last executing test programs: 6.32438604s ago: executing program 2 (id=1275): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f00"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) setreuid$auto(0x4, 0x8) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1d"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x804) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x89}, 0x7}, 0x3, 0x0) 6.16799318s ago: executing program 2 (id=1277): r0 = socket(0x23, 0x4, 0x800071) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000f9dbdf250100000008000a0008000000050007003b000000080009009c781e01060002000100000008001700", @ANYRES32=r0], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x45, 0xffffffffffff7829) r3 = fsopen$auto(0x0, 0x1) fsconfig$auto_JFFS2_COMPR_MODE_FORCELZO(r3, 0x4, &(0x7f0000000000)='bridge_slave_0\x00', &(0x7f0000000100), 0x4) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x80802, 0x0) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) 5.728958014s ago: executing program 2 (id=1278): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000020) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) fsconfig$auto(r0, 0x4, &(0x7f0000000080)='+\x00\xc04\x95\x96XD\x11T\x11\xac@\xb9\'\xa8\x99\xf6\x99\xad\xa2w\xd55\xea|-&\v\xa9\xc5\xb1\xc6\n\xb0{\xe8', 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) ioctl$auto_SG_GET_ACCESS_COUNT(r1, 0x2289, &(0x7f00000002c0)) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) futex$auto(0xfffffffffffffffe, 0xb, 0x47, 0x0, 0x0, 0x2) r2 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffffff, 0x0, 0x0) read$auto_l2cap_debugfs_fops_(r2, &(0x7f0000000240)=""/177, 0xb1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x7fff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001980)={0x38, r4, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x12}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x50}, 0xc800) r5 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) readv$auto(r5, &(0x7f0000000a80)={0x0, 0x5b54}, 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) socket(0xa, 0x2, 0x3a) clone$auto(0x100000000021, 0x8000002000000000, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x2) unshare$auto(0x40000080) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x802, 0x0) 4.598728826s ago: executing program 2 (id=1283): open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r0 = socket(0x2, 0x3, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_FS_IOC_UNRESVSP64(r0, 0x4030582b, 0x2) capget$auto(0x0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/radio26\x00', 0xc0400, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) ioctl$auto(0x3, 0x4020565a, 0x38) socket(0x1d, 0x3, 0x1) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x7, 0x12, 0xffffffffffffffff, 0xf4e) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) getsockopt$auto_SO_NO_CHECK(r1, 0x3ff, 0xb, &(0x7f0000000040)='*%\x00', &(0x7f00000000c0)=0xc9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x10, 0x2, 0x0) r3 = getsid$auto(0xffffffffffffffff) capget$auto(&(0x7f0000000340)={0xfffffffe, r3}, &(0x7f0000000380)={0xffffffff, 0x0, 0x2}) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/ati_remote2/parameters/mode_mask\x00', 0x80401, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x84080801}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x20}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x1}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x48}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x3}, @NFSD_A_SERVER_SCOPE={0x0, 0x4, '/dev/tty0\x00'}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x2}]}, 0x36}}, 0x14000014) mq_notify$auto(r4, &(0x7f0000000300)={@sival_ptr=&(0x7f0000000280)="be637381b100979db8f88c339113429252c8a291d1c88c59bfafceb84ee8b246264a5850ad64875385fba279ad9073dc204345ffebeec84985e03e2f1ff27860048831478029bd20e7264f6abf70367d9607e49c082105717d02c4b6d029f0f7ed815d16b7e60d2da1", @inferred=r4, 0x1}) write$auto(r4, 0x0, 0x800f) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r5 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) fstat$auto(r5, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000500), 0x1, 0x0) 4.482901019s ago: executing program 0 (id=1284): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x42800, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5e3372c608cf1715196e16b687fc1d5133e11bd7c2a4503f482fc420b8a3a8835cba439d3139339ae7d045d1f84aaf58002ff134abaebaa83019a193aba083187ffe3a285ea202e60900000000000000a051d449782965003eefacbcaaa9f7d257a0880c8de43314b1efb65e5ebe18a9230c02d917aef8a280ef2f6f2c56d16b000749acc79ae46c3d8f4dfa50b659b6f53d8d140ae5b761afe40bc3fcc44363e32fe4f3fd9f73ce16e0eb87db0dd0", @ANYBLOB="010027bd7000fcdbdf250a00000018000180140002000000000000000000000000000000000018000180140002006261746164765f736c6176655f310000998d56c778bf49aa54321f8a032f4443f38613354ea49b0fd4295d6229becad35a83b12540bde9381e17ea8d493009abe13f6340e46a637f2fc7fea4ef9ae60ccba051141983ac1f781a5f16ab76a2e88446a38ab053c1dd6a01f11bf12f6f16844d241a5dd659a6209beab6378d58bec9fa2e3b013348c440fdc9ec4ea5e80819f091911adc7da3b5569d428cbb04b80af3ed84c1591f9b2e6166468b6e"], 0x44}, 0x1, 0x0, 0x0, 0x801}, 0x40) close_range$auto(0x2, 0x8, 0x0) r3 = socketcall$auto(0xfffffff8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x34, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_FILS_DISCOVERY={0x20, 0x126, 0x0, 0x1, [@NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8}, @NL80211_FILS_DISCOVERY_ATTR_TMPL={0xa, 0x3, "ab986d053e4f"}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x20000044) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0xf000) 3.707168949s ago: executing program 0 (id=1287): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket(0x2, 0x3, 0x100) unshare$auto(0x40000080) r1 = socket(0x15, 0x5, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_KEY_FLUSH(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40004}, 0x800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x29, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r4, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r3, 0x8914, 0x24) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250300000008000300040200000600070000800000080002", @ANYRES32=0x0, @ANYRES32=r1, @ANYRES16=r0], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x4040084) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) 3.452574823s ago: executing program 3 (id=1289): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x42800, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x2, 0x1, 0x0) getsockopt$auto(r2, 0x6, 0x21, 0x0, &(0x7f00000000c0)=0x28000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5e3372c608cf1715196e16b687fc1d5133e11bd7c2a4503f482fc420b8a3a8835cba439d3139339ae7d045d1f84aaf58002ff134abaebaa83019a193aba083187ffe3a285ea202e60900000000000000a051d449782965003eefacbcaaa9f7d257a0880c8de43314b1efb65e5ebe18a9230c02d917aef8a280ef2f6f2c56d16b000749acc79ae46c3d8f4dfa50b659b6f53d8d140ae5b761afe40bc3fcc44363e32fe4f3fd9f73ce16e0eb87db0dd0", @ANYBLOB="010027bd7000fcdbdf250a00000018000180140002000000000000000000000000000000000018000180140002006261746164765f736c6176655f310000998d56c778bf49aa54321f8a032f4443f38613354ea49b0fd4295d6229becad35a83b12540bde9381e17ea8d493009abe13f6340e46a637f2fc7fea4ef9ae60ccba051141983ac1f781a5f16ab76a2e88446a38ab053c1dd6a01f11bf12f6f16844d241a5dd659a6209beab6378d58bec9fa2e3b013348c440fdc9ec4ea5e80819f091911adc7da3b5569d428cbb04b80af3ed84c1591f9b2e6166468b6e"], 0x44}, 0x1, 0x0, 0x0, 0x801}, 0x40) close_range$auto(0x2, 0x8, 0x0) r4 = socketcall$auto(0xfffffff8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x34, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_FILS_DISCOVERY={0x20, 0x126, 0x0, 0x1, [@NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8}, @NL80211_FILS_DISCOVERY_ATTR_TMPL={0xa, 0x3, "ab986d053e4f"}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x20000044) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r3, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) 3.185530618s ago: executing program 3 (id=1291): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = io_uring_setup$auto(0xb, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_SNAPSHOT_UNFREEZE(r0, 0x3302, 0x0) read$auto_ht40allow_map_ops_debugfs(r0, &(0x7f0000000000)=""/111, 0x6f) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x29, 0x2, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000040)={{0x0, 0x4, 0x0, 0x29, 0x0, 0x0, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r1, 0x89f3, 0x24) getrandom$auto(0x0, 0x6000000, 0x3) 3.071009876s ago: executing program 0 (id=1292): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x2200000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) msgsnd$auto(0x0, 0x0, 0x1000, 0x4) io_uring_setup$auto(0x7, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/008/001\x00', 0x8901, 0x0) ioctl$auto(r0, 0x5522, r0) ioctl$auto(r0, 0x5523, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket(0x29, 0x2, 0x0) socket(0xa, 0x2, 0x73) 2.838102624s ago: executing program 1 (id=1294): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_to_hsr\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250cf0ff000c00038004000380040005000c00018008000100", @ANYRES32=r2], 0x2c}, 0x1, 0x0, 0x0, 0x24004840}, 0x4000000) 2.766970773s ago: executing program 0 (id=1295): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r2, 0x0, 0x81) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f00000002c0)={0x0, 0x7}, 0xfff) lsm_set_self_attr$auto(0x9, &(0x7f0000000240)={0x2, 0x5, 0x4, 0x4e, "eb1c45d6addefd2ba6873e331fbf47765b70451ebdd904aea698470831ffc1b94c7bf7b56ffae66c070a8afd958afedadc383ac79b1a6d47fbc5e74a31fd4e4bcb3becaa466180febfb5a3ba0d01"}, 0x6, 0xd7) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, 0x0, 0x800) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x6) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x101400, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2903c2, 0x0) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/net/softnet_stat\x00', 0x109080, 0x0) pread64$auto(r4, 0x0, 0x100000001, 0x100) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r1, 0x7a4, 0x0) ioctl$auto_IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r1, 0x7a6, 0x0) mmap$auto(0x0, 0x477, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x7, 0x3fd6, 0x0, 0x1ffffffe) ioctl$auto_VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000080)={0x1, r0}) fsync$auto(r5) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vivid.0/video4linux/video36/index\x00', 0xc1640903163b1745, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f00000000c0)="98", 0x1) 2.629884494s ago: executing program 1 (id=1296): unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x2) open_tree_attr$auto(0xffffffffffffff9c, &(0x7f0000000240)='}[,&*}\x00', 0x8001, &(0x7f0000000280)={0xa, 0x1fe, 0xd, @raw=0x3d77}, 0x7) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/cpuid\x00', 0x4003, 0x0) read$auto(r0, 0x0, 0x7) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x3) mmap$auto(0xf0, 0xa00006, 0x3, 0x40eb1, 0xffffffffffffffff, 0x0) fcntl$auto_F_SETFL(0xffffffffffffffff, 0x4, 0x0) ioctl$auto_TIOCMGET(0xffffffffffffffff, 0x5415, &(0x7f0000000440)="e371391a16e0eb3ad762bcb6463c5219967fd0923776830ddc2c4816abbf0134ee0f48ffaa7aedb4c1b1fc651ef6c9b246f31e966fdbef98e88cce29e30a4769f12a50f9ef01d76f489d3fb5b501be1808bb1def84489d1d6c0b8f78c945c6d395dabcfd7c07be14ad54600f1f6dea8f4057f738552a6baefbbc0ae3676cdc72127166e8d7987b50a2c772bd7712cc4cdb59980b9b7d052e2c131b") sysfs$auto(0x2, 0x100000000000031, 0x0) 2.018491611s ago: executing program 0 (id=1297): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) unshare$auto(0x40000080) (async) r0 = socket$nl_generic(0x11, 0x3, 0x10) bind$auto(r0, &(0x7f0000000200)=@generic={0x11, "0000100000000000929e006300"}, 0x80) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="110b27bd7000ffdbdf250900000800"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x1000) (async) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1}, 0x7) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) (async) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) (async) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_BTRFS_IOC_BALANCE_V2(r3, 0xc4009420, &(0x7f0000000300)={0x5, 0x0, {0x6, @btrfs_balance_args_1_1={0x101, 0x4}, 0xffffffffffff0c3d, 0x8, 0x80, 0x8, 0x5, 0x3, 0x1, @limit=0x8, 0x5f6b, 0xd}, {0x37, @usage=0xfffffffffffffffb, 0x8, 0x30000, 0x5, 0x4, 0x0, 0x8, 0x9, @limit=0x3, 0x0, 0x4}, {0x3, @btrfs_balance_args_1_1={0x3, 0x6}, 0x9, 0x8000000000000000, 0x9, 0x7, 0xd9e, 0xfffffffffffffffb, 0x8, @limit=0x7c, 0x5, 0x80000001}, {0x6, 0x4, 0x31}}) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0xa) unshare$auto(0x40000080) (async, rerun: 64) r4 = socket(0x2, 0x2, 0x0) (rerun: 64) bind$auto(r4, &(0x7f0000000040)=@in={0x2, 0x4e21, @multicast2}, 0x6a) (async) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async, rerun: 32) r5 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x51a103, 0x0) (rerun: 32) io_setup$auto(0xffff, &(0x7f0000000580)) (async) ioctl$auto_UI_END_FF_ERASE(r5, 0x400c55cb, &(0x7f0000000100)={0x8, 0x0, 0x695c831f}) syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f00000001c0), r1) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9) 2.01165182s ago: executing program 2 (id=1298): semctl$auto_SEM_STAT(0x0, 0x80000000, 0x12, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/fs/cifs/dfscache\x00', 0xc2402, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) memfd_create$auto(0x0, 0x4) lseek$auto(0x3, 0x7ffffffffffffffd, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x5, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x6, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) timerfd_create$auto(0x9, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto(0x3, 0x40085400, 0x5) mmap$auto(0x0, 0x7, 0x5, 0x80000011, 0xffffffffffffffff, 0x1) prctl$auto(0x5, 0x0, 0x0, 0x5, 0x4) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) memfd_create$auto(0x0, 0xe) socket(0x2, 0x1, 0x106) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, 0x0, 0xe200, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x55) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x9) 1.985051979s ago: executing program 1 (id=1299): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000180), 0x8c00, 0x0) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x7, 0x6, 0x1f2, 0x9, 0xfffffffffffffffe, 0x400000000ff, 0xa, 0x2, 0x20000000aab, 0x5, 0x4]}, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x212902, 0x0) write$auto(0x3, 0x0, 0xfdef) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x129882, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001380)='/sys/devices/pci0000:00/0000:00:01.3/rescan\x00', 0x1a1181, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compaction_proactiveness\x00', 0x80, 0x0) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0xa, 0x2, 0x13, 0xde) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x8, 0x4000, 0x0) write$auto(r1, 0x0, 0x5) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mknod$auto(&(0x7f0000001040)=':,\x00', 0xca, 0xfffffffa) r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000080), 0x161840, 0x0) read$auto_rng_chrdev_ops_core(r2, &(0x7f00000023c0)=""/4072, 0xfe8) openat2$dir(0xffffffffffffff9c, &(0x7f00000011c0)=':,\x00', &(0x7f0000001200)={0x503240, 0x80, 0x10}, 0x18) copy_file_range$auto(0xffffffffffffffff, 0x0, r2, 0x0, 0xffffffffffffffff, 0x8) execve$auto(&(0x7f0000000040)=':,\x00', 0x0, &(0x7f0000000200)=&(0x7f00000001c0)=':,\x00') mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x58402, 0x0) read$auto(r3, 0x0, 0x2) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) 1.841501343s ago: executing program 3 (id=1300): r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x42800, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000080)={0xc, 0xe, 0x8001, 0x4, "c1713983ff9aeeafd54e54ee55b9acdf9c81480c2ff165dac087adab24e97554"}) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x0, 0x0, 0x10) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) statx$auto(r1, 0x0, 0x401006, 0x4015, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x28, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5e3372c608cf1715196e16b687fc1d5133e11bd7c2a4503f482fc420b8a3a8835cba439d3139339ae7d045d1f84aaf58002ff134abaebaa83019a193aba083187ffe3a285ea202e60900000000000000a051d449782965003eefacbcaaa9f7d257a0880c8de43314b1efb65e5ebe18a9230c02d917aef8a280ef2f6f2c56d16b000749acc79ae46c3d8f4dfa50b659b6f53d8d140ae5b761afe40bc3fcc44363e32fe4f3fd9f73ce16e0eb87db0dd0", @ANYBLOB="010027bd7000fcdbdf250a00000018000180140002000000000000000000000000000000000018000180140002006261746164765f736c6176655f310000998d56c778bf49aa54321f8a032f4443f38613354ea49b0fd4295d6229becad35a83b12540bde9381e17ea8d493009abe13f6340e46a637f2fc7fea4ef9ae60ccba051141983ac1f781a5f16ab76a2e88446a38ab053c1dd6a01f11bf12f6f16844d241a5dd659a6209beab6378d58bec9fa2e3b013348c440fdc9ec4ea5e80819f091911adc7da3b5569d428cbb04b80af3ed84c1591f9b2e6166468b6e"], 0x44}, 0x1, 0x0, 0x0, 0x801}, 0x40) close_range$auto(0x2, 0x8, 0x0) r4 = socketcall$auto(0xfffffff8, 0x0) r5 = socket(0xa, 0x801, 0x84) connect$auto(r5, &(0x7f0000000080)=@generic={0xa, "509235679a5532c63bacddae0710"}, 0x54) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x34, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_FILS_DISCOVERY={0x20, 0x126, 0x0, 0x1, [@NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8}, @NL80211_FILS_DISCOVERY_ATTR_TMPL={0xa, 0x3, "ab986d053e4f"}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x20000044) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r3, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) 1.755542255s ago: executing program 1 (id=1301): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket(0x2, 0x3, 0x100) unshare$auto(0x40000080) r1 = socket(0x15, 0x5, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_KEY_FLUSH(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40004}, 0x800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x29, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r4, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r3, 0x8914, 