last executing test programs: 21.574946226s ago: executing program 1 (id=4528): socket(0x10, 0x2, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'caif0\x00'}) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') r1 = socket(0x2, 0x1, 0x0) mmap$auto(0xffffffffffffffff, 0x20005, 0x1ff, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, 0x0) mmap$auto(0x3, 0x2020008, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fff) madvise$auto(0x0, 0xffffffffffff0009, 0x17) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_l2tp(0x0, r1) madvise$auto(0x0, 0x0, 0xa) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x100, 0x0, 0x13, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) socket(0x2, 0x1, 0x106) connect$auto(0x3, 0x0, 0x54) ioprio_set$auto(0x3, 0x0, 0x4b34) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x86, 0x8, 0x0, 0x0, 0x7) mbind$auto(0x0, 0x100000004, 0x100000001, 0x0, 0x6, 0x2) madvise$auto(0x1000000, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 18.858558579s ago: executing program 1 (id=4535): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x8901, 0x0) ioctl$auto(r0, 0x5522, r0) ioctl$auto(r0, 0x5521, 0xffffffffffffffff) mmap$auto(0x0, 0x2020029, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000) setresuid$auto(0x0, 0x7, 0x8080) setfsuid$auto(0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) bind$auto(0x3, 0x0, 0x6b) connect$auto(r1, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x55) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000001dc0)={0x0, 0x100000, &(0x7f0000001d80)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r2 = socket(0x15, 0x5, 0x0) getsockopt$auto(r2, 0x114, 0x271c, 0xfffffffffffffffc, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x8a001, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0xe, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x202000, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40146f2c, 0x0) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x403c6f2b, 0x0) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0) rseq$auto(&(0x7f0000000480)={0x9, 0x401, 0x0, 0x20000006, 0x200, 0x0, "d04960"}, 0x8003, 0x0, 0xb) io_uring_setup$auto(0x48, 0x0) 18.428076048s ago: executing program 1 (id=4537): rt_sigtimedwait$auto(&(0x7f0000000040)={0xc00000}, 0x0, &(0x7f0000000180), 0x8) ioctl$auto_UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000300)={0xffffffffffffffff, 0x1, 0x6, 0x4}) close_range$auto(r0, 0x8, 0x0) socket(0x10, 0x2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto_SO_BINDTOIFINDEX(r0, 0x6, 0x3e, &(0x7f0000000340)='/dev/kvm\x00', &(0x7f0000000380)=0x8) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/fail-nth\x00', 0x62200, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ustat$auto(0x801, 0x0) r1 = socket(0x27, 0x5, 0x5) getsockopt$auto(r1, 0x84, 0x9, 0x0, 0x0) r2 = socket(0xa, 0x2, 0x0) setsockopt$auto(r2, 0x29, 0x30, 0x0, 0x6) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x55) r3 = socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x2000040080000004, 0xe) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000e80)=""/206, 0xe2) mmap$auto(0x4, 0x4020009, 0x6, 0x9ed7, 0x401, 0xdb) ioctl$auto(0xffffffffffffffff, 0x90006441, 0xc35) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r4 = getpgid(0x0) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r4, 0x8, 0x0) open(0x0, 0x2a4c0, 0x40) execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) write$auto(0xca, &(0x7f0000000000)='\x04>\x01\x01\x00\x00\x00\x01\x00\xb6', 0x7f) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), r3) 17.322078142s ago: executing program 1 (id=4540): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) ustat$auto(0xba1, 0x0) unshare$auto(0x40000080) r0 = socket(0x2c, 0x3, 0x0) unshare$auto(0x4) r1 = getpid() bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={r1, 0x3, 0x4, 0x88, 0x40008, 0xae85, r0, 0x4, 0x7ff}, 0x6f4) prctl$auto(0x3e, 0x20000001, 0x0, 0x1, 0x0) unshare$auto(0x2) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/ext4/sda1/first_error_time\x00', 0xe80, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001280)=""/4124, 0x101c) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) io_uring_setup$auto(0x4, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x541b, 0x38) 16.448706458s ago: executing program 1 (id=4543): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x8901, 0x0) ioctl$auto(r0, 0x5522, r0) ioctl$auto(r0, 0x5521, 0xffffffffffffffff) mmap$auto(0x0, 0x2020029, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000) setresuid$auto(0x0, 0x7, 0x8080) setfsuid$auto(0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) r1 = syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) write$auto(r2, 0x0, 0xfffffdef) fcntl$auto_F_ADD_SEALS(r2, 0x409, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x8c42, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r4 = set_tid_address$auto(0x0) r5 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r5, 0x107, 0xf, 0x0, 0x6) r6 = setfsuid$auto(0xee00) setresuid$auto(r6, 0x0, r6) msgctl$auto_MSG_INFO(0x8, 0xc, &(0x7f0000000200)={{0x9, 0x0, 0xffffffffffffffff, 0x800, 0x10, 0xad15, 0x7}, &(0x7f0000000180)=0xf, &(0x7f00000003c0)=0x3, 0x3ff, 0x5, 0x200, 0x0, 0x65, 0x7, 0x2, 0x3, @inferred=r1, @inferred=r4}) waitid$auto_P_PID(0x1, r1, 0x0, 0x7, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r3, 0xc0405519, &(0x7f0000000080)={@raw=0x1, 0xd0, 0x200, 0xc, "802e41a0c415f060e95578fba210b73e00006ff3ac492bb1ce76676da70700c1c88f5c900c00", @inferred=r7}) r8 = semctl$auto_GETPID(0x19, 0x5a48, 0xb, 0x6) mmap$auto(0x0, 0x40008, 0x1000000004, 0x9b72, 0x2, 0x8000) userfaultfd$auto(0x1) ioctl$auto(r5, 0x6, r5) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, &(0x7f0000000040)={{@inferred=r4, 0x8, 0x5, 0x4338, "0508ef5c02864dd5c35496fab129fe93e170b30016d0cf0a93b570d8ea6943760ea9119f58f5db6093defac0", @inferred=0xffffffffffffffff}, 0x10, 0x1, 0x3, @inferred=r8, @integer={0x7, 0x3fffc000000, 0x9}, "ece132c65533f6ae0f69aea0f58e0ec1fed8e73a2133901c005333801c23678a8922a550ace2a9c0c2c66c50c9048320382f8e2a87ac9e4a277621056af6f983"}) 15.955307337s ago: executing program 1 (id=4546): r0 = pipe2$auto(0x0, 0x0) open_tree_attr$auto(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x4) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r1, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_XFS_IOC_FREESP(r0, 0x4030580b, &(0x7f0000000100)={0x6a6e, 0x2, 0x0, 0x5f6, 0x1, 0x0}) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x7, 0x4) read$auto_vhci_fops_hci_vhci(r2, &(0x7f0000000d40)=""/16, 0x10) (fail_nth: 1) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x200948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x6, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) request_key$auto_KEY_SPEC_GROUP_KEYRING(0x0, 0x0, 0x0, 0xfffffffffffffffa) ioctl$auto(0x3, 0x8905, 0x38) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) futex$auto(0x0, 0x9, 0x2948, 0x0, 0x0, 0x9) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0) 7.826181291s ago: executing program 0 (id=4566): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) seccomp$auto(0x2, 0x10, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2c40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001c00)=""/4109, 0x100d) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0xa0000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) get_mempolicy$auto(0x0, 0x0, 0x2, 0x86, 0x9) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card2\x00', 0x688200, 0x0) mmap$auto(0xd, 0x20007, 0x5, 0xeb1, 0x401, 0x10000008000) unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/use_carrier\x00', 0x103b02, 0x0) sendfile$auto(r0, r0, 0x0, 0x8080000001) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) io_submit$auto(0x8e4, 0x2, 0x0) read$auto(0xffffffffffffffff, &(0x7f0000000080)='/dev/snapshot\x00', 0xb00) r1 = socket(0x2a, 0x2, 0xffffffff) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55) getpeername$auto(r1, &(0x7f0000000000)=@ethernet={0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, &(0x7f0000000040)=0x4) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) 7.082548989s ago: executing program 3 (id=4568): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/sockstat\x00', 0x8000, 0x0) close_range$auto(0x2, r0, 0x0) socket(0x10, 0x2, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/oom_adj\x00', 0x200, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x183042, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0xd, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x40100, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0xff04, 0x0) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0x1a, 0x2, 0xffffffff) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="0cf789cc03000000cf2ec2e6ae735c109e05cce46c5f9961f06027dd3a13de890e15", @ANYRES8=r2, @ANYBLOB="000336bd7000fedbdf250200000005"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, 0x0) write$auto(0x3, 0x0, 0xffd8) 6.861094408s ago: executing program 3 (id=4569): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket(0x22, 0x3, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) socket(0xa, 0x3, 0xff) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, 0x0, 0x0) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) futex_wake$auto(0x0, 0x5, 0x4, 0xa) sysfs$auto(0x2, 0x20, 0x0) shmget$auto(0x8, 0x10563, 0x568d1af2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000e1, 0xeb2, 0x401, 0x8000) 6.359763652s ago: executing program 0 (id=4571): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x2000c055) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r4, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000000100)={0x30, r5, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0xd, 0x4, 0x0, 0x1, [@nested={0x4, 0x45}, @generic="141fc94af8"]}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x48000}, 0x0) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)={0x154, r3, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x1, 0x7}}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x17, 0x13, "13c366f9244357d432f2e44cc4bf4e5878fe5d"}, @NL80211_ATTR_WIPHY_NAME={0x8, 0x2, '/${\x00'}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x8}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x2}, @NL80211_ATTR_SCAN_SSIDS={0xe0, 0x2d, 0x0, 0x1, [@typed={0xdb, 0x9e, 0x0, 0x0, @binary="b4fd0d01c34ee935559dfeee2d5379f816ca8beef6bffba850a2bb7cb3dbf29cc7f3c293e5141baa70de2f3150d0346dc2bf13c66d273e9492155da97106304601c218d9948eb5181f91d2d23af177cada692bff7e26f553cf563f9667bc0535dd31bcd34030a2c3f49e31790e9c7224a832221de5435944a790e58e20765d5a0ba416d5a1df1a52c8b0d50829461b158b8b9a01e5d61008355a55e513193448e41337a1bc732a4e8e1260c9758a1739b2fc4061bca043457cd851f9d642c1ae9694bf61dd1f8acadbf547a0c05b0adcfd9908164ef2dd"}]}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@typed={0xc, 0x140, 0x0, 0x0, @u64=0x3}]}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x8}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x7}]}, 0x154}, 0x1, 0x0, 0x0, 0x20000800}, 0x10) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) mlockall$auto(0x7) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4, 0xffffffffffffffff}, 0xa) r7 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000180), r6) sendmsg$auto_OVS_METER_CMD_SET(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x18, r7, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_KBPS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x44000) ptrace$auto(0x80010, 0x0, 0x2, 0x1007ff) 5.401472098s ago: executing program 3 (id=4573): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smbd_genl(0x0, r0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = memfd_create$auto(0x0, 0x4) r3 = socket(0xa, 0x3, 0x3a) statx$auto(r2, 0x0, 0x1000, 0xbdfc, 0x0) setsockopt$auto(r3, 0x29, 0x14, 0x0, 0x56b) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, r1, 0xae84f8b562dd7d63, 0x70bd30, 0x24dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x20000060) mmap$auto(0x5, 0x20009, 0x4000000000df, 0x16, 0xffffffffffffffff, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) socket(0x1d, 0x1, 0x7fff) prlimit64$auto(0x0, 0xa3d, 0x0, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/pcie_aspm/parameters/policy\x00', 0x420041, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) r6 = socket(0x18, 0x5, 0x1) syz_genetlink_get_family_id$auto_smbd_genl(0x0, r6) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r6, 0x0, 0x30004850) close_range$auto(r5, 0x8, 0x4) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/bus/usb/037/001\x00', 0x40001, 0x0) 4.540502871s ago: executing program 0 (id=4576): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setuid$auto(0x800000000008) r0 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000), 0x14280, 0x0) mmap$auto(0x0, 0x20006, 0x4000000000dd, 0x13, r0, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mbind$auto(0x8000000000000002, 0x100000004, 0x100000000, 0x0, 0x9, 0x2) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x100, 0x4020000000df, 0x13, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) socket(0x27, 0x2, 0x106) connect$auto(0x3, 0x0, 0x54) ioprio_set$auto(0x4, 0xffffffffffffffff, 0x1b) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x86, 0x8, 0x0, 0x0, 0x7) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x1000000, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) madvise$auto(0x6, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) semctl$auto(0x1ff, 0x2, 0x13, 0x4) clone3$auto(&(0x7f0000000000)={0x200, 0x5, 0x7, 0x2, 0x1, 0x87, 0x8, 0xb, 0x9, 0x2, 0xcb6}, 0xaa) 3.983388541s ago: executing program 0 (id=4577): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) write$auto(r0, 0x0, 0x2) getrlimit$auto(0x3, 0x0) fdatasync$auto(r0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000280), r2) sendmsg$auto_TIPC_NL_MON_GET(r2, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000024cbc22f2163ad72de067bc9de8648724ba1af3ad10400000000000000896d06046d499a5eb5cac91b9daf88db31e4e81f319f7acd078b3456a628513d938697617d559e876b14d62993915317df868db0b6ab72309d5746d2f97c416124dfe5b2171488a38be495207ac5b6f56cb100000000000000", @ANYRES16=r3, @ANYBLOB="28012cbd7000fcdbdf2512000000"], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x5d3b7921df67126d) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r4, 0xffffffffffdffe00, &(0x7f0000000140)=';') pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc0, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x400802, 0x0) read$auto(r5, &(0x7f0000000000)='{%\x00', 0x9) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000140)={{@inferred, 0x0, 0x4, 0x8, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d"}, 0x3, 0x5, 0x4, @raw=0x2, @enumerated={0x20003, 0x800, "c832bcbae48ab01ec23457b7fd2dd3547c4e2eeba79edd0d1599ded9cbfaf517162fbe6a6f50f1aaa18fb20cabb4f176263bb0e781e3d0a2f992e8fcdcec86d9", 0x0, 0xc278}, "7a9fc199a16f2313eacf2fc7ae1da978dc3e8005004fdd6907000000000000000ada55bdd70925450a24e87213f0bcab84a16f7ce8cbce0bb32708000f8d7c2d"}) 3.248898316s ago: executing program 3 (id=4578): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000005380)={0x0, 0x2f00, &(0x7f0000005340)={&(0x7f0000000000)={0x14, r2, 0x1, 0x870bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x14, r2, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x200048d0) 3.025263716s ago: executing program 2 (id=4579): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002a40), r0) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f00000050c0)={0x0, 0xf5ff, &(0x7f0000005080)={&(0x7f0000002a80)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008050) 2.712044184s ago: executing program 2 (id=4580): openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, 0x0, 0x800, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001f00), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd2e, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x10, 0x1, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @str='@):^\\/\\\x00'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x24040804) (fail_nth: 2) 2.673336518s ago: executing program 3 (id=4581): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f0000000040)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) io_uring_setup$auto(0x1, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) r1 = io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x2, 0x4) getsockname$auto(0x3, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000000000)={0x6, r0}) ioctl$auto_TCFLSH2(r2, 0x540b, &(0x7f0000000080)="3b8fca8b243212137544216532bb085045f6e121a440c5244a988ca434b95bbe25f6210d332c1e1912b793a19bd0454328b7eeeda290ae0a8c3b55f7afe9c649980615e214409f7f6789149927b55b9ddfa73725a5e702261ef7af5e8442f832a33ea551054f009241db03a7b74ea31369e02eccb314a94a399abca1d233ab09") 2.246735912s ago: executing program 2 (id=4582): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x6) setitimer$auto(0x2, &(0x7f00000005c0)={{0x0, 0x5}, {0x0, 0x8}}, 0x0) write$auto(0x3, 0x0, 0xfdef) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) ioctl$auto_SNDCTL_DSP_GETBLKSIZE(0xffffffffffffffff, 0xc0045004, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm0p/oss\x00', 0x101000, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x4070aea0, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0xffffffffffffffff, 0x4b72, 0xffffffffffffffff) ioctl$auto(0x3, 0x80000541b, 0x38) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x50902, 0x0) write$auto(r2, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x4a) keyctl$auto(0x8, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x200048d0) 1.767981048s ago: executing program 2 (id=4583): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000003c0)='/proc/self/net/dev_snmp6/veth0_to_hsr\x00', &(0x7f0000000400)={0xc, 0x1, "7ba266e92bc849f45f630f02"}, &(0x7f0000000480), 0x200) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000080)="8ce968f6d33e1d1a4f6a2f12f470f8cdb7dfeaf02768589362668247de44a359e8d9c13d4e52cc42ef43f1d4c965d3d505ad05f2c97a5541863adc5154e4028bdf351c0900000421cd3d73083f859a25a8b713916bb90e14883914f1b33ebd88ce433cff55ac66be2b2ea973b6fe7dfd10260b64") 1.632947189s ago: executing program 2 (id=4584): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setuid$auto(0x800000000008) r0 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000), 0x14280, 0x0) mmap$auto(0x0, 0x20006, 0x4000000000dd, 0x13, r0, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mbind$auto(0x8000000000000002, 0x100000004, 0x100000000, 0x0, 0x9, 0x2) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x100, 0x4020000000df, 0x13, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) socket(0x27, 0x2, 0x106) connect$auto(0x3, 0x0, 0x54) ioprio_set$auto(0x4, 0xffffffffffffffff, 0x1b) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x86, 0x8, 0x0, 0x0, 0x7) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x1000000, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) madvise$auto(0x6, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_ON(0x9, 0x1, 0x0, 0x8, 0x6) clone3$auto(&(0x7f0000000000)={0x200, 0x5, 0x7, 0x2, 0x1, 0x87, 0x8, 0xb, 0x9, 0x2, 0xcb6}, 0xaa) 1.278455475s ago: executing program 2 (id=4585): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smbd_genl(0x0, r0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = memfd_create$auto(0x0, 0x4) r3 = socket(0xa, 0x3, 