last executing test programs: 12.885045196s ago: executing program 2 (id=854): keyctl$auto(0x7, 0x7fffffffffffffff, 0x0, 0x4, 0x3) keyctl$auto(0xb, 0xffffffffffffffff, 0x2, 0x2, 0xfffffffffffffff8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/sctp/plpmtud_probe_interval\x00', 0xe280, 0x0) sendfile$auto(r0, 0x3, 0x0, 0x400000000008) 12.600656741s ago: executing program 2 (id=855): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r0 = socket(0x2, 0x801, 0x6) setsockopt$auto(r0, 0x1, 0x10, 0x0, 0xa4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/id\x00', 0x80, 0x0) r2 = getsockopt$auto(r1, 0x7, 0x80000001, &(0x7f0000000080)='\\\x00', &(0x7f00000000c0)=0x5) madvise$auto(0x0, 0xffffffffffff0004, 0x14) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r3, r3, 0x2) landlock_create_ruleset$auto(&(0x7f00000000c0)={0xd1d, 0x3, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r3, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6b) clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x2) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) ioctl$auto_CEC_TRANSMIT(r2, 0xc0386105, &(0x7f0000000140)={0x9, 0x0, 0x400, 0x7fffffff, 0x1, 0x2, "1d4866139a2a2f3c4a005fafb6876578", 0x6, 0x0, 0x6, 0x3, 0x7, 0xff, 0xfe}) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/fb0\x00', 0x44300, 0x0) openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, 0x0, 0x40440, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0xc, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, 0x0) 11.36729541s ago: executing program 2 (id=856): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) unshare$auto(0x8000400) (async) socket(0x2b, 0x1, 0x0) r0 = socket(0x10, 0x2, 0xf) bpf$auto(0x0, &(0x7f0000000680)=@bpf_attr_4={0x1e, r0, 0x24000000, r0}, 0x210) (async) socket(0x2, 0x3, 0xa) (async) io_uring_setup$auto(0x1, 0x0) (async) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) (async) r1 = fcntl$auto(0x0, 0x407, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) (async) socket(0xa, 0x1, 0x84) (async) fsconfig$auto_FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='\x00', &(0x7f0000000140)="7651b1c29bb83bead9286d3723ee1a0e958c75674223cb111c2e5e5f773a0f8975915bb83eaecf6c6f6ebdd4e7beecc0d2d75f2e9e52dc1067f3399871db17aa9a45c3fb353e8c5e20f7953ccc492827a81bceef9cbc1ba09337f14bc1a42c41e8b89cf39270bcff7ceaae6fcb400c1b7f8b2bcf5e3ff4d16f05dc6a0d39a2bcd5b2c491515373", 0x5) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) socket(0x2, 0x801, 0x106) (async) unshare$auto(0x40000080) (async) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xffeb}, 0x0, 0x0, 0x100, 0x7}, 0x8}, 0xffffffff, 0xb00) madvise$auto(0x0, 0x2003f2, 0x15) 10.805959505s ago: executing program 0 (id=858): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b73, r2, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x16e) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x10001, 0x0, 0x9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) r3 = fcntl$auto(0x3, 0x4, 0xa553) swapon$auto(0x0, 0x6) quotactl_fd$auto(r1, 0x200, 0x0, &(0x7f0000000240)="d70c3de76eda") sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) close_range$auto(r0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_11={0x7, 0x7, 0x10000, 0x3, 0x7, 0x400003, 0x2, r3}, 0x6f4) r4 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r4, 0x43403d05, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x200, 0x0) 9.897395979s ago: executing program 0 (id=859): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0x2, 0x1, 0x106) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_SESSION_MODIFY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x41, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40008840}, 0x0) r3 = socket(0x1d, 0x3, 0x1) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), r3) r4 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(r4, 0x9, 0x0, 0x400000) write$auto_snd_rawmidi_f_ops_rawmidi(r4, &(0x7f00000003c0)="280e3a64b65c4d06213a901ced5f784dfb3497c7c8828f228415a806b8e974d65b8c403e5e637df0cdb13750a28cd18ef9cf7da712cf3d04b0d3b714b66fb0c50fed569a453f77364bc6c3825e8d1bef97cdb440aa729b904a1c06b7ec404ecfb639a8b13b2a7db9b71d34009e72a9452e04d29ed062d91e27fa33d9411c74458f4d0a9f", 0x84) sendmmsg$auto(r5, &(0x7f00000002c0)={{&(0x7f0000000080)="4a0bb7bd4047673ca8e0b9ef4fa81fad249fd640671bc8d56b837edb7aa0ec4261ce8e7b48af46d78d4546d9d1fd7c3d0773620a89d56e2f9c843a0b9e1509217489386f28bf00cb4cff91f1a5b57e024df740f552d47cb4629ec766a2b0861f352ed16b297023b71c6d56aca3269c8cb346d425bf72157cfd80b76568a81d9c882285c41fbb2da3bae73182d3763cc50709ea9b538649d02921ce5d15c14fb3da67df616b9d4006cf121249999425b1f6d4bc493407f6c034f4514d683368825993977bff5f90e9e41ece46506847776b79be45", 0xd5d, &(0x7f0000000240)={&(0x7f0000000480)="ace09645648823b7554e6688b67606d1f953a81b1329a9b364151ef88220821f9733c963eda4611b915ae9f735286470b316113c7d76f53ce0da88fad661fa280ea140eaff4c0cdcc87d8682f2b3ffc76fcc7b1c78554abc9aa1e33bb3cd83eeb1d448f8da8583533935d0e1be21a859371a1d0c4bcb19aecba911b90681bf574f0b354566eac735f87b012b0f3a986d1c3d429bb5cb627997ef683e1bc6", 0x2}, 0x2, &(0x7f0000000280)="3d27d48c91d1934cdf322a7979e5de209159519b1132099ed18f807c9b3bd5aaffcf726572e582d89ccc6098c4cec7a11d55cf", 0x600000000000000, 0x6}, 0x40aa7d73}, 0x8, 0x401) 8.190864908s ago: executing program 0 (id=863): socket(0x2b, 0x1, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-touch8\x00', 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0xf87, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0xfc) mremap$auto(0x110c231000, 0x0, 0x101, 0x3, 0x6) move_pages$auto(0x0, 0x9, 0x0, 0x0, 0x0, 0x2) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) syz_open_procfs$namespace(0x0, &(0x7f0000000080)) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) r3 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x67e) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x8, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x7fff, 0xb}, 0xfff}, 0x5, 0x311) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) read$auto_rtc_dev_fops_dev(r2, &(0x7f0000000040)=""/21, 0x15) r4 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000140), r1) sendmsg$auto_IOAM6_CMD_DUMP_SCHEMAS(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001ec0)={0x14, r4, 0x721, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x4008004) ioctl$auto_TCSBRKP2(r0, 0x5425, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) 7.067400551s ago: executing program 1 (id=866): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r1 = socket(0xa, 0x2, 0x0) cachestat$auto(r1, &(0x7f0000000000)={0x9, 0x7fc}, &(0x7f0000000040)={0x200000200000006, 0x505, 0x20000000008, 0x203, 0x9}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x3, 0x3a) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0xffffffffffffffff, 0x4, 0x0, 0xeb) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/027/001\x00', 0x4a901, 0x0) ioctl$auto_USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f00000001c0)={0x0, 0x5516, 0x0}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r3 = open(0x0, 0x0, 0x408) socket(0x28, 0x1, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mq_notify$auto(0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x61, 0x100001000000003, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x45, 0x0, 0x0) getdents$auto(r3, 0x0, 0x400018) mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000) clone$auto(0x1, 0x1, 0x0, 0x0, 0x2) madvise$auto(0x0, 0x200007, 0x19) socket(0x15, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4e24, @broadcast}, 0x55) mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, 0x0, 0x6, 0xffffffffffffffff, 0x4, 0x400) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon0\x00', 0x82640, 0x0) 6.796545551s ago: executing program 3 (id=867): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000080), 0x688481, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x40203, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x40000a, 0xdf, 0xfffffffb, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x1a, 0x0) fsopen$auto(0x0, 0x1) openat$auto_objects_fops_(0xffffffffffffff9c, 0x0, 0x40042, 0x0) socket(0xa, 0x3, 0x5) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) r1 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio7\x00', 0xc0200, 0x0) ioctl$auto(0x3, 0xc0585609, r1) mmap$auto(0x0, 0x202000d, 0x8, 0xeb1, 0xfffffffffffffffa, 0x8000) futex$auto(0x0, 0x89, 0x4, 0x0, 0x0, 0x100) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c00, 0xfffffffffffffffd) ppoll$auto(&(0x7f00000000c0)={0xffffffffffffffff, 0x8000, 0x3}, 0x9, 0x0, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x9, 0xfffffffffffe, 0xffdffffffffffffc) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto(r2, 0x8, 0x0, 0x0, 0x0) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x5) 6.570537646s ago: executing program 0 (id=868): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b73, r2, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x16e) socket(0x2, 0x80802, 0x0) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e23, @multicast2}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) r3 = fcntl$auto(0x3, 0x4, 0xa553) swapon$auto(0x0, 0x6) quotactl_fd$auto(r1, 0x200, 0x0, &(0x7f0000000240)="d70c3de76eda") sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) close_range$auto(r0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_11={0x7, 0x7, 0x10000, 0x3, 0x7, 0x400003, 0x2, r3}, 0x6f4) r4 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r4, 0x43403d05, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x200, 0x0) 5.398957899s ago: executing program 1 (id=869): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = fsopen$auto(&(0x7f0000000000)='\x00', 0x0) setsockopt$auto(r0, 0xbe, 0x6, 0x0, 0x5) 5.305202477s ago: executing program 0 (id=870): r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x100, 0x0) ioctl$auto_SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/lowpan0/carrier\x00', 0x1abe41, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x2) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) mmap$auto(0x402, 0x100000002000d, 0x5, 0x10000000010, 0xffffffffffffffff, 0x800a) mmap$auto(0x5c, 0x2000d, 0x4000000000df, 0xeb0, 0x401, 0x8000) r1 = getpid() io_uring_setup$auto(0xa, 0x0) mmap$auto(0x0, 0x400008, 0x6, 0xf610, 0x2, 0x8003) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptys7\x00', 0x20102, 0x0) futex_wake$auto(&(0x7f0000000140), 0x8, 0x6, 0x6) unshare$auto(0x40000080) r2 = socket(0x0, 0x5, 0x49) bpf$auto(0x5, &(0x7f0000001180)=@link_update={r2, @new_prog_fd=r2, 0xf, @old_map_fd}, 0x80000007) prctl$auto(0x9, 0x7fffffff, r1, 0x7, 0x101) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, r3, 0x8000) rseq$auto(0x0, 0x8000, 0x0, 0x6) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2048000}, 0x40000) kexec_load$auto(0x70, 0x2, &(0x7f0000000080)={@kbuf=&(0x7f0000000180)="709bc6c9e3065f04b9f1373c3ffc3684426368a039f3aa960ab8176bf0542ba2368fcc0de90ea2d923fa424a9c5a32666043048c5591dee593e4d0f4e7303491eb4c8c0c70d5d17fef73ac1ae9", 0x0, 0x8000, 0x403000}, 0x4) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, 0x0, 0xd, 0xd, 0x0) process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffd8ef, &(0x7f0000000040)={&(0x7f0000000200)="e8dba26e705740bdd643661c0b551a577d300290a30c728313928a912eefb7d3082d7ceda16b27c35f86071cd53208865ccd96168cf8736293f46fd44cdf27f4d6e928d43efcaca824d638fde32e921f1234008883f21c5f385fe7ae6b0d565a24a9be5753c96cb4dfd466ad3b2a4d0b146b0d9ca6f21b3fa4ab7e6d5948ead98a7ee7529888f94308b9ee44e40fd3316df288a455f9e18ed7d56034ca89b962fbafc7ebba2c059f8b5e3aa57a6400"/185, 0xffffffffffffffff}, 0x1ff, 0x4, 0x2) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f00000004c0)={{@inferred=r1, 0x5, 0x3, 0xffffffff, "76f006e37ceb76bfbde3245bee4c6625cb0662ccc64e124db4fedbdd228b9ced12ac206f688d4858a0b558db", @raw=0x1ff}, 0x1, @iec958={"86fca9f76207ac602c86d2071ef24512b3cdfc1c1753ded8", "2661825e0e44d5c5c520cc18a92376b2e073418b153f2048c3b30d90d74473de0697d3ffff0684722360a871f5a6dc4193850700782e58a587090000001a4306ac9fbb596e7c68eb4b26b217e406d69dd54119a9bd4137f843fabe897881869ee0b3f701ffa4dd438c9d0ebb3e5c1dc3381ee22e029f6bf3aa61d000", 0x0, "a2731bea"}, "6b54dd2e739e95a6f217b84988b4581576aaed11b340e4707992930f9a930325903b0e132daa477100a1107a85f3303896b5ec1e61dfb9c0e2698c93ebcd3e1508428d544319376037341d65bb6fb47a002356928a53d1534d8b947cbfcbfba7c7c74e86dc40dc6bca83c523e1e38c31cabf433dd0e3bc1b1b3128e5cf49b23f"}) setsockopt$auto(0xffffffffffffffff, 0x29, 0x5, 0x0, 0x56b) socket(0x2b, 0x1, 0x1) 5.208295832s ago: executing program 3 (id=871): r0 = memfd_create$auto(&(0x7f0000000300)='/sys/kernel/debug/x86/boot_params/data\x00\"F\xb6\xcd\x06\xd6\x97\\L\xe1\xb2\xee\xb8\x8e\xd6O\xa1j\x90w\xc7\x94\xb7yi\x01&\x04b/\xaa\xfb#s\xc4\xa3\xa7\xacj\xc6\x8e\xf4L\x9a\xf8\xcc\xdcy\x9f\x93\xbc\xf6\xc8\xdb\x05w,|B\xfc\x04\x97\xd3\x0f\x8b\x81\xe8\xbc\x81\x0e\xd7o\xd2\xcd\x18z\xc2\xb7|\xe1\xa6\x9a~\x96\x10rnLnt\xdb\xdb-\x1b\x99\xd4\xed;\xf8\x13a\r\xf2\a\x85%\xef\xa7\x7f#\x96\xf2S\xb0\xf1Hq\x0f;\x83\xb7\x0fz\x9dN\xc9\x1e\x15r\x97|\xbfE\xce\"', 0x4) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/conf/geneve0/drop_unicast_in_l2_multicast\x00', 0xc1e13b61f74943c7, 0x0) sendfile$auto(r1, r1, 0x0, 0x8) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x21, 0x1, 0x6, 0x0, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x309801, 0x0) r2 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000006400)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/filter\x00', 0x2001, 0x0) write$auto(r2, &(0x7f000000ac80)='\x00', 0xd) r3 = getpid() statmount$auto(0x0, 0x0, 0x6, 0x1000000) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) lseek$auto(0x3, 0x20000, 0x1) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/net/rose12/operstate\x00', 0x80000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000002140)=""/64, 0x40) faccessat2$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x2, 0x7ff) fallocate$auto(r0, 0x0, 0x10, 0xccbd5d) fallocate$auto(0x8000000000000003, 0x3, 0xf, 0x200000004) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/freezer.state\x00', 0x10b342, 0x0) sendfile$auto(r5, r5, 0x0, 0x9) socket$nl_generic(0x10, 0x3, 0x10) r6 = socket(0x10, 0x2, 0x0) r7 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r6, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="368ea5d7e656cf42178766b36a073cf6f71d39e76c169e8b03dfe630328d8910b8", @ANYRES16=r7, @ANYBLOB="010001000000ffdbdf2507000000250002002f70726f632f7379732f6b65726e656c2f7761746368646f675f74687265736800000000"], 0x3c}, 0x1, 0x0, 0x0, 0xc810}, 0x40) ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000080)={0x8000, 0x8, 0x6, 0x7, 0x7, r3}) 5.008160013s ago: executing program 2 (id=872): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/nvme/parameters/io_queue_depth\x00', 0x20001, 0x0) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x2000000000040, 0x0) r0 = socket(0x2, 0x3, 0xa) setsockopt$auto(r0, 0x0, 0x19, 0x0, 0x9) sendto$auto(0x3, 0x0, 0x18, 0x7, &(0x7f0000000180)=@hci={0x1f, 0xdd86, 0x7}, 0x22) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r1 = socket(0x29, 0x2, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r2 = socket(0x10, 0x2, 0x0) getsockopt$auto_SO_PEERCRED(r1, 0x2, 0x11, &(0x7f00000000c0)='}#%/\\-^\xb6\x00', &(0x7f0000000100)=0x8) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) setfsuid$auto(0xee00) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x5, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_fd, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 4.575477793s ago: executing program 1 (id=873): r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4085}, 0x4000804) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000240), 0x8000, 0x0) r1 = mq_open$auto(&(0x7f0000000380)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5G\x00\x00\x00\x00\x00\x00\x00\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x00\x00\x00\xbd4\xab\xec\x83\xfb\x00 \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x7f\xc2m\xe4.R\xf4\x00J|!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\x89h\xc5\xba\xff\xc8u\x00\x00\x00\x00\x00\x00\x00g\xc3\xa4&\x81I6\x02\x00\x00\x00', 0x8, 0x55, 0x0) mq_timedsend$auto(r1, 0x0, 0x2000, 0x9, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000500)={0x7, 0x0, [{0x172, 0x2, 0x8}]}) sendmsg$auto_SMC_NETLINK_GET_LINK_SMCR(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYRESOCT=r0], 0x64}}, 0x88c4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x9, 0x80000, 0x9219) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x50) io_uring_setup$auto(0x5b, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x80000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r4, 0x2) 3.863328825s ago: executing program 3 (id=874): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/set_event\x00', 0x32f41, 0x0) r1 = io_uring_setup$auto(0x403, 0x0) getpid() unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d6) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x80, 0x4, 0x5, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000280)="dd0e9450f9eeb7006e") madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/syscall\x00', 0x0, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x414002, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/netdevsim/new_device\x00', 0x149b01, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0xb}, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vivid.0/video4linux/vbi26/dev\x00', 0x470a42, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty19\x00', 0x800, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000380)='ns/user\x00') syz_open_procfs$namespace(0x0, &(0x7f0000000040)) mmap$auto(0x0, 0x1, 0x5, 0x19, 0x401, 0x300000000000) 3.568999231s ago: executing program 1 (id=875): unshare$auto(0x40000080) unshare$auto(0xf2a) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6}) socket(0x2, 0x801, 0x84) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001c00)=""/4111, 0x100f) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) listen$auto(0x3, 0x83) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) listmount$auto(&(0x7f0000000080)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0xa}, 0x0, 0xf4240, 0x1) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0x5452, &(0x7f0000000080)={0x80, 0xbed0}) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket(0x1e, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x200, 0x1) r3 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) fanotify_mark$auto(0x0, 0x1, 0xa, r3, 0x0) fanotify_mark$auto(r2, 0x40000080, 0x9, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = socketcall$auto(0xffc, 0x0) close_range$auto(0x2, 0xa, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0300, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0x4008ae61, r4) 2.321639s ago: executing program 2 (id=876): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x110c230000, 0x1, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) set_robust_list$auto(0x0, 0x80000ff) (async) set_robust_list$auto(0x0, 0x80000ff) mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000) mprotect$auto(0x800000000, 0x8000000000000001, 0x2) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) setuid$auto(0x800000000008) (async) setuid$auto(0x800000000008) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) (async) madvise$auto(0x0, 0x1010001, 0x100000003) mmap$auto(0x0, 0x2020009, 0xb, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/orangefs/stats/reads\x00', 0x2002, 0x0) write$auto(r0, &(0x7f0000000100)='\x15!