last executing test programs: 6.332736355s ago: executing program 3 (id=1256): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/usb5-port1/power/pm_qos_no_power_off\x00', 0x20b42, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) r1 = open(&(0x7f00000001c0)='./cgroup\x00', 0xa0100, 0xef) (async) r2 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r3 = socket(0xa, 0x2, 0x88) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r4, r5, 0x4, 0x1ff, r3, @relative_fd=r1, 0xe600}, 0xf) (async) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0xc) (async) write$auto(r0, &(0x7f0000000200)='0\xec\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\xe0c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\xec\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x92z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe3\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x8) 6.063287118s ago: executing program 3 (id=1258): mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket(0xa, 0x801, 0x84) setsockopt$auto(r0, 0x10000000084, 0x3, 0x0, 0x5) open(0x0, 0x22240, 0x147) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x1, 0x5, 0xdf, 0xeb3, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000029, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x16240, 0x0) execve$auto(&(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000440)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\xee\xf0e\x96\x8e<\xf1\xaf]\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\x03\x00/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a(\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\"Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8L\x84j\x8c\xec\xdf\x1a\xbd\xc5\x94\xb9\xb7\xd5\xa4\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12\x16\xb8*\xa9\xc9\xe81\x9d\x06\xbbC\x17\xbb\xe6|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9\x18^\xcf\v\x97\x97\x06c\x1c\x8fi\x0e\xe4\xd7\x98\x9bN:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x874\xab?\xc8\x82\xe5\x8f\xb7\x91\xc2\x00\xcc5\xb0\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xff\xff\xff\xff\x00\x00\x00\x00\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5') 5.658244316s ago: executing program 2 (id=1262): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/mq/0/nr_tags\x00', 0x20000, 0x0) mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000640)={0x69, 0x7f, 0x0, @inferred=r0}, 0x7) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=@bpf_attr_7={@start_id, 0x2, 0x10000, r1}, 0xac) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0) close_range$auto(r2, r2, 0x6) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/icmp/ratemask\x00', 0xa0202, 0x0) sendfile$auto(r3, r3, 0x0, 0x1) socket(0x2, 0x801, 0x106) unshare$auto(0x40000080) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/36u\x00', 0x26040, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x697) mmap$auto(0x5, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x20000000) sendmsg$auto_KSMBD_EVENT_HEARTBEAT_REQUEST(0xffffffffffffffff, 0x0, 0x4c014) r4 = socket(0x1f, 0x4, 0xa) sendmsg$auto_NL80211_CMD_GET_REG(r4, 0x0, 0x40) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/midi2\x00', 0x88042, 0x0) socket(0x10, 0x3, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x802, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x2, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd4, 0x2, 0xec, 0x4, 0x80000000081, 0x8, 0x2, 0xfffffffffffffffb}) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x20200, 0x0) 5.372662287s ago: executing program 0 (id=1264): openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/beacon_timeout\x00', 0x0, 0x0) (async) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) (async) r0 = waitid$auto_P_PGID(0x2, 0x0, &(0x7f0000000040)={@siginfo_0_0={0x5, 0x8bf, 0x8, @_kill={0x0, 0xee01}}}, 0x8, &(0x7f00000000c0)={{0x9, 0xfffffffffffffffb}, {0x5}, 0xffffffff, 0x324, 0x3, 0x7, 0xc, 0x2, 0x8, 0x800, 0x2, 0x5, 0x1000, 0x3, 0x1, 0x4}) r1 = prctl$auto(0x6, 0xfdffffffffffffff, r0, 0x0, 0xff) (async) r2 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) write$auto_snd_seq_f_ops_seq_clientmgr(r2, &(0x7f00000004c0)="4b6883fddc1f44aaa9b87917e5821a0000000000000080ff0ff06e79", 0x1c) process_vm_writev$auto(0x0, 0x0, 0x9, 0x0, 0x2, 0x0) (async) mmap$auto(0x7fffffffffffffff, 0x100000000, 0xb, 0x10, r1, 0x7) (async) preadv$auto(0x40000000000003, &(0x7f0000000240)={0x0, 0xfffffffd}, 0x6, 0xc, 0x1) (async) socket(0x1e, 0x80803, 0x7) 5.204924761s ago: executing program 0 (id=1265): timer_create$auto(0x9, 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000300)={0x28020400, 0x0, 0x0, 0x0, {0x35}, 0x0, 0x0, 0x0, 0x0}, 0x58) read$auto(0x3, 0x0, 0x8080) timerfd_create$auto(0x7, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0xa, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/vm/dirty_writeback_centisecs\x00', 0xb02, 0x0) sendfile$auto(r0, r0, 0x0, 0x4) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xfffe}, 0x1) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x1, 0x0) unshare$auto(0x40000080) connect$auto(0xffffffffffffffff, 0x0, 0x54) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x40000, 0x0) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2800, 0x0) ioctl$auto_EVIOCGRAB(r1, 0x40044590, &(0x7f0000000000)=0x5) ioctl$auto_EVIOCGMASK(r2, 0x80104592, &(0x7f0000000140)={0x4, 0x800005, 0x400007}) close_range$auto(0x2, 0x8, 0x0) setfsuid$auto(0xee00) setfsuid$auto(0xee00) socket(0x11, 0x80003, 0x300) sysfs$auto(0x2, 0x4, 0x0) r3 = socket(0xa, 0x5, 0x0) getsockopt$auto(r3, 0x84, 0x12, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 5.053055127s ago: executing program 3 (id=1266): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(r1, 0x4020ae76, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r2, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) mmap$auto(0x0, 0x7069, 0x8, 0x19, 0x401, 0x8ffd) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) 4.421200086s ago: executing program 2 (id=1267): kexec_load$auto(0x80000000, 0x1, &(0x7f0000000200)={@kbuf=&(0x7f0000000840)="f134e2dd31768639769521932867e0c565351828d7468f20e721bd55903c64cbb71c3cbf80c16e5cbb0938cce893ff1595c86b8f3a1b374045110b1a70d2a71c04f372b094c9a108cef2d03f3a7322075383bebbe8c1f8d5a8df4e6ec01008f468cd9e4ecb9c731842cf91dc593b06e551719ed3695d1f29df65b1db57acbfdad30d94c9ec9cc78de93a60ac92af7e40918f6244575ec16d6b52709100e0dd9464d77685e042de52a472452943affeb59c7dddeb8279b35eb3ea07b6786daa2f61de855357a0a1cb4337e4c6e52757a3a8267584bc8397a666490c8a3ae57e9947db9195f17b5dc4e17c369fd27429e00f62745e7730746f6429424dbaee864470dc09c99407ac37b4237e246ef564ca939765893dcff8f61d90c6de8706c4b34ab490c03c44dcadd50111a47803ddd45a26c9b59c45ebf464f70380d71f53b47f449d2a81db89a33fbbba9e269beefa6da14ffd8270d7c1fbf6d63d5b2b7e51fe3bd142844470570e322a27389b41d4a6fcb651165bd521f73f80ff5fff40e69d942355e288b6d5f656a9f6e542cbe6e134aabfbda35dec178d7fefc4768de4ff231b5f63316e4f9ddc7d344e220d8fb4c30c899d2752e617fb3dedd28fbad9b9b1dc0d817caf42c9662f69e2db784ed3e7fed6f99e51e6c5c3f9bc412a3825f3a530166c14f34ef216bb9fdc103a074e2011934bb6c2baff61e9a8d33be14665851fc1661cd9ca0e79faa72fb7073f80adec354fcb5421e993151a9052de343f577fb50f89512e6ff80f605d2a379ab9d334842307512cedbe123bc14dd222b944b9983c1a9d57b3d6c8d8636ad5a12642dcde6a82505520a13a12d096c8df2e4f7f807308aa4e561d8affa53bf0e4861763a98914645779cc87", 0x9, 0x6ec2, 0x2}, 0x100) kexec_load$auto(0x5, 0x9, &(0x7f0000000080)={@buf=&(0x7f0000000040)="612ab97a80365360e33c2459f40d47066cf94af33792a27c563b4b21d590d02724c099ee9cde16a17549e486ba4bc8df09510d4ef7", 0x3, 0x800, 0x200}, 0x4) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b3c", 0xfdef) 4.191737541s ago: executing program 3 (id=1269): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram1\x00', 0x60742, 0x0) mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x1) r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x511081, 0x4) getuid() close_range$auto(0x0, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0xd, 0x0) clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x9) exit$auto(0x7fff) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/radio13\x00', 0x2, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x6a) ustat$auto(0x801, 0x0) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) recvfrom$auto(0x3, 0x0, 0x1, 0xfc, 0x0, 0xfffffffffffffffd) socket(0x15, 0x5, 0x0) rmdir$auto(&(0x7f0000000280)='./file0\x00') close_range$auto(r0, r1, 0x66) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) quotactl_fd$auto(0x0, 0x80000201, 0x0, 0xfffffffffffffffd) writev$auto(r0, &(0x7f0000000000)={&(0x7f00000000c0), 0x100000001}, 0x2000000000000003) 3.821977141s ago: executing program 2 (id=1271): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_create$auto(0x9, 0x0, 0x0) read$auto(0x3, 0x0, 0x8080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x2, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0xc, 0x940, 0x1ffde, 0x7, 0x6, 0x3ff, 0x9, 0x1, 0x2, 0x7, 0x9, 0x8, 0x8, 0x407, 0x5, 0x7, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe3a]}, 0x400, 0x81) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x80000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{@raw=0x80000000, 0x304, 0x1, 0x8, "3112d598004a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe000900000000000755015e48d", @raw=0xffffffff}, 0x3, 0x3, 0x4, @inferred, @integer={0x1, 0xfffffffffffffff9, 0x8}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd7327b386425608af790ada71bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video52\x00', 0x0, 0x0) ioctl$auto(r2, 0x40085618, r2) socket(0xa, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) shmctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000280)={{0x80, 0xee00, 0xee00, 0xca6d, 0x8, 0x4bd6, 0x5}, 0xd21, 0x5, 0x8000000000000000, 0x1, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff, 0x9, 0x0, &(0x7f0000000140)="4f0d6995e943b6bc1919", &(0x7f0000000200)="e3ac9b01ee8d985b677531eeeee5cb5bf774d2df4d9ae6dccbc98def20b72c7c2826a585ba3a8d67815abade214708a4ade77c6faa2f2889ca3e7989f32645dd597a3ae1b46e8d8c7e03ae6b8aaa49f6bf64cc5fa9"}) process_mrelease$auto(0xffffffffffffffff, 0xa) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) write$auto(r3, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) add_key$auto_KEY_SPEC_USER_KEYRING(&(0x7f0000001c80)='\\\x00', &(0x7f0000001cc0)='\x00', 0x0, 0x0, 0xfffffffffffffffc) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x4a42, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) mmap$auto(0x1000000000, 0x100000400008, 0x1000000000000df, 0x4000009b73, r4, 0x8000) 3.792119831s ago: executing program 0 (id=1272): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) move_pages$auto(0x0, 0x1001, 0x0, 0x0, 0x0, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x88, 0x1, 0x80000000, 0x10000100, 0x84, 0xa, 0x6, 0x8}, {0x4100, 0x1, 0x10000052, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000080)={0x0, 0x8, 0x7f}) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) io_uring_register$auto(r0, 0x18, 0x0, 0x9) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) ioctl$auto(r1, 0x4008af04, 0x0) timer_create$auto(0x0, 0x0, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) mmap$auto(0xffff, 0x4, 0x7, 0x40ebe, r2, 0xa) getsockopt$auto_SO_RCVTIMEO_NEW(r2, 0x8, 0x42, 0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x1a) r3 = socket$nl_generic(0x10, 0x3, 0x10) write$auto(r0, &(0x7f00000003c0)='\xe7\xb3\x9b|z\x82\xa8\xec\x95\xdc\xd7\xbb\xd9\xacOaV\xd5\x98\xabShi\x8aT\xbc\xe2\xfd\x9c\xaf\xa8\xd1\x80\b\xc8\x15\x87`\xac\x9d%\x13 \xb9v4\xa3S\x16\x87%\xd7\xb6\x80\x98\xa0#\xbf\xdc\xb4\xeb\x83\b~;F\xff\xb1KZR\x02\x90\xf6\xb2\xff\x1eFm:\xdej\xc6\x95P\x92\x92<\vJ\xe5\x8b\xd8\xbe\xda\xd0S\x0e\x96{k4pu\x9a\xfe-\xc1\x18D\xb4\xa4F\xf9\xc7\x95\xcec\xfa \x9c\xa5\xaf\xdf\xb5\x99<\xfb&^\x84GB\xe3\x81\xf7\xb4M', 0x3) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000020c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MM_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="4b146644c513257ec651d290dd32d6a9b20be3d9708df3b1a0bba3752c59f58903e55c4496db2c1b7ee67db0f7d6c7ea0b734402c67ede224b1d92cec01549"], 0x14}, 0x1, 0x0, 0x0, 0x44808}, 0x2004c894) unshare$auto(0x40000080) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) acct$auto(&(0x7f0000000100)='./cgroup/cgroup.subtree_control\x00') 2.714184738s ago: executing program 0 (id=1274): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20020, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000004c0)={{@raw=0x40, 0xffffff7d, 0xa, 0x105, "50ddcc2d0a7b79ca0e62e667b5000000000000000000000000000000000100ffffffffffffffe700"}, 0x0, @integer=@value=[0x3, 0x10000000000, 0xc20, 0x4, 0x9, 0x7, 0x8, 0xfffffffffffffffd, 0x8, 0x100000009, 0x4, 0x1, 0x5c2, 0xe, 0xffff, 0x9591, 0x4, 0x2, 0x3ff, 0xfffffffffffffffd, 0x1, 0x4, 0x4, 0x7, 0x1, 0x100000001, 0x6, 0x80000001, 0x6, 0x8, 0x7f, 0x20, 0x0, 0x2, 0x1, 0x4, 0x6, 0x76e398f5, 0xfffffffbfffffff9, 0x5, 0x0, 0x9, 0x5, 0x6, 0xb7, 0xe56f, 0x401, 0x7, 0x3, 0x0, 0x5, 0x0, 0x2, 0xa, 0x8765, 0x94, 0xf, 0x4, 0x400, 0x7, 0x8000000000000001, 0x2, 0x80, 0x8001, 0x0, 0x100000000, 0x6, 0x9, 0xffff, 0xe5, 0xd, 0xf7, 0x919, 0x3, 0x3, 0xf800000000000000, 0x10, 0x9, 0xb479, 0x4, 0x1000, 0x800000000000, 0x5, 0xfffffffffffffffe, 0x4, 0x10000, 0x6, 0x2000000000, 0x1, 0xfe, 0x1, 0x0, 0xffffffff, 0x10001, 0xfcc3, 0xffffffffffffffff, 0x7f, 0x7, 0x6, 0x3, 0x3, 0x2, 0x200, 0x0, 0x6, 0x39, 0x100, 0x9, 0x2, 0x81, 0x5, 0x4f4, 0xfffffffffffffffb, 0x6, 0x5, 0x68a6, 0xfffffffffffffff7, 0x5, 0xa000, 0xfffffffffffffff7, 0x4, 0x0, 0x9, 0x800, 0x15, 0x1, 0x7, 0x2], "bee8fd3b16a97731269aff7312ae1a01006266a3bde1f332e1078696becfd044280e7fb7719d4362b09d9f6cb070bad3af7185ae1e691c585914c0b11dd65468fb68dfc32254d8ed55c8d806a2ef4bba7bc65cd90676ce6dec79ff2f44034ad55049ff128dd27f04ac14d8dbaffacc77596ca0dffa00"}) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1) socket(0x2, 0x80002, 0x73) r2 = socket(0x2, 0x801, 0x106) getsockopt$auto(r2, 0x11c, 0x3616, 0x0, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000240)={"ee65ce6c00000000000100", 0x400, 0x408, 0xc, 0x400004, 0x200000000040000d}) ioctl$auto_BLKTRACETEARDOWN(r3, 0x1276, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/disksize\x00', 0x2202, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer\x00', 0x101000, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x2d2000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) connect$auto(0x3, &(0x7f0000000080)=@nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x4}, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x18b202, 0x0) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004800}, 0x800) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, 0x0, 0x4) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r5, 0x0, 0x1f40) 2.713990215s ago: executing program 1 (id=1275): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/hugetlb.1GB.max_usage_in_bytes\x00', 0x1002, 0x0) r0 = socket(0xa, 0x2, 0x0) socket(0xa, 0x801, 0x84) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/netfs/cookies\x00', 0xd00, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pts/ptmx\x00', 0xa0540, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) 2.712831446s ago: executing program 3 (id=1276): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_create$auto(0x9, 0x0, 0x0) read$auto(0x3, 0x0, 0x8080) socket(0xa, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003540)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_FEC_GET(r0, &(0x7f0000003600)={0x0, 0x0, &(0x7f00000035c0)={&(0x7f0000003580)={0x20, r1, 0xbc97558ef77b14af, 0x70bd2a, 0x25dfdbfe, {}, [@ETHTOOL_A_FEC_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20040041}, 0xc000) unshare$auto(0x40000080) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x8200, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000140)='/dev/usbmon20\x00', 0x60501, 0x0) ioctl$auto_MON_IOCG_STATS(r4, 0x80089203, 0x0) r5 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000080), 0x20082, 0x0) writev$auto(r5, 0x0, 0x3) 2.502587286s ago: executing program 1 (id=1277): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_11={0x7, 0x3d, 0x16d7, 0x1000, 0xecb, 0x8, 0x3}, 0x9) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x23, &(0x7f00000000c0), 0x0) 2.462679257s ago: executing program 2 (id=1278): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) r0 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_11={0x7, 0x3d, 0x16d7, 0x1000, 0xecb, 0x8, 0x3}, 0x9) ioctl$auto_XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000180)={r0, &(0x7f0000000280)="379267503d992e5d251717966a07614067ce5d83eb343d0652acc4f0ac90b2dc786f82261c326d08114624d587dc0b862eeb7788a9336307d5f33e017e35c6042980672b5cdb17f145559965fe2564acdb49628ec5b43f76b81c2adb8beb899c187286a681139659736472b6b91583e3f45abcc8168eb18a648c4c41efaf2cb6c4c225bebfddbd80791ec6eb7326c5e293d2a2b719f7b724551ed1c81424d5367d69eb69314810df23e87db61b7f03a2349199f90dc33c2936ce0fc7c2f31333e1d047", 0x3, &(0x7f0000000040)="cfc83d4e2491b79018e79d6a095779d364d6f02fd75760a0c72890293eb1dd508ad2aaee42d9d4fc1b5ab18a", 0xcce0, &(0x7f0000000400)="24ddf7b895a900d1deb5979009e9421d0030d9f6313632f07a842d92a49535c810181039da2408681dbe924e45966230ddf022c76cb510e43b3afc70e0fbc3cff0e67e0fd1432a7fa6d072deeac373", &(0x7f0000000080)=0x7fff}) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x103ff, 0x0, 0x3, r1, 0xfffffffffffffffe, 0x40000008}, 0x6f3) socket(0xa, 0x5, 0xef) setreuid$auto(0x0, 0x5) bpf$auto_BPF_PROG_DETACH(0x9, &(0x7f00000000c0)=@bpf_attr_1={0xffffffffffffffff, 0x2e, @value=0x1, 0x3}, 0x61) close_range$auto(0x2, 0x8000, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/net/ip_vs_conn\x00', 0x121040, 0x0) ioctl$auto_TUNSETOWNER(r2, 0x400454cc, &(0x7f0000000000)=0xb) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)={0x44, r5, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x14, 0x3, 0x0, 0x1, [@typed={0xf, 0xe2, 0x0, 0x0, @binary="ef04fb26be2adbab792dbe"}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590822ad9"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) pread64$auto(r3, 0x0, 0x100006, 0xc982) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x23, &(0x7f00000000c0), 0x0) 2.209618136s ago: executing program 1 (id=1279): mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r0, 0x0, 0x1ff) close_range$auto(0x2, 0x8, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x2183, 0x0) utimensat$auto(0x2, &(0x7f0000000100)='\x00', 0x0, 0x1000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r2 = gettid() r3 = pidfd_open$auto(r2, 0x0) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/ip6_tables_matches\x00', 0x43102, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/190, 0xbe) getsockopt$auto_SO_SNDTIMEO_NEW(r5, 0x3, 0x43, &(0x7f0000000040)='\'\x00', &(0x7f0000000100)=0x8) r6 = ioctl$auto_NS_GET_OWNER_UID(r3, 0xb704, 0x0) bpf$auto_BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)=@bpf_attr_5={@target_fd=r4, r6, 0xfffffffc, 0x2, r1, @relative_fd=r6, 0x27eb012}, 0x8) r9 = socket(0x29, 0x2, 0x88) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = ioctl$auto_TUNSETOWNER(r7, 0x400454cc, &(0x7f0000000380)=0x200) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000003c0)={'veth1_to_bond\x00', 0x0}) bpf$auto(0xfffffffd, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r12, r10, 0x4, 0xf7, r9, @relative_fd=r11, 0xe5fe}, 0xf) fcntl$auto_F_WRLCK(r8, 0x7, 0x1) r13 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/wlan1/forwarding\x00', 0x202, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zram0\x00', 0x6e642, 0x0) r14 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0) write$auto(r14, &(0x7f0000000040)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x81) sendfile$auto(r13, r13, 0x0, 0x7fffe000) socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto_F_GETOWN(r4, 0x9, 0xd) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000240)=""/122, 0x7a) 1.594078047s ago: executing program 2 (id=1280): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/trigger\x00', 0x20000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-8/tx_timeout\x00', 0x40000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/pcm0p/sub0/sw_params\x00', 0x400, 0x0) pread64$auto(r0, 0x0, 0x4, 0x8) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, 0x0, 0x58) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8) r1 = socket(0x2, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) getsockopt$auto(r1, 0x84, 0x76, 0x0, &(0x7f00000002c0)=0x1000c0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x800, 0x0) shmctl$auto(0x0, 0x1, 0x0) ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/003/001\x00', 0x42082, 0x0) write$auto(0xca, &(0x7f0000000500)='\x04>\xce\v<\xe1\x00\x00\x01p!]