235.297019][ T18] ? rcu_is_watching+0x12/0xc0 [ 235.301798][ T18] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 235.307619][ T18] __sync_rcu_exp_select_node_cpus+0x673/0xd50 [ 235.313820][ T18] sync_rcu_exp_select_cpus+0x3cb/0xab0 [ 235.319362][ T18] ? rcu_is_watching+0x12/0xc0 [ 235.324174][ T18] wait_rcu_exp_gp+0x2c/0x40 [ 235.328756][ T18] kthread_worker_fn+0x310/0xbf0 [ 235.333680][ T18] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 235.339004][ T18] ? __pfx_kthread_worker_fn+0x10/0x10 [ 235.344544][ T18] kthread+0x3c5/0x780 [ 235.348603][ T18] ? __pfx_kthread+0x10/0x10 [ 235.353178][ T18] ? rcu_is_watching+0x12/0xc0 [ 235.357940][ T18] ? __pfx_kthread+0x10/0x10 [ 235.362600][ T18] ret_from_fork+0x983/0xb10 [ 235.367180][ T18] ? __pfx_ret_from_fork+0x10/0x10 [ 235.372279][ T18] ? __switch_to+0x7af/0x10d0 [ 235.376950][ T18] ? __pfx_kthread+0x10/0x10 [ 235.381616][ T18] ret_from_fork_asm+0x1a/0x30 [ 235.386389][ T18] [ 235.389696][ T18] Kernel Offset: disabled [ 235.394015][ T18] Rebooting in 86400 seconds..