last executing test programs: 13.029251327s ago: executing program 0 (id=2178): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) pipe2$auto(0x0, 0x80) (async) ioctl$auto(0x1, 0x5760, 0x100000101) (async) close_range$auto(0x0, 0x5, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x40000000) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) (async) set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9) (async) mmap$auto(0x0, 0x400008, 0x9eb3, 0x9b72, 0xffffffffffffffff, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x9) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0) ioctl$auto_KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="13002ebd70005641e3a81394531d08000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x4c0d4}, 0x20040894) (async, rerun: 32) sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x178, 0x0, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1ff}, @NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_SAR_SPEC={0x150, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS={0x13c, 0x2, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x18000}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1000}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x2}]}, {0x4}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xfffffffc}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x81}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xffffffff}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x200}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x56}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x800}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x3}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xc}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfffffff5}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x73aa}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x400}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x700}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x159}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x3}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x80000001}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1}]}]}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x80000001}]}, @NL80211_ATTR_KEY_SEQ={0x6, 0xa, "1b58"}]}, 0x178}, 0x1, 0x0, 0x0, 0x40015}, 0x24008000) (async, rerun: 32) io_uring_setup$auto(0x2, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) (async) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttyS0\x00', 0x0, 0x0) ioctl$auto(r6, 0x545c, 0xffffffffffffffff) (async) ioctl$auto_TIOCMSET2(r6, 0x5418, &(0x7f00000004c0)="10c1e44a6138dd0e38e709707fe9d307c180e2d2ac062926c5cdef9796c51214") (async) mmap$auto(0x0, 0x4005, 0xb, 0x8000040eb2, 0xffffffffffffffff, 0x300000000000) (async) ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0) (async) ioctl$auto_TIOCVHANGUP2(r4, 0x5437, 0x0) 11.955692256s ago: executing program 0 (id=2186): r0 = socket(0x10, 0xa, 0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x8000, 0x0) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TCFLSH2(r2, 0x540b, &(0x7f0000000040)="7bef6f3ffd8f1c69596308664536c205eb") fcntl$auto(r3, 0x8, 0x1) r4 = clone3$auto(&(0x7f00000000c0)={0x8, 0xfffffffffffffff9, 0xfffffffffffffffc, 0x81, 0x400, 0x6358c246, 0x10001, 0x8, 0x5, 0x4, 0x80000000}, 0xffffffffffffffff) fcntl$auto(r3, 0x10, r4) r5 = socket(0x2, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x3b) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000180), r5) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="01000000", @ANYRES16=r6, @ANYBLOB="020027bd7000fddbdf252c000000"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto(0x3, 0xc0184d03, 0xffffffffffffffff) setsockopt$auto(r5, 0x0, 0x10, 0x0, 0x17) unshare$auto(0x40000080) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68) ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000080)) 11.006847808s ago: executing program 0 (id=2189): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) setresuid$auto(0x0, 0x0, 0x0) syz_clone3(&(0x7f0000002140)={0x800, &(0x7f0000000040), &(0x7f0000000080)=0x0, &(0x7f00000000c0), {0x37}, &(0x7f0000001080)=""/4096, 0x1000, &(0x7f0000002080)=""/79, &(0x7f0000002100)=[0xffffffffffffffff], 0x1}, 0x58) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) clone$auto(0x8, 0xfffffffffffffff8, 0x0, 0x0, 0x7) prctl$auto(0x1b, 0x4, r0, 0xfffffffffffffffe, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, 0x0, 0x8004) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0x3, 0x3, 0x6, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000002]}, 0x0) 9.452446732s ago: executing program 0 (id=2199): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x5, 0xa505}, 0x800}, 0x7, 0x104008) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0) read$auto(r0, 0x0, 0x4) setsockopt$auto(0xffffffffffffffff, 0x29, 0x20015, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x6e, 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x5}, 0x3) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0) (fail_nth: 8) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xdc780, 0x0) mmap$auto(0x3, 0x80002020009, 0x7, 0xfa, 0xffffffffffffffff, 0x400) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlock$auto(0x10f, 0x5) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x3, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket(0x28, 0x5, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mtdblock0\x00', 0x26441, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x4844}, 0x20048014) sendmsg$auto_NCSI_CMD_CLEAR_INTERFACE(r2, &(0x7f00000007c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000780)={&(0x7f0000000300)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000040) ioctl$auto_BLKSSZGET(r3, 0x1268, 0x0) sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4004001}, 0x2c002884) sendfile$auto(r0, 0xffffffffffffffff, 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/kvm/parameters/nx_huge_pages_recovery_period_ms\x00', 0x149b01, 0x0) 8.232584185s ago: executing program 0 (id=2204): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) r0 = socket(0x10, 0x2, 0x0) (async) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) io_uring_setup$auto(0x6, 0x0) (async, rerun: 32) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 32) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async) io_uring_setup$auto(0x6, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef) (async) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) (async, rerun: 32) close_range$auto(0x0, 0x5, 0x0) (async, rerun: 32) openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/bluetooth/hci2/force_wakeup\x00', 0x8742, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x60580, 0x0) (async) r2 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x1, 0x0) clone$auto(0x20003b4a, 0x8, 0x0, 0x0, 0x7) (async, rerun: 64) write$auto(r2, 0x0, 0xe) (async, rerun: 64) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x3f, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="19"], 0x1ac}, 0x1, 0x0, 0x0, 0xa00}, 0x40000) 6.99652314s ago: executing program 0 (id=2211): close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x3, 0x2) r0 = openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000001180)='/sys/kernel/debug/tracing/free_buffer\x00', 0x1, 0x0) write$auto_tracing_free_buffer_fops_trace(r0, &(0x7f00000011c0)="ce", 0x1) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r1 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r1, 0x0, 0xfffffdf1) linkat$auto(r1, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) mprotect$auto(0x0, 0x8000000000000001, 0x8) 6.772981854s ago: executing program 2 (id=2213): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x5, 0xa505}, 0x800}, 0x7, 0x104008) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0) read$auto(r0, 0x0, 0x4) setsockopt$auto(0xffffffffffffffff, 0x29, 0x20015, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x6e, 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x5}, 0x3) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0) (fail_nth: 9) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xdc780, 0x0) mmap$auto(0x3, 0x80002020009, 0x7, 0xfa, 0xffffffffffffffff, 0x400) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlock$auto(0x10f, 0x5) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x3, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket(0x28, 0x5, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mtdblock0\x00', 0x26441, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x4844}, 0x20048014) sendmsg$auto_NCSI_CMD_CLEAR_INTERFACE(r2, &(0x7f00000007c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000780)={&(0x7f0000000300)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000040) ioctl$auto_BLKSSZGET(r3, 0x1268, 0x0) sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4004001}, 0x2c002884) sendfile$auto(r0, 0xffffffffffffffff, 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/kvm/parameters/nx_huge_pages_recovery_period_ms\x00', 0x149b01, 0x0) 4.968492076s ago: executing program 2 (id=2217): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x600347, 0x0) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x600347, 0x0) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) io_uring_setup$auto(0x2, 0x0) (async) io_uring_setup$auto(0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000002f, 0x0) fsopen$auto(0x0, 0x1) (async) fsopen$auto(0x0, 0x1) io_uring_register$auto_IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f00000001c0)="9c18b24387f1e35429baf8d09780ec4c6c4b846af0c1df2f7426479a21d66541a6cb02afcc599117acc07c6be9102e9f054c7dd958505c1e2feb9eeacf01cc9223672c7dbfdd794987cd210b48f74b2e51c4990b1b9fb6715a101e4d05272c03dd7395b14bd37ea678da00a0b2471cbb4e57a1", 0x200) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) (async) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80040, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) setsockopt$auto(0xffffffffffffffff, 0x4, 0x80, &(0x7f0000000240)='\x00', 0x6) (async) setsockopt$auto(0xffffffffffffffff, 0x4, 0x80, &(0x7f0000000240)='\x00', 0x6) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x8, 0x4, 0x4, 0xb9, 0x8, 0xc, 0xffffffffffffffff, 0x2, 0x7ff}, 0x6f4) (async) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x8, 0x4, 0x4, 0xb9, 0x8, 0xc, 0xffffffffffffffff, 0x2, 0x7ff}, 0x6f4) socketpair$auto(0x3, 0x1, 0x8, 0x0) syz_genetlink_get_family_id$auto_nfc(0x0, r1) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) getsockopt$auto_SO_RCVLOWAT(r4, 0x0, 0x12, &(0x7f0000000040)='$:){@[\\[\\)((%*\x00', &(0x7f00000000c0)=0x4) fcntl$auto_F_SETPIPE_SZ(r0, 0x407, 0x2) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) 4.717949972s ago: executing program 1 (id=2219): recvmmsg$auto(0xffffffffffffffff, 0x0, 0xffffffff, 0xffffffff, 0x0) semtimedop$auto(0x0, &(0x7f0000000180)={0xe5, 0x8000, 0x36ec}, 0x1, 0x0) semtimedop$auto(0x0, &(0x7f00000000c0)={0x3, 0x8000, 0x36ec}, 0xc, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x2401, 0x0) mmap$auto(0xfffffffffffffffd, 0x0, 0x4000000000e4, 0x40eb3, r0, 0x340000000002) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2002, 0x0) copy_file_range$auto(r1, &(0x7f0000000040)=0xd52, r1, 0x0, 0xb1, 0x0) ioctl$auto_UI_DEV_CREATE(0xffffffffffffffff, 0x5501, 0x0) ioctl$auto(0x4000000000000c8, 0x400454da, 0x3) socket(0x2c, 0x3, 0x0) r2 = socket(0x10, 0x2, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0_to_hsr\x00'}) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="0c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x200400c4}, 0x4830) write$auto(r2, &(0x7f0000000000)='-\x00', 0x1d30) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x2) r3 = socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = socket(0x10, 0x5, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r4, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x11}, 0x803}, 0x16, 0xa77b, 0x0) ioctl$auto(r3, 0x8914, 0x24) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/fail-nth\x00', 0x0, 0x0) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x5, 0x402000a, 0xffffffffffffffff, 0x400ebd, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0xa, 0x0) 4.484702991s ago: executing program 2 (id=2220): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000001040)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0xc05, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="5c000000d62ccbd705eea89ded35fec1e21c0f528a5efc8061e7b390d3e33f62e1f2945052982ee7583bdd3f9ac653d5ac21c4a73cfcc785c248211ee4998c2b35501566cebf348762a3405b9d2dc4f0f6cca3ecd4f0a9062164f6697bf94f54cc174d27f1931320c3ef4e34e976ccaab23d887a7828513cb9646bfea0daf8d18f9e32d5dc9ba5a75a6a8556916c0054830a843469a3211141532f492cc0fbd6faac85df088513e4475824a9fa132d2926fed2ba", @ANYRES16=0x0, @ANYBLOB="01002bbd7000f9dbdf250100000006000210010000000500070058000000080009000800000008000a000800000014001f00000000000000000000000000000000001400200000000000000000000000ffffed010100"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x40) writev$auto(r0, &(0x7f0000000140)={0x0, 0x6}, 0x4) r1 = socket(0x10, 0x3, 0x6) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbdf25050000000c00010007000000000000000c00010004000000000000000c18010040000000000000000200200004000000000000000c0001000000000000000000000001400000000000000000c2d7166da058184d45b5abf640750c17f09c29b601000000000000001122a15e9b5481e80e93a6b5625964279d9b4fb4ecd437fbe329919af368853ec185ade0a019bb8937b11238bb036043d9964e6fe7ed8726defee309cb971a9443ec2732a13996ab41f0eadb8785ef533cd8a04d887f076bb25367da96a7e4ea1c97d76a3f545c3bbf11d86bb564d02a792c1a19b27971dfcdddfc51fc489dc5e84e99fe51a195c4f1"], 0x50}, 0x1, 0x100000000000000, 0x0, 0x4048000}, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/boot_params/data\x00', 0x2c40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000001c00)=""/4109, 0x100d) socket(0x10, 0x2, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nbd13\x00', 0x331040, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd0\x00', 0x24000, 0x0) ioctl$auto(r4, 0xab04, 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010026bd7000ffdbdf250400000014001a80ffff04800c0001"], 0x28}, 0x1, 0x0, 0x0, 0x894}, 0x4) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r5) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) r6 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES16=r2, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00", @ANYRES32=r6, @ANYBLOB="0c002e010800000000"], 0x28}, 0x1, 0x0, 0x0, 0x4008855}, 0x8000) r7 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000100), 0x80840, 0x0) read$auto_fragmentation_threshold_ops_(r7, 0x0, 0x0) r8 = socket(0x25, 0x6, 0x1fe) r9 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1b, r8, 0x10000}, 0x10) mmap$auto(0x0, 0x2009, 0xfffffffffffffff9, 0x8000200008011, r9, 0x8000) recvfrom$auto(0x3, 0x0, 0x521c, 0xfffff4a1, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) 3.468656136s ago: executing program 1 (id=2222): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000200), r0) sendmsg$auto_OVS_VPORT_CMD_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbff}, 0x14}}, 0x10) 3.340338684s ago: executing program 2 (id=2223): r0 = getpid() r1 = gettid() mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) r2 = socketcall$auto_SYS_SOCKET(0x1, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) sendmsg$auto_NL80211_CMD_ADD_LINK(r2, 0x0, 