0x24) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250300000008000300040200000600070000800000080002", @ANYRES32=0x0, @ANYRES32=r1, @ANYRES16=r0], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x4040084) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) 1.022662442s ago: executing program 3 (id=1302): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x2002, 0x0) r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x800, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT64(r0, 0xc0984124, 0x0) mmap$auto(0x0, 0x402000a, 0xffffffffffffffff, 0x400eb1, 0x401, 0x8000) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0xc0603d06, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) 854.366017ms ago: executing program 3 (id=1303): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x2200000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x801, 0x84) getsockopt$auto_SO_PASSCRED(r0, 0x9a, 0x10, &(0x7f0000000000)='@-%{\x00', &(0x7f00000000c0)=0xf7) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) msgsnd$auto(0x0, 0x0, 0x1000, 0x4) io_uring_setup$auto(0x7, 0x0) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/008/001\x00', 0x8901, 0x0) ioctl$auto(r1, 0x5522, r1) ioctl$auto(r1, 0x5523, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket(0x29, 0x2, 0x0) socket(0xa, 0x2, 0x73) 669.387198ms ago: executing program 2 (id=1304): sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5aa, 0x0, 0x5, 0x0, 0x5, 0x1000}, 0x5}, 0x2, 0x100) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_clone(0x120200, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'wg0\x00', 0x0}) r3 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), 0xffffffffffffffff) sendmsg$auto_WG_CMD_SET_DEVICE(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002800)={0x1c, r3, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000011}, 0x810) sendmsg$auto_HSR_C_GET_NODE_LIST(r0, 0x0, 0x40) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtdblock0\x00', 0x20200, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) select$auto(0x7, 0x0, &(0x7f0000000000)={[0x209c, 0x40, 0x8, 0x19, 0xffffffffffffeff7, 0x47, 0xc, 0x200000f, 0x0, 0x0, 0x12, 0xd59, 0x100000000101, 0x9b, 0x2, 0xffffffffffffffff]}, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x15, 0x5, 0x0) setsockopt$auto(r5, 0x114, 0x2, 0xffffffffffffffff, 0x20) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_int=0x5de7, @inferred, 0x2, @_tid}) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000040), 0x8000, 0x1}, 0x8}, 0x1, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xffffffff, 0x0, 0x4, 0x0, 0x1, 0xfffffff7}, 0x8c}, 0xb, 0xe) recvmmsg$auto(r4, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0x9, 0x10, 0x0) 617.478044ms ago: executing program 3 (id=1305): r0 = socket$nl_generic(0x10, 0x3, 0x10) pread64$auto(0xffffffffffffffff, 0x0, 0x202, 0x7) (async) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, 0x0, 0xc880) (async) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) ioctl$auto_VHOST_SET_FEATURES(0xffffffffffffffff, 0x8008af83, 0x0) mmap$auto(0xfffffffffffffffd, 0x5, 0xdf, 0x8000000010, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) r1 = socket(0x2a, 0x2, 0x0) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) (async) read$auto(r0, 0x0, 0x2000000008) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x0, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x40400, 0x0) (async) fcntl$auto(0x8000000000000001, 0x7, 0x8) (async) fcntl$auto(0x8000000000000001, 0x26, 0x8) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x129002, 0x0) (async) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/dev\x00', 0x40100, 0x0) pread64$auto(r3, 0x0, 0x10001, 0x82a) (async) write$auto(r2, 0x0, 0xc) ioctl$auto(0xffffffffffffffff, 0xc0045405, 0xffffffffffffffff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/amidi2\x00', 0x20000, 0x0) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pts/ptmx\x00', 0xa0540, 0x0) 383.455561ms ago: executing program 1 (id=1306): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) fcntl$auto_F_SETSIG(r0, 0xa, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) openat$auto_fops_u8_(0xffffffffffffff9c, &(0x7f0000001040)='/sys/kernel/debug/nfcsim/nfc0/dropframe\x00', 0x2b0002, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11:\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x12\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) r1 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) write$auto_dfs_global_fops_debug(r1, 0x0, 0x0) msgget$auto(0x0, 0x5) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x7) msgsnd$auto(0x0, &(0x7f0000000040)={0x40000007fc, 0x7}, 0x400, 0x2) msgrcv$auto(0x0, 0x0, 0x4bd, 0x1, 0xf1) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101202, 0x0) pivot_root$auto(0x0, &(0x7f00000004c0)='/\x00\xf5\xdf\xeb\xa1\xb1\xccYE\x92\x0e\xf1\xb6?S\xad\xdeiN\xc0\xb6\xa7>\x95\x1e\xdd\x03;t}\"\x01\xbf\an4>j<\xcb\xe0n\xa1\xae\xf7;\xf5\tJ\xb0\x95\xd5\x96\xae(\xd2\x06\xa7\xc2o\xe25\x8b\xe4\xac\x87\x98NAe\xf0\xf1\xd9\xd36\x98\x86\xca\xf6\xf8\xd0/\x1f\xb3\xe4N\xc0\x06\'\x11\x8a\xe108N/\xcc\x1f\xa9\xd0\xac\xf2\xf5\x90\xbbO\xcc\xa9qH\x00[\x86o\xf4\xaf\x93\x14\xbf|@\xb6E\xd5\xa7\xa9^\x84\x19\xca\x84\\\xb9u8\xa4\f\x7f\xa1Vh\xdc\'\x0e\xf6\xd9;\xcf@\xea\xde\xa0\xa8\xea\xef\xfcK5\x87Z\xc1\xccOx\x8bn\x1b\x93@o\xf7\xe30\x90\b\aQ_\xb9\x9dO\xab\xea \x88\xdc\xda>\xdc.O.\xc8\xe2\x04D\xc6\x14A\x7f\x000\xdd*\a\vX\xb0\x8bI\xd0K)u\x13{-\x02\xb2B\xabd[\xdd\xdc\x10M\x9c\x88a\xfd\xa1\x12\xeb\xe0O\xf8\xbf37e\x1e\xf1@\xe3\xae\xe4\xef\xbd|D\x1e;3\x99g\xd8\xf5\xf3\xe0\x96D\x93\x93\x86m\xa0Fn;\xff\xc3}\xb8\xcd\x0f0F\x96\x98\xd0\x19\xf5\xdf\xf1B\x17_t\xe4|i\xcd\x81|w\xfcNc\xdd\xb8\xdbQ\x0fb}c`=F\x91_\xbd+E\b\x14\x848\xe3\xee/\xe37\xcb\x00\xd7\xe0\x8f\xb2\xffU\xa3\n\xb3PW\x11\xe1\xdd\x05\x86\x9c\xcf\xfe\xfapL\xb2\x05\x82\xf4\xf2v\xe8\x83\xc9*M\x90\xa6P\x98\xb1\x94\x84\xb7\x00\xf2\xf0#\xd4\xe4\xe2\xaa~\x1d\xbc \xa2y\xae@\xab\x1d\xd8pBg\xbb\xa8|g\xc70.\x04\"\ff\xb0\xc6umooMT\xa8\xd3\x97 ?\xf1\x80\x01\x80\x10\xe9\x84Ff\xd4WU\xc41\xc3}\x03\xdc\'\xdd\xecJ\x97\xdb\xed\rr\xb6-$\x8b\xc5i\xe3\x113\x89M\xe4\xd7\x1dX\xc9\x15\x00\xd7j1t\\ \x88>s\xb5\x83\xf3\xef\x05\xb8+Y\x04{\x9a\x8e|\xfd\x92\xfb\xd1\"\x85\xb1\xf4*=\xee{\x7fS%;\xfd\xc0,\xa7\x973\xdc\x7f/B\xd8pe!\xd8sl\x15g\xd5\x05\x8eRQ\nm\xaa\xf2N\x1d\xda\xeb\xe3\x06\xd1at\xd9\xd5\xb2\xcb\xf5\x83\x84\x1eF\xab\x00\x8f\xa4\xb3\xd6\xaf\xcee3s\t\xf5\xcc*\xff\xf5\xf2\x98\x89T\x80\xa8\xae\x1e0\xe5\xa6\xc9.\v}\xa3\vi\x06e\xbd\xa1u\xc5_B\x8a\xe2@sF\xfd\xa9\x8f\x11\xdc\xbe\rjrb\x8a\xa6\x0f\xb3Zq\xf2\xce\xbc\xf3X\xcc\a\xe8v\xdb\xa0\x1cb [ 270.837870][ T9317] memory: usage 3072kB, limit 3072kB, failcnt 57746 [ 271.332679][ T9347] FAULT_INJECTION: forcing a failure. [ 271.332679][ T9347] name failslab, interval 1, probability 0, space 0, times 0 [ 271.410165][ T9347] CPU: 0 UID: 0 PID: 9347 Comm: syz.3.823 Tainted: G U syzkaller #0 PREEMPT(full) [ 271.410208][ T9347] Tainted: [U]=USER [ 271.410216][ T9347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 271.410231][ T9347] Call Trace: [ 271.410240][ T9347] [ 271.410250][ T9347] dump_stack_lvl+0x16c/0x1f0 [ 271.410294][ T9347] should_fail_ex+0x512/0x640 [ 271.410323][ T9347] ? __kmalloc_noprof+0xca/0x910 [ 271.410355][ T9347] should_failslab+0xc2/0x120 [ 271.410392][ T9347] __kmalloc_noprof+0xeb/0x910 [ 271.410421][ T9347] ? ring_buffer_read_start+0x1b9/0x500 [ 271.410459][ T9347] ? ring_buffer_read_start+0x1b9/0x500 [ 271.410490][ T9347] ring_buffer_read_start+0x1b9/0x500 [ 271.410524][ T9347] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 271.410555][ T9347] ? lockdep_init_map_type+0x5c/0x270 [ 271.410581][ T9347] ? ring_buffer_overruns+0x195/0x1f0 [ 271.410613][ T9347] tracing_open+0x93f/0xe10 [ 271.410648][ T9347] do_dentry_open+0x748/0x1590 [ 271.410682][ T9347] ? __pfx_tracing_open+0x10/0x10 [ 271.410719][ T9347] vfs_open+0x82/0x3f0 [ 271.410751][ T9347] path_openat+0x2078/0x3140 [ 271.410806][ T9347] ? __pfx_path_openat+0x10/0x10 [ 271.410862][ T9347] do_filp_open+0x20b/0x470 [ 271.410900][ T9347] ? __pfx_do_filp_open+0x10/0x10 [ 271.410965][ T9347] ? alloc_fd+0x471/0x7d0 [ 271.411010][ T9347] do_sys_openat2+0x121/0x290 [ 271.411049][ T9347] ? __pfx_do_sys_openat2+0x10/0x10 [ 271.411093][ T9347] __x64_sys_openat+0x174/0x210 [ 271.411121][ T9347] ? __pfx___x64_sys_openat+0x10/0x10 [ 271.411166][ T9347] do_syscall_64+0xcd/0xf80 [ 271.411193][ T9347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.411219][ T9347] RIP: 0033:0x7f480ad8f7c9 [ 271.411238][ T9347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.411262][ T9347] RSP: 002b:00007f480bc75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 271.411286][ T9347] RAX: ffffffffffffffda RBX: 00007f480afe6090 RCX: 00007f480ad8f7c9 [ 271.411303][ T9347] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 271.411321][ T9347] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 271.411336][ T9347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 271.411352][ T9347] R13: 00007f480afe6128 R14: 00007f480afe6090 R15: 00007ffe5fabdf68 [ 271.411389][ T9347] [ 271.654517][ T9317] memory+swap: usage 7944kB, limit 9007199254740988kB, failcnt 0 [ 271.665054][ T9317] kmem: usage 780kB, limit 9007199254740988kB, failcnt 0 [ 271.770719][ T6218] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 271.965589][ T9317] Memory cgroup stats for /syz1: [ 271.965845][ T9317] cache 2260992 [ 272.065187][ T9317] rss 45056 [ 272.071557][ T9317] rss_huge 0 [ 272.114136][ T9317] shmem 2260992 [ 272.206294][ T9317] mapped_file 1196032 [ 272.210310][ T9317] dirty 0 [ 272.213229][ T9317] writeback 0 [ 272.263119][ T9317] workingset_refault_anon 10890 [ 272.280452][ T9317] workingset_refault_file 10990 [ 272.287336][ T9317] swap 4988928 [ 272.292289][ T9317] swapcached 45056 [ 272.296641][ T9317] pgpgin 125508 [ 272.300961][ T9317] pgpgout 124937 [ 272.304515][ T9317] pgfault 149840 [ 272.311087][ T9317] pgmajfault 3658 [ 272.330293][ T9317] inactive_anon 2023424 [ 272.377339][ T9317] active_anon 315392 [ 272.383835][ T9350] FAULT_INJECTION: forcing a failure. [ 272.383835][ T9350] name failslab, interval 1, probability 0, space 0, times 0 [ 272.420083][ T9317] inactive_file 0 [ 272.450401][ T9317] active_file 0 [ 272.453881][ T9317] unevictable 0 [ 272.495469][ T9317] hierarchical_memory_limit 3145728 [ 272.500697][ T9317] hierarchical_memsw_limit 9223372036854771712 [ 272.517808][ T9350] CPU: 1 UID: 0 PID: 9350 Comm: syz.2.821 Tainted: G U syzkaller #0 PREEMPT(full) [ 272.517834][ T9350] Tainted: [U]=USER [ 272.517839][ T9350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 272.517847][ T9350] Call Trace: [ 272.517852][ T9350] [ 272.517858][ T9350] dump_stack_lvl+0x16c/0x1f0 [ 272.517885][ T9350] should_fail_ex+0x512/0x640 [ 272.517901][ T9350] ? kmem_cache_alloc_noprof+0x62/0x770 [ 272.517920][ T9350] should_failslab+0xc2/0x120 [ 272.517943][ T9350] kmem_cache_alloc_noprof+0x83/0x770 [ 272.517960][ T9350] ? security_file_alloc+0x34/0x2b0 [ 272.517981][ T9350] ? security_file_alloc+0x34/0x2b0 [ 272.517996][ T9350] security_file_alloc+0x34/0x2b0 [ 272.518014][ T9350] init_file+0x93/0x4c0 [ 272.518028][ T9350] alloc_empty_file+0x73/0x1e0 [ 272.518042][ T9350] path_openat+0xde/0x3140 [ 272.518060][ T9350] ? do_syscall_64+0xcd/0xf80 [ 272.518071][ T9350] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.518091][ T9350] ? __pfx_path_openat+0x10/0x10 [ 272.518116][ T9350] do_filp_open+0x20b/0x470 [ 272.518136][ T9350] ? __pfx_do_filp_open+0x10/0x10 [ 272.518168][ T9350] ? alloc_fd+0x471/0x7d0 [ 272.518191][ T9350] do_sys_openat2+0x121/0x290 [ 272.518206][ T9350] ? __pfx_do_sys_openat2+0x10/0x10 [ 272.518222][ T9350] ? find_held_lock+0x2b/0x80 [ 272.518243][ T9350] __x64_sys_openat+0x174/0x210 [ 272.518258][ T9350] ? __pfx___x64_sys_openat+0x10/0x10 [ 272.518280][ T9350] do_syscall_64+0xcd/0xf80 [ 272.518294][ T9350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.518307][ T9350] RIP: 0033:0x7f048cd8f7c9 [ 272.518320][ T9350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.518332][ T9350] RSP: 002b:00007f048dc5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 272.518346][ T9350] RAX: ffffffffffffffda RBX: 00007f048cfe5fa0 RCX: 00007f048cd8f7c9 [ 272.518355][ T9350] RDX: 0000000000022080 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 272.518363][ T9350] RBP: 00007f048ce13f91 R08: 0000000000000000 R09: 0000000000000000 [ 272.518370][ T9350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.518378][ T9350] R13: 00007f048cfe6038 R14: 00007f048cfe5fa0 R15: 00007ffd655f2408 [ 272.518397][ T9350] [ 272.753413][ T9317] total_cache 2260992 [ 272.757473][ T9317] total_rss 45056 [ 272.761111][ T9317] total_rss_huge 0 [ 272.765058][ T9317] total_shmem 2260992 [ 272.769028][ T9317] total_mapped_file 1196032 [ 272.773514][ T9317] total_dirty 0 [ 272.778196][ T9317] total_writeback 0 [ 272.782016][ T9317] total_workingset_refault_anon 10890 [ 272.787459][ T9317] total_workingset_refault_file 10990 [ 272.792823][ T9317] total_swap 4988928 [ 272.796722][ T9317] total_swapcached 45056 [ 272.801752][ T9317] total_pgpgin 125508 [ 272.806049][ T9317] total_pgpgout 124937 [ 272.810100][ T9317] total_pgfault 149840 [ 272.814201][ T9317] total_pgmajfault 3658 [ 272.820771][ T9317] total_inactive_anon 2023424 [ 272.825565][ T9317] total_active_anon 315392 [ 272.829987][ T9317] total_inactive_file 0 [ 272.834144][ T9317] total_active_file 0 [ 272.838233][ T9317] total_unevictable 0 [ 272.842223][ T9317] anon_cost 0 [ 272.845567][ T9317] file_cost 0 [ 272.848940][ T9317] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.814,pid=9312,uid=0 [ 272.863913][ T9317] Memory cgroup out of memory: OOM victim 9312 (syz.1.814) is already exiting. Skip killing the task [ 273.402766][ T9368] FAULT_INJECTION: forcing a failure. [ 273.402766][ T9368] name failslab, interval 1, probability 0, space 0, times 0 [ 273.451566][ T9368] CPU: 0 UID: 0 PID: 9368 Comm: syz.3.827 Tainted: G U syzkaller #0 PREEMPT(full) [ 273.451598][ T9368] Tainted: [U]=USER [ 273.451603][ T9368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 273.451612][ T9368] Call Trace: [ 273.451617][ T9368] [ 273.451623][ T9368] dump_stack_lvl+0x16c/0x1f0 [ 273.451649][ T9368] should_fail_ex+0x512/0x640 [ 273.451666][ T9368] ? __kmalloc_cache_noprof+0x5f/0x800 [ 273.451685][ T9368] should_failslab+0xc2/0x120 [ 273.451705][ T9368] __kmalloc_cache_noprof+0x80/0x800 [ 273.451721][ T9368] ? ring_buffer_read_start+0x149/0x500 [ 273.451742][ T9368] ? ring_buffer_read_start+0x149/0x500 [ 273.451758][ T9368] ring_buffer_read_start+0x149/0x500 [ 273.451776][ T9368] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 273.451792][ T9368] ? lockdep_init_map_type+0x5c/0x270 [ 273.451808][ T9368] ? ring_buffer_overruns+0x195/0x1f0 [ 273.451826][ T9368] tracing_open+0x93f/0xe10 [ 273.451845][ T9368] do_dentry_open+0x748/0x1590 [ 273.451871][ T9368] ? __pfx_tracing_open+0x10/0x10 [ 273.451892][ T9368] vfs_open+0x82/0x3f0 [ 273.451909][ T9368] path_openat+0x2078/0x3140 [ 273.451934][ T9368] ? __pfx_path_openat+0x10/0x10 [ 273.451960][ T9368] do_filp_open+0x20b/0x470 [ 273.451979][ T9368] ? __pfx_do_filp_open+0x10/0x10 [ 273.452012][ T9368] ? alloc_fd+0x471/0x7d0 [ 273.452036][ T9368] do_sys_openat2+0x121/0x290 [ 273.452050][ T9368] ? __pfx_do_sys_openat2+0x10/0x10 [ 273.452072][ T9368] __x64_sys_openat+0x174/0x210 [ 273.452087][ T9368] ? __pfx___x64_sys_openat+0x10/0x10 [ 273.452109][ T9368] do_syscall_64+0xcd/0xf80 [ 273.452123][ T9368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.452137][ T9368] RIP: 0033:0x7f480ad8f7c9 [ 273.452149][ T9368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.452162][ T9368] RSP: 002b:00007f480bc75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 273.452175][ T9368] RAX: ffffffffffffffda RBX: 00007f480afe6090 RCX: 00007f480ad8f7c9 [ 273.452184][ T9368] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 273.452193][ T9368] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 273.452200][ T9368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.452208][ T9368] R13: 00007f480afe6128 R14: 00007f480afe6090 R15: 00007ffe5fabdf68 [ 273.452227][ T9368] [ 274.171878][ T9370] zswap: compressor not available [ 274.365904][ T9384] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 274.465411][ T9384] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 274.506102][ T9384] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 274.597282][ T9384] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 274.605693][ T9384] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 274.679332][ T9384] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 274.732872][ T9384] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 274.789603][ T9384] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 274.838612][ T9384] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 274.879986][ T9384] netlink: 'syz.2.832': attribute type 1 has an invalid length. [ 275.345459][ T9400] FAULT_INJECTION: forcing a failure. [ 275.345459][ T9400] name failslab, interval 1, probability 0, space 0, times 0 [ 275.478714][ T9400] CPU: 1 UID: 0 PID: 9400 Comm: syz.1.833 Tainted: G U syzkaller #0 PREEMPT(full) [ 275.478751][ T9400] Tainted: [U]=USER [ 275.478758][ T9400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 275.478773][ T9400] Call Trace: [ 275.478780][ T9400] [ 275.478789][ T9400] dump_stack_lvl+0x16c/0x1f0 [ 275.478835][ T9400] should_fail_ex+0x512/0x640 [ 275.478862][ T9400] ? __kmalloc_noprof+0xca/0x910 [ 275.478893][ T9400] should_failslab+0xc2/0x120 [ 275.478930][ T9400] __kmalloc_noprof+0xeb/0x910 [ 275.478947][ T9400] ? ring_buffer_read_start+0x1b9/0x500 [ 275.478968][ T9400] ? ring_buffer_read_start+0x1b9/0x500 [ 275.478984][ T9400] ring_buffer_read_start+0x1b9/0x500 [ 275.479002][ T9400] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 275.479027][ T9400] ? lockdep_init_map_type+0x5c/0x270 [ 275.479042][ T9400] ? ring_buffer_overruns+0x195/0x1f0 [ 275.479059][ T9400] tracing_open+0x93f/0xe10 [ 275.479078][ T9400] do_dentry_open+0x748/0x1590 [ 275.479097][ T9400] ? __pfx_tracing_open+0x10/0x10 [ 275.479117][ T9400] vfs_open+0x82/0x3f0 [ 275.479133][ T9400] path_openat+0x2078/0x3140 [ 275.479159][ T9400] ? __pfx_path_openat+0x10/0x10 [ 275.479185][ T9400] do_filp_open+0x20b/0x470 [ 275.479204][ T9400] ? __pfx_do_filp_open+0x10/0x10 [ 275.479244][ T9400] ? alloc_fd+0x471/0x7d0 [ 275.479270][ T9400] do_sys_openat2+0x121/0x290 [ 275.479285][ T9400] ? __pfx_do_sys_openat2+0x10/0x10 [ 275.479308][ T9400] __x64_sys_openat+0x174/0x210 [ 275.479324][ T9400] ? __pfx___x64_sys_openat+0x10/0x10 [ 275.479347][ T9400] do_syscall_64+0xcd/0xf80 [ 275.479362][ T9400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.479375][ T9400] RIP: 0033:0x7f8338f8f7c9 [ 275.479387][ T9400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.479400][ T9400] RSP: 002b:00007f8339d7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 275.479419][ T9400] RAX: ffffffffffffffda RBX: 00007f83391e6090 RCX: 00007f8338f8f7c9 [ 275.479435][ T9400] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 275.479444][ T9400] RBP: 00007f8339013f91 R08: 0000000000000000 R09: 0000000000000000 [ 275.479452][ T9400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 275.479460][ T9400] R13: 00007f83391e6128 R14: 00007f83391e6090 R15: 00007fffe7a976a8 [ 275.479480][ T9400] [ 275.886911][ T9394] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 275.915846][ T9394] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 275.921909][ T9394] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 275.972607][ T9394] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 277.045221][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 277.995232][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 278.001538][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 278.007730][ T5153] Bluetooth: hci2: command 0x0c1a tx timeout [ 278.459140][ T9437] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 278.482037][ T9437] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 278.514501][ T9437] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 278.554242][ T9437] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 279.061088][ T9459] FAULT_INJECTION: forcing a failure. [ 279.061088][ T9459] name failslab, interval 1, probability 0, space 0, times 0 [ 279.090809][ T9459] CPU: 0 UID: 0 PID: 9459 Comm: syz.3.847 Tainted: G U syzkaller #0 PREEMPT(full) [ 279.090842][ T9459] Tainted: [U]=USER [ 279.090847][ T9459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 279.090856][ T9459] Call Trace: [ 279.090861][ T9459] [ 279.090867][ T9459] dump_stack_lvl+0x16c/0x1f0 [ 279.090893][ T9459] should_fail_ex+0x512/0x640 [ 279.090910][ T9459] ? __kmalloc_noprof+0xca/0x910 [ 279.090927][ T9459] should_failslab+0xc2/0x120 [ 279.090948][ T9459] __kmalloc_noprof+0xeb/0x910 [ 279.090962][ T9459] ? ring_buffer_read_start+0x1b9/0x500 [ 279.090983][ T9459] ? ring_buffer_read_start+0x1b9/0x500 [ 279.090999][ T9459] ring_buffer_read_start+0x1b9/0x500 [ 279.091017][ T9459] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 279.091034][ T9459] ? lockdep_init_map_type+0x5c/0x270 [ 279.091049][ T9459] ? ring_buffer_overruns+0x195/0x1f0 [ 279.091066][ T9459] tracing_open+0x93f/0xe10 [ 279.091085][ T9459] do_dentry_open+0x748/0x1590 [ 279.091103][ T9459] ? __pfx_tracing_open+0x10/0x10 [ 279.091123][ T9459] vfs_open+0x82/0x3f0 [ 279.091140][ T9459] path_openat+0x2078/0x3140 [ 279.091173][ T9459] ? __pfx_path_openat+0x10/0x10 [ 279.091202][ T9459] do_filp_open+0x20b/0x470 [ 279.091222][ T9459] ? __pfx_do_filp_open+0x10/0x10 [ 279.091262][ T9459] ? alloc_fd+0x471/0x7d0 [ 279.091286][ T9459] do_sys_openat2+0x121/0x290 [ 279.091301][ T9459] ? __pfx_do_sys_openat2+0x10/0x10 [ 279.091323][ T9459] __x64_sys_openat+0x174/0x210 [ 279.091338][ T9459] ? __pfx___x64_sys_openat+0x10/0x10 [ 279.091360][ T9459] do_syscall_64+0xcd/0xf80 [ 279.091375][ T9459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.091389][ T9459] RIP: 0033:0x7f480ad8f7c9 [ 279.091402][ T9459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 279.091415][ T9459] RSP: 002b:00007f480bc75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 279.091428][ T9459] RAX: ffffffffffffffda RBX: 00007f480afe6090 RCX: 00007f480ad8f7c9 [ 279.091437][ T9459] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 279.091446][ T9459] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 279.091454][ T9459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 279.091462][ T9459] R13: 00007f480afe6128 R14: 00007f480afe6090 R15: 00007ffe5fabdf68 [ 279.091482][ T9459] [ 279.835641][ T9454] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 279.841693][ T9454] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 279.906449][ T9454] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 279.947470][ T9454] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 280.702323][ T9475] FAULT_INJECTION: forcing a failure. [ 280.702323][ T9475] name failslab, interval 1, probability 0, space 0, times 0 [ 280.739626][ T9475] CPU: 0 UID: 0 PID: 9475 Comm: syz.3.852 Tainted: G U syzkaller #0 PREEMPT(full) [ 280.739667][ T9475] Tainted: [U]=USER [ 280.739675][ T9475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 280.739690][ T9475] Call Trace: [ 280.739699][ T9475] [ 280.739708][ T9475] dump_stack_lvl+0x16c/0x1f0 [ 280.739753][ T9475] should_fail_ex+0x512/0x640 [ 280.739780][ T9475] ? kmem_cache_alloc_noprof+0x62/0x770 [ 280.739812][ T9475] should_failslab+0xc2/0x120 [ 280.739848][ T9475] kmem_cache_alloc_noprof+0x83/0x770 [ 280.739876][ T9475] ? ioctx_alloc+0x1ad/0x2230 [ 280.739903][ T9475] ? ioctx_alloc+0x1ad/0x2230 [ 280.739923][ T9475] ioctx_alloc+0x1ad/0x2230 [ 280.739957][ T9475] ? find_held_lock+0x2b/0x80 [ 280.739985][ T9475] ? __pfx_ioctx_alloc+0x10/0x10 [ 280.740005][ T9475] ? __might_fault+0x13b/0x190 [ 280.740038][ T9475] __x64_sys_io_setup+0xc9/0x230 [ 280.740063][ T9475] do_syscall_64+0xcd/0xf80 [ 280.740088][ T9475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.740111][ T9475] RIP: 0033:0x7f480ad8f7c9 [ 280.740131][ T9475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 280.740154][ T9475] RSP: 002b:00007f480bc96038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 280.740176][ T9475] RAX: ffffffffffffffda RBX: 00007f480afe5fa0 RCX: 00007f480ad8f7c9 [ 280.740193][ T9475] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 280.740207][ T9475] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 280.740221][ T9475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.740236][ T9475] R13: 00007f480afe6038 R14: 00007f480afe5fa0 R15: 00007ffe5fabdf68 [ 280.740269][ T9475] [ 281.349905][ T9477] zswap: compressor not available [ 281.595181][ T5153] Bluetooth: hci0: command 0x0c1a tx timeout [ 281.925095][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 281.933370][ T5153] Bluetooth: hci2: command 0x0c1a tx timeout [ 281.995329][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 282.630833][ T30] audit: type=1326 audit(1768723968.836:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9492 comm="syz.2.857" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f048cd8f7c9 code=0x0 [ 283.002618][ T9505] netlink: 'syz.0.858': attribute type 8 has an invalid length. [ 283.652702][ T9503] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 283.661918][ T9503] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 283.668110][ T9503] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 283.674242][ T9503] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 283.822018][ T9516] FAULT_INJECTION: forcing a failure. [ 283.822018][ T9516] name failslab, interval 1, probability 0, space 0, times 0 [ 283.869829][ T9516] CPU: 1 UID: 0 PID: 9516 Comm: syz.2.861 Tainted: G U syzkaller #0 PREEMPT(full) [ 283.869869][ T9516] Tainted: [U]=USER [ 283.869878][ T9516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 283.869893][ T9516] Call Trace: [ 283.869901][ T9516] [ 283.869909][ T9516] dump_stack_lvl+0x16c/0x1f0 [ 283.869948][ T9516] should_fail_ex+0x512/0x640 [ 283.869974][ T9516] ? __kmalloc_noprof+0xca/0x910 [ 283.870001][ T9516] should_failslab+0xc2/0x120 [ 283.870033][ T9516] __kmalloc_noprof+0xeb/0x910 [ 283.870056][ T9516] ? ring_buffer_read_start+0x1b9/0x500 [ 283.870092][ T9516] ? ring_buffer_read_start+0x1b9/0x500 [ 283.870130][ T9516] ring_buffer_read_start+0x1b9/0x500 [ 283.870160][ T9516] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 283.870184][ T9516] ? lockdep_init_map_type+0x5c/0x270 [ 283.870210][ T9516] ? ring_buffer_overruns+0x195/0x1f0 [ 283.870237][ T9516] tracing_open+0x93f/0xe10 [ 283.870269][ T9516] do_dentry_open+0x748/0x1590 [ 283.870302][ T9516] ? __pfx_tracing_open+0x10/0x10 [ 283.870336][ T9516] vfs_open+0x82/0x3f0 [ 283.870364][ T9516] path_openat+0x2078/0x3140 [ 283.870406][ T9516] ? __pfx_path_openat+0x10/0x10 [ 283.870449][ T9516] do_filp_open+0x20b/0x470 [ 283.870482][ T9516] ? __pfx_do_filp_open+0x10/0x10 [ 283.870535][ T9516] ? alloc_fd+0x471/0x7d0 [ 283.870573][ T9516] do_sys_openat2+0x121/0x290 [ 283.870598][ T9516] ? __pfx_do_sys_openat2+0x10/0x10 [ 283.870635][ T9516] __x64_sys_openat+0x174/0x210 [ 283.870659][ T9516] ? __pfx___x64_sys_openat+0x10/0x10 [ 283.870699][ T9516] do_syscall_64+0xcd/0xf80 [ 283.870723][ T9516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.870745][ T9516] RIP: 0033:0x7f048cd8f7c9 [ 283.870765][ T9516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.870787][ T9516] RSP: 002b:00007f048dc3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 283.870819][ T9516] RAX: ffffffffffffffda RBX: 00007f048cfe6090 RCX: 00007f048cd8f7c9 [ 283.870836][ T9516] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 283.870852][ T9516] RBP: 00007f048ce13f91 R08: 0000000000000000 R09: 0000000000000000 [ 283.870866][ T9516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.870880][ T9516] R13: 00007f048cfe6128 R14: 00007f048cfe6090 R15: 00007ffd655f2408 [ 283.870915][ T9516] [ 285.288308][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 285.755118][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 285.761258][ T5153] Bluetooth: hci2: command 0x0c1a tx timeout [ 285.765116][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 285.876683][ T52] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 286.595982][ T9562] __vm_enough_memory: pid: 9562, comm: syz.0.871, bytes: 4398046511104 not enough memory for the allocation [ 287.997198][ T52] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 288.245644][ T9576] netlink: 8 bytes leftover after parsing attributes in process `syz.2.874'. [ 288.441530][ T9580] random: crng reseeded on system resumption [ 293.242690][ T9614] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 293.253959][ T9614] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 293.278486][ T9614] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 293.294189][ T9614] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 293.689991][ T9640] netlink: 330 bytes leftover after parsing attributes in process `syz.2.887'. [ 293.721654][ T9642] FAULT_INJECTION: forcing a failure. [ 293.721654][ T9642] name failslab, interval 1, probability 0, space 0, times 0 [ 293.777781][ T9642] CPU: 0 UID: 0 PID: 9642 Comm: syz.3.886 Tainted: G U syzkaller #0 PREEMPT(full) [ 293.777823][ T9642] Tainted: [U]=USER [ 293.777831][ T9642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 293.777847][ T9642] Call Trace: [ 293.777855][ T9642] [ 293.777865][ T9642] dump_stack_lvl+0x16c/0x1f0 [ 293.777910][ T9642] should_fail_ex+0x512/0x640 [ 293.777938][ T9642] ? __kmalloc_node_noprof+0xcd/0x930 [ 293.777974][ T9642] should_failslab+0xc2/0x120 [ 293.778009][ T9642] __kmalloc_node_noprof+0xee/0x930 [ 293.778041][ T9642] ? alloc_slab_obj_exts+0x43/0xf0 [ 293.778065][ T9642] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 293.778106][ T9642] ? alloc_slab_obj_exts+0x43/0xf0 [ 293.778131][ T9642] alloc_slab_obj_exts+0x43/0xf0 [ 293.778158][ T9642] new_slab+0x353/0x430 [ 293.778186][ T9642] ___slab_alloc+0xe18/0x1c90 [ 293.778214][ T9642] ? sk_prot_alloc+0x60/0x2a0 [ 293.778253][ T9642] ? sk_prot_alloc+0x60/0x2a0 [ 293.778275][ T9642] ? __slab_alloc.constprop.0+0x63/0x110 [ 293.778301][ T9642] __slab_alloc.constprop.0+0x63/0x110 [ 293.778334][ T9642] kmem_cache_alloc_noprof+0x44d/0x770 [ 293.778365][ T9642] ? sk_prot_alloc+0x60/0x2a0 [ 293.778394][ T9642] ? sk_prot_alloc+0x60/0x2a0 [ 293.778414][ T9642] ? find_held_lock+0x2b/0x80 [ 293.778443][ T9642] sk_prot_alloc+0x60/0x2a0 [ 293.778469][ T9642] sk_alloc+0x36/0xe30 [ 293.778500][ T9642] inet_create+0x3a1/0x1040 [ 293.778532][ T9642] ? inet_create+0x93/0x1040 [ 293.778567][ T9642] __sock_create+0x339/0x8a0 [ 293.778599][ T9642] __sys_socket+0x14d/0x260 [ 293.778622][ T9642] ? fput+0x70/0xf0 [ 293.778644][ T9642] ? __pfx___sys_socket+0x10/0x10 [ 293.778670][ T9642] ? xfd_validate_state+0x61/0x180 [ 293.778692][ T9642] ? __pfx_ksys_write+0x10/0x10 [ 293.778732][ T9642] __x64_sys_socket+0x72/0xb0 [ 293.778756][ T9642] ? lockdep_hardirqs_on+0x7c/0x110 [ 293.778779][ T9642] do_syscall_64+0xcd/0xf80 [ 293.778804][ T9642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.778828][ T9642] RIP: 0033:0x7f480ad8f7c9 [ 293.778849][ T9642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.778873][ T9642] RSP: 002b:00007f480bc96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 293.778897][ T9642] RAX: ffffffffffffffda RBX: 00007f480afe5fa0 RCX: 00007f480ad8f7c9 [ 293.778914][ T9642] RDX: 0000000000000088 RSI: 0000000000000002 RDI: 0000000000000002 [ 293.778928][ T9642] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 293.778944][ T9642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.778958][ T9642] R13: 00007f480afe6038 R14: 00007f480afe5fa0 R15: 00007ffe5fabdf68 [ 293.778994][ T9642] [ 293.779108][ T9642] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 294.635732][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 294.926198][ T9652] capability: warning: `syz.2.888' uses 32-bit capabilities (legacy support in use) [ 295.275356][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 295.357774][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 295.357781][ T5153] Bluetooth: hci2: command 0x0c1a tx timeout [ 295.639736][ T52] Bluetooth: hci2: unexpected event 0x14 length: 16 > 6 [ 295.787787][ T9655] FAULT_INJECTION: forcing a failure. [ 295.787787][ T9655] name failslab, interval 1, probability 0, space 0, times 0 [ 295.850222][ T9655] CPU: 1 UID: 0 PID: 9655 Comm: syz.0.889 Tainted: G U syzkaller #0 PREEMPT(full) [ 295.850258][ T9655] Tainted: [U]=USER [ 295.850265][ T9655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 295.850278][ T9655] Call Trace: [ 295.850286][ T9655] [ 295.850294][ T9655] dump_stack_lvl+0x16c/0x1f0 [ 295.850340][ T9655] should_fail_ex+0x512/0x640 [ 295.850368][ T9655] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 295.850400][ T9655] should_failslab+0xc2/0x120 [ 295.850433][ T9655] kmem_cache_alloc_node_noprof+0x86/0x800 [ 295.850460][ T9655] ? __alloc_skb+0x156/0x410 [ 295.850493][ T9655] ? __alloc_skb+0x156/0x410 [ 295.850519][ T9655] __alloc_skb+0x156/0x410 [ 295.850545][ T9655] ? __alloc_skb+0x35d/0x410 [ 295.850573][ T9655] ? __pfx___alloc_skb+0x10/0x10 [ 295.850608][ T9655] ? __pfx___register_sysctl_table+0x10/0x10 [ 295.850641][ T9655] ? is_module_address+0x69/0xf0 [ 295.850673][ T9655] inet_netconf_notify_devconf+0x8b/0x1f0 [ 295.850705][ T9655] __devinet_sysctl_register+0x227/0x360 [ 295.850732][ T9655] ? rcu_is_watching+0x12/0xc0 [ 295.850762][ T9655] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 295.850787][ T9655] ? __kmalloc_node_track_caller_noprof+0x370/0x930 [ 295.850828][ T9655] ? __asan_memcpy+0x3c/0x60 [ 295.850860][ T9655] devinet_init_net+0x347/0x910 [ 295.850890][ T9655] ? __pfx_devinet_init_net+0x10/0x10 [ 295.850916][ T9655] ops_init+0x1e2/0x5f0 [ 295.850954][ T9655] setup_net+0x11d/0x3a0 [ 295.850989][ T9655] ? __pfx_setup_net+0x10/0x10 [ 295.851021][ T9655] ? lockdep_init_map_type+0x5c/0x270 [ 295.851047][ T9655] ? mutex_init_lockep+0x110/0x150 [ 295.851079][ T9655] copy_net_ns+0x351/0x7c0 [ 295.851105][ T9655] create_new_namespaces+0x3ea/0xab0 [ 295.851147][ T9655] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 295.851191][ T9655] ksys_unshare+0x45b/0xa40 [ 295.851215][ T9655] ? __pfx_ksys_unshare+0x10/0x10 [ 295.851255][ T9655] ? xfd_validate_state+0x61/0x180 [ 295.851290][ T9655] __x64_sys_unshare+0x31/0x40 [ 295.851312][ T9655] do_syscall_64+0xcd/0xf80 [ 295.851339][ T9655] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.851364][ T9655] RIP: 0033:0x7ff57958f7c9 [ 295.851386][ T9655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.851410][ T9655] RSP: 002b:00007ff57a458038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 295.851435][ T9655] RAX: ffffffffffffffda RBX: 00007ff5797e6180 RCX: 00007ff57958f7c9 [ 295.851453][ T9655] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 295.851469][ T9655] RBP: 00007ff579613f91 R08: 0000000000000000 R09: 0000000000000000 [ 295.851485][ T9655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 295.851501][ T9655] R13: 00007ff5797e6218 R14: 00007ff5797e6180 R15: 00007fff7d475ba8 [ 295.851538][ T9655] [ 297.345338][ T9665] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 297.358863][ T9679] FAULT_INJECTION: forcing a failure. [ 297.358863][ T9679] name failslab, interval 1, probability 0, space 0, times 0 [ 297.371637][ T9679] CPU: 0 UID: 0 PID: 9679 Comm: syz.3.894 Tainted: G U syzkaller #0 PREEMPT(full) [ 297.371661][ T9679] Tainted: [U]=USER [ 297.371665][ T9679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 297.371675][ T9679] Call Trace: [ 297.371681][ T9679] [ 297.371687][ T9679] dump_stack_lvl+0x16c/0x1f0 [ 297.371714][ T9679] should_fail_ex+0x512/0x640 [ 297.371731][ T9679] ? kmem_cache_alloc_noprof+0x62/0x770 [ 297.371750][ T9679] should_failslab+0xc2/0x120 [ 297.371771][ T9679] kmem_cache_alloc_noprof+0x83/0x770 [ 297.371787][ T9679] ? stack_depot_save_flags+0x29/0x9b0 [ 297.371803][ T9679] ? alloc_empty_file+0x55/0x1e0 [ 297.371821][ T9679] ? alloc_empty_file+0x55/0x1e0 [ 297.371833][ T9679] ? kasan_save_track+0x14/0x30 [ 297.371849][ T9679] alloc_empty_file+0x55/0x1e0 [ 297.371864][ T9679] path_openat+0xde/0x3140 [ 297.371882][ T9679] ? do_syscall_64+0xcd/0xf80 [ 297.371894][ T9679] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.371913][ T9679] ? __pfx_path_openat+0x10/0x10 [ 297.371939][ T9679] do_filp_open+0x20b/0x470 [ 