last executing test programs: 8.642529062s ago: executing program 2 (id=1967): close_range$auto(0x2, 0x8, 0x0) gettid() mq_open$auto(0x0, 0x7e, 0xc8b9, 0x0) rseq$auto(0x0, 0x8005, 0x0, 0x8000006) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty36\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000400)='/dev/binderfs/binder0\x00', 0x40, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x208400, 0x0) ioctl$auto_BINDER_GET_EXTENDED_ERROR(r0, 0xc00c6211, 0x0) ioctl$auto_BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)="fc1c4959ff21a2458364a2b1590d19513f344e1b39f1cffdd8") r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f00000002c0)={{@raw=0x7, 0x8, 0x4, 0xa2, "c6e47a44a36664a5e709f0e4c97056bc9fa32c617bb88dc98fa7591aefc4647f5af349f8e1e79c823b22958f"}, 0x1, @enumerated=@item=[0x0, 0x3, 0x1, 0xb, 0x6, 0x6, 0x10, 0x6, 0x10000, 0xefe, 0xfffffff9, 0x5, 0x8001, 0x62f, 0x101, 0x4, 0x200, 0xfffffff0, 0x1000, 0x7, 0x4003, 0x3, 0x0, 0x6, 0xb94, 0x0, 0x1, 0x81, 0x3, 0xe8, 0x404, 0x0, 0x9, 0x46f, 0x8, 0x1, 0x6, 0x4, 0x6, 0x8, 0x80, 0x9, 0x65b, 0x9, 0x7, 0x81, 0x1cec, 0x9, 0x34b5, 0xfff, 0x5, 0x4, 0x2, 0x1000, 0x9, 0x0, 0x400, 0xd, 0x0, 0x0, 0x207d, 0xa7a, 0x5, 0x5, 0x4, 0x80, 0x6ed, 0x0, 0x1, 0x1, 0x6, 0x4, 0x8, 0x1, 0x4003ff, 0x5, 0x8, 0x6, 0x0, 0xa, 0x2, 0x1000005, 0x400, 0x6, 0x4, 0x9, 0x29, 0x8, 0x2, 0x9, 0x78d, 0x7f, 0x0, 0x8001, 0x20000, 0x40, 0x0, 0x4, 0x5, 0xfffff43e, 0x0, 0x4f000, 0xfe, 0x5, 0x7, 0xd49e923b, 0x4, 0x80000000, 0x77, 0xf2, 0x0, 0x8, 0x7f77, 0x9, 0x5b, 0x8, 0x10001, 0x8, 0xfffffffc, 0xc2, 0x0, 0x5, 0x1000, 0x1, 0x7, 0x400, 0x8, 0x3], "4570dcfd140074f863fc1385c4fd7abe6fce96c0b442897f58fd7d975d164deff4eef5b9f9173fa400163669eae95125d4bd68ca54ca1b0aefb60ffa8d501b1329af8d4108ac145aa564c6e7a09ea1b2dfae0f309c6ea508833d7d134b13d8cb3ef95bf5ed43801c280c02a5a853512e6f730d43226f00af1c5ac268ecc1d18f"}) socket(0x2, 0x1, 0x106) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC2\x00', 0x361101, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r2, 0x5452, &(0x7f0000000080)={0x80, 0xbed0}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = io_uring_setup$auto(0x401, 0x0) ioctl$auto_MEMLOCK(r3, 0x40084d05, &(0x7f00000000c0)={0xfffffffe, 0x7fffffff}) timer_gettime$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xcff, 0xfffffffffffffffa, 0x8000) write$auto(0xffffffffffffffff, &(0x7f00000003c0)='7\x00\\\xa0\x04\x9c\"\xa9Nd_\xff\xa0k\xd8\xc9\xba\x00\xb5\x89\x8cg\xa84\xd8D)\xfdcR8\xdb\x98\xc5\xd7\x94\x94\xda\xc0r\x8f)\xbb_\xa2\fz\xe1\xffm\xf9t\x012A\xc8%H\x88\xaej\xda\xae\x1dO\xd7\x88?\x19\xf3\x068\xb4e\xb5\x93\x9a\xb9|Kh\xc2d\xb2\x9f\xb0\xf7\b\xba\x17\"-\x90\xda\xac\xe5\x1fb~8\xf2q\x0e\x98A[\xbb5\xb8\xeb\n!\x80r*}\x9cS5\xff0\xe9\xafx\xe9\x17\xbd\xf9m\xfa\xac`\x1d\xa3\xeb\xb1[\x971\xd92\xce=V\xe8\xb3}\xc2\x17k{\x182}\xe1\xa5\x05!\aws(\x19\xfe\x82?\x14L\x7f\xc0By\xa7\xca\xcbB\xd7?\x97', 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r4, 0x0, 0x7) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x9}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r6 = socket(0x2, 0x1, 0x0) getsockopt$auto(r6, 0x6, 0x1f, 0x0, &(0x7f0000000100)=0x1) 7.608753356s ago: executing program 2 (id=1973): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x3) mmap$auto(0x0, 0x8, 0xfff, 0xeb2, 0x401, 0x8000) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)='ns/cgroup\x00') setns(r1, 0x20000000) socket(0xa, 0x5, 0x0) open(0x0, 0xac501, 0x15e) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x401, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x10, 0x0, 0x9) io_uring_setup$auto(0x1, 0x0) connect$auto(0x3, 0x0, 0x55) ioctl$auto(0x3, 0x89e0, 0x38) mmap$auto(0x0, 0x2000d, 0x3, 0xeb1, 0x404, 0x10008000) sysfs$auto(0x2, 0x1f, 0x0) fsopen$auto(0x0, 0x1) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x50b880, 0x0) r2 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r2, 0x0, 0x17) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000009c0), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_SERVICE(r3, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000005400)={0x1c, r4, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x1}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x4000000) 6.817790093s ago: executing program 2 (id=1977): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x4000000000009b72, 0x2, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_available_congestion_control\x00', 0x0, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000002040)='/dev/snd/pcmC1D1c\x00', 0x80, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/quirks\x00', 0xe3102, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty53\x00', 0x800, 0x0) ioctl$auto(r0, 0x0, r2) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x201, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x2, 0x3, 0x62, 0x80000001, 0x50a7, 0x6d3f, 0x109, 0xa, 0x1]}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) 6.018980076s ago: executing program 1 (id=1979): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) mmap$auto(0x0, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0xe779, 0x400000000007, 0xdf, 0x13, 0xffffffffffffffff, 0x0) socket(0x2b, 0x1, 0x0) socket(0xa, 0x1, 0x84) socket(0x28, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) clock_nanosleep$auto(0x8, 0x0, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x82202, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) close_range$auto(0x2, 0xa, 0x0) timer_create$auto(0x2, &(0x7f00000002c0)={@sival_ptr=&(0x7f0000000080)="90000c040f013e97d3592a5ab8ef55ce8151a205931c93ebdbda54a4cc294735bae24be4ad3e2997080870c32f60c5f1f11ad40845f630253d0e3cf62351511cf607d31d7dea3033d86afcbaba8811155a620dc6c426fe1b70751b357dc964b31a9c6a80d98764e4de51376a57ac5669e86419d3d045362318735cdff87f34933024862306f38f1c94cb46da72b5db8e5ffa3fc1182a324ebe750bc06924e0344c65d04ac08cbf8d82f47053c7e28b9f7537faf240121b7fa130f0558915d5008098df351937d2f0e1", @inferred, 0x4, @_sigev_thread={&(0x7f0000000240)=&(0x7f00000001c0)=0xc, &(0x7f0000000280)}}, &(0x7f0000000300)=0x10001) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) 5.389786391s ago: executing program 3 (id=1982): mmap$auto(0x0, 0x9d90, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, 0x0, 0x101000, 0x0) ioctl$auto_IOCTL_VM_SOCKETS_GET_LOCAL_CID(r0, 0x7b9, 0x0) 5.282614746s ago: executing program 3 (id=1983): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/loop6/integrity/read_verify\x00', 0x2262, 0x0) write$auto(r0, &(0x7f0000000140)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00y\x113!\x05\xa7\xd6M\xce\xd6\'\xdf@\x9f\xf5 \x8b_hw\x8em\xd0\b\xe7~1\xf5\xf8\x93*jH\x85H\x05\xae\xdf\xf0\x15A\xdb$\'\x87', 0x81) (fail_nth: 1) 4.565267358s ago: executing program 3 (id=1984): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) mmap$auto(0x0, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0xe779, 0x400000000007, 0xdf, 0x13, 0xffffffffffffffff, 0x0) socket(0x2b, 0x1, 0x0) socket(0xa, 0x1, 0x84) socket(0x28, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) clock_nanosleep$auto(0x8, 0x0, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x82202, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socket(0x2, 0x3, 0xa) close_range$auto(0x2, 0xa, 0x0) timer_create$auto(0x2, &(0x7f00000002c0)={@sival_ptr=&(0x7f0000000080)="90000c040f013e97d3592a5ab8ef55ce8151a205931c93ebdbda54a4cc294735bae24be4ad3e2997080870c32f60c5f1f11ad40845f630253d0e3cf62351511cf607d31d7dea3033d86afcbaba8811155a620dc6c426fe1b70751b357dc964b31a9c6a80d98764e4de51376a57ac5669e86419d3d045362318735cdff87f34933024862306f38f1c94cb46da72b5db8e5ffa3fc1182a324ebe750bc06924e0344c65d04ac08cbf8d82f47053c7e28b9f7537faf240121b7fa130f0558915d5008098df351937d2f0e1", @inferred, 0x4, @_sigev_thread={&(0x7f0000000240)=&(0x7f00000001c0)=0xc, &(0x7f0000000280)}}, &(0x7f0000000300)=0x10001) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) 4.53491526s ago: executing program 1 (id=1985): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) mmap$auto(0x0, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0xe779, 0x400000000007, 0xdf, 0x13, 0xffffffffffffffff, 0x0) socket(0x2b, 0x1, 0x0) socket(0xa, 0x1, 0x84) socket(0x28, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) clock_nanosleep$auto(0x8, 0x0, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x82202, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socket(0x2, 0x3, 0xa) close_range$auto(0x2, 0xa, 0x0) timer_create$auto(0x2, &(0x7f00000002c0)={@sival_ptr=&(0x7f0000000080)="90000c040f013e97d3592a5ab8ef55ce8151a205931c93ebdbda54a4cc294735bae24be4ad3e2997080870c32f60c5f1f11ad40845f630253d0e3cf62351511cf607d31d7dea3033d86afcbaba8811155a620dc6c426fe1b70751b357dc964b31a9c6a80d98764e4de51376a57ac5669e86419d3d045362318735cdff87f34933024862306f38f1c94cb46da72b5db8e5ffa3fc1182a324ebe750bc06924e0344c65d04ac08cbf8d82f47053c7e28b9f7537faf240121b7fa130f0558915d5008098df351937d2f0e1", @inferred, 0x4, @_sigev_thread={&(0x7f0000000240)=&(0x7f00000001c0)=0xc, &(0x7f0000000280)}}, &(0x7f0000000300)=0x10001) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) 4.418985391s ago: executing program 0 (id=1986): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/usb/drivers/dvb_usb_ttusb2/bind\x00', 0x4a2201115f0b9a1c, 0x0) socket(0xa, 0x1, 0x84) setsockopt$auto(0xffffffffffffffff, 0x23, 0x3, 0x0, 0x6) write$auto(r0, &(0x7f0000000140)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00y\x113!\x05\xa7\xd6M\xce\xd6\'\xdf@\x9f\xf5 \x8b_hw\x8em\xd0\b\xe7~1\xf5\xf8\x93*jH\x85H\x05\xae\xdf\xf0\x15A\xdb$\'\x87', 0x81) 4.165447444s ago: executing program 0 (id=1987): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x745100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r1, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto_vhci_fops_hci_vhci(r2, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0xffffffffffffffff, 0x8, 0x7fff, 0xc, 0x2, 0x2]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) close$auto(0xffffffffffffffff) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r3, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket(0xa, 0x1, 0x100) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r4, &(0x7f0000000040)=""/4096, 0xfffffe82) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', 0x0, 0x1000005, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) 3.563157152s ago: executing program 2 (id=1988): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x9, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptys5\x00', 0x2000, 0x0) (async) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptys5\x00', 0x2000, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto(0x3, 0x50434903, 0x1) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'ip_vti0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x401, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) (async) r5 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000000c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0x91) (async) bpf$auto(0x2, &(0x7f00000000c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0x91) close_range$auto(0x2, r0, 0x0) (async) close_range$auto(0x2, r0, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) (async) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) (async) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r6) (async) ioctl$auto(0x3, 0xae41, r6) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000100)={0x3, 0x0, [{0x600, 0x10, 0x1}]}) 3.304216865s ago: executing program 1 (id=1989): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, 0x0) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) 3.240990317s ago: executing program 3 (id=1990): close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) bind$auto(0x3, 0x0, 0x6a) listen$auto(0x3, 0x81) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000880)='/dev/input/event0\x00', 0x40100, 0x0) ioctl$auto_EVIOCGMASK(r0, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9}) io_uring_setup$auto(0x6, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/input/event0\x00', 0x0, 0x700) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) writev$auto(0xffffffffffffffff, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) 3.161321593s ago: executing program 1 (id=1991): mmap$auto(0x0, 0x9d90, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, 0x0, 0x101000, 0x0) ioctl$auto_IOCTL_VM_SOCKETS_GET_LOCAL_CID(r0, 0x7b9, 0x0) 3.061339434s ago: executing program 0 (id=1992): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x100, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r0) ioctl$auto_KVM_GET_MSRS(r2, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) 2.958561513s ago: executing program 1 (id=1993): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x4c094) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x4000000000009b72, 0x2, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_available_congestion_control\x00', 0x0, 0x0) bpf$auto(0x0, 0x0, 0x4f4) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000002040)='/dev/snd/pcmC1D1c\x00', 0x80, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/quirks\x00', 0xe3102, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty53\x00', 0x800, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x201, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x2, 0x3, 0x62, 0x80000001, 0x50a7, 0x6d3f, 0x109, 0xa, 0x1]}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) 2.567640377s ago: executing program 0 (id=1994): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) socket(0x2, 0x5, 0x0) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x400008, 0xdf, 0x11, 0x2, 0x8000) pwrite64$auto(0xc8, &(0x7f00000004c0)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\xf8\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00@\x00\'\x03\x00*\x01\x00\x00\x00^B\xb8\xe4j\t3\xe4\x90\xcc\x0fo\x84\xf4\x89\v\xea\x1b\xf0\xe7\xdc\x9f\xad\xe3X\xae\xef\xa17\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xac\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\xfc\xda#2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/i\r\x05f_\xfa\x19\a\xfb\xba\xc9.$\'\x1e\x82\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xa6t\xee\xd7\vp\x8e\xa4\x8eu_t\xbe,\xba\xa7-7`\xc9\x00\x00\xff\xff\x00\x00\xad\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x96p\x9e\xd5\x12\xec\xc7\xe5\xae\xd5\xeb\x00\xfe\xa3\xafL=\x8c\xa4\x95\xa8\x00$\xccz\xeb\x86\nk\x14\f\xe4\xf6\xb8\xd2O\x04\xa56\x13\x90\xe3\x9bn\x8d\xb2-\x9by:H\xc2\xd5\xd7E\xba\x01\xc1\x1a=\xbc\xb0ra\xc1Ya\xf6\xab\xacR\xb8\xdc\xb2w\xe6\xba\xb26Y\xb5\x8eM\xc9y4\xfes\xc8\x84Q{\x16\x88\x9d\x0f5,\xad\x00\x0e\xe9VSU\xe8\xb0\xa0\x19\xe1\xca\x93\xf8\xaa\xc6\x00\x00\x00\xb1\xee\xe4\x00\x9a\xf4mM\x1e\xae\x1e%\xeb\xe1\x00'/414, 0x10, 0x4000000000000001) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r1 = open(0x0, 0x2e1c2, 0x8c) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x2, 0x1) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0x4048aec9, r2) madvise$auto(0x0, 0x8000000000000000, 0x15) userfaultfd$auto(0x1) statx$auto(r1, 0x0, 0xb6, 0x47, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'team0\x00'}) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x2}, 0xc) 2.426812565s ago: executing program 3 (id=1995): mmap$auto(0x0, 0x101, 0x9, 0x90, 0xffffffffffffffff, 0x8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) prctl$auto_PR_SET_MM_ENV_START(0x3, 0xa, r0, 0x8b3, 0x3) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001f00), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01002abd7000fcdbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x40000) 1.980586104s ago: executing program 2 (id=1996): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x34, 0x400000000065f, 0x1ffde, 0x2d4a8168, 0x40000000007f, 0x20000005, 0x9, 0x3, 0x6, 0x400000004, 0x9, 0x4, 0x1, 0x22, 0x1, 0xfff, 0xfffffff7, 0x7, 0x1fff, 0x203, 0x838b, 0x84, 0x2, 0x0, 0x5, 0x0, 0x0, [0x0, 0x0, 0x0, 0x40000000000, 0x1, 0xffffffffffffffff, 0xffffffff, 0x0, 0x400, 0x0, 0x0, 0x401, 0x0, 0x0, 0x7, 0x0, 0x81, 0x2, 0xfffffffffffffffd, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x251, 0x3, 0x0, 0x0, 0x8, 0x3, 0xfffffffffffff7cc, 0x4, 0x400000000000002, 0x0, 0x0, 0x0, 0x0, 0x9, 0x8, 0xfe]}, 0x1fe, 0x8) personality$auto(0xfffff032) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00\x00\n\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00", "0000ef001000ebffffff00"]}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x8) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/input/event0\x00', 0x3496c2, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0x9000aea4, &(0x7f0000000040)={0x7}) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x8e40, 0x0) socket(0x1d, 0x80008, 0x7fff) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) waitid$auto(0x9, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000001c0)={{0x4, 0x4000000000002}, {0x3}, 0xffffffffffffff74, 0x3ff, 0x4, 0x3, 0x4, 0x3, 0x7c3, 0x6, 0x1, 0x3, 0x9, 0x2, 0x9, 0x200}) r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000580), 0x2802, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffff7effffd08, &(0x7f00000001c0)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/platform/vhci_hcd.12/usb34/bNumConfigurations\x00', 0xc2480, 0x0) writev$auto(r5, &(0x7f0000000080)={0x0, 0x1000}, 0x3) socket(0x18, 0x5, 0x1) mmap$auto(0x20000000000000, 0x7ffffffd, 0x4000000000dc, 0x80000eb1, r0, 0x6) 1.598910857s ago: executing program 0 (id=1997): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x40000008000) io_uring_setup$auto(0x7, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = open(0x0, 0x62240, 0x20) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x20904, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) set_mempolicy$auto(0x9, &(0x7f00000000c0)=0x8, 0x11) socket(0x2, 0xa, 0xe57a) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) ioctl$auto_TIOCGPTPEER2(0xffffffffffffffff, 0x5441, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, 0x0) ioctl$auto_UI_DEV_SETUP(r4, 0x405c5503, 0x0) ioctl$auto_UI_DEV_CREATE(r4, 0x5501, 0x0) 1.216882161s ago: executing program 3 (id=1998): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x1, 0x0) setsockopt$auto(r0, 0x6, 0xe, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/veth0_virt_wifi/base_reachable_time\x00', 0x9) pidfd_open$auto(0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x51c, 0x8000) socket(0xa, 0x2, 0x73) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x7, 0x12, 0xffffffffffffffff, 