\xa8^J/\xddCx4\xa1\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x9e\x14\xe4\xa5\xfe\xb5', 0x5) socket(0x23, 0x4, 0xfffffffe) socket(0xa, 0x801, 0x84) ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, 0x0) (async) ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x4, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x4, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) 1.616698355s ago: executing program 0 (id=877): openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x8001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) sysfs$auto(0x2, 0x41, 0x0) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_NEVER(r2, 0x0, &(0x7f0000000180)='+\x00_\xe8\xdb\xff\x0f\\X\xc9#\xa0\xdc\x04\x0f\x99v\xbc\xc3\xf2\x03\xe2T\b\x9c\xe7J\xcd\x00\x00\x00\x00\x00\x00\x00\x00c\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x8001, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mtd/mtd0/erasesize\x00', 0x40980, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000340)=""/152, 0x98) mlockall$auto(0x800000000000005) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) r4 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0) read$auto_proc_pid_smaps_operations_internal(r4, &(0x7f00000002c0)=""/190, 0xfffffe39) 1.499002554s ago: executing program 3 (id=878): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b73, r2, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x16e) socket(0x2, 0x80802, 0x0) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e23, @multicast2}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) r3 = fcntl$auto(0x3, 0x4, 0xa553) swapon$auto(0x0, 0x6) quotactl_fd$auto(r1, 0x200, 0x0, &(0x7f0000000240)="d70c3de76eda") sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) close_range$auto(r0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_11={0x7, 0x7, 0x10000, 0x3, 0x7, 0x400003, 0x2, r3}, 0x6f4) r4 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r4, 0x43403d05, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x200, 0x0) 1.033608413s ago: executing program 1 (id=879): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000001000)='/dev/mtd0\x00', 0x8042, 0x0) ioctl$auto_MEMUNLOCK(r0, 0x40084d06, &(0x7f0000001040)={0x8, 0x3ff}) prctl$auto(0x23, 0xf, 0x8, 0x0, 0x0) 967.11963ms ago: executing program 3 (id=880): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r0 = socket(0x2d, 0x2, 0x0) r1 = openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x200001, 0x0) ppoll$auto(&(0x7f0000000380)={r1, 0x8, 0x8}, 0x7, &(0x7f00000003c0)={0xc816, 0x7}, &(0x7f0000000400)={0x401}, 0x8) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYRESDEC=r2, @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000040)={{0x0, 0x1, 0x0, 0x7000000000, 0x0, 0xe, 0x13}, 0x807}, 0x8, 0xd, 0x0) getsockopt$auto(r2, 0x11e, 0x10, 0x0, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082dbd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100aaaaaaaaaa35000008000200", @ANYRES32, @ANYBLOB="060006000500000008002e"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000040), r0) r4 = socket(0xa, 0x3, 0x3b) bpf$auto(0xfffff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfab2, 0x468, 0x9, 0x1000000000002, 0x4, 0x2, 0x4, 0x200, 0x1fd, 0xb6, 0x4, 0x6, 0x3}, 0xa3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e12b7ac1ff0100"}, 0x58) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r5 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000100), r3) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000480)={'veth1_vlan\x00', 0x0}) sendmsg$auto_WG_CMD_GET_DEVICE(r3, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000440)={&(0x7f0000000300)={0xf8, r5, 0x2, 0x70bd2c, 0x25dfdbff, {}, [@WGDEVICE_A_PRIVATE_KEY={0xda, 0x3, "3e9e7d8918735197918ec566ee00abec33d0d2f4c60f892b4f34fbecbbf8a26b293c00b656267fd4d973482384c6c48a424009b47211344fbc5281c290e8990d10ae3a49856ffc0b92136cab9b12f34a1f177e6d7bebe4ca787c78632e77cd8aa349005e979460fbbfd9ff36e6b29585f78790a9f8744559fdf45fa8b2360a29923698a55d3a05b24c404a6bb189d50b84e175c4ce705074707b7a226f58a2e59114d4ae411267dd9448ae585741320d56689407e0b63ac64d76e13fda3d51f0623b13d20b429519bfbabb732f1eb9531f3566a826a4"}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r6}]}, 0xf8}, 0x1, 0x0, 0x0, 0x8000}, 0x10) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xa}, 0x7}, 0x3, 0x2) 730.813156ms ago: executing program 3 (id=881): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) mbind$auto(0x8000000000000002, 0x100000004, 0x100000000, 0x0, 0x9, 0x2) r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/nbd0/sched/write1_fifo_list\x00', 0x2000, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r0, &(0x7f00000000c0)=""/120, 0x78) madvise$auto(0x40, 0xaf87, 0x89) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x7fffffff, 0x4000000000e0, 0x13, 0xffffffffffffffff, 0x6) mmap$auto(0x0, 0x4005, 0x2, 0x13, 0x401, 0x300000000000) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) r1 = socket(0x2, 0x1, 0x106) connect$auto(r1, 0x0, 0x54) ioprio_set$auto(0x3, 0xffffffffffffffff, 0x4b34) socketpair$auto(0x2, 0x5, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_register$auto(0xffffffffffffffff, 0x1f, &(0x7f0000000180), 0x1) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) r2 = io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0xc, 0x0, 0x0, 0x526) gettid() futex$auto(0x0, 0x6, 0x6, 0x0, 0x0, 0x80) close_range$auto(r2, r2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 594.476441ms ago: executing program 1 (id=882): socket(0xf, 0x5, 0x5) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0xed) sendto$auto(0x3, 0x0, 0x13, 0x7, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x3, 0x8}}, 0x20) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETODELAY(r0, 0x80045017, &(0x7f0000000c00)) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r1 = socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f0000000000)=0x5) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000000100)=0x7b) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = fanotify_init$auto(0x8, 0x2000000000002) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r4) mkdir$auto(&(0x7f0000000040)='./cgroup\x00', 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/tty/ttyprintk/power/autosuspend_delay_ms\x00', 0x218400, 0x0) rmdir$auto(&(0x7f0000000080)='./cgroup\x00') write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(r1, 0x1, 0x2005, 0x0, 0x83) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x67e) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000200)="ea8f6ca1ce0400000031a1e429c220ff6fa5", 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0x9}, 0xfff}, 0x1, 0x311) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) getsockopt$auto_SO_TIMESTAMP_OLD(r0, 0x8000, 0x1d, &(0x7f0000000180)='/dev/dsp\x00', &(0x7f00000001c0)=0x1) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000280)=0x5) unshare$auto(0x40000080) getpeername$auto(0xffffffffffffffff, &(0x7f0000000040)=@llc={0x1a, 0x338, 0x7, 0xc, 0x9, 0x8, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x0) 0s ago: executing program 2 (id=883): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/pci0000:00/0000:00:02.0/drm/card2/card2-Virtual-2/connector_id\x00', 0x1c9002, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), r3) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/suspend_stats/failed_suspend\x00', 0x400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000000c0)=""/255, 0xff) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/zswap/parameters/enabled\x00', 0x62, 0x0) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) r7 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r7, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800) r8 = openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, r8, 0x801, 0x10008, 0x4f0d, 0x1000049, 0xffffffffffffffff, 0x20000000000804, 0x7}, 0x6f3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_memtype_fops_memtype(0xffffffffffffff9c, &(0x7f0000000080), 0x6000, 0x0) r9 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/available_tracers\x00', 0x8000, 0x0) getsockopt$auto_SO_TIMESTAMPING_NEW(r9, 0xa5d2, 0x41, &(0x7f0000000100)='/sys/kernel/debug/x86/pat_memtype_list\x00', &(0x7f0000000140)=0xa) write$auto(r6, &(0x7f0000000440)='ON\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf0F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\xed\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0xb8c5) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)={0x14, r4, 0x1, 0x70bd27, 0x25dfdbfb}, 0x4b}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000080)={0x14, r1, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}}, 0x40d0) kernel console output (not intermixed with test programs): 06333][ T6061] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 123.106373][ T6061] ? __pfx_copy_splice_read+0x10/0x10 [ 123.106414][ T6061] do_splice_read+0x285/0x370 [ 123.106459][ T6061] splice_direct_to_actor+0x2a1/0xa30 [ 123.106505][ T6061] ? __pfx_direct_splice_actor+0x10/0x10 [ 123.106553][ T6061] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 123.106608][ T6061] do_splice_direct+0x174/0x240 [ 123.106650][ T6061] ? __pfx_do_splice_direct+0x10/0x10 [ 123.106693][ T6061] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 123.106739][ T6061] ? rw_verify_area+0xce/0x6d0 [ 123.106776][ T6061] do_sendfile+0xadc/0xe20 [ 123.106818][ T6061] ? __pfx_do_sendfile+0x10/0x10 [ 123.106855][ T6061] ? __fget_files+0x21f/0x3d0 [ 123.106903][ T6061] __x64_sys_sendfile64+0x1d8/0x220 [ 123.106952][ T6061] ? ksys_write+0x1ac/0x250 [ 123.106989][ T6061] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 123.107039][ T6061] ? rcu_is_watching+0x12/0xc0 [ 123.107083][ T6061] do_syscall_64+0x10b/0xf80 [ 123.107128][ T6061] ? clear_bhb_loop+0x40/0x90 [ 123.107167][ T6061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.107200][ T6061] RIP: 0033:0x7f0e9399cdd9 [ 123.107225][ T6061] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 123.107256][ T6061] RSP: 002b:00007f0e94926028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 123.107286][ T6061] RAX: ffffffffffffffda RBX: 00007f0e93c15fa0 RCX: 00007f0e9399cdd9 [ 123.107306][ T6061] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 123.107324][ T6061] RBP: 00007f0e94926090 R08: 0000000000000000 R09: 0000000000000000 [ 123.107343][ T6061] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 123.107363][ T6061] R13: 00007f0e93c16038 R14: 00007f0e93c15fa0 R15: 00007ffe3898fda8 [ 123.107404][ T6061] [ 124.492353][ T6079] zswap: compressor not available [ 125.278542][ T6093] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 126.689563][ T6127] FAULT_INJECTION: forcing a failure. [ 126.689563][ T6127] name failslab, interval 1, probability 0, space 0, times 0 [ 126.767642][ T6127] CPU: 0 UID: 0 PID: 6127 Comm: syz.3.68 Tainted: G L syzkaller #0 PREEMPT(full) [ 126.767692][ T6127] Tainted: [L]=SOFTLOCKUP [ 126.767702][ T6127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 126.767720][ T6127] Call Trace: [ 126.767730][ T6127] [ 126.767741][ T6127] dump_stack_lvl+0x100/0x190 [ 126.767787][ T6127] should_fail_ex.cold+0x5/0xa [ 126.767828][ T6127] should_failslab+0xc2/0x120 [ 126.767866][ T6127] __kvmalloc_node_noprof+0xfa/0xa00 [ 126.767898][ T6127] ? seq_read_iter+0x819/0x1270 [ 126.767944][ T6127] seq_read_iter+0x819/0x1270 [ 126.767981][ T6127] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 126.768035][ T6127] kernfs_fop_read_iter+0x46c/0x610 [ 126.768101][ T6127] copy_splice_read+0x4ba/0xb90 [ 126.768154][ T6127] ? __pfx_copy_splice_read+0x10/0x10 [ 126.768197][ T6127] ? look_up_lock_class+0x55/0x120 [ 126.768252][ T6127] ? lockdep_init_map_type+0x5c/0x250 [ 126.768286][ T6127] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 126.768326][ T6127] ? __pfx_copy_splice_read+0x10/0x10 [ 126.768366][ T6127] do_splice_read+0x285/0x370 [ 126.768409][ T6127] splice_direct_to_actor+0x2a1/0xa30 [ 126.768452][ T6127] ? __pfx_direct_splice_actor+0x10/0x10 [ 126.768496][ T6127] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 126.768551][ T6127] do_splice_direct+0x174/0x240 [ 126.768602][ T6127] ? __pfx_do_splice_direct+0x10/0x10 [ 126.768644][ T6127] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 126.768695][ T6127] ? rw_verify_area+0xce/0x6d0 [ 126.768731][ T6127] do_sendfile+0xadc/0xe20 [ 126.768774][ T6127] ? __pfx_do_sendfile+0x10/0x10 [ 126.768811][ T6127] ? __fget_files+0x21f/0x3d0 [ 126.768860][ T6127] __x64_sys_sendfile64+0x1d8/0x220 [ 126.768901][ T6127] ? ksys_write+0x1ac/0x250 [ 126.768936][ T6127] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 126.768983][ T6127] ? rcu_is_watching+0x12/0xc0 [ 126.769027][ T6127] do_syscall_64+0x10b/0xf80 [ 126.769073][ T6127] ? clear_bhb_loop+0x40/0x90 [ 126.769113][ T6127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.769144][ T6127] RIP: 0033:0x7f0e9399cdd9 [ 126.769169][ T6127] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 126.769199][ T6127] RSP: 002b:00007f0e94926028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 126.769228][ T6127] RAX: ffffffffffffffda RBX: 00007f0e93c15fa0 RCX: 00007f0e9399cdd9 [ 126.769248][ T6127] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 126.769264][ T6127] RBP: 00007f0e94926090 R08: 0000000000000000 R09: 0000000000000000 [ 126.769280][ T6127] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 126.769296][ T6127] R13: 00007f0e93c16038 R14: 00007f0e93c15fa0 R15: 00007ffe3898fda8 [ 126.769328][ T6127] [ 129.091575][ T6164] netlink: 'syz.3.74': attribute type 1 has an invalid length. [ 129.358058][ T6167] bonding: unable to delete non-existent ) [ 129.423895][ T6179] FAULT_INJECTION: forcing a failure. [ 129.423895][ T6179] name failslab, interval 1, probability 0, space 0, times 0 [ 129.494316][ T6179] CPU: 0 UID: 0 PID: 6179 Comm: syz.1.78 Tainted: G L syzkaller #0 PREEMPT(full) [ 129.494364][ T6179] Tainted: [L]=SOFTLOCKUP [ 129.494374][ T6179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 129.494392][ T6179] Call Trace: [ 129.494402][ T6179] [ 129.494414][ T6179] dump_stack_lvl+0x100/0x190 [ 129.494466][ T6179] should_fail_ex.cold+0x5/0xa [ 129.494506][ T6179] ? iter_file_splice_write+0x1d8/0x10a0 [ 129.494547][ T6179] should_failslab+0xc2/0x120 [ 129.494585][ T6179] __kmalloc_noprof+0xe0/0x850 [ 129.494623][ T6179] iter_file_splice_write+0x1d8/0x10a0 [ 129.494669][ T6179] ? copy_splice_read+0x6f0/0xb90 [ 129.494708][ T6179] ? copy_splice_read+0x734/0xb90 [ 129.494758][ T6179] ? __pfx_iter_file_splice_write+0x10/0x10 [ 129.494799][ T6179] ? __lock_acquire+0x4a5/0x2630 [ 129.494832][ T6179] ? __pfx_copy_splice_read+0x10/0x10 [ 129.494891][ T6179] ? __pfx_iter_file_splice_write+0x10/0x10 [ 129.494941][ T6179] direct_splice_actor+0x192/0x6c0 [ 129.494986][ T6179] splice_direct_to_actor+0x345/0xa30 [ 129.495030][ T6179] ? __pfx_direct_splice_actor+0x10/0x10 [ 129.495076][ T6179] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 129.495130][ T6179] do_splice_direct+0x174/0x240 [ 129.495171][ T6179] ? __pfx_do_splice_direct+0x10/0x10 [ 129.495211][ T6179] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 129.495275][ T6179] ? rw_verify_area+0xce/0x6d0 [ 129.495312][ T6179] do_sendfile+0xadc/0xe20 [ 129.495361][ T6179] ? __pfx_do_sendfile+0x10/0x10 [ 129.495398][ T6179] ? __fget_files+0x21f/0x3d0 [ 129.495455][ T6179] __x64_sys_sendfile64+0x1d8/0x220 [ 129.495501][ T6179] ? ksys_write+0x1ac/0x250 [ 129.495538][ T6179] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 129.495588][ T6179] ? rcu_is_watching+0x12/0xc0 [ 129.495633][ T6179] do_syscall_64+0x10b/0xf80 [ 129.495680][ T6179] ? clear_bhb_loop+0x40/0x90 [ 129.495721][ T6179] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.495754][ T6179] RIP: 0033:0x7f27b939cdd9 [ 129.495780][ T6179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 129.495810][ T6179] RSP: 002b:00007f27b75f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 129.495840][ T6179] RAX: ffffffffffffffda RBX: 00007f27b9615fa0 RCX: 00007f27b939cdd9 [ 129.495860][ T6179] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 129.495878][ T6179] RBP: 00007f27b75f6090 R08: 0000000000000000 R09: 0000000000000000 [ 129.495898][ T6179] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 129.495916][ T6179] R13: 00007f27b9616038 R14: 00007f27b9615fa0 R15: 00007ffe9f0c7dc8 [ 129.495959][ T6179] [ 130.221610][ T6189] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 130.238346][ T6189] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 130.255659][ T6189] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 130.267142][ T6189] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 130.282588][ T6189] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 130.328475][ T6189] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 130.380932][ T6189] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 130.388240][ T6189] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 130.427620][ T6189] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 130.470709][ T6189] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 130.490236][ T6189] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 130.521681][ T6189] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 132.239075][ T5634] Bluetooth: hci0: command 0x2016 tx timeout [ 132.289990][ T6241] FAULT_INJECTION: forcing a failure. [ 132.289990][ T6241] name failslab, interval 1, probability 0, space 0, times 0 [ 132.319801][ T5634] Bluetooth: hci1: command 0x0c1a tx timeout [ 132.320065][ T6241] CPU: 0 UID: 0 PID: 6241 Comm: syz.2.89 Tainted: G L syzkaller #0 PREEMPT(full) [ 132.320188][ T6241] Tainted: [L]=SOFTLOCKUP [ 132.320232][ T6241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 132.320277][ T6241] Call Trace: [ 132.320308][ T6241] [ 132.320339][ T6241] dump_stack_lvl+0x100/0x190 [ 132.320446][ T6241] should_fail_ex.cold+0x5/0xa [ 132.320547][ T6241] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 132.320664][ T6241] should_failslab+0xc2/0x120 [ 132.320768][ T6241] __kmalloc_noprof+0xe0/0x850 [ 132.320843][ T6241] ? trace_kmalloc+0xe3/0x110 [ 132.320953][ T6241] kernfs_fop_write_iter+0x26a/0x5f0 [ 132.321091][ T6241] iter_file_splice_write+0x830/0x10a0 [ 132.321259][ T6241] ? __pfx_iter_file_splice_write+0x10/0x10 [ 132.321410][ T6241] ? __pfx_copy_splice_read+0x10/0x10 [ 132.321586][ T6241] ? __pfx_iter_file_splice_write+0x10/0x10 [ 132.321703][ T6241] direct_splice_actor+0x192/0x6c0 [ 132.321832][ T6241] splice_direct_to_actor+0x345/0xa30 [ 132.321951][ T6241] ? __pfx_direct_splice_actor+0x10/0x10 [ 132.322080][ T6241] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 132.322227][ T6241] do_splice_direct+0x174/0x240 [ 132.322335][ T6241] ? __pfx_do_splice_direct+0x10/0x10 [ 132.322451][ T6241] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 132.322575][ T6241] ? rw_verify_area+0xce/0x6d0 [ 132.322664][ T6241] do_sendfile+0xadc/0xe20 [ 132.322794][ T6241] ? __pfx_do_sendfile+0x10/0x10 [ 132.322913][ T6241] ? __fget_files+0x21f/0x3d0 [ 132.323041][ T6241] __x64_sys_sendfile64+0x1d8/0x220 [ 132.323151][ T6241] ? ksys_write+0x1ac/0x250 [ 132.323257][ T6241] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 