\xcfR\xcc\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc1\x19HY\x9c\x97i\xec^\xbc\xb3`\x10+}\xd0\xfd\xf0\xa5\x0e\a\xabU\xb9\x93\xebq@1\x1a`pgQ\a\x87-\xa9\x03\x8eF\x138\x9a\xd7\x8c~w\x9a\x13\xe3\xa7\xc6k\xef1Tb\xf2\xc1FT|\xa1\xc3SD8\xc0bj\x11\xcc\b\"\xb3X\xae\xfapM\x97\xdc\x95\x13T\x7f\'K\x05\xe8\x9f\xf3=b\xa5\xbd1\xb1\xcb\xd8\x90\xd5\xdf\xd1\xd2\xd7_\b\xc0\x94', 0x7f) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x6e642, 0x0) write$auto(r2, &(0x7f0000000400)='odev/audio1\x00', 0x100000a3d9) r3 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/uid_map\x00', 0xd0002, 0x0) fcntl$auto_F_SETSIG(r3, 0xa, 0x5) bpf$auto(0x6, &(0x7f0000000140)=@raw_tracepoint={0x8, 0xffffffffffffffff, 0x0, 0xfff}, 0x500) r4 = socket(0x23, 0x80805, 0x0) setsockopt$auto(r4, 0x113, 0x9, 0x0, 0x79ad2269) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000002f80), 0x2, 0x0) fstat$auto(0x2, 0x0) 806.609743ms ago: executing program 2 (id=1281): timer_create$auto(0x9, 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000300)={0x28020400, 0x0, 0x0, 0x0, {0x35}, 0x0, 0x0, 0x0, 0x0}, 0x58) read$auto(0x3, 0x0, 0x8080) timerfd_create$auto(0x7, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = io_uring_setup$auto(0xa, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/vm/dirty_writeback_centisecs\x00', 0xb02, 0x0) sendfile$auto(r1, r1, 0x0, 0x4) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xfffe}, 0x1) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x1, 0x0) unshare$auto(0x40000080) connect$auto(0xffffffffffffffff, 0x0, 0x54) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x40000, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2800, 0x0) ioctl$auto_EVIOCGRAB(r2, 0x40044590, &(0x7f0000000000)=0x5) ioctl$auto_SNDRV_PCM_IOCTL_REWIND2(r0, 0x40084146, &(0x7f0000000100)=0x8) close_range$auto(0x2, 0x8, 0x0) setfsuid$auto(0xee00) setfsuid$auto(0xee00) socket(0x11, 0x80003, 0x300) sysfs$auto(0x2, 0x4, 0x0) r3 = socket(0xa, 0x5, 0x0) getsockopt$auto(r3, 0x84, 0x12, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 705.761912ms ago: executing program 0 (id=1282): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000300), r0) sendmsg$auto_MACSEC_CMD_ADD_RXSA(r0, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000640)={0x20, r1, 0x1, 0x70bd27, 0x25dfdbff, {}, [@MACSEC_ATTR_SA_CONFIG={0x4}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4884}, 0x4008884) openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000000), 0x200401, 0x0) 486.719459ms ago: executing program 1 (id=1283): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_11={0x7, 0x3d, 0x16d7, 0x1000, 0xecb, 0x8, 0x3}, 0x9) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x23, &(0x7f00000000c0), 0x0) (fail_nth: 2) 459.645692ms ago: executing program 0 (id=1284): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x5, &(0x7f00000000c0)="e15ee553ec2196a28ebf55e5f5d174e63fc2add7f16252c1a777942fabffd11a366aaf5100528ba863f373fd279f7076a79aa49534e6ad7a1a01abf29f95d44610787dbf206db23cdc064373") connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x9, 0x3, 0x16, 0x93f, 0x1ffe0, 0x3, 0x6, 0x2, 0x0, 0x5, 0xfff, 0xf, 0x80000000000000b0, 0x1, 0x5, 0x7, 0x9, 0x7, 0x0, 0x0, 0x0, 0x200, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, [0x6, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3043, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x200000000000, 0x0, 0x10000000000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x11, 0x8000000000000001]}, 0x1fe, 0x10081) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa503}, 0x800}, 0x7, 0x4008) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0xf103, 0x9}, 0x7}, 0x3, 0x0) r3 = prctl$auto_SECCOMP_MODE_FILTER(0x1, 0x2, 0x0, 0x4, 0xd) fcntl$auto_F_GETOWN(r3, 0x9, 0x8000002) r4 = setfsuid$auto(0xee00) setreuid$auto(r4, 0x0) setfsuid$auto(0xee01) r5 = bpf$auto_BPF_MAP_CREATE(0x0, &(0x7f0000000280)=@token_create={0x6, r0}, 0x1) read$auto_nsim_dev_trap_fa_cookie_fops_dev(r5, &(0x7f0000000340)=""/133, 0x85) sendmsg$auto_IPVS_CMD_SET_CONFIG(r5, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x4000000) msgctl$auto(0x7f, 0x2, &(0x7f0000000180)={{0x1, 0xee01, 0x0, 0x5, 0x1d51e753, 0x40, 0x7}, &(0x7f00000000c0)=0x7, &(0x7f0000000140)=0xd1, 0x1, 0x8, 0x9, 0xe56, 0x9, 0x8, 0x0, 0x4, @raw=0xd, @raw=0x4}) sendmsg$auto_NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={0x0, 0x8c0}, 0x1, 0x0, 0x0, 0x8084}, 0x24000040) socket(0x10, 0x2, 0x9) 429.608899ms ago: executing program 3 (id=1285): waitid$auto(0x8, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055}) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) socket(0xa, 0x5, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23) (async) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r0 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r0, 0x65, 0x8, 0x0, 0x4) (async) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/003/001\x00', 0x42082, 0x0) mprotect$auto(0x110c230000, 0xa588, 0x6) (async) mremap$auto(0x110c231000, 0x0, 0x101, 0x3, 0x0) move_pages$auto(0x0, 0x9, 0x0, 0x0, 0x0, 0x2) (async) writev$auto(r1, &(0x7f0000000300)={&(0x7f0000000200), 0x200}, 0x3) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) (async) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0) (async) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) sendfile$auto(r3, r2, 0x0, 0x10000) (async) close_range$auto(0x2, 0x8, 0x8000) semctl$auto_GETNCNT(0x0, 0x4, 0xe, 0x4) (async) bpf$auto(0x12, 0x0, 0x26) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) fstat$auto(0xffffffffffffffff, 0x0) 8.919772ms ago: executing program 1 (id=1286): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/hugetlb.1GB.max_usage_in_bytes\x00', 0x1002, 0x0) r0 = socket(0xa, 0x2, 0x0) socket(0xa, 0x801, 0x84) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/netfs/cookies\x00', 0xd00, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pts/ptmx\x00', 0xa0540, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) 0s ago: executing program 1 (id=1287): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/kernel/sched_rt_period_us\x00', 0x202, 0x0) write$auto(r0, &(0x7f0000000000)='-!\'+\x00', 0xf6) (fail_nth: 3) kernel console output (not intermixed with test programs): cutor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 346.585093][ T8664] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 346.618816][ T8668] netlink: 28 bytes leftover after parsing attributes in process `syz.0.612'. [ 347.239479][ T7380] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 347.249283][ T7380] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 347.257686][ T7380] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 347.272751][ T7380] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 347.280531][ T7380] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 347.654096][ T6786] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.957988][ T6786] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.766594][ T7380] Bluetooth: hci0: unexpected event 0x10 length: 440 > 1 [ 348.768424][ T6785] Bluetooth: hci0: hardware error 0x00 [ 349.360035][ T6786] bridge_slave_0: left allmulticast mode [ 349.392907][ T7380] Bluetooth: hci3: command tx timeout [ 349.412038][ T6786] bridge_slave_0: left promiscuous mode [ 349.473657][ T6786] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.127441][ T8712] FAULT_INJECTION: forcing a failure. [ 350.127441][ T8712] name failslab, interval 1, probability 0, space 0, times 0 [ 350.212072][ T8712] CPU: 0 UID: 0 PID: 8712 Comm: syz.2.621 Not tainted syzkaller #0 PREEMPT(full) [ 350.212105][ T8712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 350.212121][ T8712] Call Trace: [ 350.212128][ T8712] [ 350.212137][ T8712] dump_stack_lvl+0x100/0x190 [ 350.212175][ T8712] should_fail_ex.cold+0x5/0xa [ 350.212207][ T8712] should_failslab+0xc2/0x120 [ 350.212237][ T8712] __kmalloc_cache_noprof+0x7a/0x6f0 [ 350.212274][ T8712] ? acpi_evaluate_object+0xf5/0xe00 [ 350.212312][ T8712] ? __lock_acquire+0x4a5/0x2630 [ 350.212340][ T8712] acpi_evaluate_object+0xf5/0xe00 [ 350.212376][ T8712] ? kasan_save_stack+0x30/0x50 [ 350.212404][ T8712] ? kasan_save_track+0x14/0x30 [ 350.212433][ T8712] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 350.212474][ T8712] ? __pfx___might_resched+0x10/0x10 [ 350.212506][ T8712] acpi_evaluate_integer+0xdf/0x220 [ 350.212540][ T8712] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 350.212585][ T8712] ? __pfx_status_show+0x10/0x10 [ 350.212622][ T8712] status_show+0xa0/0x120 [ 350.212659][ T8712] ? __pfx_status_show+0x10/0x10 [ 350.212703][ T8712] dev_attr_show+0x52/0xa0 [ 350.212727][ T8712] ? __pfx_dev_attr_show+0x10/0x10 [ 350.212749][ T8712] sysfs_kf_seq_show+0x217/0x3a0 [ 350.212783][ T8712] seq_read_iter+0x32f/0x1270 [ 350.212818][ T8712] kernfs_fop_read_iter+0x46c/0x610 [ 350.212842][ T8712] ? rw_verify_area+0xce/0x6d0 [ 350.212887][ T8712] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 350.212916][ T8712] vfs_read+0x825/0xb30 [ 350.212943][ T8712] ? __pfx_vfs_read+0x10/0x10 [ 350.212984][ T8712] ksys_read+0x12a/0x250 [ 350.213006][ T8712] ? __pfx_ksys_read+0x10/0x10 [ 350.213038][ T8712] do_syscall_64+0x106/0xf80 [ 350.213073][ T8712] ? clear_bhb_loop+0x40/0x90 [ 350.213102][ T8712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.213126][ T8712] RIP: 0033:0x7f2f89f9bf79 [ 350.213145][ T8712] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 350.213168][ T8712] RSP: 002b:00007f2f881f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 350.213191][ T8712] RAX: ffffffffffffffda RBX: 00007f2f8a215fa0 RCX: 00007f2f89f9bf79 [ 350.213215][ T8712] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000004 [ 350.213231][ T8712] RBP: 00007f2f8a0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 350.213246][ T8712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 350.213260][ T8712] R13: 00007f2f8a216038 R14: 00007f2f8a215fa0 R15: 00007ffe44c5d6f8 [ 350.213291][ T8712] [ 350.939449][ T6785] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 351.416451][ T6786] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 351.443289][ T6786] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 351.475843][ T6785] Bluetooth: hci3: command tx timeout [ 351.482885][ T6786] bond0 (unregistering): Released all slaves [ 351.549526][ T8676] chnl_net:caif_netlink_parms(): no params data found [ 352.416576][ T8727] FAULT_INJECTION: forcing a failure. [ 352.416576][ T8727] name failslab, interval 1, probability 0, space 0, times 0 [ 352.480610][ T8676] bridge0: port 1(bridge_slave_0) entered blocking state [ 352.490734][ T8727] CPU: 0 UID: 0 PID: 8727 Comm: syz.2.624 Not tainted syzkaller #0 PREEMPT(full) [ 352.490765][ T8727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 352.490778][ T8727] Call Trace: [ 352.490785][ T8727] [ 352.490794][ T8727] dump_stack_lvl+0x100/0x190 [ 352.490831][ T8727] should_fail_ex.cold+0x5/0xa [ 352.490856][ T8727] should_failslab+0xc2/0x120 [ 352.490884][ T8727] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 352.490907][ T8727] ? security_inode_alloc+0x3b/0x2c0 [ 352.490945][ T8727] ? lockdep_init_map_type+0x5c/0x250 [ 352.490974][ T8727] security_inode_alloc+0x3b/0x2c0 [ 352.491020][ T8727] inode_init_always_gfp+0xced/0x1040 [ 352.491049][ T8727] alloc_inode+0x8e/0x250 [ 352.491081][ T8727] new_inode+0x22/0x1c0 [ 352.491116][ T8727] simple_fill_super+0x2d9/0x680 [ 352.491145][ T8727] ? __pfx_nfsd_fill_super+0x10/0x10 [ 352.491182][ T8727] nfsd_fill_super+0x98/0x560 [ 352.491216][ T8727] ? __pfx_set_anon_super_fc+0x10/0x10 [ 352.491257][ T8727] ? __pfx_nfsd_fill_super+0x10/0x10 [ 352.491292][ T8727] get_tree_keyed+0x10e/0x1d0 [ 352.491315][ T8727] vfs_get_tree+0x92/0x320 [ 352.491349][ T8727] path_mount+0x7d0/0x23d0 [ 352.491382][ T8727] ? __pfx_path_mount+0x10/0x10 [ 352.491407][ T8727] ? lockdep_hardirqs_on+0x78/0x100 [ 352.491445][ T8727] ? putname+0xb1/0x110 [ 352.491468][ T8727] ? kmem_cache_free+0x124/0x670 [ 352.491514][ T8727] ? __x64_sys_mount+0x293/0x310 [ 352.491540][ T8727] __x64_sys_mount+0x293/0x310 [ 352.491575][ T8727] ? __pfx___x64_sys_mount+0x10/0x10 [ 352.491613][ T8727] do_syscall_64+0x106/0xf80 [ 352.491647][ T8727] ? clear_bhb_loop+0x40/0x90 [ 352.491675][ T8727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.491698][ T8727] RIP: 0033:0x7f2f89f9bf79 [ 352.491715][ T8727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 352.491738][ T8727] RSP: 002b:00007f2f881f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 352.491763][ T8727] RAX: ffffffffffffffda RBX: 00007f2f8a215fa0 RCX: 00007f2f89f9bf79 [ 352.491779][ T8727] RDX: 0000200000000140 RSI: 0000200000000040 RDI: 0000000000000000 [ 352.491793][ T8727] RBP: 00007f2f881f6090 R08: 0000000000000000 R09: 0000000000000000 [ 352.491807][ T8727] R10: 00000000c0ed0000 R11: 0000000000000246 R12: 0000000000000002 [ 352.491821][ T8727] R13: 00007f2f8a216038 R14: 00007f2f8a215fa0 R15: 00007ffe44c5d6f8 [ 352.491851][ T8727] [ 352.747138][ T8676] bridge0: port 1(bridge_slave_0) entered disabled state [ 352.755301][ T8676] bridge_slave_0: entered allmulticast mode [ 352.762750][ T8676] bridge_slave_0: entered promiscuous mode [ 352.771673][ T8676] bridge0: port 2(bridge_slave_1) entered blocking state [ 352.778863][ T8676] bridge0: port 2(bridge_slave_1) entered disabled state [ 352.786131][ T8676] bridge_slave_1: entered allmulticast mode [ 352.793474][ T8676] bridge_slave_1: entered promiscuous mode [ 352.822781][ T8676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 352.834609][ T8676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 352.866022][ T8676] team0: Port device team_slave_0 added [ 352.875253][ T8676] team0: Port device team_slave_1 added [ 352.901744][ T8676] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 352.908795][ T8676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 352.934784][ T8676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 352.946973][ T8676] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 352.954025][ T8676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 352.980582][ T8676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 353.026115][ T8676] hsr_slave_0: entered promiscuous mode [ 353.032667][ T8676] hsr_slave_1: entered promiscuous mode [ 353.038885][ T8676] debugfs: 'hsr0' already exists in 'hsr' [ 353.050390][ T8676] Cannot create hsr debugfs directory [ 353.440165][ T6786] hsr_slave_0: left promiscuous mode [ 353.492888][ T6786] hsr_slave_1: left promiscuous mode [ 353.511605][ T6786] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 353.540527][ T6786] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 353.552583][ T6785] Bluetooth: hci3: command tx timeout [ 353.583704][ T6786] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 353.631278][ T6786] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 353.791442][ T6786] veth1_macvtap: left promiscuous mode [ 353.815963][ T6786] veth0_macvtap: left promiscuous mode [ 353.821551][ T6786] veth1_vlan: left promiscuous mode [ 353.869282][ T6786] veth0_vlan: left promiscuous mode [ 354.499150][ T6786] team0 (unregistering): Port device team_slave_1 removed [ 354.551857][ T6786] team0 (unregistering): Port device team_slave_0 removed [ 354.606218][ T30] audit: type=1800 audit(4294967358.690:13): pid=8770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.631" name="dbroot" dev="configfs" ino=117612 res=0 errno=0 [ 355.584901][ T8781] vivid-009: ================= START STATUS ================= [ 355.619895][ T8781] vivid-009: Radio HW Seek Mode: Bounded [ 355.635881][ T6785] Bluetooth: hci3: command tx timeout [ 355.674654][ T8781] vivid-009: Radio Programmable HW Seek: false [ 355.680909][ T8781] vivid-009: RDS Rx I/O Mode: Block I/O [ 355.784171][ T8781] vivid-009: Generate RBDS Instead of RDS: false [ 355.847627][ T8781] vivid-009: RDS Reception: true [ 355.912244][ T8781] vivid-009: RDS Program Type: 0 inactive [ 355.967464][ T8781] vivid-009: RDS PS Name: inactive [ 356.022940][ T8781] vivid-009: RDS Radio Text: inactive [ 356.102653][ T8781] vivid-009: RDS Traffic Announcement: false inactive [ 356.185887][ T8781] vivid-009: RDS Traffic Program: false inactive [ 356.192291][ T8781] vivid-009: RDS Music: false inactive [ 356.318938][ T8781] vivid-009: ================== END STATUS ================== [ 356.745386][ T8676] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 356.794609][ T8676] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 356.843148][ T8676] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 356.933312][ T8676] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 357.606810][ T8676] 8021q: adding VLAN 0 to HW filter on device bond0 [ 357.694056][ T8676] 8021q: adding VLAN 0 to HW filter on device team0 [ 357.805398][ T6865] bridge0: port 1(bridge_slave_0) entered blocking state [ 357.812607][ T6865] bridge0: port 1(bridge_slave_0) entered forwarding state [ 357.887260][ T6865] bridge0: port 2(bridge_slave_1) entered blocking state [ 357.894472][ T6865] bridge0: port 2(bridge_slave_1) entered forwarding state [ 358.155427][ T8832] binder: BINDER_SET_CONTEXT_MGR already set [ 358.161807][ T8832] binder: 8828:8832 ioctl 4018620d 9 returned -16 [ 359.036304][ T8857] vivid-009: ================= START STATUS ================= [ 359.047077][ T8676] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 359.088481][ T8857] vivid-009: Radio HW Seek Mode: Bounded [ 359.138719][ T8857] vivid-009: Radio Programmable HW Seek: false [ 359.167853][ T8857] vivid-009: RDS Rx I/O Mode: Block I/O [ 359.213248][ T8857] vivid-009: Generate RBDS Instead of RDS: false [ 359.259201][ T8676] veth0_vlan: entered promiscuous mode [ 359.302620][ T8857] vivid-009: RDS Reception: true [ 359.349974][ T8676] veth1_vlan: entered promiscuous mode [ 359.365645][ T8857] vivid-009: RDS Program Type: 0 inactive [ 359.371433][ T8857] vivid-009: RDS PS Name: inactive [ 359.484287][ T8857] vivid-009: RDS Radio Text: inactive [ 359.489840][ T8857] vivid-009: RDS Traffic Announcement: false inactive [ 359.510485][ T8676] veth0_macvtap: entered promiscuous mode [ 359.579658][ T8676] veth1_macvtap: entered promiscuous mode [ 359.615374][ T8864] FAULT_INJECTION: forcing a failure. [ 359.615374][ T8864] name failslab, interval 1, probability 0, space 0, times 0 [ 359.685763][ T8857] vivid-009: RDS Traffic Program: false inactive [ 359.692176][ T8857] vivid-009: RDS Music: false inactive [ 359.715653][ T8676] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 359.723568][ T8864] CPU: 0 UID: 0 PID: 8864 Comm: syz.1.644 Tainted: G L syzkaller #0 PREEMPT(full) [ 359.723606][ T8864] Tainted: [L]=SOFTLOCKUP [ 359.723615][ T8864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 359.723630][ T8864] Call Trace: [ 359.723638][ T8864] [ 359.723646][ T8864] dump_stack_lvl+0x100/0x190 [ 359.723685][ T8864] should_fail_ex.cold+0x5/0xa [ 359.723711][ T8864] should_failslab+0xc2/0x120 [ 359.723740][ T8864] __kmalloc_cache_noprof+0x7a/0x6f0 [ 359.723776][ T8864] ? acpi_ds_call_control_method+0x300/0xab0 [ 359.723819][ T8864] acpi_ds_call_control_method+0x300/0xab0 [ 359.723860][ T8864] acpi_ps_parse_aml+0xacd/0x1120 [ 359.723891][ T8864] acpi_ps_execute_method+0x5c4/0xe90 [ 359.723926][ T8864] acpi_ns_evaluate+0x640/0x1670 [ 359.723962][ T8864] acpi_evaluate_object+0x420/0xe00 [ 359.723999][ T8864] ? kasan_save_stack+0x30/0x50 [ 359.724021][ T8864] ? kasan_save_track+0x14/0x30 [ 359.724050][ T8864] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 359.724091][ T8864] ? __pfx___might_resched+0x10/0x10 [ 359.724124][ T8864] acpi_evaluate_integer+0xdf/0x220 [ 359.724157][ T8864] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 359.724202][ T8864] ? __pfx_status_show+0x10/0x10 [ 359.724239][ T8864] status_show+0xa0/0x120 [ 359.724275][ T8864] ? __pfx_status_show+0x10/0x10 [ 359.724320][ T8864] dev_attr_show+0x52/0xa0 [ 359.724359][ T8864] ? __pfx_dev_attr_show+0x10/0x10 [ 359.724381][ T8864] sysfs_kf_seq_show+0x217/0x3a0 [ 359.724416][ T8864] seq_read_iter+0x32f/0x1270 [ 359.724456][ T8864] kernfs_fop_read_iter+0x46c/0x610 [ 359.724481][ T8864] ? rw_verify_area+0xce/0x6d0 [ 359.724518][ T8864] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 359.724545][ T8864] vfs_read+0x825/0xb30 [ 359.724572][ T8864] ? __pfx_vfs_read+0x10/0x10 [ 359.724614][ T8864] ksys_read+0x12a/0x250 [ 359.724637][ T8864] ? __pfx_ksys_read+0x10/0x10 [ 359.724675][ T8864] do_syscall_64+0x106/0xf80 [ 359.724712][ T8864] ? clear_bhb_loop+0x40/0x90 [ 359.724741][ T8864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.724765][ T8864] RIP: 0033:0x7f8ccdb9bf79 [ 359.724785][ T8864] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 359.724814][ T8864] RSP: 002b:00007f8cce9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 359.724837][ T8864] RAX: ffffffffffffffda RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9bf79 [ 359.724853][ T8864] RDX: 000000000000007a RSI: 0000200000000240 RDI: 000000000000000a [ 359.724868][ T8864] RBP: 00007f8ccdc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 359.724882][ T8864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 359.724897][ T8864] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 359.724928][ T8864] [ 359.725063][ T8864] ACPI Error: [ 360.039202][ T8857] vivid-009: ================== END STATUS ================== [ 360.121592][ T8676] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 360.227760][ T6790] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.267206][ T6790] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.296999][ T6790] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.321984][ T6790] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.663253][ T6790] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 360.705472][ T6790] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 360.807906][ T6786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 360.856613][ T6786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 361.091493][ T8864] Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 361.120176][ T8878] synth uevent: /module/au0828: unknown uevent action string [ 361.382145][ T8885] Invalid ELF header magic: != ELF [ 361.648859][ T8894] netlink: 'syz.1.650': attribute type 33 has an invalid length. [ 365.232001][ T8955] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 365.287756][ T8955] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 365.431994][ T8955] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 366.114730][ T8975] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 366.311131][ T8986] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 367.222985][ T9000] netlink: 'syz.3.668': attribute type 33 has an invalid length. [ 367.313088][ T6785] Bluetooth: hci3: command 0x0c1a tx timeout [ 368.360133][ T9025] netlink: 8 bytes leftover after parsing attributes in process `syz.1.676'. [ 368.575968][ T9029] Invalid ELF header magic: != ELF [ 369.346332][ T9038] zswap: compressor not available [ 369.393575][ T6785] Bluetooth: hci3: command 0x0c1a tx timeout [ 370.800692][ T9083] netlink: 16 bytes leftover after parsing attributes in process `syz.1.692'. [ 371.478374][ T6785] Bluetooth: hci3: command 0x0c1a tx timeout [ 371.889435][ T9105] Invalid ELF header magic: != ELF [ 371.983497][ T9106] Invalid ELF header magic: != ELF [ 372.542900][ T9101] could not allocate digest TFM handle [ 374.463797][ T9142] vivid-009: ================= START STATUS ================= [ 374.471506][ T9142] vivid-009: Radio HW Seek Mode: Bounded [ 374.595995][ T9142] vivid-009: Radio Programmable HW Seek: false [ 374.669523][ T9142] vivid-009: RDS Rx I/O Mode: Block I/O [ 374.727029][ T9142] vivid-009: Generate RBDS Instead of RDS: false [ 374.841046][ T9142] vivid-009: RDS Reception: true [ 374.890749][ T9142] vivid-009: RDS Program Type: 0 inactive [ 375.018767][ T9142] vivid-009: RDS PS Name: inactive [ 375.081351][ T9142] vivid-009: RDS Radio Text: inactive [ 375.183849][ T9142] vivid-009: RDS Traffic Announcement: false inactive [ 375.285073][ T9142] vivid-009: RDS Traffic Program: false inactive [ 375.365563][ T9142] vivid-009: RDS Music: false inactive [ 375.461752][ T9142] vivid-009: ================== END STATUS ================== [ 376.323229][ T9175] random: crng reseeded on system resumption [ 377.070351][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.077322][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 377.646135][ T9185] kvm: vcpu 3: requested lapic timer restore with starting count register 0x390=2424827650 (310377939200 ns) > initial count (223122034688 ns). Using initial count to start timer. [ 377.785419][ T9188] netlink: 504 bytes leftover after parsing attributes in process `syz.2.713'. [ 378.311864][ T9196] netlink: 8 bytes leftover after parsing attributes in process `syz.3.715'. [ 378.611496][ T9200] Invalid ELF header magic: != ELF [ 379.361282][ T9206] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 380.853869][ T9220] random: crng reseeded on system resumption [ 386.658166][ T9295] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input16 [ 388.779349][ T9326] netlink: 334 bytes leftover after parsing attributes in process `syz.3.746'. [ 389.183445][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.189773][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.848047][ T9350] netlink: 28 bytes leftover after parsing attributes in process `syz.1.752'. [ 390.888060][ T9373] Invalid ELF header magic: != ELF [ 391.335809][ T9384] Invalid ELF header magic: != ELF [ 392.019474][ T9392] bond0: invalid ARP target specified [ 392.993142][ T9406] FAULT_INJECTION: forcing a failure. [ 392.993142][ T9406] name failslab, interval 1, probability 0, space 0, times 0 [ 393.100902][ T9406] CPU: 0 UID: 0 PID: 9406 Comm: syz.0.766 Tainted: G L syzkaller #0 PREEMPT(full) [ 393.100941][ T9406] Tainted: [L]=SOFTLOCKUP [ 393.100949][ T9406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 393.100963][ T9406] Call Trace: [ 393.100971][ T9406] [ 393.100980][ T9406] dump_stack_lvl+0x100/0x190 [ 393.101018][ T9406] should_fail_ex.cold+0x5/0xa [ 393.101044][ T9406] ? tomoyo_realpath_from_path+0xb6/0x690 [ 393.101076][ T9406] should_failslab+0xc2/0x120 [ 393.101105][ T9406] __kmalloc_noprof+0xe0/0x850 [ 393.101134][ T9406] tomoyo_realpath_from_path+0xb6/0x690 [ 393.101175][ T9406] tomoyo_path_number_perm+0x23c/0x580 [ 393.101199][ T9406] ? tomoyo_path_number_perm+0x22e/0x580 [ 393.101226][ T9406] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 393.101252][ T9406] ? find_held_lock+0x2b/0x80 [ 393.101310][ T9406] ? find_held_lock+0x2b/0x80 [ 393.101341][ T9406] ? current_check_access_path+0x281/0x460 [ 393.101388][ T9406] ? __pfx_current_check_access_path+0x10/0x10 [ 393.101419][ T9406] ? d_alloc_parallel+0x864/0x14e0 [ 393.101467][ T9406] tomoyo_path_mknod+0x164/0x190 [ 393.101503][ T9406] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 393.101536][ T9406] ? find_held_lock+0x2b/0x80 [ 393.101570][ T9406] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 393.101607][ T9406] security_path_mknod+0x161/0x300 [ 393.101641][ T9406] may_o_create+0x30/0x3a0 [ 393.101678][ T9406] lookup_open.isra.0+0xa0d/0x11b0 [ 393.101722][ T9406] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 393.101765][ T9406] ? __pfx___might_resched+0x10/0x10 [ 393.101793][ T9406] ? mnt_get_write_access+0x52/0x2f0 [ 393.101833][ T9406] ? __pfx_down_write+0x10/0x10 [ 393.101855][ T9406] ? mnt_get_write_access+0x1e9/0x2f0 [ 393.101894][ T9406] path_openat+0x2291/0x31a0 [ 393.101930][ T9406] ? __pfx_path_openat+0x10/0x10 [ 393.101967][ T9406] do_file_open+0x20e/0x430 [ 393.101996][ T9406] ? __pfx_do_file_open+0x10/0x10 [ 393.102044][ T9406] ? alloc_fd+0x476/0x790 [ 393.102072][ T9406] ? do_getname+0x191/0x390 [ 393.102107][ T9406] do_sys_openat2+0x10d/0x1e0 [ 393.102141][ T9406] ? __pfx_do_sys_openat2+0x10/0x10 [ 393.102177][ T9406] ? __do_sys_close_range+0x230/0x740 [ 393.102211][ T9406] __x64_sys_openat+0x12d/0x210 [ 393.102246][ T9406] ? __pfx___x64_sys_openat+0x10/0x10 [ 393.102280][ T9406] ? xfd_validate_state+0x129/0x190 [ 393.102319][ T9406] do_syscall_64+0x106/0xf80 [ 393.102354][ T9406] ? clear_bhb_loop+0x40/0x90 [ 393.102382][ T9406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.102407][ T9406] RIP: 0033:0x7f1566b9bf79 [ 393.102427][ T9406] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 393.102456][ T9406] RSP: 002b:00007f1564df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 393.102480][ T9406] RAX: ffffffffffffffda RBX: 00007f1566e15fa0 RCX: 00007f1566b9bf79 [ 393.102496][ T9406] RDX: 0000000000121042 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 393.102512][ T9406] RBP: 00007f1566c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 393.102527][ T9406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 393.102541][ T9406] R13: 00007f1566e16038 R14: 00007f1566e15fa0 R15: 00007ffdd6ec00c8 [ 393.102572][ T9406] [ 394.557789][ T9406] ERROR: Out of memory at tomoyo_realpath_from_path. [ 395.104760][ T9442] Invalid ELF header magic: != ELF [ 395.147955][ T9449] FAULT_INJECTION: forcing a failure. [ 395.147955][ T9449] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 395.209978][ T9449] CPU: 0 UID: 0 PID: 9449 Comm: syz.3.777 Tainted: G L syzkaller #0 PREEMPT(full) [ 395.210016][ T9449] Tainted: [L]=SOFTLOCKUP [ 395.210024][ T9449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 395.210038][ T9449] Call Trace: [ 395.210045][ T9449] [ 395.210054][ T9449] dump_stack_lvl+0x100/0x190 [ 395.210091][ T9449] should_fail_ex.cold+0x5/0xa [ 395.210116][ T9449] _copy_to_user+0x32/0xd0 [ 395.210143][ T9449] simple_read_from_buffer+0xcb/0x170 [ 395.210183][ T9449] proc_fail_nth_read+0x1af/0x230 [ 395.210216][ T9449] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 395.210244][ T9449] ? rw_verify_area+0xce/0x6d0 [ 395.210279][ T9449] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 395.210305][ T9449] vfs_read+0x1e4/0xb30 [ 395.210330][ T9449] ? __pfx_vfs_read+0x10/0x10 [ 395.210351][ T9449] ? __fget_files+0x215/0x3d0 [ 395.210380][ T9449] ? __fget_files+0x21f/0x3d0 [ 395.210410][ T9449] ksys_read+0x12a/0x250 [ 395.210432][ T9449] ? __pfx_ksys_read+0x10/0x10 [ 395.210462][ T9449] do_syscall_64+0x106/0xf80 [ 395.210496][ T9449] ? clear_bhb_loop+0x40/0x90 [ 395.210525][ T9449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.210548][ T9449] RIP: 0033:0x7f1fb135c84e [ 395.210566][ T9449] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 395.210588][ T9449] RSP: 002b:00007f1fb2189fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 395.210610][ T9449] RAX: ffffffffffffffda RBX: 00007f1fb218a6c0 RCX: 00007f1fb135c84e [ 395.210625][ T9449] RDX: 000000000000000f RSI: 00007f1fb218a0a0 RDI: 0000000000000004 [ 395.210639][ T9449] RBP: 00007f1fb218a090 R08: 0000000000000000 R09: 0000000000000000 [ 395.210652][ T9449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 395.210666][ T9449] R13: 00007f1fb1616038 R14: 00007f1fb1615fa0 R15: 00007ffeda513e58 [ 395.210695][ T9449] [ 395.458277][ T9440] FAULT_INJECTION: forcing a failure. [ 395.458277][ T9440] name failslab, interval 1, probability 0, space 0, times 0 [ 395.472014][ T9440] CPU: 0 UID: 0 PID: 9440 Comm: syz.0.775 Tainted: G L syzkaller #0 PREEMPT(full) [ 395.472053][ T9440] Tainted: [L]=SOFTLOCKUP [ 395.472061][ T9440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 395.472076][ T9440] Call Trace: [ 395.472083][ T9440] [ 395.472091][ T9440] dump_stack_lvl+0x100/0x190 [ 395.472129][ T9440] should_fail_ex.cold+0x5/0xa [ 395.472156][ T9440] should_failslab+0xc2/0x120 [ 395.472192][ T9440] __kmalloc_node_noprof+0xe6/0x850 [ 395.472215][ T9440] ? alloc_slab_obj_exts+0x4e/0x1c0 [ 395.472250][ T9440] ? find_held_lock+0x2b/0x80 [ 395.472288][ T9440] alloc_slab_obj_exts+0x4e/0x1c0 [ 395.472325][ T9440] __memcg_slab_post_alloc_hook+0x24a/0x9a0 [ 395.472363][ T9440] ? kasan_save_track+0x14/0x30 [ 395.472393][ T9440] kmem_cache_alloc_lru_noprof+0x592/0x6e0 [ 395.472417][ T9440] ? alloc_inode+0x183/0x250 [ 395.472456][ T9440] alloc_inode+0x183/0x250 [ 395.472490][ T9440] path_from_stashed+0x25b/0x750 [ 395.472517][ T9440] ? do_raw_spin_unlock+0x145/0x1e0 [ 395.472551][ T9440] ns_get_path+0x60/0x80 [ 395.472577][ T9440] proc_ns_get_link+0x121/0x230 [ 395.472608][ T9440] ? __pfx_proc_ns_get_link+0x10/0x10 [ 395.472643][ T9440] ? atime_needs_update+0x8b/0x6b0 [ 395.472681][ T9440] pick_link+0xd17/0x13c0 [ 395.472718][ T9440] ? __pfx_proc_ns_get_link+0x10/0x10 [ 395.472753][ T9440] step_into_slowpath+0x9ba/0xf90 [ 395.472796][ T9440] ? __pfx_step_into_slowpath+0x10/0x10 [ 395.472834][ T9440] ? find_held_lock+0x2b/0x80 [ 395.472876][ T9440] path_openat+0xf95/0x31a0 [ 395.472911][ T9440] ? __pfx_path_openat+0x10/0x10 [ 395.472948][ T9440] do_file_open+0x20e/0x430 [ 395.472976][ T9440] ? __pfx_do_file_open+0x10/0x10 [ 395.473023][ T9440] ? alloc_fd+0x476/0x790 [ 395.473050][ T9440] ? do_getname+0x191/0x390 [ 395.473085][ T9440] do_sys_openat2+0x10d/0x1e0 [ 395.473119][ T9440] ? __pfx_do_sys_openat2+0x10/0x10 [ 395.473155][ T9440] ? __fget_files+0x21f/0x3d0 [ 395.473190][ T9440] __x64_sys_openat+0x12d/0x210 [ 395.473225][ T9440] ? __pfx___x64_sys_openat+0x10/0x10 [ 395.473258][ T9440] ? xfd_validate_state+0x129/0x190 [ 395.473298][ T9440] do_syscall_64+0x106/0xf80 [ 395.473333][ T9440] ? clear_bhb_loop+0x40/0x90 [ 395.473361][ T9440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.473386][ T9440] RIP: 0033:0x7f1566b5c84e [ 395.473405][ T9440] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 395.473429][ T9440] RSP: 002b:00007f1564df5ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 395.473452][ T9440] RAX: ffffffffffffffda RBX: 00007f1564df66c0 RCX: 00007f1566b5c84e [ 395.473468][ T9440] RDX: 0000000000000002 RSI: 00007f1564df5f90 RDI: ffffffffffffff9c [ 395.473484][ T9440] RBP: 00007f1566c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 395.473498][ T9440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 395.473513][ T9440] R13: 00007f1566e16038 R14: 00007f1566e15fa0 R15: 00007ffdd6ec00c8 [ 395.473543][ T9440] [ 397.090375][ T9473] FAULT_INJECTION: forcing a failure. [ 397.090375][ T9473] name failslab, interval 1, probability 0, space 0, times 0 [ 397.206190][ T9473] CPU: 0 UID: 0 PID: 9473 Comm: syz.1.782 Tainted: G L syzkaller #0 PREEMPT(full) [ 397.206229][ T9473] Tainted: [L]=SOFTLOCKUP [ 397.206238][ T9473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 397.206252][ T9473] Call Trace: [ 397.206260][ T9473] [ 397.206269][ T9473] dump_stack_lvl+0x100/0x190 [ 397.206306][ T9473] should_fail_ex.cold+0x5/0xa [ 397.206332][ T9473] ? tomoyo_encode2+0xfb/0x3c0 [ 397.206361][ T9473] should_failslab+0xc2/0x120 [ 397.206390][ T9473] __kmalloc_noprof+0xe0/0x850 [ 397.206412][ T9473] ? d_absolute_path+0x136/0x1b0 [ 397.206452][ T9473] tomoyo_encode2+0xfb/0x3c0 [ 397.206485][ T9473] tomoyo_encode+0x29/0x50 [ 397.206513][ T9473] tomoyo_realpath_from_path+0x18c/0x690 [ 397.206551][ T9473] tomoyo_check_open_permission+0x2af/0x3c0 [ 397.206577][ T9473] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 397.206632][ T9473] ? do_raw_spin_lock+0x128/0x260 [ 397.206662][ T9473] ? path_get+0x61/0x80 [ 397.206693][ T9473] tomoyo_file_open+0x6b/0x90 [ 397.206729][ T9473] security_file_open+0xb5/0x1e0 [ 397.206757][ T9473] do_dentry_open+0x5aa/0x1660 [ 397.206784][ T9473] ? security_inode_permission+0xbf/0x250 [ 397.206814][ T9473] vfs_open+0x82/0x3f0 [ 397.206854][ T9473] path_openat+0x208c/0x31a0 [ 397.206890][ T9473] ? __pfx_path_openat+0x10/0x10 [ 397.206927][ T9473] do_file_open+0x20e/0x430 [ 397.206956][ T9473] ? __pfx_do_file_open+0x10/0x10 [ 397.207005][ T9473] ? alloc_fd+0x476/0x790 [ 397.207033][ T9473] ? do_getname+0x191/0x390 [ 397.207075][ T9473] do_sys_openat2+0x10d/0x1e0 [ 397.207109][ T9473] ? __pfx_do_sys_openat2+0x10/0x10 [ 397.207144][ T9473] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 397.207186][ T9473] __x64_sys_openat+0x12d/0x210 [ 397.207221][ T9473] ? __pfx___x64_sys_openat+0x10/0x10 [ 397.207254][ T9473] ? xfd_validate_state+0x129/0x190 [ 397.207292][ T9473] do_syscall_64+0x106/0xf80 [ 397.207328][ T9473] ? clear_bhb_loop+0x40/0x90 [ 397.207356][ T9473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.207380][ T9473] RIP: 0033:0x7f8ccdb9bf79 [ 397.207400][ T9473] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 397.207424][ T9473] RSP: 002b:00007f8cce9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 397.207447][ T9473] RAX: ffffffffffffffda RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9bf79 [ 397.207463][ T9473] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 397.207478][ T9473] RBP: 00007f8ccdc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 397.207492][ T9473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 397.207506][ T9473] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 397.207537][ T9473] [ 397.522756][ T9473] ERROR: Out of memory at tomoyo_realpath_from_path. [ 397.610878][ T9478] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 398.458042][ T9482] warning: `syz.1.784' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 399.472974][ T9499] vivid-009: ================= START STATUS ================= [ 399.480679][ T9499] vivid-009: Radio HW Seek Mode: Bounded [ 399.544063][ T9499] vivid-009: Radio Programmable HW Seek: false [ 399.647009][ T9499] vivid-009: RDS Rx I/O Mode: Block I/O [ 399.694201][ T9499] vivid-009: Generate RBDS Instead of RDS: false [ 399.768655][ T9499] vivid-009: RDS Reception: true [ 399.838221][ T9499] vivid-009: RDS Program Type: 0 inactive [ 399.916389][ T9499] vivid-009: RDS PS Name: inactive [ 400.001563][ T9499] vivid-009: RDS Radio Text: inactive [ 400.108097][ T9499] vivid-009: RDS Traffic Announcement: false inactive [ 400.184374][ T9499] vivid-009: RDS Traffic Program: false inactive [ 400.242834][ T9499] vivid-009: RDS Music: false inactive [ 400.248402][ T9499] vivid-009: ================== END STATUS ================== [ 400.723016][ T9522] ptrace attach of "./syz-executor exec"[5821] was attempted by "./syz-executor exec"[9522] [ 401.009062][ T9520] FAULT_INJECTION: forcing a failure. [ 401.009062][ T9520] name failslab, interval 1, probability 0, space 0, times 0 [ 401.129332][ T9520] CPU: 0 UID: 0 PID: 9520 Comm: syz.0.793 Tainted: G L syzkaller #0 PREEMPT(full) [ 401.129370][ T9520] Tainted: [L]=SOFTLOCKUP [ 401.129384][ T9520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 401.129398][ T9520] Call Trace: [ 401.129405][ T9520] [ 401.129414][ T9520] dump_stack_lvl+0x100/0x190 [ 401.129453][ T9520] should_fail_ex.cold+0x5/0xa [ 401.129480][ T9520] should_failslab+0xc2/0x120 [ 401.129509][ T9520] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 401.129533][ T9520] ? acpi_ps_alloc_op+0xf4/0x360 [ 401.129565][ T9520] acpi_ps_alloc_op+0xf4/0x360 [ 401.129595][ T9520] acpi_ps_create_scope_op+0x1a/0x70 [ 401.129622][ T9520] acpi_ps_execute_method+0x223/0xe90 [ 401.129663][ T9520] acpi_ns_evaluate+0x640/0x1670 [ 401.129699][ T9520] acpi_evaluate_object+0x420/0xe00 [ 401.129739][ T9520] ? kasan_save_stack+0x30/0x50 [ 401.129762][ T9520] ? kasan_save_track+0x14/0x30 [ 401.129791][ T9520] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 401.129832][ T9520] ? __pfx___might_resched+0x10/0x10 [ 401.129865][ T9520] acpi_evaluate_integer+0xdf/0x220 [ 401.129898][ T9520] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 401.129944][ T9520] ? __pfx_status_show+0x10/0x10 [ 401.129986][ T9520] status_show+0xa0/0x120 [ 401.130023][ T9520] ? __pfx_status_show+0x10/0x10 [ 401.130069][ T9520] dev_attr_show+0x52/0xa0 [ 401.130093][ T9520] ? __pfx_dev_attr_show+0x10/0x10 [ 401.130114][ T9520] sysfs_kf_seq_show+0x217/0x3a0 [ 401.130147][ T9520] seq_read_iter+0x32f/0x1270 [ 401.130182][ T9520] kernfs_fop_read_iter+0x46c/0x610 [ 401.130207][ T9520] ? rw_verify_area+0xce/0x6d0 [ 401.130243][ T9520] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 401.130269][ T9520] vfs_read+0x825/0xb30 [ 401.130295][ T9520] ? __pfx_vfs_read+0x10/0x10 [ 401.130336][ T9520] ksys_read+0x12a/0x250 [ 401.130359][ T9520] ? __pfx_ksys_read+0x10/0x10 [ 401.130390][ T9520] do_syscall_64+0x106/0xf80 [ 401.130426][ T9520] ? clear_bhb_loop+0x40/0x90 [ 401.130455][ T9520] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.130479][ T9520] RIP: 0033:0x7f1566b9bf79 [ 401.130498][ T9520] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 401.130523][ T9520] RSP: 002b:00007f1564df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 401.130545][ T9520] RAX: ffffffffffffffda RBX: 00007f1566e15fa0 RCX: 00007f1566b9bf79 [ 401.130561][ T9520] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000004 [ 401.130576][ T9520] RBP: 00007f1566c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 401.130590][ T9520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 401.130605][ T9520] R13: 00007f1566e16038 R14: 00007f1566e15fa0 R15: 00007ffdd6ec00c8 [ 401.130636][ T9520] [ 401.947527][ T9535] usbip-vudc usbip-vudc.0: gadget not bound [ 402.007464][ T9534] vivid-009: ================= START STATUS ================= [ 402.058307][ T9534] vivid-009: Radio HW Seek Mode: Bounded [ 402.102596][ T9534] vivid-009: Radio Programmable HW Seek: false [ 402.155642][ T9534] vivid-009: RDS Rx I/O Mode: Block I/O [ 402.161265][ T9534] vivid-009: Generate RBDS Instead of RDS: false [ 402.289254][ T9534] vivid-009: RDS Reception: true [ 402.339525][ T9534] vivid-009: RDS Program Type: 0 inactive [ 402.447355][ T9534] vivid-009: RDS PS Name: inactive [ 402.475619][ T9546] block nbd2: not configured, cannot reconfigure [ 402.488671][ T9534] vivid-009: RDS Radio Text: inactive [ 402.584827][ T9534] vivid-009: RDS Traffic Announcement: false inactive [ 402.661462][ T9534] vivid-009: RDS Traffic Program: false inactive [ 402.743274][ T9534] vivid-009: RDS Music: false inactive [ 402.796308][ T9534] vivid-009: ================== END STATUS ================== [ 403.601115][ T9568] netlink: 8 bytes leftover after parsing attributes in process `syz.0.806'. [ 405.643546][ T9592] netlink: 4 bytes leftover after parsing attributes in process `syz.3.814'. [ 406.495607][ T9580] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 406.512524][ T6785] Bluetooth: hci3: command 0x0c1a tx timeout [ 407.044517][ T9615] kvm: vcpu 3: requested lapic timer restore with starting count register 0x390=2424827650 (310377939200 ns) > initial count (223122034688 ns). Using initial count to start timer. [ 407.082770][ T9612] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 407.519272][ T9612] input: jJǸ-9%vJ86 as /devices/virtual/input/input18 [ 407.551684][ T9619] netlink: 330 bytes leftover after parsing attributes in process `syz.0.818'. [ 408.847929][ T9639] netlink: 28 bytes leftover after parsing attributes in process `syz.2.825'. [ 408.932101][ T9640] vivid-009: ================= START STATUS ================= [ 409.017077][ T9640] vivid-009: Radio HW Seek Mode: Bounded [ 409.094541][ T9640] vivid-009: Radio Programmable HW Seek: false [ 409.153492][ T9640] vivid-009: RDS Rx I/O Mode: Block I/O [ 409.272481][ T9640] vivid-009: Generate RBDS Instead of RDS: false [ 409.324758][ T9640] vivid-009: RDS Reception: true [ 409.420437][ T9640] vivid-009: RDS Program Type: 0 inactive [ 409.434658][ T9647] TCP: TCP_TX_DELAY enabled [ 409.503568][ T9640] vivid-009: RDS PS Name: inactive [ 409.562521][ T9640] vivid-009: RDS Radio Text: inactive [ 409.662903][ T9640] vivid-009: RDS Traffic Announcement: false inactive [ 409.773641][ T9640] vivid-009: RDS Traffic Program: false inactive [ 409.780107][ T9640] vivid-009: RDS Music: false inactive [ 409.999440][ T9640] vivid-009: ================== END STATUS ================== [ 410.294696][ T9659] vivid-009: ================= START STATUS ================= [ 410.372702][ T9657] FAULT_INJECTION: forcing a failure. [ 410.372702][ T9657] name fail_futex, interval 1, probability 0, space 0, times 0 [ 410.385843][ T9659] vivid-009: Radio HW Seek Mode: Bounded [ 410.423715][ T9659] vivid-009: Radio Programmable HW Seek: false [ 410.429974][ T9659] vivid-009: RDS Rx I/O Mode: Block I/O [ 410.447906][ T9657] CPU: 0 UID: 0 PID: 9657 Comm: syz.2.830 Tainted: G L syzkaller #0 PREEMPT(full) [ 410.447946][ T9657] Tainted: [L]=SOFTLOCKUP [ 410.447954][ T9657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 410.447969][ T9657] Call Trace: [ 410.447976][ T9657] [ 410.447985][ T9657] dump_stack_lvl+0x100/0x190 [ 410.448023][ T9657] should_fail_ex.cold+0x5/0xa [ 410.448050][ T9657] get_futex_key+0x1d2/0x1620 [ 410.448092][ T9657] ? __pfx_get_futex_key+0x10/0x10 [ 410.448139][ T9657] futex_wake+0xea/0x530 [ 410.448170][ T9657] ? __pfx_futex_wake+0x10/0x10 [ 410.448200][ T9657] ? mas_find+0x2dd/0x740 [ 410.448223][ T9657] ? ksm_add_vmas+0x295/0x3d0 [ 410.448269][ T9657] do_futex+0x32b/0x350 [ 410.448292][ T9657] ? __pfx_do_futex+0x10/0x10 [ 410.448315][ T9657] ? __do_sys_prctl+0x137e/0x21e0 [ 410.448344][ T9657] ? rcu_is_watching+0x12/0xc0 [ 410.448378][ T9657] __x64_sys_futex+0x34f/0x4d0 [ 410.448404][ T9657] ? __pfx___x64_sys_futex+0x10/0x10 [ 410.448426][ T9657] ? xfd_validate_state+0x129/0x190 [ 410.448465][ T9657] do_syscall_64+0x106/0xf80 [ 410.448500][ T9657] ? clear_bhb_loop+0x40/0x90 [ 410.448528][ T9657] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.448552][ T9657] RIP: 0033:0x7f2f89f9bf79 [ 410.448571][ T9657] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 410.448594][ T9657] RSP: 002b:00007f2f881f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 410.448616][ T9657] RAX: ffffffffffffffda RBX: 00007f2f8a215fa8 RCX: 00007f2f89f9bf79 [ 410.448632][ T9657] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2f8a215fac [ 410.448647][ T9657] RBP: 00007f2f8a215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 410.448662][ T9657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 410.448675][ T9657] R13: 00007f2f8a216038 R14: 00007ffe44c5d610 R15: 00007ffe44c5d6f8 [ 410.448705][ T9657] [ 410.823663][ T9659] vivid-009: Generate RBDS Instead of RDS: false [ 410.830788][ T9659] vivid-009: RDS Reception: true [ 410.836310][ T9659] vivid-009: RDS Program Type: 0 inactive [ 410.842180][ T9659] vivid-009: RDS PS Name: inactive [ 410.847541][ T9659] vivid-009: RDS Radio Text: inactive [ 410.853259][ T9659] vivid-009: RDS Traffic Announcement: false inactive [ 410.860894][ T9659] vivid-009: RDS Traffic Program: false inactive [ 410.880464][ T9659] vivid-009: RDS Music: false inactive [ 410.886610][ T9659] vivid-009: ================== END STATUS ================== [ 411.041589][ T9672] FAULT_INJECTION: forcing a failure. [ 411.041589][ T9672] name failslab, interval 1, probability 0, space 0, times 0 [ 411.054466][ T9672] CPU: 0 UID: 0 PID: 9672 Comm: syz.1.835 Tainted: G L syzkaller #0 PREEMPT(full) [ 411.054504][ T9672] Tainted: [L]=SOFTLOCKUP [ 411.054512][ T9672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 411.054527][ T9672] Call Trace: [ 411.054535][ T9672] [ 411.054545][ T9672] dump_stack_lvl+0x100/0x190 [ 411.054582][ T9672] should_fail_ex.cold+0x5/0xa [ 411.054609][ T9672] should_failslab+0xc2/0x120 [ 411.054638][ T9672] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 411.054663][ T9672] ? __d_alloc+0x34/0xa80 [ 411.054696][ T9672] __d_alloc+0x34/0xa80 [ 411.054727][ T9672] d_alloc_pseudo+0x1c/0xc0 [ 411.054763][ T9672] alloc_file_pseudo+0xcf/0x230 [ 411.054798][ T9672] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 411.054840][ T9672] ? alloc_fd+0x476/0x790 [ 411.054872][ T9672] sock_alloc_file+0x50/0x210 [ 411.054911][ T9672] __sys_socket+0x1c0/0x260 [ 411.054937][ T9672] ? fput+0x79/0x100 [ 411.054965][ T9672] ? __pfx___sys_socket+0x10/0x10 [ 411.054991][ T9672] ? xfd_validate_state+0x129/0x190 [ 411.055027][ T9672] __x64_sys_socket+0x72/0xb0 [ 411.055053][ T9672] ? lockdep_hardirqs_on+0x78/0x100 [ 411.055089][ T9672] do_syscall_64+0x106/0xf80 [ 411.055124][ T9672] ? clear_bhb_loop+0x40/0x90 [ 411.055153][ T9672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 411.055177][ T9672] RIP: 0033:0x7f8ccdb9d807 [ 411.055196][ T9672] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 411.055219][ T9672] RSP: 002b:00007f8cce9ebf98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 411.055241][ T9672] RAX: ffffffffffffffda RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9d807 [ 411.055257][ T9672] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 411.055271][ T9672] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 411.055285][ T9672] R10: 0000200000000280 R11: 0000000000000286 R12: 0000000000000000 [ 411.055300][ T9672] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 411.055332][ T9672] [ 413.711681][ T9735] Invalid ELF header magic: != ELF [ 415.865329][ T9777] FAULT_INJECTION: forcing a failure. [ 415.865329][ T9777] name failslab, interval 1, probability 0, space 0, times 0 [ 415.948739][ T9777] CPU: 0 UID: 0 PID: 9777 Comm: syz.1.862 Tainted: G L syzkaller #0 PREEMPT(full) [ 415.948777][ T9777] Tainted: [L]=SOFTLOCKUP [ 415.948786][ T9777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 415.948800][ T9777] Call Trace: [ 415.948807][ T9777] [ 415.948817][ T9777] dump_stack_lvl+0x100/0x190 [ 415.948857][ T9777] should_fail_ex.cold+0x5/0xa [ 415.948883][ T9777] should_failslab+0xc2/0x120 [ 415.948912][ T9777] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 415.948937][ T9777] ? __d_alloc+0x34/0xa80 [ 415.948972][ T9777] __d_alloc+0x34/0xa80 [ 415.949003][ T9777] d_alloc+0x4a/0x1e0 [ 415.949032][ T9777] lookup_one_qstr_excl+0x175/0x250 [ 415.949069][ T9777] start_dirop+0x59/0xb0 [ 415.949093][ T9777] simple_start_creating+0xf9/0x110 [ 415.949117][ T9777] ? __pfx_simple_start_creating+0x10/0x10 [ 415.949148][ T9777] nfsd_fill_super+0x1c9/0x560 [ 415.949188][ T9777] ? __pfx_nfsd_fill_super+0x10/0x10 [ 415.949224][ T9777] get_tree_keyed+0x10e/0x1d0 [ 415.949249][ T9777] vfs_get_tree+0x92/0x320 [ 415.949284][ T9777] path_mount+0x7d0/0x23d0 [ 415.949318][ T9777] ? __pfx_path_mount+0x10/0x10 [ 415.949345][ T9777] ? lockdep_hardirqs_on+0x78/0x100 [ 415.949384][ T9777] ? putname+0xb1/0x110 [ 415.949409][ T9777] ? kmem_cache_free+0x124/0x670 [ 415.949463][ T9777] ? __x64_sys_mount+0x293/0x310 [ 415.949492][ T9777] __x64_sys_mount+0x293/0x310 [ 415.949523][ T9777] ? __pfx___x64_sys_mount+0x10/0x10 [ 415.949569][ T9777] do_syscall_64+0x106/0xf80 [ 415.949604][ T9777] ? clear_bhb_loop+0x40/0x90 [ 415.949633][ T9777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 415.949657][ T9777] RIP: 0033:0x7f8ccdb9bf79 [ 415.949675][ T9777] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 415.949699][ T9777] RSP: 002b:00007f8cce9cc028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 415.949721][ T9777] RAX: ffffffffffffffda RBX: 00007f8ccde16090 RCX: 00007f8ccdb9bf79 [ 415.949737][ T9777] RDX: 0000200000000140 RSI: 0000200000000040 RDI: 0000000000000000 [ 415.949756][ T9777] RBP: 00007f8ccdc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 415.949770][ T9777] R10: 00000000c0ed0000 R11: 0000000000000246 R12: 0000000000000000 [ 415.949785][ T9777] R13: 00007f8ccde16128 R14: 00007f8ccde16090 R15: 00007ffdcd511f58 [ 415.949815][ T9777] [ 416.714550][ T9782] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 417.413684][ T9796] FAULT_INJECTION: forcing a failure. [ 417.413684][ T9796] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 417.462568][ T9796] CPU: 0 UID: 0 PID: 9796 Comm: syz.3.867 Tainted: G L syzkaller #0 PREEMPT(full) [ 417.462605][ T9796] Tainted: [L]=SOFTLOCKUP [ 417.462613][ T9796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 417.462626][ T9796] Call Trace: [ 417.462634][ T9796] [ 417.462642][ T9796] dump_stack_lvl+0x100/0x190 [ 417.462681][ T9796] should_fail_ex.cold+0x5/0xa [ 417.462706][ T9796] _copy_from_user+0x2e/0xd0 [ 417.462732][ T9796] copy_msghdr_from_user+0x9f/0x4f0 [ 417.462760][ T9796] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 417.462792][ T9796] ? __pfx__kstrtoull+0x10/0x10 [ 417.462829][ T9796] ___sys_sendmsg+0x106/0x1e0 [ 417.462857][ T9796] ? __pfx____sys_sendmsg+0x10/0x10 [ 417.462896][ T9796] ? find_held_lock+0x2b/0x80 [ 417.462945][ T9796] __sys_sendmmsg+0x205/0x430 [ 417.462983][ T9796] ? __pfx___sys_sendmmsg+0x10/0x10 [ 417.463026][ T9796] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 417.463075][ T9796] ? fput+0x79/0x100 [ 417.463104][ T9796] ? ksys_write+0x1ac/0x250 [ 417.463126][ T9796] ? __pfx_ksys_write+0x10/0x10 [ 417.463154][ T9796] __x64_sys_sendmmsg+0x9c/0x100 [ 417.463188][ T9796] ? lockdep_hardirqs_on+0x78/0x100 [ 417.463222][ T9796] do_syscall_64+0x106/0xf80 [ 417.463256][ T9796] ? clear_bhb_loop+0x40/0x90 [ 417.463283][ T9796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.463313][ T9796] RIP: 0033:0x7f1fb139bf79 [ 417.463331][ T9796] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 417.463354][ T9796] RSP: 002b:00007f1faf5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 417.463376][ T9796] RAX: ffffffffffffffda RBX: 00007f1fb1616090 RCX: 00007f1fb139bf79 [ 417.463391][ T9796] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000004 [ 417.463405][ T9796] RBP: 00007f1faf5f6090 R08: 0000000000000000 R09: 0000000000000000 [ 417.463418][ T9796] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 417.463432][ T9796] R13: 00007f1fb1616128 R14: 00007f1fb1616090 R15: 00007ffeda513e58 [ 417.463462][ T9796] [ 418.140231][ T9812] Invalid ELF header magic: != ELF [ 418.412833][ T9823] vivid-009: ================= START STATUS ================= [ 418.440835][ T9823] vivid-009: Radio HW Seek Mode: Bounded [ 418.474865][ T9823] vivid-009: Radio Programmable HW Seek: false [ 418.514802][ T9823] vivid-009: RDS Rx I/O Mode: Block I/O [ 418.557958][ T9823] vivid-009: Generate RBDS Instead of RDS: false [ 418.600924][ T9823] vivid-009: RDS Reception: true [ 418.634982][ T9823] vivid-009: RDS Program Type: 0 inactive [ 418.698111][ T9823] vivid-009: RDS PS Name: inactive [ 418.740197][ T9823] vivid-009: RDS Radio Text: inactive [ 418.828341][ T9823] vivid-009: RDS Traffic Announcement: false inactive [ 418.929974][ T9823] vivid-009: RDS Traffic Program: false inactive [ 419.056046][ T9823] vivid-009: RDS Music: false inactive [ 419.061972][ T9823] vivid-009: ================== END STATUS ================== [ 421.093709][ T9865] netlink: 28 bytes leftover after parsing attributes in process `syz.3.884'. [ 421.174127][ T9866] vivid-009: ================= START STATUS ================= [ 421.209641][ T9866] vivid-009: Radio HW Seek Mode: Bounded [ 421.258171][ T9866] vivid-009: Radio Programmable HW Seek: false [ 421.282572][ T9866] vivid-009: RDS Rx I/O Mode: Block I/O [ 421.288188][ T9866] vivid-009: Generate RBDS Instead of RDS: false [ 421.366121][ T9866] vivid-009: RDS Reception: true [ 421.439902][ T9866] vivid-009: RDS Program Type: 0 inactive [ 421.468793][ T9866] vivid-009: RDS PS Name: inactive [ 421.517850][ T9871] FAULT_INJECTION: forcing a failure. [ 421.517850][ T9871] name failslab, interval 1, probability 0, space 0, times 0 [ 421.532476][ T9866] vivid-009: RDS Radio Text: inactive [ 421.600662][ T9871] CPU: 0 UID: 0 PID: 9871 Comm: Tainted: G L syzkaller #0 PREEMPT(full) [ 421.600702][ T9871] Tainted: [L]=SOFTLOCKUP [ 421.600711][ T9871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 421.600725][ T9871] Call Trace: [ 421.600732][ T9871] [ 421.600741][ T9871] dump_stack_lvl+0x100/0x190 [ 421.600780][ T9871] should_fail_ex.cold+0x5/0xa [ 421.600807][ T9871] ? tomoyo_realpath_from_path+0xb6/0x690 [ 421.600838][ T9871] should_failslab+0xc2/0x120 [ 421.600867][ T9871] __kmalloc_noprof+0xe0/0x850 [ 421.600897][ T9871] tomoyo_realpath_from_path+0xb6/0x690 [ 421.600935][ T9871] tomoyo_path_number_perm+0x23c/0x580 [ 421.600958][ T9871] ? tomoyo_path_number_perm+0x22e/0x580 [ 421.600985][ T9871] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 421.601039][ T9871] ? find_held_lock+0x2b/0x80 [ 421.601071][ T9871] ? current_check_access_path+0x281/0x460 [ 421.601101][ T9871] ? __pfx_current_check_access_path+0x10/0x10 [ 421.601132][ T9871] ? d_alloc_parallel+0x864/0x14e0 [ 421.601183][ T9871] tomoyo_path_mknod+0x164/0x190 [ 421.601218][ T9871] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 421.601252][ T9871] ? find_held_lock+0x2b/0x80 [ 421.601285][ T9871] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 421.601323][ T9871] security_path_mknod+0x161/0x300 [ 421.601356][ T9871] may_o_create+0x30/0x3a0 [ 421.601394][ T9871] lookup_open.isra.0+0xa0d/0x11b0 [ 421.601438][ T9871] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 421.601481][ T9871] ? __pfx___might_resched+0x10/0x10 [ 421.601509][ T9871] ? mnt_get_write_access+0x52/0x2f0 [ 421.601549][ T9871] ? __pfx_down_write+0x10/0x10 [ 421.601571][ T9871] ? mnt_get_write_access+0x1e9/0x2f0 [ 421.601609][ T9871] path_openat+0x2291/0x31a0 [ 421.601646][ T9871] ? __pfx_path_openat+0x10/0x10 [ 421.601683][ T9871] do_file_open+0x20e/0x430 [ 421.601712][ T9871] ? __pfx_do_file_open+0x10/0x10 [ 421.601760][ T9871] ? alloc_fd+0x476/0x790 [ 421.601787][ T9871] ? do_getname+0x191/0x390 [ 421.601821][ T9871] do_sys_openat2+0x10d/0x1e0 [ 421.601856][ T9871] ? __pfx_do_sys_openat2+0x10/0x10 [ 421.601900][ T9871] __x64_sys_openat+0x12d/0x210 [ 421.601935][ T9871] ? __pfx___x64_sys_openat+0x10/0x10 [ 421.601969][ T9871] ? xfd_validate_state+0x129/0x190 [ 421.602008][ T9871] do_syscall_64+0x106/0xf80 [ 421.602055][ T9871] ? clear_bhb_loop+0x40/0x90 [ 421.602083][ T9871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.602106][ T9871] RIP: 0033:0x7f2f89f9bf79 [ 421.602124][ T9871] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 421.602165][ T9871] RSP: 002b:00007f2f881f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 421.602188][ T9871] RAX: ffffffffffffffda RBX: 00007f2f8a215fa0 RCX: 00007f2f89f9bf79 [ 421.602204][ T9871] RDX: 000000000010b842 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 421.602219][ T9871] RBP: 00007f2f8a0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 421.602233][ T9871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.602247][ T9871] R13: 00007f2f8a216038 R14: 00007f2f8a215fa0 R15: 00007ffe44c5d6f8 [ 421.602277][ T9871] [ 421.602286][ T9871] ERROR: Out of memory at tomoyo_realpath_from_path. [ 421.942534][ T9866] vivid-009: RDS Traffic Announcement: false inactive [ 421.949397][ T9866] vivid-009: RDS Traffic Program: false inactive [ 422.061930][ T9866] vivid-009: RDS Music: false inactive [ 422.101556][ T9866] vivid-009: ================== END STATUS ================== [ 423.886654][ T9924] netlink: 'syz.0.899': attribute type 11 has an invalid length. [ 423.920346][ T9924] netlink: 'syz.0.899': attribute type 11 has an invalid length. [ 423.952223][ T9924] netlink: 'syz.0.899': attribute type 11 has an invalid length. [ 424.016214][ T9925] vivid-009: ================= START STATUS ================= [ 424.055828][ T9925] vivid-009: Radio HW Seek Mode: Bounded [ 424.086113][ T9925] vivid-009: Radio Programmable HW Seek: false [ 424.135112][ T9925] vivid-009: RDS Rx I/O Mode: Block I/O [ 424.201176][ T9925] vivid-009: Generate RBDS Instead of RDS: false [ 424.253613][ T9925] vivid-009: RDS Reception: true [ 424.282575][ T9925] vivid-009: RDS Program Type: 0 inactive [ 424.313380][ T9925] vivid-009: RDS PS Name: inactive [ 424.404967][ T9925] vivid-009: RDS Radio Text: inactive [ 424.444765][ T9925] vivid-009: RDS Traffic Announcement: false inactive [ 424.511319][ T9925] vivid-009: RDS Traffic Program: false inactive [ 424.579837][ T9925] vivid-009: RDS Music: false inactive [ 424.635615][ T9925] vivid-009: ================== END STATUS ================== [ 425.292589][ T9951] input: jJǸ-9%vJ86 as /devices/virtual/input/input19 [ 425.623389][ T9951] FAULT_INJECTION: forcing a failure. [ 425.623389][ T9951] name failslab, interval 1, probability 0, space 0, times 0 [ 425.924039][ T9951] CPU: 0 UID: 0 PID: 9951 Comm: syz.0.903 Tainted: G L syzkaller #0 PREEMPT(full) [ 425.924078][ T9951] Tainted: [L]=SOFTLOCKUP [ 425.924087][ T9951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 425.924101][ T9951] Call Trace: [ 425.924109][ T9951] [ 425.924117][ T9951] dump_stack_lvl+0x100/0x190 [ 425.924156][ T9951] should_fail_ex.cold+0x5/0xa [ 425.924182][ T9951] should_failslab+0xc2/0x120 [ 425.924212][ T9951] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 425.924235][ T9951] ? __pmd_alloc+0xbf/0x9c0 [ 425.924272][ T9951] __pmd_alloc+0xbf/0x9c0 [ 425.924307][ T9951] __handle_mm_fault+0xa99/0x2b50 [ 425.924349][ T9951] ? mt_find+0x45e/0x8e0 [ 425.924372][ T9951] ? __pfx___handle_mm_fault+0x10/0x10 [ 425.924408][ T9951] ? __pfx_mt_find+0x10/0x10 [ 425.924452][ T9951] handle_mm_fault+0x36d/0xa20 [ 425.924495][ T9951] __get_user_pages+0xf9c/0x34d0 [ 425.924538][ T9951] ? __pfx___get_user_pages+0x10/0x10 [ 425.924584][ T9951] populate_vma_page_range+0x267/0x3f0 [ 425.924620][ T9951] ? __pfx_populate_vma_page_range+0x10/0x10 [ 425.924654][ T9951] ? __pfx_find_vma_intersection+0x10/0x10 [ 425.924685][ T9951] ? do_mmap+0x93f/0x12f0 [ 425.924719][ T9951] __mm_populate+0x107/0x3a0 [ 425.924754][ T9951] ? __pfx___mm_populate+0x10/0x10 [ 425.924789][ T9951] ? up_write+0x290/0x4f0 [ 425.924820][ T9951] vm_mmap_pgoff+0x37f/0x470 [ 425.924855][ T9951] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 425.924893][ T9951] ? __x64_sys_futex+0x34f/0x4d0 [ 425.924915][ T9951] ? __x64_sys_futex+0x358/0x4d0 [ 425.924949][ T9951] ksys_mmap_pgoff+0x7d/0x5b0 [ 425.924984][ T9951] __x64_sys_mmap+0x125/0x190 [ 425.925019][ T9951] do_syscall_64+0x106/0xf80 [ 425.925058][ T9951] ? clear_bhb_loop+0x40/0x90 [ 425.925087][ T9951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.925111][ T9951] RIP: 0033:0x7f1566b9bf79 [ 425.925129][ T9951] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 425.925153][ T9951] RSP: 002b:00007f1564991028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 425.925175][ T9951] RAX: ffffffffffffffda RBX: 00007f1566e16270 RCX: 00007f1566b9bf79 [ 425.925191][ T9951] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 425.925206][ T9951] RBP: 00007f1566c327e0 R08: ffffffffffffffff R09: 0000000000000000 [ 425.925221][ T9951] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 425.925235][ T9951] R13: 00007f1566e16308 R14: 00007f1566e16270 R15: 00007ffdd6ec00c8 [ 425.925266][ T9951] [ 427.853228][ T9979] netlink: 8 bytes leftover after parsing attributes in process `syz.3.910'. [ 428.967851][T10014] netlink: 'syz.0.920': attribute type 11 has an invalid length. [ 429.839133][T10028] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 429.895803][T10027] delete_channel: no stack [ 431.013249][T10059] netlink: 28 bytes leftover after parsing attributes in process `syz.1.931'. [ 433.016448][ T6785] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 433.636325][T10111] netlink: 8 bytes leftover after parsing attributes in process `syz.0.942'. [ 433.757714][T10105] Invalid ELF header magic: != ELF [ 433.904183][T10114] Invalid ELF header magic: != ELF [ 435.560686][T10130] FAULT_INJECTION: forcing a failure. [ 435.560686][T10130] name fail_futex, interval 1, probability 0, space 0, times 0 [ 435.743760][T10130] CPU: 0 UID: 0 PID: 10130 Comm: syz.0.943 Tainted: G L syzkaller #0 PREEMPT(full) [ 435.743799][T10130] Tainted: [L]=SOFTLOCKUP [ 435.743807][T10130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 435.743822][T10130] Call Trace: [ 435.743829][T10130] [ 435.743838][T10130] dump_stack_lvl+0x100/0x190 [ 435.743877][T10130] should_fail_ex.cold+0x5/0xa [ 435.743903][T10130] get_futex_key+0x1d2/0x1620 [ 435.743945][T10130] ? __pfx_get_futex_key+0x10/0x10 [ 435.743984][T10130] ? kasan_quarantine_put+0x104/0x240 [ 435.744009][T10130] ? lockdep_hardirqs_on+0x78/0x100 [ 435.744058][T10130] futex_wake+0xea/0x530 [ 435.744086][T10130] ? find_held_lock+0x2b/0x80 [ 435.744120][T10130] ? __pfx_futex_wake+0x10/0x10 [ 435.744151][T10130] ? ksys_write+0x190/0x250 [ 435.744174][T10130] ? ksys_write+0x190/0x250 [ 435.744202][T10130] do_futex+0x32b/0x350 [ 435.744224][T10130] ? __pfx_do_futex+0x10/0x10 [ 435.744254][T10130] __x64_sys_futex+0x34f/0x4d0 [ 435.744279][T10130] ? fput+0x79/0x100 [ 435.744307][T10130] ? __pfx___x64_sys_futex+0x10/0x10 [ 435.744329][T10130] ? ksys_write+0x1ac/0x250 [ 435.744351][T10130] ? __pfx_ksys_write+0x10/0x10 [ 435.744383][T10130] do_syscall_64+0x106/0xf80 [ 435.744417][T10130] ? clear_bhb_loop+0x40/0x90 [ 435.744445][T10130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.744469][T10130] RIP: 0033:0x7f1566b9bf79 [ 435.744488][T10130] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 435.744511][T10130] RSP: 002b:00007f1564dd50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 435.744534][T10130] RAX: ffffffffffffffda RBX: 00007f1566e16098 RCX: 00007f1566b9bf79 [ 435.744550][T10130] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1566e1609c [ 435.744564][T10130] RBP: 00007f1566e16090 R08: 0000000000000000 R09: 0000000000000000 [ 435.744579][T10130] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000000 [ 435.744606][T10130] R13: 00007f1566e16128 R14: 00007ffdd6ebffe0 R15: 00007ffdd6ec00c8 [ 435.744636][T10130] [ 437.012181][ T6785] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 437.342123][T10149] netlink: 4 bytes leftover after parsing attributes in process `syz.1.946'. [ 437.723041][T10168] vivid-009: ================= START STATUS ================= [ 437.757125][T10168] vivid-009: Radio HW Seek Mode: Bounded [ 437.794242][T10168] vivid-009: Radio Programmable HW Seek: false [ 437.822536][T10168] vivid-009: RDS Rx I/O Mode: Block I/O [ 437.862696][T10168] vivid-009: Generate RBDS Instead of RDS: false [ 437.932524][T10168] vivid-009: RDS Reception: true [ 437.992477][T10168] vivid-009: RDS Program Type: 0 inactive [ 438.018666][T10168] vivid-009: RDS PS Name: inactive [ 438.101654][T10168] vivid-009: RDS Radio Text: inactive [ 438.111759][T10168] vivid-009: RDS Traffic Announcement: false inactive [ 438.172617][T10168] vivid-009: RDS Traffic Program: false inactive [ 438.232590][T10168] vivid-009: RDS Music: false inactive [ 438.263499][T10168] vivid-009: ================== END STATUS ================== [ 438.708320][T10180] netlink: 28 bytes leftover after parsing attributes in process `syz.3.954'. [ 440.356512][T10194] vivid-009: ================= START STATUS ================= [ 440.394300][T10194] vivid-009: Radio HW Seek Mode: Bounded [ 440.400028][T10194] vivid-009: Radio Programmable HW Seek: false [ 440.459366][T10194] vivid-009: RDS Rx I/O Mode: Block I/O [ 440.492574][T10194] vivid-009: Generate RBDS Instead of RDS: false [ 440.552845][T10194] vivid-009: RDS Reception: true [ 440.557934][T10194] vivid-009: RDS Program Type: 0 inactive [ 440.648580][T10194] vivid-009: RDS PS Name: inactive [ 440.723709][T10194] vivid-009: RDS Radio Text: inactive [ 440.762843][T10194] vivid-009: RDS Traffic Announcement: false inactive [ 440.769688][T10194] vivid-009: RDS Traffic Program: false inactive [ 440.885224][T10204] syz.2.962 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 440.903281][T10194] vivid-009: RDS Music: false inactive [ 440.933641][T10194] vivid-009: ================== END STATUS ================== [ 441.392858][T10217] FAULT_INJECTION: forcing a failure. [ 441.392858][T10217] name failslab, interval 1, probability 0, space 0, times 0 [ 441.557332][T10217] CPU: 0 UID: 0 PID: 10217 Comm: syz.2.964 Tainted: G L syzkaller #0 PREEMPT(full) [ 441.557371][T10217] Tainted: [L]=SOFTLOCKUP [ 441.557379][T10217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 441.557393][T10217] Call Trace: [ 441.557401][T10217] [ 441.557410][T10217] dump_stack_lvl+0x100/0x190 [ 441.557448][T10217] should_fail_ex.cold+0x5/0xa [ 441.557475][T10217] should_failslab+0xc2/0x120 [ 441.557504][T10217] __kmalloc_cache_noprof+0x7a/0x6f0 [ 441.557542][T10217] ? alloc_fs_context+0x57/0xf40 [ 441.557577][T10217] alloc_fs_context+0x57/0xf40 [ 441.557611][T10217] mq_init_ns+0x16e/0x820 [ 441.557635][T10217] copy_ipcs+0x3dd/0x7e0 [ 441.557658][T10217] create_new_namespaces+0x20a/0xac0 [ 441.557694][T10217] ? security_capable+0x80/0x260 [ 441.557732][T10217] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 441.557770][T10217] ksys_unshare+0x455/0xab0 [ 441.557797][T10217] ? __pfx_ksys_unshare+0x10/0x10 [ 441.557820][T10217] ? xfd_validate_state+0x129/0x190 [ 441.557858][T10217] __x64_sys_unshare+0x31/0x40 [ 441.557882][T10217] do_syscall_64+0x106/0xf80 [ 441.557917][T10217] ? clear_bhb_loop+0x40/0x90 [ 441.557946][T10217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.557970][T10217] RIP: 0033:0x7f2f89f9bf79 [ 441.557988][T10217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 441.558012][T10217] RSP: 002b:00007f2f881d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 441.558035][T10217] RAX: ffffffffffffffda RBX: 00007f2f8a216090 RCX: 00007f2f89f9bf79 [ 441.558055][T10217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 441.558070][T10217] RBP: 00007f2f8a0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 441.558084][T10217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 441.558098][T10217] R13: 00007f2f8a216128 R14: 00007f2f8a216090 R15: 00007ffe44c5d6f8 [ 441.558136][T10217] [ 444.948778][T10273] : Can't lookup blockdev [ 445.176654][T10277] FAULT_INJECTION: forcing a failure. [ 445.176654][T10277] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 445.176693][T10277] CPU: 0 UID: 0 PID: 10277 Comm: syz.3.978 Tainted: G L syzkaller #0 PREEMPT(full) [ 445.176730][T10277] Tainted: [L]=SOFTLOCKUP [ 445.176752][T10277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 445.176771][T10277] Call Trace: [ 445.176784][T10277] [ 445.176792][T10277] dump_stack_lvl+0x100/0x190 [ 445.176828][T10277] should_fail_ex.cold+0x5/0xa [ 445.176853][T10277] _copy_to_user+0x32/0xd0 [ 445.176879][T10277] simple_read_from_buffer+0xcb/0x170 [ 445.176919][T10277] proc_fail_nth_read+0x1af/0x230 [ 445.176946][T10277] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 445.176973][T10277] ? rw_verify_area+0xce/0x6d0 [ 445.177008][T10277] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 445.177032][T10277] vfs_read+0x1e4/0xb30 [ 445.177058][T10277] ? __pfx_vfs_read+0x10/0x10 [ 445.177078][T10277] ? __fget_files+0x215/0x3d0 [ 445.177107][T10277] ? __fget_files+0x21f/0x3d0 [ 445.177137][T10277] ksys_read+0x12a/0x250 [ 445.177158][T10277] ? __pfx_ksys_read+0x10/0x10 [ 445.177189][T10277] do_syscall_64+0x106/0xf80 [ 445.177222][T10277] ? clear_bhb_loop+0x40/0x90 [ 445.177250][T10277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.177272][T10277] RIP: 0033:0x7f1fb135c84e [ 445.177291][T10277] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 445.177314][T10277] RSP: 002b:00007f1fb2189fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 445.177335][T10277] RAX: ffffffffffffffda RBX: 00007f1fb218a6c0 RCX: 00007f1fb135c84e [ 445.177350][T10277] RDX: 000000000000000f RSI: 00007f1fb218a0a0 RDI: 0000000000000004 [ 445.177364][T10277] RBP: 00007f1fb218a090 R08: 0000000000000000 R09: 0000000000000000 [ 445.177378][T10277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 445.177392][T10277] R13: 00007f1fb1616038 R14: 00007f1fb1615fa0 R15: 00007ffeda513e58 [ 445.177422][T10277] [ 446.007483][T10288] FAULT_INJECTION: forcing a failure. [ 446.007483][T10288] name failslab, interval 1, probability 0, space 0, times 0 [ 446.007534][T10288] CPU: 0 UID: 0 PID: 10288 Comm: syz.3.980 Tainted: G L syzkaller #0 PREEMPT(full) [ 446.007568][T10288] Tainted: [L]=SOFTLOCKUP [ 446.007576][T10288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 446.007590][T10288] Call Trace: [ 446.007598][T10288] [ 446.007606][T10288] dump_stack_lvl+0x100/0x190 [ 446.007644][T10288] should_fail_ex.cold+0x5/0xa [ 446.007670][T10288] should_failslab+0xc2/0x120 [ 446.007699][T10288] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 446.007723][T10288] ? alloc_inode+0x183/0x250 [ 446.007772][T10288] alloc_inode+0x183/0x250 [ 446.007806][T10288] new_inode+0x22/0x1c0 [ 446.007838][T10288] ? dput.part.0+0xdd/0x570 [ 446.007873][T10288] simple_fill_super+0x2d9/0x680 [ 446.007903][T10288] ? __pfx_nfsd_fill_super+0x10/0x10 [ 446.007941][T10288] nfsd_fill_super+0x98/0x560 [ 446.007976][T10288] ? __pfx_set_anon_super_fc+0x10/0x10 [ 446.008013][T10288] ? __pfx_nfsd_fill_super+0x10/0x10 [ 446.008049][T10288] get_tree_keyed+0x10e/0x1d0 [ 446.008072][T10288] vfs_get_tree+0x92/0x320 [ 446.008107][T10288] path_mount+0x7d0/0x23d0 [ 446.008141][T10288] ? __pfx_path_mount+0x10/0x10 [ 446.008168][T10288] ? lockdep_hardirqs_on+0x78/0x100 [ 446.008207][T10288] ? putname+0xb1/0x110 [ 446.008231][T10288] ? kmem_cache_free+0x124/0x670 [ 446.008281][T10288] ? __x64_sys_mount+0x293/0x310 [ 446.008310][T10288] __x64_sys_mount+0x293/0x310 [ 446.008340][T10288] ? __pfx___x64_sys_mount+0x10/0x10 [ 446.008379][T10288] do_syscall_64+0x106/0xf80 [ 446.008414][T10288] ? clear_bhb_loop+0x40/0x90 [ 446.008444][T10288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.008467][T10288] RIP: 