297.371958][ T9679] ? __pfx_do_filp_open+0x10/0x10 [ 297.371990][ T9679] ? alloc_fd+0x471/0x7d0 [ 297.372022][ T9679] do_sys_openat2+0x121/0x290 [ 297.372039][ T9679] ? __pfx_do_sys_openat2+0x10/0x10 [ 297.372055][ T9679] ? find_held_lock+0x2b/0x80 [ 297.372077][ T9679] __x64_sys_openat+0x174/0x210 [ 297.372092][ T9679] ? __pfx___x64_sys_openat+0x10/0x10 [ 297.372114][ T9679] do_syscall_64+0xcd/0xf80 [ 297.372128][ T9679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.372141][ T9679] RIP: 0033:0x7f480ad8f7c9 [ 297.372153][ T9679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.372166][ T9679] RSP: 002b:00007f480bc75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 297.372179][ T9679] RAX: ffffffffffffffda RBX: 00007f480afe6090 RCX: 00007f480ad8f7c9 [ 297.372187][ T9679] RDX: 0000000000115c80 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 297.372196][ T9679] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 297.372204][ T9679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 297.372212][ T9679] R13: 00007f480afe6128 R14: 00007f480afe6090 R15: 00007ffe5fabdf68 [ 297.372231][ T9679] [ 297.610963][ T9665] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 297.617249][ T9665] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 297.623801][ T9665] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 297.916290][ T52] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 298.567203][ T52] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6 [ 298.795042][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 298.816709][ T9698] FAULT_INJECTION: forcing a failure. [ 298.816709][ T9698] name failslab, interval 1, probability 0, space 0, times 0 [ 298.841939][ T9698] CPU: 1 UID: 0 PID: 9698 Comm: syz.2.900 Tainted: G U syzkaller #0 PREEMPT(full) [ 298.841982][ T9698] Tainted: [U]=USER [ 298.841990][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 298.842004][ T9698] Call Trace: [ 298.842013][ T9698] [ 298.842023][ T9698] dump_stack_lvl+0x16c/0x1f0 [ 298.842067][ T9698] should_fail_ex+0x512/0x640 [ 298.842093][ T9698] ? __kmalloc_cache_noprof+0x5f/0x800 [ 298.842126][ T9698] should_failslab+0xc2/0x120 [ 298.842162][ T9698] __kmalloc_cache_noprof+0x80/0x800 [ 298.842188][ T9698] ? ring_buffer_read_start+0x149/0x500 [ 298.842226][ T9698] ? ring_buffer_read_start+0x149/0x500 [ 298.842257][ T9698] ring_buffer_read_start+0x149/0x500 [ 298.842289][ T9698] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 298.842318][ T9698] ? lockdep_init_map_type+0x5c/0x270 [ 298.842344][ T9698] ? ring_buffer_overruns+0x195/0x1f0 [ 298.842375][ T9698] tracing_open+0x93f/0xe10 [ 298.842410][ T9698] do_dentry_open+0x748/0x1590 [ 298.842443][ T9698] ? __pfx_tracing_open+0x10/0x10 [ 298.842481][ T9698] vfs_open+0x82/0x3f0 [ 298.842513][ T9698] path_openat+0x2078/0x3140 [ 298.842560][ T9698] ? __pfx_path_openat+0x10/0x10 [ 298.842617][ T9698] do_filp_open+0x20b/0x470 [ 298.842655][ T9698] ? __pfx_do_filp_open+0x10/0x10 [ 298.842719][ T9698] ? alloc_fd+0x471/0x7d0 [ 298.842764][ T9698] do_sys_openat2+0x121/0x290 [ 298.842794][ T9698] ? __pfx_do_sys_openat2+0x10/0x10 [ 298.842834][ T9698] __x64_sys_openat+0x174/0x210 [ 298.842864][ T9698] ? __pfx___x64_sys_openat+0x10/0x10 [ 298.842908][ T9698] do_syscall_64+0xcd/0xf80 [ 298.842935][ T9698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.842960][ T9698] RIP: 0033:0x7f048cd8f7c9 [ 298.842980][ T9698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.843004][ T9698] RSP: 002b:00007f048dc3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 298.843028][ T9698] RAX: ffffffffffffffda RBX: 00007f048cfe6090 RCX: 00007f048cd8f7c9 [ 298.843045][ T9698] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 298.843062][ T9698] RBP: 00007f048ce13f91 R08: 0000000000000000 R09: 0000000000000000 [ 298.843076][ T9698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 298.843090][ T9698] R13: 00007f048cfe6128 R14: 00007f048cfe6090 R15: 00007ffd655f2408 [ 298.843121][ T9698] [ 299.495461][ T9691] Process accounting paused [ 299.677322][ T5153] Bluetooth: hci1: command 0x0c1a tx timeout [ 299.679610][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 299.684198][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 300.739213][ T52] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 301.041112][ T52] Bluetooth: hci2: unexpected event 0x14 length: 16 > 6 [ 301.127887][ T9719] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 301.205067][ T9719] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 301.215584][ T9719] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 301.225676][ T9719] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 301.426194][ T52] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 301.892984][ T9745] zswap: compressor W;0?u=8}L(Eֹjj8+xpȜNkRuoo 6 [ 302.993513][ T9769] FAULT_INJECTION: forcing a failure. [ 302.993513][ T9769] name failslab, interval 1, probability 0, space 0, times 0 [ 303.065306][ T9769] CPU: 0 UID: 0 PID: 9769 Comm: syz.2.916 Tainted: G U syzkaller #0 PREEMPT(full) [ 303.065345][ T9769] Tainted: [U]=USER [ 303.065352][ T9769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 303.065378][ T9769] Call Trace: [ 303.065387][ T9769] [ 303.065396][ T9769] dump_stack_lvl+0x16c/0x1f0 [ 303.065436][ T9769] should_fail_ex+0x512/0x640 [ 303.065463][ T9769] ? __kmalloc_cache_noprof+0x5f/0x800 [ 303.065493][ T9769] should_failslab+0xc2/0x120 [ 303.065528][ T9769] __kmalloc_cache_noprof+0x80/0x800 [ 303.065555][ T9769] ? ring_buffer_read_start+0x149/0x500 [ 303.065592][ T9769] ? ring_buffer_read_start+0x149/0x500 [ 303.065620][ T9769] ring_buffer_read_start+0x149/0x500 [ 303.065647][ T9769] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 303.065674][ T9769] ? lockdep_init_map_type+0x5c/0x270 [ 303.065697][ T9769] ? ring_buffer_overruns+0x195/0x1f0 [ 303.065727][ T9769] tracing_open+0x93f/0xe10 [ 303.065756][ T9769] do_dentry_open+0x748/0x1590 [ 303.065784][ T9769] ? __pfx_tracing_open+0x10/0x10 [ 303.065818][ T9769] vfs_open+0x82/0x3f0 [ 303.065849][ T9769] path_openat+0x2078/0x3140 [ 303.065892][ T9769] ? __pfx_path_openat+0x10/0x10 [ 303.065936][ T9769] do_filp_open+0x20b/0x470 [ 303.065971][ T9769] ? __pfx_do_filp_open+0x10/0x10 [ 303.066029][ T9769] ? alloc_fd+0x471/0x7d0 [ 303.066071][ T9769] do_sys_openat2+0x121/0x290 [ 303.066098][ T9769] ? __pfx_do_sys_openat2+0x10/0x10 [ 303.066133][ T9769] __x64_sys_openat+0x174/0x210 [ 303.066159][ T9769] ? __pfx___x64_sys_openat+0x10/0x10 [ 303.066200][ T9769] do_syscall_64+0xcd/0xf80 [ 303.066225][ T9769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.066251][ T9769] RIP: 0033:0x7f048cd8f7c9 [ 303.066281][ T9769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.066306][ T9769] RSP: 002b:00007f048dc3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 303.066331][ T9769] RAX: ffffffffffffffda RBX: 00007f048cfe6090 RCX: 00007f048cd8f7c9 [ 303.066345][ T9769] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 303.066360][ T9769] RBP: 00007f048ce13f91 R08: 0000000000000000 R09: 0000000000000000 [ 303.066376][ T9769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.066387][ T9769] R13: 00007f048cfe6128 R14: 00007f048cfe6090 R15: 00007ffd655f2408 [ 303.066422][ T9769] [ 303.275151][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 303.329868][ T52] Bluetooth: hci2: command 0x0c1a tx timeout [ 303.335992][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 306.874286][ T9846] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 308.104037][ T9866] FAULT_INJECTION: forcing a failure. [ 308.104037][ T9866] name failslab, interval 1, probability 0, space 0, times 0 [ 308.145259][ T9866] CPU: 1 UID: 0 PID: 9866 Comm: syz.2.943 Tainted: G U syzkaller #0 PREEMPT(full) [ 308.145307][ T9866] Tainted: [U]=USER [ 308.145316][ T9866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 308.145332][ T9866] Call Trace: [ 308.145340][ T9866] [ 308.145350][ T9866] dump_stack_lvl+0x16c/0x1f0 [ 308.145395][ T9866] should_fail_ex+0x512/0x640 [ 308.145424][ T9866] ? __kmalloc_cache_noprof+0x5f/0x800 [ 308.145456][ T9866] should_failslab+0xc2/0x120 [ 308.145494][ T9866] __kmalloc_cache_noprof+0x80/0x800 [ 308.145523][ T9866] ? ring_buffer_read_start+0x149/0x500 [ 308.145563][ T9866] ? ring_buffer_read_start+0x149/0x500 [ 308.145593][ T9866] ring_buffer_read_start+0x149/0x500 [ 308.145626][ T9866] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 308.145656][ T9866] ? lockdep_init_map_type+0x5c/0x270 [ 308.145683][ T9866] ? ring_buffer_overruns+0x195/0x1f0 [ 308.145714][ T9866] tracing_open+0x93f/0xe10 [ 308.145747][ T9866] do_dentry_open+0x748/0x1590 [ 308.145779][ T9866] ? __pfx_tracing_open+0x10/0x10 [ 308.145817][ T9866] vfs_open+0x82/0x3f0 [ 308.145848][ T9866] path_openat+0x2078/0x3140 [ 308.145893][ T9866] ? __pfx_path_openat+0x10/0x10 [ 308.145952][ T9866] do_filp_open+0x20b/0x470 [ 308.145991][ T9866] ? __pfx_do_filp_open+0x10/0x10 [ 308.146053][ T9866] ? alloc_fd+0x471/0x7d0 [ 308.146096][ T9866] do_sys_openat2+0x121/0x290 [ 308.146120][ T9866] ? __pfx_do_sys_openat2+0x10/0x10 [ 308.146157][ T9866] __x64_sys_openat+0x174/0x210 [ 308.146181][ T9866] ? __pfx___x64_sys_openat+0x10/0x10 [ 308.146221][ T9866] do_syscall_64+0xcd/0xf80 [ 308.146246][ T9866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.146271][ T9866] RIP: 0033:0x7f048cd8f7c9 [ 308.146292][ T9866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.146317][ T9866] RSP: 002b:00007f048dc3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 308.146339][ T9866] RAX: ffffffffffffffda RBX: 00007f048cfe6090 RCX: 00007f048cd8f7c9 [ 308.146355][ T9866] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 308.146371][ T9866] RBP: 00007f048ce13f91 R08: 0000000000000000 R09: 0000000000000000 [ 308.146387][ T9866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.146399][ T9866] R13: 00007f048cfe6128 R14: 00007f048cfe6090 R15: 00007ffd655f2408 [ 308.146433][ T9866] [ 309.162702][ T9881] FAULT_INJECTION: forcing a failure. [ 309.162702][ T9881] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 309.176326][ T9881] CPU: 0 UID: 0 PID: 9881 Comm: syz.2.948 Tainted: G U syzkaller #0 PREEMPT(full) [ 309.176351][ T9881] Tainted: [U]=USER [ 309.176356][ T9881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 309.176364][ T9881] Call Trace: [ 309.176371][ T9881] [ 309.176377][ T9881] dump_stack_lvl+0x16c/0x1f0 [ 309.176405][ T9881] should_fail_ex+0x512/0x640 [ 309.176425][ T9881] should_fail_alloc_page+0xe7/0x130 [ 309.176448][ T9881] prepare_alloc_pages+0x401/0x670 [ 309.176472][ T9881] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 309.176494][ T9881] ? __lock_acquire+0x436/0x2890 [ 309.176510][ T9881] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 309.176526][ T9881] ? __lock_acquire+0x436/0x2890 [ 309.176538][ T9881] ? find_held_lock+0x2b/0x80 [ 309.176557][ T9881] ? __lock_acquire+0x436/0x2890 [ 309.176573][ T9881] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 309.176594][ T9881] ? policy_nodemask+0xea/0x4e0 [ 309.176615][ T9881] alloc_pages_mpol+0x1fb/0x550 [ 309.176635][ T9881] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 309.176656][ T9881] ? __anon_vma_prepare+0x2db/0x5e0 [ 309.176673][ T9881] folio_alloc_mpol_noprof+0x36/0x2f0 [ 309.176688][ T9881] vma_alloc_folio_noprof+0xed/0x1e0 [ 309.176701][ T9881] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 309.176714][ T9881] ? __anon_vma_prepare+0x2e2/0x5e0 [ 309.176733][ T9881] do_anonymous_page+0xc81/0x2190 [ 309.176754][ T9881] __handle_mm_fault+0x1ecf/0x2bb0 [ 309.176772][ T9881] ? __pfx___handle_mm_fault+0x10/0x10 [ 309.176802][ T9881] handle_mm_fault+0x3fe/0xad0 [ 309.176819][ T9881] __get_user_pages+0x54e/0x3590 [ 309.176846][ T9881] ? __pfx___get_user_pages+0x10/0x10 [ 309.176871][ T9881] populate_vma_page_range+0x267/0x3f0 [ 309.176892][ T9881] ? __pfx_populate_vma_page_range+0x10/0x10 [ 309.176912][ T9881] ? __pfx_find_vma_intersection+0x10/0x10 [ 309.176931][ T9881] ? do_mmap+0x69c/0x1210 [ 309.176951][ T9881] __mm_populate+0x1d8/0x380 [ 309.176972][ T9881] ? __pfx___mm_populate+0x10/0x10 [ 309.176993][ T9881] ? up_write+0x282/0x4e0 [ 309.177008][ T9881] vm_mmap_pgoff+0x37f/0x470 [ 309.177030][ T9881] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 309.177052][ T9881] ? __x64_sys_futex+0x1e0/0x4c0 [ 309.177075][ T9881] ? __x64_sys_futex+0x1e9/0x4c0 [ 309.177093][ T9881] ksys_mmap_pgoff+0x7d/0x5c0 [ 309.177112][ T9881] ? xfd_validate_state+0x61/0x180 [ 309.177125][ T9881] ? __pfx_do_writev+0x10/0x10 [ 309.177145][ T9881] __x64_sys_mmap+0x125/0x190 [ 309.177160][ T9881] do_syscall_64+0xcd/0xf80 [ 309.177175][ T9881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.177189][ T9881] RIP: 0033:0x7f048cd8f7c9 [ 309.177201][ T9881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.177215][ T9881] RSP: 002b:00007f048dc5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 309.177228][ T9881] RAX: ffffffffffffffda RBX: 00007f048cfe5fa0 RCX: 00007f048cd8f7c9 [ 309.177237][ T9881] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 309.177246][ T9881] RBP: 00007f048ce13f91 R08: 0000000000000002 R09: 0000000000008000 [ 309.177254][ T9881] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 309.177262][ T9881] R13: 00007f048cfe6038 R14: 00007f048cfe5fa0 R15: 00007ffd655f2408 [ 309.177282][ T9881] [ 311.439834][ T9900] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 311.535873][ T9900] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 311.615365][ T9900] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 311.633557][ T9900] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 312.402965][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 313.255679][ T9935] netlink: 12 bytes leftover after parsing attributes in process `syz.2.957'. [ 313.599662][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 313.675065][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 313.675071][ T52] Bluetooth: hci2: command 0x0c1a tx timeout [ 313.964666][ T5840] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 314.531855][ T9972] FAULT_INJECTION: forcing a failure. [ 314.531855][ T9972] name failslab, interval 1, probability 0, space 0, times 0 [ 314.627373][ T9972] CPU: 1 UID: 0 PID: 9972 Comm: syz.0.969 Tainted: G U syzkaller #0 PREEMPT(full) [ 314.627407][ T9972] Tainted: [U]=USER [ 314.627412][ T9972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 314.627421][ T9972] Call Trace: [ 314.627426][ T9972] [ 314.627432][ T9972] dump_stack_lvl+0x16c/0x1f0 [ 314.627466][ T9972] should_fail_ex+0x512/0x640 [ 314.627482][ T9972] ? kmem_cache_alloc_noprof+0x62/0x770 [ 314.627501][ T9972] should_failslab+0xc2/0x120 [ 314.627521][ T9972] kmem_cache_alloc_noprof+0x83/0x770 [ 314.627538][ T9972] ? vm_area_alloc+0x1f/0x160 [ 314.627555][ T9972] ? vm_area_alloc+0x1f/0x160 [ 314.627567][ T9972] vm_area_alloc+0x1f/0x160 [ 314.627579][ T9972] __mmap_region+0x1080/0x2a00 [ 314.627598][ T9972] ? __pfx___mmap_region+0x10/0x10 [ 314.627634][ T9972] ? kernel_text_address+0x8d/0x100 [ 314.627650][ T9972] ? __kernel_text_address+0xd/0x40 [ 314.627665][ T9972] ? unwind_get_return_address+0x59/0xa0 [ 314.627691][ T9972] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 314.627714][ T9972] ? stack_trace_save+0x8e/0xc0 [ 314.627759][ T9972] ? rcu_is_watching+0x12/0xc0 [ 314.627782][ T9972] mmap_region+0x32b/0x3f0 [ 314.627801][ T9972] do_mmap+0xa3e/0x1210 [ 314.627824][ T9972] ? __pfx_do_mmap+0x10/0x10 [ 314.627843][ T9972] ? __pfx_down_write_killable+0x10/0x10 [ 314.627862][ T9972] vm_mmap_pgoff+0x29e/0x470 [ 314.627884][ T9972] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 314.627900][ T9972] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 314.627916][ T9972] ? hugetlbfs_get_inode+0x31f/0x700 [ 314.627935][ T9972] ksys_mmap_pgoff+0x1c8/0x5c0 [ 314.627957][ T9972] __x64_sys_mmap+0x125/0x190 [ 314.627973][ T9972] do_syscall_64+0xcd/0xf80 [ 314.627986][ T9972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.628000][ T9972] RIP: 0033:0x7ff57958f7c9 [ 314.628012][ T9972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.628025][ T9972] RSP: 002b:00007ff57a479038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 314.628038][ T9972] RAX: ffffffffffffffda RBX: 00007ff5797e6090 RCX: 00007ff57958f7c9 [ 314.628047][ T9972] RDX: 0000000000000003 RSI: 0000000000a00006 RDI: 0000000000000000 [ 314.628055][ T9972] RBP: 00007ff579613f91 R08: ffffffffffffffff R09: 0000000000000000 [ 314.628064][ T9972] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 314.628072][ T9972] R13: 00007ff5797e6128 R14: 00007ff5797e6090 R15: 00007fff7d475ba8 [ 314.628091][ T9972] [ 315.122100][ T5840] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6 [ 315.659350][ T5840] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5 [ 315.779651][ T9994] FAULT_INJECTION: forcing a failure. [ 315.779651][ T9994] name failslab, interval 1, probability 0, space 0, times 0 [ 315.801948][ T9994] CPU: 0 UID: 0 PID: 9994 Comm: syz.0.975 Tainted: G U syzkaller #0 PREEMPT(full) [ 315.801989][ T9994] Tainted: [U]=USER [ 315.801997][ T9994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 315.802013][ T9994] Call Trace: [ 315.802021][ T9994] [ 315.802031][ T9994] dump_stack_lvl+0x16c/0x1f0 [ 315.802075][ T9994] should_fail_ex+0x512/0x640 [ 315.802103][ T9994] ? kmem_cache_alloc_noprof+0x62/0x770 [ 315.802137][ T9994] should_failslab+0xc2/0x120 [ 315.802171][ T9994] kmem_cache_alloc_noprof+0x83/0x770 [ 315.802199][ T9994] ? vm_area_dup+0x27/0x8d0 [ 315.802229][ T9994] ? vm_area_dup+0x27/0x8d0 [ 315.802250][ T9994] vm_area_dup+0x27/0x8d0 [ 315.802277][ T9994] __split_vma+0x18e/0x1050 [ 315.802321][ T9994] ? __pfx___split_vma+0x10/0x10 [ 315.802356][ T9994] ? __pfx_mas_prev+0x10/0x10 [ 315.802389][ T9994] vms_gather_munmap_vmas+0x3aa/0x1340 [ 315.802422][ T9994] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 315.802455][ T9994] ? mas_walk+0x6f5/0x980 [ 315.802499][ T9994] __mmap_region+0x47c/0x2a00 [ 315.802531][ T9994] ? __pfx___mmap_region+0x10/0x10 [ 315.802557][ T9994] ? __lock_acquire+0x436/0x2890 [ 315.802593][ T9994] ? lock_acquire+0x179/0x330 [ 315.802614][ T9994] ? find_held_lock+0x2b/0x80 [ 315.802645][ T9994] ? finish_task_switch.isra.0+0x202/0xbd0 [ 315.802680][ T9994] ? rcu_is_watching+0x12/0xc0 [ 315.802712][ T9994] ? finish_task_switch.isra.0+0x207/0xbd0 [ 315.802742][ T9994] ? lockdep_hardirqs_on+0x7c/0x110 [ 315.802764][ T9994] ? finish_task_switch.isra.0+0x207/0xbd0 [ 315.802866][ T9994] ? rcu_is_watching+0x12/0xc0 [ 315.802903][ T9994] mmap_region+0x1ab/0x3f0 [ 315.802928][ T9994] ? __get_unmapped_area+0x267/0x3f0 [ 315.802967][ T9994] do_mmap+0xa3e/0x1210 [ 315.803006][ T9994] ? __pfx_do_mmap+0x10/0x10 [ 315.803038][ T9994] ? __pfx_down_write_killable+0x10/0x10 [ 315.803073][ T9994] vm_mmap_pgoff+0x29e/0x470 [ 315.803113][ T9994] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 315.803145][ T9994] ? find_held_lock+0x2b/0x80 [ 315.803179][ T9994] ? __x64_sys_futex+0x1e0/0x4c0 [ 315.803205][ T9994] ? __x64_sys_futex+0x1e9/0x4c0 [ 315.803237][ T9994] ksys_mmap_pgoff+0x7d/0x5c0 [ 315.803270][ T9994] ? xfd_validate_state+0x61/0x180 [ 315.803315][ T9994] __x64_sys_mmap+0x125/0x190 [ 315.803346][ T9994] do_syscall_64+0xcd/0xf80 [ 315.803371][ T9994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.803395][ T9994] RIP: 0033:0x7ff57958f7c9 [ 315.803415][ T9994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 315.803438][ T9994] RSP: 002b:00007ff57a49a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 315.803462][ T9994] RAX: ffffffffffffffda RBX: 00007ff5797e5fa0 RCX: 00007ff57958f7c9 [ 315.803479][ T9994] RDX: 0000000000000005 RSI: 0000000000020009 RDI: 0000000000000000 [ 315.803491][ T9994] RBP: 00007ff579613f91 R08: 0000000000000008 R09: 0000000001008000 [ 315.803507][ T9994] R10: 0000000000000eb2 R11: 0000000000000246 R12: 0000000000000000 [ 315.803521][ T9994] R13: 00007ff5797e6038 R14: 00007ff5797e5fa0 R15: 00007fff7d475ba8 [ 315.803554][ T9994] [ 316.435670][ T9999] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 316.468761][ T9999] kafs: addr_prefs: Invalid Command [ 316.899992][T10010] FAULT_INJECTION: forcing a failure. [ 316.899992][T10010] name failslab, interval 1, probability 0, space 0, times 0 [ 316.912911][T10010] CPU: 0 UID: 0 PID: 10010 Comm: syz.3.978 Tainted: G U syzkaller #0 PREEMPT(full) [ 316.912954][T10010] Tainted: [U]=USER [ 316.912963][T10010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 316.912979][T10010] Call Trace: [ 316.912988][T10010] [ 316.912998][T10010] dump_stack_lvl+0x16c/0x1f0 [ 316.913044][T10010] should_fail_ex+0x512/0x640 [ 316.913073][T10010] ? __kmalloc_cache_noprof+0x5f/0x800 [ 316.913105][T10010] should_failslab+0xc2/0x120 [ 316.913140][T10010] __kmalloc_cache_noprof+0x80/0x800 [ 316.913168][T10010] ? ring_buffer_read_start+0x149/0x500 [ 316.913205][T10010] ? ring_buffer_read_start+0x149/0x500 [ 316.913235][T10010] ring_buffer_read_start+0x149/0x500 [ 316.913268][T10010] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 316.913298][T10010] ? lockdep_init_map_type+0x5c/0x270 [ 316.913324][T10010] ? ring_buffer_overruns+0x195/0x1f0 [ 316.913356][T10010] tracing_open+0x93f/0xe10 [ 316.913390][T10010] do_dentry_open+0x748/0x1590 [ 316.913420][T10010] ? __pfx_tracing_open+0x10/0x10 [ 316.913467][T10010] vfs_open+0x82/0x3f0 [ 316.913500][T10010] path_openat+0x2078/0x3140 [ 316.913549][T10010] ? __pfx_path_openat+0x10/0x10 [ 316.913601][T10010] do_filp_open+0x20b/0x470 [ 316.913650][T10010] ? __pfx_do_filp_open+0x10/0x10 [ 316.913715][T10010] ? alloc_fd+0x471/0x7d0 [ 316.913763][T10010] do_sys_openat2+0x121/0x290 [ 316.913790][T10010] ? __pfx_do_sys_openat2+0x10/0x10 [ 316.913832][T10010] __x64_sys_openat+0x174/0x210 [ 316.913859][T10010] ? __pfx___x64_sys_openat+0x10/0x10 [ 316.913903][T10010] do_syscall_64+0xcd/0xf80 [ 316.913929][T10010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.913954][T10010] RIP: 0033:0x7f480ad8f7c9 [ 316.913975][T10010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.913999][T10010] RSP: 002b:00007f480bc75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 316.914024][T10010] RAX: ffffffffffffffda RBX: 00007f480afe6090 RCX: 00007f480ad8f7c9 [ 316.914041][T10010] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 316.914058][T10010] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 316.914074][T10010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.914090][T10010] R13: 00007f480afe6128 R14: 00007f480afe6090 R15: 00007ffe5fabdf68 [ 316.914128][T10010] [ 317.664455][T10020] FAULT_INJECTION: forcing a failure. [ 317.664455][T10020] name failslab, interval 1, probability 0, space 0, times 0 [ 317.837352][T10020] CPU: 1 UID: 0 PID: 10020 Comm: syz.2.979 Tainted: G U syzkaller #0 PREEMPT(full) [ 317.837397][T10020] Tainted: [U]=USER [ 317.837406][T10020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 317.837422][T10020] Call Trace: [ 317.837431][T10020] [ 317.837441][T10020] dump_stack_lvl+0x16c/0x1f0 [ 317.837486][T10020] should_fail_ex+0x512/0x640 [ 317.837515][T10020] ? __kmalloc_cache_noprof+0x5f/0x800 [ 317.837548][T10020] should_failslab+0xc2/0x120 [ 317.837585][T10020] __kmalloc_cache_noprof+0x80/0x800 [ 317.837612][T10020] ? vma_wants_writenotify+0x10b/0x390 [ 317.837643][T10020] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 317.837676][T10020] ? __mt_destroy+0xa8/0x3e0 [ 317.837703][T10020] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 317.837734][T10020] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 317.837769][T10020] hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 317.837801][T10020] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 317.837842][T10020] mmap_action_complete+0x236/0x3f0 [ 317.837878][T10020] __mmap_region+0xcd8/0x2a00 [ 317.837913][T10020] ? __pfx___mmap_region+0x10/0x10 [ 317.837970][T10020] ? kernel_text_address+0x8d/0x100 [ 317.837998][T10020] ? __kernel_text_address+0xd/0x40 [ 317.838025][T10020] ? unwind_get_return_address+0x59/0xa0 [ 317.838099][T10020] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 317.838143][T10020] ? stack_trace_save+0x8e/0xc0 [ 317.838235][T10020] ? rcu_is_watching+0x12/0xc0 [ 317.838280][T10020] mmap_region+0x32b/0x3f0 [ 317.838316][T10020] do_mmap+0xa3e/0x1210 [ 317.838358][T10020] ? __pfx_do_mmap+0x10/0x10 [ 317.838395][T10020] ? __pfx_down_write_killable+0x10/0x10 [ 317.838432][T10020] vm_mmap_pgoff+0x29e/0x470 [ 317.838473][T10020] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 317.838504][T10020] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 317.838534][T10020] ? hugetlbfs_get_inode+0x31f/0x700 [ 317.838571][T10020] ksys_mmap_pgoff+0x1c8/0x5c0 [ 317.838611][T10020] __x64_sys_mmap+0x125/0x190 [ 317.838642][T10020] do_syscall_64+0xcd/0xf80 [ 317.838668][T10020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.838694][T10020] RIP: 0033:0x7f048cd8f7c9 [ 317.838715][T10020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 317.838740][T10020] RSP: 002b:00007f048dc3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 317.838765][T10020] RAX: ffffffffffffffda RBX: 00007f048cfe6090 RCX: 00007f048cd8f7c9 [ 317.838784][T10020] RDX: 0000000000000003 RSI: 0000000000a00006 RDI: 0000000000000000 [ 317.838800][T10020] RBP: 00007f048ce13f91 R08: ffffffffffffffff R09: 0000000000000000 [ 317.838817][T10020] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 317.838834][T10020] R13: 00007f048cfe6128 R14: 00007f048cfe6090 R15: 00007ffd655f2408 [ 317.838872][T10020] [ 318.563342][ T5840] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5 [ 319.295024][T10055] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in; [ 319.295024][T10055] program syz.1.985 not setting count and/or reply_len properly [ 321.439146][ T5840] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6 [ 321.904341][T10092] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 321.936500][T10092] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 321.947354][T10092] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 321.978356][T10092] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 322.017881][ T5840] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6 [ 322.400784][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.414162][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.341426][T10106] zswap: compressor W;0?u=8}L(Eֹjj8+xpȜNkRuoo [ 328.851920][T10206] dump_stack_lvl+0x16c/0x1f0 [ 328.851967][T10206] should_fail_ex+0x512/0x640 [ 328.851996][T10206] ? __kmalloc_cache_noprof+0x5f/0x800 [ 328.852030][T10206] should_failslab+0xc2/0x120 [ 328.852067][T10206] __kmalloc_cache_noprof+0x80/0x800 [ 328.852095][T10206] ? vma_wants_writenotify+0x10b/0x390 [ 328.852127][T10206] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 328.852161][T10206] ? __mt_destroy+0xa8/0x3e0 [ 328.852188][T10206] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 328.852219][T10206] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 328.852265][T10206] hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 328.852297][T10206] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 328.852335][T10206] mmap_action_complete+0x236/0x3f0 [ 328.852366][T10206] __mmap_region+0xcd8/0x2a00 [ 328.852397][T10206] ? __pfx___mmap_region+0x10/0x10 [ 328.852453][T10206] ? kernel_text_address+0x8d/0x100 [ 328.852480][T10206] ? __kernel_text_address+0xd/0x40 [ 328.852504][T10206] ? unwind_get_return_address+0x59/0xa0 [ 328.852545][T10206] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 328.852583][T10206] ? stack_trace_save+0x8e/0xc0 [ 328.852669][T10206] ? rcu_is_watching+0x12/0xc0 [ 328.852712][T10206] mmap_region+0x32b/0x3f0 [ 328.852748][T10206] do_mmap+0xa3e/0x1210 [ 328.852789][T10206] ? __pfx_do_mmap+0x10/0x10 [ 328.852825][T10206] ? __pfx_down_write_killable+0x10/0x10 [ 328.852861][T10206] vm_mmap_pgoff+0x29e/0x470 [ 328.852902][T10206] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 328.852933][T10206] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 328.852963][T10206] ? hugetlbfs_get_inode+0x31f/0x700 [ 328.853000][T10206] ksys_mmap_pgoff+0x1c8/0x5c0 [ 328.853041][T10206] __x64_sys_mmap+0x125/0x190 [ 328.853072][T10206] do_syscall_64+0xcd/0xf80 [ 328.853099][T10206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.853124][T10206] RIP: 0033:0x7ff57958f7c9 [ 328.853145][T10206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.853175][T10206] RSP: 002b:00007ff57a49a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 328.853202][T10206] RAX: ffffffffffffffda RBX: 00007ff5797e5fa0 RCX: 00007ff57958f7c9 [ 328.853221][T10206] RDX: 0000000000000003 RSI: 0000000000a00006 RDI: 0000000000000000 [ 328.853244][T10206] RBP: 00007ff579613f91 R08: ffffffffffffffff R09: 0000000000000000 [ 328.853262][T10206] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 328.853278][T10206] R13: 00007ff5797e6038 R14: 00007ff5797e5fa0 R15: 00007fff7d475ba8 [ 328.853317][T10206] [ 329.515137][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 329.521286][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 329.532829][ T5153] Bluetooth: hci2: command 0x0c1a tx timeout [ 329.989771][T10210] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 330.008175][T10210] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 330.033921][T10210] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 330.051475][T10210] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 330.091595][T10214] Process accounting resumed [ 330.128163][T10223] zswap: compressor W;0?u=8}L(Eֹjj8+xpȜNkRuoo [ 330.526946][T10243] dump_stack_lvl+0x16c/0x1f0 [ 330.526990][T10243] should_fail_ex+0x512/0x640 [ 330.527017][T10243] ? __kmalloc_noprof+0xca/0x910 [ 330.527048][T10243] should_failslab+0xc2/0x120 [ 330.527092][T10243] __kmalloc_noprof+0xeb/0x910 [ 330.527119][T10243] ? ring_buffer_read_start+0x1b9/0x500 [ 330.527155][T10243] ? ring_buffer_read_start+0x1b9/0x500 [ 330.527183][T10243] ring_buffer_read_start+0x1b9/0x500 [ 330.527215][T10243] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 330.527243][T10243] ? lockdep_init_map_type+0x5c/0x270 [ 330.527269][T10243] ? ring_buffer_overruns+0x195/0x1f0 [ 330.527300][T10243] tracing_open+0x93f/0xe10 [ 330.527333][T10243] do_dentry_open+0x748/0x1590 [ 330.527365][T10243] ? __pfx_tracing_open+0x10/0x10 [ 330.527401][T10243] vfs_open+0x82/0x3f0 [ 330.527430][T10243] path_openat+0x2078/0x3140 [ 330.527475][T10243] ? __pfx_path_openat+0x10/0x10 [ 330.527522][T10243] do_filp_open+0x20b/0x470 [ 330.527557][T10243] ? __pfx_do_filp_open+0x10/0x10 [ 330.527617][T10243] ? alloc_fd+0x471/0x7d0 [ 330.527659][T10243] do_sys_openat2+0x121/0x290 [ 330.527685][T10243] ? __pfx_do_sys_openat2+0x10/0x10 [ 330.527724][T10243] __x64_sys_openat+0x174/0x210 [ 330.527751][T10243] ? __pfx___x64_sys_openat+0x10/0x10 [ 330.527793][T10243] do_syscall_64+0xcd/0xf80 [ 330.527818][T10243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.527841][T10243] RIP: 0033:0x7f8338f8f7c9 [ 330.527862][T10243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.527886][T10243] RSP: 002b:00007f8339d7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 330.527909][T10243] RAX: ffffffffffffffda RBX: 00007f83391e6090 RCX: 00007f8338f8f7c9 [ 330.527925][T10243] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 330.527942][T10243] RBP: 00007f8339013f91 R08: 0000000000000000 R09: 0000000000000000 [ 330.527956][T10243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.527972][T10243] R13: 00007f83391e6128 R14: 00007f83391e6090 R15: 00007fffe7a976a8 [ 330.528009][T10243] [ 330.907431][T10251] FAULT_INJECTION: forcing a failure. [ 330.907431][T10251] name failslab, interval 1, probability 0, space 0, times 0 [ 330.907541][T10251] CPU: 0 UID: 0 PID: 10251 Comm: syz.2.1031 Tainted: G U syzkaller #0 PREEMPT(full) [ 330.907574][T10251] Tainted: [U]=USER [ 330.907582][T10251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 330.907597][T10251] Call Trace: [ 330.907606][T10251] [ 330.907616][T10251] dump_stack_lvl+0x16c/0x1f0 [ 330.907657][T10251] should_fail_ex+0x512/0x640 [ 330.907684][T10251] ? __kmalloc_cache_noprof+0x5f/0x800 [ 330.907714][T10251] should_failslab+0xc2/0x120 [ 330.907747][T10251] __kmalloc_cache_noprof+0x80/0x800 [ 330.907772][T10251] ? vma_wants_writenotify+0x10b/0x390 [ 330.907800][T10251] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 330.907833][T10251] ? __mt_destroy+0xa8/0x3e0 [ 330.907858][T10251] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 330.907886][T10251] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 330.907920][T10251] hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 330.907950][T10251] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 330.907988][T10251] mmap_action_complete+0x236/0x3f0 [ 330.908021][T10251] __mmap_region+0xcd8/0x2a00 [ 330.908054][T10251] ? __pfx___mmap_region+0x10/0x10 [ 330.908110][T10251] ? kernel_text_address+0x8d/0x100 [ 330.908136][T10251] ? __kernel_text_address+0xd/0x40 [ 330.908161][T10251] ? unwind_get_return_address+0x59/0xa0 [ 330.908204][T10251] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 330.908243][T10251] ? stack_trace_save+0x8e/0xc0 [ 330.908329][T10251] ? rcu_is_watching+0x12/0xc0 [ 330.908371][T10251] mmap_region+0x32b/0x3f0 [ 330.908411][T10251] do_mmap+0xa3e/0x1210 [ 330.908452][T10251] ? __pfx_do_mmap+0x10/0x10 [ 330.908485][T10251] ? __pfx_down_write_killable+0x10/0x10 [ 330.908520][T10251] vm_mmap_pgoff+0x29e/0x470 [ 330.908559][T10251] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 330.908589][T10251] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 330.908618][T10251] ? hugetlbfs_get_inode+0x31f/0x700 [ 330.908653][T10251] ksys_mmap_pgoff+0x1c8/0x5c0 [ 330.908699][T10251] __x64_sys_mmap+0x125/0x190 [ 330.908729][T10251] do_syscall_64+0xcd/0xf80 [ 330.908754][T10251] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.908777][T10251] RIP: 0033:0x7f048cd8f7c9 [ 330.908796][T10251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.908816][T10251] RSP: 002b:00007f048dc19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 330.908839][T10251] RAX: ffffffffffffffda RBX: 00007f048cfe6180 RCX: 00007f048cd8f7c9 [ 330.908854][T10251] RDX: 0000000000000003 RSI: 0000000000a00006 RDI: 0000000000000000 [ 330.908869][T10251] RBP: 00007f048ce13f91 R08: ffffffffffffffff R09: 0000000000000000 [ 330.908884][T10251] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 330.908898][T10251] R13: 00007f048cfe6218 R14: 00007f048cfe6180 R15: 00007ffd655f2408 [ 330.908934][T10251] [ 331.262164][T10260] FAULT_INJECTION: forcing a failure. [ 331.262164][T10260] name failslab, interval 1, probability 0, space 0, times 0 [ 331.262193][T10260] CPU: 0 UID: 0 PID: 10260 Comm: syz.2.1032 Tainted: G U syzkaller #0 PREEMPT(full) [ 331.262214][T10260] Tainted: [U]=USER [ 331.262220][T10260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 331.262229][T10260] Call Trace: [ 331.262234][T10260] [ 331.262240][T10260] dump_stack_lvl+0x16c/0x1f0 [ 331.262266][T10260] should_fail_ex+0x512/0x640 [ 331.262282][T10260] ? __kmalloc_noprof+0xca/0x910 [ 331.262299][T10260] should_failslab+0xc2/0x120 [ 331.262321][T10260] __kmalloc_noprof+0xeb/0x910 [ 331.262336][T10260] ? ring_buffer_read_start+0x1b9/0x500 [ 331.262367][T10260] ? ring_buffer_read_start+0x1b9/0x500 [ 331.262384][T10260] ring_buffer_read_start+0x1b9/0x500 [ 331.262404][T10260] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 331.262421][T10260] ? lockdep_init_map_type+0x5c/0x270 [ 331.262437][T10260] ? ring_buffer_overruns+0x195/0x1f0 [ 331.262455][T10260] tracing_open+0x93f/0xe10 [ 331.262474][T10260] do_dentry_open+0x748/0x1590 [ 331.262493][T10260] ? __pfx_tracing_open+0x10/0x10 [ 331.262513][T10260] vfs_open+0x82/0x3f0 [ 331.262530][T10260] path_openat+0x2078/0x3140 [ 331.262556][T10260] ? __pfx_path_openat+0x10/0x10 [ 331.262583][T10260] do_filp_open+0x20b/0x470 [ 331.262603][T10260] ? __pfx_do_filp_open+0x10/0x10 [ 331.262635][T10260] ? alloc_fd+0x471/0x7d0 [ 331.262659][T10260] do_sys_openat2+0x121/0x290 [ 331.262674][T10260] ? __pfx_do_sys_openat2+0x10/0x10 [ 331.262696][T10260] __x64_sys_openat+0x174/0x210 [ 331.262712][T10260] ? __pfx___x64_sys_openat+0x10/0x10 [ 331.262734][T10260] do_syscall_64+0xcd/0xf80 [ 331.262749][T10260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.262763][T10260] RIP: 0033:0x7f048cd8f7c9 [ 331.262775][T10260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.262789][T10260] RSP: 002b:00007f048dc3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 