0x3a) statx$auto(r2, 0x0, 0x1000, 0xbdfc, 0x0) setsockopt$auto(r3, 0x29, 0x14, 0x0, 0x56b) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, r1, 0xae84f8b562dd7d63, 0x70bd30, 0x24dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x20000060) mmap$auto(0x5, 0x20009, 0x4000000000df, 0x16, 0xffffffffffffffff, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) socket(0x1d, 0x1, 0x7fff) prlimit64$auto(0x0, 0xa3d, 0x0, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/pcie_aspm/parameters/policy\x00', 0x420041, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) r6 = socket(0x18, 0x5, 0x1) syz_genetlink_get_family_id$auto_smbd_genl(0x0, r6) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r6, 0x0, 0x30004850) close_range$auto(r5, 0x8, 0x4) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/bus/usb/037/001\x00', 0x40001, 0x0) 1.265743598s ago: executing program 3 (id=4586): r0 = pipe2$auto(0x0, 0x8) open_tree_attr$auto(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x4) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r1, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_XFS_IOC_FREESP(r0, 0x4030580b, &(0x7f0000000100)={0x6a6e, 0x2, 0x0, 0x5f6, 0x1, 0x0}) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x7, 0x4) read$auto_vhci_fops_hci_vhci(r2, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x200948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x6, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x0, 0x0) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_TCFLSH2(r4, 0x5453, 0x0) close_range$auto(0x2, 0x8, 0x0) request_key$auto_KEY_SPEC_GROUP_KEYRING(0x0, 0x0, 0x0, 0xfffffffffffffffa) ioctl$auto(0x3, 0x8905, 0x38) madvise$auto(0xffffffffffffffff, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) futex$auto(0x0, 0x9, 0x2948, 0x0, 0x0, 0x9) 1.134853871s ago: executing program 0 (id=4587): mmap$auto(0xd2f, 0xfffffffffffffffc, 0x3, 0xeb1, 0xfffffffffffffffa, 0x6) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004881}, 0x800) shmctl$auto(0x0, 0x376b, &(0x7f0000000180)={{0x7, 0x0, 0xee01, 0x8000004, 0xa, 0x108, 0xfff9}, 0x0, 0x80d, 0x6, 0x8, @inferred, @raw=0x40, 0x84, 0x0, 0x0, 0x0}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="72010000", @ANYBLOB="000013109e00"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f00000003c0)={{0x0, 0x7fff, &(0x7f0000000400)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x40007}, 0x3, 0x0) mmap$auto(0x0, 0xfffffffffffffffd, 0x9, 0xeb1, 0xffffffffffffffff, 0x100) mmap$auto(0xfffffffffffffffc, 0x400008, 0xdd, 0x9b72, 0x2, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) read$auto(r1, &(0x7f0000000040)='\\-\x00', 0x9e38) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/mdstat\x00', 0x400041, 0x0) pread64$auto(r3, 0x0, 0x8002a, 0x6) r4 = socket(0x23, 0x3, 0x3a) ioctl$auto(r4, 0x8912, 0x1) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x8000) socket(0x80000000000000a, 0x2, 0x0) bpf$auto(0x101, &(0x7f00000002c0)=@token_create={0x7, r0}, 0x0) socket(0xa, 0x80000, 0x84) r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/002/001\x00', 0x4a901, 0x0) ioctl$auto_USBDEVFS_CLAIM_PORT(r5, 0x80045518, &(0x7f0000000040)=0xfffffffd) close_range$auto(0x2, 0x8, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x2000006) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000280), 0x400000, 0x0) shutdown$auto(0x200000003, 0x2) 581.651942ms ago: executing program 32 (id=4546): r0 = pipe2$auto(0x0, 0x0) open_tree_attr$auto(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x4) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r1, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_XFS_IOC_FREESP(r0, 0x4030580b, &(0x7f0000000100)={0x6a6e, 0x2, 0x0, 0x5f6, 0x1, 0x0}) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x7, 0x4) read$auto_vhci_fops_hci_vhci(r2, &(0x7f0000000d40)=""/16, 0x10) (fail_nth: 1) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x200948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x6, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) request_key$auto_KEY_SPEC_GROUP_KEYRING(0x0, 0x0, 0x0, 0xfffffffffffffffa) ioctl$auto(0x3, 0x8905, 0x38) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) futex$auto(0x0, 0x9, 0x2948, 0x0, 0x0, 0x9) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0) 0s ago: executing program 0 (id=4589): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/phram/parameters/phram\x00', 0x4a481, 0x0) write$auto(r0, &(0x7f0000000040)='7\x02\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async) ioctl$auto_XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875, &(0x7f0000000100)={r0, 0x7ff}) (async) socket(0x2, 0x1, 0x106) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) fsopen$auto(0x0, 0x1) r1 = socket(0xa, 0x2, 0x88) setsockopt$auto(r1, 0x11, 0xa, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x3, 0x5e61) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) bind$auto(0x3, 0x0, 0x6b) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) (async) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) mq_timedreceive$auto(r2, &(0x7f0000000040)='\x00', 0x6, &(0x7f0000000080)=0x1e8, &(0x7f00000000c0)={0x7fffffff, 0x4}) (async) listen$auto(0x3, 0x81) (async) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) (async) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) kernel console output (not intermixed with test programs): -4 [ 1324.945480][T22068] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1324.953996][T22081] CPU: 0 UID: 0 PID: 22081 Comm: syz.2.3630 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1324.954045][T22081] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1324.954059][T22081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1324.954074][T22081] Call Trace: [ 1324.954083][T22081] [ 1324.954092][T22081] dump_stack_lvl+0x100/0x190 [ 1324.954132][T22081] should_fail_ex.cold+0x5/0xa [ 1324.954159][T22081] ? __register_sysctl_table+0xbe4/0x1650 [ 1324.954196][T22081] should_failslab+0xc2/0x120 [ 1324.954235][T22081] __kmalloc_noprof+0xe0/0x850 [ 1324.954274][T22081] __register_sysctl_table+0xbe4/0x1650 [ 1324.954316][T22081] ? __pfx___register_sysctl_table+0x10/0x10 [ 1324.954352][T22081] ? is_module_address+0x69/0xf0 [ 1324.954381][T22081] ? register_net_sysctl_sz+0x222/0x430 [ 1324.954419][T22081] __devinet_sysctl_register+0x1b9/0x360 [ 1324.954452][T22081] ? trace_kmalloc+0x101/0x130 [ 1324.954474][T22081] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 1324.954511][T22081] ? __asan_memcpy+0x3c/0x60 [ 1324.954545][T22081] devinet_init_net+0x334/0x8d0 [ 1324.954577][T22081] ? __pfx_devinet_init_net+0x10/0x10 [ 1324.954606][T22081] ops_init+0x1e2/0x5f0 [ 1324.954636][T22081] setup_net+0x118/0x3a0 [ 1324.954664][T22081] ? __pfx_setup_net+0x10/0x10 [ 1324.954689][T22081] ? lockdep_init_map_type+0x5c/0x250 [ 1324.954721][T22081] ? mutex_init_lockep+0x110/0x150 [ 1324.954756][T22081] copy_net_ns+0x46f/0x7c0 [ 1324.954789][T22081] create_new_namespaces+0x3ea/0xac0 [ 1324.954820][T22081] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1324.954848][T22081] ksys_unshare+0x455/0xab0 [ 1324.954879][T22081] ? __pfx_ksys_unshare+0x10/0x10 [ 1324.954918][T22081] __x64_sys_unshare+0x31/0x40 [ 1324.954947][T22081] do_syscall_64+0x106/0xf80 [ 1324.954972][T22081] ? clear_bhb_loop+0x40/0x90 [ 1324.955031][T22081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1324.955056][T22081] RIP: 0033:0x7f5d38d9c629 [ 1324.955076][T22081] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1324.955102][T22081] RSP: 002b:00007f5d39c2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1324.955125][T22081] RAX: ffffffffffffffda RBX: 00007f5d39015fa0 RCX: 00007f5d38d9c629 [ 1324.955141][T22081] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1324.955157][T22081] RBP: 00007f5d38e32b39 R08: 0000000000000000 R09: 0000000000000000 [ 1324.955172][T22081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1324.955187][T22081] R13: 00007f5d39016038 R14: 00007f5d39015fa0 R15: 00007ffffd401e88 [ 1324.955218][T22081] [ 1325.223142][T22081] sysctl could not get directory: /net/ipv4/conf/default -12 [ 1325.739461][T22086] FAULT_INJECTION: forcing a failure. [ 1325.739461][T22086] name failslab, interval 1, probability 0, space 0, times 0 [ 1325.761229][T22086] CPU: 0 UID: 0 PID: 22086 Comm: syz.0.3632 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1325.761279][T22086] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1325.761292][T22086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1325.761306][T22086] Call Trace: [ 1325.761315][T22086] [ 1325.761324][T22086] dump_stack_lvl+0x100/0x190 [ 1325.761362][T22086] should_fail_ex.cold+0x5/0xa [ 1325.761389][T22086] should_failslab+0xc2/0x120 [ 1325.761428][T22086] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1325.761456][T22086] ? copy_net_ns+0x135/0x7c0 [ 1325.761492][T22086] copy_net_ns+0x135/0x7c0 [ 1325.761519][T22086] ? copy_cgroup_ns+0x71/0x970 [ 1325.761548][T22086] create_new_namespaces+0x3ea/0xac0 [ 1325.761579][T22086] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1325.761606][T22086] ksys_unshare+0x455/0xab0 [ 1325.761636][T22086] ? __pfx_ksys_unshare+0x10/0x10 [ 1325.761665][T22086] ? ksys_write+0x1ac/0x250 [ 1325.761710][T22086] __x64_sys_unshare+0x31/0x40 [ 1325.761738][T22086] do_syscall_64+0x106/0xf80 [ 1325.761765][T22086] ? clear_bhb_loop+0x40/0x90 [ 1325.761794][T22086] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1325.761819][T22086] RIP: 0033:0x7fb0ce79c629 [ 1325.761838][T22086] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1325.761862][T22086] RSP: 002b:00007fb0cf58d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1325.761885][T22086] RAX: ffffffffffffffda RBX: 00007fb0cea15fa0 RCX: 00007fb0ce79c629 [ 1325.761902][T22086] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1325.761917][T22086] RBP: 00007fb0cf58d090 R08: 0000000000000000 R09: 0000000000000000 [ 1325.761931][T22086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1325.761946][T22086] R13: 00007fb0cea16038 R14: 00007fb0cea15fa0 R15: 00007ffd8e361638 [ 1325.761976][T22086] [ 1326.178543][T18205] Bluetooth: hci0: command 0x0c1a tx timeout [ 1326.614709][T22090] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3634'. [ 1326.786493][T22097] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1326.818505][T22097] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1326.860087][T22097] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1326.989431][T22097] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1328.621395][T22098] kexec: Could not allocate control_code_buffer [ 1328.865246][T18205] Bluetooth: hci1: command 0x0c1a tx timeout [ 1328.871326][T18205] Bluetooth: hci4: command 0x0419 tx timeout [ 1328.877490][T12312] Bluetooth: hci0: command 0x0c1a tx timeout [ 1329.027608][T18205] Bluetooth: hci3: command 0x0c1a tx timeout [ 1329.163631][ T30] audit: type=1326 audit(1771730580.317:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22123 comm="syz.1.3642" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efed199c629 code=0x0 [ 1332.067921][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1332.659802][T22129] Setting dangerous option i915.mitigations - tainting kernel [ 1335.259546][T22184] FAULT_INJECTION: forcing a failure. [ 1335.259546][T22184] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1335.601768][T22184] CPU: 0 UID: 0 PID: 22184 Comm: syz.1.3652 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1335.601819][T22184] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1335.601832][T22184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1335.601847][T22184] Call Trace: [ 1335.601855][T22184] [ 1335.601865][T22184] dump_stack_lvl+0x100/0x190 [ 1335.601904][T22184] should_fail_ex.cold+0x5/0xa [ 1335.601931][T22184] get_futex_key+0x295/0x1620 [ 1335.601963][T22184] ? __pfx_get_futex_key+0x10/0x10 [ 1335.602020][T22184] ? lock_acquire+0x1cf/0x380 [ 1335.602059][T22184] futex_wake+0xea/0x530 [ 1335.602096][T22184] ? __pfx_futex_wake+0x10/0x10 [ 1335.602131][T22184] ? exit_mm_release+0x19/0x30 [ 1335.602167][T22184] do_futex+0x32b/0x350 [ 1335.602197][T22184] ? __pfx_do_futex+0x10/0x10 [ 1335.602225][T22184] ? __might_fault+0xc5/0x140 [ 1335.602265][T22184] mm_release+0x24a/0x2f0 [ 1335.602289][T22184] do_exit+0x675/0x2aa0 [ 1335.602323][T22184] ? __pfx_do_exit+0x10/0x10 [ 1335.602353][T22184] ? do_raw_spin_lock+0x128/0x260 [ 1335.602386][T22184] ? find_held_lock+0x2b/0x80 [ 1335.602422][T22184] ? get_signal+0x7e0/0x21e0 [ 1335.602448][T22184] do_group_exit+0xd5/0x2a0 [ 1335.602481][T22184] get_signal+0x1ec7/0x21e0 [ 1335.602518][T22184] ? __pfx_get_signal+0x10/0x10 [ 1335.602543][T22184] ? do_futex+0x192/0x350 [ 1335.602575][T22184] arch_do_signal_or_restart+0x91/0x770 [ 1335.602606][T22184] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1335.602643][T22184] ? __pfx___x64_sys_futex+0x10/0x10 [ 1335.602679][T22184] exit_to_user_mode_loop+0x86/0x4a0 [ 1335.602712][T22184] do_syscall_64+0x668/0xf80 [ 1335.602737][T22184] ? clear_bhb_loop+0x40/0x90 [ 1335.602766][T22184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1335.602790][T22184] RIP: 0033:0x7efed199c629 [ 1335.602810][T22184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1335.602833][T22184] RSP: 002b:00007efed28920e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1335.602855][T22184] RAX: fffffffffffffe00 RBX: 00007efed1c16098 RCX: 00007efed199c629 [ 1335.602871][T22184] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007efed1c16098 [ 1335.602886][T22184] RBP: 00007efed1c16090 R08: 0000000000000000 R09: 0000000000000000 [ 1335.602900][T22184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1335.602915][T22184] R13: 00007efed1c16128 R14: 00007ffccd8e7cf0 R15: 00007ffccd8e7dd8 [ 1335.602945][T22184] [ 1337.686513][T22197] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1337.913575][T22202] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3658'. [ 1338.115766][T22204] FAULT_INJECTION: forcing a failure. [ 1338.115766][T22204] name failslab, interval 1, probability 0, space 0, times 0 [ 1338.192145][T22204] CPU: 0 UID: 0 PID: 22204 Comm: syz.1.3659 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1338.192195][T22204] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1338.192208][T22204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1338.192222][T22204] Call Trace: [ 1338.192230][T22204] [ 1338.192239][T22204] dump_stack_lvl+0x100/0x190 [ 1338.192278][T22204] should_fail_ex.cold+0x5/0xa [ 1338.192304][T22204] should_failslab+0xc2/0x120 [ 1338.192341][T22204] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1338.192369][T22204] ? copy_net_ns+0x135/0x7c0 [ 1338.192403][T22204] copy_net_ns+0x135/0x7c0 [ 1338.192430][T22204] ? copy_cgroup_ns+0x71/0x970 [ 1338.192458][T22204] create_new_namespaces+0x3ea/0xac0 [ 1338.192488][T22204] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1338.192514][T22204] ksys_unshare+0x455/0xab0 [ 1338.192544][T22204] ? __pfx_ksys_unshare+0x10/0x10 [ 1338.192571][T22204] ? ksys_write+0x1ac/0x250 [ 1338.192614][T22204] __x64_sys_unshare+0x31/0x40 [ 1338.192642][T22204] do_syscall_64+0x106/0xf80 [ 1338.192667][T22204] ? clear_bhb_loop+0x40/0x90 [ 1338.192695][T22204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1338.192718][T22204] RIP: 0033:0x7efed199c629 [ 1338.192737][T22204] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1338.192760][T22204] RSP: 002b:00007efed28b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1338.192786][T22204] RAX: ffffffffffffffda RBX: 00007efed1c15fa0 RCX: 00007efed199c629 [ 1338.192801][T22204] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1338.192815][T22204] RBP: 00007efed28b3090 R08: 0000000000000000 R09: 0000000000000000 [ 1338.192829][T22204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1338.192848][T22204] R13: 00007efed1c16038 R14: 00007efed1c15fa0 R15: 00007ffccd8e7dd8 [ 1338.192878][T22204] [ 1340.373283][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1341.788087][T22223] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1341.852239][T22223] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1341.858343][T22223] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1341.899996][T22223] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1342.913926][T22240] Setting dangerous option i915.mitigations - tainting kernel [ 1343.353285][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1343.913080][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 1343.919124][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 1343.925641][T18205] Bluetooth: hci4: command 0x0419 tx timeout [ 1345.027610][T22279] FAULT_INJECTION: forcing a failure. [ 1345.027610][T22279] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1345.091398][T22279] CPU: 0 UID: 0 PID: 22279 Comm: syz.0.3674 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1345.091451][T22279] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1345.091465][T22279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1345.091479][T22279] Call Trace: [ 1345.091487][T22279] [ 1345.091496][T22279] dump_stack_lvl+0x100/0x190 [ 1345.091536][T22279] should_fail_ex.cold+0x5/0xa [ 1345.091562][T22279] _copy_from_iter+0x1f4/0x1690 [ 1345.091603][T22279] ? __asan_memset+0x23/0x50 [ 1345.091635][T22279] ? __pfx__copy_from_iter+0x10/0x10 [ 1345.091671][T22279] ? __pfx___alloc_skb+0x10/0x10 [ 1345.091695][T22279] ? __pfx___might_resched+0x10/0x10 [ 1345.091728][T22279] ? __lock_acquire+0x4a5/0x2630 [ 1345.091765][T22279] netlink_sendmsg+0x808/0xda0 [ 1345.091799][T22279] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1345.091826][T22279] ? __import_iovec+0x1d2/0x640 [ 1345.091865][T22279] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1345.091900][T22279] ____sys_sendmsg+0xa54/0xc30 [ 1345.091936][T22279] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1345.091972][T22279] ? rcu_is_watching+0x12/0xc0 [ 1345.092006][T22279] ? ___sys_sendmsg+0x19d/0x1e0 [ 1345.092038][T22279] ? kfree+0x2ec/0x6b0 [ 1345.092071][T22279] ___sys_sendmsg+0x190/0x1e0 [ 1345.092107][T22279] ? __pfx____sys_sendmsg+0x10/0x10 [ 1345.092167][T22279] ? __pfx___might_resched+0x10/0x10 [ 1345.092213][T22279] __sys_sendmmsg+0x205/0x430 [ 1345.092244][T22279] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1345.092279][T22279] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1345.092321][T22279] ? fput+0x79/0x100 [ 1345.092345][T22279] ? ksys_write+0x1ac/0x250 [ 1345.092380][T22279] ? __pfx_ksys_write+0x10/0x10 [ 1345.092424][T22279] __x64_sys_sendmmsg+0x9c/0x100 [ 1345.092450][T22279] ? lockdep_hardirqs_on+0x78/0x100 [ 1345.092475][T22279] do_syscall_64+0x106/0xf80 [ 1345.092500][T22279] ? clear_bhb_loop+0x40/0x90 [ 1345.092529][T22279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1345.092553][T22279] RIP: 0033:0x7fb0ce79c629 [ 1345.092572][T22279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1345.092596][T22279] RSP: 002b:00007fb0cf58d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1345.092619][T22279] RAX: ffffffffffffffda RBX: 00007fb0cea15fa0 RCX: 00007fb0ce79c629 [ 1345.092635][T22279] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000004 [ 1345.092650][T22279] RBP: 00007fb0cf58d090 R08: 0000000000000000 R09: 0000000000000000 [ 1345.092665][T22279] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002 [ 1345.092679][T22279] R13: 00007fb0cea16038 R14: 