0x0) msgctl$auto_IPC_SET(0x0, 0x1, &(0x7f0000002600)={{0x0, 0x0, 0xee00, 0x7fffffff, 0x4, 0x8b7, 0xdf}, 0x0, 0x0, 0x8b00000000000000, 0x2, 0x5, 0x86, 0x3, 0x6, 0x401, 0x6}) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) madvise$auto(0x0, 0x2003f0, 0x18) statmount$auto(0x0, 0x0, 0x1fe, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/ram3/queue/iostats_passthrough\x00', 0x88202, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/tasks\x00', 0x63102, 0x0) sendfile$auto(r3, 0x3, 0x0, 0x100000000000009) sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START(0xffffffffffffffff, 0x0, 0x400001d) read$auto_nodes_fops_netdebug(0xffffffffffffffff, &(0x7f0000000000)=""/43, 0x2b) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_score_adj\x00', 0x142, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xfa}, 0x7) write$auto(0x3, 0x0, 0x7fffffff) rt_tgsigqueueinfo$auto(r0, r1, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_kill={r0}}}) 3.296546823s ago: executing program 1 (id=2224): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x5, 0xa505}, 0x800}, 0x7, 0x104008) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0) read$auto(r0, 0x0, 0x4) setsockopt$auto(0xffffffffffffffff, 0x29, 0x20015, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x6e, 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x5}, 0x3) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xdc780, 0x0) mmap$auto(0x3, 0x80002020009, 0x7, 0xfa, 0xffffffffffffffff, 0x400) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlock$auto(0x10f, 0x5) mbind$auto(0x1, 0x2091d2, 0x4, 0x0, 0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket(0x28, 0x5, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mtdblock0\x00', 0x26441, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r5) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x4844}, 0x20048014) sendmsg$auto_NCSI_CMD_CLEAR_INTERFACE(r4, &(0x7f00000007c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000780)={&(0x7f0000000300)=ANY=[@ANYBLOB="140d0000", @ANYRES8=r3, @ANYRES16=r2], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000040) ioctl$auto_BLKSSZGET(0xffffffffffffffff, 0x1268, 0x0) sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4004001}, 0x2c002884) sendfile$auto(r0, 0xffffffffffffffff, 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/kvm/parameters/nx_huge_pages_recovery_period_ms\x00', 0x149b01, 0x0) 3.095617913s ago: executing program 2 (id=2225): mmap$auto(0x0, 0x20009, 0x4000000020df, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0xc800) mmap$auto(0x0, 0x2000a, 0xcf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, r0, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) fsopen$auto(0x0, 0x1) ioctl$auto(r0, 0x80085610, r0) setsockopt$auto(0xffffffffffffffff, 0x29, 0x5, 0x0, 0x56b) pwritev$auto(0xffffffffffffffff, 0x0, 0xd, 0x1000000000000005, 0x4f) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x80000, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) ioctl$auto(r1, 0x541c, r2) 2.467808522s ago: executing program 1 (id=2227): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8f3b7a51b8148120, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = io_uring_setup$auto(0x5b, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x80000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setpriority$auto_PRIO_USER(0x2, 0x0, 0x81) shmctl$auto_SHM_INFO(0x3, 0xe, &(0x7f0000000780)={{0x4, 0x0, 0xffffffffffffffff, 0x7e7, 0x0, 0x8, 0x4}, 0xffff5049, 0x81, 0x200, 0x81, @inferred=0x0, @raw=0x5, 0x6, 0x0, &(0x7f0000000680), &(0x7f0000000700)="702cd3d6f4c7d12ece89d98d5bb588d457c6d3becbf886ea2af0f2245775ae0a5e5272fd8dbaf28b475e82dc4c9507811297cfcbcb9af20224c9b1703826cc64002fb13e71aa2ef2287e1cb0b98207032bfa8a9fe87a7ac9dbabfdddbbe058903a7d0d00242bed00db4081a1cc258f"}) shmctl$auto_SHM_STAT_ANY(0x7, 0xf, &(0x7f0000000940)={{0x0, 0x0, r3, 0x3cc0b025, 0x8, 0x7f, 0x4}, 0x4d, 0x6, 0x5, 0xb1e2, @raw, @raw=0x4, 0x5, 0x0, &(0x7f0000000800)="b44ccefec0ae3d7ecfffaf638d451d3aa7fdcd3f59dfe8031542aadb800a861d0cb9869fe6b956e87f6c96f05239bab1fe5ba0e5d1af574290b79aa04bde4ca78d660b3faec5da3b1bc191ce720176577762351875ebb6fe918361da3e87de19b7653d2e5fd4c9e63f3bdd83edcc5690ac6a1d4c186d6b4366f2dc0265cfac5450c4da851603c57927d0d16684380abb0bfca8c6ab920db85673ea3460ad2059053c2ed59627dacbc190abac48ded6bbf3336d91ead92a3462824e2d46cfc6ebe3542f07e58c1e7d3e3536716c782db32f6d7a7db55f54a1f1743ee3b5ab2aba6760aee142723169249e19476fe601b19b6ee47590", &(0x7f0000000900)="6cc3cb0a2ece5c0042b265e0b3bd259d"}) sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r1, &(0x7f00000004c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000280)={0x1d4, 0x0, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x4}, @NL802154_ATTR_WPAN_PHY_NAME={0x1a, 0x2, '/dev/binderfs/binder0\x00'}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x87}, @NL802154_ATTR_WPAN_PHY_CAPS={0x18b, 0x18, 0x0, 0x1, [@nested={0x8c, 0xed, 0x0, 0x1, [@generic="cb527603e78437f26b37e5e44c4bcf9d22bc7a38508fce9785e8b4f82c323c45ff3a4154f873498bd54e7b0944e6106bf7ef7afe9fac6529a18e7fcbbbedb7fa861b2c8cf823b4e195ee4d82974a27260520f7029ebbc3fab3e3ca4f52257e66ea35117fd84f4628b44d9fa9", @typed={0x8, 0xd8, 0x0, 0x0, @u32=0x8000}, @typed={0x8, 0x115, 0x0, 0x0, @uid=r5}, @typed={0xc, 0x153, 0x0, 0x0, @u64=0x7}]}, @generic="3f93a58731e23f7fd904729a5434e198f6813b18a59be7648f43a16f99672a0d86082411f4a57d836b3d9897265b88b475f1aa3983646641330ed84d26554851c7b7a016ebfd9fbfb3e929341c2fc489e153e111783759760a5761d4eb0a1f52b596a98875876222ede9af7f04e0043dd1cf744789f571e8b54d1106ecf8c3e879d81af6ab8899c11661f81d0427ce667bb5861112858aba259062c25e9536ed8d547dd160998e8b0085cda9011c9bacd6c780c70ed336c13f5f01a7ae01e1d4ecef906440860a959587befac294bf92a129d381c25a478c2adf9e6afd24cd7c952d2466e70254cf3f771b42df1d6e57d1cc4df6837679f7803db7"]}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x2008004}, 0x6514) shmctl$auto_IPC_SET(0x5, 0x1, &(0x7f0000000700)={{0xfb04, 0xee01, r3, 0x1, 0x8, 0x979, 0xfff7}, 0x80000000, 0x1ca, 0x8, 0x7, @inferred=r4, @raw=0x7, 0x6, 0x0, &(0x7f0000000540)="368a8e87ef852c8ad37aaa037ccfa8e72005d0d3c165f2aa342aa2cd957098ed00938e246fb9490a681d5966f2ecca9a7d7ae8e54c3ac885eddb2f70ebe923613e1eef9d96da90158afe0d34e19ab9dfe9c3b6899d1728497c0f4d19d1ada218aca961db1b02cb119786df52bf5a55137e955a555ee7e542cae8d9ec220913b4156635aae7a9d7fb78b13f1de5ebaade8ec28ab4a5d6cd07af46713398fdadca3a109d07c078213498ef42a52ad30ffeffe490f44746a1f58a492729f0d989d34df674121dd873364fc8c8a623d7c1687ef10df4052eb85f1f9ff654002cfe90", &(0x7f0000000640)="275031726a91fd4126c51de45e1d67b268855adce50343b1d9a7dd606e99b0096e7c780753b7d778f3b9e84747723d1d00e9b9cc2771b309019f884a0a4c86219a62f13c86025b3bbbd8bdc3167b4d8b48ad766b1fb725ed2689e82bfda307be96bdb8d2d2f0c0913d21345eab4dcd78ba8be1b3cc6eb3762f02c37aff85c360f3a7a934be4fa43e0bd92fdd5b74f0464a7b71a0d08d0a82cb408000"/170}) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000100)="63ecea062df1229f3d3ec21f1f5f8307e6aa7b6b0b45017f77b0a8d80914633e00b0b5f6f86df743e76943b956a85aeb3b72168c1a19581a31fff13fa27e1bcda6b3b6cbbf937b5716b9c3a7edda0e20639669408cf31eb0fbe39ae2") sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000ac0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x65e0400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x404c004}, 0x4008000) sysfs$auto(0x2, 0x4, 0x0) r6 = fsopen$auto(0x0, 0x1) fsconfig$auto(r6, 0x8, 0x0, 0x0, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r2) ioctl$auto_KVM_CREATE_VM(r7, 0xc048aeca, 0x0) 2.466620378s ago: executing program 3 (id=2228): r0 = socket(0x10, 0xa, 0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x8000, 0x0) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TCFLSH2(r2, 0x540b, &(0x7f0000000040)="7bef6f3ffd8f1c69596308664536c205eb") fcntl$auto(r3, 0x8, 0x1) r4 = clone3$auto(&(0x7f00000000c0)={0x8, 0xfffffffffffffff9, 0xfffffffffffffffc, 0x81, 0x400, 0x6358c246, 0x10001, 0x8, 0x5, 0x4, 0x80000000}, 0xffffffffffffffff) fcntl$auto(r3, 0x10, r4) r5 = socket(0x2, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x3b) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000180), r5) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="01000000", @ANYRES16=r6, @ANYBLOB="020027bd7000fddbdf252c000000"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto(0x3, 0xc0184d03, 0xffffffffffffffff) setsockopt$auto(r5, 0x0, 0x10, 0x0, 0x17) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68) ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000080)) 2.135639903s ago: executing program 1 (id=2229): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x5, 0xa505}, 0x800}, 0x7, 0x104008) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0) read$auto(r0, 0x0, 0x4) setsockopt$auto(0xffffffffffffffff, 0x29, 0x20015, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x6e, 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x5}, 0x3) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0) (fail_nth: 10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xdc780, 0x0) mmap$auto(0x3, 0x80002020009, 0x7, 0xfa, 0xffffffffffffffff, 0x400) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlock$auto(0x10f, 0x5) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x3, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket(0x28, 0x5, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mtdblock0\x00', 0x26441, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x4844}, 0x20048014) sendmsg$auto_NCSI_CMD_CLEAR_INTERFACE(r2, &(0x7f00000007c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000780)={&(0x7f0000000300)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000040) ioctl$auto_BLKSSZGET(r3, 0x1268, 0x0) sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4004001}, 0x2c002884) sendfile$auto(r0, 0xffffffffffffffff, 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/kvm/parameters/nx_huge_pages_recovery_period_ms\x00', 0x149b01, 0x0) 1.890897271s ago: executing program 2 (id=2230): mmap$auto(0x0, 0x20009, 0x4000000020df, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x800, 0x10) getdents$auto(r0, &(0x7f0000000f40)={0x1000000000302, 0xfffffffffffffffa, 0x7}, 0x20000018) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0xc800) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x81, 0x0) ioctl$auto(r1, 0x5111, 0x3) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd4/sched/read1_next_rq\x00', 0x0, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x8, 0x4, 0xcf, 0xeb5, r1, 0x8000) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x102, 0x0) ioctl$auto(r2, 0x80085610, r2) ptrace$auto(0x4206, 0x1, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x29, 0x5, 0x0, 0x56b) r3 = socket(0x11, 0x3, 0x0) r4 = open(&(0x7f00000000c0)='./file0\x00', 0x108242, 0x78e22799f4a46f8e) flock$auto(r4, 0x6) open(&(0x7f0000000000)='./file0\x00', 0x148640, 0x78e22799f4a46f8e) flock$auto(0xffffffffffffffff, 0x3ffffff) r5 = open(&(0x7f0000000000)='./file0\x00', 0x148640, 0x78e22799f4a46f8e) flock$auto(r5, 0x2) flock$auto(r5, 0x2) close_range$auto(r3, 0xffffffffffffffff, 0x0) pwritev$auto(0xffffffffffffffff, 0x0, 0xd, 0x1000000000000002, 0x4f) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0xca, 0x0, 0x7f) 1.890525517s ago: executing program 3 (id=2231): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000001040)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0xc05, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="5c000000d62ccbd705eea89ded35fec1e21c0f528a5efc8061e7b390d3e33f62e1f2945052982ee7583bdd3f9ac653d5ac21c4a73cfcc785c248211ee4998c2b35501566cebf348762a3405b9d2dc4f0f6cca3ecd4f0a9062164f6697bf94f54cc174d27f1931320c3ef4e34e976ccaab23d887a7828513cb9646bfea0daf8d18f9e32d5dc9ba5a75a6a8556916c0054830a843469a3211141532f492cc0fbd6faac85df088513e4475824a9fa132d2926fed2ba", @ANYRES16=0x0, @ANYBLOB="01002bbd7000f9dbdf250100000006000210010000000500070058000000080009000800000008000a000800000014001f00000000000000000000000000000000001400200000000000000000000000ffffed010100"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x40) writev$auto(r0, &(0x7f0000000140)={0x0, 0x6}, 0x4) r1 = socket(0x10, 0x3, 0x6) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbdf25050000000c00010007000000000000000c00010004000000000000000c18010040000000000000000200200004000000000000000c0001000000000000000000000001400000000000000000c2d7166da058184d45b5abf640750c17f09c29b601000000000000001122a15e9b5481e80e93a6b5625964279d9b4fb4ecd437fbe329919af368853ec185ade0a019bb8937b11238bb036043d9964e6fe7ed8726defee309cb971a9443ec2732a13996ab41f0eadb8785ef533cd8a04d887f076bb25367da96a7e4ea1c97d76a3f545c3bbf11d86bb564d02a792c1a19b27971dfcdddfc51fc489dc5e84e99fe51a195c4f1"], 0x50}, 0x1, 0x100000000000000, 0x0, 0x4048000}, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/boot_params/data\x00', 0x2c40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000001c00)=""/4109, 0x100d) socket(0x10, 0x2, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nbd13\x00', 0x331040, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd0\x00', 0x24000, 0x0) ioctl$auto(r4, 0xab04, 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010026bd7000ffdbdf250400000014001a80ffff04800c0001"], 0x28}, 0x1, 0x0, 0x0, 0x894}, 0x4) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r5) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) r6 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES16=r2, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00", @ANYRES32=r6, @ANYBLOB="0c002e010800000000"], 0x28}, 0x1, 0x0, 0x0, 0x4008855}, 0x8000) r7 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000100), 0x80840, 0x0) read$auto_fragmentation_threshold_ops_(r7, 0x0, 0x0) r8 = socket(0x25, 0x6, 0x1fe) r9 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1b, r8, 0x10000}, 0x10) mmap$auto(0x0, 0x2009, 0xfffffffffffffff9, 0x8000200008011, r9, 0x8000) recvfrom$auto(0x3, 0x0, 0x521c, 0xfffff4a1, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) 1.06295208s ago: executing program 3 (id=2232): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/cifs/open_files\x00', 0xd00, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) fcntl$auto(0x3, 0x4, 0xa553) r1 = socketpair$auto(0x1, 0xfff, 0xfffffffb, &(0x7f0000000000)=0xc2) read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000180)=""/249, 0xf9) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/run_estimation\x00', 0x88042, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) close_range$auto(0x2, r0, 0xfffffffc) socket(0x2, 0x80802, 0x0) r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0) ioctl$auto(r3, 0x921064a2, 0x20000000020000a) r4 = socket(0x2b, 0x1, 0x0) ioctl$auto_VHOST_SET_FEATURES2(r1, 0x4008af00, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000280)) bind$auto(r1, &(0x7f0000000040)=@qipcrtr={0x2a, 0xffffffff, 0x1}, 0x0) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x800009}, 0x7, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0x8, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x1000, 0xb, 0x1, 0xc9, 0x9, 0x6, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0) 704.588421ms ago: executing program 3 (id=2234): r0 = getpid() r1 = gettid() mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) r2 = socketcall$auto_SYS_SOCKET(0x1, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) sendmsg$auto_NL80211_CMD_ADD_LINK(r2, 0x0, 0x0) msgctl$auto_IPC_SET(0x0, 0x1, &(0x7f0000002600)={{0x0, 0x0, 0xee00, 0x7fffffff, 0x4, 0x8b7, 0xdf}, 0x0, 0x0, 