331.262802][T10260] RAX: ffffffffffffffda RBX: 00007f048cfe6090 RCX: 00007f048cd8f7c9 [ 331.262811][T10260] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 331.262820][T10260] RBP: 00007f048ce13f91 R08: 0000000000000000 R09: 0000000000000000 [ 331.262828][T10260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 331.262837][T10260] R13: 00007f048cfe6128 R14: 00007f048cfe6090 R15: 00007ffd655f2408 [ 331.262857][T10260] [ 331.435914][ T5153] Bluetooth: hci0: command 0x0c1a tx timeout [ 331.565719][T10264] FAULT_INJECTION: forcing a failure. [ 331.565719][T10264] name failslab, interval 1, probability 0, space 0, times 0 [ 332.023010][T10264] CPU: 0 UID: 0 PID: 10264 Comm: syz.1.1033 Tainted: G U syzkaller #0 PREEMPT(full) [ 332.023043][T10264] Tainted: [U]=USER [ 332.023047][T10264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 332.023056][T10264] Call Trace: [ 332.023061][T10264] [ 332.023067][T10264] dump_stack_lvl+0x16c/0x1f0 [ 332.023094][T10264] should_fail_ex+0x512/0x640 [ 332.023110][T10264] ? __kmalloc_cache_noprof+0x5f/0x800 [ 332.023129][T10264] should_failslab+0xc2/0x120 [ 332.023150][T10264] __kmalloc_cache_noprof+0x80/0x800 [ 332.023166][T10264] ? ring_buffer_read_start+0x149/0x500 [ 332.023190][T10264] ? ring_buffer_read_start+0x149/0x500 [ 332.023207][T10264] ring_buffer_read_start+0x149/0x500 [ 332.023226][T10264] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 332.023244][T10264] ? lockdep_init_map_type+0x5c/0x270 [ 332.023259][T10264] ? ring_buffer_overruns+0x195/0x1f0 [ 332.023276][T10264] tracing_open+0x93f/0xe10 [ 332.023296][T10264] do_dentry_open+0x748/0x1590 [ 332.023316][T10264] ? __pfx_tracing_open+0x10/0x10 [ 332.023336][T10264] vfs_open+0x82/0x3f0 [ 332.023353][T10264] path_openat+0x2078/0x3140 [ 332.023380][T10264] ? __pfx_path_openat+0x10/0x10 [ 332.023408][T10264] do_filp_open+0x20b/0x470 [ 332.023428][T10264] ? __pfx_do_filp_open+0x10/0x10 [ 332.023462][T10264] ? alloc_fd+0x471/0x7d0 [ 332.023487][T10264] do_sys_openat2+0x121/0x290 [ 332.023503][T10264] ? __pfx_do_sys_openat2+0x10/0x10 [ 332.023525][T10264] __x64_sys_openat+0x174/0x210 [ 332.023541][T10264] ? __pfx___x64_sys_openat+0x10/0x10 [ 332.023564][T10264] do_syscall_64+0xcd/0xf80 [ 332.023578][T10264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.023593][T10264] RIP: 0033:0x7f8338f8f7c9 [ 332.023604][T10264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.023618][T10264] RSP: 002b:00007f8339d7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 332.023632][T10264] RAX: ffffffffffffffda RBX: 00007f83391e6090 RCX: 00007f8338f8f7c9 [ 332.023642][T10264] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 332.023651][T10264] RBP: 00007f8339013f91 R08: 0000000000000000 R09: 0000000000000000 [ 332.023660][T10264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 332.023668][T10264] R13: 00007f83391e6128 R14: 00007f83391e6090 R15: 00007fffe7a976a8 [ 332.023687][T10264] [ 332.266450][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 332.266464][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 332.280736][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 332.583792][T10274] aoe: could not set interface list: too many interfaces [ 333.196723][T10278] zswap: compressor W;0?u=8}L(Eֹjj8+xpȜNkRuoo [ 334.775239][T10325] dump_stack_lvl+0x16c/0x1f0 [ 334.775267][T10325] should_fail_ex+0x512/0x640 [ 334.775284][T10325] ? __kmalloc_cache_noprof+0x5f/0x800 [ 334.775302][T10325] should_failslab+0xc2/0x120 [ 334.775324][T10325] __kmalloc_cache_noprof+0x80/0x800 [ 334.775339][T10325] ? vma_wants_writenotify+0x10b/0x390 [ 334.775355][T10325] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 334.775374][T10325] ? __mt_destroy+0xa8/0x3e0 [ 334.775387][T10325] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 334.775404][T10325] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 334.775423][T10325] hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 334.775440][T10325] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 334.775463][T10325] mmap_action_complete+0x236/0x3f0 [ 334.775483][T10325] __mmap_region+0xcd8/0x2a00 [ 334.775502][T10325] ? __pfx___mmap_region+0x10/0x10 [ 334.775531][T10325] ? kernel_text_address+0x8d/0x100 [ 334.775546][T10325] ? __kernel_text_address+0xd/0x40 [ 334.775561][T10325] ? unwind_get_return_address+0x59/0xa0 [ 334.775585][T10325] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 334.775607][T10325] ? stack_trace_save+0x8e/0xc0 [ 334.775654][T10325] ? rcu_is_watching+0x12/0xc0 [ 334.775677][T10325] mmap_region+0x32b/0x3f0 [ 334.775697][T10325] do_mmap+0xa3e/0x1210 [ 334.775720][T10325] ? __pfx_do_mmap+0x10/0x10 [ 334.775739][T10325] ? __pfx_down_write_killable+0x10/0x10 [ 334.775758][T10325] vm_mmap_pgoff+0x29e/0x470 [ 334.775780][T10325] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 334.775800][T10325] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 334.775818][T10325] ? hugetlbfs_get_inode+0x31f/0x700 [ 334.775837][T10325] ksys_mmap_pgoff+0x1c8/0x5c0 [ 334.775859][T10325] __x64_sys_mmap+0x125/0x190 [ 334.775875][T10325] do_syscall_64+0xcd/0xf80 [ 334.775890][T10325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.775903][T10325] RIP: 0033:0x7f8338f8f7c9 [ 334.775916][T10325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.775930][T10325] RSP: 002b:00007f8339d7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 334.775943][T10325] RAX: ffffffffffffffda RBX: 00007f83391e6090 RCX: 00007f8338f8f7c9 [ 334.775953][T10325] RDX: 0000000000000003 RSI: 0000000000a00006 RDI: 0000000000000000 [ 334.775962][T10325] RBP: 00007f8339013f91 R08: ffffffffffffffff R09: 0000000000000000 [ 334.775971][T10325] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 334.775980][T10325] R13: 00007f83391e6128 R14: 00007f83391e6090 R15: 00007fffe7a976a8 [ 334.776000][T10325] [ 335.081063][T10310] zswap: compressor W;0?u=8}L(Eֹjj8+xpȜNkRuoo 5 [ 340.057374][ T52] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11 [ 341.811047][ T52] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6 [ 342.271061][T10497] random: crng reseeded on system resumption [ 343.980179][T10545] zswap: compressor not available [ 344.633495][ T5874] Process accounting resumed [ 345.851365][T10582] FAULT_INJECTION: forcing a failure. [ 345.851365][T10582] name failslab, interval 1, probability 0, space 0, times 0 [ 345.875524][T10582] CPU: 0 UID: 0 PID: 10582 Comm: syz.1.1112 Tainted: G U syzkaller #0 PREEMPT(full) [ 345.875570][T10582] Tainted: [U]=USER [ 345.875580][T10582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 345.875597][T10582] Call Trace: [ 345.875607][T10582] [ 345.875617][T10582] dump_stack_lvl+0x16c/0x1f0 [ 345.875662][T10582] should_fail_ex+0x512/0x640 [ 345.875693][T10582] ? __kmalloc_noprof+0xca/0x910 [ 345.875722][T10582] should_failslab+0xc2/0x120 [ 345.875767][T10582] __kmalloc_noprof+0xeb/0x910 [ 345.875797][T10582] ? ring_buffer_read_start+0x1b9/0x500 [ 345.875837][T10582] ? ring_buffer_read_start+0x1b9/0x500 [ 345.875892][T10582] ring_buffer_read_start+0x1b9/0x500 [ 345.875927][T10582] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 345.875958][T10582] ? lockdep_init_map_type+0x5c/0x270 [ 345.875992][T10582] ? ring_buffer_overruns+0x195/0x1f0 [ 345.876025][T10582] tracing_open+0x93f/0xe10 [ 345.876060][T10582] do_dentry_open+0x748/0x1590 [ 345.876095][T10582] ? __pfx_tracing_open+0x10/0x10 [ 345.876132][T10582] vfs_open+0x82/0x3f0 [ 345.876164][T10582] path_openat+0x2078/0x3140 [ 345.876212][T10582] ? __pfx_path_openat+0x10/0x10 [ 345.876261][T10582] do_filp_open+0x20b/0x470 [ 345.876298][T10582] ? __pfx_do_filp_open+0x10/0x10 [ 345.876360][T10582] ? alloc_fd+0x471/0x7d0 [ 345.876405][T10582] do_sys_openat2+0x121/0x290 [ 345.876432][T10582] ? __pfx_do_sys_openat2+0x10/0x10 [ 345.876475][T10582] __x64_sys_openat+0x174/0x210 [ 345.876504][T10582] ? __pfx___x64_sys_openat+0x10/0x10 [ 345.876546][T10582] do_syscall_64+0xcd/0xf80 [ 345.876573][T10582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.876599][T10582] RIP: 0033:0x7f8338f8f7c9 [ 345.876621][T10582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 345.876646][T10582] RSP: 002b:00007f8339d7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 345.876671][T10582] RAX: ffffffffffffffda RBX: 00007f83391e6090 RCX: 00007f8338f8f7c9 [ 345.876689][T10582] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 345.876706][T10582] RBP: 00007f8339013f91 R08: 0000000000000000 R09: 0000000000000000 [ 345.876720][T10582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 345.876734][T10582] R13: 00007f83391e6128 R14: 00007f83391e6090 R15: 00007fffe7a976a8 [ 345.876767][T10582] [ 346.469666][T10599] FAULT_INJECTION: forcing a failure. [ 346.469666][T10599] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 346.483804][T10599] CPU: 1 UID: 0 PID: 10599 Comm: syz.3.1117 Tainted: G U syzkaller #0 PREEMPT(full) [ 346.483845][T10599] Tainted: [U]=USER [ 346.483854][T10599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 346.483871][T10599] Call Trace: [ 346.483880][T10599] [ 346.483889][T10599] dump_stack_lvl+0x16c/0x1f0 [ 346.483933][T10599] should_fail_ex+0x512/0x640 [ 346.483968][T10599] should_fail_alloc_page+0xe7/0x130 [ 346.484016][T10599] prepare_alloc_pages+0x401/0x670 [ 346.484055][T10599] ? rcu_is_watching+0x12/0xc0 [ 346.484101][T10599] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 346.484136][T10599] ? kasan_save_stack+0x42/0x60 [ 346.484160][T10599] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 346.484176][T10599] ? __lock_acquire+0x436/0x2890 [ 346.484190][T10599] ? look_up_lock_class+0x6b/0x130 [ 346.484206][T10599] ? __lock_acquire+0x436/0x2890 [ 346.484220][T10599] ? __lock_acquire+0x436/0x2890 [ 346.484232][T10599] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.484253][T10599] ? policy_nodemask+0xea/0x4e0 [ 346.484275][T10599] alloc_pages_mpol+0x1fb/0x550 [ 346.484295][T10599] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 346.484320][T10599] folio_alloc_mpol_noprof+0x36/0x2f0 [ 346.484335][T10599] vma_alloc_folio_noprof+0xed/0x1e0 [ 346.484349][T10599] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 346.484368][T10599] do_anonymous_page+0xc81/0x2190 [ 346.484390][T10599] __handle_mm_fault+0x1ecf/0x2bb0 [ 346.484409][T10599] ? __pfx___handle_mm_fault+0x10/0x10 [ 346.484425][T10599] ? __pte_offset_map_lock+0x174/0x310 [ 346.484444][T10599] ? find_held_lock+0x2b/0x80 [ 346.484466][T10599] ? follow_page_pte+0x5cf/0x1390 [ 346.484489][T10599] handle_mm_fault+0x3fe/0xad0 [ 346.484508][T10599] __get_user_pages+0x54e/0x3590 [ 346.484534][T10599] ? __pfx___get_user_pages+0x10/0x10 [ 346.484559][T10599] faultin_page_range+0x338/0x940 [ 346.484583][T10599] madvise_do_behavior+0x34c/0x530 [ 346.484598][T10599] ? __pfx_madvise_do_behavior+0x10/0x10 [ 346.484612][T10599] ? down_read+0x13d/0x460 [ 346.484635][T10599] do_madvise+0x176/0x240 [ 346.484648][T10599] ? __pfx_do_madvise+0x10/0x10 [ 346.484660][T10599] ? do_futex+0x122/0x350 [ 346.484687][T10599] ? xfd_validate_state+0x61/0x180 [ 346.484699][T10599] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 346.484723][T10599] __x64_sys_madvise+0xa9/0x110 [ 346.484736][T10599] ? lockdep_hardirqs_on+0x7c/0x110 [ 346.484748][T10599] do_syscall_64+0xcd/0xf80 [ 346.484762][T10599] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.484776][T10599] RIP: 0033:0x7f480ad8f7c9 [ 346.484789][T10599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.484803][T10599] RSP: 002b:00007f480bc96038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 346.484818][T10599] RAX: ffffffffffffffda RBX: 00007f480afe5fa0 RCX: 00007f480ad8f7c9 [ 346.484829][T10599] RDX: 0000000000000017 RSI: 00000000002003f0 RDI: 0000000000000000 [ 346.484838][T10599] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 346.484847][T10599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 346.484857][T10599] R13: 00007f480afe6038 R14: 00007f480afe5fa0 R15: 00007ffe5fabdf68 [ 346.484877][T10599] [ 347.346336][ T52] Bluetooth: hci2: unexpected event 0x1c length: 0 < 5 [ 349.020074][T10655] could not allocate digest TFM handle [ 349.709758][T10681] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1132'. [ 349.788139][T10681] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 349.821177][T10681] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 349.838950][T10681] bond0 (unregistering): Released all slaves [ 350.113749][T10650] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 350.134859][T10650] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 350.181049][T10650] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 350.214176][T10650] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 350.510799][T10700] FAULT_INJECTION: forcing a failure. [ 350.510799][T10700] name failslab, interval 1, probability 0, space 0, times 0 [ 350.568442][T10700] CPU: 0 UID: 0 PID: 10700 Comm: syz.0.1136 Tainted: G U syzkaller #0 PREEMPT(full) [ 350.568486][T10700] Tainted: [U]=USER [ 350.568495][T10700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 350.568511][T10700] Call Trace: [ 350.568521][T10700] [ 350.568531][T10700] dump_stack_lvl+0x16c/0x1f0 [ 350.568581][T10700] should_fail_ex+0x512/0x640 [ 350.568611][T10700] ? __kmalloc_cache_noprof+0x5f/0x800 [ 350.568645][T10700] should_failslab+0xc2/0x120 [ 350.568683][T10700] __kmalloc_cache_noprof+0x80/0x800 [ 350.568709][T10700] ? vma_wants_writenotify+0x10b/0x390 [ 350.568739][T10700] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 350.568780][T10700] ? __mt_destroy+0xa8/0x3e0 [ 350.568808][T10700] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 350.568840][T10700] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 350.568876][T10700] hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 350.568908][T10700] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 350.568948][T10700] mmap_action_complete+0x236/0x3f0 [ 350.568984][T10700] __mmap_region+0xcd8/0x2a00 [ 350.569019][T10700] ? __pfx___mmap_region+0x10/0x10 [ 350.569077][T10700] ? kernel_text_address+0x8d/0x100 [ 350.569106][T10700] ? __kernel_text_address+0xd/0x40 [ 350.569133][T10700] ? unwind_get_return_address+0x59/0xa0 [ 350.569180][T10700] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 350.569222][T10700] ? stack_trace_save+0x8e/0xc0 [ 350.569311][T10700] ? rcu_is_watching+0x12/0xc0 [ 350.569355][T10700] mmap_region+0x32b/0x3f0 [ 350.569392][T10700] do_mmap+0xa3e/0x1210 [ 350.569435][T10700] ? __pfx_do_mmap+0x10/0x10 [ 350.569471][T10700] ? __pfx_down_write_killable+0x10/0x10 [ 350.569506][T10700] vm_mmap_pgoff+0x29e/0x470 [ 350.569548][T10700] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 350.569579][T10700] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 350.569610][T10700] ? hugetlbfs_get_inode+0x31f/0x700 [ 350.569647][T10700] ksys_mmap_pgoff+0x1c8/0x5c0 [ 350.569688][T10700] __x64_sys_mmap+0x125/0x190 [ 350.569722][T10700] do_syscall_64+0xcd/0xf80 [ 350.569754][T10700] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.569781][T10700] RIP: 0033:0x7ff57958f7c9 [ 350.569803][T10700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 350.569833][T10700] RSP: 002b:00007ff57a479038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 350.569857][T10700] RAX: ffffffffffffffda RBX: 00007ff5797e6090 RCX: 00007ff57958f7c9 [ 350.569874][T10700] RDX: 0000000000000003 RSI: 0000000000a00006 RDI: 0000000000000000 [ 350.569890][T10700] RBP: 00007ff579613f91 R08: ffffffffffffffff R09: 0000000000000000 [ 350.569906][T10700] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 350.569922][T10700] R13: 00007ff5797e6128 R14: 00007ff5797e6090 R15: 00007fff7d475ba8 [ 350.569959][T10700] [ 351.275375][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 352.155844][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 352.243627][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 352.243640][ T5153] Bluetooth: hci2: command 0x0c1a tx timeout [ 352.873463][T10757] FAULT_INJECTION: forcing a failure. [ 352.873463][T10757] name failslab, interval 1, probability 0, space 0, times 0 [ 352.935043][T10757] CPU: 1 UID: 0 PID: 10757 Comm: syz.3.1150 Tainted: G U syzkaller #0 PREEMPT(full) [ 352.935082][T10757] Tainted: [U]=USER [ 352.935092][T10757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 352.935106][T10757] Call Trace: [ 352.935115][T10757] [ 352.935125][T10757] dump_stack_lvl+0x16c/0x1f0 [ 352.935170][T10757] should_fail_ex+0x512/0x640 [ 352.935200][T10757] ? __kmalloc_cache_noprof+0x5f/0x800 [ 352.935235][T10757] should_failslab+0xc2/0x120 [ 352.935272][T10757] __kmalloc_cache_noprof+0x80/0x800 [ 352.935325][T10757] ? ring_buffer_read_start+0x149/0x500 [ 352.935372][T10757] ? ring_buffer_read_start+0x149/0x500 [ 352.935406][T10757] ring_buffer_read_start+0x149/0x500 [ 352.935442][T10757] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 352.935474][T10757] ? lockdep_init_map_type+0x5c/0x270 [ 352.935499][T10757] ? ring_buffer_overruns+0x195/0x1f0 [ 352.935530][T10757] tracing_open+0x93f/0xe10 [ 352.935564][T10757] do_dentry_open+0x748/0x1590 [ 352.935597][T10757] ? __pfx_tracing_open+0x10/0x10 [ 352.935634][T10757] vfs_open+0x82/0x3f0 [ 352.935666][T10757] path_openat+0x2078/0x3140 [ 352.935713][T10757] ? __pfx_path_openat+0x10/0x10 [ 352.935763][T10757] do_filp_open+0x20b/0x470 [ 352.935799][T10757] ? __pfx_do_filp_open+0x10/0x10 [ 352.935863][T10757] ? alloc_fd+0x471/0x7d0 [ 352.935907][T10757] do_sys_openat2+0x121/0x290 [ 352.935935][T10757] ? __pfx_do_sys_openat2+0x10/0x10 [ 352.935976][T10757] __x64_sys_openat+0x174/0x210 [ 352.936006][T10757] ? __pfx___x64_sys_openat+0x10/0x10 [ 352.936044][T10757] do_syscall_64+0xcd/0xf80 [ 352.936070][T10757] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.936093][T10757] RIP: 0033:0x7f480ad8f7c9 [ 352.936112][T10757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 352.936135][T10757] RSP: 002b:00007f480bc75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 352.936158][T10757] RAX: ffffffffffffffda RBX: 00007f480afe6090 RCX: 00007f480ad8f7c9 [ 352.936175][T10757] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 352.936191][T10757] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 352.936205][T10757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 352.936218][T10757] R13: 