0xf4e) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000840)="5142651f911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb12dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee7fa7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d55745eff6aa689e859dcaeff39bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205278c5e60507f5bf17a3c822a6e70e087df68022c1315cf499750e86ea1e060e63ebf63973eebe34ba6e687eda5ef020b61896a187842d219b2b9787be7910fc5180b277f2b00d760629816aa6a7240d7b1984158107eab929d79d6264611d404f2331eda49fe426edc34793dd3252aa54eb44544774d060269913cfcb105f55836eb6702c6034a3fe98bc9678850e54903d3", 0xdd4) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0x7fffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1000000000000001, 0x0, 0x1, 0x0) unshare$auto(0x1) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x80000000001002, 0x12000000000000, 0x4000000000df, 0xeb4, 0x6, 0x8000008003) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r4 = socket(0x31, 0x6, 0x7fff) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00V\x00\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r1, &(0x7f0000000080)={&(0x7f0000000040)="32e3eec48051c4cc1bd9d90076d5507aee20a1ffccd1c9977b45b2ce215a1ae8", 0xfff}, 0x3) r6 = socket(0x18, 0x5, 0x1) connect$auto(r6, 0x0, 0x3a) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000240), r4) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r3, 0x0, 0x4000805) close_range$auto(0x2, 0x8, 0x0) 1.035233048s ago: executing program 1 (id=1999): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) mmap$auto(0x0, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0xe779, 0x400000000007, 0xdf, 0x13, 0xffffffffffffffff, 0x0) socket(0x2b, 0x1, 0x0) socket(0xa, 0x1, 0x84) socket(0x28, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) clock_nanosleep$auto(0x8, 0x0, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x82202, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socket(0x2, 0x3, 0xa) close_range$auto(0x2, 0xa, 0x0) timer_create$auto(0x2, &(0x7f00000002c0)={@sival_ptr=&(0x7f0000000080)="90000c040f013e97d3592a5ab8ef55ce8151a205931c93ebdbda54a4cc294735bae24be4ad3e2997080870c32f60c5f1f11ad40845f630253d0e3cf62351511cf607d31d7dea3033d86afcbaba8811155a620dc6c426fe1b70751b357dc964b31a9c6a80d98764e4de51376a57ac5669e86419d3d045362318735cdff87f34933024862306f38f1c94cb46da72b5db8e5ffa3fc1182a324ebe750bc06924e0344c65d04ac08cbf8d82f47053c7e28b9f7537faf240121b7fa130f0558915d5008098df351937d2f0e1", @inferred, 0x4, @_sigev_thread={&(0x7f0000000240)=&(0x7f00000001c0)=0xc, &(0x7f0000000280)}}, &(0x7f0000000300)=0x10001) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) 242.572012ms ago: executing program 0 (id=2000): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x40000008000) io_uring_setup$auto(0x7, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = open(0x0, 0x62240, 0x20) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x20904, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) set_mempolicy$auto(0x9, &(0x7f00000000c0)=0x8, 0x11) socket(0x2, 0xa, 0xe57a) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) ioctl$auto_TIOCGPTPEER2(0xffffffffffffffff, 0x5441, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, 0x0) ioctl$auto_UI_DEV_CREATE(r4, 0x5501, 0x0) 0s ago: executing program 2 (id=2001): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x745100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r1, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto_vhci_fops_hci_vhci(r2, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0xffffffffffffffff, 0x8, 0x7fff, 0xc, 0x2, 0x2]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) close$auto(0xffffffffffffffff) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r3, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket(0xa, 0x1, 0x100) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r4, &(0x7f0000000040)=""/4096, 0xfffffe82) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', 0x0, 0x1000005, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) kernel console output (not intermixed with test programs): do_filp_open+0x10/0x10 [ 598.021391][T12885] ? alloc_fd+0x471/0x7d0 [ 598.021425][T12885] do_sys_openat2+0x121/0x290 [ 598.021447][T12885] ? __pfx_do_sys_openat2+0x10/0x10 [ 598.021477][T12885] __x64_sys_openat+0x174/0x210 [ 598.021500][T12885] ? __pfx___x64_sys_openat+0x10/0x10 [ 598.021531][T12885] do_syscall_64+0xcd/0xf80 [ 598.021562][T12885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.021581][T12885] RIP: 0033:0x7eff2fb8f7c9 [ 598.021598][T12885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 598.021622][T12885] RSP: 002b:00007eff2ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 598.021641][T12885] RAX: ffffffffffffffda RBX: 00007eff2fde5fa0 RCX: 00007eff2fb8f7c9 [ 598.021654][T12885] RDX: 0000000000080000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 598.021666][T12885] RBP: 00007eff2fc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 598.021678][T12885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 598.021689][T12885] R13: 00007eff2fde6038 R14: 00007eff2fde5fa0 R15: 00007ffeb2063be8 [ 598.021713][T12885] [ 599.760718][T12902] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 600.678644][T12908] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 601.289092][T12936] zswap: compressor û not available [ 601.630776][T12926] Process accounting resumed [ 604.331590][T12976] Process accounting resumed [ 605.125702][T12997] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 606.098861][ C0] vcan0: j1939_tp_rxtimer: 0xffff888061a9e000: rx timeout, send abort [ 606.107784][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888061a9e000: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 608.642527][T13048] FAULT_INJECTION: forcing a failure. [ 608.642527][T13048] name fail_futex, interval 1, probability 0, space 0, times 0 [ 608.655663][T13048] CPU: 0 UID: 0 PID: 13048 Comm: syz.2.1545 Not tainted syzkaller #0 PREEMPT(full) [ 608.655693][T13048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 608.655704][T13048] Call Trace: [ 608.655712][T13048] [ 608.655720][T13048] dump_stack_lvl+0x16c/0x1f0 [ 608.655754][T13048] should_fail_ex+0x512/0x640 [ 608.655779][T13048] get_futex_key+0x1d0/0x15f0 [ 608.655803][T13048] ? __pfx_get_futex_key+0x10/0x10 [ 608.655825][T13048] ? __lock_acquire+0x436/0x2890 [ 608.655846][T13048] futex_wake+0xea/0x530 [ 608.655873][T13048] ? __pfx_futex_wake+0x10/0x10 [ 608.655902][T13048] ? __fget_files+0x204/0x3c0 [ 608.655933][T13048] do_futex+0x1e3/0x350 [ 608.655955][T13048] ? __pfx_do_futex+0x10/0x10 [ 608.655976][T13048] ? fdget+0x187/0x210 [ 608.656002][T13048] ? __sys_sendmsg+0x18c/0x220 [ 608.656029][T13048] __x64_sys_futex+0x1e0/0x4c0 [ 608.656053][T13048] ? __pfx___x64_sys_futex+0x10/0x10 [ 608.656083][T13048] do_syscall_64+0xcd/0xf80 [ 608.656113][T13048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.656133][T13048] RIP: 0033:0x7eff2fb8f7c9 [ 608.656150][T13048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.656171][T13048] RSP: 002b:00007eff2ddf60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 608.656198][T13048] RAX: ffffffffffffffda RBX: 00007eff2fde5fa8 RCX: 00007eff2fb8f7c9 [ 608.656217][T13048] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007eff2fde5fac [ 608.656237][T13048] RBP: 00007eff2fde5fa0 R08: 00007eff30927000 R09: 0000000000000000 [ 608.656256][T13048] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 608.656273][T13048] R13: 00007eff2fde6038 R14: 00007ffeb2063b00 R15: 00007ffeb2063be8 [ 608.656309][T13048] [ 608.844279][T13048] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1545'. [ 609.233570][T13056] zswap: compressor û not available [ 609.447350][ T5844] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 610.083419][T13072] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1550'. [ 611.774226][T13100] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 612.807450][T13108] zswap: compressor û not available [ 613.367586][ T5844] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 613.966846][T13122] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 614.124308][T13128] Line length is too long: Should be less than 4094 [ 614.956334][T13140] FAULT_INJECTION: forcing a failure. [ 614.956334][T13140] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 615.017539][T13140] CPU: 0 UID: 0 PID: 13140 Comm: syz.3.1572 Not tainted syzkaller #0 PREEMPT(full) [ 615.017567][T13140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 615.017578][T13140] Call Trace: [ 615.017585][T13140] [ 615.017593][T13140] dump_stack_lvl+0x16c/0x1f0 [ 615.017626][T13140] should_fail_ex+0x512/0x640 [ 615.017650][T13140] _copy_to_user+0x32/0xd0 [ 615.017672][T13140] __do_sys_adjtimex+0xc4/0x140 [ 615.017692][T13140] ? __pfx___do_sys_adjtimex+0x10/0x10 [ 615.017711][T13140] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 615.017753][T13140] ? __pfx_ksys_write+0x10/0x10 [ 615.017783][T13140] ? rcu_is_watching+0x12/0xc0 [ 615.017811][T13140] do_syscall_64+0xcd/0xf80 [ 615.017840][T13140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.017860][T13140] RIP: 0033:0x7fbbedf8f7c9 [ 615.017875][T13140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 615.017893][T13140] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 000000000000009f [ 615.017911][T13140] RAX: ffffffffffffffda RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 615.017924][T13140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000003c0 [ 615.017935][T13140] RBP: 00007fbbeedc1090 R08: 0000000000000000 R09: 0000000000000000 [ 615.017946][T13140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 615.017956][T13140] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 615.017979][T13140] [ 615.810831][T13140] Process accounting paused [ 616.167425][ T5844] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 616.339802][T13154] zswap: compressor û not available [ 616.392478][T13160] FAULT_INJECTION: forcing a failure. [ 616.392478][T13160] name failslab, interval 1, probability 0, space 0, times 0 [ 616.438476][T13160] CPU: 0 UID: 0 PID: 13160 Comm: syz.1.1568 Not tainted syzkaller #0 PREEMPT(full) [ 616.438506][T13160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 616.438518][T13160] Call Trace: [ 616.438526][T13160] [ 616.438534][T13160] dump_stack_lvl+0x16c/0x1f0 [ 616.438568][T13160] should_fail_ex+0x512/0x640 [ 616.438590][T13160] ? __kmalloc_noprof+0xca/0x910 [ 616.438614][T13160] should_failslab+0xc2/0x120 [ 616.438643][T13160] __kmalloc_noprof+0xeb/0x910 [ 616.438664][T13160] ? lsm_blob_alloc+0x68/0x90 [ 616.438698][T13160] ? lsm_blob_alloc+0x68/0x90 [ 616.438724][T13160] lsm_blob_alloc+0x68/0x90 [ 616.438751][T13160] security_sk_alloc+0x2f/0x270 [ 616.438772][T13160] sk_prot_alloc+0x1c7/0x2a0 [ 616.438803][T13160] sk_alloc+0x36/0xe30 [ 616.438825][T13160] tap_open+0x2f0/0x1170 [ 616.438850][T13160] ? __pfx_tap_open+0x10/0x10 [ 616.438872][T13160] chrdev_open+0x234/0x6a0 [ 616.438900][T13160] ? __pfx_apparmor_file_open+0x10/0x10 [ 616.438920][T13160] ? __pfx_chrdev_open+0x10/0x10 [ 616.438951][T13160] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 616.438985][T13160] do_dentry_open+0x748/0x1590 [ 616.439012][T13160] ? __pfx_chrdev_open+0x10/0x10 [ 616.439047][T13160] vfs_open+0x82/0x3f0 [ 616.439070][T13160] path_openat+0x2078/0x3140 [ 616.439106][T13160] ? __pfx_path_openat+0x10/0x10 [ 616.439142][T13160] do_filp_open+0x20b/0x470 [ 616.439171][T13160] ? __pfx_do_filp_open+0x10/0x10 [ 616.439218][T13160] ? alloc_fd+0x471/0x7d0 [ 616.439252][T13160] do_sys_openat2+0x121/0x290 [ 616.439273][T13160] ? __pfx_do_sys_openat2+0x10/0x10 [ 616.439302][T13160] __x64_sys_openat+0x174/0x210 [ 616.439324][T13160] ? __pfx___x64_sys_openat+0x10/0x10 [ 616.439354][T13160] do_syscall_64+0xcd/0xf80 [ 616.439385][T13160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 616.439410][T13160] RIP: 0033:0x7fa02bf8f7c9 [ 616.439434][T13160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 616.439471][T13160] RSP: 002b:00007fa02ce44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 616.439503][T13160] RAX: ffffffffffffffda RBX: 00007fa02c1e5fa0 RCX: 00007fa02bf8f7c9 [ 616.439521][T13160] RDX: 0000000000080000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 616.439534][T13160] RBP: 00007fa02c013f91 R08: 0000000000000000 R09: 0000000000000000 [ 616.439545][T13160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 616.439557][T13160] R13: 00007fa02c1e6038 R14: 00007fa02c1e5fa0 R15: 00007ffede8e2be8 [ 616.439583][T13160] [ 617.380514][T13175] FAULT_INJECTION: forcing a failure. [ 617.380514][T13175] name failslab, interval 1, probability 0, space 0, times 0 [ 617.400934][T13175] CPU: 1 UID: 0 PID: 13175 Comm: syz.1.1571 Not tainted syzkaller #0 PREEMPT(full) [ 617.400976][T13175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 617.400995][T13175] Call Trace: [ 617.401003][T13175] [ 617.401011][T13175] dump_stack_lvl+0x16c/0x1f0 [ 617.401050][T13175] should_fail_ex+0x512/0x640 [ 617.401072][T13175] ? __kmalloc_noprof+0xca/0x910 [ 617.401096][T13175] should_failslab+0xc2/0x120 [ 617.401125][T13175] __kmalloc_noprof+0xeb/0x910 [ 617.401146][T13175] ? sk_prot_alloc+0x1a8/0x2a0 [ 617.401202][T13175] ? sk_prot_alloc+0x1a8/0x2a0 [ 617.401229][T13175] sk_prot_alloc+0x1a8/0x2a0 [ 617.401259][T13175] sk_alloc+0x36/0xe30 [ 617.401282][T13175] tap_open+0x2f0/0x1170 [ 617.401308][T13175] ? __pfx_tap_open+0x10/0x10 [ 617.401329][T13175] chrdev_open+0x234/0x6a0 [ 617.401357][T13175] ? __pfx_apparmor_file_open+0x10/0x10 [ 617.401377][T13175] ? __pfx_chrdev_open+0x10/0x10 [ 617.401406][T13175] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 617.401440][T13175] do_dentry_open+0x748/0x1590 [ 617.401467][T13175] ? __pfx_chrdev_open+0x10/0x10 [ 617.401509][T13175] vfs_open+0x82/0x3f0 [ 617.401532][T13175] path_openat+0x2078/0x3140 [ 617.401567][T13175] ? __pfx_path_openat+0x10/0x10 [ 617.401604][T13175] do_filp_open+0x20b/0x470 [ 617.401633][T13175] ? __pfx_do_filp_open+0x10/0x10 [ 617.401679][T13175] ? alloc_fd+0x471/0x7d0 [ 617.401713][T13175] do_sys_openat2+0x121/0x290 [ 617.401734][T13175] ? __pfx_do_sys_openat2+0x10/0x10 [ 617.401765][T13175] __x64_sys_openat+0x174/0x210 [ 617.401787][T13175] ? __pfx___x64_sys_openat+0x10/0x10 [ 617.401819][T13175] do_syscall_64+0xcd/0xf80 [ 617.401848][T13175] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 617.401868][T13175] RIP: 0033:0x7fa02bf8f7c9 [ 617.401884][T13175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 617.401904][T13175] RSP: 002b:00007fa02ce44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 617.401923][T13175] RAX: ffffffffffffffda RBX: 00007fa02c1e5fa0 RCX: 00007fa02bf8f7c9 [ 617.401935][T13175] RDX: 0000000000080000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 617.401946][T13175] RBP: 00007fa02c013f91 R08: 0000000000000000 R09: 0000000000000000 [ 617.401958][T13175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 617.401969][T13175] R13: 00007fa02c1e6038 R14: 00007fa02c1e5fa0 R15: 00007ffede8e2be8 [ 617.401993][T13175] [ 618.060960][T13180] FAULT_INJECTION: forcing a failure. [ 618.060960][T13180] name fail_futex, interval 1, probability 0, space 0, times 0 [ 618.143004][T13180] CPU: 0 UID: 0 PID: 13180 Comm: syz.1.1573 Not tainted syzkaller #0 PREEMPT(full) [ 618.143033][T13180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 618.143045][T13180] Call Trace: [ 618.143052][T13180] [ 618.143060][T13180] dump_stack_lvl+0x16c/0x1f0 [ 618.143094][T13180] should_fail_ex+0x512/0x640 [ 618.143119][T13180] get_futex_key+0x1d0/0x15f0 [ 618.143142][T13180] ? __pfx_get_futex_key+0x10/0x10 [ 618.143165][T13180] ? do_raw_spin_lock+0x12c/0x2b0 [ 618.143191][T13180] futex_wake+0xea/0x530 [ 618.143223][T13180] ? find_held_lock+0x2b/0x80 [ 618.143249][T13180] ? __pfx_futex_wake+0x10/0x10 [ 618.143272][T13180] ? rcu_is_watching+0x12/0xc0 [ 618.143299][T13180] ? lockdep_hardirqs_on+0x7c/0x110 [ 618.143329][T13180] ? posix_timer_unhash_and_free+0x375/0x400 [ 618.143360][T13180] do_futex+0x1e3/0x350 [ 618.143381][T13180] ? __pfx_do_futex+0x10/0x10 [ 618.143409][T13180] __x64_sys_futex+0x1e0/0x4c0 [ 618.143432][T13180] ? __pfx___x64_sys_timer_create+0x10/0x10 [ 618.143456][T13180] ? fput+0x70/0xf0 [ 618.143473][T13180] ? __pfx___x64_sys_futex+0x10/0x10 [ 618.143503][T13180] do_syscall_64+0xcd/0xf80 [ 618.143533][T13180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 618.143553][T13180] RIP: 0033:0x7fa02bf8f7c9 [ 618.143568][T13180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 618.143587][T13180] RSP: 002b:00007fa02ce440e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 618.143607][T13180] RAX: ffffffffffffffda RBX: 00007fa02c1e5fa8 RCX: 00007fa02bf8f7c9 [ 618.143619][T13180] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa02c1e5fac [ 618.143631][T13180] RBP: 00007fa02c1e5fa0 R08: 00007fa02ce45000 R09: 0000000000000000 [ 618.143642][T13180] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 618.143654][T13180] R13: 00007fa02c1e6038 R14: 00007ffede8e2b00 R15: 00007ffede8e2be8 [ 618.143677][T13180] [ 618.738893][ T5844] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 619.895161][T13211] zswap: compressor û not available [ 620.109122][T13217] FAULT_INJECTION: forcing a failure. [ 620.109122][T13217] name failslab, interval 1, probability 0, space 0, times 0 [ 620.147994][T13217] CPU: 1 UID: 0 PID: 13217 Comm: syz.3.1579 Not tainted syzkaller #0 PREEMPT(full) [ 620.148023][T13217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 620.148035][T13217] Call Trace: [ 620.148042][T13217] [ 620.148051][T13217] dump_stack_lvl+0x16c/0x1f0 [ 620.148085][T13217] should_fail_ex+0x512/0x640 [ 620.148107][T13217] ? __kmalloc_noprof+0xca/0x910 [ 620.148130][T13217] should_failslab+0xc2/0x120 [ 620.148160][T13217] __kmalloc_noprof+0xeb/0x910 [ 620.148181][T13217] ? lsm_blob_alloc+0x68/0x90 [ 620.148213][T13217] ? lsm_blob_alloc+0x68/0x90 [ 620.148239][T13217] lsm_blob_alloc+0x68/0x90 [ 620.148266][T13217] security_sk_alloc+0x2f/0x270 [ 620.148288][T13217] sk_prot_alloc+0x1c7/0x2a0 [ 620.148319][T13217] sk_alloc+0x36/0xe30 [ 620.148342][T13217] tap_open+0x2f0/0x1170 [ 620.148367][T13217] ? __pfx_tap_open+0x10/0x10 [ 620.148388][T13217] chrdev_open+0x234/0x6a0 [ 620.148416][T13217] ? __pfx_apparmor_file_open+0x10/0x10 [ 620.148435][T13217] ? __pfx_chrdev_open+0x10/0x10 [ 620.148474][T13217] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 620.148509][T13217] do_dentry_open+0x748/0x1590 [ 620.148536][T13217] ? __pfx_chrdev_open+0x10/0x10 [ 620.148571][T13217] vfs_open+0x82/0x3f0 [ 620.148595][T13217] path_openat+0x2078/0x3140 [ 620.148631][T13217] ? __pfx_path_openat+0x10/0x10 [ 620.148668][T13217] do_filp_open+0x20b/0x470 [ 620.148697][T13217] ? __pfx_do_filp_open+0x10/0x10 [ 620.148741][T13217] ? alloc_fd+0x471/0x7d0 [ 