0x8b00000000000000, 0x2, 0x5, 0x86, 0x3, 0x6, 0x401, 0x6}) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) madvise$auto(0x0, 0x2003f0, 0x18) statmount$auto(0x0, 0x0, 0x1fe, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/ram3/queue/iostats_passthrough\x00', 0x88202, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/tasks\x00', 0x63102, 0x0) sendfile$auto(r3, 0x3, 0x0, 0x100000000000009) sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START(0xffffffffffffffff, 0x0, 0x400001d) read$auto_nodes_fops_netdebug(0xffffffffffffffff, &(0x7f0000000000)=""/43, 0x2b) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_score_adj\x00', 0x142, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xfa}, 0x7) write$auto(0x3, 0x0, 0x7fffffff) rt_tgsigqueueinfo$auto(r0, r1, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_kill={r0}}}) 648.441761ms ago: executing program 1 (id=2235): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd10/queue/max_segments\x00', 0x80980, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0x40, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/mountinfo\x00', 0x28c40, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x0) r0 = io_uring_setup$auto(0x7, 0x0) socketpair$auto(0xfffffffe, 0x5, 0x3ff, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x480, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000200), r0) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="948ef6e2fd6a75de2201625592a9a7a26ddef465a06848e531ba0c8ee1e9b73238977d4bf3dbea0b9f6fafdb087f9e0b0914b89cb1f6f39501f61547"], 0x1c}, 0x1, 0x0, 0x0, 0x41000}, 0x64810) close_range$auto(0x2, 0x8, 0x0) 286.365451ms ago: executing program 3 (id=2236): mmap$auto(0x0, 0x20009, 0x4000000020df, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0xc800) mmap$auto(0x0, 0x2000a, 0xcf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x102, 0x0) close_range$auto(0x2, 0x8, 0x0) signalfd$auto(0xffffffffffffffff, 0x0, 0x8) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0xca, 0x0, 0x7f) 0s ago: executing program 3 (id=2237): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x5, 0xa505}, 0x800}, 0x7, 0x104008) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0) read$auto(r0, 0x0, 0x4) setsockopt$auto(0xffffffffffffffff, 0x29, 0x20015, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x6e, 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x5}, 0x3) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xdc780, 0x0) mmap$auto(0x3, 0x80002020009, 0x7, 0xfa, 0xffffffffffffffff, 0x400) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlock$auto(0x10f, 0x5) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x3, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket(0x28, 0x5, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mtdblock0\x00', 0x26441, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x100}, 0x20048014) sendmsg$auto_NCSI_CMD_CLEAR_INTERFACE(r2, &(0x7f00000007c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000780)={&(0x7f0000000300)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000040) ioctl$auto_BLKSSZGET(r3, 0x1268, 0x0) sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4004001}, 0x2c002884) sendfile$auto(r0, 0xffffffffffffffff, 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/kvm/parameters/nx_huge_pages_recovery_period_ms\x00', 0x149b01, 0x0) kernel console output (not intermixed with test programs): 623][T12292] NFSD: Failed to start, no listeners configured. [ 522.017737][T12325] FAULT_INJECTION: forcing a failure. [ 522.017737][T12325] name failslab, interval 1, probability 0, space 0, times 0 [ 522.106675][T12325] CPU: 0 UID: 0 PID: 12325 Comm: syz.0.1585 Tainted: G L syzkaller #0 PREEMPT(full) [ 522.106706][T12325] Tainted: [L]=SOFTLOCKUP [ 522.106712][T12325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 522.106723][T12325] Call Trace: [ 522.106729][T12325] [ 522.106736][T12325] dump_stack_lvl+0x100/0x190 [ 522.106761][T12325] should_fail_ex.cold+0x5/0xa [ 522.106783][T12325] ? tomoyo_realpath_from_path+0xb6/0x690 [ 522.106806][T12325] should_failslab+0xc2/0x120 [ 522.106827][T12325] __kmalloc_noprof+0xe0/0x850 [ 522.106854][T12325] ? kfree+0x1dd/0x6c0 [ 522.106882][T12325] tomoyo_realpath_from_path+0xb6/0x690 [ 522.106909][T12325] tomoyo_path_number_perm+0x23c/0x580 [ 522.106926][T12325] ? tomoyo_path_number_perm+0x22e/0x580 [ 522.106946][T12325] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 522.107013][T12325] ? find_held_lock+0x2b/0x80 [ 522.107036][T12325] ? __fget_files+0x215/0x3d0 [ 522.107056][T12325] ? hook_file_ioctl_common+0x149/0x410 [ 522.107073][T12325] ? __fget_files+0x215/0x3d0 [ 522.107097][T12325] ? __fget_files+0x21f/0x3d0 [ 522.107121][T12325] security_file_ioctl+0xd3/0x230 [ 522.107140][T12325] __x64_sys_ioctl+0xb7/0x210 [ 522.107159][T12325] do_syscall_64+0x10b/0xf80 [ 522.107182][T12325] ? clear_bhb_loop+0x40/0x90 [ 522.107203][T12325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 522.107221][T12325] RIP: 0033:0x7f01e219cdd9 [ 522.107237][T12325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 522.107254][T12325] RSP: 002b:00007f01e3093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 522.107272][T12325] RAX: ffffffffffffffda RBX: 00007f01e2415fa0 RCX: 00007f01e219cdd9 [ 522.107284][T12325] RDX: 0000200000000080 RSI: 0000000000004601 RDI: 0000000000000003 [ 522.107294][T12325] RBP: 00007f01e3093090 R08: 0000000000000000 R09: 0000000000000000 [ 522.107305][T12325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 522.107315][T12325] R13: 00007f01e2416038 R14: 00007f01e2415fa0 R15: 00007ffc44af02b8 [ 522.107337][T12325] [ 522.107344][T12325] ERROR: Out of memory at tomoyo_realpath_from_path. [ 522.621342][T12332] usb usb26: usbfs: process 12332 (syz.1.1587) did not claim interface 0 before use [ 522.834909][T12341] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1588'. [ 523.764119][T12361] ecryptfs_miscdev_response: (sizeof(*msg) + msg->data_len) = [1067213646]; data_size = [146]. Invalid packet. [ 523.830869][T12361] ecryptfs_miscdev_write: Failed to deliver miscdev response to requesting operation; rc = [-22] [ 523.954403][T12355] zswap: compressor not available [ 526.206714][T12423] FAULT_INJECTION: forcing a failure. [ 526.206714][T12423] name failslab, interval 1, probability 0, space 0, times 0 [ 526.361817][T12423] CPU: 0 UID: 0 PID: 12423 Comm: syz.2.1607 Tainted: G L syzkaller #0 PREEMPT(full) [ 526.361848][T12423] Tainted: [L]=SOFTLOCKUP [ 526.361855][T12423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 526.361865][T12423] Call Trace: [ 526.361871][T12423] [ 526.361878][T12423] dump_stack_lvl+0x100/0x190 [ 526.361903][T12423] should_fail_ex.cold+0x5/0xa [ 526.361926][T12423] should_failslab+0xc2/0x120 [ 526.361947][T12423] __kmalloc_cache_noprof+0x7a/0x6f0 [ 526.361980][T12423] ? __kthread_create_on_node+0xce/0x3f0 [ 526.362005][T12423] ? lockdep_init_map_type+0x5c/0x250 [ 526.362027][T12423] ? __pfx_rxrpc_io_thread+0x10/0x10 [ 526.362055][T12423] __kthread_create_on_node+0xce/0x3f0 [ 526.362086][T12423] ? __pfx___kthread_create_on_node+0x10/0x10 [ 526.362123][T12423] ? __pfx_rxrpc_io_thread+0x10/0x10 [ 526.362151][T12423] kthread_create_on_node+0xc7/0x100 [ 526.362177][T12423] ? __pfx_kthread_create_on_node+0x10/0x10 [ 526.362201][T12423] ? find_held_lock+0x2b/0x80 [ 526.362224][T12423] ? setup_udp_tunnel_sock+0x521/0x620 [ 526.362246][T12423] ? setup_udp_tunnel_sock+0x521/0x620 [ 526.362270][T12423] ? do_raw_spin_unlock+0x145/0x1e0 [ 526.362296][T12423] rxrpc_open_socket+0x3d5/0x6b0 [ 526.362315][T12423] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 526.362334][T12423] ? __pfx_rxrpc_encap_rcv+0x10/0x10 [ 526.362361][T12423] ? __pfx_rxrpc_encap_err_rcv+0x10/0x10 [ 526.362386][T12423] ? rcu_is_watching+0x12/0xc0 [ 526.362407][T12423] ? trace_rxrpc_local+0x80/0x250 [ 526.362426][T12423] rxrpc_lookup_local+0xac7/0x1220 [ 526.362449][T12423] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 526.362470][T12423] ? __local_bh_enable_ip+0x9e/0x120 [ 526.362497][T12423] rxrpc_sendmsg+0x34a/0x680 [ 526.362522][T12423] sock_write_iter+0x524/0x5a0 [ 526.362545][T12423] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 526.362566][T12423] ? __pfx_sock_write_iter+0x10/0x10 [ 526.362598][T12423] ? bpf_lsm_file_permission+0x9/0x10 [ 526.362615][T12423] ? security_file_permission+0x76/0x210 [ 526.362636][T12423] ? rw_verify_area+0xce/0x6d0 [ 526.362656][T12423] vfs_write+0x6ac/0x1070 [ 526.362677][T12423] ? __pfx_sock_write_iter+0x10/0x10 [ 526.362702][T12423] ? __pfx_vfs_write+0x10/0x10 [ 526.362720][T12423] ? find_held_lock+0x2b/0x80 [ 526.362757][T12423] ksys_write+0x1f8/0x250 [ 526.362777][T12423] ? __pfx_ksys_write+0x10/0x10 [ 526.362798][T12423] ? rcu_is_watching+0x12/0xc0 [ 526.362822][T12423] do_syscall_64+0x10b/0xf80 [ 526.362845][T12423] ? clear_bhb_loop+0x40/0x90 [ 526.362866][T12423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.362884][T12423] RIP: 0033:0x7f5a95f9cdd9 [ 526.362899][T12423] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 526.362916][T12423] RSP: 002b:00007f5a96ef3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 526.362934][T12423] RAX: ffffffffffffffda RBX: 00007f5a96216180 RCX: 00007f5a95f9cdd9 [ 526.362945][T12423] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 526.362962][T12423] RBP: 00007f5a96032d69 R08: 0000000000000000 R09: 0000000000000000 [ 526.362972][T12423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 526.362982][T12423] R13: 00007f5a96216218 R14: 00007f5a96216180 R15: 00007ffd92de74c8 [ 526.363005][T12423] [ 529.458787][T12458] random: crng reseeded on system resumption [ 529.640668][T12462] FAULT_INJECTION: forcing a failure. [ 529.640668][T12462] name failslab, interval 1, probability 0, space 0, times 0 [ 529.744494][T12462] CPU: 0 UID: 0 PID: 12462 Comm: syz.3.1618 Tainted: G L syzkaller #0 PREEMPT(full) [ 529.744526][T12462] Tainted: [L]=SOFTLOCKUP [ 529.744533][T12462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 529.744545][T12462] Call Trace: [ 529.744552][T12462] [ 529.744559][T12462] dump_stack_lvl+0x100/0x190 [ 529.744585][T12462] should_fail_ex.cold+0x5/0xa [ 529.744610][T12462] should_failslab+0xc2/0x120 [ 529.744632][T12462] __kmalloc_cache_noprof+0x7a/0x6f0 [ 529.744658][T12462] ? acpi_ds_create_walk_state+0x95/0x300 [ 529.744687][T12462] acpi_ds_create_walk_state+0x95/0x300 [ 529.744711][T12462] acpi_ps_execute_method+0x2c1/0xe90 [ 529.744741][T12462] acpi_ns_evaluate+0x640/0x1670 [ 529.744771][T12462] acpi_evaluate_object+0x420/0xe00 [ 529.744789][T12462] ? kasan_save_stack+0x30/0x50 [ 529.744805][T12462] ? kasan_save_track+0x14/0x30 [ 529.744821][T12462] ? __kasan_kmalloc+0xaa/0xb0 [ 529.744836][T12462] ? __kvmalloc_node_noprof+0x360/0xa00 [ 529.744858][T12462] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 529.744883][T12462] ? lock_acquire+0x1b1/0x370 [ 529.744906][T12462] acpi_evaluate_integer+0xdf/0x220 [ 529.744933][T12462] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 529.744975][T12462] ? __pfx_status_show+0x10/0x10 [ 529.744994][T12462] status_show+0xa0/0x120 [ 529.745012][T12462] ? __pfx_status_show+0x10/0x10 [ 529.745035][T12462] dev_attr_show+0x52/0xa0 [ 529.745059][T12462] ? __pfx_dev_attr_show+0x10/0x10 [ 529.745081][T12462] sysfs_kf_seq_show+0x217/0x3a0 [ 529.745103][T12462] seq_read_iter+0x32f/0x1270 [ 529.745123][T12462] ? lock_acquire+0x1b1/0x370 [ 529.745149][T12462] kernfs_fop_read_iter+0x46c/0x610 [ 529.745176][T12462] ? rw_verify_area+0xce/0x6d0 [ 529.745194][T12462] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 529.745222][T12462] vfs_read+0x825/0xb30 [ 529.745245][T12462] ? __pfx_vfs_read+0x10/0x10 [ 529.745279][T12462] ksys_read+0x12a/0x250 [ 529.745299][T12462] ? __pfx_ksys_read+0x10/0x10 [ 529.745321][T12462] ? rcu_is_watching+0x12/0xc0 [ 529.745345][T12462] do_syscall_64+0x10b/0xf80 [ 529.745368][T12462] ? clear_bhb_loop+0x40/0x90 [ 529.745391][T12462] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.745409][T12462] RIP: 0033:0x7fdc4459cdd9 [ 529.745425][T12462] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 529.745444][T12462] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 529.745463][T12462] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 529.745476][T12462] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000008 [ 529.745486][T12462] RBP: 00007fdc44632d69 R08: 0000000000000000 R09: 0000000000000000 [ 529.745497][T12462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 529.745508][T12462] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 529.745532][T12462] [ 535.515696][T11520] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 537.014202][T11520] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 537.014234][T11520] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 537.031713][T11520] Bluetooth: hci0: Dropping invalid advertising data [ 537.039783][T11520] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 537.039812][T11520] Bluetooth: hci0: Dropping invalid advertising data [ 537.055217][T11520] Bluetooth: hci0: Malformed LE Event: 0x02 [ 537.323366][T12537] bond0: option packets_per_slave: invalid value ( Xµn‘pæ) [ 537.422626][T12537] bond0: option packets_per_slave: allowed values 0 - 65535 [ 537.452785][T12552] netlink: 'syz.3.1639': attribute type 12 has an invalid length. [ 538.048354][T12486] kexec: Could not allocate control_code_buffer [ 540.223753][T12586] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1646'. [ 542.050453][T12619] usb usb26: usbfs: process 12619 (syz.1.1652) did not claim interface 0 before use [ 542.689109][T12634] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 543.208688][T12641] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1658'. [ 545.046206][T12674] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1667'. [ 545.178604][T12676] WARNING! power/level is deprecated; use power/control instead [ 546.367191][T12687] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 546.379408][T12700] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1672'. [ 546.400365][T12687] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 546.423772][T12687] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 546.464216][T12687] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 547.251583][T12719] FAULT_INJECTION: forcing a failure. [ 547.251583][T12719] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 547.301637][T12719] CPU: 0 UID: 0 PID: 12719 Comm: syz.2.1678 Tainted: G L syzkaller #0 PREEMPT(full) [ 547.301672][T12719] Tainted: [L]=SOFTLOCKUP [ 547.301678][T12719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 547.301689][T12719] Call Trace: [ 547.301695][T12719] [ 547.301701][T12719] dump_stack_lvl+0x100/0x190 [ 547.301726][T12719] should_fail_ex.cold+0x5/0xa [ 547.301749][T12719] _copy_to_user+0x32/0xd0 [ 547.301779][T12719] simple_read_from_buffer+0xcb/0x170 [ 547.301802][T12719] proc_fail_nth_read+0x1af/0x230 [ 547.301830][T12719] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 547.301860][T12719] ? rw_verify_area+0xce/0x6d0 [ 547.301879][T12719] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 547.301906][T12719] vfs_readv+0x5d8/0x8d0 [ 547.301930][T12719] ? __pfx_vfs_readv+0x10/0x10 [ 547.301948][T12719] ? find_held_lock+0x2b/0x80 [ 547.301971][T12719] ? ksys_write+0x190/0x250 [ 547.302003][T12719] ? __fget_files+0x21f/0x3d0 [ 547.302029][T12719] ? do_readv+0x13e/0x340 [ 