132.323383][ T6241] ? rcu_is_watching+0x12/0xc0 [ 132.323512][ T6241] do_syscall_64+0x10b/0xf80 [ 132.323631][ T6241] ? clear_bhb_loop+0x40/0x90 [ 132.323736][ T6241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.323837][ T6241] RIP: 0033:0x7f5df519cdd9 [ 132.323903][ T6241] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 132.323985][ T6241] RSP: 002b:00007f5df60bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 132.324060][ T6241] RAX: ffffffffffffffda RBX: 00007f5df5415fa0 RCX: 00007f5df519cdd9 [ 132.324114][ T6241] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 132.324171][ T6241] RBP: 00007f5df60bd090 R08: 0000000000000000 R09: 0000000000000000 [ 132.324251][ T6241] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 132.324304][ T6241] R13: 00007f5df5416038 R14: 00007f5df5415fa0 R15: 00007ffeb0705838 [ 132.324410][ T6241] [ 132.419175][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 132.483093][ T5634] Bluetooth: hci3: command 0x0c1a tx timeout [ 132.766716][ T6244] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[5632] was attempted by ""[6244] [ 133.005743][ T6248] : Can't lookup blockdev [ 133.127129][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.136232][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.315013][ T6257] random: crng reseeded on system resumption [ 133.913045][ T6265] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 134.085572][ T6265] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 134.319370][ T5634] Bluetooth: hci0: command 0x2016 tx timeout [ 134.414331][ T6274] FAULT_INJECTION: forcing a failure. [ 134.414331][ T6274] name failslab, interval 1, probability 0, space 0, times 0 [ 134.438688][ T6274] CPU: 0 UID: 0 PID: 6274 Comm: syz.2.98 Tainted: G L syzkaller #0 PREEMPT(full) [ 134.438736][ T6274] Tainted: [L]=SOFTLOCKUP [ 134.438747][ T6274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 134.438764][ T6274] Call Trace: [ 134.438775][ T6274] [ 134.438787][ T6274] dump_stack_lvl+0x100/0x190 [ 134.438829][ T6274] should_fail_ex.cold+0x5/0xa [ 134.438871][ T6274] ? __pfx_wq_cpumask_store+0x10/0x10 [ 134.438910][ T6274] should_failslab+0xc2/0x120 [ 134.438944][ T6274] ? __pfx_wq_cpumask_store+0x10/0x10 [ 134.438981][ T6274] __kmalloc_cache_noprof+0x7a/0x6f0 [ 134.439027][ T6274] ? wq_sysfs_prep_attrs+0x8b/0x390 [ 134.439073][ T6274] ? __pfx_wq_cpumask_store+0x10/0x10 [ 134.439115][ T6274] wq_sysfs_prep_attrs+0x8b/0x390 [ 134.439148][ T6274] wq_cpumask_store+0x51/0x190 [ 134.439190][ T6274] dev_attr_store+0x58/0x80 [ 134.439230][ T6274] ? __pfx_dev_attr_store+0x10/0x10 [ 134.439271][ T6274] sysfs_kf_write+0xf2/0x150 [ 134.439305][ T6274] kernfs_fop_write_iter+0x3e0/0x5f0 [ 134.439352][ T6274] ? __pfx_sysfs_kf_write+0x10/0x10 [ 134.439388][ T6274] iter_file_splice_write+0x830/0x10a0 [ 134.439454][ T6274] ? __pfx_iter_file_splice_write+0x10/0x10 [ 134.439507][ T6274] ? __pfx_copy_splice_read+0x10/0x10 [ 134.439571][ T6274] ? __pfx_iter_file_splice_write+0x10/0x10 [ 134.439617][ T6274] direct_splice_actor+0x192/0x6c0 [ 134.439663][ T6274] splice_direct_to_actor+0x345/0xa30 [ 134.439709][ T6274] ? __pfx_direct_splice_actor+0x10/0x10 [ 134.439758][ T6274] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 134.439814][ T6274] do_splice_direct+0x174/0x240 [ 134.439858][ T6274] ? __pfx_do_splice_direct+0x10/0x10 [ 134.439901][ T6274] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 134.439949][ T6274] ? rw_verify_area+0xce/0x6d0 [ 134.439987][ T6274] do_sendfile+0xadc/0xe20 [ 134.440032][ T6274] ? __pfx_do_sendfile+0x10/0x10 [ 134.440074][ T6274] ? __fget_files+0x21f/0x3d0 [ 134.440125][ T6274] __x64_sys_sendfile64+0x1d8/0x220 [ 134.440170][ T6274] ? ksys_write+0x1ac/0x250 [ 134.440208][ T6274] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 134.440259][ T6274] ? rcu_is_watching+0x12/0xc0 [ 134.440305][ T6274] do_syscall_64+0x10b/0xf80 [ 134.440352][ T6274] ? clear_bhb_loop+0x40/0x90 [ 134.440393][ T6274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.440427][ T6274] RIP: 0033:0x7f5df519cdd9 [ 134.440452][ T6274] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 134.440483][ T6274] RSP: 002b:00007f5df60bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 134.440514][ T6274] RAX: ffffffffffffffda RBX: 00007f5df5415fa0 RCX: 00007f5df519cdd9 [ 134.440534][ T6274] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 134.440552][ T6274] RBP: 00007f5df60bd090 R08: 0000000000000000 R09: 0000000000000000 [ 134.440572][ T6274] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 134.440591][ T6274] R13: 00007f5df5416038 R14: 00007f5df5415fa0 R15: 00007ffeb0705838 [ 134.440635][ T6274] [ 134.479606][ T5634] Bluetooth: hci1: command 0x0c1a tx timeout [ 134.577041][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 134.641845][ T5634] Bluetooth: hci3: command 0x0c1a tx timeout [ 135.491173][ T6293] zswap: compressor not available [ 135.508842][ T6292] zswap: compressor not available [ 136.400932][ T5634] Bluetooth: hci0: command 0x2016 tx timeout [ 136.639099][ T5634] Bluetooth: hci1: command 0x0c1a tx timeout [ 136.719069][ T5634] Bluetooth: hci2: command 0x0c1a tx timeout [ 136.799926][ T5634] Bluetooth: hci3: command 0x0c1a tx timeout [ 138.879097][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 138.972698][ T6363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.110'. [ 139.887288][ T6384] FAULT_INJECTION: forcing a failure. [ 139.887288][ T6384] name failslab, interval 1, probability 0, space 0, times 0 [ 139.910387][ T6384] CPU: 0 UID: 0 PID: 6384 Comm: syz.2.114 Tainted: G L syzkaller #0 PREEMPT(full) [ 139.910438][ T6384] Tainted: [L]=SOFTLOCKUP [ 139.910449][ T6384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 139.910468][ T6384] Call Trace: [ 139.910477][ T6384] [ 139.910489][ T6384] dump_stack_lvl+0x100/0x190 [ 139.910532][ T6384] should_fail_ex.cold+0x5/0xa [ 139.910574][ T6384] should_failslab+0xc2/0x120 [ 139.910616][ T6384] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 139.910673][ T6384] ? do_getname+0x35/0x390 [ 139.910723][ T6384] ? find_held_lock+0x2b/0x80 [ 139.910774][ T6384] do_getname+0x35/0x390 [ 139.910836][ T6384] do_sys_openat2+0xc5/0x1e0 [ 139.910892][ T6384] ? __pfx_do_sys_openat2+0x10/0x10 [ 139.910961][ T6384] __x64_sys_openat+0x12d/0x210 [ 139.911017][ T6384] ? __pfx___x64_sys_openat+0x10/0x10 [ 139.911068][ T6384] ? ksys_write+0x1ac/0x250 [ 139.911113][ T6384] ? rcu_is_watching+0x12/0xc0 [ 139.911159][ T6384] do_syscall_64+0x10b/0xf80 [ 139.911209][ T6384] ? clear_bhb_loop+0x40/0x90 [ 139.911251][ T6384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.911285][ T6384] RIP: 0033:0x7f5df519cdd9 [ 139.911312][ T6384] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 139.911345][ T6384] RSP: 002b:00007f5df609c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 139.911377][ T6384] RAX: ffffffffffffffda RBX: 00007f5df5416090 RCX: 00007f5df519cdd9 [ 139.911399][ T6384] RDX: 00000000000c0002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 139.911420][ T6384] RBP: 00007f5df5232d69 R08: 0000000000000000 R09: 0000000000000000 [ 139.911441][ T6384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.911461][ T6384] R13: 00007f5df5416128 R14: 00007f5df5416090 R15: 00007ffeb0705838 [ 139.911504][ T6384] [ 144.075578][ T6452] netlink: 12 bytes leftover after parsing attributes in process `syz.3.128'. [ 146.701790][ T6507] FAULT_INJECTION: forcing a failure. [ 146.701790][ T6507] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 146.733335][ T6507] CPU: 1 UID: 0 PID: 6507 Comm: syz.3.140 Tainted: G L syzkaller #0 PREEMPT(full) [ 146.733390][ T6507] Tainted: [L]=SOFTLOCKUP [ 146.733403][ T6507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 146.733423][ T6507] Call Trace: [ 146.733434][ T6507] [ 146.733446][ T6507] dump_stack_lvl+0x100/0x190 [ 146.733494][ T6507] should_fail_ex.cold+0x5/0xa [ 146.733532][ T6507] ? prepare_alloc_pages+0x16d/0x5f0 [ 146.733583][ T6507] should_fail_alloc_page+0xeb/0x140 [ 146.733631][ T6507] prepare_alloc_pages+0x1f0/0x5f0 [ 146.733675][ T6507] ? __kernel_text_address+0xd/0x30 [ 146.733721][ T6507] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 146.733787][ T6507] ? __lock_acquire+0x4a5/0x2630 [ 146.733825][ T6507] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 146.733872][ T6507] ? lockdep_hardirqs_on+0x78/0x100 [ 146.733928][ T6507] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 146.733974][ T6507] ? stack_depot_save_flags+0x479/0x9d0 [ 146.734021][ T6507] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 146.734084][ T6507] ? css_rstat_updated+0x1ce/0x5a0 [ 146.734185][ T6507] ? rcu_is_watching+0x12/0xc0 [ 146.734230][ T6507] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 146.734288][ T6507] ? policy_nodemask+0xed/0x4f0 [ 146.734330][ T6507] alloc_pages_mpol+0x1fb/0x540 [ 146.734376][ T6507] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 146.734418][ T6507] ? __memcg_slab_post_alloc_hook+0x734/0xff0 [ 146.734476][ T6507] alloc_pages_noprof+0x1a/0x160 [ 146.734527][ T6507] pgd_alloc+0x4d/0x630 [ 146.734572][ T6507] ? mutex_init_lockdep+0xf1/0x120 [ 146.734617][ T6507] mm_init+0x6da/0x10d0 [ 146.734664][ T6507] mm_alloc+0x97/0xd0 [ 146.734726][ T6507] alloc_bprm+0x2af/0x710 [ 146.734764][ T6507] do_execveat_common.isra.0+0x19c/0x580 [ 146.734801][ T6507] ? do_getname+0x191/0x390 [ 146.734851][ T6507] __x64_sys_execveat+0xdf/0x130 [ 146.734891][ T6507] do_syscall_64+0x10b/0xf80 [ 146.734939][ T6507] ? clear_bhb_loop+0x40/0x90 [ 146.734982][ T6507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.735008][ T6507] RIP: 0033:0x7f0e9399cdd9 [ 146.735028][ T6507] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 146.735051][ T6507] RSP: 002b:00007f0e94926028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 146.735073][ T6507] RAX: ffffffffffffffda RBX: 00007f0e93c15fa0 RCX: 00007f0e9399cdd9 [ 146.735088][ T6507] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000a [ 146.735102][ T6507] RBP: 00007f0e93a32d69 R08: 0000000000001000 R09: 0000000000000000 [ 146.735128][ T6507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.735147][ T6507] R13: 00007f0e93c16038 R14: 00007f0e93c15fa0 R15: 00007ffe3898fda8 [ 146.735254][ T6507] [ 147.885507][ T6512] netlink: 28 bytes leftover after parsing attributes in process `syz.2.142'. [ 147.917354][ T30] audit: type=1800 audit(1778356526.469:3): pid=6517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.141" name="file0" dev="tmpfs" ino=229 res=0 errno=0 [ 147.943699][ T6512] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 147.962238][ T6512] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 147.995145][ T6512] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 148.015766][ T6512] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 149.167874][ T6542] process 'syz.0.145' launched ':,' with NULL argv: empty string added [ 149.284462][ T6540] FAULT_INJECTION: forcing a failure. [ 149.284462][ T6540] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 149.407405][ T6540] CPU: 0 UID: 0 PID: 6540 Comm: syz.0.145 Tainted: G L syzkaller #0 PREEMPT(full) [ 149.407455][ T6540] Tainted: [L]=SOFTLOCKUP [ 149.407466][ T6540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 149.407484][ T6540] Call Trace: [ 149.407494][ T6540] [ 149.407505][ T6540] dump_stack_lvl+0x100/0x190 [ 149.407548][ T6540] should_fail_ex.cold+0x5/0xa [ 149.407582][ T6540] ? prepare_alloc_pages+0x16d/0x5f0 [ 149.407627][ T6540] should_fail_alloc_page+0xeb/0x140 [ 149.407669][ T6540] prepare_alloc_pages+0x1f0/0x5f0 [ 149.407719][ T6540] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 149.407782][ T6540] ? __lock_acquire+0x4a5/0x2630 [ 149.407820][ T6540] ? __lock_acquire+0x4a5/0x2630 [ 149.407849][ T6540] ? css_rstat_updated+0x1ce/0x5a0 [ 149.407904][ T6540] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 149.407975][ T6540] ? do_raw_spin_lock+0x128/0x260 [ 149.408014][ T6540] ? look_up_lock_class+0x55/0x120 [ 149.408078][ T6540] ? __lock_acquire+0x4a5/0x2630 [ 149.408115][ T6540] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 149.408167][ T6540] ? policy_nodemask+0xed/0x4f0 [ 149.408209][ T6540] alloc_pages_mpol+0x1fb/0x540 [ 149.408250][ T6540] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 149.408288][ T6540] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 149.408320][ T6540] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 149.408358][ T6540] folio_alloc_mpol_noprof+0x36/0x260 [ 149.408403][ T6540] shmem_alloc_folio+0x135/0x160 [ 149.408450][ T6540] shmem_alloc_and_add_folio+0x371/0xd40 [ 149.408514][ T6540] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 149.408571][ T6540] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 149.408613][ T6540] shmem_get_folio_gfp+0x6ab/0x1900 [ 149.408654][ T6540] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 149.408698][ T6540] shmem_write_begin+0x1a4/0x420 [ 149.408735][ T6540] ? __pfx_shmem_write_begin+0x10/0x10 [ 149.408771][ T6540] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 149.408821][ T6540] generic_perform_write+0x292/0xa40 [ 149.408886][ T6540] ? __pfx_generic_perform_write+0x10/0x10 [ 149.408932][ T6540] ? __mark_inode_dirty+0x55c/0x1720 [ 149.408970][ T6540] ? mnt_put_write_access_file+0x4e/0x100 [ 149.409011][ T6540] ? file_update_time_flags+0x373/0x500 [ 149.409063][ T6540] shmem_file_write_iter+0x10e/0x140 [ 149.409113][ T6540] vfs_write+0x6ac/0x1070 [ 149.409153][ T6540] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 149.409198][ T6540] ? __pfx_vfs_write+0x10/0x10 [ 149.409261][ T6540] ksys_write+0x12a/0x250 [ 149.409299][ T6540] ? __pfx_ksys_write+0x10/0x10 [ 149.409340][ T6540] ? rcu_is_watching+0x12/0xc0 [ 149.409385][ T6540] do_syscall_64+0x10b/0xf80 [ 149.409432][ T6540] ? clear_bhb_loop+0x40/0x90 [ 149.409472][ T6540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.409505][ T6540] RIP: 0033:0x7f249c79cdd9 [ 149.409531][ T6540] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 149.409561][ T6540] RSP: 002b:00007f249d575028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 149.409591][ T6540] RAX: ffffffffffffffda RBX: 00007f249ca15fa0 RCX: 00007f249c79cdd9 [ 149.409612][ T6540] RDX: 000000000000b6bd RSI: 0000000000000000 RDI: 0000000000000003 [ 149.409630][ T6540] RBP: 00007f249c832d69 R08: 0000000000000000 R09: 0000000000000000 [ 149.409649][ T6540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 149.409668][ T6540] R13: 00007f249ca16038 R14: 00007f249ca15fa0 R15: 00007fffbeb4fa38 [ 149.409711][ T6540] [ 151.738312][ T6596] [U] [ 153.299777][ T6615] FAULT_INJECTION: forcing a failure. [ 153.299777][ T6615] name failslab, interval 1, probability 0, space 0, times 0 [ 153.351121][ T6615] CPU: 0 UID: 0 PID: 6615 Comm: syz.0.159 Tainted: G L syzkaller #0 PREEMPT(full) [ 153.351174][ T6615] Tainted: [L]=SOFTLOCKUP [ 153.351185][ T6615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 153.351204][ T6615] Call Trace: [ 153.351216][ T6615] [ 153.351228][ T6615] dump_stack_lvl+0x100/0x190 [ 153.351270][ T6615] should_fail_ex.cold+0x5/0xa [ 153.351315][ T6615] should_failslab+0xc2/0x120 [ 153.351355][ T6615] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 153.351410][ T6615] ? __alloc_skb+0x140/0x710 [ 153.351443][ T6615] ? _copy_from_iter+0x270/0x1690 [ 153.351483][ T6615] __alloc_skb+0x140/0x710 [ 153.351518][ T6615] ? __pfx___alloc_skb+0x10/0x10 [ 153.351564][ T6615] ? skb_page_frag_refill+0x309/0x4b0 [ 153.351625][ T6615] tcp_stream_alloc_skb+0x34/0x660 [ 153.351665][ T6615] tcp_sendmsg_locked+0x13cd/0x4500 [ 153.351726][ T6615] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 153.351765][ T6615] ? do_raw_spin_lock+0x128/0x260 [ 153.351812][ T6615] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 153.351862][ T6615] ? __local_bh_enable_ip+0x9e/0x120 [ 153.351912][ T6615] tcp_sendmsg+0x2e/0x50 [ 153.351944][ T6615] ? __pfx_tcp_sendmsg+0x10/0x10 [ 153.351978][ T6615] inet_sendmsg+0xb9/0x140 [ 153.352012][ T6615] sock_write_iter+0x4ea/0x5a0 [ 153.352058][ T6615] ? __pfx_inet_sendmsg+0x10/0x10 [ 153.352091][ T6615] ? __pfx_sock_write_iter+0x10/0x10 [ 153.352156][ T6615] ? bpf_lsm_file_permission+0x9/0x10 [ 153.352189][ T6615] ? security_file_permission+0x76/0x210 [ 153.352232][ T6615] ? rw_verify_area+0xce/0x6d0 [ 153.352269][ T6615] vfs_write+0x6ac/0x1070 [ 153.352309][ T6615] ? __pfx_sock_write_iter+0x10/0x10 [ 153.352360][ T6615] ? __pfx_vfs_write+0x10/0x10 [ 153.352396][ T6615] ? find_held_lock+0x2b/0x80 [ 153.352484][ T6615] ksys_write+0x1f8/0x250 [ 153.352528][ T6615] ? __pfx_ksys_write+0x10/0x10 [ 153.352577][ T6615] ? rcu_is_watching+0x12/0xc0 [ 153.352624][ T6615] do_syscall_64+0x10b/0xf80 [ 153.352674][ T6615] ? clear_bhb_loop+0x40/0x90 [ 153.352716][ T6615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.352750][ T6615] RIP: 0033:0x7f249c79cdd9 [ 153.352777][ T6615] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 153.352811][ T6615] RSP: 002b:00007f249d575028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 153.352842][ T6615] RAX: ffffffffffffffda RBX: 00007f249ca15fa0 RCX: 00007f249c79cdd9 [ 153.352864][ T6615] RDX: 000000007fffffff RSI: 0000000000000000 RDI: 0000000000000003 [ 153.352884][ T6615] RBP: 00007f249c832d69 R08: 0000000000000000 R09: 0000000000000000 [ 153.352905][ T6615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.352925][ T6615] R13: 00007f249ca16038 R14: 00007f249ca15fa0 R15: 00007fffbeb4fa38 [ 153.352969][ T6615] [ 155.708054][ T6641] FAULT_INJECTION: forcing a failure. [ 155.708054][ T6641] name failslab, interval 1, probability 0, space 0, times 0 [ 155.752458][ T6641] CPU: 1 UID: 0 PID: 6641 Comm: syz.2.164 Tainted: G L syzkaller #0 PREEMPT(full) [ 155.752509][ T6641] Tainted: [L]=SOFTLOCKUP [ 155.752521][ T6641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 155.752540][ T6641] Call Trace: [ 155.752550][ T6641] [ 155.752563][ T6641] dump_stack_lvl+0x100/0x190 [ 155.752616][ T6641] should_fail_ex.cold+0x5/0xa [ 155.752661][ T6641] should_failslab+0xc2/0x120 [ 155.752703][ T6641] __kmalloc_cache_noprof+0x7a/0x6f0 [ 155.752751][ T6641] ? ima_add_digest_entry+0x52/0x520 [ 155.752808][ T6641] ima_add_digest_entry+0x52/0x520 [ 155.752864][ T6641] ima_add_template_entry+0x442/0x800 [ 155.752923][ T6641] ? __pfx_ima_add_template_entry+0x10/0x10 [ 155.752977][ T6641] ? ima_calc_field_array_hash+0x378/0x440 [ 155.753019][ T6641] ima_store_template+0xda/0x150 [ 155.753057][ T6641] ima_store_measurement+0x21c/0x5b0 [ 155.753095][ T6641] ? __pfx_ima_store_measurement+0x10/0x10 [ 155.753146][ T6641] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 155.753203][ T6641] process_measurement+0x19cc/0x2350 [ 155.753269][ T6641] ? __pfx_process_measurement+0x10/0x10 [ 155.753326][ T6641] ? rcu_is_watching+0x12/0xc0 [ 155.753375][ T6641] ? __mutex_lock+0x26d/0x1b10 [ 155.753429][ T6641] ? tracing_buffers_open+0x2aa/0x3d0 [ 155.753525][ T6641] ? inode_to_bdi+0x9e/0x160 [ 155.753570][ T6641] ima_file_check+0xcc/0x120 [ 155.753632][ T6641] ? __pfx_ima_file_check+0x10/0x10 [ 155.753697][ T6641] security_file_post_open+0xc4/0x210 [ 155.753736][ T6641] path_openat+0x1418/0x31a0 [ 155.753792][ T6641] ? __pfx_path_openat+0x10/0x10 [ 155.753849][ T6641] do_file_open+0x20e/0x430 [ 155.753896][ T6641] ? __pfx_do_file_open+0x10/0x10 [ 155.754007][ T6641] ? alloc_fd+0x476/0x790 [ 155.754053][ T6641] ? do_getname+0x191/0x390 [ 155.754108][ T6641] do_sys_openat2+0x10d/0x1e0 [ 155.754162][ T6641] ? __pfx_do_sys_openat2+0x10/0x10 [ 155.754229][ T6641] __x64_sys_openat+0x12d/0x210 [ 155.754284][ T6641] ? __pfx___x64_sys_openat+0x10/0x10 [ 155.754333][ T6641] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 155.754374][ T6641] ? rcu_is_watching+0x12/0xc0 [ 155.754421][ T6641] do_syscall_64+0x10b/0xf80 [ 155.754471][ T6641] ? clear_bhb_loop+0x40/0x90 [ 155.754512][ T6641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.754546][ T6641] RIP: 0033:0x7f5df519cdd9 [ 155.754574][ T6641] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 155.754615][ T6641] RSP: 002b:00007f5df60bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 155.754648][ T6641] RAX: ffffffffffffffda RBX: 00007f5df5415fa0 RCX: 00007f5df519cdd9 [ 155.754670][ T6641] RDX: 0000000000001000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 155.754691][ T6641] RBP: 00007f5df5232d69 R08: 0000000000000000 R09: 0000000000000000 [ 155.754710][ T6641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.754730][ T6641] R13: 00007f5df5416038 R14: 00007f5df5415fa0 R15: 00007ffeb0705838 [ 155.754771][ T6641] [ 155.811315][ T6641] ima: OUT OF MEMORY ERROR creating queue entry [ 156.133019][ T30] audit: type=1804 audit(1778356534.699:4): pid=6641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.164" name="/newroot/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw" dev="tracefs" ino=3298 res=0 errno=0 [ 156.380242][ T6644] FAULT_INJECTION: forcing a failure. [ 156.380242][ T6644] name failslab, interval 1, probability 0, space 0, times 0 [ 156.430255][ T6644] CPU: 1 UID: 0 PID: 6644 Comm: syz.0.165 Tainted: G L syzkaller #0 PREEMPT(full) [ 156.430308][ T6644] Tainted: [L]=SOFTLOCKUP [ 156.430319][ T6644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 156.430345][ T6644] Call Trace: [ 156.430356][ T6644] [ 156.430368][ T6644] dump_stack_lvl+0x100/0x190 [ 156.430411][ T6644] should_fail_ex.cold+0x5/0xa [ 156.430454][ T6644] should_failslab+0xc2/0x120 [ 156.430494][ T6644] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 156.430529][ T6644] ? key_alloc+0x423/0x1310 [ 156.430568][ T6644] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 156.430630][ T6644] kmemdup_noprof+0x29/0x60 [ 156.430666][ T6644] key_alloc+0x423/0x1310 [ 156.430719][ T6644] ? __pfx_key_alloc+0x10/0x10 [ 156.430756][ T6644] ? __pfx_key_default_cmp+0x10/0x10 [ 156.430801][ T6644] ? __pfx_keyring_search_iterator+0x10/0x10 [ 156.430851][ T6644] keyring_alloc+0x44/0xc0 [ 156.430899][ T6644] look_up_user_keyrings+0x465/0x790 [ 156.430940][ T6644] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 156.430990][ T6644] lookup_user_key+0xbb1/0x1300 [ 156.431026][ T6644] ? __pfx_lookup_user_key+0x10/0x10 [ 156.431062][ T6644] ? __pfx_do_futex+0x10/0x10 [ 156.431106][ T6644] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 156.431151][ T6644] ? __pfx___x64_sys_futex+0x10/0x10 [ 156.431187][ T6644] ? ksys_write+0x1ac/0x250 [ 156.431232][ T6644] keyctl_keyring_unlink+0x1f/0x1b0 [ 156.431291][ T6644] __do_sys_keyctl+0x3dd/0x5a0 [ 156.431331][ T6644] do_syscall_64+0x10b/0xf80 [ 156.431380][ T6644] ? clear_bhb_loop+0x40/0x90 [ 156.431421][ T6644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.431455][ T6644] RIP: 0033:0x7f249c79cdd9 [ 156.431481][ T6644] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 156.431513][ T6644] RSP: 002b:00007f249d575028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 156.431544][ T6644] RAX: ffffffffffffffda RBX: 00007f249ca15fa0 RCX: 00007f249c79cdd9 [ 156.431564][ T6644] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000009 [ 156.431586][ T6644] RBP: 00007f249c832d69 R08: 0000000000000008 R09: 0000000000000000 [ 156.431606][ T6644] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 156.431626][ T6644] R13: 00007f249ca16038 R14: 00007f249ca15fa0 R15: 00007fffbeb4fa38 [ 156.431669][ T6644] [ 160.368626][ T6724] futex_wake_op: syz.2.180 tries to shift op by -2048; fix this program [ 160.606907][ T6735] netlink: 504 bytes leftover after parsing attributes in process `syz.2.180'. [ 161.475111][ T5634] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 162.881526][ T6755] mmap: syz.1.187 (6755) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 162.937063][ T6746] random: crng reseeded on system resumption [ 163.207187][ T6771] netlink: 4 bytes leftover after parsing attributes in process `syz.2.190'. [ 163.519116][ T5634] Bluetooth: hci0: command 0x2016 tx timeout [ 164.536071][ T6788] FAULT_INJECTION: forcing a failure. [ 164.536071][ T6788] name failslab, interval 1, probability 0, space 0, times 0 [ 164.583337][ T6788] CPU: 0 UID: 0 PID: 6788 Comm: syz.1.194 Tainted: G L syzkaller #0 PREEMPT(full) [ 164.583375][ T6788] Tainted: [L]=SOFTLOCKUP [ 164.583383][ T6788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 164.583397][ T6788] Call Trace: [ 164.583405][ T6788] [ 164.583414][ T6788] dump_stack_lvl+0x100/0x190 [ 164.583446][ T6788] should_fail_ex.cold+0x5/0xa [ 164.583477][ T6788] should_failslab+0xc2/0x120 [ 164.583506][ T6788] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 164.583547][ T6788] ? alloc_inode+0x68/0x250 [ 164.583585][ T6788] ? simple_start_creating+0xb0/0x110 [ 164.583615][ T6788] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 164.583661][ T6788] alloc_inode+0x68/0x250 [ 164.583699][ T6788] new_inode+0x22/0x1c0 [ 164.583739][ T6788] __debugfs_create_file+0x105/0x4f0 [ 164.583781][ T6788] debugfs_create_file_full+0x41/0x60 [ 164.583822][ T6788] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 164.583853][ T6788] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 164.583883][ T6788] ? ida_alloc_range+0x70d/0x830 [ 164.583946][ T6788] ? lockdep_init_map_type+0x5c/0x250 [ 164.583976][ T6788] preinit_net.part.0+0x252/0x920 [ 164.584007][ T6788] copy_net_ns+0x339/0x7c0 [ 164.584041][ T6788] create_new_namespaces+0x3ea/0xac0 [ 164.584080][ T6788] unshare_nsproxy_namespaces+0xf2/0x220 [ 164.584115][ T6788] ksys_unshare+0x438/0xab0 [ 164.584153][ T6788] ? __pfx_ksys_unshare+0x10/0x10 [ 164.584188][ T6788] ? xfd_validate_state+0x129/0x190 [ 164.584212][ T6788] ? ksys_write+0x1ac/0x250 [ 164.584247][ T6788] __x64_sys_unshare+0x31/0x40 [ 164.584283][ T6788] do_syscall_64+0x10b/0xf80 [ 164.584318][ T6788] ? clear_bhb_loop+0x40/0x90 [ 164.584347][ T6788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.584371][ T6788] RIP: 0033:0x7f27b939cdd9 [ 164.584391][ T6788] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 164.584413][ T6788] RSP: 002b:00007f27b75f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 164.584436][ T6788] RAX: ffffffffffffffda RBX: 00007f27b9615fa0 RCX: 00007f27b939cdd9 [ 164.584451][ T6788] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 164.584465][ T6788] RBP: 00007f27b9432d69 R08: 0000000000000000 R09: 0000000000000000 [ 164.584479][ T6788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 164.584493][ T6788] R13: 00007f27b9616038 R14: 00007f27b9615fa0 R15: 00007ffe9f0c7dc8 [ 164.584523][ T6788] [ 164.584532][ T6788] debugfs: out of free dentries, can not create file 'net_refcnt@ffff888026382940' [ 165.598944][ T50] Bluetooth: hci0: command 0x2016 tx timeout [ 166.930184][ T6814] mmap: syz.2.200 (6814): VmData 37724160 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 167.774749][ T6827] __vm_enough_memory: pid: 6827, comm: syz.1.203, bytes: 4398046457856 not enough memory for the allocation [ 168.307081][ T6831] netlink: 28 bytes leftover after parsing attributes in process `syz.0.202'. [ 168.664910][ T6831] bond0: (slave bond_slave_1): Releasing backup interface [ 169.736743][ T6841] FAULT_INJECTION: forcing a failure. [ 169.736743][ T6841] name failslab, interval 1, probability 0, space 0, times 0 [ 169.779446][ T6841] CPU: 1 UID: 0 PID: 6841 Comm: syz.0.206 Tainted: G L syzkaller #0 PREEMPT(full) [ 169.779502][ T6841] Tainted: [L]=SOFTLOCKUP [ 169.779515][ T6841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 169.779535][ T6841] Call Trace: [ 169.779546][ T6841] [ 169.779564][ T6841] dump_stack_lvl+0x100/0x190 [ 169.779610][ T6841] should_fail_ex.cold+0x5/0xa [ 169.779651][ T6841] ? __pfx_clear_warn_once_set+0x10/0x10 [ 169.779706][ T6841] should_failslab+0xc2/0x120 [ 169.779743][ T6841] ? __pfx_clear_warn_once_set+0x10/0x10 [ 169.779796][ T6841] __kmalloc_cache_noprof+0x7a/0x6f0 [ 169.779843][ T6841] ? simple_attr_open+0x57/0x1c0 [ 169.779883][ T6841] ? __pfx___debugfs_file_get+0x10/0x10 [ 169.779928][ T6841] ? __pfx_clear_warn_once_set+0x10/0x10 [ 169.779981][ T6841] simple_attr_open+0x57/0x1c0 [ 169.780022][ T6841] ? __pfx_clear_warn_once_fops_open+0x10/0x10 [ 169.780077][ T6841] open_proxy_open+0x220/0x330 [ 169.780125][ T6841] do_dentry_open+0x6d8/0x1660 [ 169.780165][ T6841] ? __pfx_open_proxy_open+0x10/0x10 [ 169.780219][ T6841] vfs_open+0x82/0x3f0 [ 169.780273][ T6841] path_openat+0x208c/0x31a0 [ 169.780325][ T6841] ? __pfx_path_openat+0x10/0x10 [ 169.780388][ T6841] do_file_open+0x20e/0x430 [ 169.780436][ T6841] ? __pfx_do_file_open+0x10/0x10 [ 169.780507][ T6841] ? alloc_fd+0x476/0x790 [ 169.780552][ T6841] ? do_getname+0x191/0x390 [ 169.780615][ T6841] do_sys_openat2+0x10d/0x1e0 [ 169.780669][ T6841] ? __pfx_do_sys_openat2+0x10/0x10 [ 169.780726][ T6841] ? __fget_files+0x21f/0x3d0 [ 169.780775][ T6841] __x64_sys_openat+0x12d/0x210 [ 169.780830][ T6841] ? __pfx___x64_sys_openat+0x10/0x10 [ 169.780890][ T6841] ? rcu_is_watching+0x12/0xc0 [ 169.780937][ T6841] do_syscall_64+0x10b/0xf80 [ 169.780986][ T6841] ? clear_bhb_loop+0x40/0x90 [ 169.781027][ T6841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.781062][ T6841] RIP: 0033:0x7f249c79cdd9 [ 169.781090][ T6841] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 169.781123][ T6841] RSP: 002b:00007f249d575028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 169.781156][ T6841] RAX: ffffffffffffffda RBX: 00007f249ca15fa0 RCX: 00007f249c79cdd9 [ 169.781178][ T6841] RDX: 0000000000000000 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 169.781200][ T6841] RBP: 00007f249c832d69 R08: 0000000000000000 R09: 0000000000000000 [ 169.781222][ T6841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.781241][ T6841] R13: 00007f249ca16038 R14: 00007f249ca15fa0 R15: 00007fffbeb4fa38 [ 169.781285][ T6841] [ 171.858476][ T6875] syz.0.211 (6875): attempted to duplicate a private mapping with mremap. This is not supported. [ 172.368116][ T5634] Bluetooth: hci1: unexpected subevent 0x18 length: 123 > 19 [ 172.375894][ T5634] Bluetooth: hci1: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 173.639613][ T6913] netlink: Invalid conntrack timeout [ 174.668135][ T6927] FAULT_INJECTION: forcing a failure. [ 174.668135][ T6927] name failslab, interval 1, probability 0, space 0, times 0 [ 174.777874][ T6927] CPU: 0 UID: 0 PID: 6927 Comm: syz.3.223 Tainted: G L syzkaller #0 PREEMPT(full) [ 174.777928][ T6927] Tainted: [L]=SOFTLOCKUP [ 174.777941][ T6927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 174.777966][ T6927] Call Trace: [ 174.777981][ T6927] [ 174.777995][ T6927] dump_stack_lvl+0x100/0x190 [ 174.778040][ T6927] should_fail_ex.cold+0x5/0xa [ 174.778084][ T6927] should_failslab+0xc2/0x120 [ 174.778126][ T6927] __kmalloc_cache_noprof+0x7a/0x6f0 [ 174.778183][ T6927] ? alloc_bprm+0x86/0x710 [ 174.778228][ T6927] alloc_bprm+0x86/0x710 [ 174.778267][ T6927] do_execveat_common.isra.0+0x19c/0x580 [ 174.778308][ T6927] ? do_getname+0x191/0x390 [ 174.778361][ T6927] __x64_sys_execveat+0xdf/0x130 [ 174.778404][ T6927] do_syscall_64+0x10b/0xf80 [ 174.778454][ T6927] ? clear_bhb_loop+0x40/0x90 [ 174.778496][ T6927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.778532][ T6927] RIP: 0033:0x7f0e9399cdd9 [ 174.778559][ T6927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 174.778592][ T6927] RSP: 002b:00007f0e94926028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 174.778624][ T6927] RAX: ffffffffffffffda RBX: 00007f0e93c15fa0 RCX: 00007f0e9399cdd9 [ 174.778647][ T6927] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 174.778666][ T6927] RBP: 00007f0e93a32d69 R08: 0000000000001000 R09: 0000000000000000 [ 174.778686][ T6927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 174.778706][ T6927] R13: 00007f0e93c16038 R14: 00007f0e93c15fa0 R15: 00007ffe3898fda8 [ 174.778749][ T6927] [ 178.238553][ T6988] netlink: 4108 bytes leftover after parsing attributes in process `syz.1.232'. [ 178.950391][ T6960] cgroup: fork rejected by pids controller in /syz0 [ 179.652956][ T30] audit: type=1800 audit(1778356564.217:5): pid=7016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.234" name="file0" dev="tmpfs" ino=337 res=0 errno=0 [ 183.177863][ T7068] futex_wake_op: syz.2.241 tries to shift op by -2048; fix this program [ 183.209446][ T7068] futex_wake_op: syz.2.241 tries to shift op by -2048; fix this program [ 183.296785][ T7064] 0x000000000001-0x000000020000 : "" [ 183.548797][ T7064] ftl_cs: FTL header corrupt! [ 188.183574][ T7134] ecryptfs_miscdev_write: Invalid packet size [0] [ 190.430917][ T7164] netlink: 564 bytes leftover after parsing attributes in process `syz.2.258'. [ 194.173681][ T7272] netlink: 5836 bytes leftover after parsing attributes in process `syz.0.275'. [ 194.467354][ T7272] netlink: 12 bytes leftover after parsing attributes in process `syz.0.275'. [ 194.557074][ T7276] netlink: 8 bytes leftover after parsing attributes in process `syz.0.275'. [ 194.575684][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.589145][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.795562][ T5634] Bluetooth: hci1: unexpected event 0x10 length: 124 > 1 [ 196.797451][ T50] Bluetooth: hci1: hardware error 0x00 [ 196.938701][ T5634] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 197.471688][ T7344] random: crng reseeded on system resumption [ 198.880752][ T50] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 200.468592][ T7410] random: crng reseeded on system resumption [ 201.459727][ T7427] FAULT_INJECTION: forcing a failure. [ 201.459727][ T7427] name failslab, interval 1, probability 0, space 0, times 0 [ 201.485133][ T7420] random: crng reseeded on system resumption [ 201.493213][ T7427] CPU: 1 UID: 0 PID: 7427 Comm: syz.2.303 Tainted: G L syzkaller #0 PREEMPT(full) [ 201.493266][ T7427] Tainted: [L]=SOFTLOCKUP [ 201.493278][ T7427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 201.493298][ T7427] Call Trace: [ 201.493308][ T7427] [ 201.493319][ T7427] dump_stack_lvl+0x100/0x190 [ 201.493373][ T7427] should_fail_ex.cold+0x5/0xa [ 201.493417][ T7427] should_failslab+0xc2/0x120 [ 201.493457][ T7427] __kmalloc_cache_noprof+0x7a/0x6f0 [ 201.493506][ T7427] ? __request_module+0x2c3/0x6c0 [ 201.493543][ T7427] ? lockdep_hardirqs_on+0x78/0x100 [ 201.493600][ T7427] __request_module+0x2c3/0x6c0 [ 201.493639][ T7427] ? __pfx___request_module+0x10/0x10 [ 201.493673][ T7427] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 201.493729][ T7427] ? lockdep_init_map_type+0x5c/0x250 [ 201.493771][ T7427] ? inode_init_always_gfp+0xce1/0x1000 [ 201.493835][ T7427] __sock_create+0x5c4/0x860 [ 201.493894][ T7427] __sys_socket+0x14d/0x260 [ 201.493948][ T7427] ? __pfx___sys_socket+0x10/0x10 [ 201.494010][ T7427] __x64_sys_socket+0x72/0xb0 [ 201.494066][ T7427] ? lockdep_hardirqs_on+0x78/0x100 [ 201.494117][ T7427] do_syscall_64+0x10b/0xf80 [ 201.494165][ T7427] ? clear_bhb_loop+0x40/0x90 [ 201.494207][ T7427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.494242][ T7427] RIP: 0033:0x7f5df519cdd9 [ 201.494270][ T7427] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 201.494302][ T7427] RSP: 002b:00007f5df60bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 201.494335][ T7427] RAX: ffffffffffffffda RBX: 00007f5df5415fa0 RCX: 00007f5df519cdd9 [ 201.494356][ T7427] RDX: 0000000000000001 RSI: 0000000000000003 RDI: 0000000000000025 [ 201.494375][ T7427] RBP: 00007f5df5232d69 R08: 0000000000000000 R09: 0000000000000000 [ 201.494396][ T7427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 201.494415][ T7427] R13: 00007f5df5416038 R14: 00007f5df5415fa0 R15: 00007ffeb0705838 [ 201.494458][ T7427] [ 202.680534][ T7441] netlink: 5836 bytes leftover after parsing attributes in process `syz.1.313'. [ 202.883198][ T7441] netlink: 12 bytes leftover after parsing attributes in process `syz.1.313'. [ 202.916644][ T7441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.313'. [ 204.722036][ T7473] FAULT_INJECTION: forcing a failure. [ 204.722036][ T7473] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 204.784544][ T7473] CPU: 1 UID: 0 PID: 7473 Comm: syz.3.312 Tainted: G L syzkaller #0 PREEMPT(full) [ 204.784594][ T7473] Tainted: [L]=SOFTLOCKUP [ 204.784605][ T7473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 204.784624][ T7473] Call Trace: [ 204.784634][ T7473] [ 204.784646][ T7473] dump_stack_lvl+0x100/0x190 [ 204.784687][ T7473] should_fail_ex.cold+0x5/0xa [ 204.784729][ T7473] _copy_from_iter+0x1f4/0x1690 [ 204.784772][ T7473] ? __pfx__copy_from_iter+0x10/0x10 [ 204.784823][ T7473] ? __pfx___might_resched+0x10/0x10 [ 204.784859][ T7473] ? kfree+0x1dd/0x6c0 [ 204.784916][ T7473] file_tty_write.isra.0+0x45b/0x890 [ 204.784978][ T7473] redirected_tty_write+0xd4/0x120 [ 204.785028][ T7473] vfs_write+0x6ac/0x1070 [ 204.785068][ T7473] ? __pfx_redirected_tty_write+0x10/0x10 [ 204.785122][ T7473] ? __pfx_vfs_write+0x10/0x10 [ 204.785156][ T7473] ? find_held_lock+0x2b/0x80 [ 204.785225][ T7473] ksys_write+0x12a/0x250 [ 204.785264][ T7473] ? __pfx_ksys_write+0x10/0x10 [ 204.785304][ T7473] ? rcu_is_watching+0x12/0xc0 [ 204.785347][ T7473] do_syscall_64+0x10b/0xf80 [ 204.785393][ T7473] ? clear_bhb_loop+0x40/0x90 [ 204.785431][ T7473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.785463][ T7473] RIP: 0033:0x7f0e9399cdd9 [ 204.785488][ T7473] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 204.785517][ T7473] RSP: 002b:00007f0e94926028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 204.785546][ T7473] RAX: ffffffffffffffda RBX: 00007f0e93c15fa0 RCX: 00007f0e9399cdd9 [ 204.785567][ T7473] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000008 [ 204.785586][ T7473] RBP: 00007f0e93a32d69 R08: 0000000000000000 R09: 0000000000000000 [ 204.785604][ T7473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 204.785621][ T7473] R13: 00007f0e93c16038 R14: 00007f0e93c15fa0 R15: 00007ffe3898fda8 [ 204.785662][ T7473] [ 205.921263][ T7487] program syz.0.315 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 205.959248][ T7487] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 206.609250][ T7496] MTRR 1 not used [ 206.679358][ T7501] netlink: 5836 bytes leftover after parsing attributes in process `syz.3.318'. [ 206.917346][ T7501] netlink: 12 bytes leftover after parsing attributes in process `syz.3.318'. [ 206.965377][ T7501] netlink: 8 bytes leftover after parsing attributes in process `syz.3.318'. [ 207.098485][ T50] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 207.109807][ T50] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 207.256437][ T5634] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 207.264329][ T5634] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 207.323173][ T29] Process accounting resumed [ 207.351546][ T5711] Process accounting resumed [ 207.731704][ T7435] Process accounting resumed [ 