00007f480afe6128 R14: 00007f480afe6090 R15: 00007ffe5fabdf68 [ 352.936254][T10757] [ 353.531300][T10752] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1151'. [ 354.018880][T10792] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1159'. [ 355.500576][T10827] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1167'. [ 357.379762][T10853] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1172'. [ 357.416850][T10853] bridge0: port 2(bridge_slave_1) entered disabled state [ 357.424832][T10853] bridge0: port 1(bridge_slave_0) entered disabled state [ 357.755142][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 357.763288][T10810] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 358.131581][T10810] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 358.152368][T10810] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 358.191779][T10810] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 358.792569][T10888] FAULT_INJECTION: forcing a failure. [ 358.792569][T10888] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 358.806017][T10888] CPU: 1 UID: 0 PID: 10888 Comm: syz.0.1181 Tainted: G U L syzkaller #0 PREEMPT(full) [ 358.806043][T10888] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 358.806048][T10888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 358.806058][T10888] Call Trace: [ 358.806064][T10888] [ 358.806071][T10888] dump_stack_lvl+0x16c/0x1f0 [ 358.806099][T10888] should_fail_ex+0x512/0x640 [ 358.806118][T10888] should_fail_alloc_page+0xe7/0x130 [ 358.806142][T10888] prepare_alloc_pages+0x401/0x670 [ 358.806170][T10888] ? rcu_is_watching+0x12/0xc0 [ 358.806193][T10888] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 358.806210][T10888] ? kasan_save_stack+0x33/0x60 [ 358.806228][T10888] ? kasan_save_track+0x14/0x30 [ 358.806248][T10888] ? kasan_save_stack+0x42/0x60 [ 358.806272][T10888] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 358.806289][T10888] ? __lock_acquire+0x436/0x2890 [ 358.806303][T10888] ? look_up_lock_class+0x6b/0x130 [ 358.806319][T10888] ? __lock_acquire+0x436/0x2890 [ 358.806334][T10888] ? __lock_acquire+0x436/0x2890 [ 358.806345][T10888] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 358.806367][T10888] ? policy_nodemask+0xea/0x4e0 [ 358.806388][T10888] alloc_pages_mpol+0x1fb/0x550 [ 358.806408][T10888] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 358.806433][T10888] folio_alloc_mpol_noprof+0x36/0x2f0 [ 358.806448][T10888] vma_alloc_folio_noprof+0xed/0x1e0 [ 358.806462][T10888] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 358.806482][T10888] do_anonymous_page+0xc81/0x2190 [ 358.806503][T10888] __handle_mm_fault+0x1ecf/0x2bb0 [ 358.806522][T10888] ? __pfx___handle_mm_fault+0x10/0x10 [ 358.806537][T10888] ? __pte_offset_map_lock+0x174/0x310 [ 358.806556][T10888] ? find_held_lock+0x2b/0x80 [ 358.806579][T10888] ? follow_page_pte+0x5cf/0x1390 [ 358.806602][T10888] handle_mm_fault+0x3fe/0xad0 [ 358.806620][T10888] __get_user_pages+0x54e/0x3590 [ 358.806647][T10888] ? __pfx___get_user_pages+0x10/0x10 [ 358.806671][T10888] faultin_page_range+0x338/0x940 [ 358.806696][T10888] madvise_do_behavior+0x34c/0x530 [ 358.806711][T10888] ? __pfx_madvise_do_behavior+0x10/0x10 [ 358.806725][T10888] ? down_read+0x13d/0x460 [ 358.806748][T10888] do_madvise+0x176/0x240 [ 358.806761][T10888] ? __pfx_do_madvise+0x10/0x10 [ 358.806773][T10888] ? do_futex+0x122/0x350 [ 358.806800][T10888] ? xfd_validate_state+0x61/0x180 [ 358.806813][T10888] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 358.806836][T10888] __x64_sys_madvise+0xa9/0x110 [ 358.806849][T10888] ? lockdep_hardirqs_on+0x7c/0x110 [ 358.806861][T10888] do_syscall_64+0xcd/0xf80 [ 358.806876][T10888] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.806891][T10888] RIP: 0033:0x7ff57958f7c9 [ 358.806903][T10888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.806917][T10888] RSP: 002b:00007ff57a49a038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 358.806931][T10888] RAX: ffffffffffffffda RBX: 00007ff5797e5fa0 RCX: 00007ff57958f7c9 [ 358.806941][T10888] RDX: 0000000000000017 RSI: 00000000002003f0 RDI: 0000000000000000 [ 358.806949][T10888] RBP: 00007ff579613f91 R08: 0000000000000000 R09: 0000000000000000 [ 358.806958][T10888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 358.806966][T10888] R13: 00007ff5797e6038 R14: 00007ff5797e5fa0 R15: 00007fff7d475ba8 [ 358.806985][T10888] [ 359.835126][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 360.169143][ T52] Bluetooth: hci2: command 0x0c1a tx timeout [ 360.250868][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 360.956040][T10917] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 360.979450][T10917] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 361.060020][T10917] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 361.101450][T10917] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 361.133448][T10925] FAULT_INJECTION: forcing a failure. [ 361.133448][T10925] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 361.197100][T10925] CPU: 1 UID: 0 PID: 10925 Comm: syz.3.1191 Tainted: G U L syzkaller #0 PREEMPT(full) [ 361.197145][T10925] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 361.197155][T10925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 361.197171][T10925] Call Trace: [ 361.197181][T10925] [ 361.197191][T10925] dump_stack_lvl+0x16c/0x1f0 [ 361.197237][T10925] should_fail_ex+0x512/0x640 [ 361.197271][T10925] _copy_from_user+0x2e/0xd0 [ 361.197303][T10925] snd_rawmidi_kernel_write1+0x50a/0x8a0 [ 361.197349][T10925] snd_rawmidi_write+0x26e/0xc10 [ 361.197390][T10925] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 361.197421][T10925] ? common_file_perm+0x1b1/0x500 [ 361.197452][T10925] ? __pfx_default_wake_function+0x10/0x10 [ 361.197488][T10925] ? bpf_lsm_file_permission+0x9/0x10 [ 361.197517][T10925] ? security_file_permission+0x71/0x210 [ 361.197551][T10925] ? rw_verify_area+0xcf/0x6c0 [ 361.197585][T10925] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 361.197615][T10925] vfs_write+0x2a0/0x11d0 [ 361.197656][T10925] ? __pfx_vfs_write+0x10/0x10 [ 361.197687][T10925] ? find_held_lock+0x2b/0x80 [ 361.197720][T10925] ? __fget_files+0x204/0x3c0 [ 361.197769][T10925] ? __fget_files+0x20e/0x3c0 [ 361.197814][T10925] ksys_write+0x1f8/0x250 [ 361.197848][T10925] ? __pfx_ksys_write+0x10/0x10 [ 361.197893][T10925] do_syscall_64+0xcd/0xf80 [ 361.197920][T10925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 361.197946][T10925] RIP: 0033:0x7f480ad8f7c9 [ 361.197967][T10925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 361.197993][T10925] RSP: 002b:00007f480bc96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 361.198019][T10925] RAX: ffffffffffffffda RBX: 00007f480afe5fa0 RCX: 00007f480ad8f7c9 [ 361.198037][T10925] RDX: 000000100000a3d9 RSI: 0000200000000240 RDI: 0000000000000008 [ 361.198055][T10925] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 361.198071][T10925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 361.198086][T10925] R13: 00007f480afe6038 R14: 00007f480afe5fa0 R15: 00007ffe5fabdf68 [ 361.198121][T10925] [ 361.507834][T10939] zswap: compressor not available [ 361.648405][T10939] FAULT_INJECTION: forcing a failure. [ 361.648405][T10939] name failslab, interval 1, probability 0, space 0, times 0 [ 361.648457][T10939] CPU: 1 UID: 0 PID: 10939 Comm: syz.0.1194 Tainted: G U L syzkaller #0 PREEMPT(full) [ 361.648478][T10939] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 361.648484][T10939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 361.648492][T10939] Call Trace: [ 361.648496][T10939] [ 361.648502][T10939] dump_stack_lvl+0x16c/0x1f0 [ 361.648528][T10939] should_fail_ex+0x512/0x640 [ 361.648544][T10939] ? __kmalloc_cache_noprof+0x5f/0x800 [ 361.648563][T10939] should_failslab+0xc2/0x120 [ 361.648585][T10939] __kmalloc_cache_noprof+0x80/0x800 [ 361.648599][T10939] ? find_held_lock+0x2b/0x80 [ 361.648620][T10939] ? uevent_net_init+0xd3/0x350 [ 361.648638][T10939] ? uevent_net_init+0xd3/0x350 [ 361.648653][T10939] uevent_net_init+0xd3/0x350 [ 361.648668][T10939] ? __pfx_uevent_net_init+0x10/0x10 [ 361.648683][T10939] ? rcu_is_watching+0x12/0xc0 [ 361.648702][T10939] ? __pfx_uevent_net_rcv+0x10/0x10 [ 361.648718][T10939] ? ops_init+0x77/0x5f0 [ 361.648739][T10939] ? __pfx_uevent_net_init+0x10/0x10 [ 361.648754][T10939] ops_init+0x1e2/0x5f0 [ 361.648774][T10939] setup_net+0x11d/0x3a0 [ 361.648793][T10939] ? __pfx_setup_net+0x10/0x10 [ 361.648810][T10939] ? lockdep_init_map_type+0x5c/0x270 [ 361.648824][T10939] ? mutex_init_lockep+0x110/0x150 [ 361.648841][T10939] copy_net_ns+0x351/0x7c0 [ 361.648855][T10939] create_new_namespaces+0x3ea/0xab0 [ 361.648887][T10939] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 361.648907][T10939] ksys_unshare+0x45b/0xa40 [ 361.648921][T10939] ? __pfx_ksys_unshare+0x10/0x10 [ 361.648946][T10939] ? do_user_addr_fault+0x843/0x1370 [ 361.648967][T10939] __x64_sys_unshare+0x31/0x40 [ 361.648979][T10939] do_syscall_64+0xcd/0xf80 [ 361.648994][T10939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 361.649007][T10939] RIP: 0033:0x7ff57958f7c9 [ 361.649019][T10939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 361.649033][T10939] RSP: 002b:00007ff57a49a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 361.649046][T10939] RAX: ffffffffffffffda RBX: 00007ff5797e5fa0 RCX: 00007ff57958f7c9 [ 361.649055][T10939] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 361.649063][T10939] RBP: 00007ff579613f91 R08: 0000000000000000 R09: 0000000000000000 [ 361.649072][T10939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 361.649080][T10939] R13: 00007ff5797e6038 R14: 00007ff5797e5fa0 R15: 00007fff7d475ba8 [ 361.649100][T10939] [ 362.468382][ T52] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6 [ 362.476448][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 363.038080][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 363.115634][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 363.125136][ T52] Bluetooth: hci2: command 0x0c1a tx timeout [ 363.489214][T10988] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 364.081272][ T52] Bluetooth: hci2: unexpected event 0x01 length: 124 > 1 [ 364.136949][T11006] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1213'. [ 365.359082][T10981] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 365.373943][T10981] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 365.381023][T10981] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 365.387677][T10981] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 365.465847][ T52] Bluetooth: hci2: unexpected event 0x14 length: 16 > 6 [ 365.589131][T11044] device-mapper: ioctl: name not supplied when creating device [ 365.996062][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 367.445107][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 367.445132][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 367.455187][ T5153] Bluetooth: hci2: command 0x0c1a tx timeout [ 368.013035][T11093] FAULT_INJECTION: forcing a failure. [ 368.013035][T11093] name failslab, interval 1, probability 0, space 0, times 0 [ 368.151369][T11093] CPU: 0 UID: 0 PID: 11093 Comm: syz.3.1231 Tainted: G U L syzkaller #0 PREEMPT(full) [ 368.151423][T11093] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 368.151433][T11093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 368.151451][T11093] Call Trace: [ 368.151460][T11093] [ 368.151471][T11093] dump_stack_lvl+0x16c/0x1f0 [ 368.151514][T11093] should_fail_ex+0x512/0x640 [ 368.151543][T11093] ? __kmalloc_cache_noprof+0x5f/0x800 [ 368.151576][T11093] should_failslab+0xc2/0x120 [ 368.151615][T11093] __kmalloc_cache_noprof+0x80/0x800 [ 368.151641][T11093] ? vma_wants_writenotify+0x10b/0x390 [ 368.151671][T11093] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 368.151703][T11093] ? __mt_destroy+0xa8/0x3e0 [ 368.151727][T11093] ? hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 368.151758][T11093] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 368.151793][T11093] hugetlb_vma_lock_alloc+0xc3/0x1f0 [ 368.151824][T11093] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 368.151864][T11093] mmap_action_complete+0x236/0x3f0 [ 368.151900][T11093] __mmap_region+0xcd8/0x2a00 [ 368.151935][T11093] ? __pfx___mmap_region+0x10/0x10 [ 368.151991][T11093] ? kernel_text_address+0x8d/0x100 [ 368.152019][T11093] ? __kernel_text_address+0xd/0x40 [ 368.152046][T11093] ? unwind_get_return_address+0x59/0xa0 [ 368.152090][T11093] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 368.152130][T11093] ? stack_trace_save+0x8e/0xc0 [ 368.152218][T11093] ? rcu_is_watching+0x12/0xc0 [ 368.152261][T11093] mmap_region+0x32b/0x3f0 [ 368.152297][T11093] do_mmap+0xa3e/0x1210 [ 368.152340][T11093] ? __pfx_do_mmap+0x10/0x10 [ 368.152375][T11093] ? __pfx_down_write_killable+0x10/0x10 [ 368.152419][T11093] vm_mmap_pgoff+0x29e/0x470 [ 368.152463][T11093] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 368.152493][T11093] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 368.152522][T11093] ? hugetlbfs_get_inode+0x31f/0x700 [ 368.152558][T11093] ksys_mmap_pgoff+0x1c8/0x5c0 [ 368.152598][T11093] __x64_sys_mmap+0x125/0x190 [ 368.152628][T11093] do_syscall_64+0xcd/0xf80 [ 368.152656][T11093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.152680][T11093] RIP: 0033:0x7f480ad8f7c9 [ 368.152701][T11093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 368.152724][T11093] RSP: 002b:00007f480bc75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 368.152749][T11093] RAX: ffffffffffffffda RBX: 00007f480afe6090 RCX: 00007f480ad8f7c9 [ 368.152768][T11093] RDX: 0000000000000003 RSI: 0000000000a00006 RDI: 0000000000000000 [ 368.152785][T11093] RBP: 00007f480ae13f91 R08: ffffffffffffffff R09: 0000000000000000 [ 368.152802][T11093] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 368.152818][T11093] R13: 00007f480afe6128 R14: 00007f480afe6090 R15: 00007ffe5fabdf68 [ 368.152856][T11093] [ 369.178203][T11112] FAULT_INJECTION: forcing a failure. [ 369.178203][T11112] name failslab, interval 1, probability 0, space 0, times 0 [ 369.375075][T11112] CPU: 0 UID: 0 PID: 11112 Comm: syz.3.1236 Tainted: G U L syzkaller #0 PREEMPT(full) [ 369.375121][T11112] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 369.375131][T11112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 369.375146][T11112] Call Trace: [ 369.375154][T11112] [ 369.375164][T11112] dump_stack_lvl+0x16c/0x1f0 [ 369.375210][T11112] should_fail_ex+0x512/0x640 [ 369.375239][T11112] ? __kmalloc_cache_noprof+0x5f/0x800 [ 369.375278][T11112] should_failslab+0xc2/0x120 [ 369.375317][T11112] __kmalloc_cache_noprof+0x80/0x800 [ 369.375345][T11112] ? do_user_addr_fault+0x829/0x1370 [ 369.375375][T11112] ? system_heap_allocate+0xe8/0x10a0 [ 369.375411][T11112] ? system_heap_allocate+0xe8/0x10a0 [ 369.375440][T11112] system_heap_allocate+0xe8/0x10a0 [ 369.375468][T11112] ? irqentry_exit+0x1dd/0x8c0 [ 369.375491][T11112] ? lockdep_hardirqs_on+0x7c/0x110 [ 369.375514][T11112] ? irqentry_exit+0x1dd/0x8c0 [ 369.375535][T11112] ? trace_irq_disable.constprop.0+0xd4/0x110 [ 369.375577][T11112] ? __pfx_system_heap_allocate+0x10/0x10 [ 369.375619][T11112] ? rep_movs_alternative+0x4a/0x90 [ 369.375655][T11112] dma_heap_ioctl+0x385/0x610 [ 369.375686][T11112] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 369.375710][T11112] ? find_held_lock+0x2b/0x80 [ 369.375754][T11112] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 369.375782][T11112] __x64_sys_ioctl+0x18e/0x210 [ 369.375816][T11112] do_syscall_64+0xcd/0xf80 [ 369.375841][T11112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.375866][T11112] RIP: 0033:0x7f480ad8f7c9 [ 369.375887][T11112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 369.375913][T11112] RSP: 002b:00007f480bc96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 369.375937][T11112] RAX: ffffffffffffffda RBX: 00007f480afe5fa0 RCX: 00007f480ad8f7c9 [ 369.375955][T11112] RDX: 0000200000000140 RSI: ffffffffffdffe00 RDI: 0000000000000005 [ 369.375972][T11112] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 369.375989][T11112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 369.376003][T11112] R13: 00007f480afe6038 R14: 00007f480afe5fa0 R15: 00007ffe5fabdf68 [ 369.376040][T11112] [ 369.680259][T11096] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 369.805372][T11096] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 369.827243][T11096] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 369.833301][T11096] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 370.715152][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 371.060176][T11130] Invalid ELF header magic: != ELF [ 371.477333][ T5840] Bluetooth: hci1: unexpected event 0x14 length: 16 > 6 [ 371.766940][T11148] program syz.1.1246 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 371.845316][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 371.845339][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 371.857514][ T5153] Bluetooth: hci2: command 0x0c1a tx timeout [ 371.971568][T11146] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1246'. [ 372.219973][T11152] FAULT_INJECTION: forcing a failure. [ 372.219973][T11152] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 372.245716][T11152] CPU: 1 UID: 0 PID: 11152 Comm: syz.3.1247 Tainted: G U L syzkaller #0 PREEMPT(full) [ 372.245762][T11152] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 372.245772][T11152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 372.245796][T11152] Call Trace: [ 372.245805][T11152] [ 372.245816][T11152] dump_stack_lvl+0x16c/0x1f0 [ 372.245864][T11152] should_fail_ex+0x512/0x640 [ 372.245899][T11152] should_fail_alloc_page+0xe7/0x130 [ 372.245940][T11152] prepare_alloc_pages+0x401/0x670 [ 372.245977][T11152] ? rcu_is_watching+0x12/0xc0 [ 372.246015][T11152] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 372.246051][T11152] ? mark_held_locks+0x49/0x80 [ 372.246074][T11152] ? finish_task_switch.isra.0+0x207/0xbd0 [ 372.246107][T11152] ? lockdep_hardirqs_on+0x7c/0x110 [ 372.246137][T11152] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 372.246168][T11152] ? __schedule+0x114c/0x6150 [ 