547.302045][T12719] do_readv+0x13e/0x340 [ 547.302070][T12719] ? __pfx_do_readv+0x10/0x10 [ 547.302089][T12719] ? rcu_is_watching+0x12/0xc0 [ 547.302114][T12719] do_syscall_64+0x10b/0xf80 [ 547.302137][T12719] ? clear_bhb_loop+0x40/0x90 [ 547.302176][T12719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.302194][T12719] RIP: 0033:0x7f5a95f9cdd9 [ 547.302210][T12719] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 547.302227][T12719] RSP: 002b:00007f5a96f14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 547.302244][T12719] RAX: ffffffffffffffda RBX: 00007f5a96216090 RCX: 00007f5a95f9cdd9 [ 547.302256][T12719] RDX: 0000000000000003 RSI: 0000200000000040 RDI: 0000000000000003 [ 547.302267][T12719] RBP: 00007f5a96f14090 R08: 0000000000000000 R09: 0000000000000000 [ 547.302277][T12719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 547.302287][T12719] R13: 00007f5a96216128 R14: 00007f5a96216090 R15: 00007ffd92de74c8 [ 547.302310][T12719] [ 547.822152][T12729] FAULT_INJECTION: forcing a failure. [ 547.822152][T12729] name failslab, interval 1, probability 0, space 0, times 0 [ 547.822185][T12729] CPU: 0 UID: 0 PID: 12729 Comm: syz.1.1681 Tainted: G L syzkaller #0 PREEMPT(full) [ 547.822212][T12729] Tainted: [L]=SOFTLOCKUP [ 547.822218][T12729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 547.822228][T12729] Call Trace: [ 547.822234][T12729] [ 547.822241][T12729] dump_stack_lvl+0x100/0x190 [ 547.822265][T12729] should_fail_ex.cold+0x5/0xa [ 547.822289][T12729] should_failslab+0xc2/0x120 [ 547.822311][T12729] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 547.822339][T12729] ? sk_prot_alloc+0x60/0x2a0 [ 547.822366][T12729] sk_prot_alloc+0x60/0x2a0 [ 547.822390][T12729] sk_alloc+0x36/0xe80 [ 547.822409][T12729] qrtr_create+0x84/0x1d0 [ 547.822433][T12729] __sock_create+0x339/0x860 [ 547.822462][T12729] __sys_socket+0x14d/0x260 [ 547.822488][T12729] ? __pfx___sys_socket+0x10/0x10 [ 547.822512][T12729] ? ksys_write+0x1ac/0x250 [ 547.822538][T12729] __x64_sys_socket+0x72/0xb0 [ 547.822562][T12729] ? lockdep_hardirqs_on+0x78/0x100 [ 547.822585][T12729] do_syscall_64+0x10b/0xf80 [ 547.822607][T12729] ? clear_bhb_loop+0x40/0x90 [ 547.822629][T12729] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.822647][T12729] RIP: 0033:0x7ff11579cdd9 [ 547.822663][T12729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 547.822680][T12729] RSP: 002b:00007ff116570028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 547.822697][T12729] RAX: ffffffffffffffda RBX: 00007ff115a15fa0 RCX: 00007ff11579cdd9 [ 547.822709][T12729] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002a [ 547.822720][T12729] RBP: 00007ff115832d69 R08: 0000000000000000 R09: 0000000000000000 [ 547.822730][T12729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 547.822741][T12729] R13: 00007ff115a16038 R14: 00007ff115a15fa0 R15: 00007ffc7bad58c8 [ 547.822763][T12729] [ 547.990410][T11520] Bluetooth: hci0: command 0x0c1a tx timeout [ 548.450934][T12740] : Can't lookup blockdev [ 548.469068][T11520] Bluetooth: hci3: command 0x0c1a tx timeout [ 548.469102][T11520] Bluetooth: hci2: command 0x0c1a tx timeout [ 548.469124][T11520] Bluetooth: hci1: command 0x0c1a tx timeout [ 548.483733][T12740] netlink: 'syz.1.1684': attribute type 10 has an invalid length. [ 548.483756][T12740] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1684'. [ 548.803367][T12734] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 548.803533][T12734] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 548.803638][T12734] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 548.803738][T12734] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 549.467529][T12752] netlink: 'syz.2.1689': attribute type 4 has an invalid length. [ 549.496372][T12754] FAULT_INJECTION: forcing a failure. [ 549.496372][T12754] name failslab, interval 1, probability 0, space 0, times 0 [ 549.518394][T12752] netlink: 314 bytes leftover after parsing attributes in process `syz.2.1689'. [ 549.552067][T12754] CPU: 0 UID: 0 PID: 12754 Comm: syz.3.1690 Tainted: G L syzkaller #0 PREEMPT(full) [ 549.552098][T12754] Tainted: [L]=SOFTLOCKUP [ 549.552104][T12754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 549.552114][T12754] Call Trace: [ 549.552121][T12754] [ 549.552128][T12754] dump_stack_lvl+0x100/0x190 [ 549.552153][T12754] should_fail_ex.cold+0x5/0xa [ 549.552176][T12754] should_failslab+0xc2/0x120 [ 549.552197][T12754] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 549.552226][T12754] ? do_getname+0x35/0x390 [ 549.552257][T12754] do_getname+0x35/0x390 [ 549.552285][T12754] do_sys_openat2+0xc5/0x1e0 [ 549.552312][T12754] ? __pfx_do_sys_openat2+0x10/0x10 [ 549.552341][T12754] ? __fget_files+0x21f/0x3d0 [ 549.552366][T12754] __x64_sys_openat+0x12d/0x210 [ 549.552394][T12754] ? __pfx___x64_sys_openat+0x10/0x10 [ 549.552425][T12754] ? rcu_is_watching+0x12/0xc0 [ 549.552450][T12754] do_syscall_64+0x10b/0xf80 [ 549.552473][T12754] ? clear_bhb_loop+0x40/0x90 [ 549.552494][T12754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 549.552513][T12754] RIP: 0033:0x7fdc4459cdd9 [ 549.552528][T12754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 549.552546][T12754] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 549.552564][T12754] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 549.552577][T12754] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 549.552588][T12754] RBP: 00007fdc44632d69 R08: 0000000000000000 R09: 0000000000000000 [ 549.552599][T12754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 549.552610][T12754] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 549.552633][T12754] [ 550.328446][T11520] Bluetooth: hci0: command 0x0c1a tx timeout [ 550.869421][T11520] Bluetooth: hci3: command 0x0c1a tx timeout [ 550.875515][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 550.881664][T11520] Bluetooth: hci1: command 0x0c1a tx timeout [ 550.967371][T12769] FAULT_INJECTION: forcing a failure. [ 550.967371][T12769] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 551.025513][T12769] CPU: 0 UID: 0 PID: 12769 Comm: syz.2.1693 Tainted: G L syzkaller #0 PREEMPT(full) [ 551.025545][T12769] Tainted: [L]=SOFTLOCKUP [ 551.025551][T12769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 551.025562][T12769] Call Trace: [ 551.025568][T12769] [ 551.025576][T12769] dump_stack_lvl+0x100/0x190 [ 551.025601][T12769] should_fail_ex.cold+0x5/0xa [ 551.025621][T12769] ? prepare_alloc_pages+0x16d/0x5f0 [ 551.025647][T12769] should_fail_alloc_page+0xeb/0x140 [ 551.025670][T12769] prepare_alloc_pages+0x1f0/0x5f0 [ 551.025697][T12769] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 551.025753][T12769] ? __pfx_stack_trace_save+0x10/0x10 [ 551.025780][T12769] ? stack_depot_save_flags+0x27/0x9d0 [ 551.025806][T12769] ? kasan_save_stack+0x3f/0x50 [ 551.025827][T12769] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 551.025861][T12769] ? __lock_acquire+0x4a5/0x2630 [ 551.025878][T12769] ? __lock_acquire+0x4a5/0x2630 [ 551.025894][T12769] ? css_rstat_updated+0x1ce/0x5a0 [ 551.025929][T12769] ? lock_acquire+0x1b1/0x370 [ 551.025946][T12769] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 551.025974][T12769] ? policy_nodemask+0xed/0x4f0 [ 551.025996][T12769] alloc_pages_mpol+0x1fb/0x540 [ 551.026018][T12769] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 551.026042][T12769] ? __lock_acquire+0x4a5/0x2630 [ 551.026061][T12769] folio_alloc_mpol_noprof+0x36/0x260 [ 551.026087][T12769] vma_alloc_folio_noprof+0xed/0x1d0 [ 551.026111][T12769] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 551.026142][T12769] do_anonymous_page+0xb46/0x2050 [ 551.026169][T12769] ? rcu_read_unlock+0x2d/0xb0 [ 551.026201][T12769] __handle_mm_fault+0x1d2c/0x2a00 [ 551.026230][T12769] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 551.026253][T12769] ? __pfx___handle_mm_fault+0x10/0x10 [ 551.026285][T12769] ? pte_offset_map_lock+0x174/0x320 [ 551.026306][T12769] ? find_held_lock+0x2b/0x80 [ 551.026335][T12769] ? follow_page_pte+0x4d0/0x13f0 [ 551.026362][T12769] handle_mm_fault+0x36d/0xa20 [ 551.026392][T12769] __get_user_pages+0x1178/0x32a0 [ 551.026423][T12769] ? __pfx___get_user_pages+0x10/0x10 [ 551.026452][T12769] populate_vma_page_range+0x267/0x3f0 [ 551.026477][T12769] ? __pfx_populate_vma_page_range+0x10/0x10 [ 551.026500][T12769] ? __pfx_find_vma_intersection+0x10/0x10 [ 551.026522][T12769] ? do_mmap+0x93f/0x12f0 [ 551.026546][T12769] __mm_populate+0x107/0x3a0 [ 551.026570][T12769] ? __pfx___mm_populate+0x10/0x10 [ 551.026595][T12769] ? up_write+0x28c/0x4f0 [ 551.026617][T12769] vm_mmap_pgoff+0x37f/0x470 [ 551.026643][T12769] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 551.026667][T12769] ? do_futex+0x192/0x350 [ 551.026687][T12769] ? __pfx_do_futex+0x10/0x10 [ 551.026716][T12769] ksys_mmap_pgoff+0xe4/0x610 [ 551.026738][T12769] ? __x64_sys_futex+0x358/0x4d0 [ 551.026758][T12769] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 551.026779][T12769] ? xfd_validate_state+0x129/0x190 [ 551.026802][T12769] __x64_sys_mmap+0x125/0x190 [ 551.026825][T12769] do_syscall_64+0x10b/0xf80 [ 551.026848][T12769] ? clear_bhb_loop+0x40/0x90 [ 551.026869][T12769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.026888][T12769] RIP: 0033:0x7f5a95f9cdd9 [ 551.026904][T12769] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 551.026922][T12769] RSP: 002b:00007f5a96f35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 551.026941][T12769] RAX: ffffffffffffffda RBX: 00007f5a96215fa0 RCX: 00007f5a95f9cdd9 [ 551.026953][T12769] RDX: 00000000000000e2 RSI: 0000000000040009 RDI: 0000000000000000 [ 551.026964][T12769] RBP: 00007f5a96032d69 R08: 0000000000000007 R09: 0000000000028000 [ 551.026975][T12769] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 551.026986][T12769] R13: 00007f5a96216038 R14: 00007f5a96215fa0 R15: 00007ffd92de74c8 [ 551.027010][T12769] [ 552.742974][T12771] zswap: compressor not available [ 553.679100][T12793] FAULT_INJECTION: forcing a failure. [ 553.679100][T12793] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 553.725028][T12793] CPU: 0 UID: 0 PID: 12793 Comm: syz.1.1697 Tainted: G L syzkaller #0 PREEMPT(full) [ 553.725059][T12793] Tainted: [L]=SOFTLOCKUP [ 553.725065][T12793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 553.725076][T12793] Call Trace: [ 553.725082][T12793] [ 553.725089][T12793] dump_stack_lvl+0x100/0x190 [ 553.725113][T12793] should_fail_ex.cold+0x5/0xa [ 553.725136][T12793] _copy_from_user+0x2e/0xd0 [ 553.725166][T12793] kstrtouint_from_user+0xd6/0x1d0 [ 553.725188][T12793] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 553.725210][T12793] ? __lock_acquire+0x4a5/0x2630 [ 553.725231][T12793] ? lock_acquire+0x1b1/0x370 [ 553.725251][T12793] proc_fail_nth_write+0x83/0x220 [ 553.725280][T12793] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 553.725314][T12793] vfs_write+0x2aa/0x1070 [ 553.725335][T12793] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 553.725365][T12793] ? __pfx_vfs_write+0x10/0x10 [ 553.725384][T12793] ? __fget_files+0x215/0x3d0 [ 553.725409][T12793] ? __fget_files+0x21f/0x3d0 [ 553.725436][T12793] ksys_write+0x12a/0x250 [ 553.725456][T12793] ? __pfx_ksys_write+0x10/0x10 [ 553.725478][T12793] ? rcu_is_watching+0x12/0xc0 [ 553.725502][T12793] do_syscall_64+0x10b/0xf80 [ 553.725524][T12793] ? clear_bhb_loop+0x40/0x90 [ 553.725546][T12793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 553.725564][T12793] RIP: 0033:0x7ff11575d60e [ 553.725580][T12793] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 553.725597][T12793] RSP: 002b:00007ff1139f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 553.725615][T12793] RAX: ffffffffffffffda RBX: 00007ff1139f66c0 RCX: 00007ff11575d60e [ 553.725626][T12793] RDX: 0000000000000001 RSI: 00007ff1139f60a0 RDI: 0000000000000004 [ 553.725636][T12793] RBP: 00007ff1139f6090 R08: 0000000000000000 R09: 0000000000000000 [ 553.725646][T12793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 553.725657][T12793] R13: 00007ff115a16128 R14: 00007ff115a16090 R15: 00007ffc7bad58c8 [ 553.725679][T12793] [ 555.672591][T12829] FAULT_INJECTION: forcing a failure. [ 555.672591][T12829] name failslab, interval 1, probability 0, space 0, times 0 [ 555.866692][T12829] CPU: 0 UID: 0 PID: 12829 Comm: syz.0.1706 Tainted: G L syzkaller #0 PREEMPT(full) [ 555.866726][T12829] Tainted: [L]=SOFTLOCKUP [ 555.866733][T12829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 555.866744][T12829] Call Trace: [ 555.866751][T12829] [ 555.866758][T12829] dump_stack_lvl+0x100/0x190 [ 555.866784][T12829] should_fail_ex.cold+0x5/0xa [ 555.866807][T12829] should_failslab+0xc2/0x120 [ 555.866829][T12829] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 555.866857][T12829] ? alloc_empty_file+0x5b/0x1c0 [ 555.866883][T12829] ? __pfx_stack_trace_save+0x10/0x10 [ 555.866912][T12829] alloc_empty_file+0x5b/0x1c0 [ 555.866939][T12829] path_openat+0xe8/0x31a0 [ 555.866961][T12829] ? kasan_save_stack+0x3f/0x50 [ 555.866977][T12829] ? kasan_save_stack+0x30/0x50 [ 555.866993][T12829] ? kasan_save_track+0x14/0x30 [ 555.867009][T12829] ? __kasan_slab_alloc+0x89/0x90 [ 555.867026][T12829] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 555.867053][T12829] ? do_getname+0x35/0x390 [ 555.867077][T12829] ? do_sys_openat2+0xc5/0x1e0 [ 555.867103][T12829] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.867124][T12829] ? __pfx_path_openat+0x10/0x10 [ 555.867153][T12829] do_file_open+0x20e/0x430 [ 555.867178][T12829] ? __pfx_do_file_open+0x10/0x10 [ 555.867214][T12829] ? alloc_fd+0x476/0x790 [ 555.867237][T12829] ? do_getname+0x191/0x390 [ 555.867265][T12829] do_sys_openat2+0x10d/0x1e0 [ 555.867292][T12829] ? __pfx_do_sys_openat2+0x10/0x10 [ 555.867321][T12829] ? __fget_files+0x21f/0x3d0 [ 555.867345][T12829] __x64_sys_openat+0x12d/0x210 [ 555.867374][T12829] ? __pfx___x64_sys_openat+0x10/0x10 [ 555.867405][T12829] ? rcu_is_watching+0x12/0xc0 [ 555.867429][T12829] do_syscall_64+0x10b/0xf80 [ 555.867452][T12829] ? clear_bhb_loop+0x40/0x90 [ 555.867473][T12829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.867492][T12829] RIP: 0033:0x7f01e219cdd9 [ 555.867507][T12829] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 555.867524][T12829] RSP: 002b:00007f01e3093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 555.867543][T12829] RAX: ffffffffffffffda RBX: 00007f01e2415fa0 RCX: 00007f01e219cdd9 [ 555.867555][T12829] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 555.867566][T12829] RBP: 00007f01e2232d69 R08: 0000000000000000 R09: 0000000000000000 [ 555.867576][T12829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 555.867587][T12829] R13: 00007f01e2416038 R14: 00007f01e2415fa0 R15: 00007ffc44af02b8 [ 555.867611][T12829] [ 558.622861][T12863] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1715'. [ 559.364042][T11520] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 559.606414][T12882] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[5632] was attempted by "ci-qemu-gce-upstream-auto/syz-executor exec"[12882] [ 559.687437][T12882] syz.3.1719(12882): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 560.193137][T12857] binder: 12855:12857 ioctl 40086602 e20 returned -22 [ 560.381211][T12894] capability: warning: `syz.3.1721' uses 32-bit capabilities (legacy support in use) [ 561.367944][ T30] audit: type=1800 