209.136944][ T7533] FAULT_INJECTION: forcing a failure. [ 209.136944][ T7533] name failslab, interval 1, probability 0, space 0, times 0 [ 209.225294][ T7533] CPU: 0 UID: 0 PID: 7533 Comm: syz.1.322 Tainted: G L syzkaller #0 PREEMPT(full) [ 209.225349][ T7533] Tainted: [L]=SOFTLOCKUP [ 209.225361][ T7533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 209.225381][ T7533] Call Trace: [ 209.225392][ T7533] [ 209.225405][ T7533] dump_stack_lvl+0x100/0x190 [ 209.225449][ T7533] should_fail_ex.cold+0x5/0xa [ 209.225494][ T7533] should_failslab+0xc2/0x120 [ 209.225537][ T7533] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 209.225574][ T7533] ? landlock_restrict_sibling_threads+0x4f5/0x1490 [ 209.225628][ T7533] krealloc_node_align_noprof+0x321/0x3e0 [ 209.225663][ T7533] landlock_restrict_sibling_threads+0x4f5/0x1490 [ 209.225710][ T7533] ? __pfx_landlock_restrict_sibling_threads+0x10/0x10 [ 209.225749][ T7533] ? rcu_is_watching+0x12/0xc0 [ 209.225813][ T7533] ? __pfx___might_resched+0x10/0x10 [ 209.225847][ T7533] ? landlock_merge_ruleset+0x213/0x830 [ 209.225881][ T7533] __do_sys_landlock_restrict_self+0x5d2/0x9e0 [ 209.225935][ T7533] do_syscall_64+0x10b/0xf80 [ 209.225976][ T7533] ? clear_bhb_loop+0x40/0x90 [ 209.226010][ T7533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.226039][ T7533] RIP: 0033:0x7f27b939cdd9 [ 209.226061][ T7533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 209.226088][ T7533] RSP: 002b:00007f27b7191028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 209.226115][ T7533] RAX: ffffffffffffffda RBX: 00007f27b9616270 RCX: 00007f27b939cdd9 [ 209.226133][ T7533] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000006 [ 209.226149][ T7533] RBP: 00007f27b9432d69 R08: 0000000000000000 R09: 0000000000000000 [ 209.226165][ T7533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.226186][ T7533] R13: 00007f27b9616308 R14: 00007f27b9616270 R15: 00007ffe9f0c7dc8 [ 209.226221][ T7533] [ 211.787799][ T7555] netlink: 342 bytes leftover after parsing attributes in process `syz.3.327'. [ 213.606306][ T7600] netlink: 4 bytes leftover after parsing attributes in process `syz.1.337'. [ 213.962827][ T7608] netlink: 8 bytes leftover after parsing attributes in process `syz.0.339'. [ 214.495320][ T7603] ubi0: attaching mtd0 [ 214.547943][ T7621] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 214.620942][ T7603] ubi0: scanning is finished [ 214.638662][ T7603] ubi0: empty MTD device detected [ 215.088962][ T7603] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 215.123037][ T7603] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 215.199814][ T7603] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 215.245067][ T7603] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 215.280787][ T7603] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 215.300707][ T7603] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 215.368678][ T7603] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1354420588 [ 215.402218][ T7603] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 215.450038][ T7632] ubi0: background thread "ubi_bgt0d" started, PID 7632 [ 215.462088][ T7605] ubi0: detaching mtd0 [ 215.526853][ T7605] ubi0: mtd0 is detached [ 216.180771][ T7650] zero sized request [ 217.032744][ T7676] netlink: 186 bytes leftover after parsing attributes in process `syz.1.351'. [ 218.738488][ T7707] FAULT_INJECTION: forcing a failure. [ 218.738488][ T7707] name failslab, interval 1, probability 0, space 0, times 0 [ 218.795002][ T7707] CPU: 1 UID: 0 PID: 7707 Comm: syz.2.358 Tainted: G L syzkaller #0 PREEMPT(full) [ 218.795057][ T7707] Tainted: [L]=SOFTLOCKUP [ 218.795068][ T7707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 218.795086][ T7707] Call Trace: [ 218.795097][ T7707] [ 218.795108][ T7707] dump_stack_lvl+0x100/0x190 [ 218.795152][ T7707] should_fail_ex.cold+0x5/0xa [ 218.795195][ T7707] should_failslab+0xc2/0x120 [ 218.795233][ T7707] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 218.795284][ T7707] ? acpi_ut_create_generic_state+0x61/0xc0 [ 218.795334][ T7707] acpi_ut_create_generic_state+0x61/0xc0 [ 218.795374][ T7707] acpi_ps_push_scope+0x42/0x280 [ 218.795415][ T7707] acpi_ps_parse_loop+0x334/0x24a0 [ 218.795458][ T7707] ? __kmalloc_noprof+0x277/0x850 [ 218.795495][ T7707] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 218.795535][ T7707] ? acpi_ut_status_exit+0x111/0x1c0 [ 218.795584][ T7707] ? acpi_ds_call_control_method+0x435/0xab0 [ 218.795626][ T7707] acpi_ps_parse_aml+0x81e/0x1120 [ 218.795685][ T7707] acpi_ps_execute_method+0x5c4/0xe90 [ 218.795742][ T7707] acpi_ns_evaluate+0x640/0x1670 [ 218.795801][ T7707] acpi_evaluate_object+0x420/0xe00 [ 218.795833][ T7707] ? kasan_save_stack+0x30/0x50 [ 218.795866][ T7707] ? kasan_save_track+0x14/0x30 [ 218.795899][ T7707] ? __kasan_kmalloc+0xaa/0xb0 [ 218.795929][ T7707] ? __kvmalloc_node_noprof+0x360/0xa00 [ 218.795968][ T7707] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 218.796005][ T7707] ? lock_acquire+0x1b1/0x370 [ 218.796047][ T7707] acpi_evaluate_integer+0xdf/0x220 [ 218.796099][ T7707] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 218.796169][ T7707] ? __pfx_status_show+0x10/0x10 [ 218.796205][ T7707] status_show+0xa0/0x120 [ 218.796240][ T7707] ? __pfx_status_show+0x10/0x10 [ 218.796285][ T7707] dev_attr_show+0x52/0xa0 [ 218.796330][ T7707] ? __pfx_dev_attr_show+0x10/0x10 [ 218.796372][ T7707] sysfs_kf_seq_show+0x217/0x3a0 [ 218.796413][ T7707] seq_read_iter+0x32f/0x1270 [ 218.796448][ T7707] ? lock_acquire+0x1b1/0x370 [ 218.796497][ T7707] kernfs_fop_read_iter+0x46c/0x610 [ 218.796548][ T7707] ? rw_verify_area+0xce/0x6d0 [ 218.796580][ T7707] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 218.796633][ T7707] vfs_read+0x825/0xb30 [ 218.796685][ T7707] ? __pfx_vfs_read+0x10/0x10 [ 218.796751][ T7707] ksys_read+0x12a/0x250 [ 218.796789][ T7707] ? __pfx_ksys_read+0x10/0x10 [ 218.796831][ T7707] ? rcu_is_watching+0x12/0xc0 [ 218.796879][ T7707] do_syscall_64+0x10b/0xf80 [ 218.796927][ T7707] ? clear_bhb_loop+0x40/0x90 [ 218.796969][ T7707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.797004][ T7707] RIP: 0033:0x7f5df519cdd9 [ 218.797031][ T7707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 218.797064][ T7707] RSP: 002b:00007f5df60bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 218.797097][ T7707] RAX: ffffffffffffffda RBX: 00007f5df5415fa0 RCX: 00007f5df519cdd9 [ 218.797118][ T7707] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000008 [ 218.797138][ T7707] RBP: 00007f5df5232d69 R08: 0000000000000000 R09: 0000000000000000 [ 218.797158][ T7707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 218.797178][ T7707] R13: 00007f5df5416038 R14: 00007f5df5415fa0 R15: 00007ffeb0705838 [ 218.797223][ T7707] [ 219.125010][ T7707] ACPI Error: Aborting method \_SB.IQST due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 219.138615][ T7707] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 219.893850][ T30] audit: type=1107 audit(1778356604.457:6): pid=7717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 219.960601][ T30] audit: type=1107 audit(1778356604.527:7): pid=7717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 221.906286][ T7748] netlink: 28 bytes leftover after parsing attributes in process `syz.0.367'. [ 222.062402][ T7749] device-mapper: ioctl: Invalid ioctl structure: name d, dev 3000000000 [ 222.584557][ T7762] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 222.619642][ T7762] openvswitch: netlink: Message has 12 unknown bytes. [ 222.751291][ T7765] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 222.752711][ T7768] openvswitch: netlink: Message has 12 unknown bytes. [ 226.242917][ T7815] netlink: 342 bytes leftover after parsing attributes in process `syz.0.378'. [ 227.824050][ T7833] FAULT_INJECTION: forcing a failure. [ 227.824050][ T7833] name fail_futex, interval 1, probability 0, space 0, times 0 [ 227.947968][ T7847] netlink: 25 bytes leftover after parsing attributes in process `syz.3.387'. [ 227.966387][ T7833] CPU: 0 UID: 0 PID: 7833 Comm: syz.2.384 Tainted: G L syzkaller #0 PREEMPT(full) [ 227.966440][ T7833] Tainted: [L]=SOFTLOCKUP [ 227.966452][ T7833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 227.966471][ T7833] Call Trace: [ 227.966482][ T7833] [ 227.966495][ T7833] dump_stack_lvl+0x100/0x190 [ 227.966539][ T7833] should_fail_ex.cold+0x5/0xa [ 227.966582][ T7833] get_futex_key+0x1d2/0x1510 [ 227.966622][ T7833] ? __pfx_get_futex_key+0x10/0x10 [ 227.966670][ T7833] futex_wake+0xea/0x530 [ 227.966717][ T7833] ? rcu_is_watching+0x12/0xc0 [ 227.966766][ T7833] ? __pfx_futex_wake+0x10/0x10 [ 227.966816][ T7833] ? putname+0xb1/0x110 [ 227.966859][ T7833] ? kmem_cache_free+0x127/0x6c0 [ 227.966921][ T7833] do_futex+0x32b/0x350 [ 227.966960][ T7833] ? __pfx_do_futex+0x10/0x10 [ 227.966994][ T7833] ? __pfx_do_sys_openat2+0x10/0x10 [ 227.967051][ T7833] ? __fget_files+0x21f/0x3d0 [ 227.967096][ T7833] __x64_sys_futex+0x34f/0x4d0 [ 227.967135][ T7833] ? __x64_sys_openat+0x12d/0x210 [ 227.967192][ T7833] ? __pfx___x64_sys_futex+0x10/0x10 [ 227.967237][ T7833] ? rcu_is_watching+0x12/0xc0 [ 227.967281][ T7833] do_syscall_64+0x10b/0xf80 [ 227.967329][ T7833] ? clear_bhb_loop+0x40/0x90 [ 227.967370][ T7833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.967404][ T7833] RIP: 0033:0x7f5df519cdd9 [ 227.967430][ T7833] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 227.967463][ T7833] RSP: 002b:00007f5df60bd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 227.967494][ T7833] RAX: ffffffffffffffda RBX: 00007f5df5415fa8 RCX: 00007f5df519cdd9 [ 227.967516][ T7833] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5df5415fac [ 227.967537][ T7833] RBP: 00007f5df5415fa0 R08: 0000000000000001 R09: 0000000000000000 [ 227.967557][ T7833] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000 [ 227.967577][ T7833] R13: 00007f5df5416038 R14: 00007ffeb0705750 R15: 00007ffeb0705838 [ 227.967620][ T7833] [ 229.160934][ T7850] netlink: 4 bytes leftover after parsing attributes in process `syz.2.388'. [ 230.286199][ T7863] netlink: 186 bytes leftover after parsing attributes in process `syz.2.390'. [ 230.351706][ T7848] pci 0000:00:01.3: enabling device (0100 -> 0101) [ 230.361487][ T7860] can: request_module (can-proto-5) failed. [ 230.685601][ T7848] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 230.695692][ T7848] pci 0000:00:01.3: PCI INT A: no GSI [ 230.879016][ T5634] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 231.546407][ T7879] netlink: 12 bytes leftover after parsing attributes in process `syz.0.395'. [ 231.567785][ T7879] nbd: must specify a size in bytes for the device [ 231.822348][ T7875] syz.3.403 (7875) used greatest stack depth: 19720 bytes left [ 233.124168][ T7905] random: crng reseeded on system resumption [ 233.599453][ T30] audit: type=1400 audit(1778356618.157:8): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=7909 comm="syz.2.402" [ 235.552148][ T7939] smpboot: CPU 1 is now offline [ 236.626126][ T7942] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 236.699672][ T7942] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 236.732293][ T7942] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 237.239811][ T7960] bond0: invalid ARP target specified [ 238.318979][ T5634] Bluetooth: hci0: command 0x2016 tx timeout [ 238.393666][ T7958] Process accounting paused [ 238.704356][ T7961] Process accounting resumed [ 238.720042][ T5634] Bluetooth: hci2: command 0x0c1a tx timeout [ 238.799441][ T5634] Bluetooth: hci3: command 0x0c1a tx timeout [ 242.553725][ T30] audit: type=1800 audit(1778356627.117:9): pid=8044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.431" name="dbroot" dev="configfs" ino=21658 res=0 errno=0 [ 242.922803][ T8057] netlink: 28 bytes leftover after parsing attributes in process `syz.0.436'. [ 243.005092][ T8057] veth0_vlan: entered allmulticast mode [ 243.015417][ T8056] netlink: 354 bytes leftover after parsing attributes in process `syz.3.435'. [ 244.929598][ T8081] netlink: 342 bytes leftover after parsing attributes in process `syz.2.441'. [ 245.067252][ T8099] random: crng reseeded on system resumption [ 245.656917][ T8102] zswap: compressor not available [ 246.703405][ T8122] netlink: 8 bytes leftover after parsing attributes in process `syz.0.447'. [ 246.755223][ T8121] netlink: 8 bytes leftover after parsing attributes in process `syz.0.447'. [ 246.783367][ T8100] hub 1-0:1.0: USB hub found [ 246.819295][ T8100] hub 1-0:1.0: 1 port detected [ 247.332812][ T5634] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 248.259980][ T8145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.452'. [ 253.612748][ T8235] netlink: 4 bytes leftover after parsing attributes in process `syz.1.468'. [ 253.665932][ T8235] device-mapper: ioctl: Invalid ioctl structure: name , dev 3000000000 [ 253.933934][ T30] audit: type=1800 audit(1778356638.497:10): pid=8239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.467" name="file0" dev="tmpfs" ino=645 res=0 errno=0 [ 254.723618][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 254.730299][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.893780][ T8287] bond0: option mode: unable to set because the bond device is up [ 256.746433][ T8308] netlink: 342 bytes leftover after parsing attributes in process `syz.0.483'. [ 256.820830][ T8308] IPv6: NLM_F_CREATE should be specified when creating new route [ 256.877418][ T8310] netlink: 342 bytes leftover after parsing attributes in process `syz.0.483'. [ 256.957405][ T8308] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 256.966139][ T8308] IPv6: NLM_F_CREATE should be set when creating new route [ 256.973435][ T8308] IPv6: NLM_F_CREATE should be set when creating new route [ 257.098634][ T8310] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 261.672757][ T8369] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 261.825849][ T8369] File: /dev/nullb0 PID: 8369 Comm: syz.3.498 [ 262.050528][ T8382] FAULT_INJECTION: forcing a failure. [ 262.050528][ T8382] name failslab, interval 1, probability 0, space 0, times 0 [ 262.321355][ T8382] CPU: 0 UID: 0 PID: 8382 Comm: syz.2.496 Tainted: G L syzkaller #0 PREEMPT(full) [ 262.321394][ T8382] Tainted: [L]=SOFTLOCKUP [ 262.321402][ T8382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 262.321416][ T8382] Call Trace: [ 262.321424][ T8382] [ 262.321432][ T8382] dump_stack_lvl+0x100/0x190 [ 262.321464][ T8382] should_fail_ex.cold+0x5/0xa [ 262.321494][ T8382] should_failslab+0xc2/0x120 [ 262.321523][ T8382] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 262.321549][ T8382] ? key_alloc+0x423/0x1310 [ 262.321576][ T8382] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 262.321620][ T8382] kmemdup_noprof+0x29/0x60 [ 262.321646][ T8382] key_alloc+0x423/0x1310 [ 262.321684][ T8382] ? __pfx_key_alloc+0x10/0x10 [ 262.321710][ T8382] ? __pfx_key_default_cmp+0x10/0x10 [ 262.321743][ T8382] ? __pfx_keyring_search_iterator+0x10/0x10 [ 262.321779][ T8382] keyring_alloc+0x44/0xc0 [ 262.321812][ T8382] look_up_user_keyrings+0x465/0x790 [ 262.321846][ T8382] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 262.321881][ T8382] lookup_user_key+0xbb1/0x1300 [ 262.321908][ T8382] ? __pfx_lookup_user_key+0x10/0x10 [ 262.321934][ T8382] ? __pfx_do_futex+0x10/0x10 [ 262.321966][ T8382] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 262.321997][ T8382] ? xfd_validate_state+0x129/0x190 [ 262.322021][ T8382] ? ksys_write+0x1ac/0x250 [ 262.322053][ T8382] keyctl_keyring_unlink+0x1f/0x1b0 [ 262.322091][ T8382] __do_sys_keyctl+0x3dd/0x5a0 [ 262.322115][ T8382] do_syscall_64+0x10b/0xf80 [ 262.322151][ T8382] ? clear_bhb_loop+0x40/0x90 [ 262.322180][ T8382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 262.322204][ T8382] RIP: 0033:0x7f5df519cdd9 [ 262.322224][ T8382] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 262.322246][ T8382] RSP: 002b:00007f5df6039028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 262.322269][ T8382] RAX: ffffffffffffffda RBX: 00007f5df5416360 RCX: 00007f5df519cdd9 [ 262.322284][ T8382] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000009 [ 262.322306][ T8382] RBP: 00007f5df5232d69 R08: 0000000000000008 R09: 0000000000000000 [ 262.322320][ T8382] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 262.322334][ T8382] R13: 00007f5df54163f8 R14: 00007f5df5416360 R15: 00007ffeb0705838 [ 262.322365][ T8382] [ 263.430166][ T8389] FAULT_INJECTION: forcing a failure. [ 263.430166][ T8389] name failslab, interval 1, probability 0, space 0, times 0 [ 263.723716][ T8389] CPU: 0 UID: 0 PID: 8389 Comm: syz.3.503 Tainted: G L syzkaller #0 PREEMPT(full) [ 263.723754][ T8389] Tainted: [L]=SOFTLOCKUP [ 263.723762][ T8389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 263.723776][ T8389] Call Trace: [ 263.723783][ T8389] [ 263.723792][ T8389] dump_stack_lvl+0x100/0x190 [ 263.723824][ T8389] should_fail_ex.cold+0x5/0xa [ 263.723856][ T8389] should_failslab+0xc2/0x120 [ 263.723884][ T8389] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 263.723911][ T8389] ? key_alloc+0x423/0x1310 [ 263.723938][ T8389] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 263.723981][ T8389] kmemdup_noprof+0x29/0x60 [ 263.724007][ T8389] key_alloc+0x423/0x1310 [ 263.724046][ T8389] ? __pfx_key_alloc+0x10/0x10 [ 263.724072][ T8389] ? __pfx_key_default_cmp+0x10/0x10 [ 263.724104][ T8389] ? __pfx_keyring_search_iterator+0x10/0x10 [ 263.724140][ T8389] keyring_alloc+0x44/0xc0 [ 263.724173][ T8389] look_up_user_keyrings+0x465/0x790 [ 263.724214][ T8389] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 263.724250][ T8389] lookup_user_key+0xbb1/0x1300 [ 263.724277][ T8389] ? __pfx_lookup_user_key+0x10/0x10 [ 263.724303][ T8389] ? __pfx_do_futex+0x10/0x10 [ 263.724335][ T8389] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 263.724370][ T8389] ? xfd_validate_state+0x129/0x190 [ 263.724395][ T8389] ? ksys_write+0x1ac/0x250 [ 263.724426][ T8389] keyctl_keyring_unlink+0x1f/0x1b0 [ 263.724464][ T8389] __do_sys_keyctl+0x3dd/0x5a0 [ 263.724488][ T8389] do_syscall_64+0x10b/0xf80 [ 263.724522][ T8389] ? clear_bhb_loop+0x40/0x90 [ 263.724551][ T8389] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.724575][ T8389] RIP: 0033:0x7f0e9399cdd9 [ 263.724593][ T8389] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 263.724616][ T8389] RSP: 002b:00007f0e94926028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 263.724639][ T8389] RAX: ffffffffffffffda RBX: 00007f0e93c15fa0 RCX: 00007f0e9399cdd9 [ 263.724654][ T8389] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000009 [ 263.724669][ T8389] RBP: 00007f0e93a32d69 R08: 0000000000000008 R09: 0000000000000000 [ 263.724683][ T8389] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 263.724697][ T8389] R13: 00007f0e93c16038 R14: 00007f0e93c15fa0 R15: 00007ffe3898fda8 [ 263.724727][ T8389] [ 264.874917][ T8402] FAULT_INJECTION: forcing a failure. [ 264.874917][ T8402] name failslab, interval 1, probability 0, space 0, times 0 [ 265.105888][ T8402] CPU: 0 UID: 0 PID: 8402 Comm: syz.1.506 Tainted: G L syzkaller #0 PREEMPT(full) [ 265.105928][ T8402] Tainted: [L]=SOFTLOCKUP [ 265.105936][ T8402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 265.105949][ T8402] Call Trace: [ 265.105957][ T8402] [ 265.105966][ T8402] dump_stack_lvl+0x100/0x190 [ 265.105997][ T8402] should_fail_ex.cold+0x5/0xa [ 265.106027][ T8402] ? tomoyo_realpath_from_path+0xb6/0x690 [ 265.106059][ T8402] should_failslab+0xc2/0x120 [ 265.106087][ T8402] __kmalloc_noprof+0xe0/0x850 [ 265.106109][ T8402] ? kfree+0x1dd/0x6c0 [ 265.106147][ T8402] tomoyo_realpath_from_path+0xb6/0x690 [ 265.106185][ T8402] tomoyo_path_number_perm+0x23c/0x580 [ 265.106210][ T8402] ? tomoyo_path_number_perm+0x22e/0x580 [ 265.106238][ T8402] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 265.106263][ T8402] ? futex_wake+0x1ad/0x530 [ 265.106320][ T8402] ? find_held_lock+0x2b/0x80 [ 265.106352][ T8402] ? __fget_files+0x215/0x3d0 [ 265.106379][ T8402] ? hook_file_ioctl_common+0x149/0x410 [ 265.106404][ T8402] ? __fget_files+0x215/0x3d0 [ 265.106436][ T8402] ? __fget_files+0x21f/0x3d0 [ 265.106469][ T8402] security_file_ioctl+0xd3/0x230 [ 265.106498][ T8402] __x64_sys_ioctl+0xb7/0x210 [ 265.106527][ T8402] do_syscall_64+0x10b/0xf80 [ 265.106562][ T8402] ? clear_bhb_loop+0x40/0x90 [ 265.106591][ T8402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.106615][ T8402] RIP: 0033:0x7f27b939cdd9 [ 265.106635][ T8402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 265.106657][ T8402] RSP: 002b:00007f27b75f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 265.106679][ T8402] RAX: ffffffffffffffda RBX: 00007f27b9615fa0 RCX: 00007f27b939cdd9 [ 265.106694][ T8402] RDX: 0000000000000da5 RSI: 0000000040305829 RDI: 0000000000000009 [ 265.106708][ T8402] RBP: 00007f27b9432d69 R08: 0000000000000000 R09: 0000000000000000 [ 265.106722][ T8402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.106736][ T8402] R13: 00007f27b9616038 R14: 00007f27b9615fa0 R15: 00007ffe9f0c7dc8 [ 265.106765][ T8402] [ 265.349150][ T8402] ERROR: Out of memory at tomoyo_realpath_from_path. [ 268.628720][ T8440] Process accounting resumed [ 268.749986][ T8454] Process accounting paused [ 269.915447][ T8468] FAULT_INJECTION: forcing a failure. [ 269.915447][ T8468] name fail_futex, interval 1, probability 0, space 0, times 0 [ 270.066399][ T8468] CPU: 0 UID: 0 PID: 8468 Comm: syz.2.518 Tainted: G L syzkaller #0 PREEMPT(full) [ 270.066444][ T8468] Tainted: [L]=SOFTLOCKUP [ 270.066452][ T8468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 270.066466][ T8468] Call Trace: [ 270.066474][ T8468] [ 270.066483][ T8468] dump_stack_lvl+0x100/0x190 [ 270.066514][ T8468] should_fail_ex.cold+0x5/0xa [ 270.066545][ T8468] get_futex_key+0x1d2/0x1510 [ 270.066573][ T8468] ? __pfx_get_futex_key+0x10/0x10 [ 270.066607][ T8468] futex_wait_setup+0x83/0x510 [ 270.066647][ T8468] __futex_wait+0x19f/0x300 [ 270.066682][ T8468] ? __pfx___futex_wait+0x10/0x10 [ 270.066719][ T8468] ? __pfx_futex_wake_mark+0x10/0x10 [ 270.066755][ T8468] ? futex_hash+0x2ad/0x370 [ 270.066780][ T8468] ? futex_hash+0x141/0x370 [ 270.066806][ T8468] futex_wait+0xe6/0x370 [ 270.066839][ T8468] ? __pfx_futex_wait+0x10/0x10 [ 270.066876][ T8468] ? ksys_write+0x190/0x250 [ 270.066903][ T8468] ? ksys_write+0x190/0x250 [ 270.066937][ T8468] do_futex+0x1ef/0x350 [ 270.066963][ T8468] ? __pfx_do_futex+0x10/0x10 [ 270.066990][ T8468] ? do_set_mempolicy+0x217/0x3d0 [ 270.067018][ T8468] ? __pfx_do_set_mempolicy+0x10/0x10 [ 270.067049][ T8468] __x64_sys_futex+0x34f/0x4d0 [ 270.067080][ T8468] ? __pfx___x64_sys_futex+0x10/0x10 [ 270.067108][ T8468] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 270.067139][ T8468] ? rcu_is_watching+0x12/0xc0 [ 270.067173][ T8468] do_syscall_64+0x10b/0xf80 [ 270.067208][ T8468] ? clear_bhb_loop+0x40/0x90 [ 270.067237][ T8468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.067261][ T8468] RIP: 0033:0x7f5df519cdd9 [ 270.067280][ T8468] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 270.067308][ T8468] RSP: 002b:00007f5df605a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 270.067330][ T8468] RAX: ffffffffffffffda RBX: 00007f5df5416278 RCX: 00007f5df519cdd9 [ 270.067346][ T8468] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5df5416278 [ 270.067360][ T8468] RBP: 00007f5df5416270 R08: 0000000000000000 R09: 0000000000000000 [ 270.067375][ T8468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 270.067388][ T8468] R13: 00007f5df5416308 R14: 00007ffeb0705750 R15: 00007ffeb0705838 [ 270.067418][ T8468] [ 272.318154][ T8496] can: request_module (can-proto-0) failed. [ 277.788773][ T8560] netlink: 20 bytes leftover after parsing attributes in process `syz.2.540'. [ 277.846960][ T8561] nbd: must specify a size in bytes for the device [ 280.522165][ T8598] netlink: 8 bytes leftover after parsing attributes in process `syz.0.548'. [ 280.591080][ T8600] capability: warning: `syz.0.548' uses 32-bit capabilities (legacy support in use) [ 281.500927][ T8613] netlink: 24 bytes leftover after parsing attributes in process `syz.0.551'. [ 281.939817][ T8622] random: crng reseeded on system resumption [ 285.387169][ T8661] FAULT_INJECTION: forcing a failure. [ 285.387169][ T8661] name failslab, interval 1, probability 0, space 0, times 0 [ 285.432122][ T8661] CPU: 0 UID: 0 PID: 8661 Comm: syz.0.560 Tainted: G L syzkaller #0 PREEMPT(full) [ 285.432277][ T8661] Tainted: [L]=SOFTLOCKUP [ 285.432289][ T8661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 285.432302][ T8661] Call Trace: [ 285.432316][ T8661] [ 285.432326][ T8661] dump_stack_lvl+0x100/0x190 [ 285.432357][ T8661] should_fail_ex.cold+0x5/0xa [ 285.432386][ T8661] should_failslab+0xc2/0x120 [ 285.432413][ T8661] __kmalloc_cache_noprof+0x7a/0x6f0 [ 285.432448][ T8661] ? snd_timer_instance_new+0x47/0x350 [ 285.432489][ T8661] snd_timer_instance_new+0x47/0x350 [ 285.432528][ T8661] snd_seq_timer_open+0x1d4/0x5d0 [ 285.432557][ T8661] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 285.432593][ T8661] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 285.432626][ T8661] ? lockdep_hardirqs_on+0x78/0x100 [ 285.432662][ T8661] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 285.432697][ T8661] queue_use+0xdc/0x1f0 [ 285.432734][ T8661] snd_seq_queue_alloc+0x2e5/0x540 [ 285.432776][ T8661] snd_seq_ioctl_create_queue+0xa9/0x370 [ 285.432808][ T8661] call_seq_client_ctl+0xa3/0x130 [ 285.432839][ T8661] snd_seq_kernel_client_ctl+0x77/0xd0 [ 285.432871][ T8661] alloc_seq_queue+0xdb/0x180 [ 285.432904][ T8661] ? __pfx_alloc_seq_queue+0x10/0x10 [ 285.432953][ T8661] ? mark_held_locks+0x40/0x70 [ 285.432979][ T8661] snd_seq_oss_open+0x2b2/0xa10 [ 285.433016][ T8661] odev_open+0x6f/0x90 [ 285.433045][ T8661] ? __pfx_odev_open+0x10/0x10 [ 285.433073][ T8661] soundcore_open+0x2e3/0x5a0 [ 285.433106][ T8661] ? __pfx_soundcore_open+0x10/0x10 [ 285.433137][ T8661] chrdev_open+0x234/0x6a0 [ 285.433166][ T8661] ? __pfx_apparmor_file_open+0x10/0x10 [ 285.433203][ T8661] ? __pfx_chrdev_open+0x10/0x10 [ 285.433234][ T8661] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 285.433284][ T8661] do_dentry_open+0x6d8/0x1660 [ 285.433312][ T8661] ? __pfx_chrdev_open+0x10/0x10 [ 285.433348][ T8661] vfs_open+0x82/0x3f0 [ 285.433386][ T8661] path_openat+0x208c/0x31a0 [ 285.433425][ T8661] ? __pfx_path_openat+0x10/0x10 [ 285.433464][ T8661] do_file_open+0x20e/0x430 [ 285.433496][ T8661] ? __pfx_do_file_open+0x10/0x10 [ 285.433546][ T8661] ? alloc_fd+0x476/0x790 [ 285.433579][ T8661] ? do_getname+0x191/0x390 [ 285.433616][ T8661] do_sys_openat2+0x10d/0x1e0 [ 285.433652][ T8661] ? __pfx_do_sys_openat2+0x10/0x10 [ 285.433691][ T8661] ? __fget_files+0x21f/0x3d0 [ 285.433724][ T8661] __x64_sys_openat+0x12d/0x210 [ 285.433761][ T8661] ? __pfx___x64_sys_openat+0x10/0x10 [ 285.433803][ T8661] ? rcu_is_watching+0x12/0xc0 [ 285.433835][ T8661] do_syscall_64+0x10b/0xf80 [ 285.433869][ T8661] ? clear_bhb_loop+0x40/0x90 [ 285.433897][ T8661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.433921][ T8661] RIP: 0033:0x7f249c79cdd9 [ 285.433941][ T8661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 285.433962][ T8661] RSP: 002b:00007f249a9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 285.433984][ T8661] RAX: ffffffffffffffda RBX: 00007f249ca16090 RCX: 00007f249c79cdd9 [ 285.433999][ T8661] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 285.434013][ T8661] RBP: 00007f249c832d69 R08: 0000000000000000 R09: 0000000000000000 [ 285.434027][ T8661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.434040][ T8661] R13: 00007f249ca16128 R14: 00007f249ca16090 R15: 00007fffbeb4fa38 [ 285.434069][ T8661] [ 288.979415][ T8696] kernel profiling enabled (shift: 0) [ 291.956854][ T8733] snd_virmidi snd_virmidi.0: control 61678:131081:26377:y:-2147483647 is already present [ 292.299474][ T8727] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 292.322046][ C0] vcan0: j1939_tp_rxtimer: 0xffff888034e12c00: rx timeout, send abort [ 292.332980][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888034e12c00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 292.373810][ T8727] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 292.447876][ T8727] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 293.001809][ T8741] warning: `syz.2.578' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 293.838870][ T50] Bluetooth: hci0: command 0x2016 tx timeout [ 294.399475][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 294.478980][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 295.824616][ T8770] workqueue: Failed to create a rescuer kthread for wq "nfc16_nci_rx_wq": -EINTR [ 298.877132][ T8882] Process accounting paused [ 299.144397][ T8884] Process accounting resumed [ 299.528108][ T8893] netlink: 334 bytes leftover after parsing attributes in process `syz.2.593'. [ 299.912702][ T8879] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 300.009172][ T8879] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 300.146766][ T8879] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 300.591353][ T8901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.595'. [ 301.736360][ T8914] program syz.2.597 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 301.998971][ T50] Bluetooth: hci0: command 0x2016 tx timeout [ 302.079560][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 302.160946][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 303.935475][ T8932] netlink: 28 bytes leftover after parsing attributes in process `syz.0.600'. [ 305.895713][ T8963] FAULT_INJECTION: forcing a failure. [ 305.895713][ T8963] name failslab, interval 1, probability 0, space 0, times 0 [ 306.037460][ T8963] CPU: 0 UID: 0 PID: 8963 Comm: syz.1.608 Tainted: G L syzkaller #0 PREEMPT(full) [ 306.037499][ T8963] Tainted: [L]=SOFTLOCKUP [ 306.037507][ T8963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 306.037524][ T8963] Call Trace: [ 306.037531][ T8963] [ 306.037540][ T8963] dump_stack_lvl+0x100/0x190 [ 306.037571][ T8963] should_fail_ex.cold+0x5/0xa [ 306.037602][ T8963] ? __pfx_cgroup_show_path+0x10/0x10 [ 306.037648][ T8963] should_failslab+0xc2/0x120 [ 306.037675][ T8963] ? __pfx_cgroup_show_path+0x10/0x10 [ 306.037712][ T8963] __kmalloc_cache_noprof+0x7a/0x6f0 [ 306.037749][ T8963] ? cgroup_show_path+0xb2/0x730 [ 306.037786][ T8963] ? find_held_lock+0x2b/0x80 [ 306.037821][ T8963] ? __pfx_cgroup_show_path+0x10/0x10 [ 306.037859][ T8963] cgroup_show_path+0xb2/0x730 [ 306.037900][ T8963] ? __pfx_cgroup_show_path+0x10/0x10 [ 306.037938][ T8963] kernfs_sop_show_path+0xe9/0x160 [ 306.037962][ T8963] ? __pfx_kernfs_sop_show_path+0x10/0x10 [ 306.037986][ T8963] show_path+0x9e/0x100 [ 306.038022][ T8963] show_mountinfo+0x1d8/0x820 [ 306.038052][ T8963] ? __pfx_show_mountinfo+0x10/0x10 [ 306.038079][ T8963] ? __kvmalloc_node_noprof+0x37b/0xa00 [ 306.038112][ T8963] seq_read_iter+0xbce/0x1270 [ 306.038147][ T8963] ? __pfx_seq_read_iter+0x10/0x10 [ 306.038174][ T8963] vfs_read+0x825/0xb30 [ 306.038206][ T8963] ? __pfx_vfs_read+0x10/0x10 [ 306.038251][ T8963] ksys_read+0x12a/0x250 [ 306.038278][ T8963] ? __pfx_ksys_read+0x10/0x10 [ 306.038308][ T8963] ? rcu_is_watching+0x12/0xc0 [ 306.038341][ T8963] do_syscall_64+0x10b/0xf80 [ 306.038376][ T8963] ? clear_bhb_loop+0x40/0x90 [ 306.038406][ T8963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.038430][ T8963] RIP: 0033:0x7f27b939cdd9 [ 306.038450][ T8963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 306.038477][ T8963] RSP: 002b:00007f27b75d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 306.038503][ T8963] RAX: ffffffffffffffda RBX: 00007f27b9616090 RCX: 00007f27b939cdd9 [ 306.038519][ T8963] RDX: 0000000000001036 RSI: 0000200000000040 RDI: 0000000000000003 [ 306.038533][ T8963] RBP: 00007f27b9432d69 R08: 0000000000000000 R09: 0000000000000000 [ 306.038547][ T8963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 306.038560][ T8963] R13: 00007f27b9616128 R14: 00007f27b9616090 R15: 00007ffe9f0c7dc8 [ 306.038591][ T8963] [ 308.814981][ T9005] vivid-007: ================= START STATUS ================= [ 308.864806][ T9005] vivid-007: Generate PTS: true [ 308.902365][ T9005] vivid-007: Generate SCR: true [ 308.934811][ T9005] tpg source WxH: 320x240 (Y'CbCr) [ 308.966838][ T9005] tpg field: 1 [ 308.993697][ T9005] tpg crop: (0,0)/320x240 [ 309.019816][ T9005] tpg compose: (0,0)/320x240 [ 309.048446][ T9005] tpg colorspace: 8 [ 309.070890][ T9005] tpg transfer function: 0/0 [ 309.090614][ T9005] tpg Y'CbCr encoding: 0/0 [ 309.110831][ T9005] tpg quantization: 0/0 [ 309.135577][ T9005] tpg RGB range: 0/2 [ 309.149099][ T9005] vivid-007: ================== END STATUS ================== [ 309.598301][ T9018] futex_wake_op: syz.2.623 tries to shift op by -2048; fix this program [ 309.729564][ T9018] futex_wake_op: syz.2.623 tries to shift op by -2048; fix this program [ 311.558021][ T9043] ima: policy update failed [ 311.574023][ T30] audit: type=1802 audit(1843104528.640:11): pid=9043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.629" res=0 errno=0 [ 317.443958][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.459007][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.379439][ T9192] FAULT_INJECTION: forcing a failure. [ 324.379439][ T9192] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 324.600130][ T9192] CPU: 0 UID: 0 PID: 9192 Comm: syz.0.661 Tainted: G L syzkaller #0 PREEMPT(full) [ 324.600167][ T9192] Tainted: [L]=SOFTLOCKUP [ 324.600174][ T9192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 324.600188][ T9192] Call Trace: [ 324.600195][ T9192] [ 324.600203][ T9192] dump_stack_lvl+0x100/0x190 [ 324.600233][ T9192] should_fail_ex.cold+0x5/0xa [ 324.600270][ T9192] _copy_to_user+0x32/0xd0 [ 324.600296][ T9192] simple_read_from_buffer+0xcb/0x170 [ 324.600327][ T9192] proc_fail_nth_read+0x1af/0x230 [ 324.600365][ T9192] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 324.600404][ T9192] ? rw_verify_area+0xce/0x6d0 [ 324.600428][ T9192] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 324.600465][ T9192] vfs_read+0x1e4/0xb30 [ 324.600495][ T9192] ? __pfx_vfs_read+0x10/0x10 [ 324.600520][ T9192] ? __fget_files+0x215/0x3d0 [ 324.600554][ T9192] ? __fget_files+0x21f/0x3d0 [ 324.600589][ T9192] ksys_read+0x12a/0x250 [ 324.600615][ T9192] ? __pfx_ksys_read+0x10/0x10 [ 324.600647][ T9192] ? rcu_is_watching+0x12/0xc0 [ 324.600679][ T9192] do_syscall_64+0x10b/0xf80 [ 324.600713][ T9192] ? clear_bhb_loop+0x40/0x90 [ 324.600742][ T9192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.600766][ T9192] RIP: 0033:0x7f249c75d60e [ 324.600784][ T9192] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 324.600807][ T9192] RSP: 002b:00007f249d574fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 324.600828][ T9192] RAX: ffffffffffffffda RBX: 00007f249d5756c0 RCX: 00007f249c75d60e [ 324.600844][ T9192] RDX: 000000000000000f RSI: 00007f249d5750a0 RDI: 0000000000000003 [ 324.600858][ T9192] RBP: 00007f249d575090 R08: 0000000000000000 R09: 0000000000000000 [ 324.600872][ T9192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 324.600886][ T9192] R13: 00007f249ca16038 R14: 00007f249ca15fa0 R15: 00007fffbeb4fa38 [ 324.600915][ T9192] [ 326.096628][ T9216] FAULT_INJECTION: forcing a failure. [ 326.096628][ T9216] name failslab, interval 1, probability 0, space 0, times 0 [ 326.153931][ T9216] CPU: 0 UID: 0 PID: 9216 Comm: syz.0.665 Tainted: G L syzkaller #0 PREEMPT(full) [ 326.153971][ T9216] Tainted: [L]=SOFTLOCKUP [ 326.153980][ T9216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 326.153994][ T9216] Call Trace: [ 326.154002][ T9216] [ 326.154011][ T9216] dump_stack_lvl+0x100/0x190 [ 326.154043][ T9216] should_fail_ex.cold+0x5/0xa [ 326.154074][ T9216] should_failslab+0xc2/0x120 [ 326.154102][ T9216] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 326.154148][ T9216] ? security_inode_alloc+0x3b/0x2c0 [ 326.154171][ T9216] ? lockdep_init_map_type+0x5c/0x250 [ 326.154200][ T9216] security_inode_alloc+0x3b/0x2c0 [ 326.154223][ T9216] inode_init_always_gfp+0xcc0/0x1000 [ 326.154259][ T9216] alloc_inode+0x8e/0x250 [ 326.154297][ T9216] sock_alloc+0x44/0x280 [ 326.154324][ T9216] ? security_socket_create+0x7f/0x250 [ 326.154363][ T9216] sock_create_lite+0x82/0x120 [ 326.154395][ T9216] __netlink_kernel_create+0xbd/0x750 [ 326.154432][ T9216] ? __pfx___netlink_kernel_create+0x10/0x10 [ 326.154465][ T9216] ? find_held_lock+0x2b/0x80 [ 326.154496][ T9216] ? audit_net_init+0x190/0x440 [ 326.154523][ T9216] ? audit_net_init+0x190/0x440 [ 326.154555][ T9216] audit_net_init+0x1ae/0x440 [ 326.154582][ T9216] ? __pfx_audit_net_init+0x10/0x10 [ 326.154608][ T9216] ? rcu_is_watching+0x12/0xc0 [ 326.154638][ T9216] ? __pfx_audit_receive+0x10/0x10 [ 326.154669][ T9216] ? __pfx_audit_multicast_bind+0x10/0x10 [ 326.154702][ T9216] ? __pfx_audit_multicast_unbind+0x10/0x10 [ 326.154737][ T9216] ? __kmalloc_noprof+0x320/0x850 [ 326.154763][ T9216] ? __pfx_audit_net_init+0x10/0x10 [ 326.154790][ T9216] ops_init+0x1e2/0x5f0 [ 326.154821][ T9216] setup_net+0x118/0x3a0 [ 326.154850][ T9216] ? __pfx_setup_net+0x10/0x10 [ 326.154878][ T9216] ? mutex_init_lockdep+0xf1/0x120 [ 326.154908][ T9216] copy_net_ns+0x46f/0x7c0 [ 326.154942][ T9216] create_new_namespaces+0x3ea/0xac0 [ 326.154981][ T9216] unshare_nsproxy_namespaces+0xf2/0x220 [ 326.155016][ T9216] ksys_unshare+0x438/0xab0 [ 326.155055][ T9216] ? __pfx_ksys_unshare+0x10/0x10 [ 326.155090][ T9216] ? xfd_validate_state+0x129/0x190 [ 326.155113][ T9216] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 326.155151][ T9216] __x64_sys_unshare+0x31/0x40 [ 326.155192][ T9216] do_syscall_64+0x10b/0xf80 [ 326.155228][ T9216] ? clear_bhb_loop+0x40/0x90 [ 326.155258][ T9216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.155283][ T9216] RIP: 0033:0x7f249c79cdd9 [ 326.155304][ T9216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 326.155328][ T9216] RSP: 002b:00007f249d575028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 326.155350][ T9216] RAX: ffffffffffffffda RBX: 00007f249ca15fa0 RCX: 00007f249c79cdd9 [ 326.155366][ T9216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 326.155381][ T9216] RBP: 00007f249c832d69 R08: 0000000000000000 R09: 0000000000000000 [ 326.155395][ T9216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 326.155409][ T9216] R13: 00007f249ca16038 R14: 00007f249ca15fa0 R15: 00007fffbeb4fa38 [ 326.155439][ T9216] [ 326.794324][ T9216] audit: cannot initialize netlink socket in namespace [ 328.205822][ T50] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 328.375209][ T9233] futex_wake_op: syz.2.667 tries to shift op by -1; fix