00007fb0cea15fa0 R15: 00007ffd8e361638 [ 1345.092710][T22279] [ 1346.105675][T22291] FAULT_INJECTION: forcing a failure. [ 1346.105675][T22291] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1346.148271][T22291] CPU: 0 UID: 0 PID: 22291 Comm: syz.2.3677 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1346.148323][T22291] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1346.148336][T22291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1346.148351][T22291] Call Trace: [ 1346.148359][T22291] [ 1346.148368][T22291] dump_stack_lvl+0x100/0x190 [ 1346.148407][T22291] should_fail_ex.cold+0x5/0xa [ 1346.148430][T22291] ? prepare_alloc_pages+0x16d/0x5f0 [ 1346.148457][T22291] should_fail_alloc_page+0xeb/0x140 [ 1346.148496][T22291] prepare_alloc_pages+0x1f0/0x5f0 [ 1346.148525][T22291] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1346.148565][T22291] ? __lock_acquire+0x4a5/0x2630 [ 1346.148599][T22291] ? __lock_acquire+0x4a5/0x2630 [ 1346.148627][T22291] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1346.148665][T22291] ? __lock_acquire+0x4a5/0x2630 [ 1346.148699][T22291] ? __lock_acquire+0x4a5/0x2630 [ 1346.148732][T22291] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1346.148772][T22291] ? policy_nodemask+0xed/0x4f0 [ 1346.148812][T22291] alloc_pages_mpol+0x1fb/0x550 [ 1346.148851][T22291] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1346.148897][T22291] alloc_pages_noprof+0x131/0x390 [ 1346.148936][T22291] __pmd_alloc+0x3b/0x9c0 [ 1346.148964][T22291] __handle_mm_fault+0xa99/0x2b60 [ 1346.149004][T22291] ? mt_find+0x45e/0x8e0 [ 1346.149034][T22291] ? __pfx___handle_mm_fault+0x10/0x10 [ 1346.149067][T22291] ? __pfx_mt_find+0x10/0x10 [ 1346.149111][T22291] ? find_vma+0xbf/0x140 [ 1346.149146][T22291] ? __pfx_find_vma+0x10/0x10 [ 1346.149185][T22291] handle_mm_fault+0x36d/0xa20 [ 1346.149221][T22291] do_user_addr_fault+0x74c/0x12f0 [ 1346.149267][T22291] exc_page_fault+0x6f/0xd0 [ 1346.149293][T22291] asm_exc_page_fault+0x26/0x30 [ 1346.149316][T22291] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 1346.149350][T22291] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 8f 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 1346.149374][T22291] RSP: 0018:ffffc90006fb77b8 EFLAGS: 00050206 [ 1346.149392][T22291] RAX: 0000000000000001 RBX: ffff88807ac5d6c0 RCX: 00000000000000c4 [ 1346.149421][T22291] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff88807ac5d6c0 [ 1346.149435][T22291] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100f58baf0 [ 1346.149449][T22291] R10: ffff88807ac5d783 R11: 0000000000000000 R12: ffffc90006fb7d40 [ 1346.149464][T22291] R13: 0000000000000000 R14: 00000000000000c4 R15: 0000000000000000 [ 1346.149492][T22291] _copy_from_iter+0x355/0x1690 [ 1346.149531][T22291] ? __asan_memset+0x23/0x50 [ 1346.149561][T22291] ? __pfx__copy_from_iter+0x10/0x10 [ 1346.149595][T22291] ? __pfx___alloc_skb+0x10/0x10 [ 1346.149629][T22291] netlink_sendmsg+0x808/0xda0 [ 1346.149663][T22291] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1346.149689][T22291] ? __import_iovec+0x1d2/0x640 [ 1346.149726][T22291] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1346.149761][T22291] ____sys_sendmsg+0xa54/0xc30 [ 1346.149795][T22291] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1346.149831][T22291] ? __pfx__kstrtoull+0x10/0x10 [ 1346.149862][T22291] ___sys_sendmsg+0x190/0x1e0 [ 1346.149897][T22291] ? __pfx____sys_sendmsg+0x10/0x10 [ 1346.149943][T22291] ? find_held_lock+0x2b/0x80 [ 1346.150002][T22291] __sys_sendmmsg+0x205/0x430 [ 1346.150032][T22291] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1346.150067][T22291] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1346.150106][T22291] ? fput+0x79/0x100 [ 1346.150130][T22291] ? ksys_write+0x1ac/0x250 [ 1346.150163][T22291] ? __pfx_ksys_write+0x10/0x10 [ 1346.150201][T22291] __x64_sys_sendmmsg+0x9c/0x100 [ 1346.150225][T22291] ? lockdep_hardirqs_on+0x78/0x100 [ 1346.150250][T22291] do_syscall_64+0x106/0xf80 [ 1346.150274][T22291] ? clear_bhb_loop+0x40/0x90 [ 1346.150301][T22291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1346.150324][T22291] RIP: 0033:0x7f5d38d9c629 [ 1346.150342][T22291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1346.150364][T22291] RSP: 002b:00007f5d39c2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1346.150384][T22291] RAX: ffffffffffffffda RBX: 00007f5d39015fa0 RCX: 00007f5d38d9c629 [ 1346.150400][T22291] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1346.150414][T22291] RBP: 00007f5d39c2b090 R08: 0000000000000000 R09: 0000000000000000 [ 1346.150428][T22291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1346.150441][T22291] R13: 00007f5d39016038 R14: 00007f5d39015fa0 R15: 00007ffffd401e88 [ 1346.150471][T22291] [ 1348.154831][ T5829] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1348.425289][T22316] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3682'. [ 1350.644613][T22338] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input34 [ 1351.116297][T22345] vivid-007: ================= START STATUS ================= [ 1351.191223][T22345] vivid-007: Generate PTS: true [ 1351.226425][T22345] vivid-007: Generate SCR: true [ 1351.260071][T22345] tpg source WxH: 320x240 (Y'CbCr) [ 1351.294740][T22345] tpg field: 1 [ 1351.321059][T22345] tpg crop: (0,0)/320x240 [ 1351.373692][T22345] tpg compose: (0,0)/320x240 [ 1351.423999][T22345] tpg colorspace: 8 [ 1351.475496][T22345] tpg transfer function: 0/0 [ 1351.548279][T22345] tpg Y'CbCr encoding: 0/0 [ 1351.566259][T22345] tpg quantization: 0/0 [ 1351.612730][T22345] tpg RGB range: 0/2 [ 1351.646665][T22345] vivid-007: ================== END STATUS ================== [ 1352.606334][T22378] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3695'. [ 1353.296799][T22384] [U]  [ 1353.299733][T22384] [U] [ 1353.302442][T22384] [U] [ 1353.305157][T22384] [U] [ 1353.365600][T22372] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1353.419604][T22384] [U] [ 1353.422361][T22384] [U] [ 1353.425069][T22384] [U] [ 1353.427799][T22384] [U] [ 1353.444638][T22372] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1353.509406][T22384] [U] [ 1353.512251][T22384] [U] [ 1353.514961][T22384] [U] [ 1353.517666][T22384] [U] [ 1353.520659][T22372] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1353.526716][T22372] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1353.544286][T22384] FAULT_INJECTION: forcing a failure. [ 1353.544286][T22384] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1353.598492][T22384] CPU: 0 UID: 0 PID: 22384 Comm: syz.2.3696 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1353.598543][T22384] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1353.598557][T22384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1353.598572][T22384] Call Trace: [ 1353.598580][T22384] [ 1353.598589][T22384] dump_stack_lvl+0x100/0x190 [ 1353.598631][T22384] should_fail_ex.cold+0x5/0xa [ 1353.598658][T22384] _copy_from_iter+0x1f4/0x1690 [ 1353.598702][T22384] ? __pfx__copy_from_iter+0x10/0x10 [ 1353.598744][T22384] ? __pfx___might_resched+0x10/0x10 [ 1353.598784][T22384] file_tty_write.isra.0+0x45b/0x890 [ 1353.598821][T22384] vfs_write+0x6ac/0x1070 [ 1353.598857][T22384] ? __pfx_tty_write+0x10/0x10 [ 1353.598885][T22384] ? __pfx_vfs_write+0x10/0x10 [ 1353.598918][T22384] ? find_held_lock+0x2b/0x80 [ 1353.598973][T22384] ksys_write+0x12a/0x250 [ 1353.599008][T22384] ? __pfx_ksys_write+0x10/0x10 [ 1353.599051][T22384] do_syscall_64+0x106/0xf80 [ 1353.599076][T22384] ? clear_bhb_loop+0x40/0x90 [ 1353.599105][T22384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1353.599129][T22384] RIP: 0033:0x7f5d38d9c629 [ 1353.599153][T22384] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1353.599177][T22384] RSP: 002b:00007f5d39c0a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1353.599199][T22384] RAX: ffffffffffffffda RBX: 00007f5d39016090 RCX: 00007f5d38d9c629 [ 1353.599215][T22384] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1353.599229][T22384] RBP: 00007f5d39c0a090 R08: 0000000000000000 R09: 0000000000000000 [ 1353.599243][T22384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1353.599257][T22384] R13: 00007f5d39016128 R14: 00007f5d39016090 R15: 00007ffffd401e88 [ 1353.599287][T22384] [ 1353.794549][T22382] [U] [ 1354.558039][T12312] Bluetooth: hci0: command 0x0c1a tx timeout [ 1355.522044][T12312] Bluetooth: hci4: command 0x0419 tx timeout [ 1355.599213][T12312] Bluetooth: hci3: command 0x0c1a tx timeout [ 1355.605769][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 1356.450576][T22421] FAULT_INJECTION: forcing a failure. [ 1356.450576][T22421] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1356.613918][T22421] CPU: 0 UID: 0 PID: 22421 Comm: syz.3.3704 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1356.613969][T22421] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1356.613982][T22421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1356.613997][T22421] Call Trace: [ 1356.614005][T22421] [ 1356.614015][T22421] dump_stack_lvl+0x100/0x190 [ 1356.614053][T22421] should_fail_ex.cold+0x5/0xa [ 1356.614081][T22421] _copy_to_user+0x32/0xd0 [ 1356.614119][T22421] simple_read_from_buffer+0xcb/0x170 [ 1356.614155][T22421] proc_fail_nth_read+0x1af/0x230 [ 1356.614183][T22421] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1356.614211][T22421] ? rw_verify_area+0xce/0x6d0 [ 1356.614242][T22421] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1356.614268][T22421] vfs_read+0x1e4/0xb30 [ 1356.614306][T22421] ? __pfx_vfs_read+0x10/0x10 [ 1356.614339][T22421] ? __fget_files+0x215/0x3d0 [ 1356.614388][T22421] ? __fget_files+0x21f/0x3d0 [ 1356.614431][T22421] ksys_read+0x12a/0x250 [ 1356.614465][T22421] ? __pfx_ksys_read+0x10/0x10 [ 1356.614508][T22421] do_syscall_64+0x106/0xf80 [ 1356.614534][T22421] ? clear_bhb_loop+0x40/0x90 [ 1356.614564][T22421] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1356.614588][T22421] RIP: 0033:0x7fb32695cece [ 1356.614607][T22421] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1356.614630][T22421] RSP: 002b:00007fb32781bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1356.614652][T22421] RAX: ffffffffffffffda RBX: 00007fb32781c6c0 RCX: 00007fb32695cece [ 1356.614669][T22421] RDX: 000000000000000f RSI: 00007fb32781c0a0 RDI: 0000000000000005 [ 1356.614683][T22421] RBP: 00007fb32781c090 R08: 0000000000000000 R09: 0000000000000000 [ 1356.614698][T22421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1356.614712][T22421] R13: 00007fb326c16128 R14: 00007fb326c16090 R15: 00007ffdbef15318 [ 1356.614742][T22421] [ 1362.567941][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1362.574545][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1363.081185][T22472] FAULT_INJECTION: forcing a failure. [ 1363.081185][T22472] name failslab, interval 1, probability 0, space 0, times 0 [ 1363.159801][T22472] CPU: 0 UID: 0 PID: 22472 Comm: syz.2.3713 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1363.159852][T22472] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1363.159865][T22472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1363.159879][T22472] Call Trace: [ 1363.159887][T22472] [ 1363.159896][T22472] dump_stack_lvl+0x100/0x190 [ 1363.159936][T22472] should_fail_ex.cold+0x5/0xa [ 1363.159964][T22472] should_failslab+0xc2/0x120 [ 1363.160002][T22472] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1363.160037][T22472] ? __d_alloc+0x34/0xa80 [ 1363.160060][T22472] ? __pfx_stack_trace_save+0x10/0x10 [ 1363.160105][T22472] __d_alloc+0x34/0xa80 [ 1363.160131][T22472] d_alloc_parallel+0x111/0x14e0 [ 1363.160172][T22472] ? find_held_lock+0x2b/0x80 [ 1363.160209][T22472] ? __d_lookup+0x25c/0x4a0 [ 1363.160240][T22472] ? __pfx_d_alloc_parallel+0x10/0x10 [ 1363.160275][T22472] ? __d_lookup+0x266/0x4a0 [ 1363.160323][T22472] lookup_open.isra.0+0x57c/0x11b0 [ 1363.160362][T22472] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1363.160412][T22472] ? mnt_get_write_access+0x1e9/0x2f0 [ 1363.160451][T22472] path_openat+0xa98/0x31a0 [ 1363.160483][T22472] ? __pfx_path_openat+0x10/0x10 [ 1363.160523][T22472] ? kasan_save_stack+0x3f/0x50 [ 1363.160556][T22472] ? kasan_save_stack+0x30/0x50 [ 1363.160588][T22472] ? kasan_save_track+0x14/0x30 [ 1363.160621][T22472] ? __kasan_slab_alloc+0x89/0x90 [ 1363.160655][T22472] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1363.160688][T22472] ? do_getname+0x35/0x390 [ 1363.160723][T22472] do_file_open+0x20e/0x430 [ 1363.160747][T22472] ? __pfx_do_file_open+0x10/0x10 [ 1363.160798][T22472] ? find_held_lock+0x2b/0x80 [ 1363.160834][T22472] ? __might_fault+0xc5/0x140 [ 1363.160865][T22472] ? __might_fault+0xc5/0x140 [ 1363.160899][T22472] file_open_name+0x198/0x3b0 [ 1363.160928][T22472] ? __pfx_file_open_name+0x10/0x10 [ 1363.160963][T22472] ? do_getname+0x191/0x390 [ 1363.160993][T22472] acct_on+0xa4/0x9e0 [ 1363.161028][T22472] ? __pfx_acct_on+0x10/0x10 [ 1363.161062][T22472] ? bpf_lsm_capable+0x9/0x10 [ 1363.161085][T22472] ? security_capable+0x80/0x260 [ 1363.161120][T22472] __x64_sys_acct+0x81/0x1e0 [ 1363.161153][T22472] ? lockdep_hardirqs_on+0x78/0x100 [ 1363.161180][T22472] do_syscall_64+0x106/0xf80 [ 1363.161205][T22472] ? clear_bhb_loop+0x40/0x90 [ 1363.161234][T22472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1363.161259][T22472] RIP: 0033:0x7f5d38d9c629 [ 1363.161278][T22472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1363.161301][T22472] RSP: 002b:00007f5d39c0a028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 1363.161323][T22472] RAX: ffffffffffffffda RBX: 00007f5d39016090 RCX: 00007f5d38d9c629 [ 1363.161340][T22472] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000480 [ 1363.161354][T22472] RBP: 00007f5d39c0a090 R08: 0000000000000000 R09: 0000000000000000 [ 1363.161369][T22472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1363.161383][T22472] R13: 00007f5d39016128 R14: 00007f5d39016090 R15: 00007ffffd401e88 [ 1363.161414][T22472] [ 1364.445412][T12312] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1365.344241][T22486] sctp: [Deprecated]: syz.3.3717 (pid 22486) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1365.344241][T22486] Use struct sctp_sack_info instead [ 1372.288928][T22550] FAULT_INJECTION: forcing a failure. [ 1372.288928][T22550] name failslab, interval 1, probability 0, space 0, times 0 [ 1372.372610][T22550] CPU: 0 UID: 0 PID: 22550 Comm: syz.3.3729 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1372.372664][T22550] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1372.372679][T22550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1372.372694][T22550] Call Trace: [ 1372.372702][T22550] [ 1372.372712][T22550] dump_stack_lvl+0x100/0x190 [ 1372.372766][T22550] should_fail_ex.cold+0x5/0xa [ 1372.372794][T22550] ? xfrm_hash_alloc+0xcf/0x100 [ 1372.372824][T22550] should_failslab+0xc2/0x120 [ 1372.372863][T22550] __kmalloc_noprof+0xe0/0x850 [ 1372.372902][T22550] xfrm_hash_alloc+0xcf/0x100 [ 1372.372933][T22550] xfrm_net_init+0x35d/0xcc0 [ 1372.372973][T22550] ? __pfx_xfrm_net_init+0x10/0x10 [ 1372.373006][T22550] ops_init+0x1e2/0x5f0 [ 1372.373036][T22550] setup_net+0x118/0x3a0 [ 1372.373064][T22550] ? __pfx_setup_net+0x10/0x10 [ 1372.373090][T22550] ? lockdep_init_map_type+0x5c/0x250 [ 1372.373122][T22550] ? mutex_init_lockep+0x110/0x150 [ 1372.373158][T22550] copy_net_ns+0x46f/0x7c0 [ 1372.373191][T22550] create_new_namespaces+0x3ea/0xac0 [ 1372.373221][T22550] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1372.373248][T22550] ksys_unshare+0x455/0xab0 [ 1372.373279][T22550] ? __pfx_ksys_unshare+0x10/0x10 [ 1372.373319][T22550] __x64_sys_unshare+0x31/0x40 [ 1372.373347][T22550] do_syscall_64+0x106/0xf80 [ 1372.373372][T22550] ? clear_bhb_loop+0x40/0x90 [ 1372.373401][T22550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1372.373425][T22550] RIP: 0033:0x7fb32699c629 [ 1372.373444][T22550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1372.373469][T22550] RSP: 002b:00007fb32783d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1372.373492][T22550] RAX: ffffffffffffffda RBX: 00007fb326c15fa0 RCX: 00007fb32699c629 [ 1372.373508][T22550] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1372.373522][T22550] RBP: 00007fb326a32b39 R08: 0000000000000000 R09: 0000000000000000 [ 1372.373537][T22550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1372.373558][T22550] R13: 00007fb326c16038 R14: 00007fb326c15fa0 R15: 00007ffdbef15318 [ 1372.373589][T22550] [ 1374.215039][T22558] Setting dangerous option i915.mitigations - tainting kernel [ 1374.652642][T22562] F-\ [ 1374.925325][T22564] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3732'. [ 1377.332523][T22597] FAULT_INJECTION: forcing a failure. [ 1377.332523][T22597] name failslab, interval 1, probability 0, space 0, times 0 [ 1377.412439][T22597] CPU: 0 UID: 0 PID: 22597 Comm: syz.0.3740 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1377.412494][T22597] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1377.412509][T22597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1377.412525][T22597] Call Trace: [ 1377.412533][T22597] [ 1377.412555][T22597] dump_stack_lvl+0x100/0x190 [ 1377.412595][T22597] should_fail_ex.cold+0x5/0xa [ 1377.412621][T22597] ? vkms_crtc_atomic_check+0x388/0x800 [ 1377.412660][T22597] should_failslab+0xc2/0x120 [ 1377.412699][T22597] __kmalloc_noprof+0xe0/0x850 [ 1377.412732][T22597] ? drm_atomic_add_affected_planes+0x32b/0x3f0 [ 1377.412776][T22597] vkms_crtc_atomic_check+0x388/0x800 [ 1377.412821][T22597] ? __pfx_vkms_crtc_atomic_check+0x10/0x10 [ 1377.412859][T22597] drm_atomic_helper_check_planes+0x4dc/0x900 [ 1377.412906][T22597] drm_atomic_helper_check+0xae/0x190 [ 1377.412948][T22597] vkms_atomic_check+0x1d9/0x250 [ 1377.412979][T22597] ? __pfx_vkms_atomic_check+0x10/0x10 [ 1377.413013][T22597] drm_atomic_check_only+0x19ea/0x31b0 [ 1377.413065][T22597] drm_atomic_commit+0x132/0x300 [ 1377.413111][T22597] ? __pfx_drm_atomic_commit+0x10/0x10 [ 1377.413148][T22597] ? __pfx___drm_printfn_info+0x10/0x10 [ 1377.413179][T22597] ? drm_client_rotation+0x451/0x6a0 [ 1377.413209][T22597] drm_client_modeset_commit_atomic+0x6a6/0x7e0 [ 1377.413244][T22597] ? __mutex_lock+0x26a/0x1b90 [ 1377.413271][T22597] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1377.413333][T22597] ? drm_master_internal_acquire+0x21/0x80 [ 1377.413401][T22597] drm_client_modeset_commit_locked+0x14d/0x580 [ 1377.413433][T22597] drm_client_modeset_commit+0x4f/0x80 [ 1377.413460][T22597] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1377.413508][T22597] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1377.413538][T22597] drm_fbdev_client_restore+0x1b/0x30 [ 1377.413573][T22597] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1377.413608][T22597] drm_client_dev_restore+0x205/0x2a0 [ 1377.413639][T22597] drm_release+0x2c6/0x360 [ 1377.413662][T22597] ? __pfx_drm_release+0x10/0x10 [ 1377.413684][T22597] __fput+0x3ff/0xb40 [ 1377.413716][T22597] task_work_run+0x150/0x240 [ 1377.413751][T22597] ? __pfx_task_work_run+0x10/0x10 [ 1377.413793][T22597] exit_to_user_mode_loop+0x100/0x4a0 [ 1377.413826][T22597] do_syscall_64+0x668/0xf80 [ 1377.413851][T22597] ? clear_bhb_loop+0x40/0x90 [ 1377.413881][T22597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1377.413905][T22597] RIP: 0033:0x7fb0ce79c629 [ 1377.413924][T22597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1377.413948][T22597] RSP: 