audit(4295059473.179:7): pid=12902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1725" name=22050820 dev="tmpfs" ino=1949 res=0 errno=0 [ 562.607866][T12923] sctp: [Deprecated]: syz.0.1729 (pid 12923) Use of int in max_burst socket option. [ 562.607866][T12923] Use struct sctp_assoc_value instead [ 564.019575][T11520] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 565.922666][T12974] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 565.946097][T12974] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 565.967733][T12974] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 565.978934][T11520] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 565.978961][T11520] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 565.994596][T11520] Bluetooth: hci2: Dropping invalid advertising data [ 566.003075][T11520] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 566.009913][T12974] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 566.032137][T12992] syz.2.1744 (12992): attempted to duplicate a private mapping with mremap. This is not supported. [ 567.511241][T11520] Bluetooth: hci0: command 0x0c1a tx timeout [ 567.761805][T13023] < [ 567.990967][ T5635] Bluetooth: hci1: command 0x0c1a tx timeout [ 567.999534][T11520] Bluetooth: hci2: command 0x0c1a tx timeout [ 568.070949][T11520] Bluetooth: hci3: command 0x0c1a tx timeout [ 568.246424][T13025] ima: Unable to open file: /sys/k (-2) [ 568.246475][T13025] ima: policy update failed [ 568.374908][ T30] audit: type=1802 audit(4295060503.178:8): pid=13025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1751" res=0 errno=0 [ 569.335152][T13040] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 569.355954][T13040] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 569.377158][T13040] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 569.400218][T13040] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 570.098168][T13067] FAULT_INJECTION: forcing a failure. [ 570.098168][T13067] name failslab, interval 1, probability 0, space 0, times 0 [ 570.179657][T13067] CPU: 0 UID: 0 PID: 13067 Comm: syz.0.1760 Tainted: G L syzkaller #0 PREEMPT(full) [ 570.179690][T13067] Tainted: [L]=SOFTLOCKUP [ 570.179696][T13067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 570.179707][T13067] Call Trace: [ 570.179715][T13067] [ 570.179722][T13067] dump_stack_lvl+0x100/0x190 [ 570.179746][T13067] should_fail_ex.cold+0x5/0xa [ 570.179769][T13067] should_failslab+0xc2/0x120 [ 570.179791][T13067] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 570.179819][T13067] ? do_getname+0x35/0x390 [ 570.179851][T13067] do_getname+0x35/0x390 [ 570.179879][T13067] do_sys_openat2+0xc5/0x1e0 [ 570.179905][T13067] ? __pfx_do_sys_openat2+0x10/0x10 [ 570.179935][T13067] ? __fget_files+0x21f/0x3d0 [ 570.179961][T13067] __x64_sys_openat+0x12d/0x210 [ 570.179989][T13067] ? __pfx___x64_sys_openat+0x10/0x10 [ 570.180021][T13067] ? rcu_is_watching+0x12/0xc0 [ 570.180045][T13067] do_syscall_64+0x10b/0xf80 [ 570.180068][T13067] ? clear_bhb_loop+0x40/0x90 [ 570.180090][T13067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.180108][T13067] RIP: 0033:0x7f01e219cdd9 [ 570.180123][T13067] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 570.180141][T13067] RSP: 002b:00007f01e3093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 570.180159][T13067] RAX: ffffffffffffffda RBX: 00007f01e2415fa0 RCX: 00007f01e219cdd9 [ 570.180171][T13067] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 570.180182][T13067] RBP: 00007f01e2232d69 R08: 0000000000000000 R09: 0000000000000000 [ 570.180193][T13067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 570.180203][T13067] R13: 00007f01e2416038 R14: 00007f01e2415fa0 R15: 00007ffc44af02b8 [ 570.180224][T13067] [ 570.377853][T13055] FAULT_INJECTION: forcing a failure. [ 570.377853][T13055] name failslab, interval 1, probability 0, space 0, times 0 [ 570.391968][T13055] CPU: 0 UID: 0 PID: 13055 Comm: syz.2.1757 Tainted: G L syzkaller #0 PREEMPT(full) [ 570.392006][T13055] Tainted: [L]=SOFTLOCKUP [ 570.392013][T13055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 570.392024][T13055] Call Trace: [ 570.392033][T13055] [ 570.392042][T13055] dump_stack_lvl+0x100/0x190 [ 570.392067][T13055] should_fail_ex.cold+0x5/0xa [ 570.392091][T13055] should_failslab+0xc2/0x120 [ 570.392113][T13055] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 570.392142][T13055] ? mas_preallocate+0x1105/0x14a0 [ 570.392175][T13055] mas_preallocate+0x1105/0x14a0 [ 570.392206][T13055] ? __pfx_mas_preallocate+0x10/0x10 [ 570.392238][T13055] ? vm_area_alloc+0x1f/0x160 [ 570.392265][T13055] ? lockdep_init_map_type+0x5c/0x250 [ 570.392286][T13055] __mmap_region+0x124a/0x2da0 [ 570.392319][T13055] ? __pfx___mmap_region+0x10/0x10 [ 570.392367][T13055] ? find_held_lock+0x2b/0x80 [ 570.392389][T13055] ? ima_match_policy+0x8c4/0x2350 [ 570.392407][T13055] ? ima_match_policy+0x8c4/0x2350 [ 570.392447][T13055] ? process_measurement+0x4c8/0x2350 [ 570.392512][T13055] mmap_region+0x527/0x620 [ 570.392531][T13055] ? __pfx_mmap_region+0x10/0x10 [ 570.392550][T13055] ? cap_mmap_addr+0x4b/0x120 [ 570.392575][T13055] ? bpf_lsm_mmap_addr+0x9/0x30 [ 570.392599][T13055] ? security_mmap_addr+0x71/0x1e0 [ 570.392620][T13055] ? __get_unmapped_area+0x255/0x3e0 [ 570.392646][T13055] do_mmap+0xc63/0x12f0 [ 570.392673][T13055] ? __pfx_do_mmap+0x10/0x10 [ 570.392695][T13055] ? __pfx_down_write_killable+0x10/0x10 [ 570.392727][T13055] vm_mmap_pgoff+0x29e/0x470 [ 570.392754][T13055] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 570.392775][T13055] ? __fget_files+0x215/0x3d0 [ 570.392800][T13055] ? __fget_files+0x21f/0x3d0 [ 570.392825][T13055] ksys_mmap_pgoff+0x3cb/0x610 [ 570.392847][T13055] ? __x64_sys_futex+0x358/0x4d0 [ 570.392868][T13055] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 570.392888][T13055] ? xfd_validate_state+0x129/0x190 [ 570.392906][T13055] ? ksys_write+0x1ac/0x250 [ 570.392930][T13055] __x64_sys_mmap+0x125/0x190 [ 570.392952][T13055] do_syscall_64+0x10b/0xf80 [ 570.392974][T13055] ? clear_bhb_loop+0x40/0x90 [ 570.392995][T13055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.393014][T13055] RIP: 0033:0x7f5a95f9cdd9 [ 570.393031][T13055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 570.393048][T13055] RSP: 002b:00007f5a96f35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 570.393066][T13055] RAX: ffffffffffffffda RBX: 00007f5a96215fa0 RCX: 00007f5a95f9cdd9 [ 570.393078][T13055] RDX: 0000000000000007 RSI: 00000000003fffff RDI: 0000000000000000 [ 570.393088][T13055] RBP: 00007f5a96032d69 R08: 00000000000000dd R09: 0000000000000000 [ 570.393099][T13055] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 570.393109][T13055] R13: 00007f5a96216038 R14: 00007f5a96215fa0 R15: 00007ffd92de74c8 [ 570.393132][T13055] [ 571.012100][T11520] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 571.019939][T11520] Bluetooth: hci0: command 0x0c1a tx timeout [ 571.177645][T13088] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1767'. [ 571.433413][ T5635] Bluetooth: hci3: command 0x0c1a tx timeout [ 571.439495][T11520] Bluetooth: hci2: command 0x0c1a tx timeout [ 571.445619][T11520] Bluetooth: hci1: command 0x0c1a tx timeout [ 574.469614][T13140] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 574.519146][T13140] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 574.548767][T13140] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 574.574747][T13140] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 575.006847][T13171] ubi9: attaching mtd0 [ 575.032762][T13171] ubi9 error: ubi_attach_mtd_dev: bad VID header (32768) or data offsets (32832) [ 575.598294][T13092] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 575.682626][T13183] random: crng reseeded on system resumption [ 576.315410][T13092] Bluetooth: hci0: command 0x0c1a tx timeout [ 576.555184][T13092] Bluetooth: hci2: command 0x0c1a tx timeout [ 576.561300][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 576.635371][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 578.816172][T13214] kvm: kvm [13213]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010000) = 0x718c1257 [ 582.493000][T13263] __vm_enough_memory: pid: 13263, comm: syz.3.1810, bytes: 4398046457856 not enough memory for the allocation [ 584.487103][T13296] netlink: 'syz.2.1819': attribute type 10 has an invalid length. [ 584.527629][T13296] netlink: 'syz.2.1819': attribute type 13 has an invalid length. [ 584.569968][T13296] netlink: 'syz.2.1819': attribute type 10 has an invalid length. [ 584.614709][T13296] netlink: 'syz.2.1819': attribute type 13 has an invalid length. [ 584.650015][T13296] netlink: 'syz.2.1819': attribute type 10 has an invalid length. [ 584.711669][T13296] netlink: 'syz.2.1819': attribute type 13 has an invalid length. [ 584.751035][T13296] netlink: 'syz.2.1819': attribute type 10 has an invalid length. [ 584.791834][T13296] netlink: 'syz.2.1819': attribute type 13 has an invalid length. [ 584.840736][T13296] netlink: 'syz.2.1819': attribute type 10 has an invalid length. [ 584.870937][ T50] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 584.884992][T13296] netlink: 'syz.2.1819': attribute type 13 has an invalid length. [ 585.178671][ T50] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 585.544657][T13322] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1826'. [ 586.373160][T13344] FAULT_INJECTION: forcing a failure. [ 586.373160][T13344] name failslab, interval 1, probability 0, space 0, times 0 [ 586.443609][T13344] CPU: 0 UID: 0 PID: 13344 Comm: syz.3.1832 Tainted: G L syzkaller #0 PREEMPT(full) [ 586.443641][T13344] Tainted: [L]=SOFTLOCKUP [ 586.443647][T13344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 586.443658][T13344] Call Trace: [ 586.443665][T13344] [ 586.443672][T13344] dump_stack_lvl+0x100/0x190 [ 586.443709][T13344] should_fail_ex.cold+0x5/0xa [ 586.443733][T13344] should_failslab+0xc2/0x120 [ 586.443755][T13344] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 586.443783][T13344] ? do_getname+0x35/0x390 [ 586.443814][T13344] do_getname+0x35/0x390 [ 586.443842][T13344] do_sys_openat2+0xc5/0x1e0 [ 586.443869][T13344] ? __pfx_do_sys_openat2+0x10/0x10 [ 586.443898][T13344] ? __fget_files+0x21f/0x3d0 [ 586.443923][T13344] __x64_sys_openat+0x12d/0x210 [ 586.443952][T13344] ? __pfx___x64_sys_openat+0x10/0x10 [ 586.443984][T13344] ? rcu_is_watching+0x12/0xc0 [ 586.444017][T13344] do_syscall_64+0x10b/0xf80 [ 586.444041][T13344] ? clear_bhb_loop+0x40/0x90 [ 586.444062][T13344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.444080][T13344] RIP: 0033:0x7fdc4459cdd9 [ 586.444099][T13344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 586.444119][T13344] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 586.444138][T13344] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 586.444150][T13344] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 586.444161][T13344] RBP: 00007fdc44632d69 R08: 0000000000000000 R09: 0000000000000000 [ 586.444172][T13344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 586.444183][T13344] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 586.444206][T13344] [ 587.145042][T13329] FAULT_INJECTION: forcing a failure. [ 587.145042][T13329] name fail_futex, interval 1, probability 0, space 0, times 0 [ 587.170639][T13349] FAULT_INJECTION: forcing a failure. [ 587.170639][T13349] name failslab, interval 1, probability 0, space 0, times 0 [ 587.285020][T13349] CPU: 0 UID: 0 PID: 13349 Comm: syz.0.1833 Tainted: G L syzkaller #0 PREEMPT(full) [ 587.285051][T13349] Tainted: [L]=SOFTLOCKUP [ 587.285058][T13349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 587.285068][T13349] Call Trace: [ 587.285074][T13349] [ 587.285082][T13349] dump_stack_lvl+0x100/0x190 [ 587.285111][T13349] should_fail_ex.cold+0x5/0xa [ 587.285135][T13349] should_failslab+0xc2/0x120 [ 587.285157][T13349] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 587.285185][T13349] ? do_getname+0x35/0x390 [ 587.285216][T13349] do_getname+0x35/0x390 [ 587.285244][T13349] do_sys_openat2+0xc5/0x1e0 [ 587.285271][T13349] ? __pfx_do_sys_openat2+0x10/0x10 [ 587.285301][T13349] ? __fget_files+0x21f/0x3d0 [ 587.285327][T13349] __x64_sys_openat+0x12d/0x210 [ 587.285355][T13349] ? __pfx___x64_sys_openat+0x10/0x10 [ 587.285387][T13349] ? rcu_is_watching+0x12/0xc0 [ 587.285411][T13349] do_syscall_64+0x10b/0xf80 [ 587.285434][T13349] ? clear_bhb_loop+0x40/0x90 [ 587.285455][T13349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.285481][T13349] RIP: 0033:0x7f01e219cdd9 [ 587.285497][T13349] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 587.285519][T13349] RSP: 002b:00007f01e3093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 587.285538][T13349] RAX: ffffffffffffffda RBX: 00007f01e2415fa0 RCX: 00007f01e219cdd9 [ 587.285550][T13349] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 587.285561][T13349] RBP: 00007f01e2232d69 R08: 0000000000000000 R09: 0000000000000000 [ 587.285571][T13349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 587.285582][T13349] R13: 00007f01e2416038 R14: 00007f01e2415fa0 R15: 00007ffc44af02b8 [ 587.285605][T13349] [ 587.509528][T13329] CPU: 0 UID: 0 PID: 13329 Comm: syz.1.1824 Tainted: G L syzkaller #0 PREEMPT(full) [ 587.509563][T13329] Tainted: [L]=SOFTLOCKUP [ 587.509569][T13329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 587.509579][T13329] Call Trace: [ 587.509585][T13329] [ 587.509592][T13329] dump_stack_lvl+0x100/0x190 [ 587.509616][T13329] should_fail_ex.cold+0x5/0xa [ 587.509639][T13329] get_futex_key+0xf78/0x1510 [ 587.509660][T13329] ? __pfx_get_futex_key+0x10/0x10 [ 587.509676][T13329] ? lock_acquire+0x1b1/0x370 [ 587.509699][T13329] futex_wake+0xea/0x530 [ 587.509724][T13329] ? __pfx_futex_wake+0x10/0x10 [ 587.509746][T13329] ? exit_mm_release+0x19/0x30 [ 587.509778][T13329] do_futex+0x32b/0x350 [ 587.509797][T13329] ? __pfx_do_futex+0x10/0x10 [ 587.509815][T13329] ? __might_fault+0xc5/0x140 [ 587.509847][T13329] mm_release+0x24a/0x2f0 [ 587.509869][T13329] do_exit+0x707/0x2a60 [ 587.509899][T13329] ? __pfx_do_exit+0x10/0x10 [ 587.509926][T13329] ? do_raw_spin_lock+0x128/0x260 [ 587.509946][T13329] ? find_held_lock+0x2b/0x80 [ 587.509969][T13329] ? get_signal+0x7e0/0x21e0 [ 587.509992][T13329] do_group_exit+0xd5/0x2a0 [ 587.510022][T13329] get_signal+0x1ec7/0x21e0 [ 587.510048][T13329] ? ksys_write+0x190/0x250 [ 587.510070][T13329] ? __pfx_get_signal+0x10/0x10 [ 587.510094][T13329] ? do_futex+0x192/0x350 [ 587.510115][T13329] arch_do_signal_or_restart+0x91/0x770 [ 587.510144][T13329] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 587.510176][T13329] ? __pfx___x64_sys_futex+0x10/0x10 [ 587.510196][T13329] ? rcu_is_watching+0x12/0xc0 [ 587.510221][T13329] exit_to_user_mode_loop+0x86/0x4a0 [ 587.510239][T13329] ? do_syscall_64+0x519/0xf80 [ 587.510263][T13329] do_syscall_64+0x6f2/0xf80 [ 587.510303][T13329] ? clear_bhb_loop+0x40/0x90 [ 587.510324][T13329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.510343][T13329] RIP: 0033:0x7ff11579cdd9 [ 587.510358][T13329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 587.510376][T13329] RSP: 002b:00007ff1135b20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 587.510394][T13329] RAX: fffffffffffffe00 RBX: 00007ff115a16278 RCX: 00007ff11579cdd9 [ 587.510406][T13329] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff115a16278 [ 587.510416][T13329] RBP: 00007ff115a16270 R08: 