620.148775][T13217] do_sys_openat2+0x121/0x290 [ 620.148796][T13217] ? __pfx_do_sys_openat2+0x10/0x10 [ 620.148826][T13217] __x64_sys_openat+0x174/0x210 [ 620.148848][T13217] ? __pfx___x64_sys_openat+0x10/0x10 [ 620.148879][T13217] do_syscall_64+0xcd/0xf80 [ 620.148909][T13217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.148929][T13217] RIP: 0033:0x7fbbedf8f7c9 [ 620.148945][T13217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 620.148964][T13217] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 620.148983][T13217] RAX: ffffffffffffffda RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 620.148996][T13217] RDX: 0000000000080000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 620.149008][T13217] RBP: 00007fbbee013f91 R08: 0000000000000000 R09: 0000000000000000 [ 620.149019][T13217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.149030][T13217] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 620.149054][T13217] [ 621.767256][ T5844] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 622.018145][T13243] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 624.259346][ T5844] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 624.263777][T13269] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 625.207352][ T5842] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 626.418875][T13293] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 627.643448][T13319] Line length is too long: Should be less than 4094 [ 629.694048][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.700558][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.752520][T13324] kexec: Could not allocate control_code_buffer [ 630.115591][T13345] FAULT_INJECTION: forcing a failure. [ 630.115591][T13345] name failslab, interval 1, probability 0, space 0, times 0 [ 630.169408][T13345] CPU: 1 UID: 0 PID: 13345 Comm: syz.0.1607 Not tainted syzkaller #0 PREEMPT(full) [ 630.169456][T13345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 630.169476][T13345] Call Trace: [ 630.169489][T13345] [ 630.169503][T13345] dump_stack_lvl+0x16c/0x1f0 [ 630.169557][T13345] should_fail_ex+0x512/0x640 [ 630.169592][T13345] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 630.169638][T13345] should_failslab+0xc2/0x120 [ 630.169685][T13345] kmem_cache_alloc_node_noprof+0x86/0x800 [ 630.169725][T13345] ? __alloc_skb+0x156/0x410 [ 630.169770][T13345] ? __alloc_skb+0x156/0x410 [ 630.169803][T13345] __alloc_skb+0x156/0x410 [ 630.169835][T13345] ? __alloc_skb+0x35d/0x410 [ 630.169869][T13345] ? __pfx___alloc_skb+0x10/0x10 [ 630.169907][T13345] ? rtnl_prop_list_size+0x295/0x2d0 [ 630.169952][T13345] ? if_nlmsg_size+0x4a7/0xb30 [ 630.170002][T13345] rtmsg_ifinfo_build_skb+0x81/0x280 [ 630.170059][T13345] rtmsg_ifinfo+0x9f/0x1a0 [ 630.170116][T13345] register_netdevice+0x1b60/0x21d0 [ 630.170170][T13345] ? __pfx_register_netdevice+0x10/0x10 [ 630.170228][T13345] __ip_tunnel_create+0x540/0x6b0 [ 630.170281][T13345] ? __pfx___ip_tunnel_create+0x10/0x10 [ 630.170345][T13345] ip_tunnel_init_net+0x22f/0x7d0 [ 630.170390][T13345] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 630.170438][T13345] ? ops_init+0x77/0x5f0 [ 630.170482][T13345] ? __pfx_erspan_init_net+0x10/0x10 [ 630.170521][T13345] ops_init+0x1e2/0x5f0 [ 630.170552][T13345] setup_net+0x11d/0x3a0 [ 630.170578][T13345] ? __pfx_setup_net+0x10/0x10 [ 630.170602][T13345] ? lockdep_init_map_type+0x5c/0x270 [ 630.170622][T13345] ? mutex_init_lockep+0x110/0x150 [ 630.170645][T13345] copy_net_ns+0x351/0x7c0 [ 630.170675][T13345] create_new_namespaces+0x3ea/0xab0 [ 630.170706][T13345] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 630.170734][T13345] ksys_unshare+0x45b/0xa40 [ 630.170765][T13345] ? __pfx_ksys_unshare+0x10/0x10 [ 630.170795][T13345] ? xfd_validate_state+0x61/0x180 [ 630.170820][T13345] __x64_sys_unshare+0x31/0x40 [ 630.170837][T13345] do_syscall_64+0xcd/0xf80 [ 630.170867][T13345] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 630.170886][T13345] RIP: 0033:0x7f5f25f8f7c9 [ 630.170902][T13345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 630.170927][T13345] RSP: 002b:00007f5f26e17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 630.170946][T13345] RAX: ffffffffffffffda RBX: 00007f5f261e6090 RCX: 00007f5f25f8f7c9 [ 630.170959][T13345] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 630.170970][T13345] RBP: 00007f5f26013f91 R08: 0000000000000000 R09: 0000000000000000 [ 630.170981][T13345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 630.170992][T13345] R13: 00007f5f261e6128 R14: 00007f5f261e6090 R15: 00007ffd5e053a88 [ 630.171017][T13345] [ 630.727408][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 632.280197][T13345] Process accounting paused [ 633.058455][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 634.488178][T13401] zswap: compressor û not available [ 636.623846][T13420] Process accounting paused [ 637.598899][T13446] zswap: compressor û not available [ 638.348806][T13470] FAULT_INJECTION: forcing a failure. [ 638.348806][T13470] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 638.380909][T13470] CPU: 1 UID: 0 PID: 13470 Comm: syz.1.1633 Not tainted syzkaller #0 PREEMPT(full) [ 638.380952][T13470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 638.380971][T13470] Call Trace: [ 638.380982][T13470] [ 638.380995][T13470] dump_stack_lvl+0x16c/0x1f0 [ 638.381070][T13470] should_fail_ex+0x512/0x640 [ 638.381110][T13470] _copy_from_iter+0x2a4/0x16c0 [ 638.381155][T13470] ? __pfx__copy_from_iter+0x10/0x10 [ 638.381209][T13470] skb_copy_datagram_from_iter+0x124/0x740 [ 638.381258][T13470] tun_get_user+0x1850/0x3cc0 [ 638.381323][T13470] ? __pfx_tun_get_user+0x10/0x10 [ 638.381359][T13470] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 638.381409][T13470] ? find_held_lock+0x2b/0x80 [ 638.381451][T13470] ? tun_get+0x191/0x370 [ 638.381489][T13470] tun_chr_write_iter+0xdc/0x210 [ 638.381525][T13470] vfs_write+0x7d3/0x11d0 [ 638.381570][T13470] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 638.381609][T13470] ? __pfx_vfs_write+0x10/0x10 [ 638.381648][T13470] ? find_held_lock+0x2b/0x80 [ 638.381712][T13470] __x64_sys_pwrite64+0x1eb/0x250 [ 638.381760][T13470] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 638.381818][T13470] do_syscall_64+0xcd/0xf80 [ 638.381867][T13470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 638.381898][T13470] RIP: 0033:0x7fa02bf8f7c9 [ 638.381923][T13470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 638.381953][T13470] RSP: 002b:00007fa02ce23038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 638.381984][T13470] RAX: ffffffffffffffda RBX: 00007fa02c1e6090 RCX: 00007fa02bf8f7c9 [ 638.382004][T13470] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8 [ 638.382023][T13470] RBP: 00007fa02ce23090 R08: 0000000000000000 R09: 0000000000000000 [ 638.382042][T13470] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 638.382060][T13470] R13: 00007fa02c1e6128 R14: 00007fa02c1e6090 R15: 00007ffede8e2be8 [ 638.382102][T13470] [ 639.410015][T13480] FAULT_INJECTION: forcing a failure. [ 639.410015][T13480] name failslab, interval 1, probability 0, space 0, times 0 [ 639.466389][T13480] CPU: 0 UID: 0 PID: 13480 Comm: syz.1.1636 Not tainted syzkaller #0 PREEMPT(full) [ 639.466438][T13480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 639.466457][T13480] Call Trace: [ 639.466469][T13480] [ 639.466481][T13480] dump_stack_lvl+0x16c/0x1f0 [ 639.466534][T13480] should_fail_ex+0x512/0x640 [ 639.466569][T13480] ? __kmalloc_cache_noprof+0x5f/0x800 [ 639.466609][T13480] should_failslab+0xc2/0x120 [ 639.466656][T13480] __kmalloc_cache_noprof+0x80/0x800 [ 639.466692][T13480] ? rcu_is_watching+0x12/0xc0 [ 639.466730][T13480] ? __request_module+0x2ad/0x660 [ 639.466766][T13480] ? lockdep_hardirqs_on+0x7c/0x110 [ 639.466814][T13480] ? __request_module+0x2ad/0x660 [ 639.466853][T13480] __request_module+0x2ad/0x660 [ 639.466893][T13480] ? __pfx___request_module+0x10/0x10 [ 639.466950][T13480] ? find_held_lock+0x2b/0x80 [ 639.467000][T13480] inet_create+0xa97/0x1040 [ 639.467046][T13480] ? inet_create+0x93/0x1040 [ 639.467086][T13480] __sock_create+0x339/0x8a0 [ 639.467128][T13480] __sys_socket+0x14d/0x260 [ 639.467154][T13480] ? fput+0x70/0xf0 [ 639.467182][T13480] ? __pfx___sys_socket+0x10/0x10 [ 639.467209][T13480] ? xfd_validate_state+0x61/0x180 [ 639.467237][T13480] ? __pfx_ksys_write+0x10/0x10 [ 639.467285][T13480] __x64_sys_socket+0x72/0xb0 [ 639.467315][T13480] ? lockdep_hardirqs_on+0x7c/0x110 [ 639.467360][T13480] do_syscall_64+0xcd/0xf80 [ 639.467409][T13480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.467441][T13480] RIP: 0033:0x7fa02bf8f7c9 [ 639.467468][T13480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.467500][T13480] RSP: 002b:00007fa02ce44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 639.467532][T13480] RAX: ffffffffffffffda RBX: 00007fa02c1e5fa0 RCX: 00007fa02bf8f7c9 [ 639.467553][T13480] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 639.467572][T13480] RBP: 00007fa02c013f91 R08: 0000000000000000 R09: 0000000000000000 [ 639.467591][T13480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 639.467611][T13480] R13: 00007fa02c1e6038 R14: 00007fa02c1e5fa0 R15: 00007ffede8e2be8 [ 639.467653][T13480] [ 642.998465][T13544] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 645.287393][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 646.780018][ C1] vcan0: j1939_tp_rxtimer: 0xffff888029837800: rx timeout, send abort [ 646.788523][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888029837800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 647.375040][T13591] Process accounting resumed [ 647.908574][T13615] FAULT_INJECTION: forcing a failure. [ 647.908574][T13615] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 648.012419][T13615] CPU: 1 UID: 0 PID: 13615 Comm: syz.0.1659 Not tainted syzkaller #0 PREEMPT(full) [ 648.012464][T13615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 648.012478][T13615] Call Trace: [ 648.012484][T13615] [ 648.012492][T13615] dump_stack_lvl+0x16c/0x1f0 [ 648.012527][T13615] should_fail_ex+0x512/0x640 [ 648.012552][T13615] _copy_from_user+0x2e/0xd0 [ 648.012575][T13615] do_sys_name_to_handle+0x205/0x830 [ 648.012609][T13615] ? __pfx_do_sys_name_to_handle+0x10/0x10 [ 648.012642][T13615] ? putname+0xf5/0x1a0 [ 648.012658][T13615] ? putname+0xf5/0x1a0 [ 648.012678][T13615] __x64_sys_name_to_handle_at+0x2af/0x310 [ 648.012709][T13615] ? __pfx___x64_sys_name_to_handle_at+0x10/0x10 [ 648.012746][T13615] do_syscall_64+0xcd/0xf80 [ 648.012776][T13615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.012796][T13615] RIP: 0033:0x7f5f25f8f7c9 [ 648.012812][T13615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 648.012831][T13615] RSP: 002b:00007f5f26df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f [ 648.012850][T13615] RAX: ffffffffffffffda RBX: 00007f5f261e6180 RCX: 00007f5f25f8f7c9 [ 648.012863][T13615] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 648.012875][T13615] RBP: 00007f5f26013f91 R08: 0000000000000002 R09: 0000000000000000 [ 648.012886][T13615] R10: 0000200000001180 R11: 0000000000000246 R12: 0000000000000000 [ 648.012897][T13615] R13: 00007f5f261e6218 R14: 00007f5f261e6180 R15: 00007ffd5e053a88 [ 648.012920][T13615] [ 648.543118][T13625] FAULT_INJECTION: forcing a failure. [ 648.543118][T13625] name failslab, interval 1, probability 0, space 0, times 0 [ 648.555917][T13625] CPU: 1 UID: 0 PID: 13625 Comm: syz.1.1665 Not tainted syzkaller #0 PREEMPT(full) [ 648.555946][T13625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 648.555958][T13625] Call Trace: [ 648.555966][T13625] [ 648.555974][T13625] dump_stack_lvl+0x16c/0x1f0 [ 648.556013][T13625] should_fail_ex+0x512/0x640 [ 648.556035][T13625] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 648.556062][T13625] should_failslab+0xc2/0x120 [ 648.556092][T13625] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 648.556117][T13625] ? __d_alloc+0x35/0xa80 [ 648.556138][T13625] ? __d_alloc+0x35/0xa80 [ 648.556153][T13625] __d_alloc+0x35/0xa80 [ 648.556173][T13625] d_alloc_pseudo+0x1c/0xc0 [ 648.556195][T13625] alloc_file_pseudo+0xcf/0x230 [ 648.556218][T13625] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 648.556240][T13625] ? alloc_fd+0x471/0x7d0 [ 648.556275][T13625] sock_alloc_file+0x50/0x210 [ 648.556303][T13625] __sys_socket+0x1c0/0x260 [ 648.556320][T13625] ? fput+0x70/0xf0 [ 648.556338][T13625] ? __pfx___sys_socket+0x10/0x10 [ 648.556356][T13625] ? xfd_validate_state+0x61/0x180 [ 648.556380][T13625] __x64_sys_socket+0x72/0xb0 [ 648.556398][T13625] ? lockdep_hardirqs_on+0x7c/0x110 [ 648.556427][T13625] do_syscall_64+0xcd/0xf80 [ 648.556457][T13625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.556477][T13625] RIP: 0033:0x7fa02bf8f7c9 [ 648.556494][T13625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 648.556514][T13625] RSP: 002b:00007fa02ce44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 648.556534][T13625] RAX: ffffffffffffffda RBX: 00007fa02c1e5fa0 RCX: 00007fa02bf8f7c9 [ 648.556547][T13625] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000025 [ 648.556559][T13625] RBP: 00007fa02c013f91 R08: 0000000000000000 R09: 0000000000000000 [ 648.556571][T13625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 648.556583][T13625] R13: 00007fa02c1e6038 R14: 00007fa02c1e5fa0 R15: 00007ffede8e2be8 [ 648.556607][T13625] [ 649.559401][T13633] cgroup: fork rejected by pids controller in /syz1 [ 649.818326][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 932 with max blocks 1 with error 117 [ 649.837905][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 649.837905][ T13] [ 651.687373][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 652.725347][T13776] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 653.709725][T13784] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1673'. [ 653.803535][T13784] FAULT_INJECTION: forcing a failure. [ 653.803535][T13784] name failslab, interval 1, probability 0, space 0, times 0 [ 653.932841][T13784] CPU: 0 UID: 0 PID: 13784 Comm: syz.0.1673 Not tainted syzkaller #0 PREEMPT(full) [ 653.932882][T13784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 653.932902][T13784] Call Trace: [ 653.932912][T13784] [ 653.932925][T13784] dump_stack_lvl+0x16c/0x1f0 [ 653.932977][T13784] should_fail_ex+0x512/0x640 [ 653.933009][T13784] ? kmem_cache_alloc_noprof+0x62/0x770 [ 653.933051][T13784] should_failslab+0xc2/0x120 [ 653.933098][T13784] kmem_cache_alloc_noprof+0x83/0x770 [ 653.933133][T13784] ? __anon_vma_prepare+0xae/0x5e0 [ 653.933173][T13784] ? __anon_vma_prepare+0xae/0x5e0 [ 653.933207][T13784] __anon_vma_prepare+0xae/0x5e0 [ 653.933247][T13784] ? do_raw_spin_lock+0x12c/0x2b0 [ 653.933288][T13784] __vmf_anon_prepare+0x11c/0x240 [ 653.933336][T13784] do_huge_pmd_anonymous_page+0x161/0x2200 [ 653.933378][T13784] ? __pmd_alloc+0x6aa/0x9c0 [ 653.933428][T13784] __handle_mm_fault+0x25ca/0x2bb0 [ 653.933472][T13784] ? __pfx___handle_mm_fault+0x10/0x10 [ 653.933528][T13784] ? find_vma+0xbf/0x140 [ 653.933568][T13784] ? __pfx_find_vma+0x10/0x10 [ 653.933612][T13784] handle_mm_fault+0x3fe/0xad0 [ 653.933652][T13784] do_user_addr_fault+0x7a6/0x1370 [ 653.933692][T13784] ? rcu_is_watching+0x12/0xc0 [ 653.933740][T13784] exc_page_fault+0x64/0xc0 [ 653.933785][T13784] asm_exc_page_fault+0x26/0x30 [ 653.933814][T13784] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 653.933849][T13784] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 0d 81 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 653.933880][T13784] RSP: 0018:ffffc9000c74fd00 EFLAGS: 00050246 [ 653.933906][T13784] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008 [ 653.933925][T13784] RDX: fffff520018e9fc6 RSI: 0000000000000000 RDI: ffffc9000c74fe28 [ 653.933945][T13784] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff520018e9fc5 [ 653.933963][T13784] R10: ffffc9000c74fe2f R11: ffff8880358c0b30 R12: 0000000000000000 [ 653.933983][T13784] R13: ffffc9000c74fe28 R14: 000000004008af30 R15: 0000000000000001 [ 653.934022][T13784] _copy_from_user+0x98/0xd0 [ 653.934057][T13784] vhost_net_ioctl+0x4eb/0x1850 [ 653.934091][T13784] ? do_vfs_ioctl+0x128/0x14f0 [ 653.934128][T13784] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 653.934164][T13784] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 653.934218][T13784] ? hook_file_ioctl_common+0x144/0x410 [ 653.934282][T13784] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 653.934320][T13784] __x64_sys_ioctl+0x18e/0x210 [ 653.934362][T13784] do_syscall_64+0xcd/0xf80 [ 653.934408][T13784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.934437][T13784] RIP: 0033:0x7f5f25f8f7c9 [ 653.934461][T13784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 653.934491][T13784] RSP: 002b:00007f5f26e38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 653.934519][T13784] RAX: ffffffffffffffda RBX: 00007f5f261e5fa0 RCX: 00007f5f25f8f7c9 [ 653.934540][T13784] RDX: 0000000000000000 RSI: 000000004008af30 RDI: 0000000000000001 [ 653.934559][T13784] RBP: 00007f5f26e38090 R08: 0000000000000000 R09: 0000000000000000 [ 653.934578][T13784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 653.934596][T13784] R13: 00007f5f261e6038 R14: 00007f5f261e5fa0 R15: 00007ffd5e053a88 [ 653.934639][T13784] [ 655.139210][T13798] zswap: compressor û not available [ 655.447862][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 655.629314][T13807] zswap: compressor not available [ 655.955290][T13812] FAULT_INJECTION: forcing a failure. [ 655.955290][T13812] name failslab, interval 1, probability 0, space 0, times 0 [ 656.078109][T13812] CPU: 0 UID: 0 PID: 13812 Comm: syz.3.1679 Not tainted syzkaller #0 PREEMPT(full) [ 656.078156][T13812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 656.078178][T13812] Call Trace: [ 656.078189][T13812] [ 656.078201][T13812] dump_stack_lvl+0x16c/0x1f0 [ 656.078250][T13812] should_fail_ex+0x512/0x640 [ 656.078282][T13812] ? __kmalloc_noprof+0xca/0x910 [ 656.078318][T13812] should_failslab+0xc2/0x120 [ 656.078363][T13812] __kmalloc_noprof+0xeb/0x910 [ 656.078395][T13812] ? copy_splice_read+0x1a8/0xc20 [ 656.078445][T13812] ? copy_splice_read+0x1a8/0xc20 [ 656.078489][T13812] copy_splice_read+0x1a8/0xc20 [ 656.078544][T13812] ? __pfx_copy_splice_read+0x10/0x10 [ 656.078604][T13812] ? find_held_lock+0x2b/0x80 [ 656.078653][T13812] ? __pfx_copy_splice_read+0x10/0x10 [ 656.078699][T13812] do_splice_read+0x285/0x370 [ 656.078751][T13812] splice_direct_to_actor+0x2a1/0xa30 [ 656.078802][T13812] ? __pfx_direct_splice_actor+0x10/0x10 [ 656.078859][T13812] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 