this program [ 329.455998][ T9250] can: request_module (can-proto-0) failed. [ 329.622266][ T9225] Process accounting resumed [ 329.773213][ T9238] Process accounting paused [ 329.916412][ T9261] usb usb16: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 333.940239][ T9330] ubi0: attaching mtd0 [ 334.032202][ T9330] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1 [ 334.141341][ T9330] eraseblock attaching information dump: [ 334.242832][ T9330] ec 1 [ 334.303270][ T9330] pnum 0 [ 334.365903][ T9330] lnum 0 [ 334.418162][ T9330] scrub 0 [ 334.471198][ T9330] sqnum 1 [ 334.524763][ T9330] Volume identifier header dump: [ 334.629344][ T9330] magic 55424921 [ 334.706321][ T9330] version 1 [ 334.771912][ T9330] vol_type 1 [ 334.834766][ T9330] copy_flag 0 [ 334.906747][ T9330] compat 5 [ 334.995811][ T9330] vol_id 2147479551 [ 335.091575][ T9330] lnum 0 [ 335.175163][ T9330] data_size 0 [ 335.268704][ T9330] used_ebs 0 [ 335.345976][ T9330] data_pad 0 [ 335.420621][ T9330] sqnum 1 [ 335.483613][ T9330] hdr_crc 65b3bd2d [ 335.568490][ T9330] Volume identifier header hexdump: [ 335.735824][ T9345] NFSD: Failed to start, no listeners configured. [ 336.260043][ T9330] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 338.450825][ T9387] netlink: zone id is out of range [ 338.522602][ T9387] netlink: zone id is out of range [ 338.580184][ T9388] netlink: zone id is out of range [ 338.636624][ T9387] netlink: zone id is out of range [ 338.687749][ T9388] netlink: zone id is out of range [ 338.726830][ T9391] FAULT_INJECTION: forcing a failure. [ 338.726830][ T9391] name failslab, interval 1, probability 0, space 0, times 0 [ 338.823602][ T9387] netlink: zone id is out of range [ 338.867645][ T9388] netlink: zone id is out of range [ 338.932612][ T9388] netlink: zone id is out of range [ 339.005635][ T9391] CPU: 0 UID: 0 PID: 9391 Comm: syz.2.702 Tainted: G L syzkaller #0 PREEMPT(full) [ 339.005680][ T9391] Tainted: [L]=SOFTLOCKUP [ 339.005688][ T9391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 339.005703][ T9391] Call Trace: [ 339.005711][ T9391] [ 339.005720][ T9391] dump_stack_lvl+0x100/0x190 [ 339.005752][ T9391] should_fail_ex.cold+0x5/0xa [ 339.005782][ T9391] should_failslab+0xc2/0x120 [ 339.005811][ T9391] __kmalloc_cache_noprof+0x7a/0x6f0 [ 339.005847][ T9391] ? snd_card_file_add+0x52/0x330 [ 339.005891][ T9391] snd_card_file_add+0x52/0x330 [ 339.005931][ T9391] snd_rawmidi_open+0x2c5/0xba0 [ 339.005963][ T9391] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 339.005994][ T9391] ? kobject_get_unless_zero+0x156/0x200 [ 339.006022][ T9391] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 339.006047][ T9391] snd_open+0x201/0x450 [ 339.006087][ T9391] ? __pfx_snd_open+0x10/0x10 [ 339.006121][ T9391] chrdev_open+0x234/0x6a0 [ 339.006153][ T9391] ? __pfx_apparmor_file_open+0x10/0x10 [ 339.006220][ T9391] ? __pfx_chrdev_open+0x10/0x10 [ 339.006253][ T9391] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 339.006292][ T9391] do_dentry_open+0x6d8/0x1660 [ 339.006322][ T9391] ? __pfx_chrdev_open+0x10/0x10 [ 339.006359][ T9391] vfs_open+0x82/0x3f0 [ 339.006399][ T9391] path_openat+0x208c/0x31a0 [ 339.006439][ T9391] ? __pfx_path_openat+0x10/0x10 [ 339.006481][ T9391] do_file_open+0x20e/0x430 [ 339.006514][ T9391] ? __pfx_do_file_open+0x10/0x10 [ 339.006565][ T9391] ? alloc_fd+0x476/0x790 [ 339.006597][ T9391] ? do_getname+0x191/0x390 [ 339.006636][ T9391] do_sys_openat2+0x10d/0x1e0 [ 339.006674][ T9391] ? __pfx_do_sys_openat2+0x10/0x10 [ 339.006717][ T9391] ? __might_fault+0xc5/0x140 [ 339.006761][ T9391] __x64_sys_openat+0x12d/0x210 [ 339.006801][ T9391] ? __pfx___x64_sys_openat+0x10/0x10 [ 339.006845][ T9391] ? rcu_is_watching+0x12/0xc0 [ 339.006878][ T9391] do_syscall_64+0x10b/0xf80 [ 339.006913][ T9391] ? clear_bhb_loop+0x40/0x90 [ 339.006942][ T9391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.006967][ T9391] RIP: 0033:0x7f5df519cdd9 [ 339.006987][ T9391] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 339.007009][ T9391] RSP: 002b:00007f5df607b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 339.007032][ T9391] RAX: ffffffffffffffda RBX: 00007f5df5416180 RCX: 00007f5df519cdd9 [ 339.007047][ T9391] RDX: 000000000000a003 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 339.007062][ T9391] RBP: 00007f5df5232d69 R08: 0000000000000000 R09: 0000000000000000 [ 339.007083][ T9391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.007097][ T9391] R13: 00007f5df5416218 R14: 00007f5df5416180 R15: 00007ffeb0705838 [ 339.007127][ T9391] [ 339.591338][ T9388] netlink: zone id is out of range [ 339.628358][ T9388] netlink: zone id is out of range [ 341.472174][ T9413] netlink: 4 bytes leftover after parsing attributes in process `syz.3.707'. [ 341.591059][ T9417] syz.0.709(9417): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 341.735593][ T9421] netlink: 'syz.0.709': attribute type 1 has an invalid length. [ 341.911491][ T9422] FAULT_INJECTION: forcing a failure. [ 341.911491][ T9422] name fail_futex, interval 1, probability 0, space 0, times 0 [ 342.066277][ T50] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 342.303215][ T9422] CPU: 0 UID: 0 PID: 9422 Comm: syz.3.707 Tainted: G L syzkaller #0 PREEMPT(full) [ 342.303255][ T9422] Tainted: [L]=SOFTLOCKUP [ 342.303264][ T9422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 342.303278][ T9422] Call Trace: [ 342.303285][ T9422] [ 342.303294][ T9422] dump_stack_lvl+0x100/0x190 [ 342.303325][ T9422] should_fail_ex.cold+0x5/0xa [ 342.303360][ T9422] get_futex_key+0x1d2/0x1510 [ 342.303388][ T9422] ? __pfx_get_futex_key+0x10/0x10 [ 342.303415][ T9422] ? blk_finish_plug+0x83/0xa0 [ 342.303443][ T9422] ? madvise_do_behavior+0x1fc/0x510 [ 342.303479][ T9422] futex_wake+0xea/0x530 [ 342.303511][ T9422] ? __pfx___up_read+0x10/0x10 [ 342.303538][ T9422] ? madvise_unlock+0x172/0x220 [ 342.303567][ T9422] ? __pfx_futex_wake+0x10/0x10 [ 342.303604][ T9422] ? madvise_unlock+0xa9/0x220 [ 342.303639][ T9422] do_futex+0x32b/0x350 [ 342.303666][ T9422] ? __pfx_do_futex+0x10/0x10 [ 342.303696][ T9422] ? __sys_sendmsg+0x18f/0x220 [ 342.303726][ T9422] __x64_sys_futex+0x34f/0x4d0 [ 342.303757][ T9422] ? __pfx___x64_sys_futex+0x10/0x10 [ 342.303789][ T9422] ? rcu_is_watching+0x12/0xc0 [ 342.303822][ T9422] do_syscall_64+0x10b/0xf80 [ 342.303858][ T9422] ? clear_bhb_loop+0x40/0x90 [ 342.303887][ T9422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.303917][ T9422] RIP: 0033:0x7f0e9399cdd9 [ 342.303937][ T9422] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 342.303961][ T9422] RSP: 002b:00007f0e948e40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 342.304029][ T9422] RAX: ffffffffffffffda RBX: 00007f0e93c16188 RCX: 00007f0e9399cdd9 [ 342.304045][ T9422] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0e93c1618c [ 342.304060][ T9422] RBP: 00007f0e93c16180 R08: 0000000000000001 R09: 0000000000000000 [ 342.304075][ T9422] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 342.304090][ T9422] R13: 00007f0e93c16218 R14: 00007ffe3898fcc0 R15: 00007ffe3898fda8 [ 342.304132][ T9422] [ 347.168146][ T5634] Bluetooth: hci3: unexpected event 0x36 length: 123 > 7 [ 349.041099][ T9478] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.162129][ T9574] netlink: 12 bytes leftover after parsing attributes in process `syz.3.734'. [ 352.612902][ T30] audit: type=1804 audit(1843104569.680:12): pid=9588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.737" name="/newroot/sys/kernel/debug/tracing/set_event_notrace_pid" dev="tracefs" ino=10 res=1 errno=0 [ 354.665339][ T9635] __vm_enough_memory: pid: 9635, comm: syz.0.747, bytes: 4398046457856 not enough memory for the allocation [ 356.020027][ T9647] FAULT_INJECTION: forcing a failure. [ 356.020027][ T9647] name failslab, interval 1, probability 0, space 0, times 0 [ 356.163169][ T9647] CPU: 0 UID: 0 PID: 9647 Comm: syz.0.750 Tainted: G L syzkaller #0 PREEMPT(full) [ 356.163211][ T9647] Tainted: [L]=SOFTLOCKUP [ 356.163219][ T9647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 356.163234][ T9647] Call Trace: [ 356.163242][ T9647] [ 356.163251][ T9647] dump_stack_lvl+0x100/0x190 [ 356.163283][ T9647] should_fail_ex.cold+0x5/0xa [ 356.163317][ T9647] ? inotify_handle_inode_event+0x1a5/0x6a0 [ 356.163341][ T9647] should_failslab+0xc2/0x120 [ 356.163370][ T9647] __kmalloc_noprof+0xe0/0x850 [ 356.163391][ T9647] ? stack_trace_save+0x8e/0xc0 [ 356.163430][ T9647] inotify_handle_inode_event+0x1a5/0x6a0 [ 356.163460][ T9647] ? __pfx_inotify_handle_inode_event+0x10/0x10 [ 356.163501][ T9647] fsnotify_handle_inode_event.isra.0+0x1e3/0x410 [ 356.163539][ T9647] fsnotify+0x1781/0x3440 [ 356.163578][ T9647] ? __pfx_fsnotify+0x10/0x10 [ 356.163621][ T9647] __fsnotify_parent+0x704/0xca0 [ 356.163660][ T9647] ? __pfx___fsnotify_parent+0x10/0x10 [ 356.163699][ T9647] ? __pfx___might_resched+0x10/0x10 [ 356.163732][ T9647] ? __fput+0x30d/0xb50 [ 356.163771][ T9647] __fput+0x30d/0xb50 [ 356.163811][ T9647] task_work_run+0x150/0x240 [ 356.163837][ T9647] ? __pfx_task_work_run+0x10/0x10 [ 356.163865][ T9647] ? rcu_is_watching+0x12/0xc0 [ 356.163898][ T9647] exit_to_user_mode_loop+0x107/0x4f0 [ 356.163922][ T9647] ? rcu_is_watching+0x12/0xc0 [ 356.163955][ T9647] do_syscall_64+0x6f2/0xf80 [ 356.163992][ T9647] ? clear_bhb_loop+0x40/0x90 [ 356.164021][ T9647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.164046][ T9647] RIP: 0033:0x7f249c79cdd9 [ 356.164065][ T9647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 356.164090][ T9647] RSP: 002b:00007f249d575028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 356.164113][ T9647] RAX: 0000000000000000 RBX: 00007f249ca15fa0 RCX: 00007f249c79cdd9 [ 356.164128][ T9647] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 356.164142][ T9647] RBP: 00007f249c832d69 R08: 0000000000000000 R09: 0000000000000000 [ 356.164156][ T9647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.164171][ T9647] R13: 00007f249ca16038 R14: 00007f249ca15fa0 R15: 00007fffbeb4fa38 [ 356.164202][ T9647] [ 357.293399][ T9658] netlink: 342 bytes leftover after parsing attributes in process `syz.0.752'. [ 360.104184][ T9700] Process accounting resumed [ 362.902473][ T9721] FAULT_INJECTION: forcing a failure. [ 362.902473][ T9721] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 362.946121][ T9721] CPU: 0 UID: 0 PID: 9721 Comm: syz.0.765 Tainted: G L syzkaller #0 PREEMPT(full) [ 362.946157][ T9721] Tainted: [L]=SOFTLOCKUP [ 362.946165][ T9721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 362.946178][ T9721] Call Trace: [ 362.946185][ T9721] [ 362.946205][ T9721] dump_stack_lvl+0x100/0x190 [ 362.946236][ T9721] should_fail_ex.cold+0x5/0xa [ 362.946265][ T9721] _copy_to_iter+0x1f3/0x1720 [ 362.946290][ T9721] ? chacha_block_generic+0x265/0x360 [ 362.946318][ T9721] ? __pfx__copy_to_iter+0x10/0x10 [ 362.946344][ T9721] ? lockdep_hardirqs_on+0x78/0x100 [ 362.946378][ T9721] ? crng_make_state+0x2b0/0x6c0 [ 362.946408][ T9721] get_random_bytes_user+0x17b/0x3d0 [ 362.946437][ T9721] ? __pfx_get_random_bytes_user+0x10/0x10 [ 362.946469][ T9721] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 362.946504][ T9721] ? kernel_write+0x663/0x6c0 [ 362.946541][ T9721] ? import_ubuf+0x1b6/0x220 [ 362.946580][ T9721] __x64_sys_getrandom+0x183/0x290 [ 362.946609][ T9721] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 362.946637][ T9721] ? fput+0x79/0x100 [ 362.946674][ T9721] ? rcu_is_watching+0x12/0xc0 [ 362.946706][ T9721] do_syscall_64+0x10b/0xf80 [ 362.946739][ T9721] ? clear_bhb_loop+0x40/0x90 [ 362.946767][ T9721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.946789][ T9721] RIP: 0033:0x7f249c79cdd9 [ 362.946808][ T9721] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 362.946831][ T9721] RSP: 002b:00007f249d575028 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 362.946853][ T9721] RAX: ffffffffffffffda RBX: 00007f249ca15fa0 RCX: 00007f249c79cdd9 [ 362.946868][ T9721] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 362.946881][ T9721] RBP: 00007f249d575090 R08: 0000000000000000 R09: 0000000000000000 [ 362.946895][ T9721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 362.946909][ T9721] R13: 00007f249ca16038 R14: 00007f249ca15fa0 R15: 00007fffbeb4fa38 [ 362.946937][ T9721] [ 363.694900][ T9726] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 363.751130][ T30] audit: type=1800 audit(1843104580.820:13): pid=9736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.768" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 364.085378][ T9694] Process accounting paused [ 364.463883][ T9744] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 367.649858][ T9799] FAULT_INJECTION: forcing a failure. [ 367.649858][ T9799] name failslab, interval 1, probability 0, space 0, times 0 [ 367.722896][ T9799] CPU: 0 UID: 0 PID: 9799 Comm: syz.0.784 Tainted: G L syzkaller #0 PREEMPT(full) [ 367.722933][ T9799] Tainted: [L]=SOFTLOCKUP [ 367.722941][ T9799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 367.722955][ T9799] Call Trace: [ 367.722963][ T9799] [ 367.722972][ T9799] dump_stack_lvl+0x100/0x190 [ 367.723002][ T9799] should_fail_ex.cold+0x5/0xa [ 367.723032][ T9799] should_failslab+0xc2/0x120 [ 367.723058][ T9799] __kmalloc_cache_noprof+0x7a/0x6f0 [ 367.723092][ T9799] ? append_filter_err+0xb8/0x620 [ 367.723128][ T9799] ? process_preds+0x93d/0x1d90 [ 367.723164][ T9799] append_filter_err+0xb8/0x620 [ 367.723199][ T9799] apply_subsystem_event_filter+0x727/0x17b0 [ 367.723242][ T9799] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 367.723282][ T9799] ? _copy_from_user+0x59/0xd0 [ 367.723308][ T9799] subsystem_filter_write+0x95/0x120 [ 367.723344][ T9799] vfs_write+0x2aa/0x1070 [ 367.723371][ T9799] ? __pfx_subsystem_filter_write+0x10/0x10 [ 367.723408][ T9799] ? __pfx_vfs_write+0x10/0x10 [ 367.723434][ T9799] ? __fget_files+0x215/0x3d0 [ 367.723468][ T9799] ? __fget_files+0x21f/0x3d0 [ 367.723502][ T9799] ksys_write+0x12a/0x250 [ 367.723528][ T9799] ? __pfx_ksys_write+0x10/0x10 [ 367.723557][ T9799] ? rcu_is_watching+0x12/0xc0 [ 367.723589][ T9799] do_syscall_64+0x10b/0xf80 [ 367.723623][ T9799] ? clear_bhb_loop+0x40/0x90 [ 367.723651][ T9799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.723674][ T9799] RIP: 0033:0x7f249c79cdd9 [ 367.723692][ T9799] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 367.723716][ T9799] RSP: 002b:00007f249d575028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 367.723738][ T9799] RAX: ffffffffffffffda RBX: 00007f249ca15fa0 RCX: 00007f249c79cdd9 [ 367.723753][ T9799] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005 [ 367.723766][ T9799] RBP: 00007f249c832d69 R08: 0000000000000000 R09: 0000000000000000 [ 367.723780][ T9799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 367.723794][ T9799] R13: 00007f249ca16038 R14: 00007f249ca15fa0 R15: 00007fffbeb4fa38 [ 367.723823][ T9799] [ 369.081397][ T9811] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.787'. [ 370.042784][ T9831] hub 1-0:1.0: USB hub found [ 370.092189][ T9831] hub 1-0:1.0: 1 port detected [ 370.554225][ T9841] raw_sendmsg: syz.0.793 forgot to set AF_INET. Fix it! [ 375.343452][ T5634] Bluetooth: hci3: unexpected subevent 0x03 length: 123 > 9 [ 375.631413][ T9906] netlink: 78 bytes leftover after parsing attributes in process `syz.3.804'. [ 378.898432][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.908059][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.479725][ T9994] ima: policy update failed [ 382.537566][ T30] audit: type=1802 audit(1843104599.600:14): pid=9994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.825" res=0 errno=0 [ 382.982424][ T30] audit: type=1800 audit(1843104600.050:15): pid=9987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.824" name="lu_gp_id" dev="configfs" ino=32681 res=0 errno=0 [ 384.723862][ T5634] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 384.743652][ T5634] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0' [ 384.753137][ T5634] CPU: 0 UID: 0 PID: 5634 Comm: kworker/u9:3 Tainted: G L syzkaller #0 PREEMPT(full) [ 384.753176][ T5634] Tainted: [L]=SOFTLOCKUP [ 384.753184][ T5634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 384.753212][ T5634] Workqueue: hci3 hci_rx_work [ 384.753248][ T5634] Call Trace: [ 384.753256][ T5634] [ 384.753265][ T5634] dump_stack_lvl+0x100/0x190 [ 384.753294][ T5634] sysfs_warn_dup.cold+0x1c/0x28 [ 384.753330][ T5634] sysfs_create_dir_ns+0x24b/0x2b0 [ 384.753357][ T5634] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 384.753382][ T5634] ? find_held_lock+0x2b/0x80 [ 384.753413][ T5634] ? kobject_add_internal+0x25f/0x930 [ 384.753439][ T5634] ? kobject_add_internal+0x25f/0x930 [ 384.753466][ T5634] ? do_raw_spin_unlock+0x145/0x1e0 [ 384.753498][ T5634] kobject_add_internal+0x2c8/0x930 [ 384.753527][ T5634] kobject_add+0x16a/0x1e0 [ 384.753559][ T5634] ? __pfx_kobject_add+0x10/0x10 [ 384.753582][ T5634] ? class_to_subsys+0x10f/0x150 [ 384.753620][ T5634] ? kobject_put+0xb9/0x640 [ 384.753642][ T5634] ? _raw_spin_unlock+0x28/0x50 [ 384.753680][ T5634] device_add+0x294/0x1950 [ 384.753712][ T5634] ? __pfx_dev_set_name+0x10/0x10 [ 384.753750][ T5634] ? __pfx_device_add+0x10/0x10 [ 384.753781][ T5634] ? mgmt_send_event_skb+0x2fb/0x460 [ 384.753823][ T5634] hci_conn_add_sysfs+0x1a3/0x260 [ 384.753863][ T5634] le_conn_complete_evt+0x11eb/0x1f60 [ 384.753904][ T5634] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 384.753936][ T5634] ? __pfx_bt_warn+0x10/0x10 [ 384.753981][ T5634] hci_le_conn_complete_evt+0x23c/0x3a0 [ 384.754017][ T5634] ? skb_pull_data+0x15f/0x1e0 [ 384.754054][ T5634] hci_le_meta_evt+0x34a/0x5f0 [ 384.754090][ T5634] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 384.754128][ T5634] hci_event_packet+0x51c/0xcd0 [ 384.754161][ T5634] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 384.754198][ T5634] ? __pfx_hci_event_packet+0x10/0x10 [ 384.754234][ T5634] ? kcov_remote_start+0x374/0x660 [ 384.754269][ T5634] ? lockdep_hardirqs_on+0x78/0x100 [ 384.754312][ T5634] hci_rx_work+0x451/0xfc0 [ 384.754349][ T5634] process_one_work+0xa0e/0x1980 [ 384.754387][ T5634] ? __pfx_process_one_work+0x10/0x10 [ 384.754421][ T5634] ? __pfx_hci_rx_work+0x10/0x10 [ 384.754456][ T5634] worker_thread+0x5ef/0xe50 [ 384.754489][ T5634] ? __pfx_worker_thread+0x10/0x10 [ 384.754515][ T5634] ? kthread+0x13a/0x450 [ 384.754534][ T5634] ? __pfx_worker_thread+0x10/0x10 [ 384.754567][ T5634] kthread+0x370/0x450 [ 384.754588][ T5634] ? __pfx_kthread+0x10/0x10 [ 384.754612][ T5634] ret_from_fork+0x72b/0xd50 [ 384.754640][ T5634] ? __pfx_ret_from_fork+0x10/0x10 [ 384.754669][ T5634] ? __switch_to+0x800/0x1100 [ 384.754702][ T5634] ? __switch_to_asm+0x39/0x70 [ 384.754735][ T5634] ? __pfx_kthread+0x10/0x10 [ 384.754758][ T5634] ret_from_fork_asm+0x1a/0x30 [ 384.754806][ T5634] [ 384.756285][ T5634] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 385.071356][ T5634] Bluetooth: hci3: failed to register connection device [ 387.119865][ T5634] Bluetooth: hci3: command 0x0c1a tx timeout [ 388.719090][T10029] FAULT_INJECTION: forcing a failure. [ 388.719090][T10029] name failslab, interval 1, probability 0, space 0, times 0 [ 389.021810][T10029] CPU: 0 UID: 0 PID: 10029 Comm: syz.3.831 Tainted: G L syzkaller #0 PREEMPT(full) [ 389.021849][T10029] Tainted: [L]=SOFTLOCKUP [ 