0000000000000000 R09: 0000000000000000 [ 587.510427][T13329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 587.510437][T13329] R13: 00007ff115a16308 R14: 00007ffc7bad57e0 R15: 00007ffc7bad58c8 [ 587.510459][T13329] [ 590.657138][T13410] Process accounting resumed [ 593.382566][T13464] program syz.1.1858 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 594.049268][ T50] Bluetooth: hci3: unexpected event 0x23 length: 127 > 13 [ 594.811323][T13484] FAULT_INJECTION: forcing a failure. [ 594.811323][T13484] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 595.025165][T13484] CPU: 0 UID: 0 PID: 13484 Comm: syz.1.1864 Tainted: G L syzkaller #0 PREEMPT(full) [ 595.025195][T13484] Tainted: [L]=SOFTLOCKUP [ 595.025202][T13484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 595.025212][T13484] Call Trace: [ 595.025218][T13484] [ 595.025226][T13484] dump_stack_lvl+0x100/0x190 [ 595.025250][T13484] should_fail_ex.cold+0x5/0xa [ 595.025273][T13484] strncpy_from_user+0x3b/0x2d0 [ 595.025295][T13484] do_getname+0x78/0x390 [ 595.025323][T13484] do_sys_openat2+0xc5/0x1e0 [ 595.025351][T13484] ? __pfx_do_sys_openat2+0x10/0x10 [ 595.025388][T13484] ? __fget_files+0x21f/0x3d0 [ 595.025413][T13484] __x64_sys_openat+0x12d/0x210 [ 595.025441][T13484] ? __pfx___x64_sys_openat+0x10/0x10 [ 595.025472][T13484] ? rcu_is_watching+0x12/0xc0 [ 595.025497][T13484] do_syscall_64+0x10b/0xf80 [ 595.025520][T13484] ? clear_bhb_loop+0x40/0x90 [ 595.025541][T13484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.025560][T13484] RIP: 0033:0x7ff11579cdd9 [ 595.025576][T13484] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 595.025594][T13484] RSP: 002b:00007ff116570028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 595.025612][T13484] RAX: ffffffffffffffda RBX: 00007ff115a15fa0 RCX: 00007ff11579cdd9 [ 595.025624][T13484] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 595.025635][T13484] RBP: 00007ff115832d69 R08: 0000000000000000 R09: 0000000000000000 [ 595.025646][T13484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.025657][T13484] R13: 00007ff115a16038 R14: 00007ff115a15fa0 R15: 00007ffc7bad58c8 [ 595.025679][T13484] [ 596.025531][T13506] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1866'. [ 597.691032][ T50] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 602.110482][T13637] FAULT_INJECTION: forcing a failure. [ 602.110482][T13637] name fail_futex, interval 1, probability 0, space 0, times 0 [ 602.404069][T13637] CPU: 0 UID: 0 PID: 13637 Comm: syz.3.1891 Tainted: G L syzkaller #0 PREEMPT(full) [ 602.404101][T13637] Tainted: [L]=SOFTLOCKUP [ 602.404107][T13637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 602.404118][T13637] Call Trace: [ 602.404124][T13637] [ 602.404131][T13637] dump_stack_lvl+0x100/0x190 [ 602.404157][T13637] should_fail_ex.cold+0x5/0xa [ 602.404181][T13637] get_futex_key+0x1d2/0x1510 [ 602.404203][T13637] ? __pfx_get_futex_key+0x10/0x10 [ 602.404235][T13637] futex_wake+0xea/0x530 [ 602.404259][T13637] ? rcu_is_watching+0x12/0xc0 [ 602.404282][T13637] ? __pfx_futex_wake+0x10/0x10 [ 602.404314][T13637] ? putname+0xb1/0x110 [ 602.404337][T13637] ? kmem_cache_free+0x127/0x6c0 [ 602.404368][T13637] do_futex+0x32b/0x350 [ 602.404388][T13637] ? __pfx_do_futex+0x10/0x10 [ 602.404406][T13637] ? __pfx_do_sys_openat2+0x10/0x10 [ 602.404436][T13637] ? __fget_files+0x21f/0x3d0 [ 602.404459][T13637] __x64_sys_futex+0x34f/0x4d0 [ 602.404480][T13637] ? __x64_sys_openat+0x12d/0x210 [ 602.404508][T13637] ? __pfx___x64_sys_futex+0x10/0x10 [ 602.404532][T13637] ? rcu_is_watching+0x12/0xc0 [ 602.404556][T13637] do_syscall_64+0x10b/0xf80 [ 602.404579][T13637] ? clear_bhb_loop+0x40/0x90 [ 602.404605][T13637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 602.404624][T13637] RIP: 0033:0x7fdc4459cdd9 [ 602.404640][T13637] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 602.404658][T13637] RSP: 002b:00007fdc454ec0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 602.404676][T13637] RAX: ffffffffffffffda RBX: 00007fdc44816098 RCX: 00007fdc4459cdd9 [ 602.404687][T13637] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fdc4481609c [ 602.404699][T13637] RBP: 00007fdc44816090 R08: 0000000000000001 R09: 0000000000000000 [ 602.404709][T13637] R10: 000000000000000b R11: 0000000000000246 R12: 0000000000000000 [ 602.404719][T13637] R13: 00007fdc44816128 R14: 00007ffcbeecf270 R15: 00007ffcbeecf358 [ 602.404741][T13637] [ 603.987801][T13675] FAULT_INJECTION: forcing a failure. [ 603.987801][T13675] name failslab, interval 1, probability 0, space 0, times 0 [ 604.077454][T13675] CPU: 0 UID: 0 PID: 13675 Comm: syz.0.1899 Tainted: G L syzkaller #0 PREEMPT(full) [ 604.077489][T13675] Tainted: [L]=SOFTLOCKUP [ 604.077496][T13675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 604.077507][T13675] Call Trace: [ 604.077513][T13675] [ 604.077520][T13675] dump_stack_lvl+0x100/0x190 [ 604.077544][T13675] should_fail_ex.cold+0x5/0xa [ 604.077567][T13675] should_failslab+0xc2/0x120 [ 604.077589][T13675] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 604.077617][T13675] ? do_getname+0x35/0x390 [ 604.077647][T13675] do_getname+0x35/0x390 [ 604.077676][T13675] do_sys_openat2+0xc5/0x1e0 [ 604.077703][T13675] ? __pfx_do_sys_openat2+0x10/0x10 [ 604.077733][T13675] ? __fget_files+0x21f/0x3d0 [ 604.077758][T13675] __x64_sys_openat+0x12d/0x210 [ 604.077787][T13675] ? __pfx___x64_sys_openat+0x10/0x10 [ 604.077818][T13675] ? rcu_is_watching+0x12/0xc0 [ 604.077842][T13675] do_syscall_64+0x10b/0xf80 [ 604.077865][T13675] ? clear_bhb_loop+0x40/0x90 [ 604.077887][T13675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.077905][T13675] RIP: 0033:0x7f01e219cdd9 [ 604.077921][T13675] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 604.077939][T13675] RSP: 002b:00007f01e3093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 604.077957][T13675] RAX: ffffffffffffffda RBX: 00007f01e2415fa0 RCX: 00007f01e219cdd9 [ 604.077969][T13675] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 604.077980][T13675] RBP: 00007f01e2232d69 R08: 0000000000000000 R09: 0000000000000000 [ 604.077990][T13675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 604.078000][T13675] R13: 00007f01e2416038 R14: 00007f01e2415fa0 R15: 00007ffc44af02b8 [ 604.078022][T13675] [ 605.236743][T13697] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1904'. [ 606.422975][T13730] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1912'. [ 606.698146][T13737] FAULT_INJECTION: forcing a failure. [ 606.698146][T13737] name failslab, interval 1, probability 0, space 0, times 0 [ 606.764238][T13737] CPU: 0 UID: 0 PID: 13737 Comm: syz.2.1914 Tainted: G L syzkaller #0 PREEMPT(full) [ 606.764274][T13737] Tainted: [L]=SOFTLOCKUP [ 606.764281][T13737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 606.764291][T13737] Call Trace: [ 606.764298][T13737] [ 606.764306][T13737] dump_stack_lvl+0x100/0x190 [ 606.764331][T13737] should_fail_ex.cold+0x5/0xa [ 606.764362][T13737] should_failslab+0xc2/0x120 [ 606.764385][T13737] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 606.764415][T13737] ? alloc_empty_file+0x5b/0x1c0 [ 606.764442][T13737] ? __pfx_stack_trace_save+0x10/0x10 [ 606.764473][T13737] alloc_empty_file+0x5b/0x1c0 [ 606.764501][T13737] path_openat+0xe8/0x31a0 [ 606.764522][T13737] ? kasan_save_stack+0x3f/0x50 [ 606.764539][T13737] ? kasan_save_stack+0x30/0x50 [ 606.764556][T13737] ? kasan_save_track+0x14/0x30 [ 606.764573][T13737] ? __kasan_slab_alloc+0x89/0x90 [ 606.764591][T13737] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 606.764619][T13737] ? do_getname+0x35/0x390 [ 606.764644][T13737] ? do_sys_openat2+0xc5/0x1e0 [ 606.764671][T13737] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 606.764694][T13737] ? __pfx_path_openat+0x10/0x10 [ 606.764725][T13737] do_file_open+0x20e/0x430 [ 606.764750][T13737] ? __pfx_do_file_open+0x10/0x10 [ 606.764789][T13737] ? alloc_fd+0x476/0x790 [ 606.764813][T13737] ? do_getname+0x191/0x390 [ 606.764842][T13737] do_sys_openat2+0x10d/0x1e0 [ 606.764870][T13737] ? __pfx_do_sys_openat2+0x10/0x10 [ 606.764900][T13737] ? __fget_files+0x21f/0x3d0 [ 606.764926][T13737] __x64_sys_openat+0x12d/0x210 [ 606.764955][T13737] ? __pfx___x64_sys_openat+0x10/0x10 [ 606.764987][T13737] ? rcu_is_watching+0x12/0xc0 [ 606.765012][T13737] do_syscall_64+0x10b/0xf80 [ 606.765035][T13737] ? clear_bhb_loop+0x40/0x90 [ 606.765057][T13737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 606.765076][T13737] RIP: 0033:0x7f5a95f9cdd9 [ 606.765092][T13737] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 606.765111][T13737] RSP: 002b:00007f5a96f35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 606.765129][T13737] RAX: ffffffffffffffda RBX: 00007f5a96215fa0 RCX: 00007f5a95f9cdd9 [ 606.765142][T13737] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 606.765153][T13737] RBP: 00007f5a96032d69 R08: 0000000000000000 R09: 0000000000000000 [ 606.765165][T13737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 606.765176][T13737] R13: 00007f5a96216038 R14: 00007f5a96215fa0 R15: 00007ffd92de74c8 [ 606.765200][T13737] [ 608.438180][T13778] FAULT_INJECTION: forcing a failure. [ 608.438180][T13778] name failslab, interval 1, probability 0, space 0, times 0 [ 608.506164][T13778] CPU: 0 UID: 0 PID: 13778 Comm: syz.3.1924 Tainted: G L syzkaller #0 PREEMPT(full) [ 608.506198][T13778] Tainted: [L]=SOFTLOCKUP [ 608.506205][T13778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 608.506216][T13778] Call Trace: [ 608.506223][T13778] [ 608.506230][T13778] dump_stack_lvl+0x100/0x190 [ 608.506254][T13778] should_fail_ex.cold+0x5/0xa [ 608.506278][T13778] should_failslab+0xc2/0x120 [ 608.506300][T13778] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 608.506337][T13778] ? alloc_empty_file+0x5b/0x1c0 [ 608.506364][T13778] ? __pfx_stack_trace_save+0x10/0x10 [ 608.506393][T13778] alloc_empty_file+0x5b/0x1c0 [ 608.506422][T13778] path_openat+0xe8/0x31a0 [ 608.506444][T13778] ? kasan_save_stack+0x3f/0x50 [ 608.506462][T13778] ? kasan_save_stack+0x30/0x50 [ 608.506479][T13778] ? kasan_save_track+0x14/0x30 [ 608.506496][T13778] ? __kasan_slab_alloc+0x89/0x90 [ 608.506515][T13778] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 608.506543][T13778] ? do_getname+0x35/0x390 [ 608.506568][T13778] ? do_sys_openat2+0xc5/0x1e0 [ 608.506595][T13778] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.506617][T13778] ? __pfx_path_openat+0x10/0x10 [ 608.506648][T13778] do_file_open+0x20e/0x430 [ 608.506673][T13778] ? __pfx_do_file_open+0x10/0x10 [ 608.506712][T13778] ? alloc_fd+0x476/0x790 [ 608.506738][T13778] ? do_getname+0x191/0x390 [ 608.506766][T13778] do_sys_openat2+0x10d/0x1e0 [ 608.506794][T13778] ? __pfx_do_sys_openat2+0x10/0x10 [ 608.506824][T13778] ? __fget_files+0x21f/0x3d0 [ 608.506850][T13778] __x64_sys_openat+0x12d/0x210 [ 608.506878][T13778] ? __pfx___x64_sys_openat+0x10/0x10 [ 608.506911][T13778] ? rcu_is_watching+0x12/0xc0 [ 608.506936][T13778] do_syscall_64+0x10b/0xf80 [ 608.506960][T13778] ? clear_bhb_loop+0x40/0x90 [ 608.506982][T13778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.507001][T13778] RIP: 0033:0x7fdc4459cdd9 [ 608.507017][T13778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 608.507036][T13778] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 608.507055][T13778] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 608.507067][T13778] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 608.507079][T13778] RBP: 00007fdc44632d69 R08: 0000000000000000 R09: 0000000000000000 [ 608.507091][T13778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 608.507103][T13778] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 608.507127][T13778] [ 609.078183][ T50] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 609.226884][T13775] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 609.243327][T13775] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 609.271165][T13775] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 609.313735][T13775] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 610.438384][ T50] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 611.212830][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 611.279820][T13850] binder: 13842:13850 ioctl 5411 38 returned -22 [ 611.293390][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 611.299458][T13092] Bluetooth: hci1: command 0x0c1a tx timeout [ 611.373076][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 612.464674][ T50] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 612.967903][T13882] FAULT_INJECTION: forcing a failure. [ 612.967903][T13882] name failslab, interval 1, probability 0, space 0, times 0 [ 612.996180][T13882] CPU: 0 UID: 0 PID: 13882 Comm: syz.3.1951 Tainted: G L syzkaller #0 PREEMPT(full) [ 612.996211][T13882] Tainted: [L]=SOFTLOCKUP [ 612.996218][T13882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 612.996229][T13882] Call Trace: [ 612.996235][T13882] [ 612.996243][T13882] dump_stack_lvl+0x100/0x190 [ 612.996268][T13882] should_fail_ex.cold+0x5/0xa [ 612.996291][T13882] should_failslab+0xc2/0x120 [ 612.996320][T13882] __kmalloc_cache_noprof+0x7a/0x6f0 [ 612.996346][T13882] ? snd_midi_event_new+0x6f/0x210 [ 612.996373][T13882] snd_midi_event_new+0x6f/0x210 [ 612.996396][T13882] snd_virmidi_output_open+0x106/0x670 [ 612.996423][T13882] open_substream+0x480/0x9b0 [ 612.996453][T13882] rawmidi_open_priv+0x595/0x6f0 [ 612.996473][T13882] snd_rawmidi_open+0x4c9/0xba0 [ 612.996494][T13882] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 612.996513][T13882] ? __pfx_default_wake_function+0x10/0x10 [ 612.996541][T13882] ? kobject_get_unless_zero+0x156/0x200 [ 612.996571][T13882] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 612.996589][T13882] snd_open+0x201/0x450 [ 612.996613][T13882] ? __pfx_snd_open+0x10/0x10 [ 612.996636][T13882] chrdev_open+0x234/0x6a0 [ 612.996658][T13882] ? __pfx_apparmor_file_open+0x10/0x10 [ 612.996686][T13882] ? __pfx_chrdev_open+0x10/0x10 [ 612.996710][T13882] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 612.996739][T13882] do_dentry_open+0x6d8/0x1660 [ 612.996760][T13882] ? __pfx_chrdev_open+0x10/0x10 [ 612.996787][T13882] vfs_open+0x82/0x3f0 [ 612.996816][T13882] path_openat+0x208c/0x31a0 [ 612.996846][T13882] ? __pfx_path_openat+0x10/0x10 [ 612.996876][T13882] do_file_open+0x20e/0x430 [ 612.996900][T13882] ? __pfx_do_file_open+0x10/0x10 [ 612.996938][T13882] ? alloc_fd+0x476/0x790 [ 612.996961][T13882] ? do_getname+0x191/0x390 [ 612.996989][T13882] do_sys_openat2+0x10d/0x1e0 [ 612.997020][T13882] ? __pfx_do_sys_openat2+0x10/0x10 [ 612.997049][T13882] ? __fget_files+0x21f/0x3d0 [ 612.997075][T13882] __x64_sys_openat+0x12d/0x210 [ 612.997103][T13882] ? __pfx___x64_sys_openat+0x10/0x10 [ 612.997132][T13882] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 612.997160][T13882] ? syscall_user_dispatch+0x76/0x130 [ 612.997184][T13882] do_syscall_64+0x10b/0xf80 [ 612.997206][T13882] ? clear_bhb_loop+0x40/0x90 [ 612.997228][T13882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.997246][T13882] RIP: 0033:0x7fdc4459cdd9 [ 612.997262][T13882] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 612.997280][T13882] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 612.997299][T13882] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 612.997311][T13882] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 612.997328][T13882] RBP: 