656.078905][T13812] ? do_raw_spin_lock+0x12c/0x2b0 [ 656.078963][T13812] do_splice_direct+0x174/0x240 [ 656.079011][T13812] ? __pfx_do_splice_direct+0x10/0x10 [ 656.079061][T13812] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 656.079116][T13812] ? rw_verify_area+0xcf/0x6c0 [ 656.079160][T13812] do_sendfile+0xb06/0xe50 [ 656.079211][T13812] ? __pfx_do_sendfile+0x10/0x10 [ 656.079253][T13812] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 656.079314][T13812] __x64_sys_sendfile64+0x1d8/0x220 [ 656.079347][T13812] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 656.079377][T13812] ? syscall_user_dispatch+0x78/0x140 [ 656.079429][T13812] do_syscall_64+0xcd/0xf80 [ 656.079478][T13812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.079509][T13812] RIP: 0033:0x7fbbedf8f7c9 [ 656.079537][T13812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 656.079571][T13812] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 656.079603][T13812] RAX: ffffffffffffffda RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 656.079626][T13812] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 656.079645][T13812] RBP: 00007fbbee013f91 R08: 0000000000000000 R09: 0000000000000000 [ 656.079665][T13812] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000000 [ 656.079685][T13812] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 656.079729][T13812] [ 657.951811][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 659.700370][ C0] vcan0: j1939_tp_rxtimer: 0xffff88801eb70000: rx timeout, send abort [ 659.708748][ C0] vcan0: j1939_tp_rxtimer: 0xffff88801eb72400: rx timeout, send abort [ 659.712068][T13841] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 659.717282][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88801eb70000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 659.740017][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88801eb72400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 660.726177][T13848] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 660.735991][T13848] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 660.783006][T13848] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 660.811428][T13848] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 660.904050][T13848] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 660.947741][T13848] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 660.976621][T13848] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 660.987466][T13848] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 661.052055][ T5842] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 661.305140][ T5842] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11 [ 662.417336][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 662.807190][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 662.972447][T13921] random: crng reseeded on system resumption [ 662.978041][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 663.047423][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 663.590495][T13931] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1697'. [ 664.240705][T13943] bridge0: port 3(dummy0) entered blocking state [ 664.257781][T13943] bridge0: port 3(dummy0) entered disabled state [ 664.288160][T13943] dummy0: entered allmulticast mode [ 664.312042][T13943] dummy0: entered promiscuous mode [ 664.368761][T13943] bridge0: port 3(dummy0) entered blocking state [ 664.376190][T13943] bridge0: port 3(dummy0) entered forwarding state [ 664.466566][T13949] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.1700: iget: checksum invalid [ 664.478901][T13949] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 664.490629][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 664.494979][T13949] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.1700: iget: checksum invalid [ 664.509160][T13949] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 664.527431][T13949] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.1700: iget: checksum invalid [ 664.598526][T13949] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 664.611485][T13878] Process accounting resumed [ 664.627577][T13949] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.1700: iget: checksum invalid [ 664.658372][T13949] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 664.714200][T13949] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 664.757231][T13949] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 664.861828][T13953] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 664.887290][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 664.940874][T13955] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 665.047325][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 665.127258][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 667.177282][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 667.832399][T13935] Process accounting resumed [ 669.311553][T14000] FAULT_INJECTION: forcing a failure. [ 669.311553][T14000] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 669.361159][T14000] CPU: 0 UID: 0 PID: 14000 Comm: syz.0.1711 Not tainted syzkaller #0 PREEMPT(full) [ 669.361203][T14000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 669.361221][T14000] Call Trace: [ 669.361232][T14000] [ 669.361243][T14000] dump_stack_lvl+0x16c/0x1f0 [ 669.361293][T14000] should_fail_ex+0x512/0x640 [ 669.361332][T14000] _copy_to_iter+0x29f/0x1710 [ 669.361369][T14000] ? chacha_block_generic+0x211/0x330 [ 669.361406][T14000] ? __pfx__copy_to_iter+0x10/0x10 [ 669.361443][T14000] ? lockdep_hardirqs_on+0x7c/0x110 [ 669.361485][T14000] ? crng_make_state+0x48e/0x6c0 [ 669.361520][T14000] get_random_bytes_user+0x17f/0x3c0 [ 669.361556][T14000] ? __pfx_get_random_bytes_user+0x10/0x10 [ 669.361594][T14000] ? __mutex_unlock_slowpath+0x161/0x790 [ 669.361652][T14000] ? import_ubuf+0x1b6/0x220 [ 669.361684][T14000] __x64_sys_getrandom+0x183/0x290 [ 669.361719][T14000] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 669.361751][T14000] ? fput+0x70/0xf0 [ 669.361795][T14000] do_syscall_64+0xcd/0xf80 [ 669.361835][T14000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 669.361855][T14000] RIP: 0033:0x7f5f25f8f7c9 [ 669.361871][T14000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 669.361889][T14000] RSP: 002b:00007f5f26df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 669.361908][T14000] RAX: ffffffffffffffda RBX: 00007f5f261e6180 RCX: 00007f5f25f8f7c9 [ 669.361920][T14000] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 669.361932][T14000] RBP: 00007f5f26df6090 R08: 0000000000000000 R09: 0000000000000000 [ 669.361943][T14000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 669.361954][T14000] R13: 00007f5f261e6218 R14: 00007f5f261e6180 R15: 00007ffd5e053a88 [ 669.361978][T14000] [ 670.669989][T13992] FAULT_INJECTION: forcing a failure. [ 670.669989][T13992] name fail_futex, interval 1, probability 0, space 0, times 0 [ 670.747400][T13992] CPU: 0 UID: 0 PID: 13992 Comm: syz.2.1710 Not tainted syzkaller #0 PREEMPT(full) [ 670.747428][T13992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 670.747441][T13992] Call Trace: [ 670.747449][T13992] [ 670.747458][T13992] dump_stack_lvl+0x16c/0x1f0 [ 670.747491][T13992] should_fail_ex+0x512/0x640 [ 670.747517][T13992] get_futex_key+0x1d0/0x15f0 [ 670.747541][T13992] ? __pfx_get_futex_key+0x10/0x10 [ 670.747569][T13992] futex_wake+0xea/0x530 [ 670.747597][T13992] ? __pfx_futex_wake+0x10/0x10 [ 670.747620][T13992] ? __fget_files+0x20e/0x3c0 [ 670.747651][T13992] ? fput+0x70/0xf0 [ 670.747673][T13992] do_futex+0x1e3/0x350 [ 670.747695][T13992] ? __pfx_do_futex+0x10/0x10 [ 670.747723][T13992] __x64_sys_futex+0x1e0/0x4c0 [ 670.747749][T13992] ? __pfx___x64_sys_futex+0x10/0x10 [ 670.747782][T13992] ? xfd_validate_state+0x61/0x180 [ 670.747799][T13992] ? __pfx___do_sys_kcmp+0x10/0x10 [ 670.747833][T13992] do_syscall_64+0xcd/0xf80 [ 670.747863][T13992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.747883][T13992] RIP: 0033:0x7eff2fb8f7c9 [ 670.747899][T13992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 670.747918][T13992] RSP: 002b:00007eff2ddd50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 670.747936][T13992] RAX: ffffffffffffffda RBX: 00007eff2fde6098 RCX: 00007eff2fb8f7c9 [ 670.747949][T13992] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007eff2fde609c [ 670.747967][T13992] RBP: 00007eff2fde6090 R08: 00007eff30927000 R09: 0000000000000000 [ 670.747979][T13992] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 670.747991][T13992] R13: 00007eff2fde6128 R14: 00007ffeb2063b00 R15: 00007ffeb2063be8 [ 670.748014][T13992] [ 671.011993][T13991] EXT4-fs error (device sda1): ext4_discard_preallocations:5703: comm syz.2.1710: Error -117 reading block bitmap for 2 [ 671.247449][T13991] EXT4-fs error (device sda1): ext4_discard_preallocations:5703: comm syz.2.1710: Error -117 reading block bitmap for 2 [ 674.424670][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802a872400: rx timeout, send abort [ 674.433126][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802c7e4800: rx timeout, send abort [ 674.441674][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802a872400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 674.456062][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802c7e4800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 675.825090][T14160] random: crng reseeded on system resumption [ 675.943419][T14162] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1724'. [ 677.301049][T14186] futex_wake_op: syz.2.1729 tries to shift op by -2048; fix this program [ 677.855404][ T5842] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 677.855932][ T5842] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 677.864225][ T5842] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 677.871475][ T5842] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 677.881981][ T5842] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 677.889676][ T5842] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 677.897062][ T5842] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 677.905291][ T5842] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 677.912560][ T5842] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 677.919685][ T5842] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 678.844958][T14210] FAULT_INJECTION: forcing a failure. [ 678.844958][T14210] name failslab, interval 1, probability 0, space 0, times 0 [ 678.864837][T14210] CPU: 0 UID: 0 PID: 14210 Comm: syz.0.1733 Not tainted syzkaller #0 PREEMPT(full) [ 678.864880][T14210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 678.864899][T14210] Call Trace: [ 678.864909][T14210] [ 678.864922][T14210] dump_stack_lvl+0x16c/0x1f0 [ 678.864972][T14210] should_fail_ex+0x512/0x640 [ 678.865003][T14210] ? fs_reclaim_acquire+0xae/0x150 [ 678.865053][T14210] should_failslab+0xc2/0x120 [ 678.865101][T14210] __kmalloc_noprof+0xeb/0x910 [ 678.865136][T14210] ? tomoyo_encode2+0x100/0x3e0 [ 678.865184][T14210] ? tomoyo_encode2+0x100/0x3e0 [ 678.865220][T14210] tomoyo_encode2+0x100/0x3e0 [ 678.865266][T14210] tomoyo_encode+0x29/0x50 [ 678.865303][T14210] tomoyo_realpath_from_path+0x18f/0x6e0 [ 678.865353][T14210] tomoyo_check_open_permission+0x2ab/0x3c0 [ 678.865390][T14210] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 678.865466][T14210] ? do_raw_spin_lock+0x12c/0x2b0 [ 678.865510][T14210] tomoyo_file_open+0x6b/0x90 [ 678.865555][T14210] security_file_open+0x84/0x1e0 [ 678.865594][T14210] do_dentry_open+0x597/0x1590 [ 678.865642][T14210] ? security_inode_permission+0xbf/0x260 [ 678.865684][T14210] vfs_open+0x82/0x3f0 [ 678.865720][T14210] path_openat+0x2078/0x3140 [ 678.865787][T14210] ? __pfx_path_openat+0x10/0x10 [ 678.865847][T14210] do_filp_open+0x20b/0x470 [ 678.865892][T14210] ? __pfx_do_filp_open+0x10/0x10 [ 678.865966][T14210] ? alloc_fd+0x471/0x7d0 [ 678.866021][T14210] do_sys_openat2+0x121/0x290 [ 678.866054][T14210] ? __pfx_do_sys_openat2+0x10/0x10 [ 678.866102][T14210] __x64_sys_openat+0x174/0x210 [ 678.866137][T14210] ? __pfx___x64_sys_openat+0x10/0x10 [ 678.866186][T14210] do_syscall_64+0xcd/0xf80 [ 678.866234][T14210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.866264][T14210] RIP: 0033:0x7f5f25f8f7c9 [ 678.866288][T14210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 678.866316][T14210] RSP: 002b:00007f5f26e38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 678.866345][T14210] RAX: ffffffffffffffda RBX: 00007f5f261e5fa0 RCX: 00007f5f25f8f7c9 [ 678.866365][T14210] RDX: 0000000000101000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 678.866385][T14210] RBP: 00007f5f26013f91 R08: 0000000000000000 R09: 0000000000000000 [ 678.866404][T14210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 678.866421][T14210] R13: 00007f5f261e6038 R14: 00007f5f261e5fa0 R15: 00007ffd5e053a88 [ 678.866464][T14210] [ 679.113124][T14210] ERROR: Out of memory at tomoyo_realpath_from_path. [ 679.591150][T14192] Process accounting paused [ 680.190355][T14224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1735'. [ 683.319608][T14305] bonding: no command found in bonding_masters - use +ifname or -ifname [ 685.396902][T14310] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1751'. [ 685.426432][T14310] tc_dump_action: action bad kind [ 688.398080][T14359] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 688.791184][T14365] futex_wake_op: syz.1.1761 tries to shift op by -2048; fix this program [ 689.042291][T14368] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 689.207279][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 691.134038][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.147233][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.835957][T14412] futex_wake_op: syz.0.1771 tries to shift op by -2048; fix this program [ 692.642417][T14428] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1775'. [ 692.693687][T14430] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1775'. [ 692.929251][T14435] FAULT_INJECTION: forcing a failure. [ 692.929251][T14435] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 692.970752][T14435] CPU: 0 UID: 0 PID: 14435 Comm: syz.2.1777 Not tainted syzkaller #0 PREEMPT(full) [ 692.970779][T14435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 692.970790][T14435] Call Trace: [ 692.970797][T14435] [ 692.970805][T14435] dump_stack_lvl+0x16c/0x1f0 [ 692.970839][T14435] should_fail_ex+0x512/0x640 [ 692.970864][T14435] _copy_to_user+0x32/0xd0 [ 692.970891][T14435] simple_read_from_buffer+0xcb/0x170 [ 692.970919][T14435] proc_fail_nth_read+0x197/0x240 [ 692.970957][T14435] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 692.970990][T14435] ? rw_verify_area+0xcf/0x6c0 [ 692.971013][T14435] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 692.971043][T14435] vfs_read+0x1e4/0xcf0 [ 692.971070][T14435] ? __pfx___mutex_lock+0x10/0x10 [ 692.971102][T14435] ? __pfx_vfs_read+0x10/0x10 [ 692.971133][T14435] ? __fget_files+0x20e/0x3c0 [ 692.971166][T14435] ksys_read+0x12a/0x250 [ 692.971192][T14435] ? __pfx_ksys_read+0x10/0x10 [ 692.971224][T14435] do_syscall_64+0xcd/0xf80 [ 692.971254][T14435] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 692.971273][T14435] RIP: 0033:0x7eff2fb8e1dc [ 692.971289][T14435] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 692.971307][T14435] RSP: 002b:00007eff2ddf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 692.971325][T14435] RAX: ffffffffffffffda RBX: 00007eff2fde5fa0 RCX: 00007eff2fb8e1dc [ 692.971338][T14435] RDX: 000000000000000f RSI: 00007eff2ddf60a0 RDI: 0000000000000003 [ 692.971349][T14435] RBP: 00007eff2ddf6090 R08: 0000000000000000 R09: 0000000000000000 [ 692.971361][T14435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 692.971371][T14435] R13: 00007eff2fde6038 R14: 00007eff2fde5fa0 R15: 00007ffeb2063be8 [ 692.971395][T14435] [ 693.871986][T14452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1782'. [ 693.945812][T14452] FAULT_INJECTION: forcing a failure. [ 693.945812][T14452] name failslab, interval 1, probability 0, space 0, times 0 [ 693.973057][T14452] CPU: 1 UID: 0 PID: 14452 Comm: syz.1.1782 Not tainted syzkaller #0 PREEMPT(full) [ 693.973087][T14452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 693.973099][T14452] Call Trace: [ 693.973107][T14452] [ 693.973119][T14452] dump_stack_lvl+0x16c/0x1f0 [ 693.973171][T14452] should_fail_ex+0x512/0x640 [ 693.973206][T14452] ? kmem_cache_alloc_noprof+0x62/0x770 [ 693.973240][T14452] should_failslab+0xc2/0x120 [ 693.973270][T14452] kmem_cache_alloc_noprof+0x83/0x770 [ 693.973294][T14452] ? __anon_vma_prepare+0x344/0x5e0 [ 693.973318][T14452] ? __anon_vma_prepare+0x344/0x5e0 [ 693.973338][T14452] __anon_vma_prepare+0x344/0x5e0 [ 693.973358][T14452] ? do_raw_spin_lock+0x12c/0x2b0 [ 693.973383][T14452] __vmf_anon_prepare+0x11c/0x240 [ 693.973413][T14452] do_huge_pmd_anonymous_page+0x161/0x2200 [ 693.973439][T14452] ? __pmd_alloc+0x6aa/0x9c0 [ 693.973470][T14452] __handle_mm_fault+0x25ca/0x2bb0 [ 693.973496][T14452] ? __pfx___handle_mm_fault+0x10/0x10 [ 693.973528][T14452] ? find_vma+0xbf/0x140 [ 693.973553][T14452] ? __pfx_find_vma+0x10/0x10 [ 693.973590][T14452] handle_mm_fault+0x3fe/0xad0 [ 693.973614][T14452] do_user_addr_fault+0x7a6/0x1370 [ 693.973640][T14452] ? rcu_is_watching+0x12/0xc0 [ 693.973670][T14452] exc_page_fault+0x64/0xc0 [ 693.973700][T14452] asm_exc_page_fault+0x26/0x30 [ 693.973718][T14452] RIP: 0010:__get_user_4+0x14/0x20 [ 693.973741][T14452] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 c0 79 04 00 90 90 90 90 90 90 90 90 90 90 [ 693.973760][T14452] RSP: 0018:ffffc90018affbc8 EFLAGS: 00050287 [ 693.973776][T14452] RAX: 0000000000000000 RBX: 000000000000541a RCX: ffffc9000d7fd000 [ 693.973788][T14452] RDX: 00007ffffffff000 RSI: ffffffff8526d0f9 RDI: ffffffff8bf2b580 [ 693.973801][T14452] RBP: ffff888061b1e000 R08: 00000000a468dab9 R09: 000000009a468dab [ 693.973813][T14452] R10: 0000000000000001 R11: ffff88802e0c4830 R12: 0000000100000002 [ 693.973826][T14452] R13: 1ffff9200315ff7d R14: ffffc90018affc08 R15: 0000000100000003 [ 693.973847][T14452] ? tty_mode_ioctl+0x989/0xd30 [ 693.973873][T14452] tty_mode_ioctl+0x992/0xd30 [ 693.973895][T14452] ? __ldsem_down_read_nested+0xe3/0x8a0 [ 693.973914][T14452] ? __pfx_tty_mode_ioctl+0x10/0x10 [ 693.973939][T14452] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 693.973962][T14452] ? __pfx___might_resched+0x10/0x10 [ 693.973992][T14452] ? __pfx_slip_ioctl+0x10/0x10 [ 693.974033][T14452] slip_ioctl+0x2d8/0x7b0 [ 693.974077][T14452] tty_ioctl+0x700/0x1650 [ 