0033:0x7f1fb139bf79 [ 446.008486][T10288] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 446.008509][T10288] RSP: 002b:00007f1faf5f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 446.008532][T10288] RAX: ffffffffffffffda RBX: 00007f1fb1616090 RCX: 00007f1fb139bf79 [ 446.008548][T10288] RDX: 0000200000000140 RSI: 0000200000000040 RDI: 0000000000000000 [ 446.008563][T10288] RBP: 00007f1fb14327e0 R08: 0000000000000000 R09: 0000000000000000 [ 446.008577][T10288] R10: 00000000c0ed0000 R11: 0000000000000246 R12: 0000000000000000 [ 446.008592][T10288] R13: 00007f1fb1616128 R14: 00007f1fb1616090 R15: 00007ffeda513e58 [ 446.008623][T10288] [ 447.444967][T10303] Invalid ELF header magic: != ELF [ 449.914954][T10335] vivid-009: ================= START STATUS ================= [ 449.963956][T10335] vivid-009: Radio HW Seek Mode: Bounded [ 450.024334][T10335] vivid-009: Radio Programmable HW Seek: false [ 450.030623][T10335] vivid-009: RDS Rx I/O Mode: Block I/O [ 450.100518][T10335] vivid-009: Generate RBDS Instead of RDS: false [ 450.117386][T10335] vivid-009: RDS Reception: true [ 450.146342][T10335] vivid-009: RDS Program Type: 0 inactive [ 450.226536][T10335] vivid-009: RDS PS Name: inactive [ 450.254749][T10335] vivid-009: RDS Radio Text: inactive [ 450.352588][T10335] vivid-009: RDS Traffic Announcement: false inactive [ 450.439916][T10335] vivid-009: RDS Traffic Program: false inactive [ 450.543248][T10335] vivid-009: RDS Music: false inactive [ 450.548830][T10335] vivid-009: ================== END STATUS ================== [ 450.595868][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 450.602286][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 451.074074][T10351] netlink: 314 bytes leftover after parsing attributes in process `syz.0.995'. [ 451.289247][T10359] vivid-009: ================= START STATUS ================= [ 451.318579][T10359] vivid-009: Radio HW Seek Mode: Bounded [ 451.339294][T10359] vivid-009: Radio Programmable HW Seek: false [ 451.363500][T10359] vivid-009: RDS Rx I/O Mode: Block I/O [ 451.385179][T10359] vivid-009: Generate RBDS Instead of RDS: false [ 451.408716][T10359] vivid-009: RDS Reception: true [ 451.429932][T10359] vivid-009: RDS Program Type: 0 inactive [ 451.465625][T10359] vivid-009: RDS PS Name: inactive [ 451.485665][T10359] vivid-009: RDS Radio Text: inactive [ 451.506408][T10359] vivid-009: RDS Traffic Announcement: false inactive [ 451.534763][T10359] vivid-009: RDS Traffic Program: false inactive [ 451.554057][T10359] vivid-009: RDS Music: false inactive [ 451.573301][T10359] vivid-009: ================== END STATUS ================== [ 452.470376][T10376] FAULT_INJECTION: forcing a failure. [ 452.470376][T10376] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 452.530236][T10376] CPU: 0 UID: 0 PID: 10376 Comm: syz.3.1002 Tainted: G L syzkaller #0 PREEMPT(full) [ 452.530274][T10376] Tainted: [L]=SOFTLOCKUP [ 452.530282][T10376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 452.530296][T10376] Call Trace: [ 452.530303][T10376] [ 452.530312][T10376] dump_stack_lvl+0x100/0x190 [ 452.530348][T10376] should_fail_ex.cold+0x5/0xa [ 452.530374][T10376] _copy_to_iter+0x5a4/0x1720 [ 452.530404][T10376] ? __pfx__copy_to_iter+0x10/0x10 [ 452.530441][T10376] seq_read_iter+0xdab/0x1270 [ 452.530475][T10376] seq_read+0x33b/0x4c0 [ 452.530496][T10376] ? __pfx_seq_read+0x10/0x10 [ 452.530537][T10376] full_proxy_read+0x135/0x1a0 [ 452.530575][T10376] ? __pfx_full_proxy_read+0x10/0x10 [ 452.530614][T10376] vfs_read+0x1e4/0xb30 [ 452.530640][T10376] ? __pfx_vfs_read+0x10/0x10 [ 452.530662][T10376] ? __fget_files+0x215/0x3d0 [ 452.530691][T10376] ? __fget_files+0x21f/0x3d0 [ 452.530722][T10376] ksys_read+0x12a/0x250 [ 452.530743][T10376] ? __pfx_ksys_read+0x10/0x10 [ 452.530774][T10376] do_syscall_64+0x106/0xf80 [ 452.530808][T10376] ? clear_bhb_loop+0x40/0x90 [ 452.530837][T10376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.530860][T10376] RIP: 0033:0x7f1fb139bf79 [ 452.530878][T10376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 452.530901][T10376] RSP: 002b:00007f1fb218a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 452.530922][T10376] RAX: ffffffffffffffda RBX: 00007f1fb1615fa0 RCX: 00007f1fb139bf79 [ 452.530938][T10376] RDX: 0000000000000012 RSI: 0000200000000080 RDI: 0000000000000004 [ 452.530951][T10376] RBP: 00007f1fb218a090 R08: 0000000000000000 R09: 0000000000000000 [ 452.530965][T10376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 452.530979][T10376] R13: 00007f1fb1616038 R14: 00007f1fb1615fa0 R15: 00007ffeda513e58 [ 452.531008][T10376] [ 453.933434][T10394] vivid-009: ================= START STATUS ================= [ 453.995640][T10394] vivid-009: Radio HW Seek Mode: Bounded [ 454.002011][T10394] vivid-009: Radio Programmable HW Seek: false [ 454.104082][T10394] vivid-009: RDS Rx I/O Mode: Block I/O [ 454.146050][T10394] vivid-009: Generate RBDS Instead of RDS: false [ 454.205950][T10394] vivid-009: RDS Reception: true [ 454.211019][T10394] vivid-009: RDS Program Type: 0 inactive [ 454.324690][T10394] vivid-009: RDS PS Name: inactive [ 454.329996][T10394] vivid-009: RDS Radio Text: inactive [ 454.407233][T10394] vivid-009: RDS Traffic Announcement: false inactive [ 454.472452][T10394] vivid-009: RDS Traffic Program: false inactive [ 454.532683][T10394] vivid-009: RDS Music: false inactive [ 454.597633][T10394] vivid-009: ================== END STATUS ================== [ 455.187863][T10414] Invalid ELF header magic: != ELF [ 455.427788][T10419] vivid-009: ================= START STATUS ================= [ 455.493055][T10419] vivid-009: Radio HW Seek Mode: Bounded [ 455.536352][T10419] vivid-009: Radio Programmable HW Seek: false [ 455.602156][T10416] Invalid ELF header magic: != ELF [ 455.617836][T10419] vivid-009: RDS Rx I/O Mode: Block I/O [ 455.703291][T10419] vivid-009: Generate RBDS Instead of RDS: false [ 455.772426][T10419] vivid-009: RDS Reception: true [ 455.802507][T10419] vivid-009: RDS Program Type: 0 inactive [ 455.808309][T10419] vivid-009: RDS PS Name: inactive [ 455.929816][T10419] vivid-009: RDS Radio Text: inactive [ 456.004541][T10419] vivid-009: RDS Traffic Announcement: false inactive [ 456.066853][T10419] vivid-009: RDS Traffic Program: false inactive [ 456.097152][T10419] vivid-009: RDS Music: false inactive [ 456.131555][T10419] vivid-009: ================== END STATUS ================== [ 458.809347][T10463] vivid-009: ================= START STATUS ================= [ 458.840862][T10463] vivid-009: Radio HW Seek Mode: Bounded [ 458.892491][T10463] vivid-009: Radio Programmable HW Seek: false [ 458.944154][T10463] vivid-009: RDS Rx I/O Mode: Block I/O [ 458.982497][T10463] vivid-009: Generate RBDS Instead of RDS: false [ 459.068242][T10463] vivid-009: RDS Reception: true [ 459.112523][T10463] vivid-009: RDS Program Type: 0 inactive [ 459.160592][T10463] vivid-009: RDS PS Name: inactive [ 459.208405][T10463] vivid-009: RDS Radio Text: inactive [ 459.275840][T10463] vivid-009: RDS Traffic Announcement: false inactive [ 459.348608][T10463] vivid-009: RDS Traffic Program: false inactive [ 459.402577][T10463] vivid-009: RDS Music: false inactive [ 459.495150][T10463] vivid-009: ================== END STATUS ================== [ 460.606202][T10484] FAULT_INJECTION: forcing a failure. [ 460.606202][T10484] name failslab, interval 1, probability 0, space 0, times 0 [ 460.694217][T10484] CPU: 0 UID: 0 PID: 10484 Comm: syz.3.1020 Tainted: G L syzkaller #0 PREEMPT(full) [ 460.694255][T10484] Tainted: [L]=SOFTLOCKUP [ 460.694264][T10484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 460.694278][T10484] Call Trace: [ 460.694286][T10484] [ 460.694294][T10484] dump_stack_lvl+0x100/0x190 [ 460.694333][T10484] should_fail_ex.cold+0x5/0xa [ 460.694359][T10484] ? tomoyo_encode2+0xfb/0x3c0 [ 460.694393][T10484] should_failslab+0xc2/0x120 [ 460.694423][T10484] __kmalloc_noprof+0xe0/0x850 [ 460.694445][T10484] ? d_absolute_path+0x136/0x1b0 [ 460.694485][T10484] tomoyo_encode2+0xfb/0x3c0 [ 460.694518][T10484] tomoyo_encode+0x29/0x50 [ 460.694546][T10484] tomoyo_realpath_from_path+0x18c/0x690 [ 460.694583][T10484] tomoyo_path_number_perm+0x23c/0x580 [ 460.694607][T10484] ? tomoyo_path_number_perm+0x22e/0x580 [ 460.694634][T10484] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 460.694658][T10484] ? futex_wait+0x125/0x380 [ 460.694713][T10484] ? find_held_lock+0x2b/0x80 [ 460.694744][T10484] ? __fget_files+0x215/0x3d0 [ 460.694766][T10484] ? hook_file_ioctl_common+0x146/0x410 [ 460.694797][T10484] ? __fget_files+0x21f/0x3d0 [ 460.694826][T10484] security_file_ioctl+0xd3/0x230 [ 460.694852][T10484] __x64_sys_ioctl+0xb7/0x210 [ 460.694891][T10484] do_syscall_64+0x106/0xf80 [ 460.694926][T10484] ? clear_bhb_loop+0x40/0x90 [ 460.694955][T10484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.694980][T10484] RIP: 0033:0x7f1fb139bf79 [ 460.694999][T10484] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 460.695023][T10484] RSP: 002b:00007f1fb218a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 460.695046][T10484] RAX: ffffffffffffffda RBX: 00007f1fb1615fa0 RCX: 00007f1fb139bf79 [ 460.695062][T10484] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004 [ 460.695076][T10484] RBP: 00007f1fb14327e0 R08: 0000000000000000 R09: 0000000000000000 [ 460.695091][T10484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 460.695105][T10484] R13: 00007f1fb1616038 R14: 00007f1fb1615fa0 R15: 00007ffeda513e58 [ 460.695135][T10484] [ 460.695155][T10484] ERROR: Out of memory at tomoyo_realpath_from_path. [ 461.064856][T10491] Invalid ELF header magic: != ELF [ 462.274284][ T6785] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 462.824799][T10520] random: crng reseeded on system resumption [ 464.593647][T10563] vivid-009: ================= START STATUS ================= [ 464.638932][T10563] vivid-009: Radio HW Seek Mode: Bounded [ 464.671022][T10563] vivid-009: Radio Programmable HW Seek: false [ 464.701670][T10563] vivid-009: RDS Rx I/O Mode: Block I/O [ 464.744410][T10563] vivid-009: Generate RBDS Instead of RDS: false [ 464.800884][T10563] vivid-009: RDS Reception: true [ 464.859728][T10563] vivid-009: RDS Program Type: 0 inactive [ 464.941745][T10563] vivid-009: RDS PS Name: inactive [ 464.969329][T10563] vivid-009: RDS Radio Text: inactive [ 465.022637][T10563] vivid-009: RDS Traffic Announcement: false inactive [ 465.093929][T10563] vivid-009: RDS Traffic Program: false inactive [ 465.107174][T10578] FAULT_INJECTION: forcing a failure. [ 465.107174][T10578] name failslab, interval 1, probability 0, space 0, times 0 [ 465.169681][T10563] vivid-009: RDS Music: false inactive [ 465.183745][T10578] CPU: 0 UID: 0 PID: 10578 Comm: syz.1.1044 Tainted: G L syzkaller #0 PREEMPT(full) [ 465.183783][T10578] Tainted: [L]=SOFTLOCKUP [ 465.183792][T10578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 465.183806][T10578] Call Trace: [ 465.183814][T10578] [ 465.183823][T10578] dump_stack_lvl+0x100/0x190 [ 465.183861][T10578] should_fail_ex.cold+0x5/0xa [ 465.183888][T10578] should_failslab+0xc2/0x120 [ 465.183917][T10578] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 465.183941][T10578] ? __d_alloc+0x34/0xa80 [ 465.183969][T10578] ? __pfx_stack_trace_save+0x10/0x10 [ 465.184008][T10578] __d_alloc+0x34/0xa80 [ 465.184047][T10578] d_alloc_parallel+0x111/0x14e0 [ 465.184094][T10578] ? find_held_lock+0x2b/0x80 [ 465.184126][T10578] ? __d_lookup+0x25c/0x4a0 [ 465.184162][T10578] ? __pfx_d_alloc_parallel+0x10/0x10 [ 465.184203][T10578] ? __d_lookup+0x266/0x4a0 [ 465.184246][T10578] lookup_open.isra.0+0x57c/0x11b0 [ 465.184290][T10578] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 465.184344][T10578] ? mnt_get_write_access+0x1e9/0x2f0 [ 465.184383][T10578] path_openat+0xa98/0x31a0 [ 465.184419][T10578] ? __pfx_path_openat+0x10/0x10 [ 465.184456][T10578] do_file_open+0x20e/0x430 [ 465.184485][T10578] ? __pfx_do_file_open+0x10/0x10 [ 465.184533][T10578] ? alloc_fd+0x476/0x790 [ 465.184560][T10578] ? do_getname+0x191/0x390 [ 465.184594][T10578] do_sys_openat2+0x10d/0x1e0 [ 465.184629][T10578] ? __pfx_do_sys_openat2+0x10/0x10 [ 465.184674][T10578] __x64_sys_openat+0x12d/0x210 [ 465.184713][T10578] ? __pfx___x64_sys_openat+0x10/0x10 [ 465.184747][T10578] ? xfd_validate_state+0x129/0x190 [ 465.184786][T10578] do_syscall_64+0x106/0xf80 [ 465.184822][T10578] ? clear_bhb_loop+0x40/0x90 [ 465.184851][T10578] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.184875][T10578] RIP: 0033:0x7f8ccdb9bf79 [ 465.184894][T10578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 465.184918][T10578] RSP: 002b:00007f8cce9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 465.184941][T10578] RAX: ffffffffffffffda RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9bf79 [ 465.184957][T10578] RDX: 00000000000ca481 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 465.184973][T10578] RBP: 00007f8ccdc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 465.184987][T10578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 465.185001][T10578] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 465.185038][T10578] [ 465.494798][T10563] vivid-009: ================== END STATUS ================== [ 465.502796][T10572] vivid-009: ================= START STATUS ================= [ 465.511361][T10572] vivid-009: Radio HW Seek Mode: Bounded [ 465.517145][T10572] vivid-009: Radio Programmable HW Seek: false [ 465.523388][T10572] vivid-009: RDS Rx I/O Mode: Block I/O [ 465.528979][T10572] vivid-009: Generate RBDS Instead of RDS: false [ 465.535391][T10572] vivid-009: RDS Reception: true [ 465.540357][T10572] vivid-009: RDS Program Type: 0 inactive [ 465.546208][T10572] vivid-009: RDS PS Name: inactive [ 465.551443][T10572] vivid-009: RDS Radio Text: inactive [ 465.557002][T10572] vivid-009: RDS Traffic Announcement: false inactive [ 465.563867][T10572] vivid-009: RDS Traffic Program: false inactive [ 465.570240][T10572] vivid-009: RDS Music: false inactive [ 465.575895][T10572] vivid-009: ================== END STATUS ================== [ 468.383593][T10644] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1060'. [ 468.455356][T10647] netlink: 980 bytes leftover after parsing attributes in process `syz.0.1061'. [ 468.967508][T10653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1064'. [ 469.077135][T10662] netlink: 695 bytes leftover after parsing attributes in process `syz.2.1066'. [ 469.864889][T10679] Invalid ELF header magic: != ELF [ 470.592333][T10692] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1074'. [ 470.639820][T10692] bond0: entered promiscuous mode [ 470.664988][T10692] bond_slave_0: entered promiscuous mode [ 470.686823][T10692] bond_slave_1: entered promiscuous mode [ 470.762775][T10692] bond0: entered allmulticast mode [ 470.790188][T10692] bond_slave_0: entered allmulticast mode [ 470.814009][T10692] bond_slave_1: entered allmulticast mode [ 470.893896][T10696] bond0: invalid ARP target specified [ 471.390057][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 471.398214][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 472.782730][T10719] kvm: vcpu 3: requested lapic timer restore with starting count register 0x390=2424827650 (310377939200 ns) > initial count (223122034688 ns). Using initial count to start timer. [ 473.367316][T10730] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1082'. [ 474.096569][T10744] FAULT_INJECTION: forcing a failure. [ 474.096569][T10744] name failslab, interval 1, probability 0, space 0, times 0 [ 474.154340][T10744] CPU: 0 UID: 0 PID: 10744 Comm: syz.1.1086 Tainted: G L syzkaller #0 PREEMPT(full) [ 474.154380][T10744] Tainted: [L]=SOFTLOCKUP [ 474.154389][T10744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 474.154404][T10744] Call Trace: [ 474.154411][T10744] [ 474.154429][T10744] dump_stack_lvl+0x100/0x190 [ 474.154468][T10744] should_fail_ex.cold+0x5/0xa [ 474.154494][T10744] should_failslab+0xc2/0x120 [ 474.154523][T10744] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 474.154546][T10744] ? alloc_empty_file+0x55/0x1c0 [ 474.154584][T10744] alloc_empty_file+0x55/0x1c0 [ 474.154617][T10744] alloc_file_pseudo+0x13a/0x230 [ 474.154651][T10744] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 474.154685][T10744] ? alloc_fd+0x476/0x790 [ 474.154714][T10744] sock_alloc_file+0x50/0x210 [ 474.154754][T10744] __sys_socket+0x1c0/0x260 [ 474.154779][T10744] ? fput+0x79/0x100 [ 474.154807][T10744] ? __pfx___sys_socket+0x10/0x10 [ 474.154834][T10744] ? xfd_validate_state+0x129/0x190 [ 474.154870][T10744] __x64_sys_socket+0x72/0xb0 [ 474.154896][T10744] ? lockdep_hardirqs_on+0x78/0x100 [ 474.154933][T10744] do_syscall_64+0x106/0xf80 [ 474.154967][T10744] ? clear_bhb_loop+0x40/0x90 [ 474.154996][T10744] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 474.155021][T10744] RIP: 0033:0x7f8ccdb9bf79 [ 474.155040][T10744] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 474.155063][T10744] RSP: 002b:00007f8cce9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 474.155086][T10744] RAX: ffffffffffffffda RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9bf79 [ 474.155103][T10744] RDX: 0000000000000106 RSI: 000000000000000a RDI: 0000000000000002 [ 474.155117][T10744] RBP: 00007f8ccdc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 474.155131][T10744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 474.155145][T10744] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 474.155185][T10744] [ 474.367950][T10750] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1087'. [ 475.357739][T10767] Invalid ELF header magic: != ELF [ 476.013887][T10776] random: crng reseeded on system resumption [ 477.636073][T10781] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1093'. [ 479.746101][T10828] FAULT_INJECTION: forcing a failure. [ 479.746101][T10828] name fail_futex, interval 1, probability 0, space 0, times 0 [ 479.850085][T10828] CPU: 0 UID: 0 PID: 10828 Comm: syz.1.1100 Tainted: G L syzkaller #0 PREEMPT(full) [ 479.850124][T10828] Tainted: [L]=SOFTLOCKUP [ 479.850133][T10828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 479.850148][T10828] Call Trace: [ 479.850156][T10828] [ 479.850165][T10828] dump_stack_lvl+0x100/0x190 [ 479.850203][T10828] should_fail_ex.cold+0x5/0xa [ 479.850229][T10828] get_futex_key+0x1d2/0x1620 [ 479.850270][T10828] ? __pfx_get_futex_key+0x10/0x10 [ 479.850306][T10828] ? find_held_lock+0x2b/0x80 [ 479.850337][T10828] ? futex_wake+0x456/0x530 [ 479.850371][T10828] futex_wake+0xea/0x530 [ 479.850400][T10828] ? __pfx_futex_wake+0x10/0x10 [ 479.850431][T10828] ? ksys_write+0x190/0x250 [ 479.850454][T10828] ? ksys_write+0x190/0x250 [ 479.850482][T10828] do_futex+0x32b/0x350 [ 479.850505][T10828] ? __pfx_do_futex+0x10/0x10 [ 479.850535][T10828] __x64_sys_futex+0x34f/0x4d0 [ 479.850560][T10828] ? lock_timer+0x210/0x3a0 [ 479.850582][T10828] ? __pfx___x64_sys_futex+0x10/0x10 [ 479.850608][T10828] ? lock_timer+0x21f/0x3a0 [ 479.850635][T10828] do_syscall_64+0x106/0xf80 [ 479.850670][T10828] ? clear_bhb_loop+0x40/0x90 [ 479.850706][T10828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.850731][T10828] RIP: 0033:0x7f8ccdb9bf79 [ 479.850750][T10828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 479.850774][T10828] RSP: 002b:00007f8cce9cc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 479.850796][T10828] RAX: ffffffffffffffda RBX: 00007f8ccde16098 RCX: 00007f8ccdb9bf79 [ 479.850813][T10828] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8ccde1609c [ 479.850827][T10828] RBP: 00007f8ccde16090 R08: 0000000000000000 R09: 0000000000000000 [ 479.850842][T10828] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 479.850857][T10828] R13: 00007f8ccde16128 R14: 00007ffdcd511e70 R15: 00007ffdcd511f58 [ 479.850887][T10828] [ 480.260836][ T30] audit: type=1800 audit(4294967484.210:14): pid=10823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1100" name="lu_gp_id" dev="configfs" ino=130086 res=0 errno=0 [ 480.331156][T10836] FAULT_INJECTION: forcing a failure. [ 480.331156][T10836] name failslab, interval 1, probability 0, space 0, times 0 [ 480.354869][T10836] CPU: 0 UID: 0 PID: 10836 Comm: syz.1.1105 Tainted: G L syzkaller #0 PREEMPT(full) [ 480.354909][T10836] Tainted: [L]=SOFTLOCKUP [ 480.354918][T10836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 480.354932][T10836] Call Trace: [ 480.354940][T10836] [ 480.354949][T10836] dump_stack_lvl+0x100/0x190 [ 480.354986][T10836] should_fail_ex.cold+0x5/0xa [ 480.355013][T10836] ? sk_prot_alloc+0x10b/0x2a0 [ 480.355035][T10836] should_failslab+0xc2/0x120 [ 480.355066][T10836] __kmalloc_noprof+0xe0/0x850 [ 480.355096][T10836] sk_prot_alloc+0x10b/0x2a0 [ 480.355122][T10836] sk_alloc+0x36/0xe80 [ 480.355155][T10836] __netlink_create+0x5e/0x2c0 [ 480.355185][T10836] ? __wake_up+0x3f/0x60 [ 480.355222][T10836] netlink_create+0x293/0x610 [ 480.355255][T10836] ? __pfx_genl_bind+0x10/0x10 [ 480.355276][T10836] ? __pfx_genl_unbind+0x10/0x10 [ 480.355297][T10836] ? __pfx_genl_release+0x10/0x10 [ 480.355323][T10836] __sock_create+0x339/0x860 [ 480.355353][T10836] __sys_socket+0x14d/0x260 [ 480.355378][T10836] ? __pfx_task_work_run+0x10/0x10 [ 480.355406][T10836] ? __pfx___sys_socket+0x10/0x10 [ 480.355432][T10836] ? xfd_validate_state+0x129/0x190 [ 480.355468][T10836] __x64_sys_socket+0x72/0xb0 [ 480.355494][T10836] ? lockdep_hardirqs_on+0x78/0x100 [ 480.355531][T10836] do_syscall_64+0x106/0xf80 [ 480.355565][T10836] ? clear_bhb_loop+0x40/0x90 [ 480.355594][T10836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 480.355617][T10836] RIP: 0033:0x7f8ccdb9bf79 [ 480.355636][T10836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 480.355660][T10836] RSP: 002b:00007f8cce9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 480.355692][T10836] RAX: ffffffffffffffda RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9bf79 [ 480.355708][T10836] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 480.355722][T10836] RBP: 00007f8ccdc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 480.355738][T10836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 480.355753][T10836] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 480.355783][T10836] [ 482.524100][T10855] No such timeout policy "" [ 482.562821][T10855] netlink: Failed to associated timeout policy '' syzkaller syzkaller login: [ 484.189179][T10911] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 485.419172][T10941] Invalid ELF header magic: != ELF [ 486.075533][T10950] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1129'. [ 488.506187][T10994] FAULT_INJECTION: forcing a failure. [ 488.506187][T10994] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 488.590342][T10994] CPU: 0 UID: 0 PID: 10994 Comm: syz.2.1139 Tainted: G L syzkaller #0 PREEMPT(full) [ 488.590380][T10994] Tainted: [L]=SOFTLOCKUP [ 488.590388][T10994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 488.590402][T10994] Call Trace: [ 488.590409][T10994] [ 488.590419][T10994] dump_stack_lvl+0x100/0x190 [ 488.590460][T10994] should_fail_ex.cold+0x5/0xa [ 488.590485][T10994] _copy_to_user+0x32/0xd0 [ 488.590512][T10994] simple_read_from_buffer+0xcb/0x170 [ 488.590553][T10994] proc_fail_nth_read+0x1af/0x230 [ 488.590580][T10994] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 488.590607][T10994] ? rw_verify_area+0xce/0x6d0 [ 488.590642][T10994] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 488.590668][T10994] vfs_read+0x1e4/0xb30 [ 488.590693][T10994] ? __pfx_vfs_read+0x10/0x10 [ 488.590714][T10994] ? __fget_files+0x215/0x3d0 [ 488.590755][T10994] ? __fget_files+0x21f/0x3d0 [ 488.590785][T10994] ksys_read+0x12a/0x250 [ 488.590806][T10994] ? __pfx_ksys_read+0x10/0x10 [ 488.590836][T10994] do_syscall_64+0x106/0xf80 [ 488.590869][T10994] ? clear_bhb_loop+0x40/0x90 [ 488.590896][T10994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 488.590919][T10994] RIP: 0033:0x7f2f89f5c84e [ 488.590936][T10994] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 488.590966][T10994] RSP: 002b:00007f2f881f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 488.590987][T10994] RAX: ffffffffffffffda RBX: 00007f2f881f66c0 RCX: 00007f2f89f5c84e [ 488.591002][T10994] RDX: 000000000000000f RSI: 00007f2f881f60a0 RDI: 0000000000000005 [ 488.591015][T10994] RBP: 00007f2f881f6090 R08: 0000000000000000 R09: 0000000000000000 [ 488.591029][T10994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 488.591042][T10994] R13: 00007f2f8a216038 R14: 00007f2f8a215fa0 R15: 00007ffe44c5d6f8 [ 488.591091][T10994] [ 489.996215][T11027] vivid-009: ================= START STATUS ================= [ 490.082485][T11027] vivid-009: Radio HW Seek Mode: Bounded [ 490.138534][T11027] vivid-009: Radio Programmable HW Seek: false [ 490.185157][T11027] vivid-009: RDS Rx I/O Mode: Block I/O [ 490.262904][T11027] vivid-009: Generate RBDS Instead of RDS: false [ 490.346531][T11027] vivid-009: RDS Reception: true [ 490.422720][T11027] vivid-009: RDS Program Type: 0 inactive [ 490.498428][T11027] vivid-009: RDS PS Name: inactive [ 490.571482][T11027] vivid-009: RDS Radio Text: inactive [ 490.653542][T11027] vivid-009: RDS Traffic Announcement: false inactive [ 490.660409][T11027] vivid-009: RDS Traffic Program: false inactive [ 490.748929][T11027] vivid-009: RDS Music: false inactive [ 490.771946][T11027] vivid-009: ================== END STATUS ================== [ 491.162145][T11054] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1151'. [ 491.202012][T11054] netlink: 'syz.3.1151': attribute type 3 has an invalid length. [ 491.226789][T11054] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1151'. [ 491.792187][T11067] FAULT_INJECTION: forcing a failure. [ 491.792187][T11067] name failslab, interval 1, probability 0, space 0, times 0 [ 491.879884][T11067] CPU: 0 UID: 0 PID: 11067 Comm: syz.0.1156 Tainted: G L syzkaller #0 PREEMPT(full) [ 491.879924][T11067] Tainted: [L]=SOFTLOCKUP [ 491.879932][T11067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 491.879946][T11067] Call Trace: [ 491.879954][T11067] [ 491.879963][T11067] dump_stack_lvl+0x100/0x190 [ 491.880002][T11067] should_fail_ex.cold+0x5/0xa [ 491.880028][T11067] should_failslab+0xc2/0x120 [ 491.880058][T11067] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 491.880081][T11067] ? __kernfs_new_node+0xd2/0x960 [ 491.880119][T11067] __kernfs_new_node+0xd2/0x960 [ 491.880153][T11067] ? __pfx___kernfs_new_node+0x10/0x10 [ 491.880192][T11067] ? find_held_lock+0x2b/0x80 [ 491.880225][T11067] ? kernfs_root+0xee/0x2a0 [ 491.880254][T11067] ? kernfs_root+0xee/0x2a0 [ 491.880291][T11067] kernfs_new_node+0x11b/0x1a0 [ 491.880331][T11067] __kernfs_create_file+0x53/0x350 [ 491.880360][T11067] sysfs_add_file_mode_ns+0x207/0x3c0 [ 491.880396][T11067] internal_create_group+0x593/0xf40 [ 491.880442][T11067] ? __pfx_internal_create_group+0x10/0x10 [ 491.880479][T11067] ? kernfs_create_link+0x1bd/0x240 [ 491.880514][T11067] internal_create_groups+0x9d/0x150 [ 491.880549][T11067] device_add+0x77a/0x1950 [ 491.880574][T11067] ? __pfx_device_add+0x10/0x10 [ 491.880594][T11067] ? __pfx___might_resched+0x10/0x10 [ 491.880622][T11067] ? lockdep_hardirqs_on+0x78/0x100 [ 491.880667][T11067] __add_disk+0x518/0xe40 [ 491.880717][T11067] add_disk_fwnode+0x118/0x5c0 [ 491.880760][T11067] loop_add+0x90b/0xb60 [ 491.880786][T11067] ? __pfx_loop_add+0x10/0x10 [ 491.880831][T11067] ? find_held_lock+0x2b/0x80 [ 491.880861][T11067] ? __fget_files+0x215/0x3d0 [ 491.880888][T11067] loop_control_ioctl+0xae/0x620 [ 491.880922][T11067] ? __pfx_loop_control_ioctl+0x10/0x10 [ 491.880954][T11067] ? __pfx_loop_control_ioctl+0x10/0x10 [ 491.880984][T11067] __x64_sys_ioctl+0x18e/0x210 [ 491.881023][T11067] do_syscall_64+0x106/0xf80 [ 491.881057][T11067] ? clear_bhb_loop+0x40/0x90 [ 491.881086][T11067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 491.881110][T11067] RIP: 0033:0x7f1566b9bf79 [ 491.881129][T11067] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 491.881153][T11067] RSP: 002b:00007f1564df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 491.881176][T11067] RAX: ffffffffffffffda RBX: 00007f1566e15fa0 RCX: 00007f1566b9bf79 [ 491.881192][T11067] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 000000000000000d [ 491.881207][T11067] RBP: 00007f1566c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 491.881222][T11067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 491.881237][T11067] R13: 00007f1566e16038 R14: 00007f1566e15fa0 R15: 00007ffdd6ec00c8 [ 491.881267][T11067] [ 493.531536][T11106] FAULT_INJECTION: forcing a failure. [ 493.531536][T11106] name fail_futex, interval 1, probability 0, space 0, times 0 [ 493.563127][T11107] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 493.592233][T11106] CPU: 0 UID: 0 PID: 11106 Comm: syz.2.1169 Tainted: G L syzkaller #0 PREEMPT(full) [ 493.592273][T11106] Tainted: [L]=SOFTLOCKUP [ 493.592281][T11106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 493.592296][T11106] Call Trace: [ 493.592303][T11106] [ 493.592312][T11106] dump_stack_lvl+0x100/0x190 [ 493.592355][T11106] should_fail_ex.cold+0x5/0xa [ 493.592381][T11106] get_futex_key+0x1d2/0x1620 [ 493.592423][T11106] ? __pfx_get_futex_key+0x10/0x10 [ 493.592491][T11106] futex_wait_setup+0x81/0x500 [ 493.592528][T11106] __futex_wait+0x19f/0x300 [ 493.592559][T11106] ? __pfx___futex_wait+0x10/0x10 [ 493.592593][T11106] ? __pfx_futex_wake_mark+0x10/0x10 [ 493.592625][T11106] ? futex_hash+0x2c5/0x380 [ 493.592671][T11106] futex_wait+0xed/0x380 [ 493.592699][T11106] ? __pfx_futex_wait+0x10/0x10 [ 493.592735][T11106] ? vfs_write+0x15d/0x1070 [ 493.592759][T11106] ? __pfx_odev_write+0x10/0x10 [ 493.592786][T11106] do_futex+0x1ef/0x350 [ 493.592809][T11106] ? __pfx_do_futex+0x10/0x10 [ 493.592830][T11106] ? __pfx_do_sys_openat2+0x10/0x10 [ 493.592866][T11106] ? __do_sys_close_range+0x230/0x740 [ 493.592898][T11106] __x64_sys_futex+0x34f/0x4d0 [ 493.592925][T11106] ? __pfx___x64_sys_futex+0x10/0x10 [ 493.592948][T11106] ? xfd_validate_state+0x129/0x190 [ 493.592979][T11106] ? fdget_raw+0x12b/0x1b0 [ 493.593010][T11106] do_syscall_64+0x106/0xf80 [ 493.593046][T11106] ? clear_bhb_loop+0x40/0x90 [ 493.593075][T11106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.593099][T11106] RIP: 0033:0x7f2f89f9bf79 [ 493.593118][T11106] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 493.593140][T11106] RSP: 002b:00007f2f881f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 493.593163][T11106] RAX: ffffffffffffffda RBX: 00007f2f8a215fa8 RCX: 00007f2f89f9bf79 [ 493.593179][T11106] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2f8a215fa8 [ 493.593194][T11106] RBP: 00007f2f8a215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 493.593208][T11106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 493.593222][T11106] R13: 00007f2f8a216038 R14: 00007ffe44c5d610 R15: 00007ffe44c5d6f8 [ 493.593251][T11106] [ 494.001049][T11116] netlink: 'syz.1.1170': attribute type 11 has an invalid length. [ 494.009038][T11116] netlink: 'syz.1.1170': attribute type 11 has an invalid length. [ 494.017430][T11116] netlink: 'syz.1.1170': attribute type 11 has an invalid length. [ 494.232760][T11120] FAULT_INJECTION: forcing a failure. [ 494.232760][T11120] name fail_futex, interval 1, probability 0, space 0, times 0 [ 494.286820][T11120] CPU: 0 UID: 8 PID: 11120 Comm: syz.3.1171 Tainted: G L syzkaller #0 PREEMPT(full) [ 494.286858][T11120] Tainted: [L]=SOFTLOCKUP [ 494.286865][T11120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 494.286879][T11120] Call Trace: [ 494.286886][T11120] [ 494.286895][T11120] dump_stack_lvl+0x100/0x190 [ 494.286932][T11120] should_fail_ex.cold+0x5/0xa [ 494.286957][T11120] get_futex_key+0x295/0x1620 [ 494.286997][T11120] ? __pfx_get_futex_key+0x10/0x10 [ 494.287031][T11120] ? lock_acquire+0x17c/0x330 [ 494.287063][T11120] futex_wake+0xea/0x530 [ 494.287092][T11120] ? __pfx_futex_wake+0x10/0x10 [ 494.287119][T11120] ? exit_mm_release+0x19/0x30 [ 494.287149][T11120] do_futex+0x32b/0x350 [ 494.287171][T11120] ? __pfx_do_futex+0x10/0x10 [ 494.287199][T11120] ? __might_fault+0xc5/0x140 [ 494.287228][T11120] mm_release+0x24a/0x2f0 [ 494.287262][T11120] do_exit+0x675/0x2a30 [ 494.287296][T11120] ? __pfx_do_exit+0x10/0x10 [ 494.287321][T11120] ? do_raw_spin_lock+0x128/0x260 [ 494.287348][T11120] ? find_held_lock+0x2b/0x80 [ 494.287378][T11120] ? get_signal+0x7e0/0x21e0 [ 494.287420][T11120] do_group_exit+0xd5/0x2a0 [ 494.287448][T11120] get_signal+0x1ec7/0x21e0 [ 494.287492][T11120] ? __pfx_get_signal+0x10/0x10 [ 494.287527][T11120] ? do_futex+0x192/0x350 [ 494.287551][T11120] arch_do_signal_or_restart+0x91/0x770 [ 494.287577][T11120] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 494.287608][T11120] ? __pfx___x64_sys_futex+0x10/0x10 [ 494.287629][T11120] ? xfd_validate_state+0x129/0x190 [ 494.287662][T11120] exit_to_user_mode_loop+0x86/0x4a0 [ 494.287685][T11120] ? rcu_is_watching+0x12/0xc0 [ 494.287715][T11120] do_syscall_64+0x668/0xf80 [ 494.287750][T11120] ? clear_bhb_loop+0x40/0x90 [ 494.287777][T11120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 494.287800][T11120] RIP: 0033:0x7f1fb139bf79 [ 494.287818][T11120] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 494.287841][T11120] RSP: 002b:00007f1fb218a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 494.287862][T11120] RAX: fffffffffffffe00 RBX: 00007f1fb1615fa8 RCX: 00007f1fb139bf79 [ 494.287878][T11120] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1fb1615fa8 [ 494.287892][T11120] RBP: 00007f1fb1615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 494.287906][T11120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 494.287919][T11120] R13: 00007f1fb1616038 R14: 00007ffeda513d70 R15: 00007ffeda513e58 [ 494.287949][T11120] [ 495.902751][T11146] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 495.946772][T11146] nvme_fcloop: unknown parameter or missing value '7=";&L=j"Yq'R"' [ 495.971258][T11149] FAULT_INJECTION: forcing a failure. [ 495.971258][T11149] name failslab, interval 1, probability 0, space 0, times 0 [ 496.028991][T11149] CPU: 0 UID: 0 PID: 11149 Comm: syz.1.1180 Tainted: G L syzkaller #0 PREEMPT(full) [ 496.029031][T11149] Tainted: [L]=SOFTLOCKUP [ 496.029039][T11149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 496.029054][T11149] Call Trace: [ 496.029061][T11149] [ 496.029070][T11149] dump_stack_lvl+0x100/0x190 [ 496.029109][T11149] should_fail_ex.cold+0x5/0xa [ 496.029135][T11149] ? constrain_params_by_rules+0x175/0xcc0 [ 496.029166][T11149] should_failslab+0xc2/0x120 [ 496.029196][T11149] __kmalloc_noprof+0xe0/0x850 [ 496.029219][T11149] ? unwind_get_return_address+0x59/0xa0 [ 496.029269][T11149] constrain_params_by_rules+0x175/0xcc0 [ 496.029308][T11149] ? stack_trace_save+0x8e/0xc0 [ 496.029345][T11149] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 496.029384][T11149] ? __kasan_kmalloc+0xaa/0xb0 [ 496.029406][T11149] ? snd_pcm_oss_change_params_locked+0x247/0x39f0 [ 496.029435][T11149] ? snd_pcm_oss_make_ready+0xeb/0x1b0 [ 496.029461][T11149] ? snd_pcm_oss_sync+0x1de/0x840 [ 496.029497][T11149] ? rcu_is_watching+0x12/0xc0 [ 496.029526][T11149] ? snd_interval_refine+0x2d0/0x580 [ 496.029569][T11149] snd_pcm_hw_refine+0x7e7/0xad0 [ 496.029606][T11149] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 496.029648][T11149] ? __asan_memset+0x23/0x50 [ 496.029685][T11149] ? _snd_pcm_hw_param_min+0x1ea/0x670 [ 496.029716][T11149] snd_pcm_oss_change_params_locked+0x2594/0x39f0 [ 496.029746][T11149] ? trace_contention_end+0x70/0x110 [ 496.029783][T11149] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 496.029812][T11149] ? __pfx___mutex_lock+0x10/0x10 [ 496.029874][T11149] snd_pcm_oss_make_ready+0xeb/0x1b0 [ 496.029908][T11149] snd_pcm_oss_sync+0x1de/0x840 [ 496.029941][T11149] snd_pcm_oss_release+0x238/0x300 [ 496.029970][T11149] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 496.030000][T11149] __fput+0x3ff/0xb40 [ 496.030037][T11149] task_work_run+0x150/0x240 [ 496.030066][T11149] ? __pfx_task_work_run+0x10/0x10 [ 496.030102][T11149] exit_to_user_mode_loop+0x100/0x4a0 [ 496.030126][T11149] ? rcu_is_watching+0x12/0xc0 [ 496.030159][T11149] do_syscall_64+0x668/0xf80 [ 496.030193][T11149] ? clear_bhb_loop+0x40/0x90 [ 496.030223][T11149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 496.030246][T11149] RIP: 0033:0x7f8ccdb9bf79 [ 496.030272][T11149] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 496.030295][T11149] RSP: 002b:00007f8cce9ed028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 496.030318][T11149] RAX: 0000000000000000 RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9bf79 [ 496.030334][T11149] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 496.030348][T11149] RBP: 00007f8ccdc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 496.030363][T11149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 496.030377][T11149] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 496.030408][T11149] [ 497.159865][T11172] Invalid ELF header magic: != ELF [ 498.546112][T11205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1193'. [ 499.743008][T11235] rnbd_client L213: map_device: Parameters missing [ 501.880596][T11282] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1209'. [ 502.311609][T11296] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1215'. [ 502.728212][T11305] Invalid ELF header magic: != ELF [ 503.079425][T11317] Invalid ELF header magic: != ELF [ 