last executing test programs: 5.740615113s ago: executing program 0 (id=860): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) lseek$auto(0x3, 0x7fffffffffffffff, 0x3) (async) lseek$auto(0x3, 0x7fffffffffffffff, 0x3) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x700000000000000) socket(0x10, 0x2, 0x0) (async) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x5}, 0x7, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) (async) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) (async) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec11\x00', 0x0, 0x0) 5.271718117s ago: executing program 0 (id=861): r0 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x80, 0x9, 0x0) mq_notify$auto(r0, &(0x7f0000000180)={@sival_int, @raw=0x1, 0x1, @_sigev_thread={0x0, 0x0}}) socket(0x2, 0x2, 0x73) r1 = socket(0x2, 0x80002, 0x73) bind$auto(r1, &(0x7f0000000340)=@l2tp={0x2, 0x0, @multicast2, 0x4}, 0x6b) read$auto_ep0_operations_inode(r0, 0x0, 0x0) 5.144463585s ago: executing program 0 (id=863): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x1d, 0x2, 0x6) r0 = getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x80802, 0x0) r2 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) fanotify_init$auto(0x65, 0x2) r3 = socket(0x28, 0x1, 0x0) getsockopt$auto(r3, 0x28, 0x2, 0x0, 0x0) close_range$auto(r0, 0xffffffffffffffff, 0x8000) mmap$auto(0x40000, 0x20009, 0x4000000000e3, 0x200000000eb1, 0x401, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r4, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0) pipe$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) write$auto(0xca, &(0x7f00000000c0)='\x04>9\x1d!\xe0\x00\x94\xf2\xa2\x00\x00', 0x7e) clock_gettime$auto(0x1164, 0x0) r5 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) statx$auto(r5, 0x0, 0x401006, 0x4015, 0x0) setsockopt$auto(r1, 0x80000, 0x10000, 0x0, 0x88) write$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) shutdown$auto(0x200000003, 0x2) 4.360362518s ago: executing program 0 (id=864): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = pipe$auto(&(0x7f0000000080)=r0) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000140), r1) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000100)={0x14, r2, 0x1, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r3 = socket(0xa, 0x801, 0x84) getsockopt$auto(r3, 0x84, 0x7, 0x0, &(0x7f0000000280)) prctl$auto(0x1000000003b, 0x1, 0x4, 0x2, 0x7) r4 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r6, &(0x7f0000003900)='\t', 0x1) sendfile$auto(0x1, r5, 0x0, 0x40000000c0d) getdents64$auto(r4, &(0x7f00000000c0)={0x7, 0xffffffffffffffd3, 0xe, 0xf, "6a8ffedfb1a6c0e1"}, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 2.705803864s ago: executing program 1 (id=872): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x202000c, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/kvm/max_mmu_rmap_size\x00', 0xa2500, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nbd3\x00', 0x0, 0x0) socket(0xa, 0x801, 0x84) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) close_range$auto(0x2, 0x8000, 0x0) r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000001240), 0x40, 0x0) ioctl$auto(r3, 0x3b8e, r2) read$auto_stat_fops_per_vm_kvm_main(r1, 0x0, 0x0) writev$auto(r0, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) r4 = socket(0x1d, 0x3, 0x1) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) listen$auto(0x3, 0x83) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) getsockname$auto(r4, 0x0, 0x0) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000240)=ANY=[@ANYBLOB="010026bd7000ffdbdf25020000002c00048027000a80aa37d9c0ce63ce"], 0x40}, 0x1, 0x0, 0x0, 0x40040801}, 0x4000) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYRES16, @ANYBLOB="4f08af5d06c76a12a81cd14c5574ede048c690f283da78b70b1426820f172e27cf8935aead0350fae93ae94c60e55749e751bffb554ee3d936e68e05320e7a5f85719a7fa8517a119f4cc86b63d2d4fbfcf8e398df5b6354156d77fe395311c848d4b609dc518faecca5d7fa68a4b54351cbdb1ce7880f5cda7719"], 0xf0}, 0x1, 0x0, 0x0, 0xc84}, 0x40040d4) r5 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r5, &(0x7f0000008d40)='($}-)#@\x00', 0x40) 2.560682443s ago: executing program 1 (id=873): r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, 0x0, 0x0, 0x0) pread64$auto(r0, 0x0, 0x104, 0x3) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) ioctl$auto_BLKTRACESETUP32(0xffffffffffffffff, 0xc0401273, &(0x7f0000000280)={"69082f41bba005cf5c4ed4ac56d25a9685d12a08fa9a2f356b119e55032f6311", 0x400, 0x6, 0x56, 0x8, 0x6}) r1 = setfsuid$auto(0xee01) keyctl$auto_KEYCTL_GET_PERSISTENT(0x16, r1, 0x7fffffffffffffff, 0xffffffffffffe6d6, 0x2) msgctl$auto_MSG_STAT(0x80000000, 0xb, &(0x7f00000003c0)={{0x1, 0xee01, 0xffffffffffffffff, 0x80, 0xd5a, 0x7d, 0x2}, 0x0, &(0x7f0000000380)=0x2, 0x7, 0x80, 0x6, 0x0, 0xe7, 0x8c, 0xfffa, 0x4, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff}) shmctl$auto_SHM_LOCK(0x9, 0xb, &(0x7f0000000640)={{0xb, 0x0, 0xffffffffffffffff, 0x9, 0x1, 0x8, 0xffff}, 0x8, 0x3ff, 0x6, 0x7, @inferred=0xffffffffffffffff, @inferred, 0x9, 0x0, &(0x7f0000000540), 0x0}) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa101, 0x0) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = socket(0x1d, 0x2, 0x6) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40) sendmsg$auto_NL80211_CMD_GET_KEY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x1, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8004}, 0x500) sendmsg$auto_GTP_CMD_NEWPDP(r2, 0x0, 0x800) unshare$auto(0x40000080) 2.401434503s ago: executing program 3 (id=874): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x40, 0x1c, 0x3000, 0x6, 0x6, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x80003, 0x7f, 0x10000002, 0x6}, {0x3, 0x3, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c2, 0x8000c, 0x100000000}}) mmap$auto(0x0, 0x20009, 0xb17a, 0xeb1, 0x3fd, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty41\x00', 0x109101, 0x0) (async) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty41\x00', 0x109101, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r1) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x44, r2, 0x1, 0x70bd26, 0x25dfdbf7, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x81}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000040}, 0x2000c840) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x14, 0x0) (async) sysfs$auto(0x2, 0x14, 0x0) r3 = fsopen$auto(0x0, 0x1) fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x40, &(0x7f0000000240)={0x1200, 0x5, 0x10000, 0xd, 0x5b77b906, 0x0, 0xffffffffffffffff, [0xcfa, 0xe5d, 0x7fff], {0x10, 0x38, 0x9, 0x4, 0x4, 0x3, 0x402, 0x3, 0xffff}, {0x1ffffffe, 0x9, 0x7, 0x2, 0x2, 0xffff13a7, 0x0, 0x449e, 0x1}}) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0xc, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x6, 0xb, 0x1, 0xced80000000000, 0x5, 0x6, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0) (async) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0xc, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x6, 0xb, 0x1, 0xced80000000000, 0x5, 0x6, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0) r4 = socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x100000000000035, 0x0) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0) (async) fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x2, 0xc, 0x5a}) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000180)="20c7c83b2a03c121630931a9c9fcbfde9c0bfd13157086d0ea970503ff91b8d38a7a013ab1632589f0685d99524ab89f9ab5bac06bf62ce4ff16e3d3177adf29c12ec333e71b242195687ca894bfa3e1409e00d134c6139d27f362a7775833f178763c1d304727e84c87b6b7fe5483c266f5a7ca35a460cdd9fcc41727bab8ca1dbbcd9ce39cc377c49043b5cfbf407f086c5cde9207f2a6b735cdf4fc914159c19c552f3f822cd2b46617fe6b9626a3584c04712a5037", 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0xfffffffa) (async) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000180)="20c7c83b2a03c121630931a9c9fcbfde9c0bfd13157086d0ea970503ff91b8d38a7a013ab1632589f0685d99524ab89f9ab5bac06bf62ce4ff16e3d3177adf29c12ec333e71b242195687ca894bfa3e1409e00d134c6139d27f362a7775833f178763c1d304727e84c87b6b7fe5483c266f5a7ca35a460cdd9fcc41727bab8ca1dbbcd9ce39cc377c49043b5cfbf407f086c5cde9207f2a6b735cdf4fc914159c19c552f3f822cd2b46617fe6b9626a3584c04712a5037", 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0xfffffffa) openat$auto_dmaengine_summary_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x80100, 0x0) (async) openat$auto_dmaengine_summary_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x80100, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) (async) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) chdir$auto(&(0x7f0000000040)='./file0\x00') ioctl$auto(r0, 0x5602, r0) 2.283852559s ago: executing program 2 (id=875): r0 = open(&(0x7f0000000180)='./cgroup\x00', 0x80000, 0x4cb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x11, 0x3, 0x2) lseek$auto(r0, 0x1, 0x0) getdents$auto(r0, 0x0, 0x62d4) 2.071503339s ago: executing program 3 (id=876): r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0x1) syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x57) mmap$auto(0x4, 0xffff, 0x6, 0x800000000000eb1, r0, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) adjtimex$auto(0x0) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.954618049s ago: executing program 3 (id=877): r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000280), 0x109201, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/4096, 0x1000) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) ioctl$auto_VHOST_SET_VRING_CALL2(0xffffffffffffffff, 0x4008af21, 0x0) socket(0x2a, 0x2, 0x1) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/ldiscs\x00', 0x2000, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0x4, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x2, 0x68, 0x8000001c, 0xcd4, 0xb, 0x401, 0xf25c, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x6, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0xfffffffffffffffe]}, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000080), 0x301000, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000000)) close_range$auto(0x2, 0x8000, 0x0) bpf$auto_BPF_MAP_CREATE(0x0, &(0x7f0000001240)=@link_update={r0, @new_map_fd, 0xfffffe00}, 0x1) 1.873132592s ago: executing program 0 (id=878): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0xa, 0x1, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x93, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000019}, 0x40001) socket(0x10, 0x2, 0x0) keyctl$auto_KEYCTL_WATCH_KEY(0x20, 0x97, r0, 0x1, 0x3) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x7fff, 0x2) r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/maps\x00', 0xb3d43, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f0000000140)={[0x9, 0x5, 0xb, 0xa63f, 0x7fffffff, 0x6, 0x9, 0x5f, 0x7d2ee4e8, 0x6a7, 0x1, 0x5, 0x2, 0x5, 0x7, 0x5]}, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(r3, 0x0, 0x40100000a3d5) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0) ioctl$auto_PROCMAP_QUERY(r1, 0xc0686611, &(0x7f0000000300)={0x7f, 0x3b, 0x9, 0x1e4, 0x5, 0x8001, 0x7d6, 0x4, 0x1, 0xbfae, 0x7, 0x1, 0x10d9b, 0x8000000000, 0x2}) 1.830256761s ago: executing program 2 (id=879): mmap$auto(0x1, 0x400004, 0x800df, 0x9b72, 0x2, 0x0) clock_adjtime$auto(0x17, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram6\x00', 0x4ee02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0) socket(0x15, 0x5, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/modules\x00', 0x88400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x2002, 0x0) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/mem\x00', 0x68200, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/clockevents/clockevent1/uevent\x00', 0x7c9100, 0x0) socket(0xa, 0x3, 0x3a) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x88) io_uring_setup$auto(0x800, 0x0) r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto(r1, 0x540a, r0) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) 1.591976754s ago: executing program 1 (id=880): r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, 0x0, 0x1, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x22a02, 0x0) setsockopt$auto_SO_ERROR(r1, 0x7ff, 0x4, 0x0, 0x7f) mremap$auto(0x200001000000, 0x4, 0x4, 0x3, 0x100000000) mmap$auto(0x8, 0x6, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x1a, 0x0) r2 = fsopen$auto(0x0, 0x1) close_range$auto(0xffffffffffffffff, r0, 0x4000009) statmount$auto(&(0x7f0000000100)={0x4, @raw=0x7, 0x8, 0x1, 0x3}, &(0x7f0000000280)={0x8, 0x90, 0x9, 0xe, 0x7fff, 0x4, 0xff, 0xfc6, 0x8, 0x4, 0x0, 0xb, 0x8, 0x8, 0x7, 0x4, 0xfffffffffffffffe, 0xffffffff, 0x0, 0x1, 0x1, 0x4, 0x7, 0xfffffffc, 0xf, 0x0, 0x7, 0x1ff, 0xfff, 0x1ff, 0x1, [0x28, 0xffff, 0x0, 0x2, 0x2, 0x9, 0x3, 0x3, 0x9, 0x5d, 0x8000, 0xfd, 0x4, 0x100, 0x7, 0x3, 0x9, 0x2, 0x10000, 0x2c, 0x1, 0x4, 0x1, 0x1000, 0x1ff, 0x6, 0x0, 0x1, 0x2, 0x56c, 0x7f, 0x5, 0x0, 0x100, 0x1ce8, 0x2f, 0x8, 0x0, 0x8, 0x8, 0x8, 0x6, 0x6], "86b8ce4a56fcdcf8527ac03c7a023092fbb606fffb4278444c6ef03a7cbb31f2b07eeaa296fb496a7dc036818cf980551a44f36a82149dab2cfddddda509d794dcf03b494e565f670dfff902034ff090b0517b002017687788f177341a6433ef545d98343636d330698b0a636adab5a7f819148150e9cc137eb635e52c27bfde905851f429655210fdfe2605c4935853ee3b1cf871"}, 0xffff, 0x66) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001700)='/sys/devices/virtual/block/nbd15/queue/read_ahead_kb\x00', 0x8102, 0x0) write$auto(r5, &(0x7f00000001c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x100000002) r6 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ram2\x00', 0x200000, 0x0) ioctl$auto_BLKPG(r7, 0x1269, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001600)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="1b0026bc7000fddbdf2503000000040008000c00038008001100", @ANYRES32=r4, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0x0, 0x810004, 0xffa, 0x8000000008011, r3, 0x8000) madvise$auto(0x0, 0x400053, 0x9) futex$auto(&(0x7f00000000c0)=0x84, 0x8a, 0x1, 0x0, 0x0, 0x20000001) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x15, 0x5, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000600)=""/4096, 0x1000) r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000540)='/proc/self/net/rpc/nfs4.idtoname/content\x00', 0x2840, 0x0) write$auto_proc_reg_file_ops_compat_inode(r8, &(0x7f0000000580)="3223e9fb55f139a803e82e93be931452c548b425a0043582b69073e2a1271e29ec9a501d6933b911eb1106e6af8e9f0abe7933ca2ab48433741caa4559ea993cea33c9ad22ced3640eac264f4054f5e622312be21e82bc6d4e876cc658", 0x5d) clock_getres$auto(0x2, &(0x7f0000000140)={0x8001, 0x5}) r9 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) write$auto_sg_fops_sg(r9, &(0x7f0000000240)="4a020000a000000000000000000000000700924d1b3c5d2e00000000fdd2adc245a4fe3a61af156016d2e122228118b035ab", 0x32) 1.569115839s ago: executing program 2 (id=881): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRESDEC=0x0, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800) r0 = socket(0x8, 0x4, 0x23) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c00"], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) socket(0x2, 0x801, 0x106) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000040)={0x5, 0x0, [{0x40000010, 0x7, 0x1000}]}) 1.560905493s ago: executing program 3 (id=882): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x202000c, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/kvm/max_mmu_rmap_size\x00', 0xa2500, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nbd3\x00', 0x0, 0x0) socket(0xa, 0x801, 0x84) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace\x00', 0x2, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) close_range$auto(0x2, 0x8000, 0x0) r2 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000001240), 0x40, 0x0) ioctl$auto(r2, 0x3b8e, 0xffffffffffffffff) read$auto_stat_fops_per_vm_kvm_main(r1, 0x0, 0x0) writev$auto(r0, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) r3 = socket(0x1d, 0x3, 0x1) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) listen$auto(0x3, 0x83) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) getsockname$auto(r3, 0x0, 0x0) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000240)=ANY=[@ANYBLOB="010026bd7000ffdbdf25020000002c00048027000a80aa37d9c0ce63ce"], 0x40}, 0x1, 0x0, 0x0, 0x40040801}, 0x4000) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYRES16, @ANYBLOB="4f08af5d06c76a12a81cd14c5574ede048c690f283da78b70b1426820f172e27cf8935aead0350fae93ae94c60e55749e751bffb554ee3d936e68e05320e7a5f85719a7fa8517a119f4cc86b63d2d4fbfcf8e398df5b6354156d77fe395311c848d4b609dc518faecca5d7fa68a4b54351cbdb1ce7880f5cda7719"], 0xf0}, 0x1, 0x0, 0x0, 0xc84}, 0x40040d4) r4 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r4, &(0x7f0000008d40)='($}-)#@\x00', 0x40) 1.244609532s ago: executing program 3 (id=883): mmap$auto(0x0, 0x1ff, 0xa, 0x1000000000000eb1, 0xfffffffffffffffa, 0x8000) (async) unshare$auto(0x7) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) getcwd$auto(&(0x7f0000000000)=':\x00', 0xb) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.1/usb2/power/wakeup_active\x00', 0xa140, 0x0) (async) mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r3, 0x4068aea3, &(0x7f0000000040)={0xbc}) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) (async) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r3, &(0x7f0000000ec0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000300)={0x17c, r5, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x3}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x7}, @NL80211_ATTR_STA_FLAGS2={0xee, 0x43, "87532be8c02e498868e569265e669fd84a305dc4c62b77b095a40153ac0cf0655a39203f0736ec578cd1e084e4fb456d3395612d42421513a220613332b5a26756c1b3db74d84dfaa704db093e28416b4d65d7c6eb74838535e4a959b6400d4a5814218dc585274fe7241544b870e6cca0b3134437383ffd08bf8db152598bc885326465771475f3252dc87ffd433573975f5e608e97945e0f3cf65677f7df0c5656ca9a9cdb55bf8ea8bfea389071756152f39621a03c5877e6050e36753eae4540aa87ab8d8ebf3b182b9077bb7dcd36b1d15fb76e4229563e21311509be48ff6e9fcc4e04225ed5ef"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x3}, @NL80211_ATTR_DISABLE_EHT={0x4}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_BEACON_TAIL={0x47, 0xf, "12f3d77ca4aefbf49c1ee72dc9996d47a3dec57ccbd1fbae41b5c31b03c37d3aced5254e85e4b951d4ab55f83e957722387a47d34be31c5dea59ff6e78ad6208ddb8fb"}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x1}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x1}]}, 0x17c}, 0x1, 0x0, 0x0, 0x4}, 0x40000) (async) sendmsg$auto_NL80211_CMD_ADD_LINK(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r5, 0x100, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xb}]}, 0x1c}}, 0x4000048) (async) r6 = socket(0xa, 0x5, 0x0) getsockopt$auto(r6, 0x84, 0x10, 0x0, &(0x7f0000000240)=0x10009b) (async) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/122, 0x7a) (async) pidfd_open$auto(0x1, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) (async) open(0x0, 0x22240, 0x155) (async) access$auto(0x0, 0x5) 1.221182383s ago: executing program 2 (id=884): symlink$auto(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000440)='./file0\x00') removexattr$auto(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000001c0)='sysWl\x9ea\xffcesD\xae\xe8?