002b:00007fb0cf58d028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1377.413971][T22597] RAX: 0000000000000000 RBX: 00007fb0cea15fa0 RCX: 00007fb0ce79c629 [ 1377.413986][T22597] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1377.414001][T22597] RBP: 00007fb0ce832b39 R08: 0000000000000000 R09: 0000000000000000 [ 1377.414015][T22597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1377.414030][T22597] R13: 00007fb0cea16038 R14: 00007fb0cea15fa0 R15: 00007ffd8e361638 [ 1377.414062][T22597] [ 1378.105641][T22583] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1378.122247][T22583] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1378.153547][T22583] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1378.173717][T22583] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1378.970983][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1379.628425][T22614] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1379.696393][T22614] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1379.758173][T22614] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1379.893837][T22614] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1381.300467][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1381.332263][T22626] Setting dangerous option i915.mitigations - tainting kernel [ 1381.731363][T22652] zswap: compressor not available [ 1381.784112][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 1381.790198][ T5829] Bluetooth: hci4: command 0x0419 tx timeout [ 1381.931590][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 1382.375604][T22657] zswap: compressor not available [ 1384.670146][T22682] syz_tun: tun_chr_ioctl cmd 1074025676 [ 1384.688197][T22682] syz_tun: owner set to 111 [ 1385.456810][T22689] zswap: compressor 3 not available [ 1386.284271][T22716] FAULT_INJECTION: forcing a failure. [ 1386.284271][T22716] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1386.403534][T22716] CPU: 0 UID: 0 PID: 22716 Comm: syz.1.3765 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1386.403586][T22716] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1386.403600][T22716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1386.403615][T22716] Call Trace: [ 1386.403624][T22716] [ 1386.403634][T22716] dump_stack_lvl+0x100/0x190 [ 1386.403673][T22716] should_fail_ex.cold+0x5/0xa [ 1386.403700][T22716] _copy_to_user+0x32/0xd0 [ 1386.403743][T22716] rng_dev_read+0x223/0x910 [ 1386.403779][T22716] ? __pfx_virtio_read+0x10/0x10 [ 1386.403814][T22716] ? __pfx_rng_dev_read+0x10/0x10 [ 1386.403848][T22716] ? bpf_lsm_file_permission+0x9/0x10 [ 1386.403884][T22716] ? security_file_permission+0x76/0x210 [ 1386.403923][T22716] ? rw_verify_area+0xce/0x6d0 [ 1386.403954][T22716] ? __pfx_rng_dev_read+0x10/0x10 [ 1386.403985][T22716] vfs_read+0x1e4/0xb30 [ 1386.404022][T22716] ? __pfx_vfs_read+0x10/0x10 [ 1386.404054][T22716] ? find_held_lock+0x2b/0x80 [ 1386.404091][T22716] ? __fget_files+0x215/0x3d0 [ 1386.404125][T22716] ? __fget_files+0x215/0x3d0 [ 1386.404164][T22716] ? __fget_files+0x21f/0x3d0 [ 1386.404207][T22716] ksys_read+0x12a/0x250 [ 1386.404241][T22716] ? __pfx_ksys_read+0x10/0x10 [ 1386.404290][T22716] do_syscall_64+0x106/0xf80 [ 1386.404316][T22716] ? clear_bhb_loop+0x40/0x90 [ 1386.404345][T22716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1386.404369][T22716] RIP: 0033:0x7efed199c629 [ 1386.404388][T22716] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1386.404411][T22716] RSP: 002b:00007efed28b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1386.404434][T22716] RAX: ffffffffffffffda RBX: 00007efed1c15fa0 RCX: 00007efed199c629 [ 1386.404450][T22716] RDX: 00000000fffffe82 RSI: 0000200000000040 RDI: 0000000000000003 [ 1386.404465][T22716] RBP: 00007efed28b3090 R08: 0000000000000000 R09: 0000000000000000 [ 1386.404480][T22716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1386.404494][T22716] R13: 00007efed1c16038 R14: 00007efed1c15fa0 R15: 00007ffccd8e7dd8 [ 1386.404524][T22716] [ 1388.415350][ T5829] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1389.401640][T22741] random: crng reseeded on system resumption [ 1389.978301][T22747] usb usb36: usbfs: process 22747 (syz.0.3771) did not claim interface 0 before use [ 1390.851160][T22767] vivid-011: ================= START STATUS ================= [ 1390.894077][T22767] vivid-011: Enable Output Cropping: true [ 1390.930726][T22767] vivid-011: Enable Output Composing: true [ 1390.951876][T22767] vivid-011: Enable Output Scaler: true [ 1390.988010][T22767] vivid-011: Tx RGB Quantization Range: Automatic [ 1391.010881][T22767] vivid-011: Transmit Mode: HDMI [ 1391.036377][T22767] vivid-011: Hotplug Present: 0x00000000 [ 1391.048861][T22767] vivid-011: RxSense Present: 0x00000000 [ 1391.075009][T22767] vivid-011: EDID Present: 0x00000000 [ 1391.097876][T22767] vivid-011: ================== END STATUS ================== [ 1391.843948][T22787] openvswitch: netlink: Duplicate key (type 15). [ 1392.351476][T22758] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1392.395745][T22758] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1392.439303][T22758] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1392.458291][T22758] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1393.057533][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1393.249345][T22796] netlink: 142 bytes leftover after parsing attributes in process `syz.1.3781'. [ 1393.911505][T22798] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1393.969211][T22798] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1393.999573][T22798] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1394.039458][T22798] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1394.795726][T22820] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1986356271.1885433135.796026224), cmd(15) [ 1395.542449][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1396.018668][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 1396.024752][T18205] Bluetooth: hci4: command 0x0419 tx timeout [ 1396.099165][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 1396.290885][T22837] FAULT_INJECTION: forcing a failure. [ 1396.290885][T22837] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1396.387474][T22837] CPU: 0 UID: 0 PID: 22837 Comm: syz.3.3789 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1396.387526][T22837] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1396.387540][T22837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1396.387555][T22837] Call Trace: [ 1396.387563][T22837] [ 1396.387574][T22837] dump_stack_lvl+0x100/0x190 [ 1396.387613][T22837] should_fail_ex.cold+0x5/0xa [ 1396.387637][T22837] ? prepare_alloc_pages+0x16d/0x5f0 [ 1396.387664][T22837] should_fail_alloc_page+0xeb/0x140 [ 1396.387706][T22837] prepare_alloc_pages+0x1f0/0x5f0 [ 1396.387735][T22837] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1396.387769][T22837] ? do_user_addr_fault+0x7de/0x12f0 [ 1396.387807][T22837] ? do_user_addr_fault+0x7de/0x12f0 [ 1396.387858][T22837] ? irqentry_exit+0x180/0x670 [ 1396.387904][T22837] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1396.387939][T22837] ? irqentry_exit+0x180/0x670 [ 1396.387979][T22837] ? rep_movs_alternative+0x4a/0x90 [ 1396.388015][T22837] ? _copy_from_iter+0x270/0x1690 [ 1396.388054][T22837] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1396.388096][T22837] ? policy_nodemask+0xed/0x4f0 [ 1396.388139][T22837] alloc_pages_mpol+0x1fb/0x550 [ 1396.388181][T22837] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1396.388229][T22837] alloc_pages_noprof+0x131/0x390 [ 1396.388271][T22837] anon_pipe_write+0xabf/0x1d40 [ 1396.388320][T22837] ? __pfx_anon_pipe_write+0x10/0x10 [ 1396.388361][T22837] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1396.388399][T22837] ? bpf_lsm_file_permission+0x9/0x10 [ 1396.388436][T22837] ? security_file_permission+0x76/0x210 [ 1396.388481][T22837] ? rw_verify_area+0xce/0x6d0 [ 1396.388517][T22837] vfs_write+0x6ac/0x1070 [ 1396.388554][T22837] ? __pfx_anon_pipe_write+0x10/0x10 [ 1396.388595][T22837] ? __pfx_vfs_write+0x10/0x10 [ 1396.388630][T22837] ? find_held_lock+0x2b/0x80 [ 1396.388687][T22837] ksys_write+0x1f8/0x250 [ 1396.388723][T22837] ? __pfx_ksys_write+0x10/0x10 [ 1396.388768][T22837] do_syscall_64+0x106/0xf80 [ 1396.388794][T22837] ? clear_bhb_loop+0x40/0x90 [ 1396.388824][T22837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1396.388850][T22837] RIP: 0033:0x7fb32699c629 [ 1396.388871][T22837] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1396.388896][T22837] RSP: 002b:00007fb32781c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1396.388919][T22837] RAX: ffffffffffffffda RBX: 00007fb326c16090 RCX: 00007fb32699c629 [ 1396.388936][T22837] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 1396.388952][T22837] RBP: 00007fb326a32b39 R08: 0000000000000000 R09: 0000000000000000 [ 1396.388968][T22837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1396.388982][T22837] R13: 00007fb326c16128 R14: 00007fb326c16090 R15: 00007ffdbef15318 [ 1396.389014][T22837] [ 1398.049737][T22860] vivid-000: ================= START STATUS ================= [ 1398.114504][T22860] vivid-000: Generate PTS: true [ 1398.172433][T22860] vivid-000: Generate SCR: true [ 1398.177355][T22860] tpg source WxH: 720x576 (Y'CbCr) [ 1398.216002][T22860] tpg field: 4 [ 1398.265769][T22861] sp0: Synchronizing with TNC [ 1398.283235][T22860] tpg crop: (0,0)/720x576 [ 1398.303863][T22860] tpg compose: (0,0)/720x576 [ 1398.308524][T22860] tpg colorspace: 1 [ 1398.415592][T22860] tpg transfer function: 0/0 [ 1398.456144][T22860] tpg Y'CbCr encoding: 0/0 [ 1398.534256][T22860] tpg quantization: 0/0 [ 1398.553125][T22860] tpg RGB range: 0/2 [ 1398.580646][T22860] vivid-000: ================== END STATUS ================== [ 1399.712060][T22860] ima: policy update failed [ 1399.716874][ T30] audit: type=1802 audit(1771730650.842:24): pid=22860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3797" res=0 errno=0 [ 1403.857924][T22917] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1403.884425][T22917] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1403.908822][T22917] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1403.926576][T22917] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1404.688853][T22938] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.3813'. [ 1404.903049][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1405.945609][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 1405.951692][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 1405.957811][T18205] Bluetooth: hci4: command 0x0419 tx timeout [ 1407.021683][T22953] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1407.055188][T22953] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1407.109730][T22953] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1407.140061][T22953] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1407.946448][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1409.146304][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 1409.152475][T18205] Bluetooth: hci1: command 0x0c1a tx timeout [ 1409.160030][T12312] Bluetooth: hci4: command 0x0419 tx timeout [ 1409.238310][T22987] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1409.264338][T22987] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1409.308985][T22987] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1409.349085][T22987] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1410.746340][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1410.763676][T23031] FAULT_INJECTION: forcing a failure. [ 1410.763676][T23031] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.826201][T23031] CPU: 0 UID: 0 PID: 23031 Comm: syz.2.3831 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1410.826271][T23031] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1410.826285][T23031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1410.826299][T23031] Call Trace: [ 1410.826308][T23031] [ 1410.826318][T23031] dump_stack_lvl+0x100/0x190 [ 1410.826359][T23031] should_fail_ex.cold+0x5/0xa [ 1410.826386][T23031] should_failslab+0xc2/0x120 [ 1410.826424][T23031] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1410.826457][T23031] ? dst_alloc+0x99/0x1a0 [ 1410.826500][T23031] dst_alloc+0x99/0x1a0 [ 1410.826534][T23031] ? ip_route_output_key_hash_rcu+0x1f8e/0x2870 [ 1410.826574][T23031] rt_dst_alloc+0x35/0x3a0 [ 1410.826603][T23031] ip_route_output_key_hash_rcu+0x87a/0x2870 [ 1410.826647][T23031] ip_route_output_key_hash+0x118/0x2b0 [ 1410.826684][T23031] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 1410.826719][T23031] ? stack_trace_save+0x8e/0xc0 [ 1410.826762][T23031] ? bpf_ksym_find+0x124/0x1c0 [ 1410.826794][T23031] tcp_v4_connect+0x86b/0x1bf0 [ 1410.826836][T23031] ? __pfx_tcp_v4_connect+0x10/0x10 [ 1410.826876][T23031] __inet_stream_connect+0x208/0xfa0 [ 1410.826916][T23031] ? __pfx___inet_stream_connect+0x10/0x10 [ 1410.826963][T23031] tcp_sendmsg_fastopen+0x3ed/0x750 [ 1410.827010][T23031] tcp_sendmsg_locked+0x279a/0x45f0 [ 1410.827050][T23031] ? __lock_acquire+0x4a5/0x2630 [ 1410.827081][T23031] ? smc_switch_to_fallback+0x5a9/0xa10 [ 1410.827121][T23031] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 1410.827157][T23031] ? do_raw_spin_lock+0x128/0x260 [ 1410.827191][T23031] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1410.827232][T23031] ? __local_bh_enable_ip+0x9e/0x120 [ 1410.827261][T23031] tcp_sendmsg+0x2e/0x50 [ 1410.827290][T23031] ? __pfx_tcp_sendmsg+0x10/0x10 [ 1410.827323][T23031] inet_sendmsg+0xb9/0x140 [ 1410.827357][T23031] smc_sendmsg+0x230/0x540 [ 1410.827391][T23031] ____sys_sendmsg+0xa54/0xc30 [ 1410.827427][T23031] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1410.827465][T23031] ? __pfx__kstrtoull+0x10/0x10 [ 1410.827498][T23031] ___sys_sendmsg+0x190/0x1e0 [ 1410.827535][T23031] ? __pfx____sys_sendmsg+0x10/0x10 [ 1410.827583][T23031] ? find_held_lock+0x2b/0x80 [ 1410.827643][T23031] __sys_sendmmsg+0x205/0x430 [ 1410.827673][T23031] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1410.827709][T23031] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1410.827750][T23031] ? fput+0x79/0x100 [ 1410.827774][T23031] ? ksys_write+0x1ac/0x250 [ 1410.827809][T23031] ? __pfx_ksys_write+0x10/0x10 [ 1410.827852][T23031] __x64_sys_sendmmsg+0x9c/0x100 [ 1410.827879][T23031] ? lockdep_hardirqs_on+0x78/0x100 [ 1410.827904][T23031] do_syscall_64+0x106/0xf80 [ 1410.827930][T23031] ? clear_bhb_loop+0x40/0x90 [ 1410.827959][T23031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1410.827989][T23031] RIP: 0033:0x7f5d38d9c629 [ 1410.828009][T23031] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1410.828032][T23031] RSP: 002b:00007f5d39c0a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1410.828055][T23031] RAX: ffffffffffffffda RBX: 00007f5d39016090 RCX: 00007f5d38d9c629 [ 1410.828071][T23031] RDX: 0000000000000005 RSI: 0000200000000000 RDI: 0000000000000004 [ 1410.828085][T23031] RBP: 00007f5d39c0a090 R08: 0000000000000000 R09: 0000000000000000 [ 1410.828099][T23031] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 1410.828114][T23031] R13: 00007f5d39016128 R14: 00007f5d39016090 R15: 00007ffffd401e88 [ 1410.828145][T23031] [ 1411.676567][ T5829] Bluetooth: hci4: command 0x0419 tx timeout [ 1411.684030][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 1411.690459][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 1413.446275][T23042] Setting dangerous option i915.mitigations - tainting kernel [ 1414.795390][T23056] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1414.803205][T23056] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1414.843656][T23056] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1414.871376][T23056] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1416.190075][T18205] Bluetooth: hci0: command 0x0c1a tx timeout [ 1416.832272][T18205] Bluetooth: hci4: command 0x0419 tx timeout [ 1416.923301][T18205] Bluetooth: hci3: command 0x0c1a tx timeout [ 1416.929476][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 1418.950926][T23114] vivid-007: ================= START STATUS ================= [ 1418.975298][T23114] vivid-007: Generate PTS: true [ 1418.991559][T23114] vivid-007: Generate SCR: true [ 1419.022557][T23114] tpg source WxH: 320x240 (Y'CbCr) [ 1419.100284][T23114] tpg field: 1 [ 1419.103702][T23114] tpg crop: (0,0)/320x240 [ 1419.108066][T23114] tpg compose: (0,0)/320x240 [ 1419.150641][T23114] tpg colorspace: 8 [ 1419.173940][T23114] tpg transfer function: 0/0 [ 1419.203181][T23114] tpg Y'CbCr encoding: 0/0 [ 1419.250281][T23114] tpg quantization: 0/0 [ 1419.263614][T23114] tpg RGB range: 0/2 [ 1419.281774][T23114] vivid-007: ================== END STATUS ================== [ 1421.784908][T23167] FAULT_INJECTION: forcing a failure. [ 1421.784908][T23167] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1421.902036][T23167] CPU: 0 UID: 0 PID: 23167 Comm: syz.1.3859 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1421.902088][T23167] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1421.902102][T23167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1421.902116][T23167] Call Trace: [ 1421.902123][T23167] [ 1421.902133][T23167] dump_stack_lvl+0x100/0x190 [ 1421.902172][T23167] should_fail_ex.cold+0x5/0xa [ 1421.902196][T23167] ? prepare_alloc_pages+0x16d/0x5f0 [ 1421.902223][T23167] should_fail_alloc_page+0xeb/0x140 [ 1421.902264][T23167] prepare_alloc_pages+0x1f0/0x5f0 [ 1421.902293][T23167] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1421.902334][T23167] ? __lock_acquire+0x4a5/0x2630 [ 1421.902372][T23167] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1421.902409][T23167] ? do_raw_spin_lock+0x128/0x260 [ 1421.902456][T23167] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1421.902488][T23167] ? find_held_lock+0x2b/0x80 [ 1421.902532][T23167] ? __lock_acquire+0x4a5/0x2630 [ 1421.902579][T23167] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1421.902620][T23167] ? policy_nodemask+0xed/0x4f0 [ 1421.902664][T23167] alloc_pages_mpol+0x1fb/0x550 [ 1421.902704][T23167] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1421.902743][T23167] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 1421.902778][T23167] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 1421.902819][T23167] folio_alloc_mpol_noprof+0x36/0x340 [ 1421.902848][T23167] shmem_alloc_folio+0x135/0x160 [ 1421.902877][T23167] shmem_alloc_and_add_folio+0x371/0xd40 [ 1421.902918][T23167] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1421.902954][T23167] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 1421.903000][T23167] shmem_get_folio_gfp+0x6ab/0x1900 [ 1421.903040][T23167] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1421.903075][T23167] ? ktime_get_coarse_real_ts64_mg+0x235/0x300 [ 1421.903105][T23167] ? lockdep_hardirqs_on+0x78/0x100 [ 1421.903135][T23167] shmem_fault+0x1f9/0xa20 [ 1421.903180][T23167] ? __lock_acquire+0x4a5/0x2630 [ 1421.903207][T23167] ? __pfx_shmem_fault+0x10/0x10 [ 1421.903241][T23167] ? __up_read+0x2c5/0x700 [ 1421.903282][T23167] ? __pfx_filemap_map_pages+0x10/0x10 [ 1421.903313][T23167] __do_fault+0x10d/0x550 [ 1421.903350][T23167] ? __pfx_filemap_map_pages+0x10/0x10 [ 1421.903380][T23167] do_fault+0x2db/0x1950 [ 1421.903407][T23167] __handle_mm_fault+0x180f/0x2b60 [ 