693.974105][T14452] ? __pfx_tty_ioctl+0x10/0x10 [ 693.974138][T14452] ? find_held_lock+0x2b/0x80 [ 693.974163][T14452] ? hook_file_ioctl_common+0x144/0x410 [ 693.974192][T14452] ? __fget_files+0x20e/0x3c0 [ 693.974224][T14452] ? __pfx_tty_ioctl+0x10/0x10 [ 693.974250][T14452] __x64_sys_ioctl+0x18e/0x210 [ 693.974276][T14452] do_syscall_64+0xcd/0xf80 [ 693.974305][T14452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.974324][T14452] RIP: 0033:0x7fa02bf8f7c9 [ 693.974339][T14452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 693.974358][T14452] RSP: 002b:00007fa02ce23038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 693.974375][T14452] RAX: ffffffffffffffda RBX: 00007fa02c1e6090 RCX: 00007fa02bf8f7c9 [ 693.974387][T14452] RDX: 0000000000000000 RSI: 000000000000541a RDI: 0000000000000005 [ 693.974398][T14452] RBP: 00007fa02c013f91 R08: 0000000000000000 R09: 0000000000000000 [ 693.974410][T14452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 693.974421][T14452] R13: 00007fa02c1e6128 R14: 00007fa02c1e6090 R15: 00007ffede8e2be8 [ 693.974445][T14452] [ 695.040531][T14439] Process accounting paused [ 695.300914][T14471] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1784'. [ 696.081692][T14482] zswap: compressor û not available [ 696.817832][T14510] vivid-007: ================= START STATUS ================= [ 696.825532][T14510] vivid-007: Generate PTS: true [ 696.898301][T14510] vivid-007: Generate SCR: true [ 696.904032][T14510] tpg source WxH: 320x240 (Y'CbCr) [ 696.972203][T14510] tpg field: 1 [ 696.975636][T14510] tpg crop: (0,0)/320x240 [ 696.991526][T14510] tpg compose: (0,0)/320x240 [ 697.037747][T14510] tpg colorspace: 8 [ 697.041628][T14510] tpg transfer function: 0/0 [ 697.046455][T14510] tpg Y'CbCr encoding: 0/0 [ 697.052828][T14510] tpg quantization: 0/0 [ 697.057049][T14510] tpg RGB range: 0/2 [ 697.061991][T14510] vivid-007: ================== END STATUS ================== [ 698.623395][T14548] zswap: compressor û not available [ 699.771236][T14499] Process accounting paused [ 700.483782][T14583] vivid-007: ================= START STATUS ================= [ 700.497246][T14583] vivid-007: Generate PTS: true [ 700.535664][T14583] vivid-007: Generate SCR: true [ 700.546419][T14583] tpg source WxH: 320x240 (Y'CbCr) [ 700.566918][T14583] tpg field: 1 [ 700.576067][T14583] tpg crop: (0,0)/320x240 [ 700.602478][T14583] tpg compose: (0,0)/320x240 [ 700.608962][T14583] tpg colorspace: 8 [ 700.627721][T14583] tpg transfer function: 0/0 [ 700.632383][T14583] tpg Y'CbCr encoding: 0/0 [ 700.643216][T14583] tpg quantization: 0/0 [ 700.665717][T14583] tpg RGB range: 0/2 [ 700.708057][T14583] vivid-007: ================== END STATUS ================== [ 700.742326][T14591] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 701.122068][T14595] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1804'. [ 701.204459][T14595] FAULT_INJECTION: forcing a failure. [ 701.204459][T14595] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 701.250318][T14595] CPU: 1 UID: 0 PID: 14595 Comm: syz.3.1804 Not tainted syzkaller #0 PREEMPT(full) [ 701.250346][T14595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 701.250358][T14595] Call Trace: [ 701.250364][T14595] [ 701.250371][T14595] dump_stack_lvl+0x16c/0x1f0 [ 701.250405][T14595] should_fail_ex+0x512/0x640 [ 701.250430][T14595] should_fail_alloc_page+0xe7/0x130 [ 701.250461][T14595] prepare_alloc_pages+0x401/0x670 [ 701.250495][T14595] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 701.250523][T14595] ? look_up_lock_class+0x59/0x130 [ 701.250552][T14595] ? register_lock_class+0x41/0x4b0 [ 701.250575][T14595] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 701.250599][T14595] ? __lock_acquire+0x436/0x2890 [ 701.250629][T14595] ? __lock_acquire+0x436/0x2890 [ 701.250650][T14595] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 701.250680][T14595] ? policy_nodemask+0xea/0x4e0 [ 701.250711][T14595] alloc_pages_mpol+0x1fb/0x550 [ 701.250740][T14595] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 701.250775][T14595] alloc_pages_noprof+0x131/0x390 [ 701.250805][T14595] pte_alloc_one+0x1e/0x3d0 [ 701.250832][T14595] do_huge_pmd_anonymous_page+0x8a2/0x2200 [ 701.250857][T14595] ? __pmd_alloc+0x6aa/0x9c0 [ 701.250891][T14595] __handle_mm_fault+0x25ca/0x2bb0 [ 701.250918][T14595] ? __pfx___handle_mm_fault+0x10/0x10 [ 701.250958][T14595] ? find_vma+0xbf/0x140 [ 701.250983][T14595] ? __pfx_find_vma+0x10/0x10 [ 701.251011][T14595] handle_mm_fault+0x3fe/0xad0 [ 701.251035][T14595] do_user_addr_fault+0x7a6/0x1370 [ 701.251060][T14595] ? rcu_is_watching+0x12/0xc0 [ 701.251089][T14595] exc_page_fault+0x64/0xc0 [ 701.251117][T14595] asm_exc_page_fault+0x26/0x30 [ 701.251135][T14595] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 701.251158][T14595] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 0d 81 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 701.251176][T14595] RSP: 0018:ffffc900183cfd00 EFLAGS: 00050246 [ 701.251192][T14595] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008 [ 701.251204][T14595] RDX: fffff52003079fc6 RSI: 0000000000000000 RDI: ffffc900183cfe28 [ 701.251215][T14595] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff52003079fc5 [ 701.251226][T14595] R10: ffffc900183cfe2f R11: ffff88807db3a9b0 R12: 0000000000000000 [ 701.251238][T14595] R13: ffffc900183cfe28 R14: 000000004008af30 R15: 0000000000000001 [ 701.251261][T14595] _copy_from_user+0x98/0xd0 [ 701.251283][T14595] vhost_net_ioctl+0x4eb/0x1850 [ 701.251306][T14595] ? do_vfs_ioctl+0x128/0x14f0 [ 701.251329][T14595] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 701.251359][T14595] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 701.251407][T14595] ? hook_file_ioctl_common+0x144/0x410 [ 701.251444][T14595] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 701.251468][T14595] __x64_sys_ioctl+0x18e/0x210 [ 701.251493][T14595] do_syscall_64+0xcd/0xf80 [ 701.251522][T14595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 701.251540][T14595] RIP: 0033:0x7fbbedf8f7c9 [ 701.251555][T14595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 701.251573][T14595] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 701.251590][T14595] RAX: ffffffffffffffda RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 701.251602][T14595] RDX: 0000000000000000 RSI: 000000004008af30 RDI: 0000000000000001 [ 701.251614][T14595] RBP: 00007fbbeedc1090 R08: 0000000000000000 R09: 0000000000000000 [ 701.251631][T14595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 701.251642][T14595] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 701.251666][T14595] [ 702.286292][T14710] FAULT_INJECTION: forcing a failure. [ 702.286292][T14710] name fail_futex, interval 1, probability 0, space 0, times 0 [ 702.323206][T14710] CPU: 1 UID: 0 PID: 14710 Comm: syz.1.1808 Not tainted syzkaller #0 PREEMPT(full) [ 702.323242][T14710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 702.323255][T14710] Call Trace: [ 702.323262][T14710] [ 702.323270][T14710] dump_stack_lvl+0x16c/0x1f0 [ 702.323304][T14710] should_fail_ex+0x512/0x640 [ 702.323330][T14710] get_futex_key+0x1d0/0x15f0 [ 702.323355][T14710] ? __pfx_get_futex_key+0x10/0x10 [ 702.323383][T14710] futex_wake+0xea/0x530 [ 702.323410][T14710] ? __pfx_futex_wake+0x10/0x10 [ 702.323441][T14710] ? kmem_cache_free+0x171/0x770 [ 702.323470][T14710] do_futex+0x1e3/0x350 [ 702.323492][T14710] ? __pfx_do_futex+0x10/0x10 [ 702.323513][T14710] ? __pfx___might_resched+0x10/0x10 [ 702.323541][T14710] ? blkcg_maybe_throttle_current+0x650/0xf30 [ 702.323569][T14710] __x64_sys_futex+0x1e0/0x4c0 [ 702.323592][T14710] ? __do_sys_close_range+0x278/0x730 [ 702.323625][T14710] ? __pfx___x64_sys_futex+0x10/0x10 [ 702.323647][T14710] ? xfd_validate_state+0x61/0x180 [ 702.323673][T14710] do_syscall_64+0xcd/0xf80 [ 702.323703][T14710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.323722][T14710] RIP: 0033:0x7fa02bf8f7c9 [ 702.323738][T14710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 702.323757][T14710] RSP: 002b:00007fa02ce440e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 702.323776][T14710] RAX: ffffffffffffffda RBX: 00007fa02c1e5fa8 RCX: 00007fa02bf8f7c9 [ 702.323788][T14710] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa02c1e5fac [ 702.323800][T14710] RBP: 00007fa02c1e5fa0 R08: 00007fa02ce45000 R09: 0000000000000000 [ 702.323811][T14710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 702.323823][T14710] R13: 00007fa02c1e6038 R14: 00007ffede8e2b00 R15: 00007ffede8e2be8 [ 702.323851][T14710] [ 703.878967][T14805] zswap: compressor û not available [ 705.610084][T14827] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 707.134882][T14851] FAULT_INJECTION: forcing a failure. [ 707.134882][T14851] name failslab, interval 1, probability 0, space 0, times 0 [ 707.213382][T14851] CPU: 0 UID: 0 PID: 14851 Comm: syz.3.1824 Not tainted syzkaller #0 PREEMPT(full) [ 707.213429][T14851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 707.213449][T14851] Call Trace: [ 707.213461][T14851] [ 707.213473][T14851] dump_stack_lvl+0x16c/0x1f0 [ 707.213526][T14851] should_fail_ex+0x512/0x640 [ 707.213570][T14851] ? __kmalloc_noprof+0xca/0x910 [ 707.213608][T14851] should_failslab+0xc2/0x120 [ 707.213657][T14851] __kmalloc_noprof+0xeb/0x910 [ 707.213693][T14851] ? string_escape_mem+0x6c8/0xde0 [ 707.213730][T14851] ? kstrdup_quotable+0xc2/0x190 [ 707.213778][T14851] ? kstrdup_quotable+0xc2/0x190 [ 707.213817][T14851] kstrdup_quotable+0xc2/0x190 [ 707.213858][T14851] ? __pfx_kstrdup_quotable+0x10/0x10 [ 707.213901][T14851] ? get_cmdline+0x86/0x380 [ 707.213953][T14851] kstrdup_quotable_cmdline+0x127/0x210 [ 707.214001][T14851] __report_access+0x4b/0x370 [ 707.214042][T14851] ? _raw_spin_unlock_irq+0x23/0x50 [ 707.214090][T14851] task_work_run+0x150/0x240 [ 707.214127][T14851] ? __pfx_task_work_run+0x10/0x10 [ 707.214174][T14851] exit_to_user_mode_loop+0xfb/0x540 [ 707.214219][T14851] do_syscall_64+0x4ee/0xf80 [ 707.214270][T14851] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 707.214308][T14851] RIP: 0033:0x7fbbedf8f7c9 [ 707.214334][T14851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 707.214365][T14851] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 707.214396][T14851] RAX: ffffffffffffffff RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 707.214418][T14851] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000004206 [ 707.214438][T14851] RBP: 00007fbbee013f91 R08: 0000000000000000 R09: 0000000000000000 [ 707.214458][T14851] R10: 0000000000200005 R11: 0000000000000246 R12: 0000000000000000 [ 707.214477][T14851] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 707.214521][T14851] [ 707.438399][T14851] ptrace attach of "(null)"[5838] was attempted by "./syz-executor exec"[14851] [ 707.476645][T14847] zswap: compressor û not available [ 709.803650][T14901] Process accounting resumed [ 710.919874][T14932] random: crng reseeded on system resumption [ 711.902057][T15046] FAULT_INJECTION: forcing a failure. [ 711.902057][T15046] name failslab, interval 1, probability 0, space 0, times 0 [ 711.954031][T15046] CPU: 0 UID: 0 PID: 15046 Comm: syz.0.1847 Not tainted syzkaller #0 PREEMPT(full) [ 711.954071][T15046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 711.954088][T15046] Call Trace: [ 711.954099][T15046] [ 711.954110][T15046] dump_stack_lvl+0x16c/0x1f0 [ 711.954160][T15046] should_fail_ex+0x512/0x640 [ 711.954192][T15046] ? fs_reclaim_acquire+0xae/0x150 [ 711.954242][T15046] should_failslab+0xc2/0x120 [ 711.954288][T15046] __kmalloc_noprof+0xeb/0x910 [ 711.954324][T15046] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 711.954372][T15046] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 711.954412][T15046] tomoyo_realpath_from_path+0xc2/0x6e0 [ 711.954461][T15046] tomoyo_check_open_permission+0x2ab/0x3c0 [ 711.954497][T15046] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 711.954566][T15046] ? do_raw_spin_lock+0x12c/0x2b0 [ 711.954616][T15046] tomoyo_file_open+0x6b/0x90 [ 711.954664][T15046] security_file_open+0x84/0x1e0 [ 711.954703][T15046] do_dentry_open+0x597/0x1590 [ 711.954751][T15046] ? security_inode_permission+0xbf/0x260 [ 711.954795][T15046] vfs_open+0x82/0x3f0 [ 711.954843][T15046] path_openat+0x2078/0x3140 [ 711.954904][T15046] ? __pfx_path_openat+0x10/0x10 [ 711.954965][T15046] do_filp_open+0x20b/0x470 [ 711.955012][T15046] ? __pfx_do_filp_open+0x10/0x10 [ 711.955086][T15046] ? alloc_fd+0x471/0x7d0 [ 711.955142][T15046] do_sys_openat2+0x121/0x290 [ 711.955176][T15046] ? __pfx_do_sys_openat2+0x10/0x10 [ 711.955214][T15046] ? __fget_files+0x20e/0x3c0 [ 711.955265][T15046] __x64_sys_openat+0x174/0x210 [ 711.955301][T15046] ? __pfx___x64_sys_openat+0x10/0x10 [ 711.955335][T15046] ? ksys_write+0x1ac/0x250 [ 711.955395][T15046] do_syscall_64+0xcd/0xf80 [ 711.955444][T15046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.955475][T15046] RIP: 0033:0x7f5f25f8f7c9 [ 711.955501][T15046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 711.955528][T15046] RSP: 002b:00007f5f26e17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 711.955557][T15046] RAX: ffffffffffffffda RBX: 00007f5f261e6090 RCX: 00007f5f25f8f7c9 [ 711.955577][T15046] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 711.955597][T15046] RBP: 00007f5f26e17090 R08: 0000000000000000 R09: 0000000000000000 [ 711.955616][T15046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 711.955634][T15046] R13: 00007f5f261e6128 R14: 00007f5f261e6090 R15: 00007ffd5e053a88 [ 711.955677][T15046] [ 712.220345][T15046] ERROR: Out of memory at tomoyo_realpath_from_path. [ 712.597375][T15057] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 714.056753][T15064] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 714.150968][T15064] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 714.277615][T15064] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 714.288170][T15064] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 716.087622][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 716.178945][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 716.334144][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 716.340351][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 718.427522][T15136] netlink: 724 bytes leftover after parsing attributes in process `syz.3.1863'. [ 719.541034][T15154] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 719.628516][T15152] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 720.490766][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 721.006908][T15186] FAULT_INJECTION: forcing a failure. [ 721.006908][T15186] name failslab, interval 1, probability 0, space 0, times 0 [ 721.020086][T15186] CPU: 1 UID: 0 PID: 15186 Comm: syz.3.1876 Not tainted syzkaller #0 PREEMPT(full) [ 721.020114][T15186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 721.020126][T15186] Call Trace: [ 721.020133][T15186] [ 721.020140][T15186] dump_stack_lvl+0x16c/0x1f0 [ 721.020175][T15186] should_fail_ex+0x512/0x640 [ 721.020195][T15186] ? kmem_cache_alloc_noprof+0x62/0x770 [ 721.020223][T15186] should_failslab+0xc2/0x120 [ 721.020253][T15186] kmem_cache_alloc_noprof+0x83/0x770 [ 721.020275][T15186] ? sk_prot_alloc+0x60/0x2a0 [ 721.020307][T15186] ? sk_prot_alloc+0x60/0x2a0 [ 721.020333][T15186] sk_prot_alloc+0x60/0x2a0 [ 721.020363][T15186] sk_alloc+0x36/0xe30 [ 721.020412][T15186] rds_create+0x9e/0x5f0 [ 721.020436][T15186] __sock_create+0x339/0x8a0 [ 721.020458][T15186] __sys_socket+0x14d/0x260 [ 721.020477][T15186] ? __pfx___sys_socket+0x10/0x10 [ 721.020496][T15186] ? xfd_validate_state+0x61/0x180 [ 721.020514][T15186] ? __pfx_ksys_write+0x10/0x10 [ 721.020545][T15186] __x64_sys_socket+0x72/0xb0 [ 721.020563][T15186] ? lockdep_hardirqs_on+0x7c/0x110 [ 721.020592][T15186] do_syscall_64+0xcd/0xf80 [ 721.020624][T15186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 721.020643][T15186] RIP: 0033:0x7fbbedf8f7c9 [ 721.020658][T15186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 721.020677][T15186] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 721.020695][T15186] RAX: ffffffffffffffda RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 721.020707][T15186] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000015 [ 721.020719][T15186] RBP: 00007fbbee013f91 R08: 0000000000000000 R09: 0000000000000000 [ 721.020731][T15186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 721.020742][T15186] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 721.020764][T15186] [ 721.026687][T15186] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 721.461698][T15191] vivid-007: ================= START STATUS ================= [ 721.567314][T15191] vivid-007: Generate PTS: true [ 721.572263][T15191] vivid-007: Generate SCR: true [ 721.637355][T15191] tpg source WxH: 320x240 (Y'CbCr) [ 721.653454][T15191] tpg field: 1 [ 721.657015][T15191] tpg crop: (0,0)/320x240 [ 721.663924][T15191] tpg compose: (0,0)/320x240 [ 721.669175][T15191] tpg colorspace: 8 [ 721.694506][T15191] tpg transfer function: 0/0 [ 721.717673][T15191] tpg Y'CbCr encoding: 0/0 [ 721.738003][T15191] tpg quantization: 0/0 [ 721.772062][T15191] tpg RGB range: 0/2 [ 721.804688][T15191] vivid-007: ================== END STATUS ================== [ 722.157886][T15197] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 722.174608][T15197] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 722.191340][T15197] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 722.246720][T15197] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 723.541141][T15433] FAULT_INJECTION: forcing a failure. [ 723.541141][T15433] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 723.555431][T15433] CPU: 0 UID: 0 PID: 15433 Comm: syz.3.1882 Not tainted syzkaller #0 PREEMPT(full) [ 723.555471][T15433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 723.555490][T15433] Call Trace: [ 723.555501][T15433] [ 723.555514][T15433] dump_stack_lvl+0x16c/0x1f0 [ 723.555568][T15433] should_fail_ex+0x512/0x640 [ 723.555610][T15433] strncpy_from_user+0x3b/0x2e0 [ 723.555654][T15433] getname_flags.part.0+0x8f/0x550 [ 723.555695][T15433] getname_flags+0x93/0xf0 [ 723.555738][T15433] do_sys_openat2+0xb9/0x290 [ 723.555774][T15433] ? __pfx_do_sys_openat2+0x10/0x10 [ 723.555821][T15433] ? __fget_files+0x20e/0x3c0 [ 723.555873][T15433] __x64_sys_openat+0x174/0x210 [ 723.555911][T15433] ? __pfx___x64_sys_openat+0x10/0x10 [ 723.555946][T15433] ? ksys_write+0x1ac/0x250 [ 723.556004][T15433] do_syscall_64+0xcd/0xf80 [ 723.556054][T15433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 723.556086][T15433] RIP: 0033:0x7fbbedf8f7c9 [ 723.556111][T15433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 723.556142][T15433] RSP: 002b:00007fbbeed7e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 723.556173][T15433] RAX: ffffffffffffffda RBX: 00007fbbee1e6180 RCX: 00007fbbedf8f7c9 [ 723.556194][T15433] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 723.556215][T15433] RBP: 00007fbbeed7e090 R08: 0000000000000000 R09: 0000000000000000 [ 723.556235][T15433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 723.556255][T15433] R13: 00007fbbee1e6218 R14: 00007fbbee1e6180 R15: 00007ffc5f4ce3b8 [ 723.556298][T15433] [ 724.007595][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 724.251884][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 724.251917][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 724.267347][ T5154] Bluetooth: hci1: command 0x0406 tx timeout [ 724.768471][T15461] FAULT_INJECTION: forcing a failure. [ 724.768471][T15461] name failslab, interval 1, probability 0, space 0, times 0 [ 724.809822][T15461] CPU: 1 UID: 0 PID: 15461 Comm: syz.2.1887 Not tainted syzkaller #0 PREEMPT(full) [ 724.809872][T15461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 724.809893][T15461] Call Trace: [ 724.809905][T15461] [ 724.809919][T15461] dump_stack_lvl+0x16c/0x1f0 [ 724.809974][T15461] should_fail_ex+0x512/0x640 [ 724.810012][T15461] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 724.810059][T15461] should_failslab+0xc2/0x120 [ 724.810111][T15461] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 724.810151][T15461] ? stack_depot_save_flags+0x29/0x9b0 [ 724.810190][T15461] ? __d_alloc+0x35/0xa80 [ 724.810228][T15461] ? __d_alloc+0x35/0xa80 [ 724.810254][T15461] __d_alloc+0x35/0xa80 [ 724.810289][T15461] d_alloc_parallel+0x111/0x1510 [ 724.810342][T15461] ? find_held_lock+0x2b/0x80 [ 724.810388][T15461] ? __pfx_d_alloc_parallel+0x10/0x10 [ 724.810435][T15461] ? __d_lookup+0x266/0x4a0 [ 724.810483][T15461] lookup_open.isra.0+0x66c/0x1780 [ 724.810536][T15461] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 724.810606][T15461] ? lookup_fast+0x156/0x610 [ 724.810653][T15461] path_openat+0x12bb/0x3140 [ 724.810726][T15461] ? __pfx_path_openat+0x10/0x10 [ 724.810793][T15461] do_filp_open+0x20b/0x470 [ 724.810843][T15461] ? __pfx_do_filp_open+0x10/0x10 [ 724.810912][T15461] ? __pfx_kfree_link+0x10/0x10 [ 724.810965][T15461] ? alloc_fd+0x471/0x7d0 [ 724.811026][T15461] do_sys_openat2+0x121/0x290 [ 724.811063][T15461] ? __pfx_do_sys_openat2+0x10/0x10 [ 724.811117][T15461] __x64_sys_openat+0x174/0x210 [ 724.811156][T15461] ? __pfx___x64_sys_openat+0x10/0x10 [ 724.811211][T15461] do_syscall_64+0xcd/0xf80 [ 724.811263][T15461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.811296][T15461] RIP: 0033:0x7eff2fb8f7c9 [ 724.811323][T15461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.811355][T15461] RSP: 002b:00007eff2ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 724.811387][T15461] RAX: ffffffffffffffda RBX: 00007eff2fde5fa0 RCX: 00007eff2fb8f7c9 [ 724.811408][T15461] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 724.811430][T15461] RBP: 00007eff2fc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 724.811451][T15461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 724.811471][T15461] R13: 00007eff2fde6038 R14: 00007eff2fde5fa0 R15: 00007ffeb2063be8 [ 724.811517][T15461] [ 725.218644][T15449] Process accounting resumed [ 725.387731][T15464] input: 00 [ 725.387731][T15464] as /devices/virtual/input/input16 [ 725.430242][T15464] FAULT_INJECTION: forcing a failure. [ 725.430242][T15464] name failslab, interval 1, probability 0, space 0, times 0 [ 725.453133][T15464] CPU: 0 UID: 0 PID: 15464 Comm: syz.2.1889 Not tainted syzkaller #0 PREEMPT(full) [ 725.453178][T15464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 725.453198][T15464] Call Trace: [ 725.453209][T15464] [ 725.453222][T15464] dump_stack_lvl+0x16c/0x1f0 [ 725.453275][T15464] should_fail_ex+0x512/0x640 [ 725.453311][T15464] ? kmem_cache_alloc_noprof+0x62/0x770 [ 725.453353][T15464] should_failslab+0xc2/0x120 [ 725.453402][T15464] kmem_cache_alloc_noprof+0x83/0x770 [ 725.453451][T15464] ? __kernfs_new_node+0xd2/0x990 [ 725.453499][T15464] ? __kernfs_new_node+0xd2/0x990 [ 725.453535][T15464] __kernfs_new_node+0xd2/0x990 [ 725.453578][T15464] ? __pfx___kernfs_new_node+0x10/0x10 [ 725.453630][T15464] ? find_held_lock+0x2b/0x80 [ 725.453674][T15464] ? kernfs_root+0xee/0x2a0 [ 725.453720][T15464] kernfs_new_node+0x13c/0x1e0 [ 725.453770][T15464] __kernfs_create_file+0x53/0x350 [ 725.453828][T15464] sysfs_add_file_mode_ns+0x207/0x3c0 [ 725.453876][T15464] sysfs_merge_group+0x1aa/0x340 [ 725.453918][T15464] ? __pfx_sysfs_merge_group+0x10/0x10 [ 725.453964][T15464] ? __pfx_dev_add_physical_location+0x10/0x10 [ 725.454008][T15464] ? bus_to_subsys+0x131/0x160 [ 725.454063][T15464] dpm_sysfs_add+0x237/0x280 [ 725.454108][T15464] device_add+0x9cc/0x1980 [ 725.454155][T15464] ? __pfx_device_add+0x10/0x10 [ 725.454198][T15464] ? __pfx_exact_lock+0x10/0x10 [ 725.454251][T15464] ? kobject_get+0xbb/0x150 [ 725.454305][T15464] cdev_device_add+0x12b/0x270 [ 725.454355][T15464] evdev_connect+0x3a4/0x4c0 [ 725.454405][T15464] input_attach_handler.isra.0+0x176/0x250 [ 725.454461][T15464] input_register_device+0xab9/0x11b0 [ 725.454502][T15464] ? input_ff_create+0x171/0x350 [ 725.454535][T15464] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 725.454571][T15464] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 725.454612][T15464] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 725.454657][T15464] ? find_held_lock+0x2b/0x80 [ 725.454720][T15464] ? __pfx_uinput_ioctl+0x10/0x10 [ 725.454752][T15464] __x64_sys_ioctl+0x18e/0x210 [ 725.454797][T15464] do_syscall_64+0xcd/0xf80 [ 725.454849][T15464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.454882][T15464] RIP: 0033:0x7eff2fb8f7c9 [ 725.454909][T15464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 725.454940][T15464] RSP: 002b:00007eff2ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 725.454972][T15464] RAX: ffffffffffffffda RBX: 00007eff2fde5fa0 RCX: 00007eff2fb8f7c9 [ 725.454993][T15464] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000007 [ 725.455012][T15464] RBP: 00007eff2fc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 725.455032][T15464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 725.455052][T15464] R13: 00007eff2fde6038 R14: 00007eff2fde5fa0 R15: 00007ffeb2063be8 [ 725.455097][T15464] [ 725.831993][T15464] input: failed to attach handler evdev to device input16, error: -12 [ 725.858634][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 726.043416][T15473] FAULT_INJECTION: forcing a failure. [ 726.043416][T15473] name failslab, interval 1, probability 0, space 0, times 0 [ 726.092706][T15473] CPU: 0 UID: 0 PID: 15473 Comm: syz.1.1892 Not tainted syzkaller #0 PREEMPT(full) [ 726.092732][T15473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 726.092744][T15473] Call Trace: [ 726.092750][T15473] [ 726.092758][T15473] dump_stack_lvl+0x16c/0x1f0 [ 726.092792][T15473] should_fail_ex+0x512/0x640 [ 726.092816][T15473] should_failslab+0xc2/0x120 [ 726.092846][T15473] __kmalloc_cache_noprof+0x80/0x800 [ 726.092868][T15473] ? __task_pid_nr_ns+0x1f5/0x500 [ 726.092885][T15473] ? proc_thread_self_get_link+0x1c6/0x240 [ 726.092913][T15473] ? proc_thread_self_get_link+0x1c6/0x240 [ 726.092935][T15473] proc_thread_self_get_link+0x1c6/0x240 [ 726.092959][T15473] pick_link+0xb09/0x13b0 [ 726.092983][T15473] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 726.093009][T15473] step_into_slowpath+0x6c6/0xf50 [ 726.093037][T15473] ? __pfx_step_into_slowpath+0x10/0x10 [ 726.093065][T15473] ? lookup_fast+0x156/0x610 [ 726.093086][T15473] ? inode_permission+0x37b/0x640 [ 726.093110][T15473] link_path_walk+0xd26/0x1c70 [ 726.093142][T15473] path_openat+0x1bd/0x3140 [ 726.093168][T15473] ? do_syscall_64+0xcd/0xf80 [ 726.093195][T15473] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.093221][T15473] ? __pfx_path_openat+0x10/0x10 [ 726.093257][T15473] do_filp_open+0x20b/0x470 [ 726.093286][T15473] ? __pfx_do_filp_open+0x10/0x10 [ 726.093329][T15473] ? alloc_fd+0x471/0x7d0 [ 726.093362][T15473] do_sys_openat2+0x121/0x290 [ 726.093383][T15473] ? __pfx_do_sys_openat2+0x10/0x10 [ 726.093412][T15473] __x64_sys_openat+0x174/0x210 [ 726.093434][T15473] ? __pfx___x64_sys_openat+0x10/0x10 [ 726.093464][T15473] do_syscall_64+0xcd/0xf80 [ 726.093494][T15473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.093512][T15473] RIP: 0033:0x7fa02bf8e010 [ 726.093528][T15473] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 726.093546][T15473] RSP: 002b:00007fa02ce43fe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 726.093564][T15473] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fa02bf8e010 [ 726.093576][T15473] RDX: 0000000000000002 RSI: 00007fa02c01424b RDI: 00000000ffffff9c [ 726.093588][T15473] RBP: 00007fa02c01424b R08: 0000000000000000 R09: 00007fa02ce45000 [ 726.093599][T15473] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 726.093610][T15473] R13: 00007fa02c1e6038 R14: 00007fa02c1e5fa0 R15: 00007ffede8e2be8 [ 726.093640][T15473] [ 726.093818][T15473] FAULT_INJECTION: forcing a failure. [ 726.093818][T15473] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 726.424406][T15473] CPU: 0 UID: 0 PID: 15473 Comm: syz.1.1892 Not tainted syzkaller #0 PREEMPT(full) [ 726.424444][T15473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 726.424456][T15473] Call Trace: [ 726.424463][T15473] [ 726.424471][T15473] dump_stack_lvl+0x16c/0x1f0 [ 726.424505][T15473] should_fail_ex+0x512/0x640 [ 726.424529][T15473] strncpy_from_user+0x3b/0x2e0 [ 726.424551][T15473] getname_flags.part.0+0x8f/0x550 [ 726.424576][T15473] getname_flags+0x93/0xf0 [ 726.424601][T15473] do_sys_openat2+0xb9/0x290 [ 726.424621][T15473] ? __pfx_do_sys_openat2+0x10/0x10 [ 726.424645][T15473] ? __fget_files+0x20e/0x3c0 [ 726.424675][T15473] __x64_sys_openat+0x174/0x210 [ 726.424697][T15473] ? __pfx___x64_sys_openat+0x10/0x10 [ 726.424718][T15473] ? ksys_write+0x1ac/0x250 [ 726.424751][T15473] do_syscall_64+0xcd/0xf80 [ 726.424781][T15473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.424800][T15473] RIP: 0033:0x7fa02bf8f7c9 [ 726.424816][T15473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 726.424834][T15473] RSP: 002b:00007fa02ce44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 726.424853][T15473] RAX: ffffffffffffffda RBX: 00007fa02c1e5fa0 RCX: 00007fa02bf8f7c9 [ 726.424866][T15473] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 726.424877][T15473] RBP: 00007fa02ce44090 R08: 0000000000000000 R09: 0000000000000000 [ 726.424889][T15473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 726.424900][T15473] R13: 00007fa02c1e6038 R14: 00007fa02c1e5fa0 R15: 00007ffede8e2be8 [ 726.424922][T15473] [ 726.830473][T15475] FAULT_INJECTION: forcing a failure. [ 726.830473][T15475] name failslab, interval 1, probability 0, space 0, times 0 [ 726.852759][T15475] CPU: 0 UID: 0 PID: 15475 Comm: syz.3.1891 Not tainted syzkaller #0 PREEMPT(full) [ 726.852802][T15475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 726.852822][T15475] Call Trace: [ 726.852833][T15475] [ 726.852846][T15475] dump_stack_lvl+0x16c/0x1f0 [ 726.852900][T15475] should_fail_ex+0x512/0x640 [ 726.852934][T15475] ? kmem_cache_alloc_noprof+0x62/0x770 [ 726.852977][T15475] should_failslab+0xc2/0x120 [ 726.853025][T15475] kmem_cache_alloc_noprof+0x83/0x770 [ 726.853062][T15475] ? __pfx_acct_collect+0x10/0x10 [ 726.853103][T15475] ? taskstats_exit+0x654/0xbe0 [ 726.853154][T15475] ? taskstats_exit+0x654/0xbe0 [ 726.853194][T15475] taskstats_exit+0x654/0xbe0 [ 726.853240][T15475] ? __pfx_taskstats_exit+0x10/0x10 [ 726.853290][T15475] ? exit_signals+0x388/0xb00 [ 726.853337][T15475] do_exit+0x5e4/0x2bd0 [ 726.853383][T15475] ? __pfx_do_exit+0x10/0x10 [ 726.853418][T15475] ? do_raw_spin_lock+0x12c/0x2b0 [ 726.853454][T15475] ? find_held_lock+0x2b/0x80 [ 726.853500][T15475] do_group_exit+0xd3/0x2a0 [ 726.853533][T15475] get_signal+0x2671/0x26d0 [ 726.853583][T15475] ? lockdep_hardirqs_on+0x7c/0x110 [ 726.853632][T15475] ? __pfx_get_signal+0x10/0x10 [ 726.853679][T15475] ? do_futex+0x122/0x350 [ 726.853718][T15475] arch_do_signal_or_restart+0x8f/0x7a0 [ 726.853766][T15475] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 726.853823][T15475] ? __pfx___x64_sys_futex+0x10/0x10 [ 726.853866][T15475] exit_to_user_mode_loop+0x8c/0x540 [ 726.853910][T15475] do_syscall_64+0x4ee/0xf80 [ 726.853958][T15475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.853989][T15475] RIP: 0033:0x7fbbedf8f7c9 [ 726.854016][T15475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 726.854047][T15475] RSP: 002b:00007fbbeedc10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 726.854077][T15475] RAX: fffffffffffffe00 RBX: 00007fbbee1e5fa8 RCX: 00007fbbedf8f7c9 [ 726.854097][T15475] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbbee1e5fa8 [ 726.854116][T15475] RBP: 00007fbbee1e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 726.854135][T15475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 726.854153][T15475] R13: 00007fbbee1e6038 R14: 00007ffc5f4ce2d0 R15: 00007ffc5f4ce3b8 [ 726.854195][T15475] [ 727.569692][T15489] FAULT_INJECTION: forcing a failure. [ 727.569692][T15489] name failslab, interval 1, probability 0, space 0, times 0 [ 727.605817][T15489] CPU: 1 UID: 0 PID: 15489 Comm: syz.2.1896 Not tainted syzkaller #0 PREEMPT(full) [ 727.605846][T15489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 727.605857][T15489] Call Trace: [ 727.605864][T15489] [ 727.605872][T15489] dump_stack_lvl+0x16c/0x1f0 [ 727.605905][T15489] should_fail_ex+0x512/0x640 [ 727.605927][T15489] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 727.605955][T15489] should_failslab+0xc2/0x120 [ 727.605984][T15489] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 727.606007][T15489] ? stack_depot_save_flags+0x29/0x9b0 [ 727.606030][T15489] ? __d_alloc+0x35/0xa80 [ 727.606051][T15489] ? __d_alloc+0x35/0xa80 [ 727.606065][T15489] __d_alloc+0x35/0xa80 [ 727.606084][T15489] d_alloc_parallel+0x111/0x1510 [ 727.606114][T15489] ? find_held_lock+0x2b/0x80 [ 727.606140][T15489] ? __pfx_d_alloc_parallel+0x10/0x10 [ 727.606166][T15489] ? __d_lookup+0x266/0x4a0 [ 727.606193][T15489] lookup_open.isra.0+0x66c/0x1780 [ 727.606224][T15489] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 727.606261][T15489] ? lookup_fast+0x156/0x610 [ 727.606287][T15489] path_openat+0x12bb/0x3140 [ 727.606322][T15489] ? __pfx_path_openat+0x10/0x10 [ 727.606358][T15489] do_filp_open+0x20b/0x470 [ 727.606387][T15489] ? __pfx_do_filp_open+0x10/0x10 [ 727.606431][T15489] ? __pfx_kfree_link+0x10/0x10 [ 727.606461][T15489] ? alloc_fd+0x471/0x7d0 [ 727.606494][T15489] do_sys_openat2+0x121/0x290 [ 727.606517][T15489] ? __pfx_do_sys_openat2+0x10/0x10 [ 727.606547][T15489] __x64_sys_openat+0x174/0x210 [ 727.606570][T15489] ? __pfx___x64_sys_openat+0x10/0x10 [ 727.606602][T15489] do_syscall_64+0xcd/0xf80 [ 727.606632][T15489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.606652][T15489] RIP: 0033:0x7eff2fb8f7c9 [ 727.606668][T15489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.606690][T15489] RSP: 002b:00007eff2ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 727.606709][T15489] RAX: ffffffffffffffda RBX: 00007eff2fde5fa0 RCX: 00007eff2fb8f7c9 [ 727.606721][T15489] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 727.606733][T15489] RBP: 00007eff2fc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 727.606745][T15489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 727.606756][T15489] R13: 00007eff2fde6038 R14: 00007eff2fde5fa0 R15: 00007ffeb2063be8 [ 727.606780][T15489] [ 729.339709][T15624] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1904'. [ 729.473262][T15616] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 729.496722][T15616] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 729.507461][T15616] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 729.514993][T15616] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 729.919085][T15641] FAULT_INJECTION: forcing a failure. [ 729.919085][T15641] name failslab, interval 1, probability 0, space 0, times 0 [ 729.967219][T15641] CPU: 1 UID: 0 PID: 15641 Comm: syz.3.1908 Not tainted syzkaller #0 PREEMPT(full) [ 729.967265][T15641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 729.967285][T15641] Call Trace: [ 729.967296][T15641] [ 729.967308][T15641] dump_stack_lvl+0x16c/0x1f0 [ 729.967368][T15641] should_fail_ex+0x512/0x640 [ 729.967400][T15641] ? kmem_cache_alloc_noprof+0x62/0x770 [ 729.967494][T15641] should_failslab+0xc2/0x120 [ 729.967542][T15641] kmem_cache_alloc_noprof+0x83/0x770 [ 729.967575][T15641] ? alloc_vfsmnt+0x23/0x6b0 [ 729.967612][T15641] ? alloc_vfsmnt+0x23/0x6b0 [ 729.967643][T15641] alloc_vfsmnt+0x23/0x6b0 [ 729.967671][T15641] ? getname_flags.part.0+0x1c5/0x550 [ 729.967707][T15641] mnt_clone_internal+0x81/0x250 [ 729.967753][T15641] acct_on+0xfb/0xa00 [ 729.967795][T15641] ? __pfx_acct_on+0x10/0x10 [ 729.967838][T15641] ? bpf_lsm_capable+0x9/0x10 [ 729.967885][T15641] __x64_sys_acct+0x81/0x1e0 [ 729.967923][T15641] ? lockdep_hardirqs_on+0x7c/0x110 [ 729.967969][T15641] do_syscall_64+0xcd/0xf80 [ 729.968017][T15641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.968049][T15641] RIP: 0033:0x7fbbedf8f7c9 [ 729.968073][T15641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 729.968103][T15641] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 729.968133][T15641] RAX: ffffffffffffffda RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 729.968153][T15641] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100 [ 729.968172][T15641] RBP: 00007fbbee013f91 R08: 0000000000000000 R09: 0000000000000000 [ 729.968191][T15641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 729.968210][T15641] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 729.968252][T15641] [ 730.302739][T15642] Process accounting resumed [ 730.395789][T15649] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 731.291918][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 731.527406][ T5154] Bluetooth: hci1: command 0x0406 tx timeout [ 731.527442][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 731.533595][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 731.827762][T15663] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 731.868589][T15663] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 731.903310][T15663] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 731.903544][T15663] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 