\xefZ\xf2\xab\x05s\x00\x83\x01`s\xc9\xde\xb5\xc9 H\xe7}\x11\b\x80\xda\xdfzi\xc5\xae\xe1<=//)\xe6\x04Ko\'Bo\xb9\xd0\b\xf2\x86\xec\xc9|f\xf2\x9d\x83\x03\xa5\x90\x18\xfdg\xb8\xe8\x85y0\xbe\xdd\xf2s\xfa\xb7\xaa\x85\xd0L+\xf4]\xaf\x86\xf1\xd6v\x94B\xdf8\xc2\xe3W>N\xc7LM\xaa\f\xf9\xed\x84]I\xd5<\xea\x1d\xeb9\xc3\xc2\xdd#\xf2\x83f\xa3]\xb5\xdf\xc2\xe2\x97\x0f\xb0\xffM{\xc4A\x0e\xacz2\x15\xa4\xb5\xd3/\xb0\a<\v\x96\xfc/>fd\vl\xbf\x00i\xb2\xddG\xc6\xd3\xfb\xc1\xe2O\x93\x11J}7\'\xc4;m\xe1\xaa\xbe\x9aujM\xba\x8c\x90D\x81u*\xbf\xba\xb2N\x9a+\xe64\xaa\xe8Kf\x91\x11\x98L\x18\x86\\\xec\x9c\x93d\xc3=w\xc4\xe4\xf1\xf1b\xdd?\x18\xee\x85\x85nAK\xa9t\xac\xdd+aQ24\xf1QPIC\xe1pa?Kc\x85\x1e/\xa2\x05H\x1c\a\xb0\x80\x86\xbeW\xe1&\xbf8{)p\xa11\xe6J\b\xe5\xba\xbc\f\x00d\x06\xcbT\xb7\xab:\xaa\x8d') 1.039689988s ago: executing program 2 (id=885): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r3 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) ioctl$auto_TUNDETACHFILTER(r3, 0x401054d6, &(0x7f0000000080)={0x25, &(0x7f0000000000)={0xe, 0x8, 0x2, @raw=0x1}}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) syz_genetlink_get_family_id$auto_ovs_vport(0x0, r2) r4 = setfsuid$auto(0xee00) r5 = socket(0x1b, 0xa, 0xa) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r5, &(0x7f0000000340)={&(0x7f0000000100), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r1, 0x800, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) setfsuid$auto(r4) sendmsg$auto_TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xb4, 0x0, 0x800, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0xa0, 0x4, 0x0, 0x1, [@generic="c38c015a962196d2d74e458ad86c69f8163251c37f1de236bb350b490ce2e7ff2196a9f47068d185a3bb2dffbe65deaa094b8e2740c87fb31c5f39cef35c7b3174747ba8700d04eb0a8e0407335a9c17b041469313d0d3cca27be2fcdc3f787007c53a5499c0926c4c7a0b310cb8520fb51c797ad71de986b47c0b8ad16c833a8023d7e3c59385bfaadbc233535efb7430b78c8939e0bb964cda076f"]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x20008000}, 0x84) setfsuid$auto(r4) sendmsg$auto_OVS_VPORT_CMD_GET(0xffffffffffffffff, 0x0, 0x4004000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 1.003631254s ago: executing program 3 (id=886): unshare$auto(0x40000080) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x3602, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) sendfile$auto(0x3, 0xffffffffffffffff, 0x0, 0x400000000006) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x101400, 0x0) sendfile$auto(0x2, 0x3, 0x0, 0xc3e0) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x3, 0x2) socket(0x23, 0x80805, 0x0) connect$auto(0x3, &(0x7f0000000140)=@generic={0xa, "000000000000000028ce4e6300"}, 0x3559) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) connect$auto(0x3, 0x0, 0x55) sendmsg$auto(0xffffffffffffffff, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) recvmmsg$auto(0xffffffffffffffff, 0x0, 0xfffffff9, 0x10, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000001380)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xfc\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\r&\xec\xb8\xb1Z\\\xc9L\xb2\t\xddbH|\xffGP\x97)\xb9:nqn\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc$\xa0\xa5\xce\xca\xe1P\xf7\xe5_\xca\xd5\xd8\xa4g_\xb1\x88\x8cAJS\x11\x8b\xd1%a\xe5DPk\x8c\xf9\xfb\xe0+\xdb\x12\x10.F\x00\xc37\xc7\xbf\x80\xbeu\xe1V\xb2\xc5\xc9\x1a\xc7\xdc}!\x10\xb1\",1%\x0e\xeb\x15\x15me\xe1a\x03\x18{\xb03+\x93*vB\xc6\xf1\xc6\xff\xbbt\x04!\xb6\v\xde2\xc9\x89#\xbaR\xee\x13jF%\xf2\x15\x9a\x82&\x89o\xa9\xd9\xbfFY\x90\x8c\xa0\xe4\x9d\xa2\xcd\x9a\xb5TC\xc4\x9d\x9ePb]\xaa\xc7f\x06N\xc5\xfa{\x02Y\xae\xf4(\xaa\x06);{?\x1e\fu\x19b\xdf$,\x01\"\x94\x00\x00\x00\x00\x003\xcfZ\xaf~<\xba\xb7\xa03\x8c\n*krS\x19Q#\x8f\xfbW\xad\xe0\xb3o\xcb\xf7\xda\x87C\x99\x1a\xa8\xc1\xe3\xc6%\xac\x01@*\xa0\xc4\xedn-lT\xe6*?\'\x9dW=\xa7\x03\x06\x83 IT\xa3\x7ff\xb6\x95\xe5\xd2\n\xaf\x87`\xce%\xf6 &\xa7M5I\x9c\x17h\x8c\xa4\x98\x16\xe0\xd9?Y\x7f\xf6\x85_{\xfd9p$B9_\xd8\xf4\x0e\xd0\xfa\xe7\xb0\xb8\xa0\xd7\a\xff.\"\x81\b\xb0\xb4\x84\xac\xad\x1b\x93~_\xea\xfe7\x03\"\xd9\x1d.\xe5{bHX\x14\xa1\bO\x03[^\x85jP\x89\t\x06GI\xb7\x99\xb2zZf\xc8\xd4\x8d\x1c\x1e\x03\xb9\xa7Nt\xae\xfff\xf9\tx\xae\xa8\x05\xb14\xc6\x9b\x1f\xd3\x01#\xc6\nb\xd4\xb4\xc8?\xa7\xe2R\xc1\xcf\xd2\xbc\xae\xd1\xc2\x88\"\xf3\xf0\xc0uQy\xec\xfab\xd6\xcd\x16)\x19*E\vm\x8d\x1bG:\x80\'pJ', 0x4100000a3d7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/tty/ptya7/power/autosuspend_delay_ms\x00', 0x42483, 0x0) 958.688326ms ago: executing program 1 (id=887): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x1000000000009b72, 0x2, 0x800008000) socket(0xa, 0x5, 0x0) r2 = prctl$auto(0x41555856, 0x24, 0x2008, 0x0, 0x0) ioctl$auto(0x3, 0x890b, 0x38) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) mmap$auto(0x10000008, 0x3, 0x53c6, 0x8009b72, r0, 0x20000000028000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r3 = socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) adjtimex$auto(0x0) socket(0x1a, 0x4, 0x7f) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, 0x0) ioctl$auto_BTRFS_IOC_SYNC(r2, 0x9408, 0x0) close_range$auto(r3, r1, 0x100) 887.555737ms ago: executing program 0 (id=888): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x9, 0x200000, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x640, 0x0) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x1) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x49402, 0x0) mmap$auto(0x1, 0x6, 0x200, 0x65b, r2, 0x8000) pwrite64$auto(0xffffffffffffffff, 0x0, 0x1, 0xfffffffffffff800) mmap$auto(0x800, 0x40009, 0x6, 0x9b72, 0x7, 0x4) mmap$auto(0xffffffffffffffff, 0x40009, 0x4000000000000df, 0x9b72, 0x7, 0x28000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtrr\x00', 0x0, 0x0) ioctl$auto(r3, 0xc0184d03, r3) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) socket(0x1e, 0x2, 0x402) mmap$auto(0x0, 0x40000b, 0xdf, 0x9b72, 0x2, 0x108000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) futex$auto(0x0, 0x1, 0x5, 0x0, 0x0, 0x80000001) connect$auto(r3, 0x0, 0x58) 676.318574ms ago: executing program 2 (id=889): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x3, 0x8, 0xfff) prctl$auto(0x8, 0x1, 0x0, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, 0x0, 0x54) r1 = socket(0x28, 0x6, 0x7fffffff) r2 = getsockopt$auto(r1, 0x84, 0x1f, 0x0, &(0x7f0000000080)=0x49b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYRES64=0x0, @ANYRES8=r2, @ANYBLOB="1b0025bd7000f9dbdf2503000000040008001400038010000c800c00098008003b00ac1e000112000100898771f1c19f17790485908286dd00000400028004000800"], 0x48}, 0x1, 0x0, 0x0, 0x2000c0f0}, 0x400c880) write$auto(0x3, 0x0, 0xfffffdef) setresuid$auto(0x0, 0x0, 0xee01) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_bdi_debug_stats_fops_(0xffffffffffffff9c, 0x0, 0x20002, 0x0) bind$auto(0xffffffffffffffff, 0x0, 0x6b) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x2000000080000001, 0x3) 405.878622ms ago: executing program 1 (id=890): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) statx$auto(r0, 0x0, 0x401006, 0x4015, 0x0) r1 = socket(0xa, 0x4, 0xfffffffe) setsockopt$auto(r1, 0x29, 0x30, 0x0, 0x56b) 0s ago: executing program 1 (id=891): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80140, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_clone3(&(0x7f000000dd80)={0xa04400, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58) close_range$auto(0x0, 0xfffffffffffff001, 0x2) (async) socket(0x29, 0x5, 0x0) (async) mmap$auto(0x0, 0xf6, 0xdf, 0xeb1, 0x401, 0x0) (async) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x189002, 0x0) (async) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0) (async) r1 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x101040, 0x0) read$auto_rng_chrdev_ops_core(r1, &(0x7f0000000040)=""/4096, 0xfffffe82) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000b40), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r2, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000340)=ANY=[@ANYRES32=r2, @ANYRES16=r3, @ANYRESOCT=0x0, @ANYBLOB="1ed7504904c59df2465e774c34316d44c46efb883c56ebae51f17617795dd841eeee37d8e053918c3dbe3dc4d6dfc55c502308a45b3c6519bdc52004664c5f302c98357c767a0fbe347f09be4a8901c38ef8af5c11c4f1820462b55875bb9d07a0f046fa40c75c303aa085ab0c27a783f6d916f65376dbc9af089d128b1f81d7c76ee462c360c48cca18be507730b43ee6f79dbd7b73a22bbce5460128f1832f08e7141e3604adb59a73c02a7951bb", @ANYRES64=r3, @ANYRESOCT=r2, @ANYRES64=r3], 0x2c}, 0x1, 0x0, 0x0, 0x44}, 0x84) (async) sendmsg$auto_SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="bb00000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x4000004) (async) unshare$auto(0x40000080) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d399b58", 0xfdef) (async) r5 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r5, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) (async) sendfile$auto(r0, r0, 0x0, 0x2) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000fb3d89cb809172a3320003008000400088"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) kernel console output (not intermixed with test programs): L syzkaller #0 PREEMPT(full) [ 173.710025][ T7161] Tainted: [L]=SOFTLOCKUP [ 173.710030][ T7161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 173.710040][ T7161] Call Trace: [ 173.710046][ T7161] [ 173.710052][ T7161] dump_stack_lvl+0x100/0x190 [ 173.710077][ T7161] should_fail_ex.cold+0x5/0xa [ 173.710098][ T7161] should_failslab+0xc2/0x120 [ 173.710119][ T7161] kmem_cache_alloc_noprof+0x91/0x6a0 [ 173.710137][ T7161] ? __pfx_map_id_range_down+0x10/0x10 [ 173.710160][ T7161] ? security_inode_alloc+0x3b/0x2c0 [ 173.710180][ T7161] security_inode_alloc+0x3b/0x2c0 [ 173.710197][ T7161] inode_init_always_gfp+0xc77/0xfb0 [ 173.710215][ T7161] alloc_inode+0x8e/0x250 [ 173.710234][ T7161] sock_alloc+0x44/0x280 [ 173.710253][ T7161] ? security_socket_create+0x7f/0x250 [ 173.710270][ T7161] __sock_create+0xc2/0x860 [ 173.710294][ T7161] __sys_socket+0x14d/0x260 [ 173.710317][ T7161] ? __pfx___sys_socket+0x10/0x10 [ 173.710344][ T7161] __x64_sys_socket+0x72/0xb0 [ 173.710365][ T7161] ? lockdep_hardirqs_on+0x78/0x100 [ 173.710388][ T7161] do_syscall_64+0x115/0x840 [ 173.710401][ T7161] ? clear_bhb_loop+0x40/0x90 [ 173.710491][ T7161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.710508][ T7161] RIP: 0033:0x7f79f3d9ce59 [ 173.710523][ T7161] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 173.710537][ T7161] RSP: 002b:00007f79f4c80028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 173.710552][ T7161] RAX: ffffffffffffffda RBX: 00007f79f4015fa0 RCX: 00007f79f3d9ce59 [ 173.710562][ T7161] RDX: 0000000000000100 RSI: 0000000000000003 RDI: 0000000000000002 [ 173.710571][ T7161] RBP: 00007f79f3e32e6f R08: 0000000000000000 R09: 0000000000000000 [ 173.710579][ T7161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.710587][ T7161] R13: 00007f79f4016038 R14: 00007f79f4015fa0 R15: 00007fff4bb326a8 [ 173.710606][ T7161] [ 173.710774][ T7161] socket: no more sockets [ 174.054454][ T7167] CPU: 0 UID: 0 PID: 7167 Comm: syz.1.266 Tainted: G L syzkaller #0 PREEMPT(full) [ 174.054491][ T7167] Tainted: [L]=SOFTLOCKUP [ 174.054499][ T7167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 174.054509][ T7167] Call Trace: [ 174.054514][ T7167] [ 174.054521][ T7167] dump_stack_lvl+0x100/0x190 [ 174.054546][ T7167] should_fail_ex.cold+0x5/0xa [ 174.054585][ T7167] should_failslab+0xc2/0x120 [ 174.054609][ T7167] kmem_cache_alloc_noprof+0x91/0x6a0 [ 174.054628][ T7167] ? __pfx_map_id_range_down+0x10/0x10 [ 174.054650][ T7167] ? security_inode_alloc+0x3b/0x2c0 [ 174.054670][ T7167] security_inode_alloc+0x3b/0x2c0 [ 174.054687][ T7167] inode_init_always_gfp+0xc77/0xfb0 [ 174.054706][ T7167] alloc_inode+0x8e/0x250 [ 174.054725][ T7167] new_inode+0x22/0x1c0 [ 174.054742][ T7167] ? dput.part.0+0x4f/0x240 [ 174.054762][ T7167] simple_fill_super+0x2d9/0x680 [ 174.054781][ T7167] ? __pfx_nfsd_fill_super+0x10/0x10 [ 174.054802][ T7167] nfsd_fill_super+0x98/0x560 [ 174.054825][ T7167] ? __pfx_nfsd_fill_super+0x10/0x10 [ 174.054846][ T7167] get_tree_keyed+0x10e/0x1d0 [ 174.054871][ T7167] vfs_get_tree+0x92/0x320 [ 174.054892][ T7167] path_mount+0x7d0/0x23d0 [ 174.054916][ T7167] ? __pfx_path_mount+0x10/0x10 [ 174.054932][ T7167] ? lockdep_hardirqs_on+0x78/0x100 [ 174.054958][ T7167] ? putname+0xb1/0x110 [ 174.054973][ T7167] ? kmem_cache_free+0x127/0x6b0 [ 174.054994][ T7167] ? __x64_sys_mount+0x293/0x310 [ 174.055010][ T7167] __x64_sys_mount+0x293/0x310 [ 174.055029][ T7167] ? __pfx___x64_sys_mount+0x10/0x10 [ 174.055061][ T7167] do_syscall_64+0x115/0x840 [ 174.055075][ T7167] ? clear_bhb_loop+0x40/0x90 [ 174.055094][ T7167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.055110][ T7167] RIP: 0033:0x7f72f1b9ce59 [ 174.055125][ T7167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 174.055140][ T7167] RSP: 002b:00007f72f2993028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 174.055155][ T7167] RAX: ffffffffffffffda RBX: 00007f72f1e15fa0 RCX: 00007f72f1b9ce59 [ 174.055164][ T7167] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 174.055174][ T7167] RBP: 00007f72f1c32e6f R08: 0000000000000000 R09: 0000000000000000 [ 174.055183][ T7167] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 174.055192][ T7167] R13: 00007f72f1e16038 R14: 00007f72f1e15fa0 R15: 00007ffe5d363898 [ 174.055212][ T7167] [ 174.843780][ T7066] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 180.329305][ T7266] device-mapper: ioctl: Unable to rename non-existent device,  to uuid „ [ 180.447528][ T7268] netlink: 'syz.0.285': attribute type 12 has an invalid length. [ 181.467460][ T7276] FAULT_INJECTION: forcing a failure. [ 181.467460][ T7276] name failslab, interval 1, probability 0, space 0, times 0 [ 181.605633][ T7276] CPU: 0 UID: 0 PID: 7276 Comm: syz.1.287 Tainted: G L syzkaller #0 PREEMPT(full) [ 181.605660][ T7276] Tainted: [L]=SOFTLOCKUP [ 181.605666][ T7276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 181.605675][ T7276] Call Trace: [ 181.605681][ T7276] [ 181.605687][ T7276] dump_stack_lvl+0x100/0x190 [ 181.605720][ T7276] should_fail_ex.cold+0x5/0xa [ 181.605742][ T7276] should_failslab+0xc2/0x120 [ 181.605764][ T7276] kmem_cache_alloc_noprof+0x91/0x6a0 [ 181.605783][ T7276] ? trace_kmem_cache_alloc+0xdd/0x100 [ 181.605805][ T7276] ? security_file_alloc+0x34/0x2c0 [ 181.605828][ T7276] security_file_alloc+0x34/0x2c0 [ 181.605847][ T7276] init_file+0x95/0x480 [ 181.605865][ T7276] alloc_empty_file+0x79/0x1c0 [ 181.605884][ T7276] alloc_file_pseudo+0x183/0x290 [ 181.605912][ T7276] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 181.605932][ T7276] ? alloc_fd+0x471/0x7a0 [ 181.605957][ T7276] sock_alloc_file+0x50/0x210 [ 181.606152][ T7276] __sys_socket+0x1c0/0x260 [ 181.606179][ T7276] ? __pfx___sys_socket+0x10/0x10 [ 181.606213][ T7276] __x64_sys_socket+0x72/0xb0 [ 181.606234][ T7276] ? lockdep_hardirqs_on+0x78/0x100 [ 181.606258][ T7276] do_syscall_64+0x115/0x840 [ 181.606271][ T7276] ? clear_bhb_loop+0x40/0x90 [ 181.606290][ T7276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.606312][ T7276] RIP: 0033:0x7f72f1b9ce59 [ 181.606334][ T7276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 181.606361][ T7276] RSP: 002b:00007f72f2993028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 181.606377][ T7276] RAX: ffffffffffffffda RBX: 00007f72f1e15fa0 RCX: 00007f72f1b9ce59 [ 181.606388][ T7276] RDX: 0000000000000100 RSI: 0000000000000003 RDI: 0000000000000002 [ 181.606397][ T7276] RBP: 00007f72f1c32e6f R08: 0000000000000000 R09: 0000000000000000 [ 181.606406][ T7276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 181.606416][ T7276] R13: 00007f72f1e16038 R14: 00007f72f1e15fa0 R15: 00007ffe5d363898 [ 181.606436][ T7276] [ 182.076023][ T7299] vivid-011: ================= START STATUS ================= [ 182.086887][ T7299] vivid-011: Radio HW Seek Mode: Bounded [ 182.094333][ T7299] vivid-011: Radio Programmable HW Seek: false [ 182.105625][ T7299] vivid-011: RDS Rx I/O Mode: Block I/O [ 182.114232][ T7299] vivid-011: Generate RBDS Instead of RDS: false [ 182.135378][ T7299] vivid-011: RDS Reception: true [ 182.166006][ T7299] vivid-011: RDS Program Type: 0 inactive [ 182.197753][ T7299] vivid-011: RDS PS Name: inactive [ 182.266296][ T7299] vivid-011: RDS Radio Text: inactive [ 182.355286][ T7299] vivid-011: RDS Traffic Announcement: false inactive [ 182.412281][ T7299] vivid-011: RDS Traffic Program: false inactive [ 182.490648][ T7299] vivid-011: RDS Music: false inactive [ 182.614975][ T7299] vivid-011: ================== END STATUS ================== [ 182.729307][ T7316] netlink: 28 bytes leftover after parsing attributes in process `syz.2.294'. [ 184.132166][ T7328] FAULT_INJECTION: forcing a failure. [ 184.132166][ T7328] name failslab, interval 1, probability 0, space 0, times 0 [ 184.207563][ T7328] CPU: 0 UID: 0 PID: 7328 Comm: syz.3.295 Tainted: G L syzkaller #0 PREEMPT(full) [ 184.207590][ T7328] Tainted: [L]=SOFTLOCKUP [ 184.207596][ T7328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 184.207605][ T7328] Call Trace: [ 184.207611][ T7328] [ 184.207617][ T7328] dump_stack_lvl+0x100/0x190 [ 184.207641][ T7328] should_fail_ex.cold+0x5/0xa [ 184.207718][ T7328] should_failslab+0xc2/0x120 [ 184.207741][ T7328] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 184.207760][ T7328] ? find_held_lock+0x2b/0x80 [ 184.207779][ T7328] ? __d_alloc+0x35/0xa50 [ 184.207798][ T7328] __d_alloc+0x35/0xa50 [ 184.207816][ T7328] d_alloc_pseudo+0x1c/0xc0 [ 184.207836][ T7328] alloc_file_pseudo+0x118/0x290 [ 184.207858][ T7328] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 184.207877][ T7328] ? alloc_fd+0x471/0x7a0 [ 184.207894][ T7328] sock_alloc_file+0x50/0x210 [ 184.207915][ T7328] __sys_socket+0x1c0/0x260 [ 184.207942][ T7328] ? __pfx___sys_socket+0x10/0x10 [ 184.207971][ T7328] __x64_sys_socket+0x72/0xb0 [ 184.207993][ T7328] ? lockdep_hardirqs_on+0x78/0x100 [ 184.208016][ T7328] do_syscall_64+0x115/0x840 [ 184.208029][ T7328] ? clear_bhb_loop+0x40/0x90 [ 184.208048][ T7328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.208064][ T7328] RIP: 0033:0x7f79f3d9ce59 [ 184.208078][ T7328] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 184.208091][ T7328] RSP: 002b:00007f79f4c80028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 184.208106][ T7328] RAX: ffffffffffffffda RBX: 00007f79f4015fa0 RCX: 00007f79f3d9ce59 [ 184.208116][ T7328] RDX: 0000000000000100 RSI: 0000000000000003 RDI: 0000000000000002 [ 184.208124][ T7328] RBP: 00007f79f3e32e6f R08: 0000000000000000 R09: 0000000000000000 [ 184.208133][ T7328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 184.208142][ T7328] R13: 00007f79f4016038 R14: 00007f79f4015fa0 R15: 00007fff4bb326a8 [ 184.208164][ T7328] [ 185.569987][ T7332] FAULT_INJECTION: forcing a failure. [ 185.569987][ T7332] name failslab, interval 1, probability 0, space 0, times 0 [ 185.666993][ T7332] CPU: 0 UID: 0 PID: 7332 Comm: syz.2.296 Tainted: G L syzkaller #0 PREEMPT(full) [ 185.667021][ T7332] Tainted: [L]=SOFTLOCKUP [ 185.667027][ T7332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 185.667038][ T7332] Call Trace: [ 185.667044][ T7332] [ 185.667050][ T7332] dump_stack_lvl+0x100/0x190 [ 185.667076][ T7332] should_fail_ex.cold+0x5/0xa [ 185.667386][ T7332] should_failslab+0xc2/0x120 [ 185.667411][ T7332] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 185.667431][ T7332] ? find_held_lock+0x2b/0x80 [ 185.667450][ T7332] ? __d_alloc+0x35/0xa50 [ 185.667470][ T7332] __d_alloc+0x35/0xa50 [ 185.667488][ T7332] d_alloc_pseudo+0x1c/0xc0 [ 185.667508][ T7332] alloc_file_pseudo+0x118/0x290 [ 185.667529][ T7332] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 185.667548][ T7332] ? alloc_fd+0x471/0x7a0 [ 185.667566][ T7332] sock_alloc_file+0x50/0x210 [ 185.667586][ T7332] __sys_socket+0x1c0/0x260 [ 185.667608][ T7332] ? __pfx___sys_socket+0x10/0x10 [ 185.667637][ T7332] __x64_sys_socket+0x72/0xb0 [ 185.667671][ T7332] ? lockdep_hardirqs_on+0x78/0x100 [ 185.667706][ T7332] do_syscall_64+0x115/0x840 [ 185.667720][ T7332] ? clear_bhb_loop+0x40/0x90 [ 185.667739][ T7332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.667755][ T7332] RIP: 0033:0x7f18e379ce59 [ 185.667769][ T7332] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 185.667783][ T7332] RSP: 002b:00007f18e471c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 185.667799][ T7332] RAX: ffffffffffffffda RBX: 00007f18e3a15fa0 RCX: 00007f18e379ce59 [ 185.667809][ T7332] RDX: 0000000000000100 RSI: 0000000000000003 RDI: 0000000000000002 [ 185.667818][ T7332] RBP: 00007f18e3832e6f R08: 0000000000000000 R09: 0000000000000000 [ 185.667827][ T7332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.667836][ T7332] R13: 00007f18e3a16038 R14: 00007f18e3a15fa0 R15: 00007ffc4299b7b8 [ 185.667855][ T7332] [ 186.636641][ T7368] usb usb37: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 186.671645][ T7368] vhci_hcd vhci_hcd.2: invalid port number 0 [ 186.772350][ T7365] netlink: 28 bytes leftover after parsing attributes in process `syz.2.301'. [ 187.926159][ T7388] vhci_hcd vhci_hcd.3: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 188.949457][ T7411] syz.3.310 (7411) used obsolete PPPIOCDETACH ioctl [ 189.445707][ T7420] random: crng reseeded on system resumption [ 189.546315][ T7420] netlink: 16 bytes leftover after parsing attributes in process `syz.0.313'. [ 189.623651][ T7420] mac80211_hwsim hwsim10 wlan2: entered promiscuous mode [ 189.680737][ T7420] mac80211_hwsim hwsim10 wlan2: entered allmulticast mode [ 190.355746][ T7429] [U]  [ 190.359111][ T7429] [U] [ 190.362893][ T7429] [U] [ 190.365878][ T7429] [U] [ 190.430649][ T7429] [U] [ 190.434804][ T7429] [U] [ 190.437612][ T7429] [U] [ 190.440472][ T7429] [U] [ 190.547884][ T7429] [U] [ 190.551023][ T7429] [U] [ 190.554645][ T7429] [U] [ 190.557440][ T7429] [U] [ 190.618922][ T7429] [U] [ 190.623012][ T7429] [U] [ 190.626949][ T7429] [U] [ 190.630887][ T7429] [U] [ 190.690924][ T7429] [U] [ 190.694172][ T7429] [U] [ 190.697110][ T7429] [U] [ 190.699999][ T7429] [U] [ 190.754337][ T7429] [U] [ 190.758425][ T7429] [U] [ 190.763658][ T7429] [U] [ 190.766943][ T7429] [U] [ 190.833417][ T7429] [U] [ 190.837021][ T7429] [U] [ 190.840624][ T7429] [U] [ 190.843560][ T7429] [U] [ 190.897591][ T7429] [U] [ 190.901632][ T7429] [U] [ 190.904634][ T7429] [U] [ 190.908903][ T7429] [U] [ 190.967240][ T7429] [U] [ 191.049083][ T7438] netlink: 350 bytes leftover after parsing attributes in process `syz.3.318'. [ 192.470883][ T7464] ======================================================= [ 192.470883][ T7464] WARNING: The mand mount option has been deprecated and [ 192.470883][ T7464] and is ignored by this kernel. Remove the mand [ 192.470883][ T7464] option from the mount to silence this warning. [ 192.470883][ T7464] ======================================================= [ 192.895033][ T7475] vivid-011: ================= START STATUS ================= [ 192.941450][ T7475] vivid-011: Radio HW Seek Mode: Bounded [ 192.985467][ T7475] vivid-011: Radio Programmable HW Seek: false [ 193.049011][ T7475] vivid-011: RDS Rx I/O Mode: Block I/O [ 193.093969][ T7475] vivid-011: Generate RBDS Instead of RDS: false [ 193.133380][ T7475] vivid-011: RDS Reception: true [ 193.161230][ T7475] vivid-011: RDS Program Type: 0 inactive [ 193.221022][ T7475] vivid-011: RDS PS Name: inactive [ 193.288654][ T7475] vivid-011: RDS Radio Text: inactive [ 193.375001][ T7475] vivid-011: RDS Traffic Announcement: false inactive [ 193.427592][ T7475] vivid-011: RDS Traffic Program: false inactive [ 193.498316][ T7475] vivid-011: RDS Music: false inactive [ 193.557158][ T7475] vivid-011: ================== END STATUS ================== [ 194.366738][ T1318] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.377399][ T1318] ieee802154 phy1 wpan1: encryption failed: -22 [ 197.749563][ T7547] vivid-011: ================= START STATUS ================= [ 197.849926][ T7547] vivid-011: Radio HW Seek Mode: Bounded [ 197.896347][ T7547] vivid-011: Radio Programmable HW Seek: false [ 197.947663][ T7547] vivid-011: RDS Rx I/O Mode: Block I/O [ 198.045672][ T7547] vivid-011: Generate RBDS Instead of RDS: false [ 198.083327][ T7547] vivid-011: RDS Reception: true [ 198.130492][ T7547] vivid-011: RDS Program Type: 0 inactive [ 198.168115][ T7547] vivid-011: RDS PS Name: inactive [ 198.222993][ T7547] vivid-011: RDS Radio Text: inactive [ 198.283154][ T7547] vivid-011: RDS Traffic Announcement: false inactive [ 198.432330][ T7547] vivid-011: RDS Traffic Program: false inactive [ 198.569610][ T7547] vivid-011: RDS Music: false inactive [ 198.683257][ T7547] vivid-011: ================== END STATUS ================== [ 200.172865][ T7575] raw_sendmsg: syz.1.343 forgot to set AF_INET. Fix it! [ 200.216952][ T7559] kexec: Could not allocate control_code_buffer [ 203.649264][ T7653] netlink: 'syz.1.357': attribute type 1 has an invalid length. [ 203.695589][ T7653] netlink: 314 bytes leftover after parsing attributes in process `syz.1.357'. [ 203.822000][ T7656] netlink: 32 bytes leftover after parsing attributes in process `syz.1.357'. [ 203.880277][ T7656] nbd: must specify at least one socket [ 205.031751][ T7665] [U] [ 205.034907][ T7665] [U] [ 205.037908][ T7665] [U] [ 205.041405][ T7665] [U] [ 205.252349][ T7680] vivid-011: ================= START STATUS ================= [ 205.275475][ T7665] [U] [ 205.279150][ T7665] [U] [ 205.282833][ T7665] [U] [ 205.285914][ T7665] [U] [ 205.314184][ T7680] vivid-011: Radio HW Seek Mode: Bounded [ 205.353553][ T7680] vivid-011: Radio Programmable HW Seek: false [ 205.418420][ T7680] vivid-011: RDS Rx I/O Mode: Block I/O [ 205.458625][ T7680] vivid-011: Generate RBDS Instead of RDS: false [ 205.491329][ T7680] vivid-011: RDS Reception: true [ 205.497079][ T7665] [U] [ 205.514145][ T7685] netlink: 16 bytes leftover after parsing attributes in process `syz.1.367'. [ 205.533416][ T7680] vivid-011: RDS Program Type: 0 inactive [ 205.569637][ T7680] vivid-011: RDS PS Name: inactive [ 205.594681][ T7680] vivid-011: RDS Radio Text: inactive [ 205.660262][ T7680] vivid-011: RDS Traffic Announcement: false inactive [ 205.738959][ T7680] vivid-011: RDS Traffic Program: false inactive [ 205.848102][ T7680] vivid-011: RDS Music: false inactive [ 205.924632][ T7680] vivid-011: ================== END STATUS ================== [ 206.754625][ T7706] netlink: 28 bytes leftover after parsing attributes in process `syz.2.371'. [ 207.237710][ T7709] netlink: 108 bytes leftover after parsing attributes in process `syz.1.372'. [ 207.831380][ T7720] FAULT_INJECTION: forcing a failure. [ 207.831380][ T7720] name failslab, interval 1, probability 0, space 0, times 0 [ 208.072354][ T7720] CPU: 0 UID: 0 PID: 7720 Comm: syz.2.373 Tainted: G L syzkaller #0 PREEMPT(full) [ 208.072385][ T7720] Tainted: [L]=SOFTLOCKUP [ 208.072391][ T7720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 208.072401][ T7720] Call Trace: [ 208.072407][ T7720] [ 208.072414][ T7720] dump_stack_lvl+0x100/0x190 [ 208.072440][ T7720] should_fail_ex.cold+0x5/0xa [ 208.072462][ T7720] should_failslab+0xc2/0x120 [ 208.072501][ T7720] __kmalloc_noprof+0xfc/0x820 [ 208.072578][ T7720] ? rcu_is_watching+0x12/0xc0 [ 208.072598][ T7720] ? tomoyo_realpath_from_path+0xb6/0x690 [ 208.072624][ T7720] tomoyo_realpath_from_path+0xb6/0x690 [ 208.072651][ T7720] tomoyo_path_number_perm+0x23c/0x580 [ 208.072668][ T7720] ? tomoyo_path_number_perm+0x22e/0x580 [ 208.072688][ T7720] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 208.072713][ T7720] ? __lock_acquire+0x49f/0x1a40 [ 208.072737][ T7720] ? current_check_access_path+0x269/0x430 [ 208.072759][ T7720] ? __pfx_current_check_access_path+0x10/0x10 [ 208.072781][ T7720] ? d_alloc_parallel+0x9ed/0x14b0 [ 208.072806][ T7720] tomoyo_path_mknod+0x164/0x190 [ 208.072830][ T7720] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 208.072854][ T7720] ? __d_lookup+0x25c/0x4a0 [ 208.072872][ T7720] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 208.072897][ T7720] security_path_mknod+0x161/0x300 [ 208.072920][ T7720] may_o_create+0x30/0x3a0 [ 208.072943][ T7720] path_openat+0x2e42/0x4280 [ 208.072967][ T7720] ? __pfx_path_openat+0x10/0x10 [ 208.072988][ T7720] do_file_open+0x20e/0x430 [ 208.073005][ T7720] ? __pfx_do_file_open+0x10/0x10 [ 208.073038][ T7720] ? alloc_fd+0x471/0x7a0 [ 208.073054][ T7720] ? do_getname+0x191/0x390 [ 208.073084][ T7720] do_sys_openat2+0x10f/0x1e0 [ 208.073105][ T7720] ? __pfx_do_sys_openat2+0x10/0x10 [ 208.073127][ T7720] ? find_held_lock+0x2b/0x80 [ 208.073152][ T7720] __x64_sys_openat+0x12d/0x210 [ 208.073172][ T7720] ? __pfx___x64_sys_openat+0x10/0x10 [ 208.073199][ T7720] do_syscall_64+0x115/0x840 [ 208.073213][ T7720] ? clear_bhb_loop+0x40/0x90 [ 208.073231][ T7720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.073247][ T7720] RIP: 0033:0x7f18e379ce59 [ 208.073262][ T7720] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 208.073275][ T7720] RSP: 002b:00007f18e46fb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 208.073290][ T7720] RAX: ffffffffffffffda RBX: 00007f18e3a16090 RCX: 00007f18e379ce59 [ 208.073300][ T7720] RDX: 000000000000a140 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 208.073323][ T7720] RBP: 00007f18e3832e6f R08: 0000000000000000 R09: 0000000000000000 [ 208.073336][ T7720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 208.073345][ T7720] R13: 00007f18e3a16128 R14: 00007f18e3a16090 R15: 00007ffc4299b7b8 [ 208.073366][ T7720] [ 211.702119][ T7720] ERROR: Out of memory at tomoyo_realpath_from_path. [ 215.418255][ T7881] netlink: 'syz.3.401': attribute type 1 has an invalid length. [ 216.077081][ T7895] futex_wake_op: syz.2.406 tries to shift op by -2048; fix this program [ 216.077210][ T7895] futex_wake_op: syz.2.406 tries to shift op by -2048; fix this program [ 216.078609][ T7895] 0x000000000001-0x000000020000 : "" [ 216.305349][ T7895] ftl_cs: FTL header corrupt! [ 219.500466][ T7964] FAULT_INJECTION: forcing a failure. [ 219.500466][ T7964] name failslab, interval 1, probability 0, space 0, times 0 [ 219.610674][ T7964] CPU: 0 UID: 0 PID: 7964 Comm: syz.0.420 Tainted: G L syzkaller #0 PREEMPT(full) [ 219.610705][ T7964] Tainted: [L]=SOFTLOCKUP [ 219.610711][ T7964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 219.610721][ T7964] Call Trace: [ 219.610726][ T7964] [ 219.610732][ T7964] dump_stack_lvl+0x100/0x190 [ 219.610762][ T7964] should_fail_ex.cold+0x5/0xa [ 219.610785][ T7964] should_failslab+0xc2/0x120 [ 219.610815][ T7964] kmem_cache_alloc_noprof+0x91/0x6a0 [ 219.610834][ T7964] ? d_instantiate+0x8a/0xb0 [ 219.610852][ T7964] ? d_instantiate+0x8a/0xb0 [ 219.610869][ T7964] ? alloc_empty_file+0x5b/0x1c0 [ 219.610899][ T7964] alloc_empty_file+0x5b/0x1c0 [ 219.610921][ T7964] alloc_file_pseudo+0x183/0x290 [ 219.610945][ T7964] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 219.610970][ T7964] ? hugetlbfs_get_inode+0x3f5/0x700 [ 219.610991][ T7964] hugetlb_file_setup+0x2a8/0x5b0 [ 219.611011][ T7964] ksys_mmap_pgoff+0x242/0x610 [ 219.611034][ T7964] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 219.611055][ T7964] ? xfd_validate_state+0x129/0x190 [ 219.611076][ T7964] __x64_sys_mmap+0x125/0x190 [ 219.611105][ T7964] do_syscall_64+0x115/0x840 [ 219.611122][ T7964] ? clear_bhb_loop+0x40/0x90 [ 219.611141][ T7964] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.611164][ T7964] RIP: 0033:0x7f4f6519ce59 [ 219.611178][ T7964] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 219.611193][ T7964] RSP: 002b:00007f4f66068028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 219.611209][ T7964] RAX: ffffffffffffffda RBX: 00007f4f65415fa0 RCX: 00007f4f6519ce59 [ 219.611219][ T7964] RDX: 0000000000000002 RSI: 0000000000000005 RDI: 0000000000000000 [ 219.611228][ T7964] RBP: 00007f4f65232e6f R08: 0000000000000401 R09: 0000300000000000 [ 219.611237][ T7964] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 219.611246][ T7964] R13: 00007f4f65416038 R14: 00007f4f65415fa0 R15: 00007ffcc6d0ddc8 [ 219.611265][ T7964] [ 221.497897][ T8001] FAULT_INJECTION: forcing a failure. [ 221.497897][ T8001] name failslab, interval 1, probability 0, space 0, times 0 [ 221.683398][ T8001] CPU: 0 UID: 0 PID: 8001 Comm: syz.0.434 Tainted: G L syzkaller #0 PREEMPT(full) [ 221.683427][ T8001] Tainted: [L]=SOFTLOCKUP [ 221.683433][ T8001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 221.683443][ T8001] Call Trace: [ 221.683450][ T8001] [ 221.683457][ T8001] dump_stack_lvl+0x100/0x190 [ 221.683483][ T8001] should_fail_ex.cold+0x5/0xa [ 221.683508][ T8001] should_failslab+0xc2/0x120 [ 221.683530][ T8001] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 221.683548][ T8001] ? __lock_acquire+0x49f/0x1a40 [ 221.683563][ T8001] ? __d_alloc+0x35/0xa50 [ 221.683582][ T8001] __d_alloc+0x35/0xa50 [ 221.683597][ T8001] ? do_raw_spin_lock+0x128/0x260 [ 221.683616][ T8001] d_alloc+0x4a/0x1e0 [ 221.683637][ T8001] d_alloc_name+0x83/0xb0 [ 221.683652][ T8001] ? __pfx_d_alloc_name+0x10/0x10 [ 221.683668][ T8001] ? fast_dput+0x168/0x6d0 [ 221.683686][ T8001] ? dput.part.0+0x4f/0x240 [ 221.683706][ T8001] simple_fill_super+0x4c3/0x680 [ 221.683725][ T8001] ? __pfx_nfsd_fill_super+0x10/0x10 [ 221.683747][ T8001] nfsd_fill_super+0x98/0x560 [ 221.683769][ T8001] ? __pfx_nfsd_fill_super+0x10/0x10 [ 221.683790][ T8001] get_tree_keyed+0x10e/0x1d0 [ 221.683814][ T8001] vfs_get_tree+0x92/0x320 [ 221.683835][ T8001] path_mount+0x7d0/0x23d0 [ 221.683855][ T8001] ? __pfx_path_mount+0x10/0x10 [ 221.683871][ T8001] ? lockdep_hardirqs_on+0x78/0x100 [ 221.683896][ T8001] ? putname+0xb1/0x110 [ 221.683910][ T8001] ? kmem_cache_free+0x127/0x6b0 [ 221.683936][ T8001] ? __x64_sys_mount+0x293/0x310 [ 221.683961][ T8001] __x64_sys_mount+0x293/0x310 [ 221.683979][ T8001] ? __pfx___x64_sys_mount+0x10/0x10 [ 221.684002][ T8001] do_syscall_64+0x115/0x840 [ 221.684015][ T8001] ? clear_bhb_loop+0x40/0x90 [ 221.684033][ T8001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.684048][ T8001] RIP: 0033:0x7f4f6519ce59 [ 221.684062][ T8001] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 221.684076][ T8001] RSP: 002b:00007f4f66068028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 221.684091][ T8001] RAX: ffffffffffffffda RBX: 00007f4f65415fa0 RCX: 00007f4f6519ce59 [ 221.684101][ T8001] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 221.684110][ T8001] RBP: 00007f4f65232e6f R08: 0000000000000000 R09: 0000000000000000 [ 221.684118][ T8001] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 221.684134][ T8001] R13: 00007f4f65416038 R14: 00007f4f65415fa0 R15: 00007ffcc6d0ddc8 [ 221.684155][ T8001] [ 223.130189][ T8041] vivid-011: ================= START STATUS ================= [ 223.176908][ T8041] vivid-011: Radio HW Seek Mode: Bounded [ 223.206259][ T8041] vivid-011: Radio Programmable HW Seek: false [ 223.238609][ T8041] vivid-011: RDS Rx I/O Mode: Block I/O [ 223.280912][ T8041] vivid-011: Generate RBDS Instead of RDS: false [ 223.313976][ T8041] vivid-011: RDS Reception: true [ 223.345514][ T8041] vivid-011: RDS Program Type: 0 inactive [ 223.395591][ T8041] vivid-011: RDS PS Name: inactive [ 223.423361][ T8041] vivid-011: RDS Radio Text: inactive [ 223.488553][ T8041] vivid-011: RDS Traffic Announcement: false inactive [ 223.587358][ T8041] vivid-011: RDS Traffic Program: false inactive [ 223.687028][ T8041] vivid-011: RDS Music: false inactive [ 223.761048][ T8041] vivid-011: ================== END STATUS ================== [ 225.227646][ T8068] FAULT_INJECTION: forcing a failure. [ 225.227646][ T8068] name failslab, interval 1, probability 0, space 0, times 0 [ 225.302177][ T8068] CPU: 0 UID: 0 PID: 8068 Comm: syz.3.439 Tainted: G L syzkaller #0 PREEMPT(full) [ 225.302205][ T8068] Tainted: [L]=SOFTLOCKUP [ 225.302210][ T8068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 225.302219][ T8068] Call Trace: [ 225.302225][ T8068] [ 225.302231][ T8068] dump_stack_lvl+0x100/0x190 [ 225.302256][ T8068] should_fail_ex.cold+0x5/0xa [ 225.302278][ T8068] should_failslab+0xc2/0x120 [ 225.302299][ T8068] kmem_cache_alloc_noprof+0x91/0x6a0 [ 225.302317][ T8068] ? __pfx_map_id_range_down+0x10/0x10 [ 225.302338][ T8068] ? security_inode_alloc+0x3b/0x2c0 [ 225.302358][ T8068] security_inode_alloc+0x3b/0x2c0 [ 225.302375][ T8068] inode_init_always_gfp+0xc77/0xfb0 [ 225.302393][ T8068] alloc_inode+0x8e/0x250 [ 225.302412][ T8068] sock_alloc+0x44/0x280 [ 225.302435][ T8068] ? security_socket_create+0x7f/0x250 [ 225.302452][ T8068] __sock_create+0xc2/0x860 [ 225.302476][ T8068] __sys_socket+0x14d/0x260 [ 225.302499][ T8068] ? __pfx___sys_socket+0x10/0x10 [ 225.302527][ T8068] __x64_sys_socket+0x72/0xb0 [ 225.302550][ T8068] ? lockdep_hardirqs_on+0x78/0x100 [ 225.302573][ T8068] do_syscall_64+0x115/0x840 [ 225.302586][ T8068] ? clear_bhb_loop+0x40/0x90 [ 225.302606][ T8068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.302622][ T8068] RIP: 0033:0x7f79f3d9ce59 [ 225.302635][ T8068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 225.302649][ T8068] RSP: 002b:00007f79f4c80028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 225.302664][ T8068] RAX: ffffffffffffffda RBX: 00007f79f4015fa0 RCX: 00007f79f3d9ce59 [ 225.302677][ T8068] RDX: 0000000000000100 RSI: 0000000000000003 RDI: 0000000000000002 [ 225.302685][ T8068] RBP: 00007f79f3e32e6f R08: 0000000000000000 R09: 0000000000000000 [ 225.302694][ T8068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.302702][ T8068] R13: 00007f79f4016038 R14: 00007f79f4015fa0 R15: 00007fff4bb326a8 [ 225.302722][ T8068] [ 225.980510][ T8079] cifs: Unknown parameter 'no+ 1§• Ö`ÑørêsFn)ÈøaõH†šÄ¿¡h`àØÝë9k¤A}€žŠ1\D@‹Ç.