1421.903440][T23167] ? mt_find+0x45e/0x8e0 [ 1421.903469][T23167] ? __pfx___handle_mm_fault+0x10/0x10 [ 1421.903514][T23167] ? __pfx_mt_find+0x10/0x10 [ 1421.903558][T23167] ? find_vma+0xbf/0x140 [ 1421.903593][T23167] ? __pfx_find_vma+0x10/0x10 [ 1421.903632][T23167] handle_mm_fault+0x36d/0xa20 [ 1421.903668][T23167] do_user_addr_fault+0x74c/0x12f0 [ 1421.903715][T23167] exc_page_fault+0x6f/0xd0 [ 1421.903740][T23167] asm_exc_page_fault+0x26/0x30 [ 1421.903764][T23167] RIP: 0010:__put_user_8+0xd/0x20 [ 1421.903789][T23167] Code: 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca e9 06 d0 03 00 66 0f 1f 44 00 00 90 90 90 [ 1421.903812][T23167] RSP: 0018:ffffc90004b77bc0 EFLAGS: 00050206 [ 1421.903831][T23167] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000006000 [ 1421.903846][T23167] RDX: ffff88805d2dbc80 RSI: ffffffff8255c351 RDI: ffffffff8c1aee20 [ 1421.903862][T23167] RBP: 000000000007a010 R08: 0000000000000001 R09: 00000000000001ca [ 1421.903876][T23167] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000dfe [ 1421.903891][T23167] R13: 0000000000006000 R14: 0000000000000002 R15: 0000000000000000 [ 1421.903914][T23167] ? __might_fault+0x111/0x140 [ 1421.903948][T23167] kpage_read.isra.0+0x124/0x2b0 [ 1421.903979][T23167] ? __pfx_kpagecgroup_read+0x10/0x10 [ 1421.904007][T23167] proc_reg_read+0x120/0x330 [ 1421.904042][T23167] ? __pfx_proc_reg_read+0x10/0x10 [ 1421.904074][T23167] vfs_readv+0x5d8/0x8d0 [ 1421.904106][T23167] ? rcu_is_watching+0x12/0xc0 [ 1421.904148][T23167] ? __pfx_vfs_readv+0x10/0x10 [ 1421.904178][T23167] ? fdget_pos+0x2aa/0x380 [ 1421.904202][T23167] ? find_held_lock+0x2b/0x80 [ 1421.904256][T23167] ? __fget_files+0x21f/0x3d0 [ 1421.904298][T23167] ? do_readv+0x13e/0x340 [ 1421.904328][T23167] do_readv+0x13e/0x340 [ 1421.904360][T23167] ? __pfx_do_readv+0x10/0x10 [ 1421.904399][T23167] do_syscall_64+0x106/0xf80 [ 1421.904424][T23167] ? clear_bhb_loop+0x40/0x90 [ 1421.904452][T23167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1421.904476][T23167] RIP: 0033:0x7efed199c629 [ 1421.904495][T23167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1421.904518][T23167] RSP: 002b:00007efed28b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 1421.904538][T23167] RAX: ffffffffffffffda RBX: 00007efed1c15fa0 RCX: 00007efed199c629 [ 1421.904554][T23167] RDX: 0000000100000007 RSI: 00002000000001c0 RDI: 0000000000000003 [ 1421.904569][T23167] RBP: 00007efed28b3090 R08: 0000000000000000 R09: 0000000000000000 [ 1421.904584][T23167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1421.904598][T23167] R13: 00007efed1c16038 R14: 00007efed1c15fa0 R15: 00007ffccd8e7dd8 [ 1421.904628][T23167] [ 1423.617207][T23172] random: crng reseeded on system resumption [ 1424.063039][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1424.069372][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1424.226987][T23191] openvswitch: netlink: Duplicate key (type 15). [ 1424.699312][ T6126] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 7 with max blocks 15 with error 117 [ 1424.790580][ T6126] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1424.790580][ T6126] [ 1426.027987][T23211] FAULT_INJECTION: forcing a failure. [ 1426.027987][T23211] name failslab, interval 1, probability 0, space 0, times 0 [ 1426.101635][T23211] CPU: 0 UID: 0 PID: 23211 Comm: syz.0.3870 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1426.101686][T23211] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1426.101700][T23211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1426.101714][T23211] Call Trace: [ 1426.101722][T23211] [ 1426.101732][T23211] dump_stack_lvl+0x100/0x190 [ 1426.101772][T23211] should_fail_ex.cold+0x5/0xa [ 1426.101798][T23211] ? tomoyo_realpath_from_path+0xb6/0x690 [ 1426.101836][T23211] should_failslab+0xc2/0x120 [ 1426.101873][T23211] __kmalloc_noprof+0xe0/0x850 [ 1426.101911][T23211] tomoyo_realpath_from_path+0xb6/0x690 [ 1426.101942][T23211] tomoyo_path_number_perm+0x23c/0x580 [ 1426.101975][T23211] ? tomoyo_path_number_perm+0x22e/0x580 [ 1426.102010][T23211] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1426.102071][T23211] ? find_held_lock+0x2b/0x80 [ 1426.102106][T23211] ? __fget_files+0x215/0x3d0 [ 1426.102138][T23211] ? hook_file_ioctl_common+0x146/0x410 [ 1426.102178][T23211] ? __fget_files+0x21f/0x3d0 [ 1426.102216][T23211] security_file_ioctl+0xd3/0x230 [ 1426.102251][T23211] __x64_sys_ioctl+0xb7/0x210 [ 1426.102283][T23211] do_syscall_64+0x106/0xf80 [ 1426.102307][T23211] ? clear_bhb_loop+0x40/0x90 [ 1426.102335][T23211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1426.102357][T23211] RIP: 0033:0x7fb0ce79c629 [ 1426.102377][T23211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1426.102400][T23211] RSP: 002b:00007fb0cc9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1426.102422][T23211] RAX: ffffffffffffffda RBX: 00007fb0cea16090 RCX: 00007fb0ce79c629 [ 1426.102437][T23211] RDX: 000020000000c380 RSI: 00000000c0606610 RDI: 000000000000000c [ 1426.102452][T23211] RBP: 00007fb0cc9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1426.102466][T23211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1426.102480][T23211] R13: 00007fb0cea16128 R14: 00007fb0cea16090 R15: 00007ffd8e361638 [ 1426.102510][T23211] [ 1426.102538][T23211] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1426.570119][T23208] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1426.612892][T23208] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1426.643421][T23208] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1426.651214][T23208] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1426.672055][ T5829] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 1427.003734][T23228] FAULT_INJECTION: forcing a failure. [ 1427.003734][T23228] name failslab, interval 1, probability 0, space 0, times 0 [ 1427.075863][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1427.157327][T23228] CPU: 0 UID: 0 PID: 23228 Comm: syz.0.3875 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1427.157380][T23228] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1427.157395][T23228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1427.157410][T23228] Call Trace: [ 1427.157418][T23228] [ 1427.157428][T23228] dump_stack_lvl+0x100/0x190 [ 1427.157475][T23228] should_fail_ex.cold+0x5/0xa [ 1427.157504][T23228] should_failslab+0xc2/0x120 [ 1427.157545][T23228] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1427.157575][T23228] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 1427.157620][T23228] snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 1427.157659][T23228] ? lockdep_hardirqs_on+0x78/0x100 [ 1427.157689][T23228] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1427.157728][T23228] ? snd_pcm_oss_change_params_locked+0xa6d/0x39f0 [ 1427.157766][T23228] ? kfree+0x1f6/0x6b0 [ 1427.157799][T23228] snd_pcm_oss_change_params_locked+0xae1/0x39f0 [ 1427.157850][T23228] ? snd_pcm_oss_sync+0x243/0x840 [ 1427.157888][T23228] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1427.157931][T23228] ? __pfx___mutex_lock+0x10/0x10 [ 1427.157976][T23228] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1427.158016][T23228] snd_pcm_oss_sync+0x265/0x840 [ 1427.158058][T23228] snd_pcm_oss_release+0x238/0x300 [ 1427.158096][T23228] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1427.158134][T23228] __fput+0x3ff/0xb40 [ 1427.158167][T23228] task_work_run+0x150/0x240 [ 1427.158203][T23228] ? __pfx_task_work_run+0x10/0x10 [ 1427.158246][T23228] exit_to_user_mode_loop+0x100/0x4a0 [ 1427.158280][T23228] do_syscall_64+0x668/0xf80 [ 1427.158306][T23228] ? clear_bhb_loop+0x40/0x90 [ 1427.158336][T23228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1427.158362][T23228] RIP: 0033:0x7fb0ce79c629 [ 1427.158383][T23228] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1427.158407][T23228] RSP: 002b:00007fb0cf58d028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1427.158431][T23228] RAX: 0000000000000000 RBX: 00007fb0cea15fa0 RCX: 00007fb0ce79c629 [ 1427.158447][T23228] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1427.158462][T23228] RBP: 00007fb0ce832b39 R08: 0000000000000000 R09: 0000000000000000 [ 1427.158484][T23228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1427.158499][T23228] R13: 00007fb0cea16038 R14: 00007fb0cea15fa0 R15: 00007ffd8e361638 [ 1427.158530][T23228] [ 1427.721717][T18205] Bluetooth: hci0: command 0x0c1a tx timeout [ 1427.797272][T23238] sg_write: data in/out 16119040/9 bytes for SCSI command 0x7b-- guessing data in; [ 1427.797272][T23238] program syz.1.3878 not setting count and/or reply_len properly [ 1428.237089][T23243] [U]  [ 1428.239931][T23243] [U] [ 1428.242633][T23243] [U] [ 1428.245333][T23243] [U] [ 1428.274156][T23243] [U] [ 1428.276905][T23243] [U] [ 1428.279634][T23243] [U] [ 1428.282352][T23243] [U] [ 1428.308103][T23243] [U] [ 1428.310852][T23243] [U] [ 1428.313560][T23243] [U] [ 1428.316267][T23243] [U] [ 1428.371915][T23243] [U] [ 1428.374665][T23243] [U] [ 1428.377414][T23243] [U] [ 1428.380139][T23243] [U] [ 1428.429448][T23243] [U] [ 1428.432201][T23243] [U] [ 1428.434905][T23243] [U] [ 1428.437614][T23243] [U] [ 1428.495859][T23243] [U] [ 1428.498637][T23243] [U] [ 1428.501360][T23243] [U] [ 1428.504068][T23243] [U] [ 1428.565239][T23243] [U] [ 1428.568013][T23243] [U] [ 1428.570740][T23243] [U] [ 1428.573458][T23243] [U] [ 1428.615247][T23243] [U] [ 1428.617999][T23243] [U] [ 1428.620795][T23243] [U] [ 1428.623508][T23243] [U] [ 1428.673769][T23243] [U] [ 1428.676522][T23243] [U] [ 1428.679238][T23243] [U] [ 1428.681946][T23243] [U] [ 1428.692523][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 1428.698697][T18205] Bluetooth: hci1: command 0x0c1a tx timeout [ 1428.704696][T18205] Bluetooth: hci4: command 0x0419 tx timeout [ 1428.735412][T23243] [U] [ 1428.738167][T23243] [U] [ 1428.740873][T23243] [U] [ 1428.743578][T23243] [U] [ 1428.814287][T23243] [U] [ 1428.817038][T23243] [U] [ 1428.819745][T23243] [U] [ 1428.822461][T23243] [U] [ 1428.904930][T23243] [U] [ 1432.837735][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1433.077152][ T5829] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 1436.279287][ T5829] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1439.700924][T23352] Invalid ELF header magic: != ELF [ 1441.401535][ T5829] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1442.763104][T18205] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 1445.888265][T23393] zswap: compressor  not available [ 1447.375694][T23425] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 1451.410451][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1457.269890][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1458.291808][T23490] FAULT_INJECTION: forcing a failure. [ 1458.291808][T23490] name failslab, interval 1, probability 0, space 0, times 0 [ 1458.581376][T23490] CPU: 0 UID: 0 PID: 23490 Comm: syz.0.3931 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1458.581432][T23490] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1458.581447][T23490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1458.581462][T23490] Call Trace: [ 1458.581471][T23490] [ 1458.581482][T23490] dump_stack_lvl+0x100/0x190 [ 1458.581523][T23490] should_fail_ex.cold+0x5/0xa [ 1458.581553][T23490] should_failslab+0xc2/0x120 [ 1458.581594][T23490] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1458.581624][T23490] ? copy_time_ns+0xf6/0x800 [ 1458.581654][T23490] copy_time_ns+0xf6/0x800 [ 1458.581677][T23490] ? copy_cgroup_ns+0x71/0x970 [ 1458.581706][T23490] create_new_namespaces+0x48a/0xac0 [ 1458.581738][T23490] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1458.581766][T23490] ksys_unshare+0x455/0xab0 [ 1458.581798][T23490] ? __pfx_ksys_unshare+0x10/0x10 [ 1458.581846][T23490] __x64_sys_unshare+0x31/0x40 [ 1458.581876][T23490] do_syscall_64+0x106/0xf80 [ 1458.581904][T23490] ? clear_bhb_loop+0x40/0x90 [ 1458.581934][T23490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1458.581960][T23490] RIP: 0033:0x7fb0ce79c629 [ 1458.581981][T23490] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1458.582005][T23490] RSP: 002b:00007fb0cc9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1458.582028][T23490] RAX: ffffffffffffffda RBX: 00007fb0cea16090 RCX: 00007fb0ce79c629 [ 1458.582045][T23490] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 1458.582060][T23490] RBP: 00007fb0ce832b39 R08: 0000000000000000 R09: 0000000000000000 [ 1458.582076][T23490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1458.582090][T23490] R13: 00007fb0cea16128 R14: 00007fb0cea16090 R15: 00007ffd8e361638 [ 1458.582121][T23490] [ 1477.736353][T23579] Setting dangerous option i915.mitigations - tainting kernel [ 1483.263544][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1485.507842][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1485.514263][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1486.545639][T23662] random: crng reseeded on system resumption [ 1488.180700][T23641] Setting dangerous option i915.mitigations - tainting kernel [ 1490.866159][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1497.032148][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1500.716254][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1503.801930][T23787] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1503.872002][T23787] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1503.927281][T23787] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1503.974462][T23787] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1504.321842][T18205] Bluetooth: hci0: command 0x0c1a tx timeout [ 1504.756896][ T30] audit: type=1800 audit(1771730755.820:25): pid=23811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3992" name="version" dev="configfs" ino=157373 res=0 errno=0 [ 1505.012471][ T30] audit: type=1800 audit(1771730755.930:26): pid=23811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3992" name="version" dev="configfs" ino=157373 res=0 errno=0 [ 1505.254005][ T30] audit: type=1800 audit(1771730755.930:27): pid=23811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3992" name="version" dev="configfs" ino=157373 res=0 errno=0 [ 1505.519925][ T30] audit: type=1800 audit(1771730755.960:28): pid=23811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3992" name="version" dev="configfs" ino=157373 res=0 errno=0 [ 1505.741928][ T30] audit: type=1800 audit(1771730755.960:29): pid=23811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3992" name="version" dev="configfs" ino=157373 res=0 errno=0 [ 1505.921202][T18205] Bluetooth: hci4: command 0x0419 tx timeout [ 1506.007513][T18205] Bluetooth: hci3: command 0x0c1a tx timeout [ 1506.015940][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 1506.044513][ T30] audit: type=1800 audit(1771730756.000:30): pid=23811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3992" name="version" dev="configfs" ino=157373 res=0 errno=0 [ 1506.278797][ T30] audit: type=1800 audit(1771730756.000:31): pid=23811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3992" name="version" dev="configfs" ino=157373 res=0 errno=0 [ 1506.502430][ T30] audit: type=1800 audit(1771730756.010:32): pid=23811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3992" name="version" dev="configfs" ino=157373 res=0 errno=0 [ 1506.727327][ T30] audit: type=1800 audit(1771730756.040:33): pid=23811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3992" name="version" dev="configfs" ino=157373 res=0 errno=0 [ 1506.824959][T23821] random: crng reseeded on system resumption [ 1506.922993][ T30] audit: type=1800 audit(1771730756.509:34): pid=23811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3992" name="version" dev="configfs" ino=157373 res=0 errno=0 [ 1510.412233][T23849] FAULT_INJECTION: forcing a failure. [ 1510.412233][T23849] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1510.786994][T23841] random: crng reseeded on system resumption [ 1510.896511][T23849] CPU: 0 UID: 0 PID: 23849 Comm: syz.2.3998 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1510.896561][T23849] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1510.896574][T23849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1510.896588][T23849] Call Trace: [ 1510.896595][T23849] [ 1510.896604][T23849] dump_stack_lvl+0x100/0x190 [ 1510.896644][T23849] should_fail_ex.cold+0x5/0xa [ 1510.896670][T23849] _copy_from_user+0x2e/0xd0 [ 1510.896706][T23849] copy_msghdr_from_user+0x9f/0x4f0 [ 1510.896742][T23849] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1510.896789][T23849] ___sys_sendmsg+0x106/0x1e0 [ 1510.896824][T23849] ? __pfx____sys_sendmsg+0x10/0x10 [ 1510.896890][T23849] __sys_sendmsg+0x170/0x220 [ 1510.896915][T23849] ? __pfx___sys_sendmsg+0x10/0x10 [ 1510.896964][T23849] do_syscall_64+0x106/0xf80 [ 1510.896990][T23849] ? clear_bhb_loop+0x40/0x90 [ 1510.897017][T23849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1510.897041][T23849] RIP: 0033:0x7f5d38d9c629 [ 1510.897060][T23849] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1510.897083][T23849] RSP: 002b:00007f5d39bc8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1510.897104][T23849] RAX: ffffffffffffffda RBX: 00007f5d39016270 RCX: 00007f5d38d9c629 [ 1510.897120][T23849] RDX: 0000000020000000 RSI: 0000200000007b00 RDI: 0000000000000007 [ 1510.897135][T23849] RBP: 00007f5d39bc8090 R08: 0000000000000000 R09: 0000000000000000 [ 1510.897150][T23849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1510.897163][T23849] R13: 00007f5d39016308 R14: 00007f5d39016270 R15: 00007ffffd401e88 [ 1510.897193][T23849] [ 1516.817803][T23882] random: crng reseeded on system resumption [ 1520.749263][T23904] random: crng reseeded on system resumption [ 1529.176461][T23958] random: crng reseeded on system resumption [ 1535.277206][T24005] random: crng reseeded on system resumption [ 1540.121980][T24030] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1540.229724][T24030] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1540.325525][T24030] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1540.503369][T24030] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1541.211324][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1542.262148][ T5829] Bluetooth: hci4: command 0x0419 tx timeout [ 1542.415252][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 1542.571996][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 1542.578192][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1546.998032][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1547.019858][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1549.999590][T24112] random: crng reseeded on system resumption [ 1551.389751][T18205] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 1551.398642][T18205] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff [ 1557.759264][T24170] sd 0:0:1:0: PR command failed: 1026 [ 1557.772577][T24170] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1557.864499][T24170] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1558.582882][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1560.772527][T24198] random: crng reseeded on system resumption [ 1563.693416][T24210] random: crng reseeded on system resumption [ 1574.588039][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1577.691625][T24311] nvme_fcloop: unknown parameter or missing value '7=";&L=j"Yq'R"' [ 