372.246212][T11152] ? __lock_acquire+0x436/0x2890 [ 372.246239][T11152] ? __lock_acquire+0x436/0x2890 [ 372.246261][T11152] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 372.246300][T11152] ? policy_nodemask+0xea/0x4e0 [ 372.246339][T11152] alloc_pages_mpol+0x1fb/0x550 [ 372.246377][T11152] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 372.246424][T11152] folio_alloc_mpol_noprof+0x36/0x2f0 [ 372.246452][T11152] vma_alloc_folio_noprof+0xed/0x1e0 [ 372.246477][T11152] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 372.246515][T11152] do_anonymous_page+0xc81/0x2190 [ 372.246555][T11152] __handle_mm_fault+0x1ecf/0x2bb0 [ 372.246592][T11152] ? __pfx___handle_mm_fault+0x10/0x10 [ 372.246620][T11152] ? __pte_offset_map_lock+0x174/0x310 [ 372.246655][T11152] ? find_held_lock+0x2b/0x80 [ 372.246697][T11152] ? follow_page_pte+0x5cf/0x1390 [ 372.246740][T11152] handle_mm_fault+0x3fe/0xad0 [ 372.246774][T11152] __get_user_pages+0x54e/0x3590 [ 372.246846][T11152] ? __pfx___get_user_pages+0x10/0x10 [ 372.246893][T11152] faultin_page_range+0x338/0x940 [ 372.246938][T11152] madvise_do_behavior+0x34c/0x530 [ 372.246967][T11152] ? __pfx_madvise_do_behavior+0x10/0x10 [ 372.246994][T11152] ? down_read+0x13d/0x460 [ 372.247038][T11152] do_madvise+0x176/0x240 [ 372.247062][T11152] ? __pfx_do_madvise+0x10/0x10 [ 372.247085][T11152] ? do_futex+0x122/0x350 [ 372.247137][T11152] ? xfd_validate_state+0x61/0x180 [ 372.247160][T11152] ? __pfx_ksys_write+0x10/0x10 [ 372.247201][T11152] __x64_sys_madvise+0xa9/0x110 [ 372.247225][T11152] ? lockdep_hardirqs_on+0x7c/0x110 [ 372.247248][T11152] do_syscall_64+0xcd/0xf80 [ 372.247279][T11152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.247309][T11152] RIP: 0033:0x7f480ad8f7c9 [ 372.247331][T11152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 372.247357][T11152] RSP: 002b:00007f480bc96038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 372.247381][T11152] RAX: ffffffffffffffda RBX: 00007f480afe5fa0 RCX: 00007f480ad8f7c9 [ 372.247407][T11152] RDX: 0000000000000017 RSI: 00000000002003f0 RDI: 0000000000000000 [ 372.247424][T11152] RBP: 00007f480ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 372.247440][T11152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 372.247456][T11152] R13: 00007f480afe6038 R14: 00007f480afe5fa0 R15: 00007ffe5fabdf68 [ 372.247504][T11152] [ 373.416417][T11167] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 375.212907][ T52] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 375.917380][T11218] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1263'. [ 376.538474][T11222] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 376.575294][T11222] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 376.605377][T11222] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 376.612370][T11222] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 377.054782][ T52] Bluetooth: hci1: unexpected event 0x14 length: 16 > 6 [ 377.289525][T11256] syz.0.1271 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 377.836893][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 378.637149][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 378.637174][ T5153] Bluetooth: hci2: command 0x0c1a tx timeout [ 378.643178][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 379.569664][T11304] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 379.614759][T11304] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 379.629197][T11304] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 379.646874][T11304] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 379.860084][T11328] FAULT_INJECTION: forcing a failure. [ 379.860084][T11328] name fail_futex, interval 1, probability 0, space 0, times 0 [ 379.892774][T11328] CPU: 1 UID: 0 PID: 11328 Comm: syz.3.1286 Tainted: G U L syzkaller #0 PREEMPT(full) [ 379.892818][T11328] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 379.892828][T11328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 379.892844][T11328] Call Trace: [ 379.892853][T11328] [ 379.892863][T11328] dump_stack_lvl+0x16c/0x1f0 [ 379.892908][T11328] should_fail_ex+0x512/0x640 [ 379.892942][T11328] get_futex_key+0x1d0/0x15f0 [ 379.892975][T11328] ? __pfx_get_futex_key+0x10/0x10 [ 379.893013][T11328] futex_wait_setup+0x9d/0x570 [ 379.893057][T11328] __futex_wait+0x193/0x2f0 [ 379.893090][T11328] ? __pfx___futex_wait+0x10/0x10 [ 379.893129][T11328] ? __pfx_futex_wake_mark+0x10/0x10 [ 379.893185][T11328] ? find_held_lock+0x2b/0x80 [ 379.893223][T11328] ? futex_private_hash_put+0x160/0x1b0 [ 379.893253][T11328] futex_wait+0xe8/0x380 [ 379.893282][T11328] ? __pfx_futex_wait+0x10/0x10 [ 379.893320][T11328] ? __lock_acquire+0x436/0x2890 [ 379.893348][T11328] do_futex+0x229/0x350 [ 379.893376][T11328] ? __pfx_do_futex+0x10/0x10 [ 379.893405][T11328] ? find_held_lock+0x2b/0x80 [ 379.893467][T11328] __x64_sys_futex+0x1e0/0x4c0 [ 379.893505][T11328] ? __pfx___x64_sys_futex+0x10/0x10 [ 379.893535][T11328] ? xfd_validate_state+0x61/0x180 [ 379.893571][T11328] do_syscall_64+0xcd/0xf80 [ 379.893598][T11328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 379.893623][T11328] RIP: 0033:0x7f480ad8f7c9 [ 379.893644][T11328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 379.893668][T11328] RSP: 002b:00007f480bc750e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 379.893692][T11328] RAX: ffffffffffffffda RBX: 00007f480afe6098 RCX: 00007f480ad8f7c9 [ 379.893711][T11328] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f480afe6098 [ 379.893727][T11328] RBP: 00007f480afe6090 R08: 0000000000000000 R09: 0000000000000000 [ 379.893742][T11328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 379.893758][T11328] R13: 00007f480afe6128 R14: 00007ffe5fabde80 R15: 00007ffe5fabdf68 [ 379.893794][T11328] [ 381.045503][ T5153] Bluetooth: hci0: command 0x0c1a tx timeout [ 381.392067][T11362] FAULT_INJECTION: forcing a failure. [ 381.392067][T11362] name fail_futex, interval 1, probability 0, space 0, times 0 [ 381.509167][T11362] CPU: 0 UID: 0 PID: 11362 Comm: syz.1.1296 Tainted: G U L syzkaller #0 PREEMPT(full) [ 381.509208][T11362] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 381.509219][T11362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 381.509236][T11362] Call Trace: [ 381.509246][T11362] [ 381.509255][T11362] dump_stack_lvl+0x16c/0x1f0 [ 381.509298][T11362] should_fail_ex+0x512/0x640 [ 381.509330][T11362] get_futex_key+0x1d0/0x15f0 [ 381.509363][T11362] ? __pfx_get_futex_key+0x10/0x10 [ 381.509402][T11362] futex_wait_setup+0x9d/0x570 [ 381.509450][T11362] __futex_wait+0x193/0x2f0 [ 381.509485][T11362] ? __pfx___futex_wait+0x10/0x10 [ 381.509526][T11362] ? __pfx_futex_wake_mark+0x10/0x10 [ 381.509567][T11362] ? find_held_lock+0x2b/0x80 [ 381.509605][T11362] ? futex_private_hash_put+0x160/0x1b0 [ 381.509634][T11362] futex_wait+0xe8/0x380 [ 381.509667][T11362] ? __pfx_futex_wait+0x10/0x10 [ 381.509708][T11362] ? __lock_acquire+0x436/0x2890 [ 381.509739][T11362] do_futex+0x229/0x350 [ 381.509768][T11362] ? __pfx_do_futex+0x10/0x10 [ 381.509799][T11362] ? find_held_lock+0x2b/0x80 [ 381.509834][T11362] __x64_sys_futex+0x1e0/0x4c0 [ 381.509867][T11362] ? __pfx___x64_sys_futex+0x10/0x10 [ 381.509895][T11362] ? xfd_validate_state+0x61/0x180 [ 381.509931][T11362] do_syscall_64+0xcd/0xf80 [ 381.509958][T11362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.509983][T11362] RIP: 0033:0x7f8338f8f7c9 [ 381.510004][T11362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 381.510028][T11362] RSP: 002b:00007f8339d7f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 381.510061][T11362] RAX: ffffffffffffffda RBX: 00007f83391e6098 RCX: 00007f8338f8f7c9 [ 381.510080][T11362] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f83391e6098 [ 381.510096][T11362] RBP: 00007f83391e6090 R08: 0000000000000000 R09: 0000000000000000 [ 381.510113][T11362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 381.510128][T11362] R13: 00007f83391e6128 R14: 00007fffe7a975c0 R15: 00007fffe7a976a8 [ 381.510165][T11362] [ 381.727375][ T5153] Bluetooth: hci3: command 0x0c1a tx timeout [ 381.727401][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 381.876386][ T52] Bluetooth: hci2: command 0x0c1a tx timeout [ 382.109839][T11369] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1297'. [ 383.813138][T11407] FAULT_INJECTION: forcing a failure. [ 383.813138][T11407] name fail_futex, interval 1, probability 0, space 0, times 0 [ 383.852601][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.859108][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.871963][ T1300] ------------[ cut here ]------------ [ 383.877738][ T1300] WARNING: ./include/linux/skbuff.h:3227 at lowpan_xmit+0xea9/0x1210, CPU#1: aoe_tx0/1300 [ 383.887696][ T1300] Modules linked in: [ 383.891809][ T1300] CPU: 1 UID: 0 PID: 1300 Comm: aoe_tx0 Tainted: G U L syzkaller #0 PREEMPT(full) [ 383.902418][ T1300] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 383.907629][ T1300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 383.907740][T11407] CPU: 0 UID: 0 PID: 11407 Comm: syz.1.1307 Tainted: G U L syzkaller #0 PREEMPT(full) [ 383.907781][T11407] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 383.907790][T11407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 383.907805][T11407] Call Trace: [ 383.907814][T11407] [ 383.907824][T11407] dump_stack_lvl+0x16c/0x1f0 [ 383.907872][T11407] should_fail_ex+0x512/0x640 [ 383.907902][T11407] get_futex_key+0x1d0/0x15f0 [ 383.907934][T11407] ? __pfx_get_futex_key+0x10/0x10 [ 383.907958][T11407] ? find_held_lock+0x2b/0x80 [ 383.907998][T11407] futex_wake+0xea/0x530 [ 383.908026][T11407] ? futex_wait+0x120/0x380 [ 383.908057][T11407] ? __pfx_futex_wait+0x10/0x10 [ 383.908088][T11407] ? __pfx_futex_wake+0x10/0x10 [ 383.908123][T11407] ? __lock_acquire+0x436/0x2890 [ 383.908146][T11407] ? kmem_cache_free+0x171/0x770 [ 383.908188][T11407] do_futex+0x1e3/0x350 [ 383.908216][T11407] ? __pfx_do_futex+0x10/0x10 [ 383.908246][T11407] ? find_held_lock+0x2b/0x80 [ 383.908282][T11407] __x64_sys_futex+0x1e0/0x4c0 [ 383.908312][T11407] ? __fget_files+0x20e/0x3c0 [ 383.908344][T11407] ? __pfx___x64_sys_futex+0x10/0x10 [ 383.908376][T11407] ? fdget+0x187/0x210 [ 383.908413][T11407] do_syscall_64+0xcd/0xf80 [ 383.908438][T11407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.908462][T11407] RIP: 0033:0x7f8338f8f7c9 [ 383.908483][T11407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 383.908507][T11407] RSP: 002b:00007f8339d7f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 383.908530][T11407] RAX: ffffffffffffffda RBX: 00007f83391e6098 RCX: 00007f8338f8f7c9 [ 383.908547][T11407] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f83391e609c [ 383.908563][T11407] RBP: 00007f83391e6090 R08: 00007f8339da1000 R09: 0000000000000000 [ 383.908579][T11407] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 383.908596][T11407] R13: 00007f83391e6128 R14: 00007fffe7a975c0 R15: 00007fffe7a976a8 [ 383.908630][T11407] [ 384.120386][ T1300] RIP: 0010:lowpan_xmit+0xea9/0x1210 [ 384.125746][ T1300] Code: ff ff 4c 89 ff 48 01 81 38 02 00 00 e8 40 b8 0f fe e9 e6 fb ff ff e8 66 32 8f f6 90 0f 0b 90 e9 a3 f5 ff ff e8 58 32 8f f6 90 <0f> 0b 90 e9 86 f6 ff ff e8 4a 32 8f f6 0f b7 8d e0 fe ff ff 44 8b [ 384.145402][ T1300] RSP: 0018:ffffc9000487f860 EFLAGS: 00010293 [ 384.151493][ T1300] RAX: 0000000000000000 RBX: ffffc9000487f8e0 RCX: ffffffff8b2f22ac [ 384.159529][ T1300] RDX: ffff888028458000 RSI: ffffffff8b2f2c28 RDI: 0000000000000003 [ 384.167549][ T1300] RBP: ffffc9000487f9f0 R08: 0000000000000003 R09: 000000000000ffff [ 384.175584][ T1300] R10: 000000000000ffff R11: 0000000000000000 R12: ffff88802c0aa976 [ 384.183571][ T1300] R13: 000000000000ffff R14: ffff888028148d90 R15: ffff88802c0aa8c0 [ 384.191588][ T1300] FS: 0000000000000000(0000) GS:ffff8881249f6000(0000) knlGS:0000000000000000 [ 384.200571][ T1300] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 384.207194][ T1300] CR2: 000055558e884808 CR3: 0000000065a8c000 CR4: 00000000003526f0 [ 384.215228][ T1300] Call Trace: [ 384.218527][ T1300] [ 384.221472][ T1300] ? __pfx_lowpan_xmit+0x10/0x10 [ 384.226485][ T1300] ? lockdep_unlock+0x64/0xd0 [ 384.231178][ T1300] ? __lock_acquire+0x12c2/0x2890 [ 384.236245][ T1300] ? __pfx_netif_skb_features+0x10/0x10 [ 384.241816][ T1300] ? dev_hard_start_xmit+0x97/0x6e0 [ 384.247060][ T1300] dev_hard_start_xmit+0x97/0x6e0 [ 384.252115][ T1300] __dev_queue_xmit+0x6d7/0x46c0 [ 384.257169][ T1300] ? rcu_is_watching+0x12/0xc0 [ 384.261956][ T1300] ? finish_task_switch.isra.0+0x207/0xbd0 [ 384.267822][ T1300] ? __pfx___dev_queue_xmit+0x10/0x10 [ 384.273394][ T1300] ? __lock_acquire+0x436/0x2890 [ 384.278362][ T1300] ? ref_tracker_free+0x37c/0x830 [ 384.283411][ T1300] ? do_raw_spin_lock+0x12c/0x2b0 [ 384.288505][ T1300] ? find_held_lock+0x2b/0x80 [ 384.293207][ T1300] ? skb_dequeue+0x126/0x180 [ 384.297852][ T1300] ? find_held_lock+0x2b/0x80 [ 384.302561][ T1300] ? rcu_is_watching+0x12/0xc0 [ 384.307399][ T1300] tx+0xcc/0x190 [ 384.310965][ T1300] ? __pfx_tx+0x10/0x10 [ 384.315172][ T1300] kthread+0x1e4/0x3e0 [ 384.319289][ T1300] ? find_held_lock+0x2b/0x80 [ 384.323968][ T1300] ? __pfx_kthread+0x10/0x10 [ 384.328603][ T1300] ? __pfx_default_wake_function+0x10/0x10 [ 384.334426][ T1300] ? lockdep_hardirqs_on+0x7c/0x110 [ 384.339672][ T1300] ? __kthread_parkme+0x19e/0x250 [ 384.344716][ T1300] ? __pfx_kthread+0x10/0x10 [ 384.349339][ T1300] kthread+0x3c5/0x780 [ 384.353431][ T1300] ? __pfx_kthread+0x10/0x10 [ 384.358058][ T1300] ? rcu_is_watching+0x12/0xc0 [ 384.362837][ T1300] ? __pfx_kthread+0x10/0x10 [ 384.367454][ T1300] ret_from_fork+0x983/0xb10 [ 384.372062][ T1300] ? __pfx_ret_from_fork+0x10/0x10 [ 384.377226][ T1300] ? __switch_to+0x7af/0x10d0 [ 384.381918][ T1300] ? __pfx_kthread+0x10/0x10 [ 384.386549][ T1300] ret_from_fork_asm+0x1a/0x30 [ 384.391425][ T1300] [ 384.394440][ T1300] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 384.401729][ T1300] CPU: 1 UID: 0 PID: 1300 Comm: aoe_tx0 Tainted: G U L syzkaller #0 PREEMPT(full) [ 384.412335][ T1300] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 384.417522][ T1300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 384.427581][ T1300] Call Trace: [ 384.430859][ T1300] [ 384.433791][ T1300] dump_stack_lvl+0x3d/0x1f0 [ 384.438438][ T1300] vpanic+0x640/0x6f0 [ 384.442435][ T1300] ? lowpan_xmit+0xea9/0x1210 [ 384.447120][ T1300] panic+0xca/0xd0 [ 384.450846][ T1300] ? __pfx_panic+0x10/0x10 [ 384.455273][ T1300] ? check_panic_on_warn+0x1f/0xb0 [ 384.460387][ T1300] check_panic_on_warn+0xab/0xb0 [ 384.465327][ T1300] __warn+0x108/0x3c0 [ 384.469311][ T1300] __report_bug+0x2a0/0x520 [ 384.473904][ T1300] ? lowpan_xmit+0xea9/0x1210 [ 384.478583][ T1300] ? __pfx___report_bug+0x10/0x10 [ 384.483628][ T1300] ? kasan_save_stack+0x42/0x60 [ 384.488482][ T1300] ? kasan_save_stack+0x33/0x60 [ 384.493331][ T1300] ? kasan_save_track+0x14/0x30 [ 384.498184][ T1300] ? kasan_save_free_info+0x3b/0x60 [ 384.503381][ T1300] ? __kasan_slab_free+0x5f/0x80 [ 384.508326][ T1300] ? kmem_cache_free+0x2d8/0x770 [ 384.513265][ T1300] ? kfree_skbmem+0x1a4/0x1f0 [ 384.517944][ T1300] ? tx+0xcc/0x190 [ 384.521662][ T1300] ? kthread+0x1e4/0x3e0 [ 384.525909][ T1300] ? lowpan_xmit+0xea9/0x1210 [ 384.530586][ T1300] report_bug+0xb2/0x220 [ 384.534850][ T1300] ? lowpan_xmit+0xea9/0x1210 [ 384.539546][ T1300] handle_bug+0x127/0x260 [ 384.543906][ T1300] exc_invalid_op+0x17/0x50 [ 384.548429][ T1300] asm_exc_invalid_op+0x1a/0x20 [ 384.553283][ T1300] RIP: 0010:lowpan_xmit+0xea9/0x1210 [ 384.558573][ T1300] Code: ff ff 4c 89 ff 48 01 81 38 02 00 00 e8 40 b8 0f fe e9 e6 fb ff ff e8 66 32 8f f6 90 0f 0b 90 e9 a3 f5 ff ff e8 58 32 8f f6 90 <0f> 0b 90 e9 86 f6 ff ff e8 4a 32 8f f6 0f b7 8d e0 fe ff ff 44 8b [ 384.578186][ T1300] RSP: 0018:ffffc9000487f860 EFLAGS: 00010293 [ 384.584257][ T1300] RAX: 0000000000000000 RBX: ffffc9000487f8e0 RCX: ffffffff8b2f22ac [ 384.592224][ T1300] RDX: ffff888028458000 RSI: ffffffff8b2f2c28 RDI: 0000000000000003 [ 384.600207][ T1300] RBP: ffffc9000487f9f0 R08: 0000000000000003 R09: 000000000000ffff [ 384.608185][ T1300] R10: 000000000000ffff R11: 0000000000000000 R12: ffff88802c0aa976 [ 384.616157][ T1300] R13: 000000000000ffff R14: ffff888028148d90 R15: ffff88802c0aa8c0 [ 384.624138][ T1300] ? lowpan_xmit+0x52c/0x1210 [ 384.628829][ T1300] ? lowpan_xmit+0xea8/0x1210 [ 384.633543][ T1300] ? __pfx_lowpan_xmit+0x10/0x10 [ 384.638484][ T1300] ? lockdep_unlock+0x64/0xd0 [ 384.643173][ T1300] ? __lock_acquire+0x12c2/0x2890 [ 384.648200][ T1300] ? __pfx_netif_skb_features+0x10/0x10 [ 384.653758][ T1300] ? dev_hard_start_xmit+0x97/0x6e0 [ 384.658953][ T1300] dev_hard_start_xmit+0x97/0x6e0 [ 384.664034][ T1300] __dev_queue_xmit+0x6d7/0x46c0 [ 384.669018][ T1300] ? rcu_is_watching+0x12/0xc0 [ 384.673787][ T1300] ? finish_task_switch.isra.0+0x207/0xbd0 [ 384.679624][ T1300] ? __pfx___dev_queue_xmit+0x10/0x10 [ 384.685007][ T1300] ? __lock_acquire+0x436/0x2890 [ 384.689945][ T1300] ? ref_tracker_free+0x37c/0x830 [ 384.694975][ T1300] ? do_raw_spin_lock+0x12c/0x2b0 [ 384.700008][ T1300] ? find_held_lock+0x2b/0x80 [ 384.704688][ T1300] ? skb_dequeue+0x126/0x180 [ 384.709280][ T1300] ? find_held_lock+0x2b/0x80 [ 384.713973][ T1300] ? rcu_is_watching+0x12/0xc0 [ 384.718745][ T1300] tx+0xcc/0x190 [ 384.722291][ T1300] ? __pfx_tx+0x10/0x10 [ 384.726443][ T1300] kthread+0x1e4/0x3e0 [ 384.730520][ T1300] ? find_held_lock+0x2b/0x80 [ 384.735199][ T1300] ? __pfx_kthread+0x10/0x10 [ 384.739796][ T1300] ? __pfx_default_wake_function+0x10/0x10 [ 384.745604][ T1300] ? lockdep_hardirqs_on+0x7c/0x110 [ 384.750804][ T1300] ? __kthread_parkme+0x19e/0x250 [ 384.755842][ T1300] ? __pfx_kthread+0x10/0x10 [ 384.760448][ T1300] kthread+0x3c5/0x780 [ 384.764514][ T1300] ? __pfx_kthread+0x10/0x10 [ 384.769102][ T1300] ? rcu_is_watching+0x12/0xc0 [ 384.773877][ T1300] ? __pfx_kthread+0x10/0x10 [ 384.778469][ T1300] ret_from_fork+0x983/0xb10 [ 384.783058][ T1300] ? __pfx_ret_from_fork+0x10/0x10 [ 384.788169][ T1300] ? __switch_to+0x7af/0x10d0 [ 384.792847][ T1300] ? __pfx_kthread+0x10/0x10 [ 384.797444][ T1300] ret_from_fork_asm+0x1a/0x30 [ 384.802228][ T1300] [ 384.805664][ T1300] Kernel Offset: disabled [ 384.809980][ T1300] Rebooting in 86400 seconds..