ÁäZÔCg^‚' [ 226.134152][ T8083] futex_wake_op: syz.2.441 tries to shift op by -2048; fix this program [ 226.298940][ T8081] 0x000000000001-0x000000020000 : "" [ 226.350051][ T8083] ubi1: attaching mtd0 [ 226.500743][ T8081] ftl_cs: FTL header corrupt! [ 226.529074][ T8083] ubi1: scanning is finished [ 226.658656][ T8083] ubi1: empty MTD device detected [ 226.765394][ T8068] socket: no more sockets [ 227.189395][ T8100] FAULT_INJECTION: forcing a failure. [ 227.189395][ T8100] name failslab, interval 1, probability 0, space 0, times 0 [ 227.431541][ T8100] CPU: 0 UID: 0 PID: 8100 Comm: syz.3.444 Tainted: G L syzkaller #0 PREEMPT(full) [ 227.431589][ T8100] Tainted: [L]=SOFTLOCKUP [ 227.431599][ T8100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 227.431609][ T8100] Call Trace: [ 227.431616][ T8100] [ 227.431624][ T8100] dump_stack_lvl+0x100/0x190 [ 227.431652][ T8100] should_fail_ex.cold+0x5/0xa [ 227.431675][ T8100] should_failslab+0xc2/0x120 [ 227.431696][ T8100] kmem_cache_alloc_noprof+0x91/0x6a0 [ 227.431716][ T8100] ? ep_ptable_queue_proc+0x5b/0x280 [ 227.431736][ T8100] ep_ptable_queue_proc+0x5b/0x280 [ 227.431751][ T8100] ? __pfx_ep_ptable_queue_proc+0x10/0x10 [ 227.431772][ T8100] snd_seq_pool_poll_wait+0x5b/0x160 [ 227.431797][ T8100] snd_seq_kernel_client_write_poll+0xa5/0x110 [ 227.431820][ T8100] snd_seq_oss_poll+0x17d/0x1d0 [ 227.431844][ T8100] ? __pfx_odev_poll+0x10/0x10 [ 227.431862][ T8100] odev_poll+0x4a/0x90 [ 227.431883][ T8100] ep_item_poll+0x141/0x1f0 [ 227.431901][ T8100] do_epoll_ctl_file+0x1e6b/0x3640 [ 227.431925][ T8100] ? __pfx_do_epoll_ctl_file+0x10/0x10 [ 227.431945][ T8100] ? __pfx_ep_ptable_queue_proc+0x10/0x10 [ 227.431960][ T8100] ? __fget_files+0x215/0x3d0 [ 227.431978][ T8100] ? __fget_files+0x21f/0x3d0 [ 227.431996][ T8100] ? do_epoll_ctl+0xfd/0x1a0 [ 227.432012][ T8100] do_epoll_ctl+0xfd/0x1a0 [ 227.432032][ T8100] ? __pfx_do_epoll_ctl+0x10/0x10 [ 227.432054][ T8100] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 227.432072][ T8100] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 227.432096][ T8100] do_syscall_64+0x115/0x840 [ 227.432109][ T8100] ? clear_bhb_loop+0x40/0x90 [ 227.432127][ T8100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.432142][ T8100] RIP: 0033:0x7f79f3d9ce59 [ 227.432157][ T8100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 227.432171][ T8100] RSP: 002b:00007f79f4c5f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 227.432186][ T8100] RAX: ffffffffffffffda RBX: 00007f79f4016090 RCX: 00007f79f3d9ce59 [ 227.432196][ T8100] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 227.432204][ T8100] RBP: 00007f79f3e32e6f R08: 0000000000000000 R09: 0000000000000000 [ 227.432213][ T8100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.432221][ T8100] R13: 00007f79f4016128 R14: 00007f79f4016090 R15: 00007fff4bb326a8 [ 227.432241][ T8100] [ 228.727527][ T8083] ubi1 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt1d", error -4 [ 229.430653][ T8117] vivid-011: ================= START STATUS ================= [ 229.493492][ T8117] vivid-011: Radio HW Seek Mode: Bounded [ 229.530662][ T8117] vivid-011: Radio Programmable HW Seek: false [ 229.573114][ T8117] vivid-011: RDS Rx I/O Mode: Block I/O [ 229.620325][ T8117] vivid-011: Generate RBDS Instead of RDS: false [ 229.665088][ T8117] vivid-011: RDS Reception: true [ 229.726362][ T8117] vivid-011: RDS Program Type: 0 inactive [ 229.846289][ T8117] vivid-011: RDS PS Name: inactive [ 229.937967][ T8117] vivid-011: RDS Radio Text: inactive [ 229.995991][ T8117] vivid-011: RDS Traffic Announcement: false inactive [ 230.040870][ T8117] vivid-011: RDS Traffic Program: false inactive [ 230.087129][ T8117] vivid-011: RDS Music: false inactive [ 230.141162][ T8117] vivid-011: ================== END STATUS ================== [ 232.758487][ T8154] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -4 [ 232.957346][ T8154] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -4 [ 233.125505][ T8154] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s [ 233.929105][ T8154] syz.0.455 (8154) used greatest stack depth: 19280 bytes left [ 240.078554][ T8262] FAULT_INJECTION: forcing a failure. [ 240.078554][ T8262] name fail_futex, interval 1, probability 0, space 0, times 0 [ 240.188675][ T8262] CPU: 0 UID: 0 PID: 8262 Comm: syz.2.474 Tainted: G L syzkaller #0 PREEMPT(full) [ 240.188708][ T8262] Tainted: [L]=SOFTLOCKUP [ 240.188713][ T8262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 240.188736][ T8262] Call Trace: [ 240.188742][ T8262] [ 240.188748][ T8262] dump_stack_lvl+0x100/0x190 [ 240.188774][ T8262] should_fail_ex.cold+0x5/0xa [ 240.188795][ T8262] get_futex_key+0xf74/0x14f0 [ 240.188813][ T8262] ? __pfx_get_futex_key+0x10/0x10 [ 240.188828][ T8262] ? lock_acquire+0x1b9/0x370 [ 240.188846][ T8262] futex_wake+0xf4/0x5e0 [ 240.188868][ T8262] ? __pfx_futex_wake+0x10/0x10 [ 240.188887][ T8262] ? find_held_lock+0x2b/0x80 [ 240.188906][ T8262] ? exit_mm_release+0x19/0x30 [ 240.188929][ T8262] do_futex+0x2b2/0x440 [ 240.188946][ T8262] ? __pfx_do_futex+0x10/0x10 [ 240.188961][ T8262] ? __might_fault+0xc5/0x140 [ 240.188982][ T8262] mm_release+0x24a/0x2f0 [ 240.188998][ T8262] do_exit+0x707/0x2ae0 [ 240.189023][ T8262] ? __pfx___might_resched+0x10/0x10 [ 240.189057][ T8262] ? __pfx_do_exit+0x10/0x10 [ 240.189078][ T8262] ? do_raw_spin_lock+0x128/0x260 [ 240.189093][ T8262] ? find_held_lock+0x2b/0x80 [ 240.189111][ T8262] ? get_signal+0x7e0/0x21e0 [ 240.189129][ T8262] do_group_exit+0xd5/0x2a0 [ 240.189265][ T8262] get_signal+0x1ec7/0x21e0 [ 240.189284][ T8262] ? kick_process+0xf0/0x1a0 [ 240.189306][ T8262] ? __pfx_get_signal+0x10/0x10 [ 240.189324][ T8262] ? __pfx_vfs_read+0x10/0x10 [ 240.189340][ T8262] arch_do_signal_or_restart+0x91/0x7a0 [ 240.189360][ T8262] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 240.189383][ T8262] ? fput+0xd9/0x100 [ 240.189404][ T8262] exit_to_user_mode_loop+0x139/0x6f0 [ 240.189419][ T8262] ? rcu_is_watching+0x12/0xc0 [ 240.189439][ T8262] do_syscall_64+0x652/0x840 [ 240.189453][ T8262] ? clear_bhb_loop+0x40/0x90 [ 240.189471][ T8262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.189486][ T8262] RIP: 0033:0x7f18e379ce59 [ 240.189501][ T8262] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 240.189516][ T8262] RSP: 002b:00007f18e46fb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 240.189534][ T8262] RAX: fffffffffffffe00 RBX: 00007f18e3a16090 RCX: 00007f18e379ce59 [ 240.189543][ T8262] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000003 [ 240.189551][ T8262] RBP: 00007f18e3832e6f R08: 0000000000000000 R09: 0000000000000000 [ 240.189569][ T8262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 240.189578][ T8262] R13: 00007f18e3a16128 R14: 00007f18e3a16090 R15: 00007ffc4299b7b8 [ 240.189600][ T8262] [ 241.044504][ T8280] syz.3.479 uses obsolete (PF_INET,SOCK_PACKET) [ 241.874823][ T8297] netlink: 'syz.1.483': attribute type 4 has an invalid length. [ 243.168807][ T8315] FAULT_INJECTION: forcing a failure. [ 243.168807][ T8315] name fail_futex, interval 1, probability 0, space 0, times 0 [ 243.269457][ T8315] CPU: 0 UID: 0 PID: 8315 Comm: syz.3.487 Tainted: G L syzkaller #0 PREEMPT(full) [ 243.269484][ T8315] Tainted: [L]=SOFTLOCKUP [ 243.269489][ T8315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 243.269498][ T8315] Call Trace: [ 243.269504][ T8315] [ 243.269510][ T8315] dump_stack_lvl+0x100/0x190 [ 243.269534][ T8315] should_fail_ex.cold+0x5/0xa [ 243.269556][ T8315] get_futex_key+0x1d2/0x14f0 [ 243.269573][ T8315] ? __pfx_get_futex_key+0x10/0x10 [ 243.269595][ T8315] futex_wake+0xf4/0x5e0 [ 243.269616][ T8315] ? __pfx_futex_wake+0x10/0x10 [ 243.269635][ T8315] ? __lock_acquire+0x49f/0x1a40 [ 243.269649][ T8315] ? percpu_counter_add_batch+0xb9/0x230 [ 243.269669][ T8315] ? errseq_sample+0x51/0x70 [ 243.269693][ T8315] do_futex+0x2b2/0x440 [ 243.269710][ T8315] ? __pfx_do_futex+0x10/0x10 [ 243.269727][ T8315] ? fd_install+0x223/0x580 [ 243.269745][ T8315] __x64_sys_futex+0x34f/0x4d0 [ 243.269762][ T8315] ? __sys_socket+0xac/0x260 [ 243.269786][ T8315] ? __pfx___x64_sys_futex+0x10/0x10 [ 243.269809][ T8315] do_syscall_64+0x115/0x840 [ 243.269823][ T8315] ? clear_bhb_loop+0x40/0x90 [ 243.269841][ T8315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.269856][ T8315] RIP: 0033:0x7f79f3d9ce59 [ 243.269870][ T8315] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 243.269883][ T8315] RSP: 002b:00007f79f4c800e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 243.269898][ T8315] RAX: ffffffffffffffda RBX: 00007f79f4015fa8 RCX: 00007f79f3d9ce59 [ 243.269907][ T8315] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f79f4015fac [ 243.269917][ T8315] RBP: 00007f79f4015fa0 R08: 0000000000000001 R09: 0000000000000000 [ 243.269925][ T8315] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 243.269934][ T8315] R13: 00007f79f4016038 R14: 00007fff4bb325c0 R15: 00007fff4bb326a8 [ 243.269953][ T8315] [ 249.811529][ T8439] netlink: 8 bytes leftover after parsing attributes in process `syz.2.510'. [ 251.376583][ T8468] netlink: 8 bytes leftover after parsing attributes in process `syz.1.518'. [ 255.482129][ T8525] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 255.803888][ T1318] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.813657][ T1318] ieee802154 phy1 wpan1: encryption failed: -22 [ 259.017616][ T8580] vivid-011: ================= START STATUS ================= [ 259.064964][ T8580] vivid-011: Radio HW Seek Mode: Bounded [ 259.100637][ T8580] vivid-011: Radio Programmable HW Seek: false [ 259.146421][ T8580] vivid-011: RDS Rx I/O Mode: Block I/O [ 259.184658][ T8580] vivid-011: Generate RBDS Instead of RDS: false [ 259.236178][ T8580] vivid-011: RDS Reception: true [ 259.269048][ T8580] vivid-011: RDS Program Type: 0 inactive [ 259.353544][ T8580] vivid-011: RDS PS Name: inactive [ 259.418850][ T8580] vivid-011: RDS Radio Text: inactive [ 259.499043][ T8580] vivid-011: RDS Traffic Announcement: false inactive [ 259.598476][ T8580] vivid-011: RDS Traffic Program: false inactive [ 259.650417][ T8580] vivid-011: RDS Music: false inactive [ 259.701890][ T8580] vivid-011: ================== END STATUS ================== [ 260.423819][ T8610] netlink: 330 bytes leftover after parsing attributes in process `syz.3.550'. [ 263.733688][ T8676] vivid-011: ================= START STATUS ================= [ 263.760839][ T8676] vivid-011: Radio HW Seek Mode: Bounded [ 263.779939][ T8676] vivid-011: Radio Programmable HW Seek: false [ 263.801168][ T8676] vivid-011: RDS Rx I/O Mode: Block I/O [ 263.827121][ T8676] vivid-011: Generate RBDS Instead of RDS: false [ 263.849507][ T8676] vivid-011: RDS Reception: true [ 263.868413][ T8676] vivid-011: RDS Program Type: 0 inactive [ 263.889657][ T8676] vivid-011: RDS PS Name: inactive [ 263.907910][ T8676] vivid-011: RDS Radio Text: inactive [ 263.928914][ T8676] vivid-011: RDS Traffic Announcement: false inactive [ 263.961482][ T8676] vivid-011: RDS Traffic Program: false inactive [ 264.042497][ T8676] vivid-011: RDS Music: false inactive [ 264.102054][ T8676] vivid-011: ================== END STATUS ================== [ 264.318416][ T8684] FAULT_INJECTION: forcing a failure. [ 264.318416][ T8684] name failslab, interval 1, probability 0, space 0, times 0 [ 264.446413][ T8684] CPU: 0 UID: 0 PID: 8684 Comm: syz.1.565 Tainted: G L syzkaller #0 PREEMPT(full) [ 264.446439][ T8684] Tainted: [L]=SOFTLOCKUP [ 264.446445][ T8684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 264.446459][ T8684] Call Trace: [ 264.446464][ T8684] [ 264.446471][ T8684] dump_stack_lvl+0x100/0x190 [ 264.446495][ T8684] should_fail_ex.cold+0x5/0xa [ 264.446517][ T8684] should_failslab+0xc2/0x120 [ 264.446538][ T8684] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 264.446556][ T8684] ? __lock_acquire+0x49f/0x1a40 [ 264.446572][ T8684] ? __d_alloc+0x35/0xa50 [ 264.446591][ T8684] __d_alloc+0x35/0xa50 [ 264.446605][ T8684] ? do_raw_spin_lock+0x128/0x260 [ 264.446624][ T8684] d_alloc+0x4a/0x1e0 [ 264.446641][ T8684] d_alloc_name+0x83/0xb0 [ 264.446657][ T8684] ? __pfx_d_alloc_name+0x10/0x10 [ 264.446672][ T8684] ? fast_dput+0x168/0x6d0 [ 264.446691][ T8684] ? dput.part.0+0x4f/0x240 [ 264.446711][ T8684] simple_fill_super+0x4c3/0x680 [ 264.446729][ T8684] ? __pfx_nfsd_fill_super+0x10/0x10 [ 264.446751][ T8684] nfsd_fill_super+0x98/0x560 [ 264.446773][ T8684] ? __pfx_nfsd_fill_super+0x10/0x10 [ 264.446793][ T8684] get_tree_keyed+0x10e/0x1d0 [ 264.446818][ T8684] vfs_get_tree+0x92/0x320 [ 264.446842][ T8684] path_mount+0x7d0/0x23d0 [ 264.446863][ T8684] ? __pfx_path_mount+0x10/0x10 [ 264.446879][ T8684] ? lockdep_hardirqs_on+0x78/0x100 [ 264.446904][ T8684] ? putname+0xb1/0x110 [ 264.446919][ T8684] ? kmem_cache_free+0x127/0x6b0 [ 264.446941][ T8684] ? __x64_sys_mount+0x293/0x310 [ 264.446964][ T8684] __x64_sys_mount+0x293/0x310 [ 264.446983][ T8684] ? __pfx___x64_sys_mount+0x10/0x10 [ 264.447007][ T8684] do_syscall_64+0x115/0x840 [ 264.447021][ T8684] ? clear_bhb_loop+0x40/0x90 [ 264.447040][ T8684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.447055][ T8684] RIP: 0033:0x7f72f1b9ce59 [ 264.447070][ T8684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 264.447084][ T8684] RSP: 002b:00007f72f2993028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 264.447099][ T8684] RAX: ffffffffffffffda RBX: 00007f72f1e15fa0 RCX: 00007f72f1b9ce59 [ 264.447109][ T8684] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 264.447118][ T8684] RBP: 00007f72f1c32e6f R08: 0000000000000000 R09: 0000000000000000 [ 264.447127][ T8684] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 264.447137][ T8684] R13: 00007f72f1e16038 R14: 00007f72f1e15fa0 R15: 00007ffe5d363898 [ 264.447157][ T8684] [ 267.150539][ T8703] Process accounting resumed [ 267.587948][ T30] audit: type=1800 audit(1782641913.677:4): pid=8722 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.570" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 268.086670][ T8727] FAULT_INJECTION: forcing a failure. [ 268.086670][ T8727] name failslab, interval 1, probability 0, space 0, times 0 [ 268.189041][ T8727] CPU: 0 UID: 0 PID: 8727 Comm: syz.0.572 Tainted: G L syzkaller #0 PREEMPT(full) [ 268.189068][ T8727] Tainted: [L]=SOFTLOCKUP [ 268.189074][ T8727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 268.189083][ T8727] Call Trace: [ 268.189089][ T8727] [ 268.189095][ T8727] dump_stack_lvl+0x100/0x190 [ 268.189123][ T8727] should_fail_ex.cold+0x5/0xa [ 268.189144][ T8727] should_failslab+0xc2/0x120 [ 268.189165][ T8727] kmem_cache_alloc_noprof+0x91/0x6a0 [ 268.189208][ T8727] ? __anon_vma_prepare+0xae/0x5e0 [ 268.189228][ T8727] __anon_vma_prepare+0xae/0x5e0 [ 268.189243][ T8727] ? __pfx___pte_alloc+0x10/0x10 [ 268.189265][ T8727] __vmf_anon_prepare+0x11f/0x250 [ 268.189289][ T8727] do_anonymous_page+0x51b/0x2080 [ 268.189311][ T8727] __handle_mm_fault+0x1d2c/0x2a00 [ 268.189329][ T8727] ? mt_find+0x45e/0x8e0 [ 268.189346][ T8727] ? __pfx___handle_mm_fault+0x10/0x10 [ 268.189359][ T8727] ? __pfx_mt_find+0x10/0x10 [ 268.189390][ T8727] handle_mm_fault+0x37b/0xa30 [ 268.189409][ T8727] __get_user_pages+0x1178/0x32a0 [ 268.189437][ T8727] ? __pfx___get_user_pages+0x10/0x10 [ 268.189463][ T8727] populate_vma_page_range+0x267/0x3f0 [ 268.189486][ T8727] ? __pfx_populate_vma_page_range+0x10/0x10 [ 268.189507][ T8727] ? __pfx_find_vma_intersection+0x10/0x10 [ 268.189532][ T8727] __mm_populate+0x107/0x3a0 [ 268.189554][ T8727] ? __pfx___mm_populate+0x10/0x10 [ 268.189578][ T8727] ? up_write+0x2e5/0x5c0 [ 268.189596][ T8727] vm_mmap_pgoff+0x37f/0x470 [ 268.189629][ T8727] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 268.189653][ T8727] ? __pfx_do_futex+0x10/0x10 [ 268.189678][ T8727] ksys_mmap_pgoff+0xe4/0x610 [ 268.189699][ T8727] ? __x64_sys_futex+0x358/0x4d0 [ 268.189716][ T8727] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 268.189736][ T8727] ? xfd_validate_state+0x129/0x190 [ 268.189757][ T8727] __x64_sys_mmap+0x125/0x190 [ 268.189778][ T8727] do_syscall_64+0x115/0x840 [ 268.189792][ T8727] ? clear_bhb_loop+0x40/0x90 [ 268.189814][ T8727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.189830][ T8727] RIP: 0033:0x7f4f6519ce59 [ 268.189845][ T8727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 268.189859][ T8727] RSP: 002b:00007f4f66047028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 268.189874][ T8727] RAX: ffffffffffffffda RBX: 00007f4f65416090 RCX: 00007f4f6519ce59 [ 268.189884][ T8727] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 268.189893][ T8727] RBP: 00007f4f65232e6f R08: 0000000000000002 R09: 0000000000008000 [ 268.189903][ T8727] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 268.189912][ T8727] R13: 00007f4f65416128 R14: 00007f4f65416090 R15: 00007ffcc6d0ddc8 [ 268.189936][ T8727] [ 268.828090][ T8742] random: crng reseeded on system resumption [ 269.866240][ T8754] netlink: 12 bytes leftover after parsing attributes in process `syz.2.579'. [ 274.047265][ T8806] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 274.132562][ T8806] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 274.210946][ T8806] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 274.762995][ T7066] Bluetooth: hci1: command 0x0c1a tx timeout [ 276.109328][ T8867] FAULT_INJECTION: forcing a failure. [ 276.109328][ T8867] name failslab, interval 1, probability 0, space 0, times 0 [ 276.203010][ T7066] Bluetooth: hci2: command 0x0c1a tx timeout [ 276.284095][ T7066] Bluetooth: hci3: command 0x0c1a tx timeout [ 276.304047][ T8867] CPU: 0 UID: 0 PID: 8867 Comm: syz.3.599 Tainted: G L syzkaller #0 PREEMPT(full) [ 276.304075][ T8867] Tainted: [L]=SOFTLOCKUP [ 276.304081][ T8867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 276.304090][ T8867] Call Trace: [ 276.304095][ T8867] [ 276.304101][ T8867] dump_stack_lvl+0x100/0x190 [ 276.304125][ T8867] should_fail_ex.cold+0x5/0xa [ 276.304157][ T8867] should_failslab+0xc2/0x120 [ 276.304182][ T8867] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 276.304202][ T8867] ? _raw_spin_unlock+0x28/0x50 [ 276.304223][ T8867] ? alloc_inode+0x183/0x250 [ 276.304324][ T8867] alloc_inode+0x183/0x250 [ 276.304348][ T8867] new_inode+0x22/0x1c0 [ 276.304369][ T8867] ? dput.part.0+0x4f/0x240 [ 276.304389][ T8867] simple_fill_super+0x2d9/0x680 [ 276.304409][ T8867] ? __pfx_nfsd_fill_super+0x10/0x10 [ 276.304431][ T8867] nfsd_fill_super+0x98/0x560 [ 276.304461][ T8867] ? __pfx_nfsd_fill_super+0x10/0x10 [ 276.304486][ T8867] get_tree_keyed+0x10e/0x1d0 [ 276.304512][ T8867] vfs_get_tree+0x92/0x320 [ 276.304535][ T8867] path_mount+0x7d0/0x23d0 [ 276.304565][ T8867] ? __pfx_path_mount+0x10/0x10 [ 276.304584][ T8867] ? lockdep_hardirqs_on+0x78/0x100 [ 276.304623][ T8867] ? putname+0xb1/0x110 [ 276.304638][ T8867] ? kmem_cache_free+0x127/0x6b0 [ 276.304661][ T8867] ? __x64_sys_mount+0x293/0x310 [ 276.304683][ T8867] __x64_sys_mount+0x293/0x310 [ 276.304704][ T8867] ? __pfx___x64_sys_mount+0x10/0x10 [ 276.304729][ T8867] do_syscall_64+0x115/0x840 [ 276.304742][ T8867] ? clear_bhb_loop+0x40/0x90 [ 276.304761][ T8867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.304786][ T8867] RIP: 0033:0x7f79f3d9ce59 [ 276.304803][ T8867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 276.304817][ T8867] RSP: 002b:00007f79f4c80028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 276.304833][ T8867] RAX: ffffffffffffffda RBX: 00007f79f4015fa0 RCX: 00007f79f3d9ce59 [ 276.304844][ T8867] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 276.304853][ T8867] RBP: 00007f79f3e32e6f R08: 0000000000000000 R09: 0000000000000000 [ 276.304862][ T8867] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 276.304873][ T8867] R13: 00007f79f4016038 R14: 00007f79f4015fa0 R15: 00007fff4bb326a8 [ 276.304894][ T8867] [ 277.400704][ T8892] FAULT_INJECTION: forcing a failure. [ 277.400704][ T8892] name failslab, interval 1, probability 0, space 0, times 0 [ 277.455796][ T8849] zram: Removed device: zram0 [ 277.490564][ T8886] FAULT_INJECTION: forcing a failure. [ 277.490564][ T8886] name failslab, interval 1, probability 0, space 0, times 0 [ 277.570567][ T8892] CPU: 0 UID: 0 PID: 8892 Comm: syz.1.602 Tainted: G L syzkaller #0 PREEMPT(full) [ 277.570592][ T8892] Tainted: [L]=SOFTLOCKUP [ 277.570597][ T8892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 277.570615][ T8892] Call Trace: [ 277.570620][ T8892] [ 277.570626][ T8892] dump_stack_lvl+0x100/0x190 [ 277.570649][ T8892] should_fail_ex.cold+0x5/0xa [ 277.570669][ T8892] should_failslab+0xc2/0x120 [ 277.570691][ T8892] kmem_cache_alloc_noprof+0x91/0x6a0 [ 277.570710][ T8892] ? do_getname+0x35/0x390 [ 277.570732][ T8892] do_getname+0x35/0x390 [ 277.570752][ T8892] user_path_at+0x26/0x60 [ 277.570775][ T8892] __x64_sys_mount+0x1fb/0x310 [ 277.570794][ T8892] ? __pfx___x64_sys_mount+0x10/0x10 [ 277.570816][ T8892] do_syscall_64+0x115/0x840 [ 277.570830][ T8892] ? clear_bhb_loop+0x40/0x90 [ 277.570853][ T8892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.570868][ T8892] RIP: 0033:0x7f72f1b9ce59 [ 277.570881][ T8892] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 277.570895][ T8892] RSP: 002b:00007f72efdd5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 277.570909][ T8892] RAX: ffffffffffffffda RBX: 00007f72f1e16270 RCX: 00007f72f1b9ce59 [ 277.570919][ T8892] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 277.570927][ T8892] RBP: 00007f72efdd5090 R08: 0000000000000000 R09: 0000000000000000 [ 277.570936][ T8892] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 277.570944][ T8892] R13: 00007f72f1e16308 R14: 00007f72f1e16270 R15: 00007ffe5d363898 [ 277.570963][ T8892] [ 277.988016][ T8886] CPU: 0 UID: 0 PID: 8886 Comm: syz.1.602 Tainted: G L syzkaller #0 PREEMPT(full) [ 277.988048][ T8886] Tainted: [L]=SOFTLOCKUP [ 277.988053][ T8886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 277.988062][ T8886] Call Trace: [ 277.988067][ T8886] [ 277.988072][ T8886] dump_stack_lvl+0x100/0x190 [ 277.988096][ T8886] should_fail_ex.cold+0x5/0xa [ 277.988117][ T8886] should_failslab+0xc2/0x120 [ 277.988142][ T8886] __kmalloc_noprof+0xfc/0x820 [ 277.988159][ T8886] ? lockdep_init_map_type+0x5c/0x250 [ 277.988175][ T8886] ? __list_lru_init+0xd9/0x4b0 [ 277.988194][ T8886] __list_lru_init+0xd9/0x4b0 [ 277.988211][ T8886] sget_fc+0xabf/0x1d80 [ 277.988235][ T8886] ? __pfx_test_keyed_super+0x10/0x10 [ 277.988257][ T8886] ? __pfx_set_anon_super_fc+0x10/0x10 [ 277.988277][ T8886] ? __pfx_sget_fc+0x10/0x10 [ 277.988302][ T8886] ? kasan_save_track+0x14/0x30 [ 277.988320][ T8886] ? __kasan_kmalloc+0xaa/0xb0 [ 277.988339][ T8886] ? rcu_is_watching+0x12/0xc0 [ 277.988358][ T8886] ? apparmor_capable+0x1d7/0x4d0 [ 277.988376][ T8886] ? __pfx_nfsd_fill_super+0x10/0x10 [ 277.988398][ T8886] get_tree_keyed+0x59/0x1d0 [ 277.988422][ T8886] vfs_get_tree+0x92/0x320 [ 277.988442][ T8886] path_mount+0x7d0/0x23d0 [ 277.988463][ T8886] ? __pfx_path_mount+0x10/0x10 [ 277.988479][ T8886] ? lockdep_hardirqs_on+0x78/0x100 [ 277.988505][ T8886] ? putname+0xb1/0x110 [ 277.988520][ T8886] ? kmem_cache_free+0x127/0x6b0 [ 277.988545][ T8886] ? __x64_sys_mount+0x293/0x310 [ 277.988561][ T8886] __x64_sys_mount+0x293/0x310 [ 277.988579][ T8886] ? __pfx___x64_sys_mount+0x10/0x10 [ 277.988602][ T8886] do_syscall_64+0x115/0x840 [ 277.988615][ T8886] ? clear_bhb_loop+0x40/0x90 [ 277.988634][ T8886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.988649][ T8886] RIP: 0033:0x7f72f1b9ce59 [ 277.988663][ T8886] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 277.988676][ T8886] RSP: 002b:00007f72f2993028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 277.988691][ T8886] RAX: ffffffffffffffda RBX: 00007f72f1e15fa0 RCX: 00007f72f1b9ce59 [ 277.988700][ T8886] RDX: 0000200000000180 RSI: 00002000000000c0 RDI: 0000000000000000 [ 277.988709][ T8886] RBP: 00007f72f1c32e6f R08: 0000000000000000 R09: 0000000000000000 [ 277.988718][ T8886] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 277.988726][ T8886] R13: 00007f72f1e16038 R14: 00007f72f1e15fa0 R15: 00007ffe5d363898 [ 277.988745][ T8886] [ 279.259468][ T8877] can: request_module (can-proto-3) failed. [ 279.976671][ T8934] vivid-011: ================= START STATUS ================= [ 280.034597][ T8934] vivid-011: Radio HW Seek Mode: Bounded [ 280.071133][ T8934] vivid-011: Radio Programmable HW Seek: false [ 280.110542][ T8934] vivid-011: RDS Rx I/O Mode: Block I/O [ 280.144169][ T8934] vivid-011: Generate RBDS Instead of RDS: false [ 280.178665][ T8934] vivid-011: RDS Reception: true [ 280.211319][ T8934] vivid-011: RDS Program Type: 0 inactive [ 280.271050][ T8934] vivid-011: RDS PS Name: inactive [ 280.314687][ T8934] vivid-011: RDS Radio Text: inactive [ 280.353239][ T8934] vivid-011: RDS Traffic Announcement: false inactive [ 280.420847][ T8934] vivid-011: RDS Traffic Program: false inactive [ 280.493609][ T8934] vivid-011: RDS Music: false inactive [ 280.552753][ T8934] vivid-011: ================== END STATUS ================== [ 281.388280][ T8947] FAULT_INJECTION: forcing a failure. [ 281.388280][ T8947] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 281.454645][ T8947] CPU: 0 UID: 0 PID: 8947 Comm: syz.3.611 Tainted: G L syzkaller #0 PREEMPT(full) [ 281.454671][ T8947] Tainted: [L]=SOFTLOCKUP [ 281.454676][ T8947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 281.454685][ T8947] Call Trace: [ 281.454690][ T8947] [ 281.454695][ T8947] dump_stack_lvl+0x100/0x190 [ 281.454720][ T8947] should_fail_ex.cold+0x5/0xa [ 281.454740][ T8947] _copy_to_user+0x32/0xd0 [ 281.454764][ T8947] simple_read_from_buffer+0xcb/0x170 [ 281.454790][ T8947] proc_fail_nth_read+0x1af/0x230 [ 281.454814][ T8947] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 281.454835][ T8947] ? rw_verify_area+0xce/0x6d0 [ 281.454856][ T8947] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 281.454876][ T8947] vfs_read+0x1e4/0xb40 [ 281.454892][ T8947] ? __pfx_vfs_read+0x10/0x10 [ 281.454905][ T8947] ? __fget_files+0x215/0x3d0 [ 281.454923][ T8947] ? __fget_files+0x21f/0x3d0 [ 281.454942][ T8947] ksys_read+0x12a/0x250 [ 281.454955][ T8947] ? __pfx_ksys_read+0x10/0x10 [ 281.454974][ T8947] do_syscall_64+0x115/0x840 [ 281.454987][ T8947] ? clear_bhb_loop+0x40/0x90 [ 281.455005][ T8947] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.455020][ T8947] RIP: 0033:0x7f79f3d5d68e [ 281.455033][ T8947] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 281.455047][ T8947] RSP: 002b:00007f79f4c7ffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 281.455062][ T8947] RAX: ffffffffffffffda RBX: 00007f79f4c806c0 RCX: 00007f79f3d5d68e [ 281.455072][ T8947] RDX: 000000000000000f RSI: 00007f79f4c800a0 RDI: 0000000000000004 [ 281.455081][ T8947] RBP: 00007f79f4c80090 R08: 0000000000000000 R09: 0000000000000000 [ 281.455090][ T8947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 281.455099][ T8947] R13: 00007f79f4016038 R14: 00007f79f4015fa0 R15: 00007fff4bb326a8 [ 281.455118][ T8947] [ 282.157738][ T8955] FAULT_INJECTION: forcing a failure. [ 282.157738][ T8955] name failslab, interval 1, probability 0, space 0, times 0 [ 282.328234][ T8962] FAULT_INJECTION: forcing a failure. [ 282.328234][ T8962] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 282.434706][ T8955] CPU: 0 UID: 0 PID: 8955 Comm: syz.3.613 Tainted: G L syzkaller #0 PREEMPT(full) [ 282.434733][ T8955] Tainted: [L]=SOFTLOCKUP [ 282.434738][ T8955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 282.434747][ T8955] Call Trace: [ 282.434833][ T8955] [ 282.434840][ T8955] dump_stack_lvl+0x100/0x190 [ 282.434865][ T8955] should_fail_ex.cold+0x5/0xa [ 282.434886][ T8955] should_failslab+0xc2/0x120 [ 282.434908][ T8955] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 282.434929][ T8955] ? __d_alloc+0x35/0xa50 [ 282.434950][ T8955] __d_alloc+0x35/0xa50 [ 282.434974][ T8955] d_alloc+0x4a/0x1e0 [ 282.434991][ T8955] lookup_one_qstr_excl+0x171/0x250 [ 282.435011][ T8955] ? mnt_want_write+0x161/0x410 [ 282.435035][ T8955] filename_create+0x1cf/0x400 [ 282.435058][ T8955] ? __pfx_filename_create+0x10/0x10 [ 282.435087][ T8955] filename_linkat+0x18c/0x640 [ 282.435108][ T8955] ? __pfx_filename_linkat+0x10/0x10 [ 282.435132][ T8955] ? do_getname+0x191/0x390 [ 282.435157][ T8955] __x64_sys_linkat+0xf6/0x150 [ 282.435177][ T8955] do_syscall_64+0x115/0x840 [ 282.435192][ T8955] ? clear_bhb_loop+0x40/0x90 [ 282.435211][ T8955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.435231][ T8955] RIP: 0033:0x7f79f3d9ce59 [ 282.435246][ T8955] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 282.435261][ T8955] RSP: 002b:00007f79f4c80028 EFLAGS: 00000246 ORIG_RAX: 0000000000000109 [ 282.435277][ T8955] RAX: ffffffffffffffda RBX: 00007f79f4015fa0 RCX: 00007f79f3d9ce59 [ 282.435287][ T8955] RDX: ffffffffffffff9c RSI: 0000000000000000 RDI: 0000000000000007 [ 282.435297][ T8955] RBP: 00007f79f3e32e6f R08: 0000000000001000 R09: 0000000000000000 [ 282.435307][ T8955] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000 [ 282.435316][ T8955] R13: 00007f79f4016038 R14: 00007f79f4015fa0 R15: 00007fff4bb326a8 [ 282.435340][ T8955] [ 282.882707][ T8962] CPU: 0 UID: 0 PID: 8962 Comm: syz.3.613 Tainted: G L syzkaller #0 PREEMPT(full) [ 282.882734][ T8962] Tainted: [L]=SOFTLOCKUP [ 282.882740][ T8962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 282.882749][ T8962] Call Trace: [ 282.882809][ T8962] [ 282.882819][ T8962] dump_stack_lvl+0x100/0x190 [ 282.882844][ T8962] should_fail_ex.cold+0x5/0xa [ 282.882866][ T8962] strncpy_from_user+0x3b/0x2d0 [ 282.882889][ T8962] do_getname+0x78/0x390 [ 282.882911][ T8962] user_path_at+0x26/0x60 [ 282.882940][ T8962] __x64_sys_mount+0x1fb/0x310 [ 282.882960][ T8962] ? __pfx___x64_sys_mount+0x10/0x10 [ 282.882982][ T8962] do_syscall_64+0x115/0x840 [ 282.882996][ T8962] ? clear_bhb_loop+0x40/0x90 [ 282.883015][ T8962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.883031][ T8962] RIP: 0033:0x7f79f3d9ce59 [ 282.883045][ T8962] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 282.883060][ T8962] RSP: 002b:00007f79f4c3e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 282.883075][ T8962] RAX: ffffffffffffffda RBX: 00007f79f4016180 RCX: 00007f79f3d9ce59 [ 282.883085][ T8962] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 282.883095][ T8962] RBP: 00007f79f4c3e090 R08: 0000000000000000 R09: 0000000000000000 [ 282.883106][ T8962] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 282.883116][ T8962] R13: 00007f79f4016218 R14: 00007f79f4016180 R15: 00007fff4bb326a8 [ 282.883136][ T8962] [ 284.200016][ T8984] FAULT_INJECTION: forcing a failure. [ 284.200016][ T8984] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 284.317659][ T8984] CPU: 0 UID: 0 PID: 8984 Comm: syz.2.619 Tainted: G L syzkaller #0 PREEMPT(full) [ 284.317695][ T8984] Tainted: [L]=SOFTLOCKUP [ 284.317701][ T8984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 284.317714][ T8984] Call Trace: [ 284.317723][ T8984] [ 284.317733][ T8984] dump_stack_lvl+0x100/0x190 [ 284.317784][ T8984] should_fail_ex.cold+0x5/0xa [ 284.317818][ T8984] ? prepare_alloc_pages+0x16d/0x5f0 [ 284.317848][ T8984] should_fail_alloc_page+0xeb/0x140 [ 284.317875][ T8984] prepare_alloc_pages+0x1f0/0x5f0 [ 284.317915][ T8984] __alloc_frozen_pages_noprof+0x1af/0x2dc0 [ 284.317940][ T8984] ? rcu_is_watching+0x12/0xc0 [ 284.317960][ T8984] ? trace_mm_page_alloc+0x164/0x1c0 [ 284.317987][ T8984] ? __alloc_frozen_pages_noprof+0x2d1/0x2dc0 [ 284.318009][ T8984] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 284.318028][ T8984] ? is_bpf_text_address+0x8a/0x1a0 [ 284.318051][ T8984] ? bpf_ksym_find+0x124/0x1c0 [ 284.318068][ T8984] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 284.318091][ T8984] ? is_bpf_text_address+0x94/0x1a0 [ 284.318115][ T8984] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 284.318133][ T8984] ? __kernel_text_address+0xd/0x30 [ 284.318169][ T8984] alloc_pages_bulk_noprof+0x5de/0x13c0 [ 284.318192][ T8984] ? policy_nodemask+0xed/0x4f0 [ 284.318215][ T8984] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 284.318317][ T8984] ? kvm_arch_vcpu_create+0x670/0xab0 [ 284.318360][ T8984] __kasan_populate_vmalloc+0xf0/0x210 [ 284.318386][ T8984] alloc_vmap_area+0x95d/0x2bb0 [ 284.318413][ T8984] ? kasan_save_track+0x14/0x30 [ 284.318432][ T8984] ? __kasan_kmalloc+0xaa/0xb0 [ 284.318449][ T8984] ? __pfx_alloc_vmap_area+0x10/0x10 [ 284.318469][ T8984] ? __mod_memcg_lruvec_state+0x18c/0x5b0 [ 284.318487][ T8984] ? __get_vm_area_node+0x101/0x330 [ 284.318517][ T8984] __get_vm_area_node+0x1ca/0x330 [ 284.318541][ T8984] __vmalloc_node_range_noprof+0x228/0x1630 [ 284.318566][ T8984] ? __vcalloc_noprof+0x4d/0x80 [ 284.318592][ T8984] ? __vcalloc_noprof+0x4d/0x80 [ 284.318620][ T8984] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 284.318646][ T8984] ? lock_acquire+0x1b9/0x370 [ 284.318703][ T8984] ? __vcalloc_noprof+0x4d/0x80 [ 284.318721][ T8984] __vmalloc_node_noprof+0xad/0xf0 [ 284.318744][ T8984] ? __vcalloc_noprof+0x4d/0x80 [ 284.318764][ T8984] __vmalloc_noprof+0xa3/0x120 [ 284.318786][ T8984] ? __pfx___vmalloc_noprof+0x10/0x10 [ 284.318810][ T8984] ? __pfx___mutex_lock+0x10/0x10 [ 284.318829][ T8984] __vcalloc_noprof+0x4d/0x80 [ 284.318847][ T8984] kvm_arch_prepare_memory_region+0x35c/0x8d0 [ 284.318873][ T8984] kvm_set_memslot+0x139/0x1740 [ 284.318890][ T8984] ? kvm_set_memory_region+0xbea/0x1570 [ 284.318910][ T8984] kvm_set_memory_region+0xe1c/0x1570 [ 284.318935][ T8984] kvm_set_internal_memslot+0x9f/0xf0 [ 284.318955][ T8984] __x86_set_memory_region+0x2f6/0x730 [ 284.318975][ T8984] ? __pfx___x86_set_memory_region+0x10/0x10 [ 284.319002][ T8984] ? __asan_memset+0x23/0x50 [ 284.319017][ T8984] ? alloc_loaded_vmcs+0x1b8/0x2e0 [ 284.319038][ T8984] kvm_alloc_apic_access_page+0x9e/0x110 [ 284.319069][ T8984] vmx_vcpu_create+0x79b/0xb90 [ 284.319106][ T8984] ? intel_pmu_init+0x3ac/0x560 [ 284.319354][ T8984] ? __pfx_vmx_vcpu_create+0x10/0x10 [ 284.319379][ T8984] ? rcu_is_watching+0x12/0xc0 [ 284.319398][ T8984] ? _raw_spin_unlock_irq+0x23/0x50 [ 284.319548][ T8984] ? lockdep_hardirqs_on+0x78/0x100 [ 284.319583][ T8984] kvm_arch_vcpu_create+0x670/0xab0 [ 284.319610][ T8984] kvm_vm_ioctl+0x756/0x4030 [ 284.319650][ T8984] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 284.319693][ T8984] ? kasan_quarantine_put+0x104/0x240 [ 284.319711][ T8984] ? lockdep_hardirqs_on+0x78/0x100 [ 284.319816][ T8984] ? find_held_lock+0x2b/0x80 [ 284.319843][ T8984] ? tomoyo_path_number_perm+0x28f/0x580 [ 284.319895][ T8984] ? tomoyo_path_number_perm+0x28f/0x580 [ 284.319942][ T8984] ? tomoyo_path_number_perm+0x188/0x580 [ 284.319962][ T8984] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 284.319982][ T8984] ? __pfx_futex_wait+0x10/0x10 [ 284.320007][ T8984] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 284.320030][ T8984] ? do_vfs_ioctl+0x226/0x13e0 [ 284.320051][ T8984] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 284.320081][ T8984] ? find_held_lock+0x2b/0x80 [ 284.320099][ T8984] ? __fget_files+0x215/0x3d0 [ 284.320116][ T8984] ? hook_file_ioctl_common+0x140/0x440 [ 284.320144][ T8984] ? __fget_files+0x21f/0x3d0 [ 284.320161][ T8984] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 284.320186][ T8984] __x64_sys_ioctl+0x18e/0x210 [ 284.320210][ T8984] do_syscall_64+0x115/0x840 [ 284.320224][ T8984] ? clear_bhb_loop+0x40/0x90 [ 284.320243][ T8984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.320259][ T8984] RIP: 0033:0x7f18e379ce59 [ 284.320276][ T8984] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 284.320291][ T8984] RSP: 002b:00007f18e471c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 284.320307][ T8984] RAX: ffffffffffffffda RBX: 00007f18e3a15fa0 RCX: 00007f18e379ce59 [ 284.320317][ T8984] RDX: 0000000000000004 RSI: 000000000000ae41 RDI: 0000000000000003 [ 284.320326][ T8984] RBP: 00007f18e3832e6f R08: 0000000000000000 R09: 0000000000000000 [ 284.320336][ T8984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 284.320345][ T8984] R13: 00007f18e3a16038 R14: 00007f18e3a15fa0 R15: 00007ffc4299b7b8 [ 284.320366][ T8984] [ 284.946453][ T8984] syz.2.619: vmalloc error: size 4, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 284.962691][ T8984] CPU: 0 UID: 0 PID: 8984 Comm: syz.2.619 Tainted: G L syzkaller #0 PREEMPT(full) [ 284.962719][ T8984] Tainted: [L]=SOFTLOCKUP [ 284.962724][ T8984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 284.962734][ T8984] Call Trace: [ 284.962742][ T8984] [ 284.962749][ T8984] dump_stack_lvl+0x100/0x190 [ 284.962775][ T8984] warn_alloc.cold+0x94/0xa8 [ 284.962792][ T8984] ? __pfx_warn_alloc+0x10/0x10 [ 284.962810][ T8984] ? lockdep_hardirqs_on+0x78/0x100 [ 284.962835][ T8984] ? __get_vm_area_node+0x2cd/0x330 [ 284.962862][ T8984] ? __get_vm_area_node+0x208/0x330 [ 284.962886][ T8984] __vmalloc_node_range_noprof+0xccd/0x1630 [ 284.962915][ T8984] ? __vcalloc_noprof+0x4d/0x80 [ 284.962939][ T8984] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 284.962965][ T8984] ? lock_acquire+0x1b9/0x370 [ 284.962983][ T8984] ? __vcalloc_noprof+0x4d/0x80 [ 284.963000][ T8984] __vmalloc_node_noprof+0xad/0xf0 [ 284.963026][ T8984] ? __vcalloc_noprof+0x4d/0x80 [ 284.963046][ T8984] __vmalloc_noprof+0xa3/0x120 [ 284.963068][ T8984] ? __pfx___vmalloc_noprof+0x10/0x10 [ 284.963091][ T8984] ? __pfx___mutex_lock+0x10/0x10 [ 284.963109][ T8984] __vcalloc_noprof+0x4d/0x80 [ 284.963127][ T8984] kvm_arch_prepare_memory_region+0x35c/0x8d0 [ 284.963154][ T8984] kvm_set_memslot+0x139/0x1740 [ 284.963170][ T8984] ? kvm_set_memory_region+0xbea/0x1570 [ 284.963190][ T8984] kvm_set_memory_region+0xe1c/0x1570 [ 284.963214][ T8984] kvm_set_internal_memslot+0x9f/0xf0 [ 284.963234][ T8984] __x86_set_memory_region+0x2f6/0x730 [ 284.963254][ T8984] ? __pfx___x86_set_memory_region+0x10/0x10 [ 284.963281][ T8984] ? __asan_memset+0x23/0x50 [ 284.963297][ T8984] ? alloc_loaded_vmcs+0x1b8/0x2e0 [ 284.963317][ T8984] kvm_alloc_apic_access_page+0x9e/0x110 [ 284.963342][ T8984] vmx_vcpu_create+0x79b/0xb90 [ 284.963363][ T8984] ? intel_pmu_init+0x3ac/0x560 [ 284.963379][ T8984] ? __pfx_vmx_vcpu_create+0x10/0x10 [ 284.963400][ T8984] ? rcu_is_watching+0x12/0xc0 [ 284.963418][ T8984] ? _raw_spin_unlock_irq+0x23/0x50 [ 284.963437][ T8984] ? lockdep_hardirqs_on+0x78/0x100 [ 284.963463][ T8984] kvm_arch_vcpu_create+0x670/0xab0 [ 284.963488][ T8984] kvm_vm_ioctl+0x756/0x4030 [ 284.963580][ T8984] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 284.963619][ T8984] ? kasan_quarantine_put+0x104/0x240 [ 284.963638][ T8984] ? lockdep_hardirqs_on+0x78/0x100 [ 284.963662][ T8984] ? find_held_lock+0x2b/0x80 [ 284.963680][ T8984] ? tomoyo_path_number_perm+0x28f/0x580 [ 284.963699][ T8984] ? tomoyo_path_number_perm+0x28f/0x580 [ 284.963720][ T8984] ? tomoyo_path_number_perm+0x188/0x580 [ 284.963739][ T8984] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 284.963758][ T8984] ? __pfx_futex_wait+0x10/0x10 [ 284.963782][ T8984] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 284.963805][ T8984] ? do_vfs_ioctl+0x226/0x13e0 [ 284.963826][ T8984] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 284.963852][ T8984] ? find_held_lock+0x2b/0x80 [ 284.963870][ T8984] ? __fget_files+0x215/0x3d0 [ 284.963882][ T8984] ? hook_file_ioctl_common+0x140/0x440 [ 284.963905][ T8984] ? __fget_files+0x21f/0x3d0 [ 284.963921][ T8984] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 284.963944][ T8984] __x64_sys_ioctl+0x18e/0x210 [ 284.963966][ T8984] do_syscall_64+0x115/0x840 [ 284.963979][ T8984] ? clear_bhb_loop+0x40/0x90 [ 284.963997][ T8984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.964013][ T8984] RIP: 0033:0x7f18e379ce59 [ 284.964032][ T8984] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 284.964046][ T8984] RSP: 002b:00007f18e471c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 284.964062][ T8984] RAX: ffffffffffffffda