1577.911002][T24300] random: crng reseeded on system resumption [ 1583.131156][T24355] FAULT_INJECTION: forcing a failure. [ 1583.131156][T24355] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1583.248549][T24355] CPU: 0 UID: 0 PID: 24355 Comm: syz.0.4091 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1583.248601][T24355] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1583.248615][T24355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1583.248629][T24355] Call Trace: [ 1583.248637][T24355] [ 1583.248647][T24355] dump_stack_lvl+0x100/0x190 [ 1583.248688][T24355] should_fail_ex.cold+0x5/0xa [ 1583.248716][T24355] get_futex_key+0x1d2/0x1620 [ 1583.248747][T24355] ? __pfx_get_futex_key+0x10/0x10 [ 1583.248772][T24355] ? lock_acquire+0x1cf/0x380 [ 1583.248810][T24355] futex_wake+0xea/0x530 [ 1583.248848][T24355] ? __pfx_futex_wake+0x10/0x10 [ 1583.248889][T24355] ? exit_mm_release+0x19/0x30 [ 1583.248925][T24355] do_futex+0x32b/0x350 [ 1583.248955][T24355] ? __pfx_do_futex+0x10/0x10 [ 1583.248982][T24355] ? __might_fault+0xc5/0x140 [ 1583.249021][T24355] mm_release+0x24a/0x2f0 [ 1583.249044][T24355] do_exit+0x675/0x2aa0 [ 1583.249078][T24355] ? __pfx_do_exit+0x10/0x10 [ 1583.249108][T24355] ? do_raw_spin_lock+0x128/0x260 [ 1583.249140][T24355] ? find_held_lock+0x2b/0x80 [ 1583.249176][T24355] ? get_signal+0x7e0/0x21e0 [ 1583.249203][T24355] do_group_exit+0xd5/0x2a0 [ 1583.249235][T24355] get_signal+0x1ec7/0x21e0 [ 1583.249269][T24355] ? __pfx_get_signal+0x10/0x10 [ 1583.249293][T24355] ? do_futex+0x192/0x350 [ 1583.249338][T24355] arch_do_signal_or_restart+0x91/0x770 [ 1583.249367][T24355] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1583.249402][T24355] ? __pfx___x64_sys_futex+0x10/0x10 [ 1583.249438][T24355] exit_to_user_mode_loop+0x86/0x4a0 [ 1583.249470][T24355] do_syscall_64+0x668/0xf80 [ 1583.249494][T24355] ? clear_bhb_loop+0x40/0x90 [ 1583.249523][T24355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1583.249565][T24355] RIP: 0033:0x7fb0ce79c629 [ 1583.249586][T24355] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1583.249617][T24355] RSP: 002b:00007fb0cf58d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1583.249640][T24355] RAX: fffffffffffffe00 RBX: 00007fb0cea15fa8 RCX: 00007fb0ce79c629 [ 1583.249656][T24355] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb0cea15fa8 [ 1583.249671][T24355] RBP: 00007fb0cea15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1583.249686][T24355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1583.249701][T24355] R13: 00007fb0cea16038 R14: 00007ffd8e361550 R15: 00007ffd8e361638 [ 1583.249731][T24355] [ 1584.259655][T24376] random: crng reseeded on system resumption [ 1586.646709][T24396] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 1588.405723][T24412] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4103'. [ 1589.396503][T24422] random: crng reseeded on system resumption [ 1595.124570][T24466] zswap: compressor not available [ 1595.329169][T24462] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4114'. [ 1595.775001][T24462] bond0: (slave bond_slave_1): Releasing backup interface [ 1597.303849][T24482] [U] ^@ [ 1598.924795][T24497] random: crng reseeded on system resumption [ 1603.497841][T24535] random: crng reseeded on system resumption [ 1606.195010][T24563] block nbd2: not configured, cannot reconfigure [ 1608.466703][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1608.473080][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1609.296666][T24590] [U]  [ 1609.299572][T24590] [U] [ 1609.302293][T24590] [U] [ 1609.305019][T24590] [U] [ 1609.481520][T24590] [U] [ 1609.484284][T24590] [U] [ 1609.487000][T24590] [U] [ 1609.489733][T24590] [U] [ 1609.716888][T24588] [U] [ 1610.365877][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1610.756932][T24606] random: crng reseeded on system resumption [ 1616.217662][T24623] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1616.318102][T24623] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1616.355596][T24623] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1616.432526][T24623] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1616.709170][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1618.386380][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 1618.392864][ T5829] Bluetooth: hci4: command 0x0419 tx timeout [ 1618.451378][T24656] Bluetooth: hci3: command 0x0c1a tx timeout [ 1618.457495][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1622.670743][T24687] random: crng reseeded on system resumption [ 1629.754061][T24728] zswap: compressor 3 not available [ 1631.046713][T24750] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 1632.925685][T24765] tipc: Enabling of bearer <@):^\/\> rejected, media not registered [ 1634.382889][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1638.141654][T18205] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 1639.443013][T24806] random: crng reseeded on system resumption [ 1643.735804][T24836] random: crng reseeded on system resumption [ 1652.146826][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1652.504260][T24917] random: crng reseeded on system resumption [ 1656.359487][T24942] random: crng reseeded on system resumption [ 1658.400207][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1660.059016][T24956] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4204'. [ 1666.163899][T24999] random: crng reseeded on system resumption [ 1668.795626][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1669.918764][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1669.925094][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1673.108923][T25049] random: crng reseeded on system resumption [ 1676.649303][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1680.085106][T25090] loop6: detected capacity change from 0 to 4194304 [ 1684.057056][T25110] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input35 [ 1685.608603][T25114] random: crng reseeded on system resumption [ 1686.589924][T25113] No such timeout policy "" [ 1686.750537][T25113] netlink: Failed to associated timeout policy '' [ 1691.372961][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1691.830693][T25148] random: crng reseeded on system resumption [ 1699.936108][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1700.257867][T25211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4248'. [ 1702.374982][T25221] random: crng reseeded on system resumption [ 1708.730354][T25264] random: crng reseeded on system resumption [ 1712.255179][T25285] random: crng reseeded on system resumption [ 1720.466228][T25328] random: crng reseeded on system resumption [ 1728.089397][T25387] random: crng reseeded on system resumption [ 1731.415445][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1731.421899][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1736.561735][T25426] futex_wake_op: syz.2.4283 tries to shift op by -2048; fix this program [ 1744.714376][T25480] random: crng reseeded on system resumption [ 1749.716702][T25503] FAULT_INJECTION: forcing a failure. [ 1749.716702][T25503] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1749.874543][T25503] CPU: 0 UID: 0 PID: 25503 Comm: syz.0.4295 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1749.874595][T25503] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1749.874609][T25503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1749.874624][T25503] Call Trace: [ 1749.874632][T25503] [ 1749.874642][T25503] dump_stack_lvl+0x100/0x190 [ 1749.874683][T25503] should_fail_ex.cold+0x5/0xa [ 1749.874710][T25503] _copy_to_user+0x32/0xd0 [ 1749.874749][T25503] simple_read_from_buffer+0xcb/0x170 [ 1749.874786][T25503] proc_fail_nth_read+0x1af/0x230 [ 1749.874813][T25503] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1749.874841][T25503] ? rw_verify_area+0xce/0x6d0 [ 1749.874872][T25503] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1749.874898][T25503] vfs_read+0x1e4/0xb30 [ 1749.874935][T25503] ? __pfx_vfs_read+0x10/0x10 [ 1749.874968][T25503] ? __fget_files+0x215/0x3d0 [ 1749.875009][T25503] ? __fget_files+0x21f/0x3d0 [ 1749.875052][T25503] ksys_read+0x12a/0x250 [ 1749.875086][T25503] ? __pfx_ksys_read+0x10/0x10 [ 1749.875128][T25503] do_syscall_64+0x106/0xf80 [ 1749.875154][T25503] ? clear_bhb_loop+0x40/0x90 [ 1749.875183][T25503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1749.875207][T25503] RIP: 0033:0x7fb0ce75cece [ 1749.875226][T25503] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1749.875249][T25503] RSP: 002b:00007fb0cc9d4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1749.875272][T25503] RAX: ffffffffffffffda RBX: 00007fb0cc9d56c0 RCX: 00007fb0ce75cece [ 1749.875288][T25503] RDX: 000000000000000f RSI: 00007fb0cc9d50a0 RDI: 000000000000001d [ 1749.875302][T25503] RBP: 00007fb0cc9d5090 R08: 0000000000000000 R09: 0000000000000000 [ 1749.875320][T25503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1749.875334][T25503] R13: 00007fb0cea16218 R14: 00007fb0cea16180 R15: 00007ffd8e361638 [ 1749.875365][T25503] [ 1752.837385][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1768.540848][T25626] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4312'. [ 1769.038641][T25626] team0 (unregistering): Port device team_slave_0 removed [ 1769.537055][T25626] team0 (unregistering): Port device team_slave_1 removed [ 1777.315984][T25670] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 1777.323033][T25670] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 1780.866159][T25698] vivid-007: ================= START STATUS ================= [ 1781.062383][T25698] vivid-007: Generate PTS: true [ 1781.067433][T25698] vivid-007: Generate SCR: true [ 1781.481052][T25698] tpg source WxH: 320x240 (Y'CbCr) [ 1781.648770][T25698] tpg field: 1 [ 1781.761395][T25698] tpg crop: (0,0)/320x240 [ 1781.765826][T25698] tpg compose: (0,0)/320x240 [ 1782.092352][T25698] tpg colorspace: 8 [ 1782.192187][T25698] tpg transfer function: 0/0 [ 1782.196855][T25698] tpg Y'CbCr encoding: 0/0 [ 1782.201275][T25698] tpg quantization: 0/0 [ 1782.704943][T25698] tpg RGB range: 0/2 [ 1782.892185][T25698] vivid-007: ================== END STATUS ================== [ 1787.064435][T25727] random: crng reseeded on system resumption [ 1787.953302][T25737] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4329'. [ 1792.876405][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1792.882818][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1807.405552][T25832] random: crng reseeded on system resumption [ 1813.004235][T25862] random: crng reseeded on system resumption [ 1816.417335][T25895] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(15) [ 1817.389616][T25907] random: crng reseeded on system resumption [ 1820.111676][T25933] random: crng reseeded on system resumption [ 1823.791351][T25951] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1823.933617][T25951] usb usb2: usbfs: process 25951 (syz.2.4364) did not claim interface 4 before use [ 1825.280988][T25963] random: crng reseeded on system resumption [ 1825.292045][T25951] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1836.359366][T26041] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 1836.481410][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 1836.481430][ T30] audit: type=1806 audit(1771731087.394:50): xattr="0" res=-22 [ 1837.200019][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1837.779363][T24656] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 1841.347275][T26058] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1841.448101][T26058] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1841.539109][T26058] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1841.644785][T26058] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1842.020227][T24656] Bluetooth: hci0: command 0x0c1a tx timeout [ 1843.452209][T24656] Bluetooth: hci4: command 0x0419 tx timeout [ 1843.602278][T18205] Bluetooth: hci1: command 0x0c1a tx timeout [ 1843.682717][T18205] Bluetooth: hci3: command 0x0c1a tx timeout [ 1852.288380][T26125] Setting dangerous option i915.mitigations - tainting kernel [ 1853.299941][T26144] random: crng reseeded on system resumption [ 1854.342902][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1854.367887][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1860.330613][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1861.457350][T26195] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4408'. [ 1861.587627][T26185] random: crng reseeded on system resumption [ 1861.910357][T26184] Setting dangerous option i915.mitigations - tainting kernel [ 1862.264272][T26201] vivid-007: ================= START STATUS ================= [ 1862.342798][T26201] vivid-007: Generate PTS: true [ 1862.469429][T26201] vivid-007: Generate SCR: true [ 1862.585503][T26201] tpg source WxH: 320x240 (Y'CbCr) [ 1862.590669][T26201] tpg field: 1 [ 1862.768065][T26201] tpg crop: (0,0)/320x240 [ 1862.831860][T26201] tpg compose: (0,0)/320x240 [ 1862.836496][T26201] tpg colorspace: 8 [ 1862.840314][T26201] tpg transfer function: 0/0 [ 1863.190272][T26201] tpg Y'CbCr encoding: 0/0 [ 1863.275545][T26201] tpg quantization: 0/0 [ 1863.452299][T26201] tpg RGB range: 0/2 [ 1863.456244][T26201] vivid-007: ================== END STATUS ================== [ 1863.784506][ T30] audit: type=1800 audit(1771731114.680:51): pid=26201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4409" name="dbroot" dev="configfs" ino=431523 res=0 errno=0 [ 1866.533549][T26222] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4412'. [ 1868.326423][T26237] random: crng reseeded on system resumption [ 1870.745163][T26246] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4416'. [ 1873.142032][T26263] futex_wake_op: syz.0.4419 tries to shift op by -1; fix this program [ 1881.436152][T26318] random: crng reseeded on system resumption [ 1882.465048][T26323] usb usb36: usbfs: process 26323 (syz.2.4433) did not claim interface 0 before use [ 1883.020646][T26334] random: crng reseeded on system resumption [ 1886.878839][T26366] random: crng reseeded on system resumption [ 1888.337010][T26376] FAULT_INJECTION: forcing a failure. [ 1888.337010][T26376] name failslab, interval 1, probability 0, space 0, times 0 [ 1888.459993][T26376] CPU: 0 UID: 0 PID: 26376 Comm: syz.0.4443 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1888.460046][T26376] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1888.460061][T26376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1888.460076][T26376] Call Trace: [ 1888.460084][T26376] [ 1888.460095][T26376] dump_stack_lvl+0x100/0x190 [ 1888.460137][T26376] should_fail_ex.cold+0x5/0xa [ 1888.460166][T26376] should_failslab+0xc2/0x120 [ 1888.460207][T26376] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1888.460242][T26376] ? __d_alloc+0x34/0xa80 [ 1888.460267][T26376] ? lockdep_init_map_type+0x5c/0x250 [ 1888.460303][T26376] __d_alloc+0x34/0xa80 [ 1888.460330][T26376] d_alloc_pseudo+0x1c/0xc0 [ 1888.460363][T26376] alloc_file_pseudo+0xcf/0x230 [ 1888.460404][T26376] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1888.460433][T26376] ? alloc_fd+0x476/0x790 [ 1888.460476][T26376] sock_alloc_file+0x50/0x210 [ 1888.460507][T26376] __sys_socket+0x1c0/0x260 [ 1888.460550][T26376] ? __pfx___sys_socket+0x10/0x10 [ 1888.460595][T26376] __x64_sys_socket+0x72/0xb0 [ 1888.460630][T26376] ? lockdep_hardirqs_on+0x78/0x100 [ 1888.460659][T26376] do_syscall_64+0x106/0xf80 [ 1888.460685][T26376] ? clear_bhb_loop+0x40/0x90 [ 1888.460719][T26376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1888.460744][T26376] RIP: 0033:0x7fb0ce79c629 [ 1888.460765][T26376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1888.460791][T26376] RSP: 002b:00007fb0cf58d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1888.460814][T26376] RAX: ffffffffffffffda RBX: 00007fb0cea15fa0 RCX: 00007fb0ce79c629 [ 1888.460831][T26376] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1888.460846][T26376] RBP: 00007fb0ce832b39 R08: 0000000000000000 R09: 0000000000000000 [ 1888.460862][T26376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1888.460877][T26376] R13: 00007fb0cea16038 R14: 00007fb0cea15fa0 R15: 00007ffd8e361638 [ 1888.460909][T26376] [ 1888.679276][T26377] pci 0000:00:00.0: MSI/MSI-X allowed for future drivers [ 1890.660299][T26380] FAULT_INJECTION: forcing a failure. [ 1890.660299][T26380] name failslab, interval 1, probability 0, space 0, times 0 [ 1890.793500][T26380] CPU: 0 UID: 0 PID: 26380 Comm: syz.0.4444 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1890.793552][T26380] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1890.793568][T26380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1890.793595][T26380] Call Trace: [ 1890.793603][T26380] [ 1890.793612][T26380] dump_stack_lvl+0x100/0x190 [ 1890.793652][T26380] should_fail_ex.cold+0x5/0xa [ 1890.793679][T26380] ? ops_init+0x77/0x5f0 [ 1890.793704][T26380] should_failslab+0xc2/0x120 [ 1890.793743][T26380] __kmalloc_noprof+0xe0/0x850 [ 1890.793778][T26380] ? __raw_spin_lock_init+0x3a/0x110 [ 1890.793816][T26380] ops_init+0x77/0x5f0 [ 1890.793846][T26380] setup_net+0x118/0x3a0 [ 1890.793874][T26380] ? __pfx_setup_net+0x10/0x10 [ 1890.793900][T26380] ? lockdep_init_map_type+0x5c/0x250 [ 1890.793931][T26380] ? mutex_init_lockep+0x110/0x150 [ 1890.793967][T26380] copy_net_ns+0x46f/0x7c0 [ 1890.794000][T26380] create_new_namespaces+0x3ea/0xac0 [ 1890.794031][T26380] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1890.794058][T26380] ksys_unshare+0x455/0xab0 [ 1890.794089][T26380] ? __pfx_ksys_unshare+0x10/0x10 [ 1890.794129][T26380] __x64_sys_unshare+0x31/0x40 [ 1890.794157][T26380] do_syscall_64+0x106/0xf80 [ 1890.794183][T26380] ? clear_bhb_loop+0x40/0x90 [ 1890.794212][T26380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1890.794244][T26380] RIP: 0033:0x7fb0ce79c629 [ 1890.794264][T26380] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1890.794288][T26380] RSP: 002b:00007fb0cf58d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1890.794310][T26380] RAX: ffffffffffffffda RBX: 00007fb0cea15fa0 RCX: 00007fb0ce79c629 [ 1890.794344][T26380] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1890.794360][T26380] RBP: 00007fb0ce832b39 R08: 0000000000000000 R09: 0000000000000000 [ 1890.794375][T26380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1890.794389][T26380] R13: 00007fb0cea16038 R14: 00007fb0cea15fa0 R15: 00007ffd8e361638 [ 1890.794422][T26380] [ 1893.321779][T26401] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1893.963915][T26401] nfs4: Unknown parameter 'Z [ 1893.963915][T26401] Lu3.D ۪cjh"`_c}^M*Zs{y y/?