733.159271][T15689] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 733.174539][T15689] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 733.192683][T15689] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 733.207503][T15689] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 733.528148][T15707] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1916'. [ 733.794871][T15715] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1927'. [ 733.924782][T15715] FAULT_INJECTION: forcing a failure. [ 733.924782][T15715] name failslab, interval 1, probability 0, space 0, times 0 [ 733.947826][T15715] CPU: 1 UID: 0 PID: 15715 Comm: syz.2.1927 Not tainted syzkaller #0 PREEMPT(full) [ 733.947872][T15715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 733.947891][T15715] Call Trace: [ 733.947903][T15715] [ 733.947916][T15715] dump_stack_lvl+0x16c/0x1f0 [ 733.947971][T15715] should_fail_ex+0x512/0x640 [ 733.948008][T15715] ? __kmalloc_cache_noprof+0x5f/0x800 [ 733.948049][T15715] should_failslab+0xc2/0x120 [ 733.948099][T15715] __kmalloc_cache_noprof+0x80/0x800 [ 733.948135][T15715] ? rcu_is_watching+0x12/0xc0 [ 733.948179][T15715] ? __request_module+0x2ad/0x660 [ 733.948218][T15715] ? lockdep_hardirqs_on+0x7c/0x110 [ 733.948270][T15715] ? __request_module+0x2ad/0x660 [ 733.948320][T15715] __request_module+0x2ad/0x660 [ 733.948361][T15715] ? __pfx___request_module+0x10/0x10 [ 733.948422][T15715] ? find_held_lock+0x2b/0x80 [ 733.948475][T15715] inet_create+0xa97/0x1040 [ 733.948514][T15715] ? inet_create+0x93/0x1040 [ 733.948556][T15715] __sock_create+0x339/0x8a0 [ 733.948595][T15715] __sys_socket+0x14d/0x260 [ 733.948624][T15715] ? fput+0x70/0xf0 [ 733.948653][T15715] ? __pfx___sys_socket+0x10/0x10 [ 733.948683][T15715] ? xfd_validate_state+0x61/0x180 [ 733.948710][T15715] ? __pfx_ksys_write+0x10/0x10 [ 733.948764][T15715] __x64_sys_socket+0x72/0xb0 [ 733.948799][T15715] ? lockdep_hardirqs_on+0x7c/0x110 [ 733.948842][T15715] do_syscall_64+0xcd/0xf80 [ 733.948893][T15715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 733.948925][T15715] RIP: 0033:0x7eff2fb8f7c9 [ 733.948951][T15715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 733.948982][T15715] RSP: 002b:00007eff2ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 733.949014][T15715] RAX: ffffffffffffffda RBX: 00007eff2fde5fa0 RCX: 00007eff2fb8f7c9 [ 733.949036][T15715] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 733.949056][T15715] RBP: 00007eff2fc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 733.949076][T15715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 733.949096][T15715] R13: 00007eff2fde6038 R14: 00007eff2fde5fa0 R15: 00007ffeb2063be8 [ 733.949139][T15715] [ 734.556406][T15729] FAULT_INJECTION: forcing a failure. [ 734.556406][T15729] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 734.589238][T15729] CPU: 0 UID: 0 PID: 15729 Comm: syz.2.1920 Not tainted syzkaller #0 PREEMPT(full) [ 734.589280][T15729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 734.589308][T15729] Call Trace: [ 734.589319][T15729] [ 734.589331][T15729] dump_stack_lvl+0x16c/0x1f0 [ 734.589383][T15729] should_fail_ex+0x512/0x640 [ 734.589423][T15729] _copy_from_user+0x2e/0xd0 [ 734.589458][T15729] copy_msghdr_from_user+0x98/0x160 [ 734.589498][T15729] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 734.589529][T15729] ? __lock_acquire+0x436/0x2890 [ 734.589551][T15729] ___sys_recvmsg+0xdb/0x1a0 [ 734.589575][T15729] ? __pfx____sys_recvmsg+0x10/0x10 [ 734.589611][T15729] ? __pfx___might_resched+0x10/0x10 [ 734.589641][T15729] do_recvmmsg+0x2fe/0x750 [ 734.589668][T15729] ? __pfx_do_recvmmsg+0x10/0x10 [ 734.589696][T15729] ? __mutex_unlock_slowpath+0x161/0x790 [ 734.589733][T15729] ? __fget_files+0x20e/0x3c0 [ 734.589765][T15729] __x64_sys_recvmmsg+0x22a/0x280 [ 734.589791][T15729] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 734.589824][T15729] do_syscall_64+0xcd/0xf80 [ 734.589853][T15729] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.589872][T15729] RIP: 0033:0x7eff2fb8f7c9 [ 734.589887][T15729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 734.589906][T15729] RSP: 002b:00007eff2ddf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 734.589925][T15729] RAX: ffffffffffffffda RBX: 00007eff2fde5fa0 RCX: 00007eff2fb8f7c9 [ 734.589937][T15729] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000003 [ 734.589948][T15729] RBP: 00007eff2ddf6090 R08: 0000000000000000 R09: 0000000000000000 [ 734.589959][T15729] R10: 00000000000066a6 R11: 0000000000000246 R12: 0000000000000001 [ 734.589970][T15729] R13: 00007eff2fde6038 R14: 00007eff2fde5fa0 R15: 00007ffeb2063be8 [ 734.589994][T15729] [ 735.208735][ T5154] Bluetooth: hci2: command 0x0406 tx timeout [ 735.216758][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 735.228979][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 735.287499][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 735.392587][T15720] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 735.435570][T15720] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 735.474361][T15720] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 735.537211][T15720] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 735.761074][T15745] __vm_enough_memory: pid: 15745, comm: syz.3.1923, bytes: 4398046511104 not enough memory for the allocation [ 737.367607][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 737.447370][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 737.527662][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 737.607351][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 738.297849][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88803158e400: 0x00000: (2) System resources were needed for another task so this connection managed session was terminated. [ 740.416432][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 740.801826][T16006] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 740.860150][T16008] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1935'. [ 740.903453][T16008] FAULT_INJECTION: forcing a failure. [ 740.903453][T16008] name failslab, interval 1, probability 0, space 0, times 0 [ 740.916582][T16008] CPU: 1 UID: 0 PID: 16008 Comm: syz.0.1935 Not tainted syzkaller #0 PREEMPT(full) [ 740.916613][T16008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 740.916625][T16008] Call Trace: [ 740.916632][T16008] [ 740.916640][T16008] dump_stack_lvl+0x16c/0x1f0 [ 740.916673][T16008] should_fail_ex+0x512/0x640 [ 740.916694][T16008] ? __kmalloc_cache_noprof+0x5f/0x800 [ 740.916718][T16008] should_failslab+0xc2/0x120 [ 740.916747][T16008] __kmalloc_cache_noprof+0x80/0x800 [ 740.916768][T16008] ? rcu_is_watching+0x12/0xc0 [ 740.916795][T16008] ? call_usermodehelper_setup+0xaf/0x360 [ 740.916819][T16008] ? __pfx_free_modprobe_argv+0x10/0x10 [ 740.916844][T16008] ? call_usermodehelper_setup+0xaf/0x360 [ 740.916866][T16008] call_usermodehelper_setup+0xaf/0x360 [ 740.916892][T16008] __request_module+0x3bd/0x660 [ 740.916916][T16008] ? __pfx___request_module+0x10/0x10 [ 740.916949][T16008] ? find_held_lock+0x2b/0x80 [ 740.916979][T16008] inet_create+0xd21/0x1040 [ 740.917002][T16008] ? inet_create+0x93/0x1040 [ 740.917027][T16008] __sock_create+0x339/0x8a0 [ 740.917049][T16008] __sys_socket+0x14d/0x260 [ 740.917073][T16008] ? fput+0x70/0xf0 [ 740.917102][T16008] ? __pfx___sys_socket+0x10/0x10 [ 740.917133][T16008] ? xfd_validate_state+0x61/0x180 [ 740.917162][T16008] ? __pfx_ksys_write+0x10/0x10 [ 740.917213][T16008] __x64_sys_socket+0x72/0xb0 [ 740.917252][T16008] ? lockdep_hardirqs_on+0x7c/0x110 [ 740.917299][T16008] do_syscall_64+0xcd/0xf80 [ 740.917350][T16008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.917384][T16008] RIP: 0033:0x7f5f25f8f7c9 [ 740.917412][T16008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 740.917444][T16008] RSP: 002b:00007f5f26e38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 740.917475][T16008] RAX: ffffffffffffffda RBX: 00007f5f261e5fa0 RCX: 00007f5f25f8f7c9 [ 740.917497][T16008] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 740.917516][T16008] RBP: 00007f5f26013f91 R08: 0000000000000000 R09: 0000000000000000 [ 740.917536][T16008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 740.917556][T16008] R13: 00007f5f261e6038 R14: 00007f5f261e5fa0 R15: 00007ffd5e053a88 [ 740.917599][T16008] [ 741.210336][T15898] Process accounting paused [ 742.002149][T16026] input: 00 [ 742.002149][T16026] as /devices/virtual/input/input17 [ 742.020059][T16026] FAULT_INJECTION: forcing a failure. [ 742.020059][T16026] name failslab, interval 1, probability 0, space 0, times 0 [ 742.103996][T16026] CPU: 0 UID: 0 PID: 16026 Comm: syz.0.1938 Not tainted syzkaller #0 PREEMPT(full) [ 742.104041][T16026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 742.104060][T16026] Call Trace: [ 742.104071][T16026] [ 742.104084][T16026] dump_stack_lvl+0x16c/0x1f0 [ 742.104137][T16026] should_fail_ex+0x512/0x640 [ 742.104172][T16026] ? kmem_cache_alloc_noprof+0x62/0x770 [ 742.104216][T16026] should_failslab+0xc2/0x120 [ 742.104264][T16026] kmem_cache_alloc_noprof+0x83/0x770 [ 742.104302][T16026] ? __kernfs_new_node+0xd2/0x990 [ 742.104346][T16026] ? __kernfs_new_node+0xd2/0x990 [ 742.104381][T16026] __kernfs_new_node+0xd2/0x990 [ 742.104423][T16026] ? __pfx___kernfs_new_node+0x10/0x10 [ 742.104471][T16026] ? find_held_lock+0x2b/0x80 [ 742.104512][T16026] ? kernfs_root+0xee/0x2a0 [ 742.104566][T16026] kernfs_new_node+0x13c/0x1e0 [ 742.104616][T16026] __kernfs_create_file+0x53/0x350 [ 742.104669][T16026] sysfs_add_file_mode_ns+0x207/0x3c0 [ 742.104722][T16026] sysfs_merge_group+0x1aa/0x340 [ 742.104763][T16026] ? __pfx_sysfs_merge_group+0x10/0x10 [ 742.104809][T16026] ? __pfx_dev_add_physical_location+0x10/0x10 [ 742.104853][T16026] ? bus_to_subsys+0x131/0x160 [ 742.104906][T16026] dpm_sysfs_add+0x237/0x280 [ 742.104949][T16026] device_add+0x9cc/0x1980 [ 742.104996][T16026] ? __pfx_device_add+0x10/0x10 [ 742.105039][T16026] ? __pfx_exact_lock+0x10/0x10 [ 742.105090][T16026] ? kobject_get+0xbb/0x150 [ 742.105143][T16026] cdev_device_add+0x12b/0x270 [ 742.105193][T16026] evdev_connect+0x3a4/0x4c0 [ 742.105241][T16026] input_attach_handler.isra.0+0x176/0x250 [ 742.105287][T16026] input_register_device+0xab9/0x11b0 [ 742.105325][T16026] ? input_ff_create+0x171/0x350 [ 742.105361][T16026] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 742.105396][T16026] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 742.105433][T16026] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 742.105477][T16026] ? find_held_lock+0x2b/0x80 [ 742.105539][T16026] ? __pfx_uinput_ioctl+0x10/0x10 [ 742.105580][T16026] __x64_sys_ioctl+0x18e/0x210 [ 742.105622][T16026] do_syscall_64+0xcd/0xf80 [ 742.105674][T16026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 742.105707][T16026] RIP: 0033:0x7f5f25f8f7c9 [ 742.105735][T16026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 742.105767][T16026] RSP: 002b:00007f5f26e38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 742.105798][T16026] RAX: ffffffffffffffda RBX: 00007f5f261e5fa0 RCX: 00007f5f25f8f7c9 [ 742.105818][T16026] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000007 [ 742.105838][T16026] RBP: 00007f5f26013f91 R08: 0000000000000000 R09: 0000000000000000 [ 742.105858][T16026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 742.105876][T16026] R13: 00007f5f261e6038 R14: 00007f5f261e5fa0 R15: 00007ffd5e053a88 [ 742.105921][T16026] [ 742.540515][T16026] input: failed to attach handler evdev to device input17, error: -12 [ 743.268295][T16047] FAULT_INJECTION: forcing a failure. [ 743.268295][T16047] name failslab, interval 1, probability 0, space 0, times 0 [ 743.312450][T16047] CPU: 0 UID: 0 PID: 16047 Comm: syz.3.1944 Not tainted syzkaller #0 PREEMPT(full) [ 743.312495][T16047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 743.312514][T16047] Call Trace: [ 743.312526][T16047] [ 743.312539][T16047] dump_stack_lvl+0x16c/0x1f0 [ 743.312589][T16047] should_fail_ex+0x512/0x640 [ 743.312624][T16047] ? __kmalloc_cache_noprof+0x5f/0x800 [ 743.312663][T16047] should_failslab+0xc2/0x120 [ 743.312711][T16047] __kmalloc_cache_noprof+0x80/0x800 [ 743.312749][T16047] ? vkms_plane_duplicate_state+0x45/0x130 [ 743.312795][T16047] ? vkms_plane_duplicate_state+0x45/0x130 [ 743.312832][T16047] vkms_plane_duplicate_state+0x45/0x130 [ 743.312869][T16047] drm_atomic_get_plane_state+0x279/0x760 [ 743.312907][T16047] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 743.312949][T16047] ? rcu_is_watching+0x12/0xc0 [ 743.313000][T16047] ? __mutex_lock+0x27b/0x1ca0 [ 743.313048][T16047] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 743.313088][T16047] ? trace_contention_end+0xdd/0x110 [ 743.313163][T16047] drm_client_modeset_commit_locked+0x14d/0x580 [ 743.313227][T16047] drm_client_modeset_commit+0x4f/0x80 [ 743.313269][T16047] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 743.313315][T16047] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 743.313360][T16047] drm_fbdev_client_restore+0x1b/0x30 [ 743.313411][T16047] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 743.313457][T16047] drm_client_dev_restore+0x200/0x2a0 [ 743.313506][T16047] drm_release+0x2c6/0x360 [ 743.313546][T16047] ? __pfx_drm_release+0x10/0x10 [ 743.313579][T16047] __fput+0x402/0xb70 [ 743.313623][T16047] task_work_run+0x150/0x240 [ 743.313658][T16047] ? __pfx_task_work_run+0x10/0x10 [ 743.313688][T16047] ? __do_sys_close_range+0x278/0x730 [ 743.313745][T16047] exit_to_user_mode_loop+0xfb/0x540 [ 743.313789][T16047] do_syscall_64+0x4ee/0xf80 [ 743.313841][T16047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 743.313872][T16047] RIP: 0033:0x7fbbedf8f7c9 [ 743.313899][T16047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 743.313929][T16047] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 743.313962][T16047] RAX: 0000000000000000 RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 743.313983][T16047] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 743.314000][T16047] RBP: 00007fbbee013f91 R08: 0000000000000000 R09: 0000000000000000 [ 743.314019][T16047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 743.314038][T16047] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 743.314084][T16047] [ 743.819194][T16044] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 743.825408][T16044] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 743.832691][T16044] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 743.839309][T16044] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 744.442708][T16168] Invalid ELF header magic: != ELF [ 744.458078][T16170] Invalid ELF header magic: != ELF [ 745.014648][T16189] input: 00 [ 745.014648][T16189] as /devices/virtual/input/input18 [ 745.023962][T16189] FAULT_INJECTION: forcing a failure. [ 745.023962][T16189] name failslab, interval 1, probability 0, space 0, times 0 [ 745.051828][T16189] CPU: 1 UID: 0 PID: 16189 Comm: syz.3.1950 Not tainted syzkaller #0 PREEMPT(full) [ 745.051869][T16189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 745.051889][T16189] Call Trace: [ 745.051900][T16189] [ 745.051914][T16189] dump_stack_lvl+0x16c/0x1f0 [ 745.051963][T16189] should_fail_ex+0x512/0x640 [ 745.051996][T16189] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 745.052044][T16189] should_failslab+0xc2/0x120 [ 745.052092][T16189] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 745.052138][T16189] ? kstrdup_const+0x63/0x80 [ 745.052183][T16189] ? kstrdup+0x53/0x100 [ 745.052214][T16189] kstrdup+0x53/0x100 [ 745.052253][T16189] kstrdup_const+0x63/0x80 [ 745.052288][T16189] __kernfs_new_node+0x9b/0x990 [ 745.052331][T16189] ? __pfx___kernfs_new_node+0x10/0x10 [ 745.052379][T16189] ? find_held_lock+0x2b/0x80 [ 745.052423][T16189] ? kernfs_root+0xee/0x2a0 [ 745.052470][T16189] kernfs_new_node+0x13c/0x1e0 [ 745.052530][T16189] kernfs_create_link+0xcc/0x240 [ 745.052584][T16189] sysfs_do_create_link_sd+0x90/0x140 [ 745.052624][T16189] sysfs_create_link+0x61/0xc0 [ 745.052659][T16189] device_add+0xb3a/0x1980 [ 745.052706][T16189] ? __pfx_device_add+0x10/0x10 [ 745.052748][T16189] ? __pfx_exact_lock+0x10/0x10 [ 745.052801][T16189] ? kobject_get+0xbb/0x150 [ 745.052856][T16189] cdev_device_add+0x12b/0x270 [ 745.052908][T16189] evdev_connect+0x3a4/0x4c0 [ 745.052955][T16189] input_attach_handler.isra.0+0x176/0x250 [ 745.053002][T16189] input_register_device+0xab9/0x11b0 [ 745.053042][T16189] ? input_ff_create+0x171/0x350 [ 745.053076][T16189] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 745.053113][T16189] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 745.053153][T16189] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 745.053199][T16189] ? find_held_lock+0x2b/0x80 [ 745.053261][T16189] ? __pfx_uinput_ioctl+0x10/0x10 [ 745.053295][T16189] __x64_sys_ioctl+0x18e/0x210 [ 745.053337][T16189] do_syscall_64+0xcd/0xf80 [ 745.053386][T16189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.053416][T16189] RIP: 0033:0x7fbbedf8f7c9 [ 745.053442][T16189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.053474][T16189] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 745.053506][T16189] RAX: ffffffffffffffda RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 745.053535][T16189] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000007 [ 745.053553][T16189] RBP: 00007fbbee013f91 R08: 0000000000000000 R09: 0000000000000000 [ 745.053572][T16189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.053592][T16189] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 745.053637][T16189] [ 745.498061][T16189] input: failed to attach handler evdev to device input18, error: -12 [ 745.851931][ T5154] Bluetooth: hci1: command 0x0406 tx timeout [ 745.852242][ T5844] Bluetooth: hci0: command 0x0406 tx timeout [ 745.858140][ T5154] Bluetooth: hci2: command 0x0406 tx timeout [ 745.870199][ T52] Bluetooth: hci3: command 0x0406 tx timeout [ 746.167194][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 746.347767][T16212] zswap: compressor not available [ 746.625504][T16216] zswap: compressor not available [ 746.848752][T16241] FAULT_INJECTION: forcing a failure. [ 746.848752][T16241] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 746.862220][T16241] CPU: 0 UID: 0 PID: 16241 Comm: syz.2.1959 Not tainted syzkaller #0 PREEMPT(full) [ 746.862261][T16241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 746.862279][T16241] Call Trace: [ 746.862298][T16241] [ 746.862310][T16241] dump_stack_lvl+0x16c/0x1f0 [ 746.862362][T16241] should_fail_ex+0x512/0x640 [ 746.862400][T16241] _copy_to_iter+0x29f/0x1710 [ 746.862434][T16241] ? __mutex_unlock_slowpath+0x161/0x790 [ 746.862477][T16241] ? urbnum_show+0x27/0x80 [ 746.862510][T16241] ? __pfx__copy_to_iter+0x10/0x10 [ 746.862538][T16241] ? kernfs_seq_stop+0xcd/0x120 [ 746.862584][T16241] ? kernfs_put_active+0x86/0xe0 [ 746.862628][T16241] seq_read_iter+0xd02/0x12d0 [ 746.862686][T16241] kernfs_fop_read_iter+0x46c/0x610 [ 746.862730][T16241] ? rw_verify_area+0xcf/0x6c0 [ 746.862773][T16241] vfs_read+0x8bf/0xcf0 [ 746.862822][T16241] ? __pfx_vfs_read+0x10/0x10 [ 746.862891][T16241] ksys_read+0x12a/0x250 [ 746.862933][T16241] ? __pfx_ksys_read+0x10/0x10 [ 746.862986][T16241] do_syscall_64+0xcd/0xf80 [ 746.863032][T16241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 746.863060][T16241] RIP: 0033:0x7eff2fb8f7c9 [ 746.863085][T16241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 746.863114][T16241] RSP: 002b:00007eff2ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 746.863143][T16241] RAX: ffffffffffffffda RBX: 00007eff2fde5fa0 RCX: 00007eff2fb8f7c9 [ 746.863162][T16241] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000003 [ 746.863177][T16241] RBP: 00007eff2ddf6090 R08: 0000000000000000 R09: 0000000000000000 [ 746.863193][T16241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 746.863211][T16241] R13: 00007eff2fde6038 R14: 00007eff2fde5fa0 R15: 00007ffeb2063be8 [ 746.863253][T16241] [ 748.535560][T16273] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 748.555617][T16273] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 748.609445][T16273] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 748.657774][T16273] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 748.864635][T16278] FAULT_INJECTION: forcing a failure. [ 748.864635][T16278] name failslab, interval 1, probability 0, space 0, times 0 [ 748.877857][T16278] CPU: 1 UID: 0 PID: 16278 Comm: syz.2.1967 Not tainted syzkaller #0 PREEMPT(full) [ 748.877885][T16278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 748.877897][T16278] Call Trace: [ 748.877904][T16278] [ 748.877912][T16278] dump_stack_lvl+0x16c/0x1f0 [ 748.877946][T16278] should_fail_ex+0x512/0x640 [ 748.877967][T16278] ? kmem_cache_alloc_noprof+0x62/0x770 [ 748.877993][T16278] should_failslab+0xc2/0x120 [ 748.878023][T16278] kmem_cache_alloc_noprof+0x83/0x770 [ 748.878046][T16278] ? alloc_empty_file+0x55/0x1e0 [ 748.878070][T16278] ? alloc_empty_file+0x55/0x1e0 [ 748.878088][T16278] alloc_empty_file+0x55/0x1e0 [ 748.878109][T16278] alloc_file_pseudo+0x13a/0x230 [ 748.878131][T16278] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 748.878153][T16278] ? alloc_fd+0x471/0x7d0 [ 748.878184][T16278] sock_alloc_file+0x50/0x210 [ 748.878211][T16278] __sys_socket+0x1c0/0x260 [ 748.878253][T16278] ? __pfx___sys_socket+0x10/0x10 [ 748.878271][T16278] ? xfd_validate_state+0x61/0x180 [ 748.878288][T16278] ? __pfx_do_writev+0x10/0x10 [ 748.878317][T16278] __x64_sys_socket+0x72/0xb0 [ 748.878334][T16278] ? lockdep_hardirqs_on+0x7c/0x110 [ 748.878364][T16278] do_syscall_64+0xcd/0xf80 [ 748.878393][T16278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 748.878412][T16278] RIP: 0033:0x7eff2fb8f7c9 [ 748.878428][T16278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 748.878447][T16278] RSP: 002b:00007eff2ddd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 748.878466][T16278] RAX: ffffffffffffffda RBX: 00007eff2fde6090 RCX: 00007eff2fb8f7c9 [ 748.878479][T16278] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 748.878490][T16278] RBP: 00007eff2fc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 748.878501][T16278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 748.878512][T16278] R13: 00007eff2fde6128 R14: 00007eff2fde6090 R15: 00007ffeb2063be8 [ 748.878535][T16278] [ 749.182915][T16280] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 749.370623][T16282] lo: entered allmulticast mode [ 749.376651][T16282] lo: left allmulticast mode [ 750.069464][T16406] netlink: 'syz.2.1973': attribute type 1 has an invalid length. [ 750.488025][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 750.567201][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 750.647276][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 750.727185][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 751.234516][T16529] nbd: illegal input index 37139 [ 752.152010][T16644] FAULT_INJECTION: forcing a failure. [ 752.152010][T16644] name failslab, interval 1, probability 0, space 0, times 0 [ 752.188005][T16644] CPU: 1 UID: 0 PID: 16644 Comm: syz.3.1983 Not tainted syzkaller #0 PREEMPT(full) [ 752.188047][T16644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 752.188066][T16644] Call Trace: [ 752.188077][T16644] [ 752.188088][T16644] dump_stack_lvl+0x16c/0x1f0 [ 752.188139][T16644] should_fail_ex+0x512/0x640 [ 752.188171][T16644] ? __kmalloc_noprof+0xca/0x910 [ 752.188207][T16644] should_failslab+0xc2/0x120 [ 752.188251][T16644] __kmalloc_noprof+0xeb/0x910 [ 752.188285][T16644] ? kernfs_fop_write_iter+0x237/0x570 [ 752.188338][T16644] ? kernfs_fop_write_iter+0x237/0x570 [ 752.188381][T16644] kernfs_fop_write_iter+0x237/0x570 [ 752.188431][T16644] vfs_write+0x7d3/0x11d0 [ 752.188475][T16644] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 752.188532][T16644] ? __pfx_vfs_write+0x10/0x10 [ 752.188596][T16644] ksys_write+0x12a/0x250 [ 752.188637][T16644] ? __pfx_ksys_write+0x10/0x10 [ 752.188675][T16644] do_syscall_64+0xcd/0xf80 [ 752.188706][T16644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.188725][T16644] RIP: 0033:0x7fbbedf8f7c9 [ 752.188741][T16644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 752.188759][T16644] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 752.188778][T16644] RAX: ffffffffffffffda RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 752.188790][T16644] RDX: 0000000000000081 RSI: 0000200000000140 RDI: 0000000000000003 [ 752.188802][T16644] RBP: 00007fbbeedc1090 R08: 0000000000000000 R09: 0000000000000000 [ 752.188813][T16644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 752.188823][T16644] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 752.188847][T16644] [ 752.570335][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.576671][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 753.645146][T16653] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 753.701568][T16653] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 753.760062][T16653] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 753.787608][T16653] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 755.367296][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 755.528275][T16741] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 755.648322][T16694] Process accounting paused [ 755.767812][ T5154] Bluetooth: hci0: command 0x0406 tx timeout [ 755.774282][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 755.847198][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 756.173266][T16824] input: 00 [ 756.173266][T16824] as /devices/virtual/input/input20 [ 756.250916][T16824] FAULT_INJECTION: forcing a failure. [ 756.250916][T16824] name failslab, interval 1, probability 0, space 0, times 0 [ 756.263943][T16824] CPU: 0 UID: 0 PID: 16824 Comm: syz.0.1997 Not tainted syzkaller #0 PREEMPT(full) [ 756.263990][T16824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 756.264011][T16824] Call Trace: [ 756.264023][T16824] [ 756.264036][T16824] dump_stack_lvl+0x16c/0x1f0 [ 756.264090][T16824] should_fail_ex+0x512/0x640 [ 756.264127][T16824] ? kmem_cache_alloc_noprof+0x62/0x770 [ 756.264170][T16824] should_failslab+0xc2/0x120 [ 756.264231][T16824] kmem_cache_alloc_noprof+0x83/0x770 [ 756.264271][T16824] ? __kernfs_new_node+0xd2/0x990 [ 756.264319][T16824] ? __kernfs_new_node+0xd2/0x990 [ 756.264355][T16824] __kernfs_new_node+0xd2/0x990 [ 756.264400][T16824] ? __pfx___kernfs_new_node+0x10/0x10 [ 756.264449][T16824] ? find_held_lock+0x2b/0x80 [ 756.264492][T16824] ? kernfs_root+0xee/0x2a0 [ 756.264539][T16824] kernfs_new_node+0x13c/0x1e0 [ 756.264591][T16824] __kernfs_create_file+0x53/0x350 [ 756.264648][T16824] sysfs_add_file_mode_ns+0x207/0x3c0 [ 756.264695][T16824] sysfs_merge_group+0x1aa/0x340 [ 756.264738][T16824] ? __pfx_sysfs_merge_group+0x10/0x10 [ 756.264781][T16824] ? __pfx_dev_add_physical_location+0x10/0x10 [ 756.264824][T16824] ? bus_to_subsys+0x131/0x160 [ 756.264878][T16824] dpm_sysfs_add+0x237/0x280 [ 756.264922][T16824] device_add+0x9cc/0x1980 [ 756.264970][T16824] ? __pfx_device_add+0x10/0x10 [ 756.265013][T16824] ? __pfx_exact_lock+0x10/0x10 [ 756.265064][T16824] ? kobject_get+0xbb/0x150 [ 756.265116][T16824] cdev_device_add+0x12b/0x270 [ 756.265166][T16824] evdev_connect+0x3a4/0x4c0 [ 756.265223][T16824] input_attach_handler.isra.0+0x176/0x250 [ 756.265271][T16824] input_register_device+0xab9/0x11b0 [ 756.265310][T16824] ? input_ff_create+0x171/0x350 [ 756.265346][T16824] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 756.265382][T16824] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 756.265420][T16824] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 756.265464][T16824] ? find_held_lock+0x2b/0x80 [ 756.265525][T16824] ? __pfx_uinput_ioctl+0x10/0x10 [ 756.265560][T16824] __x64_sys_ioctl+0x18e/0x210 [ 756.265601][T16824] do_syscall_64+0xcd/0xf80 [ 756.265651][T16824] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 756.265684][T16824] RIP: 0033:0x7f5f25f8f7c9 [ 756.265712][T16824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 756.265744][T16824] RSP: 002b:00007f5f26e38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 756.265777][T16824] RAX: ffffffffffffffda RBX: 00007f5f261e5fa0 RCX: 00007f5f25f8f7c9 [ 756.265799][T16824] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000007 [ 756.265819][T16824] RBP: 00007f5f26013f91 R08: 0000000000000000 R09: 0000000000000000 [ 756.265838][T16824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 756.265858][T16824] R13: 00007f5f261e6038 R14: 00007f5f261e5fa0 R15: 00007ffd5e053a88 [ 756.265903][T16824] [ 756.631977][T16824] input: failed to attach handler evdev to device input20, error: -12 [ 757.571144][T16828] ================================================================== [ 757.571167][T16828] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60 [ 757.571235][T16828] Write of size 8 at addr ffffc900037e9000 by task syz.3.1998/16828 [ 757.571266][T16828] [ 757.571281][T16828] CPU: 0 UID: 0 PID: 16828 Comm: syz.3.1998 Not tainted syzkaller #0 PREEMPT(full) [ 757.571320][T16828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 757.571339][T16828] Call Trace: [ 757.571351][T16828] [ 757.571363][T16828] dump_stack_lvl+0x116/0x1f0 [ 757.571411][T16828] print_report+0xcd/0x630 [ 757.571455][T16828] ? __virt_addr_valid+0x81/0x610 [ 757.571505][T16828] ? sys_imageblit+0x1a6f/0x1e60 [ 757.571548][T16828] kasan_report+0xe0/0x110 [ 757.571596][T16828] ? sys_imageblit+0x1a6f/0x1e60 [ 757.571646][T16828] sys_imageblit+0x1a6f/0x1e60 [ 757.571696][T16828] ? __pfx_sys_imageblit+0x10/0x10 [ 757.571739][T16828] ? find_held_lock+0x2b/0x80 [ 757.571781][T16828] ? up+0xcb/0x140 [ 757.571809][T16828] ? do_raw_spin_unlock+0x172/0x230 [ 757.571848][T16828] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 757.571897][T16828] ? prb_read_valid+0x78/0xa0 [ 757.571932][T16828] ? __pfx_prb_read_valid+0x10/0x10 [ 757.571971][T16828] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 757.572024][T16828] soft_cursor+0x524/0xa10 [ 757.572065][T16828] ? fb_get_color_depth+0x120/0x250 [ 757.572101][T16828] bit_cursor+0xe8c/0x17e0 [ 757.572143][T16828] ? __pfx_bit_cursor+0x10/0x10 [ 757.572181][T16828] ? __lock_acquire+0x436/0x2890 [ 757.572227][T16828] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 757.572277][T16828] ? get_color+0x1da/0x450 [ 757.572308][T16828] ? __pfx_bit_cursor+0x10/0x10 [ 757.572344][T16828] fbcon_cursor+0x437/0x5d0 [ 757.572376][T16828] ? add_softcursor+0x91/0x290 [ 757.572417][T16828] set_cursor+0x1db/0x250 [ 757.572456][T16828] con_write+0x89/0xb0 [ 757.572500][T16828] do_output_char+0x5d9/0x840 [ 757.572551][T16828] n_tty_write+0x514/0x1280 [ 757.572589][T16828] ? __pfx_n_tty_write+0x10/0x10 [ 757.572621][T16828] ? __pfx_woken_wake_function+0x10/0x10 [ 757.572660][T16828] ? __pfx___might_resched+0x10/0x10 [ 757.572704][T16828] ? __pfx_n_tty_write+0x10/0x10 [ 757.572734][T16828] file_tty_write.constprop.0+0x503/0x9b0 [ 757.572784][T16828] redirected_tty_write+0xd4/0x120 [ 757.572831][T16828] do_iter_readv_writev+0x662/0x9e0 [ 757.572876][T16828] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 757.572917][T16828] ? common_file_perm+0x1b1/0x500 [ 757.572957][T16828] ? bpf_lsm_file_permission+0x9/0x10 [ 757.572996][T16828] ? security_file_permission+0x71/0x210 [ 757.573036][T16828] ? rw_verify_area+0xcf/0x6c0 [ 757.573077][T16828] vfs_writev+0x35f/0xde0 [ 757.573119][T16828] ? __lock_acquire+0x436/0x2890 [ 757.573150][T16828] ? __pfx_vfs_writev+0x10/0x10 [ 757.573192][T16828] ? __pfx_perf_event_namespaces+0x10/0x10 [ 757.573263][T16828] ? __fget_files+0x20e/0x3c0 [ 757.573315][T16828] ? do_writev+0x132/0x340 [ 757.573356][T16828] do_writev+0x132/0x340 [ 757.573399][T16828] ? __pfx_do_writev+0x10/0x10 [ 757.573448][T16828] do_syscall_64+0xcd/0xf80 [ 757.573497][T16828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 757.573529][T16828] RIP: 0033:0x7fbbedf8f7c9 [ 757.573555][T16828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 757.573589][T16828] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 757.573621][T16828] RAX: ffffffffffffffda RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 757.573644][T16828] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000007 [ 757.573664][T16828] RBP: 00007fbbee013f91 R08: 0000000000000000 R09: 0000000000000000 [ 757.573686][T16828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 757.573706][T16828] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 757.573738][T16828] [ 757.573749][T16828] [ 757.573759][T16828] The buggy address belongs to a 0-page vmalloc region starting at 0xffffc900034e9000 allocated at drm_gem_shmem_vmap_locked+0x561/0x7e0 [ 757.573829][T16828] Memory state around the buggy address: [ 757.573846][T16828] ffffc900037e8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 757.573870][T16828] ffffc900037e8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 757.573894][T16828] >ffffc900037e9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 757.573912][T16828] ^ [ 757.573930][T16828] ffffc900037e9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 757.573954][T16828] ffffc900037e9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 757.573973][T16828] ================================================================== [ 757.586090][T16828] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 757.586118][T16828] CPU: 1 UID: 0 PID: 16828 Comm: syz.3.1998 Not tainted syzkaller #0 PREEMPT(full) [ 757.586152][T16828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 757.586169][T16828] Call Trace: [ 757.586181][T16828] [ 757.586193][T16828] dump_stack_lvl+0x3d/0x1f0 [ 757.586242][T16828] vpanic+0x640/0x6f0 [ 757.586274][T16828] panic+0xca/0xd0 [ 757.586302][T16828] ? __pfx_panic+0x10/0x10 [ 757.586330][T16828] ? sys_imageblit+0x1a6f/0x1e60 [ 757.586374][T16828] ? preempt_schedule_common+0x44/0xc0 [ 757.586419][T16828] ? preempt_schedule_thunk+0x16/0x30 [ 757.586451][T16828] check_panic_on_warn+0xab/0xb0 [ 757.586494][T16828] end_report+0x107/0x160 [ 757.586539][T16828] kasan_report+0xee/0x110 [ 757.586587][T16828] ? sys_imageblit+0x1a6f/0x1e60 [ 757.586634][T16828] sys_imageblit+0x1a6f/0x1e60 [ 757.586685][T16828] ? __pfx_sys_imageblit+0x10/0x10 [ 757.586729][T16828] ? find_held_lock+0x2b/0x80 [ 757.586766][T16828] ? up+0xcb/0x140 [ 757.586792][T16828] ? do_raw_spin_unlock+0x172/0x230 [ 757.586827][T16828] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 757.586857][T16828] ? prb_read_valid+0x78/0xa0 [ 757.586877][T16828] ? __pfx_prb_read_valid+0x10/0x10 [ 757.586899][T16828] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 757.586929][T16828] soft_cursor+0x524/0xa10 [ 757.586954][T16828] ? fb_get_color_depth+0x120/0x250 [ 757.586975][T16828] bit_cursor+0xe8c/0x17e0 [ 757.587000][T16828] ? __pfx_bit_cursor+0x10/0x10 [ 757.587022][T16828] ? __lock_acquire+0x436/0x2890 [ 757.587043][T16828] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 757.587084][T16828] ? get_color+0x1da/0x450 [ 757.587113][T16828] ? __pfx_bit_cursor+0x10/0x10 [ 757.587144][T16828] fbcon_cursor+0x437/0x5d0 [ 757.587163][T16828] ? add_softcursor+0x91/0x290 [ 757.587188][T16828] set_cursor+0x1db/0x250 [ 757.587213][T16828] con_write+0x89/0xb0 [ 757.587240][T16828] do_output_char+0x5d9/0x840 [ 757.587271][T16828] n_tty_write+0x514/0x1280 [ 757.587293][T16828] ? __pfx_n_tty_write+0x10/0x10 [ 757.587312][T16828] ? __pfx_woken_wake_function+0x10/0x10 [ 757.587336][T16828] ? __pfx___might_resched+0x10/0x10 [ 757.587363][T16828] ? __pfx_n_tty_write+0x10/0x10 [ 757.587383][T16828] file_tty_write.constprop.0+0x503/0x9b0 [ 757.587413][T16828] redirected_tty_write+0xd4/0x120 [ 757.587440][T16828] do_iter_readv_writev+0x662/0x9e0 [ 757.587477][T16828] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 757.587502][T16828] ? common_file_perm+0x1b1/0x500 [ 757.587526][T16828] ? bpf_lsm_file_permission+0x9/0x10 [ 757.587550][T16828] ? security_file_permission+0x71/0x210 [ 757.587578][T16828] ? rw_verify_area+0xcf/0x6c0 [ 757.587604][T16828] vfs_writev+0x35f/0xde0 [ 757.587629][T16828] ? __lock_acquire+0x436/0x2890 [ 757.587648][T16828] ? __pfx_vfs_writev+0x10/0x10 [ 757.587673][T16828] ? __pfx_perf_event_namespaces+0x10/0x10 [ 757.587702][T16828] ? __fget_files+0x20e/0x3c0 [ 757.587731][T16828] ? do_writev+0x132/0x340 [ 757.587755][T16828] do_writev+0x132/0x340 [ 757.587779][T16828] ? __pfx_do_writev+0x10/0x10 [ 757.587807][T16828] do_syscall_64+0xcd/0xf80 [ 757.587836][T16828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 757.587856][T16828] RIP: 0033:0x7fbbedf8f7c9 [ 757.587872][T16828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 757.587892][T16828] RSP: 002b:00007fbbeedc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 757.587911][T16828] RAX: ffffffffffffffda RBX: 00007fbbee1e5fa0 RCX: 00007fbbedf8f7c9 [ 757.587924][T16828] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000007 [ 757.587936][T16828] RBP: 00007fbbee013f91 R08: 0000000000000000 R09: 0000000000000000 [ 757.587948][T16828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 757.587960][T16828] R13: 00007fbbee1e6038 R14: 00007fbbee1e5fa0 R15: 00007ffc5f4ce3b8 [ 757.587978][T16828] [ 757.588359][T16828] Kernel Offset: disabled