389.021858][T10029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 389.021873][T10029] Call Trace: [ 389.021882][T10029] [ 389.021892][T10029] dump_stack_lvl+0x100/0x190 [ 389.021923][T10029] should_fail_ex.cold+0x5/0xa [ 389.021953][T10029] ? inotify_handle_inode_event+0x1a5/0x6a0 [ 389.021977][T10029] should_failslab+0xc2/0x120 [ 389.022005][T10029] __kmalloc_noprof+0xe0/0x850 [ 389.022026][T10029] ? stack_trace_save+0x8e/0xc0 [ 389.022066][T10029] inotify_handle_inode_event+0x1a5/0x6a0 [ 389.022095][T10029] ? __pfx_inotify_handle_inode_event+0x10/0x10 [ 389.022136][T10029] fsnotify_handle_inode_event.isra.0+0x1e3/0x410 [ 389.022181][T10029] fsnotify+0x1781/0x3440 [ 389.022219][T10029] ? __pfx_fsnotify+0x10/0x10 [ 389.022263][T10029] __fsnotify_parent+0x704/0xca0 [ 389.022301][T10029] ? __pfx___fsnotify_parent+0x10/0x10 [ 389.022340][T10029] ? __pfx___might_resched+0x10/0x10 [ 389.022373][T10029] ? __fput+0x30d/0xb50 [ 389.022405][T10029] __fput+0x30d/0xb50 [ 389.022445][T10029] task_work_run+0x150/0x240 [ 389.022471][T10029] ? __pfx_task_work_run+0x10/0x10 [ 389.022498][T10029] ? rcu_is_watching+0x12/0xc0 [ 389.022531][T10029] exit_to_user_mode_loop+0x107/0x4f0 [ 389.022555][T10029] ? rcu_is_watching+0x12/0xc0 [ 389.022587][T10029] do_syscall_64+0x6f2/0xf80 [ 389.022623][T10029] ? clear_bhb_loop+0x40/0x90 [ 389.022652][T10029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.022676][T10029] RIP: 0033:0x7f0e9399cdd9 [ 389.022696][T10029] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 389.022720][T10029] RSP: 002b:00007f0e94926028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 389.022743][T10029] RAX: 0000000000000000 RBX: 00007f0e93c15fa0 RCX: 00007f0e9399cdd9 [ 389.022758][T10029] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 389.022773][T10029] RBP: 00007f0e93a32d69 R08: 0000000000000000 R09: 0000000000000000 [ 389.022787][T10029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 389.022802][T10029] R13: 00007f0e93c16038 R14: 00007f0e93c15fa0 R15: 00007ffe3898fda8 [ 389.022832][T10029] [ 389.643360][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 391.526363][T10055] Process accounting paused [ 394.642851][T10087] Process accounting resumed [ 395.644011][T10102] sysfs: cannot create duplicate filename '/class/ieee80211/211!phy1!netdev:wlan1!rc_rateidx_mcs_mask' [ 396.135568][T10102] CPU: 0 UID: 0 PID: 10102 Comm: syz.0.846 Tainted: G L syzkaller #0 PREEMPT(full) [ 396.135614][T10102] Tainted: [L]=SOFTLOCKUP [ 396.135623][T10102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 396.135638][T10102] Call Trace: [ 396.135645][T10102] [ 396.135654][T10102] dump_stack_lvl+0x100/0x190 [ 396.135686][T10102] sysfs_warn_dup.cold+0x1c/0x28 [ 396.135724][T10102] sysfs_do_create_link_sd+0x113/0x140 [ 396.135759][T10102] sysfs_create_link+0x61/0xc0 [ 396.135786][T10102] device_add+0x675/0x1950 [ 396.135821][T10102] ? __pfx_device_add+0x10/0x10 [ 396.135853][T10102] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 396.135891][T10102] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 396.135923][T10102] wiphy_register+0x1edd/0x2d90 [ 396.135954][T10102] ? __rtnl_unlock+0xb9/0xf0 [ 396.136002][T10102] ? __pfx_wiphy_register+0x10/0x10 [ 396.136035][T10102] ? __asan_memset+0x23/0x50 [ 396.136072][T10102] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 396.136107][T10102] ieee80211_register_hw+0x3055/0x4570 [ 396.136162][T10102] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 396.136202][T10102] ? __pfx___debug_object_init+0x10/0x10 [ 396.136247][T10102] ? find_held_lock+0x2b/0x80 [ 396.136281][T10102] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 396.136319][T10102] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 396.136354][T10102] ? __hrtimer_setup+0x208/0x330 [ 396.136384][T10102] mac80211_hwsim_new_radio+0x2a01/0x5aa0 [ 396.136430][T10102] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 396.136461][T10102] ? __asan_memcpy+0x3c/0x60 [ 396.136501][T10102] hwsim_new_radio_nl+0xc5f/0x1370 [ 396.136528][T10102] ? rcu_is_watching+0x12/0xc0 [ 396.136559][T10102] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 396.136594][T10102] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 396.136641][T10102] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 396.136688][T10102] genl_family_rcv_msg_doit+0x214/0x300 [ 396.136732][T10102] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 396.136771][T10102] ? genl_get_cmd+0x3e7/0x760 [ 396.136814][T10102] ? bpf_lsm_capable+0x9/0x10 [ 396.136842][T10102] ? security_capable+0x80/0x260 [ 396.136880][T10102] ? ns_capable+0xd2/0xf0 [ 396.136914][T10102] genl_rcv_msg+0x560/0x800 [ 396.136956][T10102] ? __pfx_genl_rcv_msg+0x10/0x10 [ 396.136996][T10102] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 396.137033][T10102] netlink_rcv_skb+0x159/0x420 [ 396.137067][T10102] ? __pfx_genl_rcv_msg+0x10/0x10 [ 396.137108][T10102] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 396.137154][T10102] ? netlink_deliver_tap+0x1ae/0xcc0 [ 396.137191][T10102] genl_rcv+0x28/0x40 [ 396.137226][T10102] netlink_unicast+0x585/0x850 [ 396.137264][T10102] ? __pfx_netlink_unicast+0x10/0x10 [ 396.137307][T10102] netlink_sendmsg+0x8b0/0xda0 [ 396.137347][T10102] ? __pfx_netlink_sendmsg+0x10/0x10 [ 396.137380][T10102] ? __import_iovec+0x1d2/0x640 [ 396.137408][T10102] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 396.137451][T10102] ____sys_sendmsg+0x9e1/0xb70 [ 396.137484][T10102] ? __pfx_netlink_sendmsg+0x10/0x10 [ 396.137522][T10102] ? __pfx_____sys_sendmsg+0x10/0x10 [ 396.137560][T10102] ? rcu_is_watching+0x12/0xc0 [ 396.137589][T10102] ? ___sys_sendmsg+0x19d/0x1e0 [ 396.137629][T10102] ? kfree+0x1dd/0x6c0 [ 396.137668][T10102] ___sys_sendmsg+0x190/0x1e0 [ 396.137707][T10102] ? __pfx____sys_sendmsg+0x10/0x10 [ 396.137770][T10102] ? __pfx___might_resched+0x10/0x10 [ 396.137804][T10102] __sys_sendmmsg+0x205/0x430 [ 396.137835][T10102] ? __pfx___sys_sendmmsg+0x10/0x10 [ 396.137871][T10102] ? __pfx_do_futex+0x10/0x10 [ 396.137911][T10102] ? xfd_validate_state+0x129/0x190 [ 396.137935][T10102] ? ksys_read+0x1ac/0x250 [ 396.137970][T10102] __x64_sys_sendmmsg+0x9c/0x100 [ 396.137998][T10102] ? lockdep_hardirqs_on+0x78/0x100 [ 396.138034][T10102] do_syscall_64+0x10b/0xf80 [ 396.138068][T10102] ? clear_bhb_loop+0x40/0x90 [ 396.138097][T10102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.138122][T10102] RIP: 0033:0x7f249c79cdd9 [ 396.138142][T10102] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 396.138166][T10102] RSP: 002b:00007f249a9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 396.138189][T10102] RAX: ffffffffffffffda RBX: 00007f249ca16090 RCX: 00007f249c79cdd9 [ 396.138204][T10102] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 396.138219][T10102] RBP: 00007f249c832d69 R08: 0000000000000000 R09: 0000000000000000 [ 396.138233][T10102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 396.138248][T10102] R13: 00007f249ca16128 R14: 00007f249ca16090 R15: 00007fffbeb4fa38 [ 396.138279][T10102] [ 397.728647][T10125] FAULT_INJECTION: forcing a failure. [ 397.728647][T10125] name fail_futex, interval 1, probability 0, space 0, times 0 [ 397.873424][T10125] CPU: 0 UID: 0 PID: 10125 Comm: syz.2.851 Tainted: G L syzkaller #0 PREEMPT(full) [ 397.873461][T10125] Tainted: [L]=SOFTLOCKUP [ 397.873469][T10125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 397.873482][T10125] Call Trace: [ 397.873489][T10125] [ 397.873499][T10125] dump_stack_lvl+0x100/0x190 [ 397.873529][T10125] should_fail_ex.cold+0x5/0xa [ 397.873558][T10125] get_futex_key+0x1d2/0x1510 [ 397.873591][T10125] ? __pfx_get_futex_key+0x10/0x10 [ 397.873612][T10125] ? futex_hash+0x2ad/0x370 [ 397.873639][T10125] ? futex_hash+0x141/0x370 [ 397.873664][T10125] futex_wake+0xea/0x530 [ 397.873695][T10125] ? __pfx_futex_wait+0x10/0x10 [ 397.873726][T10125] ? __pfx_futex_wake+0x10/0x10 [ 397.873759][T10125] ? __lock_acquire+0x4a5/0x2630 [ 397.873788][T10125] do_futex+0x32b/0x350 [ 397.873814][T10125] ? __pfx_do_futex+0x10/0x10 [ 397.873842][T10125] ? find_held_lock+0x2b/0x80 [ 397.873876][T10125] __x64_sys_futex+0x34f/0x4d0 [ 397.873903][T10125] ? _raw_read_unlock+0x28/0x50 [ 397.873936][T10125] ? __pfx___x64_sys_futex+0x10/0x10 [ 397.873963][T10125] ? __pfx___do_sys_prctl+0x10/0x10 [ 397.873990][T10125] ? rcu_is_watching+0x12/0xc0 [ 397.874021][T10125] do_syscall_64+0x10b/0xf80 [ 397.874055][T10125] ? clear_bhb_loop+0x40/0x90 [ 397.874084][T10125] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.874107][T10125] RIP: 0033:0x7f5df519cdd9 [ 397.874126][T10125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 397.874149][T10125] RSP: 002b:00007f5df60bd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 397.874171][T10125] RAX: ffffffffffffffda RBX: 00007f5df5415fa8 RCX: 00007f5df519cdd9 [ 397.874186][T10125] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5df5415fac [ 397.874201][T10125] RBP: 00007f5df5415fa0 R08: 0000000000000001 R09: 0000000000000000 [ 397.874215][T10125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 397.874229][T10125] R13: 00007f5df5416038 R14: 00007ffeb0705750 R15: 00007ffeb0705838 [ 397.874258][T10125] [ 399.086295][T10133] FAULT_INJECTION: forcing a failure. [ 399.086295][T10133] name failslab, interval 1, probability 0, space 0, times 0 [ 399.281138][T10133] CPU: 0 UID: 0 PID: 10133 Comm: syz.3.853 Tainted: G L syzkaller #0 PREEMPT(full) [ 399.281178][T10133] Tainted: [L]=SOFTLOCKUP [ 399.281187][T10133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 399.281201][T10133] Call Trace: [ 399.281210][T10133] [ 399.281219][T10133] dump_stack_lvl+0x100/0x190 [ 399.281251][T10133] should_fail_ex.cold+0x5/0xa [ 399.281281][T10133] ? inotify_handle_inode_event+0x1a5/0x6a0 [ 399.281305][T10133] should_failslab+0xc2/0x120 [ 399.281334][T10133] __kmalloc_noprof+0xe0/0x850 [ 399.281355][T10133] ? stack_trace_save+0x8e/0xc0 [ 399.281403][T10133] inotify_handle_inode_event+0x1a5/0x6a0 [ 399.281432][T10133] ? __pfx_inotify_handle_inode_event+0x10/0x10 [ 399.281475][T10133] fsnotify_handle_inode_event.isra.0+0x1e3/0x410 [ 399.281513][T10133] fsnotify+0x1781/0x3440 [ 399.281551][T10133] ? __pfx_fsnotify+0x10/0x10 [ 399.281595][T10133] __fsnotify_parent+0x704/0xca0 [ 399.281634][T10133] ? __pfx___fsnotify_parent+0x10/0x10 [ 399.281673][T10133] ? __pfx___might_resched+0x10/0x10 [ 399.281706][T10133] ? __fput+0x30d/0xb50 [ 399.281738][T10133] __fput+0x30d/0xb50 [ 399.281782][T10133] task_work_run+0x150/0x240 [ 399.281808][T10133] ? __pfx_task_work_run+0x10/0x10 [ 399.281843][T10133] ? rcu_is_watching+0x12/0xc0 [ 399.281877][T10133] exit_to_user_mode_loop+0x107/0x4f0 [ 399.281901][T10133] ? rcu_is_watching+0x12/0xc0 [ 399.281934][T10133] do_syscall_64+0x6f2/0xf80 [ 399.281969][T10133] ? clear_bhb_loop+0x40/0x90 [ 399.281998][T10133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.282023][T10133] RIP: 0033:0x7f0e9399cdd9 [ 399.282042][T10133] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 399.282066][T10133] RSP: 002b:00007f0e94926028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 399.282090][T10133] RAX: 0000000000000000 RBX: 00007f0e93c15fa0 RCX: 00007f0e9399cdd9 [ 399.282105][T10133] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 399.282119][T10133] RBP: 00007f0e93a32d69 R08: 0000000000000000 R09: 0000000000000000 [ 399.282134][T10133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 399.282148][T10133] R13: 00007f0e93c16038 R14: 00007f0e93c15fa0 R15: 00007ffe3898fda8 [ 399.282177][T10133] [ 408.688300][T10231] Format for adding new device is "id port_count num_queues" (uint uint uint). [ 412.026987][T10271] ================================================================== [ 412.027008][T10271] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x174a/0x1910 [ 412.027054][T10271] Write of size 8 at addr ffffc900048f9000 by task syz.2.883/10271 [ 412.027074][T10271] [ 412.027087][T10271] CPU: 0 UID: 0 PID: 10271 Comm: syz.2.883 Tainted: G L syzkaller #0 PREEMPT(full) [ 412.027121][T10271] Tainted: [L]=SOFTLOCKUP [ 412.027130][T10271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 412.027144][T10271] Call Trace: [ 412.027152][T10271] [ 412.027161][T10271] dump_stack_lvl+0x100/0x190 [ 412.027200][T10271] print_report+0x13d/0x4b0 [ 412.027234][T10271] ? _raw_spin_lock_irqsave+0x52/0x60 [ 412.027268][T10271] ? sys_fillrect+0x174a/0x1910 [ 412.027302][T10271] kasan_report+0xdf/0x1d0 [ 412.027329][T10271] ? sys_fillrect+0x174a/0x1910 [ 412.027367][T10271] sys_fillrect+0x174a/0x1910 [ 412.027407][T10271] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 412.027461][T10271] bit_clear+0x17d/0x220 [ 412.027492][T10271] ? __pfx_bit_clear+0x10/0x10 [ 412.027522][T10271] ? fb_get_color_depth+0x120/0x250 [ 412.027548][T10271] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 412.027587][T10271] __fbcon_clear+0x633/0x760 [ 412.027614][T10271] ? __pfx_bit_clear+0x10/0x10 [ 412.027649][T10271] fbcon_scroll+0x48b/0x650 [ 412.027677][T10271] con_scroll+0x464/0x690 [ 412.027714][T10271] csi_ECMA.constprop.0+0x1238/0x3b60 [ 412.027753][T10271] ? find_held_lock+0x2b/0x80 [ 412.027785][T10271] ? __pfx_csi_ECMA.constprop.0+0x10/0x10 [ 412.027828][T10271] do_con_write+0x3946/0x4a10 [ 412.027865][T10271] ? trace_contention_end+0x122/0x170 [ 412.027899][T10271] ? __pfx_do_con_write+0x10/0x10 [ 412.027943][T10271] con_write+0x23/0xb0 [ 412.027980][T10271] n_tty_write+0x431/0x11c0 [ 412.028012][T10271] ? __pfx_n_tty_write+0x10/0x10 [ 412.028037][T10271] ? trace_kmalloc+0xe3/0x110 [ 412.028065][T10271] ? __pfx_woken_wake_function+0x10/0x10 [ 412.028095][T10271] ? rcu_is_watching+0x12/0xc0 [ 412.028124][T10271] ? file_tty_write.isra.0+0x694/0x890 [ 412.028160][T10271] ? kfree+0x1dd/0x6c0 [ 412.028193][T10271] ? __pfx_n_tty_write+0x10/0x10 [ 412.028220][T10271] file_tty_write.isra.0+0x4d2/0x890 [ 412.028261][T10271] redirected_tty_write+0xd4/0x120 [ 412.028298][T10271] vfs_write+0x6ac/0x1070 [ 412.028326][T10271] ? __pfx_redirected_tty_write+0x10/0x10 [ 412.028366][T10271] ? __pfx_vfs_write+0x10/0x10 [ 412.028391][T10271] ? find_held_lock+0x2b/0x80 [ 412.028438][T10271] ksys_write+0x12a/0x250 [ 412.028465][T10271] ? __pfx_ksys_write+0x10/0x10 [ 412.028494][T10271] ? rcu_is_watching+0x12/0xc0 [ 412.028524][T10271] do_syscall_64+0x10b/0xf80 [ 412.028560][T10271] ? clear_bhb_loop+0x40/0x90 [ 412.028587][T10271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.028612][T10271] RIP: 0033:0x7f5df519cdd9 [ 412.028630][T10271] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 412.028654][T10271] RSP: 002b:00007f5df60bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 412.028677][T10271] RAX: ffffffffffffffda RBX: 00007f5df5415fa0 RCX: 00007f5df519cdd9 [ 412.028693][T10271] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000008 [ 412.028709][T10271] RBP: 00007f5df5232d69 R08: 0000000000000000 R09: 0000000000000000 [ 412.028724][T10271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 412.028738][T10271] R13: 00007f5df5416038 R14: 00007f5df5415fa0 R15: 00007ffeb0705838 [ 412.028761][T10271] [ 412.028769][T10271] [ 412.028780][T10271] The buggy address belongs to a vmalloc virtual mapping [ 412.028797][T10271] Memory state around the buggy address: [ 412.028809][T10271] ffffc900048f8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 412.028827][T10271] ffffc900048f8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 412.028845][T10271] >ffffc900048f9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 412.028858][T10271] ^ [ 412.028871][T10271] ffffc900048f9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 412.028888][T10271] ffffc900048f9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 412.028901][T10271] ================================================================== [ 412.071772][T10271] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 412.071797][T10271] CPU: 0 UID: 0 PID: 10271 Comm: syz.2.883 Tainted: G L syzkaller #0 PREEMPT(full) [ 412.071834][T10271] Tainted: [L]=SOFTLOCKUP [ 412.071843][T10271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 412.071858][T10271] Call Trace: [ 412.071866][T10271] [ 412.071875][T10271] dump_stack_lvl+0x100/0x190 [ 412.071910][T10271] vpanic+0x552/0x970 [ 412.071933][T10271] ? __pfx_vpanic+0x10/0x10 [ 412.071957][T10271] ? mark_held_locks+0x40/0x70 [ 412.071982][T10271] ? sys_fillrect+0x174a/0x1910 [ 412.072022][T10271] panic+0xd1/0xe0 [ 412.072044][T10271] ? __pfx_panic+0x10/0x10 [ 412.072067][T10271] ? sys_fillrect+0x174a/0x1910 [ 412.072103][T10271] ? preempt_schedule_common+0x42/0xc0 [ 412.072142][T10271] check_panic_on_warn.cold+0x19/0x34 [ 412.072168][T10271] end_report.part.0+0x3a/0x90 [ 412.072202][T10271] kasan_report.cold+0xe/0x18 [ 412.072238][T10271] ? sys_fillrect+0x174a/0x1910 [ 412.072278][T10271] sys_fillrect+0x174a/0x1910 [ 412.072321][T10271] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 412.072352][T10271] bit_clear+0x17d/0x220 [ 412.072382][T10271] ? __pfx_bit_clear+0x10/0x10 [ 412.072420][T10271] ? fb_get_color_depth+0x120/0x250 [ 412.072447][T10271] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 412.072487][T10271] __fbcon_clear+0x633/0x760 [ 412.072516][T10271] ? __pfx_bit_clear+0x10/0x10 [ 412.072548][T10271] fbcon_scroll+0x48b/0x650 [ 412.072576][T10271] con_scroll+0x464/0x690 [ 412.072614][T10271] csi_ECMA.constprop.0+0x1238/0x3b60 [ 412.072654][T10271] ? find_held_lock+0x2b/0x80 [ 412.072686][T10271] ? __pfx_csi_ECMA.constprop.0+0x10/0x10 [ 412.072730][T10271] do_con_write+0x3946/0x4a10 [ 412.072768][T10271] ? trace_contention_end+0x122/0x170 [ 412.072801][T10271] ? __pfx_do_con_write+0x10/0x10 [ 412.072846][T10271] con_write+0x23/0xb0 [ 412.072884][T10271] n_tty_write+0x431/0x11c0 [ 412.072916][T10271] ? __pfx_n_tty_write+0x10/0x10 [ 412.072942][T10271] ? trace_kmalloc+0xe3/0x110 [ 412.072971][T10271] ? __pfx_woken_wake_function+0x10/0x10 [ 412.073002][T10271] ? rcu_is_watching+0x12/0xc0 [ 412.073031][T10271] ? file_tty_write.isra.0+0x694/0x890 [ 412.073068][T10271] ? kfree+0x1dd/0x6c0 [ 412.073102][T10271] ? __pfx_n_tty_write+0x10/0x10 [ 412.073129][T10271] file_tty_write.isra.0+0x4d2/0x890 [ 412.073170][T10271] redirected_tty_write+0xd4/0x120 [ 412.073208][T10271] vfs_write+0x6ac/0x1070 [ 412.073236][T10271] ? __pfx_redirected_tty_write+0x10/0x10 [ 412.073276][T10271] ? __pfx_vfs_write+0x10/0x10 [ 412.073302][T10271] ? find_held_lock+0x2b/0x80 [ 412.073343][T10271] ksys_write+0x12a/0x250 [ 412.073370][T10271] ? __pfx_ksys_write+0x10/0x10 [ 412.073399][T10271] ? rcu_is_watching+0x12/0xc0 [ 412.073435][T10271] do_syscall_64+0x10b/0xf80 [ 412.073471][T10271] ? clear_bhb_loop+0x40/0x90 [ 412.073499][T10271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.073525][T10271] RIP: 0033:0x7f5df519cdd9 [ 412.073544][T10271] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 412.073568][T10271] RSP: 002b:00007f5df60bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 412.073592][T10271] RAX: ffffffffffffffda RBX: 00007f5df5415fa0 RCX: 00007f5df519cdd9 [ 412.073609][T10271] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000008 [ 412.073625][T10271] RBP: 00007f5df5232d69 R08: 0000000000000000 R09: 0000000000000000 [ 412.073640][T10271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 412.073655][T10271] R13: 00007f5df5416038 R14: 00007f5df5415fa0 R15: 00007ffeb0705838 [ 412.073679][T10271] [ 412.073752][T10271] Kernel Offset: disabled