$wSC<@_r`"%dxU' [ 1896.156853][T26424] random: crng reseeded on system resumption [ 1896.972621][T26431] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input36 [ 1897.598701][ T30] audit: type=1806 audit(1771731148.473:52): xattr="0" res=-22 [ 1903.492369][T26478] random: crng reseeded on system resumption [ 1905.562988][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1907.562328][T26510] random: crng reseeded on system resumption [ 1909.046848][T26523] futex_wake_op: syz.0.4470 tries to shift op by -1; fix this program [ 1911.636216][T18205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1913.873445][T26550] random: crng reseeded on system resumption [ 1914.550676][T26560] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1915.198589][T26564] vivid-013: ================= START STATUS ================= [ 1915.429872][T26564] vivid-013: Generate PTS: true [ 1915.486660][T26564] vivid-013: Generate SCR: true [ 1915.606493][T26564] tpg source WxH: 320x240 (Y'CbCr) [ 1915.788701][T26564] tpg field: 1 [ 1915.792125][T26564] tpg crop: (0,0)/320x240 [ 1915.796466][T26564] tpg compose: (0,0)/320x240 [ 1915.853963][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1915.860877][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1916.288753][T26564] tpg colorspace: 8 [ 1916.292617][T26564] tpg transfer function: 0/0 [ 1916.297217][T26564] tpg Y'CbCr encoding: 0/0 [ 1916.542014][T26564] tpg quantization: 0/0 [ 1916.546219][T26564] tpg RGB range: 0/2 [ 1916.980970][T26564] vivid-013: ================== END STATUS ================== [ 1917.247452][T26575] random: crng reseeded on system resumption [ 1918.622335][T26580] random: crng reseeded on system resumption [ 1920.573745][T26595] FAULT_INJECTION: forcing a failure. [ 1920.573745][T26595] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1920.756313][T26595] CPU: 0 UID: 0 PID: 26595 Comm: syz.3.4482 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1920.756372][T26595] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1920.756386][T26595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1920.756401][T26595] Call Trace: [ 1920.756409][T26595] [ 1920.756418][T26595] dump_stack_lvl+0x100/0x190 [ 1920.756458][T26595] should_fail_ex.cold+0x5/0xa [ 1920.756485][T26595] _copy_to_user+0x32/0xd0 [ 1920.756524][T26595] simple_read_from_buffer+0xcb/0x170 [ 1920.756561][T26595] proc_fail_nth_read+0x1af/0x230 [ 1920.756588][T26595] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1920.756617][T26595] ? rw_verify_area+0xce/0x6d0 [ 1920.756648][T26595] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1920.756673][T26595] vfs_read+0x1e4/0xb30 [ 1920.756712][T26595] ? __pfx_vfs_read+0x10/0x10 [ 1920.756745][T26595] ? do_sys_openat2+0x157/0x1e0 [ 1920.756775][T26595] ? fdget+0x17a/0x210 [ 1920.756810][T26595] ? __sys_sendmsg+0x18f/0x220 [ 1920.756837][T26595] ? __pfx___sys_sendmsg+0x10/0x10 [ 1920.756869][T26595] ksys_read+0x12a/0x250 [ 1920.756903][T26595] ? __pfx_ksys_read+0x10/0x10 [ 1920.756946][T26595] do_syscall_64+0x106/0xf80 [ 1920.756972][T26595] ? clear_bhb_loop+0x40/0x90 [ 1920.757000][T26595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1920.757025][T26595] RIP: 0033:0x7fb32695cece [ 1920.757044][T26595] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1920.757068][T26595] RSP: 002b:00007fb32781bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1920.757091][T26595] RAX: ffffffffffffffda RBX: 00007fb32781c6c0 RCX: 00007fb32695cece [ 1920.757107][T26595] RDX: 000000000000000f RSI: 00007fb32781c0a0 RDI: 0000000000000004 [ 1920.757122][T26595] RBP: 00007fb32781c090 R08: 0000000000000000 R09: 0000000000000000 [ 1920.757137][T26595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1920.757151][T26595] R13: 00007fb326c16128 R14: 00007fb326c16090 R15: 00007ffdbef15318 [ 1920.757182][T26595] [ 1925.313221][T26632] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078009000 pfn:0x78009 [ 1925.523279][T26632] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 1925.628334][T26632] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 1925.800821][T26632] raw: ffff888078009000 ffff88823be8c000 00000001ffffffff 0000000000000000 [ 1926.103481][T26632] page dumped because: unmovable page [ 1926.268040][T26632] page_owner tracks the page as allocated [ 1926.329807][T26632] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2cc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN), pid 6009, tgid 6005 (syz.1.23), ts 104270261926, free_ts 103710558808 [ 1926.848955][T26632] post_alloc_hook+0x153/0x170 [ 1927.036308][T26632] get_page_from_freelist+0x111d/0x3140 [ 1927.207501][T26632] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 1927.309212][T26632] __alloc_pages_noprof+0xb/0x1b0 [ 1927.442003][T26632] pcpu_populate_chunk+0x118/0x990 [ 1927.556431][T26632] pcpu_alloc_noprof+0x833/0x1c50 [ 1927.561662][T26632] bpf_map_alloc_percpu+0x9a/0xf0 [ 1927.714293][T26632] htab_map_alloc+0x1054/0x14e0 [ 1927.719233][T26632] map_create+0x84e/0x2ba0 [ 1927.836734][T26632] __sys_bpf+0x2091/0x4b90 [ 1927.895073][T26632] __x64_sys_bpf+0x7b/0xc0 [ 1927.899559][T26632] do_syscall_64+0x106/0xf80 [ 1927.971349][T26632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1928.010960][T26632] page last free pid 23 tgid 23 stack trace: [ 1928.061764][T26632] __free_frozen_pages+0x7e1/0x10d0 [ 1928.103899][T26632] tlb_remove_table_rcu+0x2b2/0x390 [ 1928.139655][T26632] rcu_core+0x5a2/0x10d0 [ 1928.184919][T26632] handle_softirqs+0x1eb/0x9e0 [ 1928.226027][T26632] run_ksoftirqd+0x38/0x60 [ 1928.281529][T26632] smpboot_thread_fn+0x3d3/0xaa0 [ 1928.343719][T26632] kthread+0x370/0x450 [ 1928.405977][T26632] ret_from_fork+0x754/0xd80 [ 1928.410715][T26632] ret_from_fork_asm+0x1a/0x30 [ 1930.309471][T26672] binder: 26669:26672 ioctl 40046210 0 returned -14 [ 1930.599021][T26661] random: crng reseeded on system resumption [ 1935.832082][ T30] audit: type=1806 audit(1771731186.694:53): xattr="0" res=-22 [ 1936.523907][T26722] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input37 [ 1938.965131][T26745] random: crng reseeded on system resumption [ 1944.972523][T26856] FAULT_INJECTION: forcing a failure. [ 1944.972523][T26856] name failslab, interval 1, probability 0, space 0, times 0 [ 1945.047249][T26856] CPU: 0 UID: 0 PID: 26856 Comm: syz.2.4531 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1945.047305][T26856] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1945.047319][T26856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1945.047334][T26856] Call Trace: [ 1945.047343][T26856] [ 1945.047352][T26856] dump_stack_lvl+0x100/0x190 [ 1945.047393][T26856] should_fail_ex.cold+0x5/0xa [ 1945.047421][T26856] ? ops_init+0x77/0x5f0 [ 1945.047447][T26856] should_failslab+0xc2/0x120 [ 1945.047487][T26856] __kmalloc_noprof+0xe0/0x850 [ 1945.047522][T26856] ? __raw_spin_lock_init+0x3a/0x110 [ 1945.047562][T26856] ops_init+0x77/0x5f0 [ 1945.047593][T26856] setup_net+0x118/0x3a0 [ 1945.047622][T26856] ? __pfx_setup_net+0x10/0x10 [ 1945.047649][T26856] ? lockdep_init_map_type+0x5c/0x250 [ 1945.047681][T26856] ? mutex_init_lockep+0x110/0x150 [ 1945.047718][T26856] copy_net_ns+0x46f/0x7c0 [ 1945.047757][T26856] create_new_namespaces+0x3ea/0xac0 [ 1945.047790][T26856] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1945.047819][T26856] ksys_unshare+0x455/0xab0 [ 1945.047852][T26856] ? __pfx_ksys_unshare+0x10/0x10 [ 1945.047893][T26856] __x64_sys_unshare+0x31/0x40 [ 1945.047923][T26856] do_syscall_64+0x106/0xf80 [ 1945.047950][T26856] ? clear_bhb_loop+0x40/0x90 [ 1945.047980][T26856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1945.048006][T26856] RIP: 0033:0x7f5d38d9c629 [ 1945.048026][T26856] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1945.048051][T26856] RSP: 002b:00007f5d39c2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1945.048075][T26856] RAX: ffffffffffffffda RBX: 00007f5d39015fa0 RCX: 00007f5d38d9c629 [ 1945.048098][T26856] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1945.048113][T26856] RBP: 00007f5d38e32b39 R08: 0000000000000000 R09: 0000000000000000 [ 1945.048130][T26856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1945.048151][T26856] R13: 00007f5d39016038 R14: 00007f5d39015fa0 R15: 00007ffffd401e88 [ 1945.048182][T26856] [ 1946.711181][T26879] FAULT_INJECTION: forcing a failure. [ 1946.711181][T26879] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1946.759136][ T30] audit: type=1326 audit(1771731197.609:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26860 comm="syz.3.4532" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb32699c629 code=0x0 [ 1946.887148][T26879] CPU: 0 UID: 0 PID: 26879 Comm: syz.0.4536 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1946.887205][T26879] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1946.887224][T26879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1946.887239][T26879] Call Trace: [ 1946.887248][T26879] [ 1946.887257][T26879] dump_stack_lvl+0x100/0x190 [ 1946.887298][T26879] should_fail_ex.cold+0x5/0xa [ 1946.887328][T26879] get_futex_key+0x1d2/0x1620 [ 1946.887359][T26879] ? __pfx_get_futex_key+0x10/0x10 [ 1946.887387][T26879] ? find_held_lock+0x2b/0x80 [ 1946.887424][T26879] ? futex_wake+0x456/0x530 [ 1946.887466][T26879] futex_wake+0xea/0x530 [ 1946.887504][T26879] ? __pfx_futex_wake+0x10/0x10 [ 1946.887553][T26879] do_futex+0x32b/0x350 [ 1946.887584][T26879] ? __pfx_do_futex+0x10/0x10 [ 1946.887616][T26879] ? up_write+0x290/0x4f0 [ 1946.887653][T26879] __x64_sys_futex+0x34f/0x4d0 [ 1946.887686][T26879] ? __pfx_do_pipe2+0x10/0x10 [ 1946.887708][T26879] ? __pfx___x64_sys_futex+0x10/0x10 [ 1946.887751][T26879] do_syscall_64+0x106/0xf80 [ 1946.887778][T26879] ? clear_bhb_loop+0x40/0x90 [ 1946.887808][T26879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1946.887833][T26879] RIP: 0033:0x7fb0ce79c629 [ 1946.887853][T26879] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1946.887877][T26879] RSP: 002b:00007fb0cc9f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1946.887901][T26879] RAX: ffffffffffffffda RBX: 00007fb0cea16098 RCX: 00007fb0ce79c629 [ 1946.887926][T26879] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb0cea1609c [ 1946.887942][T26879] RBP: 00007fb0cea16090 R08: 0000000000000000 R09: 0000000000000000 [ 1946.887958][T26879] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1946.887974][T26879] R13: 00007fb0cea16128 R14: 00007ffd8e361550 R15: 00007ffd8e361638 [ 1946.888005][T26879] [ 1947.366002][T26720] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1947.469916][ T30] audit: type=1807 audit(1771731198.268:55): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 1947.515592][ T30] audit: type=1802 audit(1771731198.268:56): pid=26889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.4539" res=0 errno=0 [ 1947.599663][T26893] random: crng reseeded on system resumption [ 1948.469964][T26888] ima: policy update failed [ 1948.511068][T26903] FAULT_INJECTION: forcing a failure. [ 1948.511068][T26903] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1948.534682][ T30] audit: type=1802 audit(1771731199.378:57): pid=26888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.4539" res=0 errno=0 [ 1948.698570][T26903] CPU: 0 UID: 0 PID: 26903 Comm: syz.0.4542 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1948.698623][T26903] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1948.698636][T26903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1948.698651][T26903] Call Trace: [ 1948.698659][T26903] [ 1948.698668][T26903] dump_stack_lvl+0x100/0x190 [ 1948.698707][T26903] should_fail_ex.cold+0x5/0xa [ 1948.698735][T26903] _copy_from_user+0x2e/0xd0 [ 1948.698772][T26903] get_timespec64+0x8b/0x1b0 [ 1948.698797][T26903] ? __pfx_get_timespec64+0x10/0x10 [ 1948.698833][T26903] ? common_nsleep+0xa1/0xd0 [ 1948.698862][T26903] __x64_sys_clock_nanosleep+0x1ce/0x480 [ 1948.698904][T26903] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 1948.698951][T26903] do_syscall_64+0x106/0xf80 [ 1948.698977][T26903] ? clear_bhb_loop+0x40/0x90 [ 1948.699006][T26903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1948.699030][T26903] RIP: 0033:0x7fb0ce75cece [ 1948.699050][T26903] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1948.699074][T26903] RSP: 002b:00007ffd8e361718 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 [ 1948.699097][T26903] RAX: ffffffffffffffda RBX: 000055558d0a6500 RCX: 00007fb0ce75cece [ 1948.699113][T26903] RDX: 00007ffd8e361770 RSI: 0000000000000000 RDI: 0000000000000000 [ 1948.699128][T26903] RBP: 00007fb0cea17da0 R08: 0000000000000000 R09: 0000000000000000 [ 1948.699143][T26903] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000001db9e6 [ 1948.699157][T26903] R13: 00007fb0cea1609c R14: 00000000001db777 R15: 00007fb0cea16090 [ 1948.699188][T26903] [ 1949.370939][T26921] FAULT_INJECTION: forcing a failure. [ 1949.370939][T26921] name failslab, interval 1, probability 0, space 0, times 0 [ 1949.461676][T26921] CPU: 0 UID: 0 PID: 26921 Comm: syz.1.4546 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1949.461732][T26921] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1949.461746][T26921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1949.461761][T26921] Call Trace: [ 1949.461769][T26921] [ 1949.461779][T26921] dump_stack_lvl+0x100/0x190 [ 1949.461818][T26921] should_fail_ex.cold+0x5/0xa [ 1949.461845][T26921] should_failslab+0xc2/0x120 [ 1949.461883][T26921] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1949.461916][T26921] ? taskstats_exit+0x650/0xbd0 [ 1949.461957][T26921] taskstats_exit+0x650/0xbd0 [ 1949.461993][T26921] ? __pfx_acct_update_integrals+0x10/0x10 [ 1949.462032][T26921] ? __pfx_taskstats_exit+0x10/0x10 [ 1949.462070][T26921] ? rcu_read_lock_any_held+0x6a/0xa0 [ 1949.462108][T26921] ? exit_signals+0x395/0xaf0 [ 1949.462134][T26921] do_exit+0x5ca/0x2aa0 [ 1949.462162][T26921] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1949.462192][T26921] ? __pfx_do_exit+0x10/0x10 [ 1949.462221][T26921] ? do_raw_spin_lock+0x128/0x260 [ 1949.462254][T26921] ? find_held_lock+0x2b/0x80 [ 1949.462289][T26921] ? get_signal+0x7e0/0x21e0 [ 1949.462315][T26921] do_group_exit+0xd5/0x2a0 [ 1949.462347][T26921] get_signal+0x1ec7/0x21e0 [ 1949.462370][T26921] ? security_file_permission+0x76/0x210 [ 1949.462419][T26921] ? __pfx_get_signal+0x10/0x10 [ 1949.462443][T26921] ? __pfx_vfs_read+0x10/0x10 [ 1949.462475][T26921] ? find_held_lock+0x2b/0x80 [ 1949.462511][T26921] ? __fget_files+0x215/0x3d0 [ 1949.462549][T26921] arch_do_signal_or_restart+0x91/0x770 [ 1949.462580][T26921] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1949.462617][T26921] ? ksys_read+0x1ac/0x250 [ 1949.462656][T26921] exit_to_user_mode_loop+0x86/0x4a0 [ 1949.462688][T26921] do_syscall_64+0x668/0xf80 [ 1949.462713][T26921] ? clear_bhb_loop+0x40/0x90 [ 1949.462749][T26921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1949.462774][T26921] RIP: 0033:0x7efed199c629 [ 1949.462793][T26921] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1949.462817][T26921] RSP: 002b:00007efed2892028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1949.462841][T26921] RAX: fffffffffffffe00 RBX: 00007efed1c16090 RCX: 00007efed199c629 [ 1949.462857][T26921] RDX: 0000000000000010 RSI: 0000200000000d40 RDI: 0000000000000007 [ 1949.462872][T26921] RBP: 00007efed2892090 R08: 0000000000000000 R09: 0000000000000000 [ 1949.462887][T26921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1949.462901][T26921] R13: 00007efed1c16128 R14: 00007efed1c16090 R15: 00007ffccd8e7dd8 [ 1949.462932][T26921] [ 1951.952960][T26952] random: crng reseeded on system resumption [ 1952.376979][T26705] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1952.456705][T26720] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 1954.139678][T26711] EXT4-fs (sda1): Delayed block allocation failed for inode 2028 at logical offset 10 with max blocks 1 with error 117 [ 1954.200937][T26711] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1954.200937][T26711] [ 1954.897919][T26988] FAULT_INJECTION: forcing a failure. [ 1954.897919][T26988] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1955.020907][T26991] random: crng reseeded on system resumption [ 1955.095630][T26988] CPU: 0 UID: 0 PID: 26988 Comm: syz.0.4559 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1955.095682][T26988] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1955.095696][T26988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1955.095710][T26988] Call Trace: [ 1955.095718][T26988] [ 1955.095728][T26988] dump_stack_lvl+0x100/0x190 [ 1955.095767][T26988] should_fail_ex.cold+0x5/0xa [ 1955.095795][T26988] core_sys_select+0x5d1/0xbb0 [ 1955.095842][T26988] ? __pfx_core_sys_select+0x10/0x10 [ 1955.095877][T26988] ? get_pid_task+0xfc/0x250 [ 1955.095911][T26988] ? get_pid_task+0x106/0x250 [ 1955.095958][T26988] ? __mutex_unlock_slowpath+0x15c/0x790 [ 1955.095988][T26988] ? __fget_files+0x215/0x3d0 [ 1955.096025][T26988] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1955.096058][T26988] kern_select+0x20c/0x270 [ 1955.096095][T26988] ? __pfx_kern_select+0x10/0x10 [ 1955.096134][T26988] ? __pfx_ksys_write+0x10/0x10 [ 1955.096175][T26988] __x64_sys_select+0xbd/0x160 [ 1955.096209][T26988] ? do_syscall_64+0x95/0xf80 [ 1955.096235][T26988] ? lockdep_hardirqs_on+0x78/0x100 [ 1955.096260][T26988] do_syscall_64+0x106/0xf80 [ 1955.096285][T26988] ? clear_bhb_loop+0x40/0x90 [ 1955.096314][T26988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1955.096339][T26988] RIP: 0033:0x7fb0ce79c629 [ 1955.096358][T26988] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1955.096381][T26988] RSP: 002b:00007fb0cc9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 1955.096403][T26988] RAX: ffffffffffffffda RBX: 00007fb0cea16090 RCX: 00007fb0ce79c629 [ 1955.096419][T26988] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 1955.096433][T26988] RBP: 00007fb0cc9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1955.096459][T26988] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 1955.096474][T26988] R13: 00007fb0cea16128 R14: 00007fb0cea16090 R15: 00007ffd8e361638 [ 1955.096505][T26988] [ 1957.042232][T27006] random: crng reseeded on system resumption [ 1957.931502][T27019] random: crng reseeded on system resumption [ 1958.077092][T27033] futex_wake_op: syz.3.4568 tries to shift op by -2048; fix this program [ 1961.155405][T27074] random: crng reseeded on system resumption [ 1961.528367][T27078] Invalid ELF header magic: != ELF [ 1962.424996][T27088] FAULT_INJECTION: forcing a failure. [ 1962.424996][T27088] name failslab, interval 1, probability 0, space 0, times 0 [ 1962.463052][T27088] CPU: 0 UID: 0 PID: 27088 Comm: syz.2.4580 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1962.463104][T27088] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1962.463118][T27088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1962.463133][T27088] Call Trace: [ 1962.463141][T27088] [ 1962.463150][T27088] dump_stack_lvl+0x100/0x190 [ 1962.463189][T27088] should_fail_ex.cold+0x5/0xa [ 1962.463215][T27088] should_failslab+0xc2/0x120 [ 1962.463255][T27088] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 1962.463290][T27088] ? __alloc_skb+0x140/0x710 [ 1962.463318][T27088] __alloc_skb+0x140/0x710 [ 1962.463339][T27088] ? __alloc_skb+0x5b7/0x710 [ 1962.463361][T27088] ? __pfx___alloc_skb+0x10/0x10 [ 1962.463393][T27088] netlink_alloc_large_skb+0x69/0x150 [ 1962.463442][T27088] netlink_sendmsg+0x680/0xda0 [ 1962.463476][T27088] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1962.463503][T27088] ? __import_iovec+0x1d2/0x640 [ 1962.463543][T27088] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1962.463579][T27088] ____sys_sendmsg+0xa54/0xc30 [ 1962.463614][T27088] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1962.463660][T27088] ___sys_sendmsg+0x190/0x1e0 [ 1962.463696][T27088] ? __pfx____sys_sendmsg+0x10/0x10 [ 1962.463770][T27088] __sys_sendmsg+0x170/0x220 [ 1962.463797][T27088] ? __pfx___sys_sendmsg+0x10/0x10 [ 1962.463840][T27088] do_syscall_64+0x106/0xf80 [ 1962.463865][T27088] ? clear_bhb_loop+0x40/0x90 [ 