503.135569][T11311] zswap: compressor not available [ 505.017322][ T6785] Bluetooth: hci3: unexpected event 0x0f length: 440 > 4 [ 505.018196][ T6785] Bluetooth: hci3: unexpected event for opcode 0x0010 [ 505.395860][T11354] pci 0000:00:00.0: MSI/MSI-X allowed for future drivers [ 505.428728][T11358] usbip-vudc usbip-vudc.0: gadget not bound [ 505.783232][T11368] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1229'. [ 505.899485][T11371] kvm: vcpu 3: requested lapic timer restore with starting count register 0x390=2424827650 (310377939200 ns) > initial count (223122034688 ns). Using initial count to start timer. [ 506.145796][T11377] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1232'. [ 507.664010][T11418] FAULT_INJECTION: forcing a failure. [ 507.664010][T11418] name failslab, interval 1, probability 0, space 0, times 0 [ 507.848436][T11418] CPU: 0 UID: 0 PID: 11418 Comm: syz.2.1242 Tainted: G L syzkaller #0 PREEMPT(full) [ 507.848476][T11418] Tainted: [L]=SOFTLOCKUP [ 507.848485][T11418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 507.848499][T11418] Call Trace: [ 507.848506][T11418] [ 507.848515][T11418] dump_stack_lvl+0x100/0x190 [ 507.848554][T11418] should_fail_ex.cold+0x5/0xa [ 507.848581][T11418] should_failslab+0xc2/0x120 [ 507.848609][T11418] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 507.848633][T11418] ? create_new_namespaces+0x30/0xac0 [ 507.848675][T11418] create_new_namespaces+0x30/0xac0 [ 507.848709][T11418] ? bpf_lsm_capable+0x9/0x10 [ 507.848740][T11418] ? security_capable+0x80/0x260 [ 507.848780][T11418] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 507.848818][T11418] ksys_unshare+0x455/0xab0 [ 507.848845][T11418] ? __pfx_ksys_unshare+0x10/0x10 [ 507.848875][T11418] ? xfd_validate_state+0x129/0x190 [ 507.848914][T11418] __x64_sys_unshare+0x31/0x40 [ 507.848938][T11418] do_syscall_64+0x106/0xf80 [ 507.848974][T11418] ? clear_bhb_loop+0x40/0x90 [ 507.849003][T11418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.849026][T11418] RIP: 0033:0x7f2f89f9bf79 [ 507.849045][T11418] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 507.849068][T11418] RSP: 002b:00007f2f881f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 507.849091][T11418] RAX: ffffffffffffffda RBX: 00007f2f8a215fa0 RCX: 00007f2f89f9bf79 [ 507.849107][T11418] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 507.849122][T11418] RBP: 00007f2f8a0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 507.849136][T11418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 507.849150][T11418] R13: 00007f2f8a216038 R14: 00007f2f8a215fa0 R15: 00007ffe44c5d6f8 [ 507.849180][T11418] [ 508.084264][T11420] WARNING! power/level is deprecated; use power/control instead [ 509.074635][ T6785] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 509.083542][ T6785] Bluetooth: hci3: Injecting HCI hardware error event [ 509.092452][ T7380] Bluetooth: hci3: hardware error 0x00 [ 510.540371][T11459] random: crng reseeded on system resumption [ 510.690625][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 510.698137][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.152461][ T7380] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 511.774610][T11465] FAULT_INJECTION: forcing a failure. [ 511.774610][T11465] name failslab, interval 1, probability 0, space 0, times 0 [ 511.824772][T11465] CPU: 0 UID: 0 PID: 11465 Comm: syz.0.1251 Tainted: G L syzkaller #0 PREEMPT(full) [ 511.824815][T11465] Tainted: [L]=SOFTLOCKUP [ 511.824824][T11465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 511.824839][T11465] Call Trace: [ 511.824846][T11465] [ 511.824856][T11465] dump_stack_lvl+0x100/0x190 [ 511.824895][T11465] should_fail_ex.cold+0x5/0xa [ 511.824926][T11465] ? lsm_blob_alloc+0x68/0x90 [ 511.824957][T11465] should_failslab+0xc2/0x120 [ 511.824987][T11465] __kmalloc_noprof+0xe0/0x850 [ 511.825017][T11465] lsm_blob_alloc+0x68/0x90 [ 511.825049][T11465] security_sk_alloc+0x2d/0x290 [ 511.825089][T11465] sk_prot_alloc+0x12a/0x2a0 [ 511.825115][T11465] sk_alloc+0x36/0xe80 [ 511.825149][T11465] __netlink_create+0x5e/0x2c0 [ 511.825180][T11465] ? __wake_up+0x3f/0x60 [ 511.825217][T11465] netlink_create+0x293/0x610 [ 511.825250][T11465] ? __pfx_genl_bind+0x10/0x10 [ 511.825272][T11465] ? __pfx_genl_unbind+0x10/0x10 [ 511.825293][T11465] ? __pfx_genl_release+0x10/0x10 [ 511.825319][T11465] __sock_create+0x339/0x860 [ 511.825350][T11465] __sys_socket+0x14d/0x260 [ 511.825377][T11465] ? __do_sys_close_range+0x25d/0x740 [ 511.825404][T11465] ? __pfx___sys_socket+0x10/0x10 [ 511.825431][T11465] ? xfd_validate_state+0x129/0x190 [ 511.825467][T11465] __x64_sys_socket+0x72/0xb0 [ 511.825494][T11465] ? lockdep_hardirqs_on+0x78/0x100 [ 511.825530][T11465] do_syscall_64+0x106/0xf80 [ 511.825565][T11465] ? clear_bhb_loop+0x40/0x90 [ 511.825594][T11465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.825618][T11465] RIP: 0033:0x7f1566b9bf79 [ 511.825637][T11465] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 511.825661][T11465] RSP: 002b:00007f1564df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 511.825684][T11465] RAX: ffffffffffffffda RBX: 00007f1566e15fa0 RCX: 00007f1566b9bf79 [ 511.825701][T11465] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 511.825715][T11465] RBP: 00007f1566c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 511.825730][T11465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 511.825744][T11465] R13: 00007f1566e16038 R14: 00007f1566e15fa0 R15: 00007ffdd6ec00c8 [ 511.825775][T11465] [ 512.415977][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 512.427694][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 514.122939][T11499] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1260'. [ 516.488291][T11556] FAULT_INJECTION: forcing a failure. [ 516.488291][T11556] name failslab, interval 1, probability 0, space 0, times 0 [ 516.575930][T11556] CPU: 0 UID: 0 PID: 11556 Comm: syz.1.1273 Tainted: G L syzkaller #0 PREEMPT(full) [ 516.575971][T11556] Tainted: [L]=SOFTLOCKUP [ 516.575979][T11556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 516.575992][T11556] Call Trace: [ 516.575999][T11556] [ 516.576008][T11556] dump_stack_lvl+0x100/0x190 [ 516.576043][T11556] should_fail_ex.cold+0x5/0xa [ 516.576068][T11556] should_failslab+0xc2/0x120 [ 516.576097][T11556] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 516.576120][T11556] ? alloc_inode+0x183/0x250 [ 516.576159][T11556] alloc_inode+0x183/0x250 [ 516.576191][T11556] new_inode+0x22/0x1c0 [ 516.576221][T11556] ? dput.part.0+0xdd/0x570 [ 516.576254][T11556] simple_fill_super+0x2d9/0x680 [ 516.576283][T11556] ? __pfx_nfsd_fill_super+0x10/0x10 [ 516.576320][T11556] nfsd_fill_super+0x98/0x560 [ 516.576354][T11556] ? __pfx_set_anon_super_fc+0x10/0x10 [ 516.576391][T11556] ? __pfx_nfsd_fill_super+0x10/0x10 [ 516.576426][T11556] get_tree_keyed+0x10e/0x1d0 [ 516.576449][T11556] vfs_get_tree+0x92/0x320 [ 516.576483][T11556] path_mount+0x7d0/0x23d0 [ 516.576524][T11556] ? __pfx_path_mount+0x10/0x10 [ 516.576550][T11556] ? lockdep_hardirqs_on+0x78/0x100 [ 516.576587][T11556] ? putname+0xb1/0x110 [ 516.576611][T11556] ? kmem_cache_free+0x124/0x670 [ 516.576656][T11556] ? __x64_sys_mount+0x293/0x310 [ 516.576683][T11556] __x64_sys_mount+0x293/0x310 [ 516.576713][T11556] ? __pfx___x64_sys_mount+0x10/0x10 [ 516.576750][T11556] do_syscall_64+0x106/0xf80 [ 516.576785][T11556] ? clear_bhb_loop+0x40/0x90 [ 516.576812][T11556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 516.576836][T11556] RIP: 0033:0x7f8ccdb9bf79 [ 516.576855][T11556] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 516.576878][T11556] RSP: 002b:00007f8cce9cc028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 516.576900][T11556] RAX: ffffffffffffffda RBX: 00007f8ccde16090 RCX: 00007f8ccdb9bf79 [ 516.576915][T11556] RDX: 0000200000000140 RSI: 0000200000000040 RDI: 0000000000000000 [ 516.576930][T11556] RBP: 00007f8cce9cc090 R08: 0000000000000000 R09: 0000000000000000 [ 516.576944][T11556] R10: 00000000c0ed0000 R11: 0000000000000246 R12: 0000000000000002 [ 516.576959][T11556] R13: 00007f8ccde16128 R14: 00007f8ccde16090 R15: 00007ffdcd511f58 [ 516.576989][T11556] [ 516.982743][T11549] Process accounting resumed [ 517.973835][T11569] zswap: compressor not available [ 518.122961][ T30] audit: type=1800 audit(4294967522.200:15): pid=11588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1279" name="lu_gp_id" dev="configfs" ino=134630 res=0 errno=0 [ 518.154180][T11588] FAULT_INJECTION: forcing a failure. [ 518.154180][T11588] name failslab, interval 1, probability 0, space 0, times 0 [ 518.216856][T11588] CPU: 0 UID: 0 PID: 11588 Comm: syz.1.1279 Tainted: G L syzkaller #0 PREEMPT(full) [ 518.216893][T11588] Tainted: [L]=SOFTLOCKUP [ 518.216901][T11588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 518.216916][T11588] Call Trace: [ 518.216923][T11588] [ 518.216932][T11588] dump_stack_lvl+0x100/0x190 [ 518.216970][T11588] should_fail_ex.cold+0x5/0xa [ 518.216997][T11588] should_failslab+0xc2/0x120 [ 518.217026][T11588] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 518.217051][T11588] ? sock_alloc_inode+0x25/0x1c0 [ 518.217077][T11588] ? __pfx_sock_alloc_inode+0x10/0x10 [ 518.217137][T11588] sock_alloc_inode+0x25/0x1c0 [ 518.217160][T11588] alloc_inode+0x68/0x250 [ 518.217194][T11588] sock_alloc+0x44/0x280 [ 518.217230][T11588] ? security_socket_create+0x7f/0x250 [ 518.217268][T11588] __sock_create+0xc2/0x860 [ 518.217335][T11588] __sys_socket+0x14d/0x260 [ 518.217362][T11588] ? __fget_files+0x21f/0x3d0 [ 518.217391][T11588] ? __pfx___sys_socket+0x10/0x10 [ 518.217419][T11588] ? xfd_validate_state+0x129/0x190 [ 518.217456][T11588] __x64_sys_socket+0x72/0xb0 [ 518.217482][T11588] ? lockdep_hardirqs_on+0x78/0x100 [ 518.217518][T11588] do_syscall_64+0x106/0xf80 [ 518.217552][T11588] ? clear_bhb_loop+0x40/0x90 [ 518.217582][T11588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 518.217606][T11588] RIP: 0033:0x7f8ccdb9bf79 [ 518.217638][T11588] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 518.217661][T11588] RSP: 002b:00007f8cce9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 518.217684][T11588] RAX: ffffffffffffffda RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9bf79 [ 518.217699][T11588] RDX: 0000000000000088 RSI: 0000000000000002 RDI: 0000000000000029 [ 518.217715][T11588] RBP: 00007f8ccdc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 518.217729][T11588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 518.217744][T11588] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 518.217774][T11588] [ 518.217797][T11588] socket: no more sockets [ 519.426890][T11608] FAULT_INJECTION: forcing a failure. [ 519.426890][T11608] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 519.504927][T11608] CPU: 0 UID: 0 PID: 11608 Comm: syz.1.1283 Tainted: G L syzkaller #0 PREEMPT(full) [ 519.504964][T11608] Tainted: [L]=SOFTLOCKUP [ 519.504972][T11608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 519.504986][T11608] Call Trace: [ 519.504994][T11608] [ 519.505002][T11608] dump_stack_lvl+0x100/0x190 [ 519.505039][T11608] should_fail_ex.cold+0x5/0xa [ 519.505065][T11608] _copy_to_user+0x32/0xd0 [ 519.505092][T11608] io_query+0x395/0x6e0 [ 519.505131][T11608] ? __pfx_io_query+0x10/0x10 [ 519.505169][T11608] ? find_held_lock+0x2b/0x80 [ 519.505219][T11608] __do_sys_io_uring_register+0x982/0x1a50 [ 519.505259][T11608] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 519.505294][T11608] ? __fget_files+0x21f/0x3d0 [ 519.505322][T11608] ? fput+0x79/0x100 [ 519.505351][T11608] ? ksys_write+0x1ac/0x250 [ 519.505373][T11608] ? __pfx_ksys_write+0x10/0x10 [ 519.505411][T11608] do_syscall_64+0x106/0xf80 [ 519.505446][T11608] ? clear_bhb_loop+0x40/0x90 [ 519.505475][T11608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.505497][T11608] RIP: 0033:0x7f8ccdb9bf79 [ 519.505515][T11608] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 519.505538][T11608] RSP: 002b:00007f8cce9ed028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 519.505560][T11608] RAX: ffffffffffffffda RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9bf79 [ 519.505575][T11608] RDX: 00002000000000c0 RSI: 0000000000000023 RDI: 0000000000000002 [ 519.505589][T11608] RBP: 00007f8cce9ed090 R08: 0000000000000000 R09: 0000000000000000 [ 519.505602][T11608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 519.505615][T11608] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 519.505645][T11608] [ 519.792924][T11618] FAULT_INJECTION: forcing a failure. [ 519.792924][T11618] name failslab, interval 1, probability 0, space 0, times 0 [ 519.806409][T11618] CPU: 0 UID: 0 PID: 11618 Comm: syz.1.1287 Tainted: G L syzkaller #0 PREEMPT(full) [ 519.806453][T11618] Tainted: [L]=SOFTLOCKUP [ 519.806461][T11618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 519.806475][T11618] Call Trace: [ 519.806484][T11618] [ 519.806493][T11618] dump_stack_lvl+0x100/0x190 [ 519.806531][T11618] should_fail_ex.cold+0x5/0xa [ 519.806555][T11618] ? rebuild_sched_domains_locked+0x51/0x980 [ 519.806592][T11618] should_failslab+0xc2/0x120 [ 519.806620][T11618] __kmalloc_noprof+0xe0/0x850 [ 519.806649][T11618] rebuild_sched_domains_locked+0x51/0x980 [ 519.806692][T11618] rebuild_sched_domains+0x21/0x40 [ 519.806727][T11618] sched_rt_handler+0xb5/0xe0 [ 519.806758][T11618] proc_sys_call_handler+0x47f/0x5a0 [ 519.806796][T11618] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 519.806838][T11618] vfs_write+0x6ac/0x1070 [ 519.806862][T11618] ? __pfx_proc_sys_write+0x10/0x10 [ 519.806898][T11618] ? __pfx_vfs_write+0x10/0x10 [ 519.806939][T11618] ksys_write+0x12a/0x250 [ 519.806961][T11618] ? __pfx_ksys_write+0x10/0x10 [ 519.806992][T11618] do_syscall_64+0x106/0xf80 [ 519.807026][T11618] ? clear_bhb_loop+0x40/0x90 [ 519.807054][T11618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.807077][T11618] RIP: 0033:0x7f8ccdb9bf79 [ 519.807096][T11618] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 519.807119][T11618] RSP: 002b:00007f8cce9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 519.807148][T11618] RAX: ffffffffffffffda RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9bf79 [ 519.807164][T11618] RDX: 00000000000000f6 RSI: 0000200000000000 RDI: 0000000000000003 [ 519.807178][T11618] RBP: 00007f8cce9ed090 R08: 0000000000000000 R09: 0000000000000000 [ 519.807192][T11618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 519.807206][T11618] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 519.807236][T11618] [ 519.807288][T11618] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 520.016943][T11618] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 520.025375][T11618] CPU: 0 UID: 0 PID: 11618 Comm: syz.1.1287 Tainted: G L syzkaller #0 PREEMPT(full) [ 520.036331][T11618] Tainted: [L]=SOFTLOCKUP [ 520.040677][T11618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 520.050745][T11618] RIP: 0010:rebuild_sched_domains_locked+0x2aa/0x980 [ 520.057458][T11618] Code: 7d 05 00 41 83 c4 01 89 de 48 83 c5 08 44 89 e7 e8 fb 76 05 00 41 39 dc 0f 8d 4c 04 00 00 e8 fd 7c 05 00 48 89 e8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 1d 06 00 00 48 8b 04 24 48 23 45 00 31 ff 44 [ 520.077340][T11618] RSP: 0018:ffffc900030f7bc0 EFLAGS: 00010246 [ 520.083421][T11618] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000020 [ 520.091400][T11618] RDX: ffff888028b45ac0 RSI: ffffffff8200f003 RDI: ffffffff8df14f20 [ 520.099560][T11618] RBP: 0000000000000000 R08: 0000000000000cc0 R09: 00000000ffffffff [ 520.107542][T11618] R10: ffffffff8e7d95b3 R11: 0000000000000001 R12: 0000000000000000 [ 520.115523][T11618] R13: 00000000000f4240 R14: dffffc0000000000 R15: 0000000000000000 [ 520.123505][T11618] FS: 00007f8cce9ed6c0(0000) GS:ffff8881245a5000(0000) knlGS:0000000000000000 [ 520.132452][T11618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 520.139087][T11618] CR2: 0000001b30263fff CR3: 000000002f0c8000 CR4: 00000000003526f0 [ 520.147181][T11618] Call Trace: [ 520.150472][T11618] [ 520.153419][T11618] rebuild_sched_domains+0x21/0x40 [ 520.158562][T11618] sched_rt_handler+0xb5/0xe0 [ 520.163259][T11618] proc_sys_call_handler+0x47f/0x5a0 [ 520.168573][T11618] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 520.174408][T11618] vfs_write+0x6ac/0x1070 [ 520.178754][T11618] ? __pfx_proc_sys_write+0x10/0x10 [ 520.183975][T11618] ? __pfx_vfs_write+0x10/0x10 [ 520.188761][T11618] ksys_write+0x12a/0x250 [ 520.193631][T11618] ? __pfx_ksys_write+0x10/0x10 [ 520.198497][T11618] do_syscall_64+0x106/0xf80 [ 520.203110][T11618] ? clear_bhb_loop+0x40/0x90 [ 520.207809][T11618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 520.213716][T11618] RIP: 0033:0x7f8ccdb9bf79 [ 520.218158][T11618] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 520.237881][T11618] RSP: 002b:00007f8cce9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 520.246314][T11618] RAX: ffffffffffffffda RBX: 00007f8ccde15fa0 RCX: 00007f8ccdb9bf79 [ 520.254296][T11618] RDX: 00000000000000f6 RSI: 0000200000000000 RDI: 0000000000000003 [ 520.262278][T11618] RBP: 00007f8cce9ed090 R08: 0000000000000000 R09: 0000000000000000 [ 520.270304][T11618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 520.278289][T11618] R13: 00007f8ccde16038 R14: 00007f8ccde15fa0 R15: 00007ffdcd511f58 [ 520.286279][T11618] [ 520.289305][T11618] Modules linked in: [ 520.294241][T11618] ---[ end trace 0000000000000000 ]--- [ 520.374865][T11620] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1284'. [ 520.598832][T11618] RIP: 0010:rebuild_sched_domains_locked+0x2aa/0x980 [ 520.617567][T11618] Code: 7d 05 00 41 83 c4 01 89 de 48 83 c5 08 44 89 e7 e8 fb 76 05 00 41 39 dc 0f 8d 4c 04 00 00 e8 fd 7c 05 00 48 89 e8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 1d 06 00 00 48 8b 04 24 48 23 45 00 31 ff 44 [ 520.643518][T11618] RSP: 0018:ffffc900030f7bc0 EFLAGS: 00010246 [ 520.649746][T11618] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000020 [ 520.666841][T11618] RDX: ffff888028b45ac0 RSI: ffffffff8200f003 RDI: ffffffff8df14f20 [ 520.677149][T11618] RBP: 0000000000000000 R08: 0000000000000cc0 R09: 00000000ffffffff [ 520.685492][T11618] R10: ffffffff8e7d95b3 R11: 0000000000000001 R12: 0000000000000000 [ 520.693906][T11618] R13: 00000000000f4240 R14: dffffc0000000000 R15: 0000000000000000 [ 520.703514][T11618] FS: 00007f8cce9ed6c0(0000) GS:ffff8881245a5000(0000) knlGS:0000000000000000 [ 520.712779][T11618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 520.719457][T11618] CR2: 00007f8ccdbe96c0 CR3: 000000002f0c8000 CR4: 00000000003526f0 [ 520.727943][T11618] Kernel panic - not syncing: Fatal exception [ 520.734088][T11618] Kernel Offset: disabled [ 520.738452][T11618] Rebooting in 86400 seconds..