RBX: 00007f18e3a15fa0 RCX: 00007f18e379ce59 [ 284.964073][ T8984] RDX: 0000000000000004 RSI: 000000000000ae41 RDI: 0000000000000003 [ 284.964082][ T8984] RBP: 00007f18e3832e6f R08: 0000000000000000 R09: 0000000000000000 [ 284.964091][ T8984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 284.964100][ T8984] R13: 00007f18e3a16038 R14: 00007f18e3a15fa0 R15: 00007ffc4299b7b8 [ 284.964121][ T8984] [ 284.964141][ T8984] Mem-Info: [ 285.392964][ T8984] active_anon:9046 inactive_anon:6 isolated_anon:0 [ 285.392964][ T8984] active_file:86 inactive_file:58971 isolated_file:0 [ 285.392964][ T8984] unevictable:768 dirty:811 writeback:0 [ 285.392964][ T8984] slab_reclaimable:10957 slab_unreclaimable:91624 [ 285.392964][ T8984] mapped:25346 shmem:1291 pagetables:1133 [ 285.392964][ T8984] sec_pagetables:0 bounce:0 [ 285.392964][ T8984] kernel_misc_reclaimable:0 [ 285.392964][ T8984] free:1312769 free_pcp:20459 free_cma:0 [ 285.439843][ T8984] Node 0 active_anon:36184kB inactive_anon:24kB active_file:344kB inactive_file:235612kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101316kB dirty:3232kB writeback:0kB shmem:3628kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11104kB pagetables:4404kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 285.475872][ T8984] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:272kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:68kB dirty:12kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 285.532755][ T8984] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 285.585549][ T8984] lowmem_reserve[]: 0 2476 2477 2477 2477 [ 285.603936][ T8984] Node 0 DMA32 free:1303288kB boost:0kB min:34052kB low:42564kB high:51076kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36184kB inactive_anon:24kB active_file:344kB inactive_file:235612kB unevictable:1536kB writepending:3284kB zspages:0kB present:3129332kB managed:2535508kB mlocked:0kB bounce:0kB free_pcp:81340kB local_pcp:81340kB free_cma:0kB [ 285.717102][ T8984] lowmem_reserve[]: 0 0 1 1 1 [ 285.748574][ T8984] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1028kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 285.905559][ T8984] lowmem_reserve[]: 0 0 0 0 0 [ 285.929507][ T8984] Node 1 Normal free:3932472kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:272kB unevictable:1536kB writepending:12kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:400kB local_pcp:400kB free_cma:0kB [ 286.072199][ T8984] lowmem_reserve[]: 0 0 0 0 0 [ 286.100863][ T8984] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 286.156519][ T8984] Node 0 DMA32: 10247*4kB (UME) 1918*8kB (UM) 500*16kB (UME) 600*32kB (UM) 257*64kB (UME) 120*128kB (UME) 54*256kB (UM) 18*512kB (UM) 22*1024kB (UM) 5*2048kB (UM) 277*4096kB (UM) = 1305740kB [ 286.253045][ T8984] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 286.316924][ T8984] Node 1 Normal: 2*4kB (UM) 4*8kB (UM) 15*16kB (UM) 5*32kB (UM) 6*64kB (UM) 4*128kB (UM) 4*256kB (UM) 4*512kB (UM) 2*1024kB (M) 1*2048kB (M) 958*4096kB (UM) = 3932472kB [ 286.413386][ T8984] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 286.445061][ T8984] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 286.482770][ T8984] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 286.522540][ T8984] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 286.571537][ T8984] 60358 total pagecache pages [ 286.605011][ T8984] 0 pages in swap cache [ 286.618233][ T8984] Free swap = 124996kB [ 286.630440][ T8984] Total swap = 124996kB [ 286.641370][ T8984] 2097051 pages RAM [ 286.645322][ T8984] 0 pages HighMem/MovableOnly [ 286.651556][ T8984] 431302 pages reserved [ 286.667425][ T8984] 0 pages cma reserved [ 287.595879][ T9029] FAULT_INJECTION: forcing a failure. [ 287.595879][ T9029] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 287.633457][ T9029] CPU: 0 UID: 0 PID: 9029 Comm: syz.0.631 Tainted: G L syzkaller #0 PREEMPT(full) [ 287.633484][ T9029] Tainted: [L]=SOFTLOCKUP [ 287.633490][ T9029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 287.633499][ T9029] Call Trace: [ 287.633505][ T9029] [ 287.633511][ T9029] dump_stack_lvl+0x100/0x190 [ 287.633536][ T9029] should_fail_ex.cold+0x5/0xa [ 287.633560][ T9029] copy_folio_from_iter_atomic+0x5c8/0x2000 [ 287.633594][ T9029] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 287.633616][ T9029] ? shmem_write_begin+0x1ba/0x420 [ 287.633636][ T9029] ? __pfx_shmem_write_begin+0x10/0x10 [ 287.633654][ T9029] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 287.633677][ T9029] generic_perform_write+0x4cb/0xa40 [ 287.633705][ T9029] ? __pfx_generic_perform_write+0x10/0x10 [ 287.633735][ T9029] ? __mark_inode_dirty+0x55c/0x16e0 [ 287.633761][ T9029] ? mnt_put_write_access_file+0x4e/0x100 [ 287.633777][ T9029] ? file_update_time_flags+0x373/0x500 [ 287.633799][ T9029] shmem_file_write_iter+0x10e/0x140 [ 287.633822][ T9029] vfs_write+0x6ac/0x1050 [ 287.633837][ T9029] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 287.633859][ T9029] ? __pfx_vfs_write+0x10/0x10 [ 287.633888][ T9029] ksys_write+0x12a/0x250 [ 287.633902][ T9029] ? __pfx_ksys_write+0x10/0x10 [ 287.633921][ T9029] do_syscall_64+0x115/0x840 [ 287.633935][ T9029] ? clear_bhb_loop+0x40/0x90 [ 287.633954][ T9029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.633969][ T9029] RIP: 0033:0x7f4f6519ce59 [ 287.633983][ T9029] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 287.633998][ T9029] RSP: 002b:00007f4f66068028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 287.634013][ T9029] RAX: ffffffffffffffda RBX: 00007f4f65415fa0 RCX: 00007f4f6519ce59 [ 287.634024][ T9029] RDX: 00000000fffffdf1 RSI: 0000000000000000 RDI: 0000000000000006 [ 287.634034][ T9029] RBP: 00007f4f65232e6f R08: 0000000000000000 R09: 0000000000000000 [ 287.634043][ T9029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.634052][ T9029] R13: 00007f4f65416038 R14: 00007f4f65415fa0 R15: 00007ffcc6d0ddc8 [ 287.634073][ T9029] [ 288.738812][ T7066] Bluetooth: hci2: unexpected event for opcode 0x7c89 [ 289.291535][ T30] audit: type=1800 audit(1782641935.357:5): pid=9057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.637" name="lu_gp_id" dev="configfs" ino=24099 res=0 errno=0 [ 289.977537][ T9078] No such timeout policy "" [ 291.160105][ T9094] FAULT_INJECTION: forcing a failure. [ 291.160105][ T9094] name failslab, interval 1, probability 0, space 0, times 0 [ 291.203874][ T9102] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 291.288200][ T9094] CPU: 0 UID: 0 PID: 9094 Comm: syz.3.643 Tainted: G L syzkaller #0 PREEMPT(full) [ 291.288237][ T9094] Tainted: [L]=SOFTLOCKUP [ 291.288243][ T9094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 291.288253][ T9094] Call Trace: [ 291.288259][ T9094] [ 291.288265][ T9094] dump_stack_lvl+0x100/0x190 [ 291.288293][ T9094] should_fail_ex.cold+0x5/0xa [ 291.288316][ T9094] should_failslab+0xc2/0x120 [ 291.288338][ T9094] kmem_cache_alloc_noprof+0x91/0x6a0 [ 291.288357][ T9094] ? __pfx_map_id_range_down+0x10/0x10 [ 291.288379][ T9094] ? security_inode_alloc+0x3b/0x2c0 [ 291.288399][ T9094] security_inode_alloc+0x3b/0x2c0 [ 291.288416][ T9094] inode_init_always_gfp+0xc77/0xfb0 [ 291.288434][ T9094] alloc_inode+0x8e/0x250 [ 291.288453][ T9094] new_inode+0x22/0x1c0 [ 291.288471][ T9094] ? dput.part.0+0x4f/0x240 [ 291.288492][ T9094] simple_fill_super+0x2d9/0x680 [ 291.288512][ T9094] ? __pfx_nfsd_fill_super+0x10/0x10 [ 291.288533][ T9094] nfsd_fill_super+0x98/0x560 [ 291.288559][ T9094] ? __pfx_nfsd_fill_super+0x10/0x10 [ 291.288579][ T9094] get_tree_keyed+0x10e/0x1d0 [ 291.288604][ T9094] vfs_get_tree+0x92/0x320 [ 291.288624][ T9094] path_mount+0x7d0/0x23d0 [ 291.288646][ T9094] ? __pfx_path_mount+0x10/0x10 [ 291.288662][ T9094] ? lockdep_hardirqs_on+0x78/0x100 [ 291.288706][ T9094] ? putname+0xb1/0x110 [ 291.288721][ T9094] ? kmem_cache_free+0x127/0x6b0 [ 291.288744][ T9094] ? __x64_sys_mount+0x293/0x310 [ 291.288762][ T9094] __x64_sys_mount+0x293/0x310 [ 291.288781][ T9094] ? __pfx___x64_sys_mount+0x10/0x10 [ 291.288804][ T9094] do_syscall_64+0x115/0x840 [ 291.288817][ T9094] ? clear_bhb_loop+0x40/0x90 [ 291.288836][ T9094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.288851][ T9094] RIP: 0033:0x7f79f3d9ce59 [ 291.288865][ T9094] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 291.288879][ T9094] RSP: 002b:00007f79f4c80028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 291.288894][ T9094] RAX: ffffffffffffffda RBX: 00007f79f4015fa0 RCX: 00007f79f3d9ce59 [ 291.288904][ T9094] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 291.288913][ T9094] RBP: 00007f79f3e32e6f R08: 0000000000000000 R09: 0000000000000000 [ 291.288922][ T9094] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 291.288931][ T9094] R13: 00007f79f4016038 R14: 00007f79f4015fa0 R15: 00007fff4bb326a8 [ 291.288951][ T9094] [ 291.978336][ T9107] zswap: compressor not available [ 292.985133][ T9099] kexec: Could not allocate control_code_buffer [ 293.449635][ T9138] FAULT_INJECTION: forcing a failure. [ 293.449635][ T9138] name failslab, interval 1, probability 0, space 0, times 0 [ 293.610582][ T9138] CPU: 0 UID: 0 PID: 9138 Comm: syz.2.652 Tainted: G L syzkaller #0 PREEMPT(full) [ 293.610609][ T9138] Tainted: [L]=SOFTLOCKUP [ 293.610619][ T9138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 293.610628][ T9138] Call Trace: [ 293.610634][ T9138] [ 293.610640][ T9138] dump_stack_lvl+0x100/0x190 [ 293.610670][ T9138] should_fail_ex.cold+0x5/0xa [ 293.610692][ T9138] should_failslab+0xc2/0x120 [ 293.610715][ T9138] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 293.610733][ T9138] ? __lock_acquire+0x49f/0x1a40 [ 293.610748][ T9138] ? __d_alloc+0x35/0xa50 [ 293.610767][ T9138] __d_alloc+0x35/0xa50 [ 293.610782][ T9138] ? do_raw_spin_lock+0x128/0x260 [ 293.610800][ T9138] d_alloc+0x4a/0x1e0 [ 293.610817][ T9138] d_alloc_name+0x83/0xb0 [ 293.610833][ T9138] ? __pfx_d_alloc_name+0x10/0x10 [ 293.610856][ T9138] ? fast_dput+0x168/0x6d0 [ 293.610876][ T9138] ? dput.part.0+0x4f/0x240 [ 293.610897][ T9138] simple_fill_super+0x4c3/0x680 [ 293.610917][ T9138] ? __pfx_nfsd_fill_super+0x10/0x10 [ 293.610939][ T9138] nfsd_fill_super+0x98/0x560 [ 293.610961][ T9138] ? __pfx_nfsd_fill_super+0x10/0x10 [ 293.610982][ T9138] get_tree_keyed+0x10e/0x1d0 [ 293.611006][ T9138] vfs_get_tree+0x92/0x320 [ 293.611027][ T9138] path_mount+0x7d0/0x23d0 [ 293.611048][ T9138] ? __pfx_path_mount+0x10/0x10 [ 293.611067][ T9138] ? lockdep_hardirqs_on+0x78/0x100 [ 293.611097][ T9138] ? putname+0xb1/0x110 [ 293.611112][ T9138] ? kmem_cache_free+0x127/0x6b0 [ 293.611138][ T9138] ? __x64_sys_mount+0x293/0x310 [ 293.611154][ T9138] __x64_sys_mount+0x293/0x310 [ 293.611172][ T9138] ? __pfx___x64_sys_mount+0x10/0x10 [ 293.611195][ T9138] do_syscall_64+0x115/0x840 [ 293.611208][ T9138] ? clear_bhb_loop+0x40/0x90 [ 293.611226][ T9138] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.611242][ T9138] RIP: 0033:0x7f18e379ce59 [ 293.611256][ T9138] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 293.611271][ T9138] RSP: 002b:00007f18e471c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 293.611285][ T9138] RAX: ffffffffffffffda RBX: 00007f18e3a15fa0 RCX: 00007f18e379ce59 [ 293.611295][ T9138] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 293.611304][ T9138] RBP: 00007f18e3832e6f R08: 0000000000000000 R09: 0000000000000000 [ 293.611313][ T9138] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 293.611322][ T9138] R13: 00007f18e3a16038 R14: 00007f18e3a15fa0 R15: 00007ffc4299b7b8 [ 293.611343][ T9138] [ 294.683062][ T7066] Bluetooth: hci1: command 0x0c1a tx timeout [ 294.714812][ T9123] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 295.214147][ T9123] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 295.234331][ T9123] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 296.763682][ T7066] Bluetooth: hci2: command 0x0c1a tx timeout [ 296.781979][ T9193] netlink: 342 bytes leftover after parsing attributes in process `syz.0.661'. [ 297.041327][ T9196] FAULT_INJECTION: forcing a failure. [ 297.041327][ T9196] name failslab, interval 1, probability 0, space 0, times 0 [ 297.213994][ T9196] CPU: 0 UID: 0 PID: 9196 Comm: syz.3.662 Tainted: G L syzkaller #0 PREEMPT(full) [ 297.214025][ T9196] Tainted: [L]=SOFTLOCKUP [ 297.214031][ T9196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 297.214040][ T9196] Call Trace: [ 297.214046][ T9196] [ 297.214052][ T9196] dump_stack_lvl+0x100/0x190 [ 297.214076][ T9196] should_fail_ex.cold+0x5/0xa [ 297.214097][ T9196] should_failslab+0xc2/0x120 [ 297.214119][ T9196] __kmalloc_noprof+0xfc/0x820 [ 297.214142][ T9196] ? process_preds+0x4a2/0x1d90 [ 297.214207][ T9196] process_preds+0x4a2/0x1d90 [ 297.214236][ T9196] apply_subsystem_event_filter+0x4a0/0x17a0 [ 297.214266][ T9196] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 297.214292][ T9196] ? _copy_from_user+0x59/0xd0 [ 297.214315][ T9196] subsystem_filter_write+0x95/0x120 [ 297.214341][ T9196] vfs_write+0x2aa/0x1050 [ 297.214357][ T9196] ? __pfx_subsystem_filter_write+0x10/0x10 [ 297.214380][ T9196] ? __pfx_vfs_write+0x10/0x10 [ 297.214393][ T9196] ? __fget_files+0x215/0x3d0 [ 297.214411][ T9196] ? __fget_files+0x21f/0x3d0 [ 297.214431][ T9196] ksys_write+0x12a/0x250 [ 297.214445][ T9196] ? __pfx_ksys_write+0x10/0x10 [ 297.214464][ T9196] do_syscall_64+0x115/0x840 [ 297.214478][ T9196] ? clear_bhb_loop+0x40/0x90 [ 297.214496][ T9196] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.214511][ T9196] RIP: 0033:0x7f79f3d9ce59 [ 297.214525][ T9196] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 297.214540][ T9196] RSP: 002b:00007f79f4c80028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 297.214567][ T9196] RAX: ffffffffffffffda RBX: 00007f79f4015fa0 RCX: 00007f79f3d9ce59 [ 297.214578][ T9196] RDX: 000000000000004a RSI: 0000200000000040 RDI: 000000000000000a [ 297.214587][ T9196] RBP: 00007f79f3e32e6f R08: 0000000000000000 R09: 0000000000000000 [ 297.214597][ T9196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 297.214606][ T9196] R13: 00007f79f4016038 R14: 00007f79f4015fa0 R15: 00007fff4bb326a8 [ 297.214627][ T9196] [ 297.540630][ T7066] Bluetooth: hci3: command 0x0c1a tx timeout [ 297.854712][ T9173] Process accounting paused [ 297.971286][ T9213] vivid-011: ================= START STATUS ================= [ 298.034175][ T9213] vivid-011: Radio HW Seek Mode: Bounded [ 298.072141][ T9213] vivid-011: Radio Programmable HW Seek: false [ 298.117178][ T9213] vivid-011: RDS Rx I/O Mode: Block I/O [ 298.152730][ T9213] vivid-011: Generate RBDS Instead of RDS: false [ 298.187985][ T9213] vivid-011: RDS Reception: true [ 298.216307][ T9213] vivid-011: RDS Program Type: 0 inactive [ 298.272340][ T9213] vivid-011: RDS PS Name: inactive [ 298.358935][ T9213] vivid-011: RDS Radio Text: inactive [ 298.481649][ T9213] vivid-011: RDS Traffic Announcement: false inactive [ 298.566113][ T9213] vivid-011: RDS Traffic Program: false inactive [ 298.629431][ T9213] vivid-011: RDS Music: false inactive [ 298.745675][ T9213] vivid-011: ================== END STATUS ================== [ 301.187878][ T9274] vivid-011: ================= START STATUS ================= [ 301.234506][ T9274] vivid-011: Radio HW Seek Mode: Bounded [ 301.263394][ T9274] vivid-011: Radio Programmable HW Seek: false [ 301.307265][ T9274] vivid-011: RDS Rx I/O Mode: Block I/O [ 301.351809][ T9274] vivid-011: Generate RBDS Instead of RDS: false [ 301.392216][ T9274] vivid-011: RDS Reception: true [ 301.427906][ T9274] vivid-011: RDS Program Type: 0 inactive [ 301.505688][ T9274] vivid-011: RDS PS Name: inactive [ 301.548288][ T9274] vivid-011: RDS Radio Text: inactive [ 301.606044][ T9274] vivid-011: RDS Traffic Announcement: false inactive [ 301.735424][ T9274] vivid-011: RDS Traffic Program: false inactive [ 301.774645][ T9274] vivid-011: RDS Music: false inactive [ 301.798129][ T9274] vivid-011: ================== END STATUS ================== [ 302.502464][ T9308] FAULT_INJECTION: forcing a failure. [ 302.502464][ T9308] name fail_futex, interval 1, probability 0, space 0, times 0 [ 302.561473][ T9308] CPU: 0 UID: 0 PID: 9308 Comm: syz.2.680 Tainted: G L syzkaller #0 PREEMPT(full) [ 302.561500][ T9308] Tainted: [L]=SOFTLOCKUP [ 302.561506][ T9308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 302.561516][ T9308] Call Trace: [ 302.561522][ T9308] [ 302.561528][ T9308] dump_stack_lvl+0x100/0x190 [ 302.561557][ T9308] should_fail_ex.cold+0x5/0xa [ 302.561579][ T9308] get_futex_key+0x1d2/0x14f0 [ 302.561598][ T9308] ? __pfx_get_futex_key+0x10/0x10 [ 302.561612][ T9308] ? find_held_lock+0x2b/0x80 [ 302.561632][ T9308] ? futex_wake+0x4ea/0x5e0 [ 302.561665][ T9308] futex_wake+0xf4/0x5e0 [ 302.561688][ T9308] ? __pfx_futex_wake+0x10/0x10 [ 302.561708][ T9308] ? iput.part.0+0x981/0x1050 [ 302.561735][ T9308] do_futex+0x2b2/0x440 [ 302.561752][ T9308] ? __pfx_do_futex+0x10/0x10 [ 302.561769][ T9308] ? cap_task_prctl+0x104/0xa50 [ 302.561784][ T9308] ? __pfx_sched_core_share_pid+0x10/0x10 [ 302.561807][ T9308] __x64_sys_futex+0x34f/0x4d0 [ 302.561827][ T9308] ? __pfx___x64_sys_futex+0x10/0x10 [ 302.561844][ T9308] ? __pfx___do_sys_prctl+0x10/0x10 [ 302.561874][ T9308] do_syscall_64+0x115/0x840 [ 302.561888][ T9308] ? clear_bhb_loop+0x40/0x90 [ 302.561907][ T9308] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.561924][ T9308] RIP: 0033:0x7f18e379ce59 [ 302.561938][ T9308] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 302.561954][ T9308] RSP: 002b:00007f18e471c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 302.561970][ T9308] RAX: ffffffffffffffda RBX: 00007f18e3a15fa8 RCX: 00007f18e379ce59 [ 302.561979][ T9308] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f18e3a15fac [ 302.561989][ T9308] RBP: 00007f18e3a15fa0 R08: 0000000000000001 R09: 0000000000000000 [ 302.561998][ T9308] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 302.562007][ T9308] R13: 00007f18e3a16038 R14: 00007ffc4299b6d0 R15: 00007ffc4299b7b8 [ 302.562026][ T9308] [ 303.326986][ T9280] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 303.349076][ T9280] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 303.369392][ T9280] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 303.564934][ T7066] Bluetooth: hci1: command 0x0c1a tx timeout [ 303.955099][ T30] audit: type=1800 audit(1782641950.047:6): pid=9334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.686" name="members" dev="configfs" ino=25696 res=0 errno=0 [ 304.187096][ T9339] ubi31: attaching mtd0 [ 304.301366][ T9339] ubi31 error: validate_ec_hdr: bad VID header offset 64, expected 514 [ 304.301398][ T9339] ubi31 error: validate_ec_hdr: bad EC header [ 304.301413][ T9339] Erase counter header dump: [ 304.301418][ T9339] magic 0x55424923 [ 304.301425][ T9339] version 1 [ 304.301431][ T9339] ec 1 [ 304.301437][ T9339] vid_hdr_offset 64 [ 304.301443][ T9339] data_offset 128 [ 304.301449][ T9339] image_seq 909792669 [ 304.301456][ T9339] hdr_crc 0x9eaeb198 [ 304.301462][ T9339] erase counter header hexdump: [ 304.301522][ T9339] CPU: 0 UID: 0 PID: 9339 Comm: syz.0.683 Tainted: G L syzkaller #0 PREEMPT(full) [ 304.301543][ T9339] Tainted: [L]=SOFTLOCKUP [ 304.301549][ T9339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 304.301558][ T9339] Call Trace: [ 304.301563][ T9339] [ 304.301570][ T9339] dump_stack_lvl+0x100/0x190 [ 304.301590][ T9339] validate_ec_hdr+0x2d0/0x330 [ 304.301608][ T9339] ubi_io_read_ec_hdr+0x656/0x6d0 [ 304.301627][ T9339] ubi_attach+0x601/0x4d30 [ 304.301653][ T9339] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 304.301681][ T9339] ? ubi_msg+0x114/0x159 [ 304.301698][ T9339] ? __pfx_ubi_msg+0x10/0x10 [ 304.301716][ T9339] ? __pfx_ubi_attach+0x10/0x10 [ 304.301735][ T9339] ? lockdep_init_map_type+0x5c/0x250 [ 304.301753][ T9339] ? ubi_attach_mtd_dev+0x1353/0x32a0 [ 304.301774][ T9339] ? __vmalloc_node_noprof+0xad/0xf0 [ 304.301795][ T9339] ? ubi_attach_mtd_dev+0x1353/0x32a0 [ 304.301820][ T9339] ubi_attach_mtd_dev+0x139f/0x32a0 [ 304.301848][ T9339] ? __pfx_ubi_attach_mtd_dev+0x10/0x10 [ 304.301868][ T9339] ? __pfx_get_mtd_device+0x10/0x10 [ 304.301889][ T9339] ctrl_cdev_ioctl+0x36a/0x400 [ 304.301910][ T9339] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 304.301936][ T9339] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 304.301956][ T9339] __x64_sys_ioctl+0x18e/0x210 [ 304.301979][ T9339] do_syscall_64+0x115/0x840 [ 304.301993][ T9339] ? clear_bhb_loop+0x40/0x90 [ 304.302012][ T9339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.302027][ T9339] RIP: 0033:0x7f4f6519ce59 [ 304.302041][ T9339] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 304.302055][ T9339] RSP: 002b:00007f4f65fc3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 304.302070][ T9339] RAX: ffffffffffffffda RBX: 00007f4f65416450 RCX: 00007f4f6519ce59 [ 304.302080][ T9339] RDX: 0000200000000000 RSI: 0000000040186f40 RDI: 000000000000000a [ 304.302089][ T9339] RBP: 00007f4f65232e6f R08: 0000000000000000 R09: 0000000000000000 [ 304.302098][ T9339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 304.302106][ T9339] R13: 00007f4f654164e8 R14: 00007f4f65416450 R15: 00007ffcc6d0ddc8 [ 304.302126][ T9339] [ 304.351506][ T9339] ubi31 error: ubi_io_read_ec_hdr: validation failed for PEB 0 [ 304.403973][ T9339] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 305.406736][ T7066] Bluetooth: hci2: command 0x0c1a tx timeout [ 305.505870][ T7066] Bluetooth: hci3: command 0x0c1a tx timeout [ 305.669628][ T9352] sg_write: data in/out 124/2 bytes for SCSI command 0x61-- guessing data in; [ 305.669628][ T9352] program syz.2.690 not setting count and/or reply_len properly [ 307.313730][ T9381] vivid-011: ================= START STATUS ================= [ 307.344769][ T9381] vivid-011: Radio HW Seek Mode: Bounded [ 307.364726][ T9381] vivid-011: Radio Programmable HW Seek: false [ 307.384465][ T9381] vivid-011: RDS Rx I/O Mode: Block I/O [ 307.407187][ T9381] vivid-011: Generate RBDS Instead of RDS: false [ 307.442507][ T9381] vivid-011: RDS Reception: true [ 307.472242][ T9381] vivid-011: RDS Program Type: 0 inactive [ 307.498461][ T9381] vivid-011: RDS PS Name: inactive [ 307.563520][ T9381] vivid-011: RDS Radio Text: inactive [ 307.581417][ T9381] vivid-011: RDS Traffic Announcement: false inactive [ 307.603990][ T9381] vivid-011: RDS Traffic Program: false inactive [ 307.638860][ T9381] vivid-011: RDS Music: false inactive [ 307.700142][ T9381] vivid-011: ================== END STATUS ================== [ 310.469392][ T9435] vivid-011: ================= START STATUS ================= [ 310.484951][ T9435] vivid-011: Radio HW Seek Mode: Bounded [ 310.511883][ T9435] vivid-011: Radio Programmable HW Seek: false [ 310.530539][ T9435] vivid-011: RDS Rx I/O Mode: Block I/O [ 310.557827][ T9435] vivid-011: Generate RBDS Instead of RDS: false [ 310.579469][ T9435] vivid-011: RDS Reception: true [ 310.617225][ T9435] vivid-011: RDS Program Type: 0 inactive [ 310.642736][ T9435] vivid-011: RDS PS Name: inactive [ 310.708843][ T9435] vivid-011: RDS Radio Text: inactive [ 310.799556][ T9435] vivid-011: RDS Traffic Announcement: false inactive [ 310.886654][ T9435] vivid-011: RDS Traffic Program: false inactive [ 310.969472][ T30] audit: type=1800 audit(1782641957.047:7): pid=9445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.707" name="features" dev="configfs" ino=26513 res=0 errno=0 [ 311.011770][ T9435] vivid-011: RDS Music: false inactive [ 311.085253][ T9435] vivid-011: ================== END STATUS ================== [ 312.045264][ T9466] FAULT_INJECTION: forcing a failure. [ 312.045264][ T9466] name failslab, interval 1, probability 0, space 0, times 0 [ 312.120802][ T9466] CPU: 0 UID: 0 PID: 9466 Comm: syz.1.710 Tainted: G L syzkaller #0 PREEMPT(full) [ 312.120835][ T9466] Tainted: [L]=SOFTLOCKUP [ 312.120841][ T9466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 312.120852][ T9466] Call Trace: [ 312.120857][ T9466] [ 312.120864][ T9466] dump_stack_lvl+0x100/0x190 [ 312.120890][ T9466] should_fail_ex.cold+0x5/0xa [ 312.120912][ T9466] should_failslab+0xc2/0x120 [ 312.120934][ T9466] __kmalloc_cache_noprof+0x91/0x6c0 [ 312.120951][ T9466] ? vidtv_psi_sdt_table_init+0x47/0x2a0 [ 312.120973][ T9466] vidtv_psi_sdt_table_init+0x47/0x2a0 [ 312.120991][ T9466] vidtv_channel_si_init+0x130/0x18f0 [ 312.121012][ T9466] ? __asan_memcpy+0x3c/0x60 [ 312.121032][ T9466] vidtv_mux_init+0x522/0xbf0 [ 312.121055][ T9466] vidtv_start_feed+0x34e/0x500 [ 312.121078][ T9466] ? __pfx_vidtv_start_feed+0x10/0x10 [ 312.121102][ T9466] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 312.121135][ T9466] dmx_section_feed_start_filtering+0x3a8/0x660 [ 312.121158][ T9466] dvb_dmxdev_filter_start+0x767/0xdd0 [ 312.121190][ T9466] dvb_demux_do_ioctl+0xe64/0x1200 [ 312.121218][ T9466] dvb_usercopy+0x167/0x340 [ 312.121238][ T9466] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 312.121269][ T9466] ? __pfx_dvb_usercopy+0x10/0x10 [ 312.121296][ T9466] ? __fget_files+0x21f/0x3d0 [ 312.121314][ T9466] dvb_demux_ioctl+0x29/0x40 [ 312.121334][ T9466] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 312.121355][ T9466] __x64_sys_ioctl+0x18e/0x210 [ 312.121378][ T9466] do_syscall_64+0x115/0x840 [ 312.121392][ T9466] ? clear_bhb_loop+0x40/0x90 [ 312.121410][ T9466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.121426][ T9466] RIP: 0033:0x7f72f1b9ce59 [ 312.121441][ T9466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 312.121455][ T9466] RSP: 002b:00007f72f2993028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 312.121470][ T9466] RAX: ffffffffffffffda RBX: 00007f72f1e15fa0 RCX: 00007f72f1b9ce59 [ 312.121484][ T9466] RDX: 0000000000000000 RSI: 00000000403c6f2b RDI: 0000000000000009 [ 312.121493][ T9466] RBP: 00007f72f1c32e6f R08: 0000000000000000 R09: 0000000000000000 [ 312.121502][ T9466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 312.121511][ T9466] R13: 00007f72f1e16038 R14: 00007f72f1e15fa0 R15: 00007ffe5d363898 [ 312.121533][ T9466] [ 313.439848][ T9483] FAULT_INJECTION: forcing a failure. [ 313.439848][ T9483] name failslab, interval 1, probability 0, space 0, times 0 [ 313.601925][ T9483] CPU: 0 UID: 0 PID: 9483 Comm: syz.2.713 Tainted: G L syzkaller #0 PREEMPT(full) [ 313.601957][ T9483] Tainted: [L]=SOFTLOCKUP [ 313.601962][ T9483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 313.601972][ T9483] Call Trace: [ 313.601978][ T9483] [ 313.601984][ T9483] dump_stack_lvl+0x100/0x190 [ 313.602013][ T9483] should_fail_ex.cold+0x5/0xa [ 313.602035][ T9483] should_failslab+0xc2/0x120 [ 313.602056][ T9483] kmem_cache_alloc_lru_noprof+0x8d/0x6a0 [ 313.602075][ T9483] ? __lock_acquire+0x49f/0x1a40 [ 313.602098][ T9483] ? __d_alloc+0x35/0xa50 [ 313.602128][ T9483] __d_alloc+0x35/0xa50 [ 313.602144][ T9483] ? do_raw_spin_lock+0x128/0x260 [ 313.602164][ T9483] d_alloc+0x4a/0x1e0 [ 313.602182][ T9483] d_alloc_name+0x83/0xb0 [ 313.602199][ T9483] ? __pfx_d_alloc_name+0x10/0x10 [ 313.602214][ T9483] ? fast_dput+0x168/0x6d0 [ 313.602233][ T9483] ? dput.part.0+0x4f/0x240 [ 313.602253][ T9483] simple_fill_super+0x4c3/0x680 [ 313.602272][ T9483] ? __pfx_nfsd_fill_super+0x10/0x10 [ 313.602293][ T9483] nfsd_fill_super+0x98/0x560 [ 313.602316][ T9483] ? __pfx_nfsd_fill_super+0x10/0x10 [ 313.602337][ T9483] get_tree_keyed+0x10e/0x1d0 [ 313.602362][ T9483] vfs_get_tree+0x92/0x320 [ 313.602383][ T9483] path_mount+0x7d0/0x23d0 [ 313.602404][ T9483] ? __pfx_path_mount+0x10/0x10 [ 313.602420][ T9483] ? lockdep_hardirqs_on+0x78/0x100 [ 313.602445][ T9483] ? putname+0xb1/0x110 [ 313.602460][ T9483] ? kmem_cache_free+0x127/0x6b0 [ 313.602482][ T9483] ? __x64_sys_mount+0x293/0x310 [ 313.602508][ T9483] __x64_sys_mount+0x293/0x310 [ 313.602527][ T9483] ? __pfx___x64_sys_mount+0x10/0x10 [ 313.602551][ T9483] do_syscall_64+0x115/0x840 [ 313.602564][ T9483] ? clear_bhb_loop+0x40/0x90 [ 313.602582][ T9483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.602598][ T9483] RIP: 0033:0x7f18e379ce59 [ 313.602614][ T9483] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 313.602629][ T9483] RSP: 002b:00007f18e471c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 313.602645][ T9483] RAX: ffffffffffffffda RBX: 00007f18e3a15fa0 RCX: 00007f18e379ce59 [ 313.602655][ T9483] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 313.602665][ T9483] RBP: 00007f18e3832e6f R08: 0000000000000000 R09: 0000000000000000 [ 313.602674][ T9483] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 313.602683][ T9483] R13: 00007f18e3a16038 R14: 00007f18e3a15fa0 R15: 00007ffc4299b7b8 [ 313.602704][ T9483] [ 314.077574][ T9495] vivid-011: ================= START STATUS ================= [ 314.085380][ T9495] vivid-011: Radio HW Seek Mode: Bounded [ 314.091295][ T9495] vivid-011: Radio Programmable HW Seek: false [ 314.098853][ T9495] vivid-011: RDS Rx I/O Mode: Block I/O [ 314.104486][ T9495] vivid-011: Generate RBDS Instead of RDS: false [ 314.110943][ T9495] vivid-011: RDS Reception: true [ 314.116071][ T9495] vivid-011: RDS Program Type: 0 inactive [ 314.121855][ T9495] vivid-011: RDS PS Name: inactive [ 314.127283][ T9495] vivid-011: RDS Radio Text: inactive [ 314.132897][ T9495] vivid-011: RDS Traffic Announcement: false inactive [ 314.139696][ T9495] vivid-011: RDS Traffic Program: false inactive [ 314.192429][ T9495] vivid-011: RDS Music: false inactive [ 314.210677][ T9495] vivid-011: ================== END STATUS ================== [ 314.365293][ T9502] netlink: 4884 bytes leftover after parsing attributes in process `syz.0.715'. [ 317.245426][ T1318] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.255850][ T1318] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.394617][ T9553] vivid-011: ================= START STATUS ================= [ 317.433860][ T9553] vivid-011: Radio HW Seek Mode: Bounded [ 317.467112][ T9553] vivid-011: Radio Programmable HW Seek: false [ 317.507427][ T9553] vivid-011: RDS Rx I/O Mode: Block I/O [ 317.532059][ T9553] vivid-011: Generate RBDS Instead of RDS: false [ 317.564834][ T9553] vivid-011: RDS Reception: true [ 317.589461][ T9553] vivid-011: RDS Program Type: 0 inactive [ 317.641439][ T9553] vivid-011: RDS PS Name: inactive [ 317.674291][ T9553] vivid-011: RDS Radio Text: inactive [ 317.732924][ T9553] vivid-011: RDS Traffic Announcement: false inactive [ 317.795420][ T9553] vivid-011: RDS Traffic Program: false inactive [ 317.861916][ T9553] vivid-011: RDS Music: false inactive [ 317.906614][ T9555] random: crng reseeded on system resumption [ 317.916023][ T9553] vivid-011: ================== END STATUS ================== [ 319.519517][ T9598] netlink: 8 bytes leftover after parsing attributes in process `syz.2.738'. [ 319.670127][ T9555] hub 1-0:1.0: USB hub found [ 319.751608][ T9555] hub 1-0:1.0: 1 port detected [ 323.748025][ T9658] netlink: 8 bytes leftover after parsing attributes in process `syz.1.750'. [ 325.259684][ T30] audit: type=1804 audit(1782641971.347:8): pid=9679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.755" name="/newroot/180/file0" dev="tmpfs" ino=966 res=1 errno=0 [ 326.229681][ T9712] futex_wake_op: syz.2.761 tries to shift op by -2048; fix this program [ 326.331159][ T9712] futex_wake_op: syz.2.761 tries to shift op by -2048; fix this program [ 329.049359][ T9735] Process accounting resumed [ 332.122013][ T9783] netlink: 504 bytes leftover after parsing attributes in process `syz.1.773'. [ 332.245446][ T9791] device-mapper: ioctl: only supply one of name or uuid, cmd(4) [ 332.273584][ T9780] netlink: 350 bytes leftover after parsing attributes in process `syz.1.773'. [ 334.523341][ T9822] FAULT_INJECTION: forcing a failure. [ 334.523341][ T9822] name failslab, interval 1, probability 0, space 0, times 0 [ 334.580287][ T9822] CPU: 0 UID: 0 PID: 9822 Comm: syz.3.779 Tainted: G L syzkaller #0 PREEMPT(full) [ 334.580313][ T9822] Tainted: [L]=SOFTLOCKUP [ 334.580319][ T9822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 334.580331][ T9822] Call Trace: [ 334.580338][ T9822] [ 334.580344][ T9822] dump_stack_lvl+0x100/0x190 [ 334.580369][ T9822] should_fail_ex.cold+0x5/0xa [ 334.580390][ T9822] should_failslab+0xc2/0x120 [ 334.580411][ T9822] kmem_cache_alloc_node_noprof+0x94/0x6b0 [ 334.580432][ T9822] ? __alloc_skb+0x140/0x710 [ 334.580452][ T9822] __alloc_skb+0x140/0x710 [ 334.580466][ T9822] ? __alloc_skb+0x5b7/0x710 [ 334.580482][ T9822] ? __pfx___alloc_skb+0x10/0x10 [ 334.580500][ T9822] ? __pfx___register_sysctl_table+0x10/0x10 [ 334.580515][ T9822] ? is_module_address+0x69/0xf0 [ 334.580534][ T9822] inet_netconf_notify_devconf+0x9d/0x170 [ 334.580562][ T9822] __devinet_sysctl_register+0x227/0x360 [ 334.580586][ T9822] ? __pfx_neigh_sysctl_register+0x10/0x10 [ 334.580604][ T9822] ? inetdev_init+0x245/0x570 [ 334.580625][ T9822] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 334.580649][ T9822] ? copy_net_ns+0x46f/0x7c0 [ 334.580668][ T9822] ? create_new_namespaces+0x3ea/0xac0 [ 334.580684][ T9822] ? unshare_nsproxy_namespaces+0xf2/0x220 [ 334.580702][ T9822] ? ksys_unshare+0x438/0xab0 [ 334.580720][ T9822] ? __x64_sys_unshare+0x31/0x40 [ 334.580738][ T9822] ? do_syscall_64+0x115/0x840 [ 334.580752][ T9822] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.580770][ T9822] devinet_sysctl_register+0x17b/0x210 [ 334.580795][ T9822] inetdev_init+0x2b8/0x570 [ 334.580824][ T9822] inetdev_event+0x7fa/0x17f0 [ 334.580861][ T9822] ? ib_netdevice_event+0xfc/0x330 [ 334.580876][ T9822] ? __pfx_inetdev_event+0x10/0x10 [ 334.580901][ T9822] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 334.580927][ T9822] notifier_call_chain+0x99/0x3f0 [ 334.580951][ T9822] call_netdevice_notifiers_info+0xbe/0x110 [ 334.580973][ T9822] register_netdevice+0x1998/0x25a0 [ 334.580996][ T9822] ? __pfx_register_netdevice+0x10/0x10 [ 334.581019][ T9822] ? __pfx_loopback_net_init+0x10/0x10 [ 334.581041][ T9822] register_netdev+0x34/0x50 [ 334.581059][ T9822] loopback_net_init+0x7a/0x170 [ 334.581085][ T9822] ? __pfx_loopback_net_init+0x10/0x10 [ 334.581107][ T9822] ops_init+0x1e2/0x5f0 [ 334.581127][ T9822] setup_net+0x118/0x3a0 [ 334.581146][ T9822] ? __pfx_setup_net+0x10/0x10 [ 334.581165][ T9822] ? mutex_init_lockdep+0xf1/0x120 [ 334.581185][ T9822] copy_net_ns+0x46f/0x7c0 [ 334.581206][ T9822] create_new_namespaces+0x3ea/0xac0 [ 334.581227][ T9822] unshare_nsproxy_namespaces+0xf2/0x220 [ 334.581246][ T9822] ksys_unshare+0x438/0xab0 [ 334.581269][ T9822] ? __pfx_ksys_unshare+0x10/0x10 [ 334.581295][ T9822] __x64_sys_unshare+0x31/0x40 [ 334.581316][ T9822] do_syscall_64+0x115/0x840 [ 334.581329][ T9822] ? clear_bhb_loop+0x40/0x90 [ 334.581347][ T9822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.581365][ T9822] RIP: 0033:0x7f79f3d9ce59 [ 334.581380][ T9822] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 334.581394][ T9822] RSP: 002b:00007f79f4c80028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 334.581414][ T9822] RAX: ffffffffffffffda RBX: 00007f79f4015fa0 RCX: 00007f79f3d9ce59 [ 334.581424][ T9822] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 334.581434][ T9822] RBP: 00007f79f3e32e6f R08: 0000000000000000 R09: 0000000000000000 [ 334.581443][ T9822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 334.581452][ T9822] R13: 00007f79f4016038 R14: 00007f79f4015fa0 R15: 00007fff4bb326a8 [ 334.581472][ T9822] [ 337.641116][ T9872] netlink: 'syz.3.788': attribute type 4 has an invalid length. [ 337.700721][ T9872] netlink: 28 bytes leftover after parsing attributes in process `syz.3.788'. [ 337.756047][ T9872] veth0_macvtap: left promiscuous mode [ 337.780364][ T9872] macvtap0: entered promiscuous mode [ 337.802822][ T9872] macvtap0: entered allmulticast mode [ 339.558348][ T9917] netlink: 342 bytes leftover after parsing attributes in process `syz.3.798'. [ 341.820065][ T7066] Bluetooth: hci3: unexpected event 0x10 length: 124 > 1 [ 341.822228][ T7148] Bluetooth: hci3: hardware error 0x00 [ 343.879540][ T7148] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 343.941596][ T9992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.812'. [ 344.035292][ T9993] netlink: 290 bytes leftover after parsing attributes in process `syz.2.812'. [ 344.266733][ T9992] Â: entered promiscuous mode [ 344.347239][ T9960] kexec: Could not allocate control_code_buffer [ 344.816804][T10004] vivid-011: ================= START STATUS ================= [ 344.855638][T10004] vivid-011: Radio HW Seek Mode: Bounded [ 344.878600][T10004] vivid-011: Radio Programmable HW Seek: false [ 344.907975][T10004] vivid-011: RDS Rx I/O Mode: Block I/O [ 344.935956][T10004] vivid-011: Generate RBDS Instead of RDS: false [ 344.963665][T10004] vivid-011: RDS Reception: true [ 344.983552][T10004] vivid-011: RDS Program Type: 0 inactive [ 345.006604][T10004] vivid-011: RDS PS Name: inactive [ 345.077164][T10004] vivid-011: RDS Radio Text: inactive [ 345.108303][T10006] zswap: compressor 000 not available [ 345.121975][T10004] vivid-011: RDS Traffic Announcement: false inactive [ 345.197596][T10004] vivid-011: RDS Traffic Program: false inactive [ 345.282708][T10004] vivid-011: RDS Music: false inactive [ 345.366331][T10004] vivid-011: ================== END STATUS ================== [ 345.380495][ T9984] Process accounting resumed [ 345.556921][T10027] syz.0.818 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 345.592783][T10028] FAULT_INJECTION: forcing a failure. [ 345.592783][T10028] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 345.653546][T10028] CPU: 0 UID: 0 PID: 10028 Comm: syz.2.819 Tainted: G L syzkaller #0 PREEMPT(full) [ 345.653575][T10028] Tainted: [L]=SOFTLOCKUP [ 345.653581][T10028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 345.653590][T10028] Call Trace: [ 345.653596][T10028] [ 345.653602][T10028] dump_stack_lvl+0x100/0x190 [ 345.653631][T10028] should_fail_ex.cold+0x5/0xa [ 345.653649][T10028] ? prepare_alloc_pages+0x16d/0x5f0 [ 345.653674][T10028] should_fail_alloc_page+0xeb/0x140 [ 345.653697][T10028] prepare_alloc_pages+0x1f0/0x5f0 [ 345.653721][T10028] __alloc_frozen_pages_noprof+0x1af/0x2dc0 [ 345.653739][T10028] ? folio_batch_move_lru+0x37c/0xc00 [ 345.653759][T10028] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 345.653783][T10028] ? folio_batch_move_lru+0x3a9/0xc00 [ 345.653798][T10028] ? __pfx_lru_add+0x10/0x10 [ 345.653814][T10028] ? __pfx_folio_batch_move_lru+0x10/0x10 [ 345.653829][T10028] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 345.653854][T10028] ? __lock_acquire+0x49f/0x1a40 [ 345.653869][T10028] ? __lock_acquire+0x49f/0x1a40 [ 345.653888][T10028] ? lock_acquire+0x1b9/0x370 [ 345.653901][T10028] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.653924][T10028] ? policy_nodemask+0xed/0x4f0 [ 345.653947][T10028] alloc_pages_mpol+0x1fb/0x540 [ 345.653969][T10028] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 345.653995][T10028] folio_alloc_mpol_noprof+0x36/0x260 [ 345.654020][T10028] vma_alloc_folio_noprof+0xed/0x1d0 [ 345.654043][T10028] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 345.654079][T10028] do_anonymous_page+0xb2b/0x2080 [ 345.654099][T10028] ? rcu_read_unlock+0x2d/0xb0 [ 345.654119][T10028] __handle_mm_fault+0x1d2c/0x2a00 [ 345.654136][T10028] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 345.654155][T10028] ? __pfx___handle_mm_fault+0x10/0x10 [ 345.654172][T10028] ? pte_offset_map_lock+0x174/0x320 [ 345.654200][T10028] ? find_held_lock+0x2b/0x80 [ 345.654229][T10028] ? follow_page_pte+0x4d0/0x13f0 [ 345.654255][T10028] handle_mm_fault+0x37b/0xa30 [ 345.654274][T10028] __get_user_pages+0x1178/0x32a0 [ 345.654304][T10028] ? __pfx___get_user_pages+0x10/0x10 [ 345.654331][T10028] populate_vma_page_range+0x267/0x3f0 [ 345.654354][T10028] ? __pfx_populate_vma_page_range+0x10/0x10 [ 345.654376][T10028] ? __pfx_find_vma_intersection+0x10/0x10 [ 345.654399][T10028] ? do_mmap+0x93f/0x12f0 [ 345.654422][T10028] __mm_populate+0x107/0x3a0 [ 345.654444][T10028] ? __pfx___mm_populate+0x10/0x10 [ 345.654470][T10028] ? up_write+0x2e5/0x5c0 [ 345.654487][T10028] vm_mmap_pgoff+0x37f/0x470 [ 345.654510][T10028] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 345.654533][T10028] ? __pfx_do_futex+0x10/0x10 [ 345.654564][T10028] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 345.654592][T10028] ksys_mmap_pgoff+0xe4/0x610 [ 345.654614][T10028] ? __x64_sys_futex+0x358/0x4d0 [ 345.654632][T10028] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 345.654653][T10028] ? xfd_validate_state+0x129/0x190 [ 345.654676][T10028] __x64_sys_mmap+0x125/0x190 [ 345.654696][T10028] do_syscall_64+0x115/0x840 [ 345.654710][T10028] ? clear_bhb_loop+0x40/0x90 [ 345.654728][T10028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.654743][T10028] RIP: 0033:0x7f18e379ce59 [ 345.654758][T10028] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 345.654772][T10028] RSP: 002b:00007f18e471c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 345.654788][T10028] RAX: ffffffffffffffda RBX: 00007f18e3a15fa0 RCX: 00007f18e379ce59 [ 345.654798][T10028] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 345.654808][T10028] RBP: 00007f18e3832e6f R08: 0000000000000002 R09: 0000000000008000 [ 345.654822][T10028] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 345.654831][T10028] R13: 00007f18e3a16038 R14: 00007f18e3a15fa0 R15: 00007ffc4299b7b8 [ 345.654853][T10028] [ 346.074762][T10031] netlink: 28 bytes leftover after parsing attributes in process `syz.2.819'. [ 346.178881][T10037] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[5624] was attempted by "ci-qemu-gce-upstream-auto/syz-executor exec"[10037] [ 346.503407][T10031] veth0_macvtap: left promiscuous mode [ 346.694700][T10031] macvtap0: entered promiscuous mode [ 346.715788][T10043] vivid-011: ================= START STATUS ================= [ 346.726971][T10031] macvtap0: entered allmulticast mode [ 346.745162][T10043] vivid-011: Radio HW Seek Mode: Bounded [ 346.761374][T10043] vivid-011: Radio Programmable HW Seek: false [ 346.773213][T10043] vivid-011: RDS Rx I/O Mode: Block I/O [ 346.785816][T10043] vivid-011: Generate RBDS Instead of RDS: false [ 346.808741][T10043] vivid-011: RDS Reception: true [ 346.823713][T10043] vivid-011: RDS Program Type: 0 inactive [ 346.839286][T10043] vivid-011: RDS PS Name: inactive [ 346.849426][T10043] vivid-011: RDS Radio Text: inactive [ 346.875374][T10043] vivid-011: RDS Traffic Announcement: false inactive [ 346.892943][T10043] vivid-011: RDS Traffic Program: false inactive [ 346.912761][T10043] vivid-011: RDS Music: false inactive [ 346.943586][T10043] vivid-011: ================== END STATUS ================== [ 347.449136][T10024] openvswitch: netlink: Key 5 has unexpected len 4 expected 2 [ 348.821456][T10090] FAULT_INJECTION: forcing a failure. [ 348.821456][T10090] name failslab, interval 1, probability 0, space 0, times 0 [ 348.879779][T10090] CPU: 0 UID: 0 PID: 10090 Comm: syz.1.833 Tainted: G L syzkaller #0 PREEMPT(full) [ 348.879807][T10090] Tainted: [L]=SOFTLOCKUP [ 348.879813][T10090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 348.879830][T10090] Call Trace: [ 348.879836][T10090] [ 348.879842][T10090] dump_stack_lvl+0x100/0x190 [ 348.879917][T10090] should_fail_ex.cold+0x5/0xa [ 348.879957][T10090] should_failslab+0xc2/0x120 [ 348.880001][T10090] kmem_cache_alloc_noprof+0x91/0x6a0 [ 348.880027][T10090] ? tomoyo_path_number_perm+0x46d/0x580 [ 348.880102][T10090] ? kvm_vm_ioctl+0x390/0x4030 [ 348.880141][T10090] kvm_vm_ioctl+0x390/0x4030 [ 348.880169][T10090] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 348.880204][T10090] ? kasan_quarantine_put+0x104/0x240 [ 348.880222][T10090] ? lockdep_hardirqs_on+0x78/0x100 [ 348.880326][T10090] ? find_held_lock+0x2b/0x80 [ 348.880359][T10090] ? tomoyo_path_number_perm+0x28f/0x580 [ 348.880378][T10090] ? tomoyo_path_number_perm+0x28f/0x580 [ 348.880399][T10090] ? tomoyo_path_number_perm+0x188/0x580 [ 348.880418][T10090] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 348.880437][T10090] ? __pfx_futex_wait+0x10/0x10 [ 348.880472][T10090] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 348.880499][T10090] ? do_vfs_ioctl+0x226/0x13e0 [ 348.880530][T10090] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 348.880558][T10090] ? find_held_lock+0x2b/0x80 [ 348.880576][T10090] ? __fget_files+0x215/0x3d0 [ 348.880595][T10090] ? hook_file_ioctl_common+0x140/0x440 [ 348.880646][T10090] ? __fget_files+0x21f/0x3d0 [ 348.880662][T10090] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 348.880686][T10090] __x64_sys_ioctl+0x18e/0x210 [ 348.880709][T10090] do_syscall_64+0x115/0x840 [ 348.880723][T10090] ? clear_bhb_loop+0x40/0x90 [ 348.880749][T10090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.880764][T10090] RIP: 0033:0x7f72f1b9ce59 [ 348.880780][T10090] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 348.880794][T10090] RSP: 002b:00007f72f2993028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 348.880838][T10090] RAX: ffffffffffffffda RBX: 00007f72f1e15fa0 RCX: 00007f72f1b9ce59 [ 348.880849][T10090] RDX: 0000000000000004 RSI: 000000000000ae41 RDI: 0000000000000003 [ 348.880859][T10090] RBP: 00007f72f1c32e6f R08: 0000000000000000 R09: 0000000000000000 [ 348.880868][T10090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 348.880877][T10090] R13: 00007f72f1e16038 R14: 00007f72f1e15fa0 R15: 00007ffe5d363898 [ 348.880897][T10090] [ 351.999747][T10136] vivid-011: ================= START STATUS ================= [ 352.034541][T10136] vivid-011: Radio HW Seek Mode: Bounded [ 352.072073][T10136] vivid-011: Radio Programmable HW Seek: false [ 352.116170][T10136] vivid-011: RDS Rx I/O Mode: Block I/O [ 352.140581][T10136] vivid-011: Generate RBDS Instead of RDS: false [ 352.193603][T10136] vivid-011: RDS Reception: true [ 352.213108][T10136] vivid-011: RDS Program Type: 0 inactive [ 352.288256][T10136] vivid-011: RDS PS Name: inactive [ 352.324277][T10136] vivid-011: RDS Radio Text: inactive [ 352.387644][T10136] vivid-011: RDS Traffic Announcement: false inactive [ 352.454216][T10136] vivid-011: RDS Traffic Program: false inactive [ 352.515308][T10136] vivid-011: RDS Music: false inactive [ 352.563518][T10136] vivid-011: ================== END STATUS ================== [ 356.722545][T10230] vivid-011: ================= START STATUS ================= [ 356.756770][T10230] vivid-011: Radio HW Seek Mode: Bounded [ 356.791017][T10230] vivid-011: Radio Programmable HW Seek: false [ 356.837602][T10230] vivid-011: RDS Rx I/O Mode: Block I/O [ 356.859271][T10230] vivid-011: Generate RBDS Instead of RDS: false [ 356.906122][T10230] vivid-011: RDS Reception: true [ 356.940869][T10230] vivid-011: RDS Program Type: 0 inactive [ 356.996837][T10230] vivid-011: RDS PS Name: inactive [ 357.019079][T10230] vivid-011: RDS Radio Text: inactive [ 357.122400][T10230] vivid-011: RDS Traffic Announcement: false inactive [ 357.225883][T10230] vivid-011: RDS Traffic Program: false inactive [ 357.308635][T10230] vivid-011: RDS Music: false inactive [ 357.369758][T10230] vivid-011: ================== END STATUS ================== [ 357.757716][T10252] FAULT_INJECTION: forcing a failure. [ 357.757716][T10252] name fail_futex, interval 1, probability 0, space 0, times 0 [ 357.832370][T10252] CPU: 0 UID: 0 PID: 10252 Comm: syz.3.862 Tainted: G L syzkaller #0 PREEMPT(full) [ 357.832398][T10252] Tainted: [L]=SOFTLOCKUP [ 357.832403][T10252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 357.832416][T10252] Call Trace: [ 357.832421][T10252] [ 357.832427][T10252] dump_stack_lvl+0x100/0x190 [ 357.832455][T10252] should_fail_ex.cold+0x5/0xa [ 357.832478][T10252] get_futex_key+0x1d2/0x14f0 [ 357.832497][T10252] ? __pfx_get_futex_key+0x10/0x10 [ 357.832518][T10252] futex_wake+0xf4/0x5e0 [ 357.832540][T10252] ? __pfx_futex_wake+0x10/0x10 [ 357.832560][T10252] ? __lock_acquire+0x49f/0x1a40 [ 357.832599][T10252] ? percpu_counter_add_batch+0xb9/0x230 [ 357.832709][T10252] ? errseq_sample+0x51/0x70 [ 357.832763][T10252] do_futex+0x2b2/0x440 [ 357.832781][T10252] ? __pfx_do_futex+0x10/0x10 [ 357.832798][T10252] ? fd_install+0x223/0x580 [ 357.832818][T10252] __x64_sys_futex+0x34f/0x4d0 [ 357.832839][T10252] ? __sys_socket+0xac/0x260 [ 357.832913][T10252] ? __pfx___x64_sys_futex+0x10/0x10 [ 357.832938][T10252] do_syscall_64+0x115/0x840 [ 357.832955][T10252] ? clear_bhb_loop+0x40/0x90 [ 357.832973][T10252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.832989][T10252] RIP: 0033:0x7f79f3d9ce59 [ 357.833003][T10252] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 357.833017][T10252] RSP: 002b:00007f79f4c800e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 357.833033][T10252] RAX: ffffffffffffffda RBX: 00007f79f4015fa8 RCX: 00007f79f3d9ce59 [ 357.833043][T10252] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f79f4015fac [ 357.833052][T10252] RBP: 00007f79f4015fa0 R08: 0000000000000001 R09: 0000000000000000 [ 357.833062][T10252] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 357.833071][T10252] R13: 00007f79f4016038 R14: 00007fff4bb325c0 R15: 00007fff4bb326a8 [ 357.833091][T10252] [ 359.215125][T10274] Process accounting paused [ 359.410631][T10285] vivid-011: ================= START STATUS ================= [ 359.459823][T10285] vivid-011: Radio HW Seek Mode: Bounded [ 359.504459][T10285] vivid-011: Radio Programmable HW Seek: false [ 359.557792][T10285] vivid-011: RDS Rx I/O Mode: Block I/O [ 359.572107][T10267] zswap: compressor not available [ 359.587588][T10285] vivid-011: Generate RBDS Instead of RDS: false [ 359.622649][T10285] vivid-011: RDS Reception: true [ 359.646826][T10285] vivid-011: RDS Program Type: 0 inactive [ 359.698752][T10285] vivid-011: RDS PS Name: inactive [ 359.724559][T10285] vivid-011: RDS Radio Text: inactive [ 359.740113][T10291] ICMPv6: process `syz.1.871' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead [ 359.789434][T10285] vivid-011: RDS Traffic Announcement: false inactive [ 359.819829][T10285] vivid-011: RDS Traffic Program: false inactive [ 359.879975][T10285] vivid-011: RDS Music: false inactive [ 359.917904][T10285] vivid-011: ================== END STATUS ================== [ 360.378192][T10306] overlayfs: missing 'lowerdir' [ 361.226191][T10329] netlink: 24 bytes leftover after parsing attributes in process `syz.1.880'. [ 361.504067][T10329] sg_write: data in/out 124/2 bytes for SCSI command 0x61-- guessing data in; [ 361.504067][T10329] program syz.1.880 not setting count and/or reply_len properly [ 363.090511][T10377] ================================================================== [ 363.090543][T10377] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60 [ 363.090663][T10377] Write of size 8 at addr ffffc90004831000 by task syz.1.891/10377 [ 363.090676][T10377] [ 363.090686][T10377] CPU: 0 UID: 0 PID: 10377 Comm: syz.1.891 Tainted: G L syzkaller #0 PREEMPT(full) [ 363.090764][T10377] Tainted: [L]=SOFTLOCKUP [ 363.090774][T10377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 363.090784][T10377] Call Trace: [ 363.090792][T10377] [ 363.090798][T10377] dump_stack_lvl+0x100/0x190 [ 363.090831][T10377] print_report+0x13d/0x4b0 [ 363.090853][T10377] ? _raw_spin_lock_irqsave+0x52/0x60 [ 363.090954][T10377] ? sys_imageblit+0x19fb/0x1d60 [ 363.090976][T10377] kasan_report+0xdf/0x1c0 [ 363.091000][T10377] ? sys_imageblit+0x19fb/0x1d60 [ 363.091019][T10377] sys_imageblit+0x19fb/0x1d60 [ 363.091040][T10377] ? __pfx_sys_imageblit+0x10/0x10 [ 363.091059][T10377] ? prb_read_valid+0x78/0xa0 [ 363.091076][T10377] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 363.091169][T10377] soft_cursor+0x524/0xa10 [ 363.091187][T10377] ? __pfx___probestub_notifier_run+0x10/0x10 [ 363.091218][T10377] ? fb_get_color_depth+0x120/0x250 [ 363.091263][T10377] bit_cursor+0xca1/0x1490 [ 363.091280][T10377] ? __pfx_bit_cursor+0x10/0x10 [ 363.091296][T10377] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 363.091328][T10377] ? get_color+0x1da/0x450 [ 363.091352][T10377] ? __pfx_bit_cursor+0x10/0x10 [ 363.091366][T10377] fbcon_cursor+0x43c/0x5e0 [ 363.091387][T10377] ? add_softcursor+0x1a0/0x290 [ 363.091435][T10377] set_cursor+0x1db/0x250 [ 363.091451][T10377] con_write+0x89/0xb0 [ 363.091471][T10377] do_output_char+0x63b/0x850 [ 363.091526][T10377] n_tty_write+0x4d6/0x1160 [ 363.091573][T10377] ? __pfx_n_tty_write+0x10/0x10 [ 363.091600][T10377] ? __pfx_woken_wake_function+0x10/0x10 [ 363.091620][T10377] ? __pfx___might_resched+0x10/0x10 [ 363.091648][T10377] ? kfree+0x1e5/0x6c0 [ 363.091664][T10377] ? __pfx_n_tty_write+0x10/0x10 [ 363.091687][T10377] file_tty_write.isra.0+0x4d2/0x890 [ 363.091709][T10377] redirected_tty_write+0xd4/0x120 [ 363.091727][T10377] vfs_write+0x6ac/0x1050 [ 363.091743][T10377] ? __pfx_redirected_tty_write+0x10/0x10 [ 363.091765][T10377] ? __pfx_vfs_write+0x10/0x10 [ 363.091777][T10377] ? find_held_lock+0x2b/0x80 [ 363.091802][T10377] ksys_write+0x12a/0x250 [ 363.091873][T10377] ? __pfx_ksys_write+0x10/0x10 [ 363.091890][T10377] do_syscall_64+0x115/0x840 [ 363.091904][T10377] ? clear_bhb_loop+0x40/0x90 [ 363.091921][T10377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.091938][T10377] RIP: 0033:0x7f72f1b9ce59 [ 363.091956][T10377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 363.091971][T10377] RSP: 002b:00007f72efdb4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 363.091986][T10377] RAX: ffffffffffffffda RBX: 00007f72f1e16360 RCX: 00007f72f1b9ce59 [ 363.091997][T10377] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000005 [ 363.092006][T10377] RBP: 00007f72f1c32e6f R08: 0000000000000000 R09: 0000000000000000 [ 363.092016][T10377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 363.092026][T10377] R13: 00007f72f1e163f8 R14: 00007f72f1e16360 R15: 00007ffe5d363898 [ 363.092040][T10377] [ 363.092046][T10377] [ 363.092052][T10377] The buggy address belongs to a 0-page vmalloc region starting at 0xffffc90004531000 allocated at drm_gem_shmem_vmap_locked+0x553/0x860 [ 363.092089][T10377] Memory state around the buggy address: [ 363.092105][T10377] ffffc90004830f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 363.092123][T10377] ffffc90004830f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 363.092133][T10377] >ffffc90004831000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 363.092142][T10377] ^ [ 363.092150][T10377] ffffc90004831080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 363.092161][T10377] ffffc90004831100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 363.092169][T10377] ================================================================== [ 363.115658][T10377] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 363.115677][T10377] CPU: 0 UID: 0 PID: 10377 Comm: syz.1.891 Tainted: G L syzkaller #0 PREEMPT(full) [ 363.115700][T10377] Tainted: [L]=SOFTLOCKUP [ 363.115705][T10377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 363.115715][T10377] Call Trace: [ 363.115720][T10377] [ 363.115726][T10377] dump_stack_lvl+0x100/0x190 [ 363.115749][T10377] vpanic+0x552/0x970 [ 363.115763][T10377] ? __pfx_vpanic+0x10/0x10 [ 363.115776][T10377] ? mark_held_locks+0x40/0x70 [ 363.115805][T10377] ? sys_imageblit+0x19fb/0x1d60 [ 363.115823][T10377] panic+0xd1/0xe0 [ 363.115836][T10377] ? __pfx_panic+0x10/0x10 [ 363.115850][T10377] ? sys_imageblit+0x19fb/0x1d60 [ 363.115867][T10377] ? preempt_schedule_common+0x42/0xc0 [ 363.115892][T10377] ? check_panic_on_warn+0x1f/0x90 [ 363.115922][T10377] check_panic_on_warn.cold+0x19/0x34 [ 363.115938][T10377] end_report.part.0+0x3a/0x90 [ 363.115959][T10377] kasan_report.cold+0xe/0x18 [ 363.115979][T10377] ? sys_imageblit+0x19fb/0x1d60 [ 363.115999][T10377] sys_imageblit+0x19fb/0x1d60 [ 363.116019][T10377] ? __pfx_sys_imageblit+0x10/0x10 [ 363.116038][T10377] ? prb_read_valid+0x78/0xa0 [ 363.116054][T10377] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 363.116080][T10377] soft_cursor+0x524/0xa10 [ 363.116096][T10377] ? __pfx___probestub_notifier_run+0x10/0x10 [ 363.116117][T10377] ? fb_get_color_depth+0x120/0x250 [ 363.116140][T10377] bit_cursor+0xca1/0x1490 [ 363.116156][T10377] ? __pfx_bit_cursor+0x10/0x10 [ 363.116173][T10377] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 363.116195][T10377] ? get_color+0x1da/0x450 [ 363.116216][T10377] ? __pfx_bit_cursor+0x10/0x10 [ 363.116229][T10377] fbcon_cursor+0x43c/0x5e0 [ 363.116250][T10377] ? add_softcursor+0x1a0/0x290 [ 363.116267][T10377] set_cursor+0x1db/0x250 [ 363.116287][T10377] con_write+0x89/0xb0 [ 363.116307][T10377] do_output_char+0x63b/0x850 [ 363.116328][T10377] n_tty_write+0x4d6/0x1160 [ 363.116354][T10377] ? __pfx_n_tty_write+0x10/0x10 [ 363.116376][T10377] ? __pfx_woken_wake_function+0x10/0x10 [ 363.116394][T10377] ? __pfx___might_resched+0x10/0x10 [ 363.116417][T10377] ? kfree+0x1e5/0x6c0 [ 363.116432][T10377] ? __pfx_n_tty_write+0x10/0x10 [ 363.116453][T10377] file_tty_write.isra.0+0x4d2/0x890 [ 363.116474][T10377] redirected_tty_write+0xd4/0x120 [ 363.116493][T10377] vfs_write+0x6ac/0x1050 [ 363.116508][T10377] ? __pfx_redirected_tty_write+0x10/0x10 [ 363.116528][T10377] ? __pfx_vfs_write+0x10/0x10 [ 363.116540][T10377] ? find_held_lock+0x2b/0x80 [ 363.116563][T10377] ksys_write+0x12a/0x250 [ 363.116576][T10377] ? __pfx_ksys_write+0x10/0x10 [ 363.116592][T10377] do_syscall_64+0x115/0x840 [ 363.116605][T10377] ? clear_bhb_loop+0x40/0x90 [ 363.116622][T10377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.116638][T10377] RIP: 0033:0x7f72f1b9ce59 [ 363.116650][T10377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 363.116667][T10377] RSP: 002b:00007f72efdb4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 363.116683][T10377] RAX: ffffffffffffffda RBX: 00007f72f1e16360 RCX: 00007f72f1b9ce59 [ 363.116693][T10377] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000005 [ 363.116702][T10377] RBP: 00007f72f1c32e6f R08: 0000000000000000 R09: 0000000000000000 [ 363.116711][T10377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 363.116720][T10377] R13: 00007f72f1e163f8 R14: 00007f72f1e16360 R15: 00007ffe5d363898 [ 363.116734][T10377] [ 363.116803][T10377] Kernel Offset: disabled