1962.463895][T27088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1962.463919][T27088] RIP: 0033:0x7f5d38d9c629 [ 1962.463938][T27088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1962.463960][T27088] RSP: 002b:00007f5d39c2b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1962.463984][T27088] RAX: ffffffffffffffda RBX: 00007f5d39015fa0 RCX: 00007f5d38d9c629 [ 1962.464000][T27088] RDX: 0000000024040804 RSI: 0000200000003a80 RDI: 0000000000000003 [ 1962.464015][T27088] RBP: 00007f5d39c2b090 R08: 0000000000000000 R09: 0000000000000000 [ 1962.464030][T27088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1962.464044][T27088] R13: 00007f5d39016038 R14: 00007f5d39015fa0 R15: 00007ffffd401e88 [ 1962.464074][T27088] [ 1964.629311][T27119] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 2, inode_bitmap = 139 [ 1965.156503][T26940] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1965.170119][T26940] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1965.178737][T26940] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1965.192042][T26940] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1965.203136][T26940] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1965.256288][T27126] phram: not enough arguments [ 1965.947732][T27123] chnl_net:caif_netlink_parms(): no params data found [ 1966.361843][T27123] bridge0: port 1(bridge_slave_0) entered blocking state [ 1966.403651][T27123] bridge0: port 1(bridge_slave_0) entered disabled state [ 1966.432785][T27123] bridge_slave_0: entered allmulticast mode [ 1966.473785][T27123] bridge_slave_0: entered promiscuous mode [ 1966.514675][T27123] bridge0: port 2(bridge_slave_1) entered blocking state [ 1966.540841][T27123] bridge0: port 2(bridge_slave_1) entered disabled state [ 1966.583261][T27123] bridge_slave_1: entered allmulticast mode [ 1966.605180][T27112] FAULT_INJECTION: forcing a failure. [ 1966.605180][T27112] name failslab, interval 1, probability 0, space 0, times 0 [ 1966.624042][T27123] bridge_slave_1: entered promiscuous mode [ 1966.779148][T27123] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1966.869399][T27112] CPU: 0 UID: 0 PID: 27112 Comm: syz.3.4586 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1966.869453][T27112] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1966.869468][T27112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1966.869483][T27112] Call Trace: [ 1966.869492][T27112] [ 1966.869502][T27112] dump_stack_lvl+0x100/0x190 [ 1966.869543][T27112] should_fail_ex.cold+0x5/0xa [ 1966.869571][T27112] ? __pfx_serial8250_interrupt+0x10/0x10 [ 1966.869608][T27112] should_failslab+0xc2/0x120 [ 1966.869647][T27112] ? __pfx_serial8250_interrupt+0x10/0x10 [ 1966.869683][T27112] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1966.869713][T27112] ? request_threaded_irq+0x15a/0x3e0 [ 1966.869747][T27112] ? do_raw_spin_lock+0x128/0x260 [ 1966.869786][T27112] ? __pfx_serial8250_interrupt+0x10/0x10 [ 1966.869822][T27112] request_threaded_irq+0x15a/0x3e0 [ 1966.869857][T27112] univ8250_setup_irq+0x5ba/0x750 [ 1966.869893][T27112] ? io_serial_out+0x65/0xb0 [ 1966.869915][T27112] ? io_serial_in+0x60/0xb0 [ 1966.869940][T27112] serial8250_do_startup+0xac8/0x3260 [ 1966.869980][T27112] ? mark_held_locks+0x40/0x70 [ 1966.870012][T27112] serial8250_startup+0x62/0x80 [ 1966.870053][T27112] uart_startup+0x50f/0x1330 [ 1966.870090][T27112] uart_ioctl+0x14dc/0x2ef0 [ 1966.870125][T27112] ? __pfx_uart_ioctl+0x10/0x10 [ 1966.870155][T27112] ? tomoyo_path_number_perm+0x188/0x580 [ 1966.870195][T27112] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1966.870231][T27112] ? futex_wake+0x1ad/0x530 [ 1966.870269][T27112] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1966.870312][T27112] ? tty_jobctrl_ioctl+0x152/0xce0 [ 1966.870349][T27112] ? __pfx_uart_ioctl+0x10/0x10 [ 1966.870380][T27112] tty_ioctl+0x26a/0x1690 [ 1966.870410][T27112] ? __pfx_tty_ioctl+0x10/0x10 [ 1966.870447][T27112] ? find_held_lock+0x2b/0x80 [ 1966.870486][T27112] ? __fget_files+0x215/0x3d0 [ 1966.870521][T27112] ? hook_file_ioctl_common+0x146/0x410 [ 1966.870565][T27112] ? __fget_files+0x21f/0x3d0 [ 1966.870607][T27112] ? __pfx_tty_ioctl+0x10/0x10 [ 1966.870636][T27112] __x64_sys_ioctl+0x18e/0x210 [ 1966.870671][T27112] do_syscall_64+0x106/0xf80 [ 1966.870698][T27112] ? clear_bhb_loop+0x40/0x90 [ 1966.870729][T27112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1966.870755][T27112] RIP: 0033:0x7fb32699c629 [ 1966.870777][T27112] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1966.870801][T27112] RSP: 002b:00007fb32781c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1966.870824][T27112] RAX: ffffffffffffffda RBX: 00007fb326c16090 RCX: 00007fb32699c629 [ 1966.870841][T27112] RDX: 0000000000000000 RSI: 0000000000005453 RDI: 0000000000000009 [ 1966.870856][T27112] RBP: 00007fb326a32b39 R08: 0000000000000000 R09: 0000000000000000 [ 1966.870871][T27112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1966.870886][T27112] R13: 00007fb326c16128 R14: 00007fb326c16090 R15: 00007ffdbef15318 [ 1966.870918][T27112] [ 1967.594157][T26720] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1967.601186][T26720] Bluetooth: hci6: command tx timeout [ 1968.574404][T27123] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1968.771433][T27123] team0: Port device team_slave_0 added [ 1968.800497][T27123] team0: Port device team_slave_1 added [ 1968.982609][T27123] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1968.995505][T27123] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1969.085419][T27123] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1969.149041][T27123] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1969.174222][T27123] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1969.283179][T27123] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1969.488174][T27123] hsr_slave_0: entered promiscuous mode [ 1969.529397][T27123] hsr_slave_1: entered promiscuous mode [ 1969.545848][T27123] debugfs: 'hsr0' already exists in 'hsr' [ 1969.551631][T27123] Cannot create hsr debugfs directory [ 1969.677363][T26940] Bluetooth: hci6: command tx timeout [ 1970.156741][T27164] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1970.182564][T27164] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1970.213014][T27164] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1970.246633][T27164] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1970.327225][T27164] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1970.338684][T27164] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 1970.368221][T27164] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 1970.413940][T27164] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 1970.959164][T27123] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1971.004335][T27123] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1971.038739][T27123] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1971.075075][T27123] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1971.305190][T27123] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1971.355523][T27123] 8021q: adding VLAN 0 to HW filter on device team0 [ 1971.384955][T26780] bridge0: port 1(bridge_slave_0) entered blocking state [ 1971.392160][T26780] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1971.426478][T26940] Bluetooth: hci0: command 0x0c1a tx timeout [ 1971.443453][T26780] bridge0: port 2(bridge_slave_1) entered blocking state [ 1971.450707][T26780] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1971.927133][T27123] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1972.227312][T26940] Bluetooth: hci1: command 0x0c1a tx timeout [ 1972.233499][T26720] Bluetooth: hci4: command 0x0419 tx timeout [ 1972.387909][T26940] Bluetooth: hci6: command 0x0419 tx timeout [ 1972.394018][T26720] Bluetooth: hci3: command 0x0c1a tx timeout [ 1972.537807][T27123] veth0_vlan: entered promiscuous mode [ 1972.566465][T27123] veth1_vlan: entered promiscuous mode [ 1972.640715][T27123] veth0_macvtap: entered promiscuous mode [ 1972.664608][T27123] veth1_macvtap: entered promiscuous mode [ 1972.720091][T27123] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1972.758144][T27123] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1972.798393][T26702] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1972.824476][T26702] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1972.861600][T26702] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1972.914430][T26702] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1973.030561][T26717] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1973.058600][T26717] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1973.128571][T26709] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1973.136459][T26709] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1974.307966][T26940] Bluetooth: hci1: command 0x0c1a tx timeout [ 1974.467750][T26940] Bluetooth: hci6: command 0x0419 tx timeout [ 1976.549570][T26940] Bluetooth: hci6: command 0x0419 tx timeout [ 1977.304916][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1977.311338][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1978.629632][T26940] Bluetooth: hci6: command 0x0419 tx timeout [ 2038.744690][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 2038.751460][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 2094.447550][ T31] INFO: task kworker/u8:4:58 blocked for more than 143 seconds. [ 2094.455432][ T31] Tainted: G U W L XTNJ syzkaller #0 [ 2094.463323][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2094.472437][ T31] task:kworker/u8:4 state:D stack:23128 pid:58 tgid:58 ppid:2 task_flags:0x4208160 flags:0x00080000 [ 2094.489167][ T31] Workqueue: netns cleanup_net [ 2094.494070][ T31] Call Trace: [ 2094.498010][ T31] [ 2094.501738][ T31] __schedule+0xfee/0x60e0 [ 2094.506238][ T31] ? __lock_acquire+0x4a5/0x2630 [ 2094.511811][ T31] ? __pfx___schedule+0x10/0x10 [ 2094.519907][ T31] ? find_held_lock+0x2b/0x80 [ 2094.524718][ T31] ? schedule+0x2bf/0x390 [ 2094.538605][ T31] schedule+0xdd/0x390 [ 2094.542824][ T31] schedule_timeout+0x1b2/0x280 [ 2094.548193][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 2094.553694][ T31] ? mark_held_locks+0x40/0x70 [ 2094.559181][ T31] __wait_for_common+0x2e7/0x4c0 [ 2094.564261][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 2094.570862][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 2094.576431][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 2094.582114][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 2094.591420][ T31] __flush_workqueue+0x3f7/0x1200 [ 2094.596558][ T31] ? __lock_acquire+0x4a5/0x2630 [ 2094.603044][ T31] ? __lock_acquire+0x4a5/0x2630 [ 2094.609956][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 2094.615550][ T31] ? reacquire_held_locks+0xce/0x1e0 [ 2094.624374][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 2094.630205][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 2094.635767][ T31] rds_tcp_listen_stop+0x104/0x160 [ 2094.641333][ T31] rds_tcp_exit_net+0xe0/0x870 [ 2094.646205][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 2094.652155][ T31] ? __pfx___might_resched+0x10/0x10 [ 2094.657804][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 2094.663271][ T31] ops_undo_list+0x2ee/0xab0 [ 2094.668283][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 2094.673495][ T31] ? cleanup_net+0x332/0x920 [ 2094.679504][ T31] ? idr_destroy+0x62/0x2e0 [ 2094.684128][ T31] cleanup_net+0x499/0x920 [ 2094.691830][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 2094.696963][ T31] ? rcu_is_watching+0x12/0xc0 [ 2094.704489][ T31] process_one_work+0x9d7/0x1920 [ 2094.711018][ T31] ? __pfx_process_one_work+0x10/0x10 [ 2094.716548][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 2094.725584][ T31] worker_thread+0x5da/0xe40 [ 2094.730885][ T31] ? kthread+0x13a/0x450 [ 2094.735269][ T31] ? __pfx_worker_thread+0x10/0x10 [ 2094.741021][ T31] kthread+0x370/0x450 [ 2094.745189][ T31] ? __pfx_kthread+0x10/0x10 [ 2094.750207][ T31] ret_from_fork+0x754/0xd80 [ 2094.754905][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 2094.760603][ T31] ? __switch_to+0x7b4/0x1120 [ 2094.765375][ T31] ? __pfx_kthread+0x10/0x10 [ 2094.772362][ T31] ret_from_fork_asm+0x1a/0x30 [ 2094.777231][ T31] [ 2094.780777][ T31] INFO: task syz.1.4546:26918 blocked for more than 143 seconds. [ 2094.790240][ T31] Tainted: G U W L XTNJ syzkaller #0 [ 2094.796852][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2094.806108][ T31] task:syz.1.4546 state:D stack:26416 pid:26918 tgid:26917 ppid:16511 task_flags:0x400140 flags:0x00080002 [ 2094.821708][ T31] Call Trace: [ 2094.828317][ T31] [ 2094.831368][ T31] __schedule+0xfee/0x60e0 [ 2094.835861][ T31] ? __lock_acquire+0x4a5/0x2630 [ 2094.841307][ T31] ? __pfx___schedule+0x10/0x10 [ 2094.846240][ T31] ? find_held_lock+0x2b/0x80 [ 2094.852618][ T31] ? schedule+0x2bf/0x390 [ 2094.857038][ T31] schedule+0xdd/0x390 [ 2094.861760][ T31] schedule_timeout+0x1b2/0x280 [ 2094.866736][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 2094.872814][ T31] ? mark_held_locks+0x40/0x70 [ 2094.877907][ T31] __wait_for_common+0x2e7/0x4c0 [ 2094.882962][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 2094.888812][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 2094.894357][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 2094.901678][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 2094.908375][ T31] __flush_workqueue+0x3f7/0x1200 [ 2094.913514][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 2094.919587][ T31] ? reacquire_held_locks+0xce/0x1e0 [ 2094.925101][ T31] ? release_sock+0x21/0x220 [ 2094.936456][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 2094.942376][ T31] ? __local_bh_enable_ip+0x9e/0x120 [ 2094.948154][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 2094.953737][ T31] rds_tcp_listen_stop+0x104/0x160 [ 2094.959366][ T31] rds_tcp_exit_net+0xe0/0x870 [ 2094.964258][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 2094.970134][ T31] ? __pfx___might_resched+0x10/0x10 [ 2094.975554][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 2094.981726][ T31] ops_undo_list+0x2ee/0xab0 [ 2094.986416][ T31] ? kfree+0x1a0/0x6b0 [ 2094.990890][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 2094.996152][ T31] ? ops_init+0x2fa/0x5f0 [ 2095.000993][ T31] setup_net+0x1fa/0x3a0 [ 2095.005348][ T31] ? __pfx_setup_net+0x10/0x10 [ 2095.012120][ T31] ? lockdep_init_map_type+0x5c/0x250 [ 2095.017621][ T31] ? mutex_init_lockep+0x110/0x150 [ 2095.023172][ T31] copy_net_ns+0x46f/0x7c0 [ 2095.027961][ T31] create_new_namespaces+0x3ea/0xac0 [ 2095.036194][ T31] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 2095.046457][ T31] ksys_unshare+0x455/0xab0 [ 2095.051641][ T31] ? __pfx_ksys_unshare+0x10/0x10 [ 2095.056805][ T31] __x64_sys_unshare+0x31/0x40 [ 2095.061966][ T31] do_syscall_64+0x106/0xf80 [ 2095.066659][ T31] ? clear_bhb_loop+0x40/0x90 [ 2095.071740][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2095.077937][ T31] RIP: 0033:0x7efed199c629 [ 2095.082443][ T31] RSP: 002b:00007efed28b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2095.095152][ T31] RAX: ffffffffffffffda RBX: 00007efed1c15fa0 RCX: 00007efed199c629 [ 2095.103674][ T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2095.112020][ T31] RBP: 00007efed1a32b39 R08: 0000000000000000 R09: 0000000000000000 [ 2095.121223][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2095.129525][ T31] R13: 00007efed1c16038 R14: 00007efed1c15fa0 R15: 00007ffccd8e7dd8 [ 2095.140745][ T31] [ 2095.143997][ T31] [ 2095.143997][ T31] Showing all locks held in the system: [ 2095.157519][ T31] 1 lock held by khungtaskd/31: [ 2095.163303][ T31] #0: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 2095.173749][ T31] 3 locks held by kworker/u8:4/58: [ 2095.179131][ T31] #0: ffff88801c6ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 [ 2095.189980][ T31] #1: ffffc900015f7d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 [ 2095.200371][ T31] #2: ffffffff905f9650 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920 [ 2095.210037][ T31] 2 locks held by getty/12471: [ 2095.214913][ T31] #0: ffff888038c5a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 2095.225360][ T31] #1: ffffc900063472f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 [ 2095.239732][ T31] 1 lock held by syz.1.4546/26918: [ 2095.244977][ T31] #0: ffffffff905f9650 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 [ 2095.255529][ T31] [ 2095.261046][ T31] ============================================= [ 2095.261046][ T31] [ 2095.270259][ T31] NMI backtrace for cpu 0 [ 2095.270280][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 2095.270326][ T31] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 2095.270339][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 2095.270353][ T31] Call Trace: [ 2095.270361][ T31] [ 2095.270370][ T31] dump_stack_lvl+0x100/0x190 [ 2095.270409][ T31] nmi_cpu_backtrace.cold+0x12d/0x151 [ 2095.270448][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 2095.270482][ T31] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 2095.270521][ T31] sys_info+0x141/0x190 [ 2095.270551][ T31] watchdog+0xd25/0x1050 [ 2095.270580][ T31] ? __pfx_watchdog+0x10/0x10 [ 2095.270603][ T31] ? __kthread_parkme+0x18c/0x230 [ 2095.270632][ T31] ? kthread+0x13a/0x450 [ 2095.270660][ T31] ? __pfx_watchdog+0x10/0x10 [ 2095.270679][ T31] kthread+0x370/0x450 [ 2095.270708][ T31] ? __pfx_kthread+0x10/0x10 [ 2095.270740][ T31] ret_from_fork+0x754/0xd80 [ 2095.270775][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 2095.270812][ T31] ? __switch_to+0x7b4/0x1120 [ 2095.270841][ T31] ? __pfx_kthread+0x10/0x10 [ 2095.270873][ T31] ret_from_fork_asm+0x1a/0x30 [ 2095.270911][ T31] [ 2095.407637][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 2095.414520][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 2095.425223][ T31] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 2095.435282][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 2095.445356][ T31] Call Trace: [ 2095.448640][ T31] [ 2095.451590][ T31] dump_stack_lvl+0x100/0x190 [ 2095.456306][ T31] vpanic+0x552/0x970 [ 2095.460302][ T31] ? __pfx_vpanic+0x10/0x10 [ 2095.464828][ T31] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 2095.471018][ T31] panic+0xd1/0xe0 [ 2095.474771][ T31] ? __pfx_panic+0x10/0x10 [ 2095.479205][ T31] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 2095.485377][ T31] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 2095.491661][ T31] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 2095.497837][ T31] ? watchdog.cold+0x198/0x1ca [ 2095.502631][ T31] ? watchdog+0xd35/0x1050 [ 2095.507077][ T31] watchdog.cold+0x1a9/0x1ca [ 2095.511690][ T31] ? __pfx_watchdog+0x10/0x10 [ 2095.516393][ T31] ? __kthread_parkme+0x18c/0x230 [ 2095.521520][ T31] ? kthread+0x13a/0x450 [ 2095.525802][ T31] ? __pfx_watchdog+0x10/0x10 [ 2095.530493][ T31] kthread+0x370/0x450 [ 2095.534580][ T31] ? __pfx_kthread+0x10/0x10 [ 2095.539191][ T31] ret_from_fork+0x754/0xd80 [ 2095.543806][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 2095.549221][ T31] ? __switch_to+0x7b4/0x1120 [ 2095.553911][ T31] ? __pfx_kthread+0x10/0x10 [ 2095.558524][ T31] ret_from_fork_asm+0x1a/0x30 [ 2095.563320][ T31] [ 2095.566411][ T31] Kernel Offset: disabled [ 2095.570745][ T31] Rebooting in 86400 seconds..