00007fdc44632d69 R08: 0000000000000000 R09: 0000000000000000 [ 612.997339][T13882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 612.997349][T13882] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 612.997372][T13882] [ 613.775713][T13866] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 613.803771][T13866] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 613.812309][T13866] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 613.831282][T13866] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 614.316109][T13882] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1951'. [ 614.499088][T13092] Bluetooth: hci0: command 0x0c1a tx timeout [ 615.625227][T13092] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 615.857703][T13092] Bluetooth: hci3: command 0x0c1a tx timeout [ 615.864587][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 615.870618][ T5635] Bluetooth: hci1: command 0x0c1a tx timeout [ 616.210044][ T30] audit: type=1800 audit(4294967297.600:9): pid=13934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1963" name="trace_pipe" dev="tracefs" ino=3566 res=0 errno=0 [ 616.291090][T13934] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1963'. [ 617.370238][ T30] audit: type=1800 audit(4294967298.770:10): pid=13974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1967" name="lu_gp_id" dev="configfs" ino=47377 res=0 errno=0 [ 618.619026][T14000] validate_nla: 67 callbacks suppressed [ 618.619046][T14000] netlink: 'syz.1.1973': attribute type 2 has an invalid length. [ 618.856311][T14006] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1973'. [ 619.021677][T14012] random: crng reseeded on system resumption [ 619.882825][ T30] audit: type=1800 audit(4294967301.280:11): pid=14033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1981" name="dbroot" dev="configfs" ino=48157 res=0 errno=0 [ 620.366490][T14038] zswap: compressor Z(u not available [ 621.104005][T14046] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 621.167811][T14046] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 621.190786][T14046] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 621.229273][T14046] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 621.379188][T14046] Process accounting paused [ 622.574282][T13092] Bluetooth: hci0: command 0x0c1a tx timeout [ 622.913863][T14106] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1994'. [ 623.215570][T13092] Bluetooth: hci2: command 0x0c1a tx timeout [ 623.221934][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 623.295456][T13092] Bluetooth: hci3: command 0x0c1a tx timeout [ 624.747087][T13092] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 625.128560][T13092] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 626.535498][T14177] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 626.602694][T14177] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 626.630444][T14177] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 626.686718][T14177] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 626.724399][T14193] openvswitch: netlink: Missing valid actions attribute. [ 626.813859][T14166] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 627.078868][ T30] audit: type=1800 audit(4294967308.480:12): pid=14201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2016" name="lu_gp_id" dev="configfs" ino=49053 res=0 errno=0 [ 627.591681][T14214] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.2018'. [ 627.934225][T13092] Bluetooth: hci0: command 0x0c1a tx timeout [ 628.654260][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 628.660535][T13092] Bluetooth: hci2: command 0x0c1a tx timeout [ 628.735466][T13092] Bluetooth: hci3: command 0x0c1a tx timeout [ 628.945306][T14231] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 629.011003][T14231] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 629.055730][T14231] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 629.100069][T14231] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 629.355438][T14249] FAULT_INJECTION: forcing a failure. [ 629.355438][T14249] name fail_futex, interval 1, probability 0, space 0, times 0 [ 629.423569][T14249] CPU: 0 UID: 0 PID: 14249 Comm: syz.3.2026 Tainted: G L syzkaller #0 PREEMPT(full) [ 629.423601][T14249] Tainted: [L]=SOFTLOCKUP [ 629.423608][T14249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 629.423619][T14249] Call Trace: [ 629.423625][T14249] [ 629.423632][T14249] dump_stack_lvl+0x100/0x190 [ 629.423657][T14249] should_fail_ex.cold+0x5/0xa [ 629.423681][T14249] get_futex_key+0x1d2/0x1510 [ 629.423707][T14249] ? __pfx_get_futex_key+0x10/0x10 [ 629.423733][T14249] futex_wake+0xea/0x530 [ 629.423758][T14249] ? __pfx_futex_wake+0x10/0x10 [ 629.423787][T14249] ? do_raw_spin_lock+0x128/0x260 [ 629.423812][T14249] do_futex+0x32b/0x350 [ 629.423831][T14249] ? __pfx_do_futex+0x10/0x10 [ 629.423850][T14249] ? _raw_spin_unlock+0x28/0x50 [ 629.423869][T14249] ? do_set_mempolicy+0x217/0x3d0 [ 629.423889][T14249] ? __pfx_do_set_mempolicy+0x10/0x10 [ 629.423912][T14249] __x64_sys_futex+0x34f/0x4d0 [ 629.423934][T14249] ? __pfx___x64_sys_futex+0x10/0x10 [ 629.423955][T14249] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 629.423978][T14249] ? rcu_is_watching+0x12/0xc0 [ 629.424003][T14249] do_syscall_64+0x10b/0xf80 [ 629.424026][T14249] ? clear_bhb_loop+0x40/0x90 [ 629.424047][T14249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.424066][T14249] RIP: 0033:0x7fdc4459cdd9 [ 629.424082][T14249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 629.424100][T14249] RSP: 002b:00007fdc4550d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 629.424118][T14249] RAX: ffffffffffffffda RBX: 00007fdc44815fa8 RCX: 00007fdc4459cdd9 [ 629.424130][T14249] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fdc44815fac [ 629.424141][T14249] RBP: 00007fdc44815fa0 R08: 0000000000000001 R09: 0000000000000000 [ 629.424151][T14249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 629.424162][T14249] R13: 00007fdc44816038 R14: 00007ffcbeecf270 R15: 00007ffcbeecf358 [ 629.424185][T14249] [ 630.309290][T13092] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 630.575562][T13092] Bluetooth: hci0: command 0x0c1a tx timeout [ 630.615977][T14269] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2026'. [ 631.055845][T13092] Bluetooth: hci1: command 0x0c1a tx timeout [ 631.138510][T13092] Bluetooth: hci3: command 0x0c1a tx timeout [ 631.146399][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 631.785972][T13092] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 631.804766][T14276] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 631.887125][T14276] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 631.935267][T14276] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 631.969069][T14276] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 633.374299][T13092] Bluetooth: hci0: command 0x0c1a tx timeout [ 633.935072][T13092] Bluetooth: hci1: command 0x0c1a tx timeout [ 634.014255][T13092] Bluetooth: hci3: command 0x0c1a tx timeout [ 634.021221][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 634.486704][T14334] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 634.504667][T14334] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 634.547409][T14334] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 634.589615][T14334] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 634.730727][T14349] FAULT_INJECTION: forcing a failure. [ 634.730727][T14349] name failslab, interval 1, probability 0, space 0, times 0 [ 634.842359][T14351] program syz.3.2055 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 634.935542][T14349] CPU: 0 UID: 0 PID: 14349 Comm: syz.1.2054 Tainted: G L syzkaller #0 PREEMPT(full) [ 634.935574][T14349] Tainted: [L]=SOFTLOCKUP [ 634.935581][T14349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 634.935592][T14349] Call Trace: [ 634.935598][T14349] [ 634.935605][T14349] dump_stack_lvl+0x100/0x190 [ 634.935631][T14349] should_fail_ex.cold+0x5/0xa [ 634.935654][T14349] should_failslab+0xc2/0x120 [ 634.935676][T14349] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 634.935704][T14349] ? do_getname+0x35/0x390 [ 634.935734][T14349] do_getname+0x35/0x390 [ 634.935763][T14349] do_sys_openat2+0xc5/0x1e0 [ 634.935790][T14349] ? __pfx_do_sys_openat2+0x10/0x10 [ 634.935820][T14349] ? __fget_files+0x21f/0x3d0 [ 634.935845][T14349] __x64_sys_openat+0x12d/0x210 [ 634.935873][T14349] ? __pfx___x64_sys_openat+0x10/0x10 [ 634.935905][T14349] ? rcu_is_watching+0x12/0xc0 [ 634.935930][T14349] do_syscall_64+0x10b/0xf80 [ 634.935952][T14349] ? clear_bhb_loop+0x40/0x90 [ 634.935974][T14349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 634.935992][T14349] RIP: 0033:0x7ff11579cdd9 [ 634.936007][T14349] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 634.936025][T14349] RSP: 002b:00007ff116570028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 634.936043][T14349] RAX: ffffffffffffffda RBX: 00007ff115a15fa0 RCX: 00007ff11579cdd9 [ 634.936055][T14349] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 634.936066][T14349] RBP: 00007ff115832d69 R08: 0000000000000000 R09: 0000000000000000 [ 634.936077][T14349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 634.936087][T14349] R13: 00007ff115a16038 R14: 00007ff115a15fa0 R15: 00007ffc7bad58c8 [ 634.936119][T14349] [ 635.376282][T14355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2056'. [ 635.624246][ T30] audit: type=1800 audit(4294967316.980:13): pid=14364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2058" name=04 dev="tmpfs" ino=2867 res=0 errno=0 [ 636.015320][T13092] Bluetooth: hci0: command 0x0c1a tx timeout [ 636.575778][T13092] Bluetooth: hci2: command 0x0c1a tx timeout [ 636.583256][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 636.660479][T13092] Bluetooth: hci3: command 0x0c1a tx timeout [ 637.031772][T14351] FAULT_INJECTION: forcing a failure. [ 637.031772][T14351] name failslab, interval 1, probability 0, space 0, times 0 [ 637.098393][T14351] CPU: 0 UID: 0 PID: 14351 Comm: syz.3.2055 Tainted: G L syzkaller #0 PREEMPT(full) [ 637.098426][T14351] Tainted: [L]=SOFTLOCKUP [ 637.098433][T14351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 637.098444][T14351] Call Trace: [ 637.098451][T14351] [ 637.098458][T14351] dump_stack_lvl+0x100/0x190 [ 637.098483][T14351] should_fail_ex.cold+0x5/0xa [ 637.098510][T14351] should_failslab+0xc2/0x120 [ 637.098534][T14351] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 637.098567][T14351] ? security_inode_alloc+0x3b/0x2c0 [ 637.098596][T14351] ? lockdep_init_map_type+0x5c/0x250 [ 637.098620][T14351] security_inode_alloc+0x3b/0x2c0 [ 637.098649][T14351] inode_init_always_gfp+0xcc0/0x1000 [ 637.098676][T14351] alloc_inode+0x8e/0x250 [ 637.098704][T14351] new_inode+0x22/0x1c0 [ 637.098734][T14351] shmem_get_inode+0x1e3/0xfb0 [ 637.098762][T14351] ? __pfx_shmem_get_inode+0x10/0x10 [ 637.098788][T14351] ? do_raw_spin_unlock+0x145/0x1e0 [ 637.098814][T14351] shmem_mknod+0x217/0x480 [ 637.098840][T14351] ? __pfx_shmem_mknod+0x10/0x10 [ 637.098863][T14351] ? bpf_lsm_inode_create+0x9/0x10 [ 637.098895][T14351] ? __pfx_shmem_create+0x10/0x10 [ 637.098920][T14351] lookup_open.isra.0+0xc47/0x11b0 [ 637.098944][T14351] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 637.098968][T14351] ? __pfx___might_resched+0x10/0x10 [ 637.098988][T14351] ? mnt_get_write_access+0x52/0x2f0 [ 637.099022][T14351] ? __pfx_down_write+0x10/0x10 [ 637.099048][T14351] ? mnt_get_write_access+0x1e9/0x2f0 [ 637.099088][T14351] path_openat+0x2291/0x31a0 [ 637.099115][T14351] ? entry_SYSCALL_64_after_hwframe+0x48/0x7f [ 637.099138][T14351] ? __pfx_path_openat+0x10/0x10 [ 637.099169][T14351] do_file_open+0x20e/0x430 [ 637.099194][T14351] ? __pfx_do_file_open+0x10/0x10 [ 637.099233][T14351] ? _raw_spin_unlock+0x28/0x50 [ 637.099253][T14351] ? alloc_fd+0x476/0x790 [ 637.099281][T14351] do_sys_openat2+0x10d/0x1e0 [ 637.099311][T14351] ? __pfx_do_sys_openat2+0x10/0x10 [ 637.099347][T14351] __x64_sys_open+0xfe/0x1d0 [ 637.099375][T14351] ? __pfx___x64_sys_open+0x10/0x10 [ 637.099407][T14351] ? rcu_is_watching+0x12/0xc0 [ 637.099432][T14351] do_syscall_64+0x10b/0xf80 [ 637.099455][T14351] ? clear_bhb_loop+0x40/0x90 [ 637.099478][T14351] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.099497][T14351] RIP: 0033:0x7fdc4459cdd9 [ 637.099515][T14351] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 637.099533][T14351] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 637.099552][T14351] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 637.099565][T14351] RDX: 0000000000000154 RSI: 0000000000022240 RDI: 0000200000000800 [ 637.099576][T14351] RBP: 00007fdc44632d69 R08: 0000000000000000 R09: 0000000000000000 [ 637.099588][T14351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 637.099599][T14351] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 637.099624][T14351] [ 638.178906][T13092] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 638.366472][T14398] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2067'. [ 638.603165][T13092] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 638.971887][T14401] Format for adding new device is "id port_count num_queues" (uint uint uint). [ 639.533946][T13092] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 639.942096][T14434] QAT: Device 8 not found [ 641.062575][T14456] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2082'. [ 641.232827][T14458] netlink: 'syz.2.2082': attribute type 4 has an invalid length. [ 641.286528][T14455] futex_wake_op: syz.1.2083 tries to shift op by -2048; fix this program [ 641.335180][T14455] futex_wake_op: syz.1.2083 tries to shift op by -2048; fix this program [ 641.399223][T14455] 0x000000000001-0x000000020000 : "" [ 641.462060][T13092] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 641.721220][T14455] ftl_cs: FTL header corrupt! [ 642.253027][T14476] FAULT_INJECTION: forcing a failure. [ 642.253027][T14476] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 642.369660][T14476] CPU: 0 UID: 0 PID: 14476 Comm: syz.3.2089 Tainted: G L syzkaller #0 PREEMPT(full) [ 642.369693][T14476] Tainted: [L]=SOFTLOCKUP [ 642.369700][T14476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 642.369710][T14476] Call Trace: [ 642.369717][T14476] [ 642.369725][T14476] dump_stack_lvl+0x100/0x190 [ 642.369751][T14476] should_fail_ex.cold+0x5/0xa [ 642.369775][T14476] strncpy_from_user+0x3b/0x2d0 [ 642.369797][T14476] do_getname+0x78/0x390 [ 642.369827][T14476] do_sys_openat2+0xc5/0x1e0 [ 642.369875][T14476] ? __pfx_do_sys_openat2+0x10/0x10 [ 642.369904][T14476] ? __fget_files+0x21f/0x3d0 [ 642.369929][T14476] __x64_sys_openat+0x12d/0x210 [ 642.369958][T14476] ? __pfx___x64_sys_openat+0x10/0x10 [ 642.369997][T14476] ? rcu_is_watching+0x12/0xc0 [ 642.370022][T14476] do_syscall_64+0x10b/0xf80 [ 642.370045][T14476] ? clear_bhb_loop+0x40/0x90 [ 642.370068][T14476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 642.370087][T14476] RIP: 0033:0x7fdc4459cdd9 [ 642.370104][T14476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 642.370123][T14476] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 642.370142][T14476] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 642.370154][T14476] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 642.370166][T14476] RBP: 00007fdc44632d69 R08: 0000000000000000 R09: 0000000000000000 [ 642.370177][T14476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 642.370189][T14476] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 642.370212][T14476] [ 644.110212][T14497] FAULT_INJECTION: forcing a failure. [ 644.110212][T14497] name failslab, interval 1, probability 0, space 0, times 0 [ 644.194182][T14497] CPU: 0 UID: 0 PID: 14497 Comm: syz.1.2094 Tainted: G L syzkaller #0 PREEMPT(full) [ 644.194215][T14497] Tainted: [L]=SOFTLOCKUP [ 644.194227][T14497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 644.194238][T14497] Call Trace: [ 644.194246][T14497] [ 644.194254][T14497] dump_stack_lvl+0x100/0x190 [ 644.194279][T14497] should_fail_ex.cold+0x5/0xa [ 644.194303][T14497] ? udp_init_sock+0x24e/0x450 [ 644.194323][T14497] should_failslab+0xc2/0x120 [ 644.194344][T14497] __kmalloc_noprof+0xe0/0x850 [ 644.194374][T14497] ? lockdep_init_map_type+0x5c/0x250 [ 644.194397][T14497] udp_init_sock+0x24e/0x450 [ 644.194416][T14497] ? __pfx_udp_init_sock+0x10/0x10 [ 644.194435][T14497] inet_create+0x94c/0x1060 [ 644.194462][T14497] ? inet_create+0x94/0x1060 [ 644.194493][T14497] __sock_create+0x339/0x860 [ 644.194524][T14497] __sys_socket+0x14d/0x260 [ 644.194551][T14497] ? __pfx___sys_socket+0x10/0x10 [ 644.194583][T14497] __x64_sys_socket+0x72/0xb0 [ 644.194608][T14497] ? lockdep_hardirqs_on+0x78/0x100 [ 644.194633][T14497] do_syscall_64+0x10b/0xf80 [ 644.194655][T14497] ? clear_bhb_loop+0x40/0x90 [ 644.194677][T14497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 644.194696][T14497] RIP: 0033:0x7ff11579cdd9 [ 644.194712][T14497] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 644.194731][T14497] RSP: 002b:00007ff116570028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 644.194750][T14497] RAX: ffffffffffffffda RBX: 00007ff115a15fa0 RCX: 00007ff11579cdd9 [ 644.194763][T14497] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002 [ 644.194774][T14497] RBP: 00007ff115832d69 R08: 0000000000000000 R09: 0000000000000000 [ 644.194786][T14497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 644.194797][T14497] R13: 00007ff115a16038 R14: 00007ff115a15fa0 R15: 00007ffc7bad58c8 [ 644.194820][T14497] [ 645.186410][T14515] netlink: 'syz.3.2100': attribute type 5 has an invalid length. [ 645.211753][T14515] netlink: 'syz.3.2100': attribute type 1 has an invalid length. [ 645.271700][T14519] netlink: 'syz.3.2100': attribute type 5 has an invalid length. [ 645.327509][T14515] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2100'. [ 645.416660][T14519] netlink: 'syz.3.2100': attribute type 1 has an invalid length. [ 645.494014][T14519] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2100'. [ 645.797661][T14525] FAULT_INJECTION: forcing a failure. [ 645.797661][T14525] name failslab, interval 1, probability 0, space 0, times 0 [ 645.878738][T14525] CPU: 0 UID: 0 PID: 14525 Comm: syz.0.2101 Tainted: G L syzkaller #0 PREEMPT(full) [ 645.878771][T14525] Tainted: [L]=SOFTLOCKUP [ 645.878778][T14525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 645.878789][T14525] Call Trace: [ 645.878796][T14525] [ 645.878803][T14525] dump_stack_lvl+0x100/0x190 [ 645.878828][T14525] should_fail_ex.cold+0x5/0xa [ 645.878854][T14525] should_failslab+0xc2/0x120 [ 645.878877][T14525] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 645.878906][T14525] ? do_getname+0x35/0x390 [ 645.878937][T14525] do_getname+0x35/0x390 [ 645.878966][T14525] do_sys_openat2+0xc5/0x1e0 [ 645.878993][T14525] ? __pfx_do_sys_openat2+0x10/0x10 [ 645.879030][T14525] ? __fget_files+0x21f/0x3d0 [ 645.879056][T14525] __x64_sys_openat+0x12d/0x210 [ 645.879084][T14525] ? __pfx___x64_sys_openat+0x10/0x10 [ 645.879116][T14525] ? rcu_is_watching+0x12/0xc0 [ 645.879141][T14525] do_syscall_64+0x10b/0xf80 [ 645.879165][T14525] ? clear_bhb_loop+0x40/0x90 [ 645.879188][T14525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 645.879206][T14525] RIP: 0033:0x7f01e219cdd9 [ 645.879222][T14525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 645.879240][T14525] RSP: 002b:00007f01e3093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 645.879259][T14525] RAX: ffffffffffffffda RBX: 00007f01e2415fa0 RCX: 00007f01e219cdd9 [ 645.879271][T14525] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 645.879283][T14525] RBP: 00007f01e2232d69 R08: 0000000000000000 R09: 0000000000000000 [ 645.879294][T14525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 645.879305][T14525] R13: 00007f01e2416038 R14: 00007f01e2415fa0 R15: 00007ffc44af02b8 [ 645.879328][T14525] [ 646.347720][T13092] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 646.347775][T13092] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 647.616020][ T50] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 647.767006][T14567] FAULT_INJECTION: forcing a failure. [ 647.767006][T14567] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 647.857048][T14569] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2115'. [ 647.907300][T14567] CPU: 0 UID: 0 PID: 14567 Comm: syz.0.2114 Tainted: G L syzkaller #0 PREEMPT(full) [ 647.907330][T14567] Tainted: [L]=SOFTLOCKUP [ 647.907337][T14567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 647.907348][T14567] Call Trace: [ 647.907354][T14567] [ 647.907361][T14567] dump_stack_lvl+0x100/0x190 [ 647.907391][T14567] should_fail_ex.cold+0x5/0xa [ 647.907414][T14567] strncpy_from_user+0x3b/0x2d0 [ 647.907436][T14567] do_getname+0x78/0x390 [ 647.907464][T14567] do_sys_openat2+0xc5/0x1e0 [ 647.907491][T14567] ? __pfx_do_sys_openat2+0x10/0x10 [ 647.907518][T14567] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 647.907547][T14567] ? __fget_files+0x21f/0x3d0 [ 647.907572][T14567] __x64_sys_openat+0x12d/0x210 [ 647.907600][T14567] ? __pfx___x64_sys_openat+0x10/0x10 [ 647.907627][T14567] ? ksys_write+0x1ac/0x250 [ 647.907651][T14567] ? rcu_is_watching+0x12/0xc0 [ 647.907676][T14567] do_syscall_64+0x10b/0xf80 [ 647.907699][T14567] ? clear_bhb_loop+0x40/0x90 [ 647.907721][T14567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.907740][T14567] RIP: 0033:0x7f01e219cdd9 [ 647.907756][T14567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 647.907775][T14567] RSP: 002b:00007f01e3093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 647.907793][T14567] RAX: ffffffffffffffda RBX: 00007f01e2415fa0 RCX: 00007f01e219cdd9 [ 647.907805][T14567] RDX: 0000000000000802 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 647.907817][T14567] RBP: 00007f01e3093090 R08: 0000000000000000 R09: 0000000000000000 [ 647.907828][T14567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 647.907838][T14567] R13: 00007f01e2416038 R14: 00007f01e2415fa0 R15: 00007ffc44af02b8 [ 647.907860][T14567] [ 648.328420][T14582] FAULT_INJECTION: forcing a failure. [ 648.328420][T14582] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 648.368568][T14582] CPU: 0 UID: 0 PID: 14582 Comm: syz.2.2117 Tainted: G L syzkaller #0 PREEMPT(full) [ 648.368604][T14582] Tainted: [L]=SOFTLOCKUP [ 648.368611][T14582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 648.368623][T14582] Call Trace: [ 648.368631][T14582] [ 648.368640][T14582] dump_stack_lvl+0x100/0x190 [ 648.368666][T14582] should_fail_ex.cold+0x5/0xa [ 648.368693][T14582] strncpy_from_user+0x3b/0x2d0 [ 648.368716][T14582] do_getname+0x78/0x390 [ 648.368746][T14582] do_sys_openat2+0xc5/0x1e0 [ 648.368778][T14582] ? __pfx_do_sys_openat2+0x10/0x10 [ 648.368809][T14582] ? __fget_files+0x21f/0x3d0 [ 648.368835][T14582] __x64_sys_openat+0x12d/0x210 [ 648.368866][T14582] ? __pfx___x64_sys_openat+0x10/0x10 [ 648.368900][T14582] ? rcu_is_watching+0x12/0xc0 [ 648.368927][T14582] do_syscall_64+0x10b/0xf80 [ 648.368953][T14582] ? clear_bhb_loop+0x40/0x90 [ 648.368976][T14582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.368997][T14582] RIP: 0033:0x7f5a95f9cdd9 [ 648.369024][T14582] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 648.369044][T14582] RSP: 002b:00007f5a96f35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 648.369073][T14582] RAX: ffffffffffffffda RBX: 00007f5a96215fa0 RCX: 00007f5a95f9cdd9 [ 648.369086][T14582] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 648.369098][T14582] RBP: 00007f5a96032d69 R08: 0000000000000000 R09: 0000000000000000 [ 648.369110][T14582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 648.369122][T14582] R13: 00007f5a96216038 R14: 00007f5a96215fa0 R15: 00007ffd92de74c8 [ 648.369145][T14582] [ 649.232817][T14598] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2122'. [ 649.268173][ T50] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 649.509940][T14606] block2mtd: illegal erase size [ 649.734295][T14610] : entered promiscuous mode [ 650.220659][T14629] FAULT_INJECTION: forcing a failure. [ 650.220659][T14629] name failslab, interval 1, probability 0, space 0, times 0 [ 650.305892][T14629] CPU: 0 UID: 0 PID: 14629 Comm: syz.0.2129 Tainted: G L syzkaller #0 PREEMPT(full) [ 650.305923][T14629] Tainted: [L]=SOFTLOCKUP [ 650.305941][T14629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 650.305952][T14629] Call Trace: [ 650.305959][T14629] [ 650.305966][T14629] dump_stack_lvl+0x100/0x190 [ 650.305992][T14629] should_fail_ex.cold+0x5/0xa [ 650.306016][T14629] should_failslab+0xc2/0x120 [ 650.306038][T14629] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 650.306066][T14629] ? alloc_empty_file+0x5b/0x1c0 [ 650.306093][T14629] ? __pfx_stack_trace_save+0x10/0x10 [ 650.306121][T14629] alloc_empty_file+0x5b/0x1c0 [ 650.306147][T14629] path_openat+0xe8/0x31a0 [ 650.306169][T14629] ? kasan_save_stack+0x3f/0x50 [ 650.306185][T14629] ? kasan_save_stack+0x30/0x50 [ 650.306201][T14629] ? kasan_save_track+0x14/0x30 [ 650.306218][T14629] ? __kasan_slab_alloc+0x89/0x90 [ 650.306236][T14629] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 650.306263][T14629] ? do_getname+0x35/0x390 [ 650.306288][T14629] ? do_sys_openat2+0xc5/0x1e0 [ 650.306314][T14629] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 650.306336][T14629] ? __pfx_path_openat+0x10/0x10 [ 650.306367][T14629] do_file_open+0x20e/0x430 [ 650.306391][T14629] ? __pfx_do_file_open+0x10/0x10 [ 650.306429][T14629] ? alloc_fd+0x476/0x790 [ 650.306452][T14629] ? do_getname+0x191/0x390 [ 650.306480][T14629] do_sys_openat2+0x10d/0x1e0 [ 650.306507][T14629] ? __pfx_do_sys_openat2+0x10/0x10 [ 650.306533][T14629] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 650.306563][T14629] ? __fget_files+0x21f/0x3d0 [ 650.306587][T14629] __x64_sys_openat+0x12d/0x210 [ 650.306615][T14629] ? __pfx___x64_sys_openat+0x10/0x10 [ 650.306642][T14629] ? ksys_write+0x1ac/0x250 [ 650.306665][T14629] ? rcu_is_watching+0x12/0xc0 [ 650.306690][T14629] do_syscall_64+0x10b/0xf80 [ 650.306712][T14629] ? clear_bhb_loop+0x40/0x90 [ 650.306734][T14629] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 650.306753][T14629] RIP: 0033:0x7f01e219cdd9 [ 650.306769][T14629] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 650.306786][T14629] RSP: 002b:00007f01e3093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 650.306805][T14629] RAX: ffffffffffffffda RBX: 00007f01e2415fa0 RCX: 00007f01e219cdd9 [ 650.306817][T14629] RDX: 0000000000000802 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 650.306828][T14629] RBP: 00007f01e3093090 R08: 0000000000000000 R09: 0000000000000000 [ 650.306839][T14629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 650.306850][T14629] R13: 00007f01e2416038 R14: 00007f01e2415fa0 R15: 00007ffc44af02b8 [ 650.306873][T14629] [ 651.046013][T14634] FAULT_INJECTION: forcing a failure. [ 651.046013][T14634] name failslab, interval 1, probability 0, space 0, times 0 [ 651.094199][T14634] CPU: 0 UID: 0 PID: 14634 Comm: syz.1.2130 Tainted: G L syzkaller #0 PREEMPT(full) [ 651.094235][T14634] Tainted: [L]=SOFTLOCKUP [ 651.094242][T14634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 651.094254][T14634] Call Trace: [ 651.094261][T14634] [ 651.094269][T14634] dump_stack_lvl+0x100/0x190 [ 651.094296][T14634] should_fail_ex.cold+0x5/0xa [ 651.094321][T14634] should_failslab+0xc2/0x120 [ 651.094345][T14634] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 651.094376][T14634] ? do_getname+0x35/0x390 [ 651.094409][T14634] do_getname+0x35/0x390 [ 651.094439][T14634] do_sys_openat2+0xc5/0x1e0 [ 651.094469][T14634] ? __pfx_do_sys_openat2+0x10/0x10 [ 651.094500][T14634] ? __fget_files+0x21f/0x3d0 [ 651.094527][T14634] __x64_sys_openat+0x12d/0x210 [ 651.094557][T14634] ? __pfx___x64_sys_openat+0x10/0x10 [ 651.094592][T14634] ? rcu_is_watching+0x12/0xc0 [ 651.094619][T14634] do_syscall_64+0x10b/0xf80 [ 651.094643][T14634] ? clear_bhb_loop+0x40/0x90 [ 651.094667][T14634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.094688][T14634] RIP: 0033:0x7ff11579cdd9 [ 651.094705][T14634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 651.094724][T14634] RSP: 002b:00007ff116570028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 651.094743][T14634] RAX: ffffffffffffffda RBX: 00007ff115a15fa0 RCX: 00007ff11579cdd9 [ 651.094756][T14634] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 651.094768][T14634] RBP: 00007ff115832d69 R08: 0000000000000000 R09: 0000000000000000 [ 651.094780][T14634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 651.094791][T14634] R13: 00007ff115a16038 R14: 00007ff115a15fa0 R15: 00007ffc7bad58c8 [ 651.094815][T14634] [ 651.715901][T14629] Process accounting resumed [ 652.309673][T14651] zswap: compressor not available [ 653.284946][T14684] NFSD: Failed to start, no listeners configured. [ 653.644923][T14692] FAULT_INJECTION: forcing a failure. [ 653.644923][T14692] name failslab, interval 1, probability 0, space 0, times 0 [ 653.709107][T14692] CPU: 0 UID: 0 PID: 14692 Comm: syz.0.2142 Tainted: G L syzkaller #0 PREEMPT(full) [ 653.709137][T14692] Tainted: [L]=SOFTLOCKUP [ 653.709144][T14692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 653.709154][T14692] Call Trace: [ 653.709161][T14692] [ 653.709168][T14692] dump_stack_lvl+0x100/0x190 [ 653.709192][T14692] should_fail_ex.cold+0x5/0xa [ 653.709215][T14692] should_failslab+0xc2/0x120 [ 653.709237][T14692] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 653.709273][T14692] ? security_file_alloc+0x34/0x2c0 [ 653.709293][T14692] ? trace_kmem_cache_alloc+0xd5/0x100 [ 653.709318][T14692] security_file_alloc+0x34/0x2c0 [ 653.709339][T14692] init_file+0x95/0x480 [ 653.709364][T14692] alloc_empty_file+0x79/0x1c0 [ 653.709391][T14692] path_openat+0xe8/0x31a0 [ 653.709412][T14692] ? kasan_save_stack+0x3f/0x50 [ 653.709429][T14692] ? kasan_save_stack+0x30/0x50 [ 653.709445][T14692] ? kasan_save_track+0x14/0x30 [ 653.709461][T14692] ? __kasan_slab_alloc+0x89/0x90 [ 653.709478][T14692] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 653.709506][T14692] ? do_getname+0x35/0x390 [ 653.709531][T14692] ? do_sys_openat2+0xc5/0x1e0 [ 653.709557][T14692] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.709578][T14692] ? __pfx_path_openat+0x10/0x10 [ 653.709608][T14692] do_file_open+0x20e/0x430 [ 653.709632][T14692] ? __pfx_do_file_open+0x10/0x10 [ 653.709669][T14692] ? alloc_fd+0x476/0x790 [ 653.709692][T14692] ? do_getname+0x191/0x390 [ 653.709720][T14692] do_sys_openat2+0x10d/0x1e0 [ 653.709747][T14692] ? __pfx_do_sys_openat2+0x10/0x10 [ 653.709790][T14692] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 653.709819][T14692] ? __fget_files+0x21f/0x3d0 [ 653.709843][T14692] __x64_sys_openat+0x12d/0x210 [ 653.709871][T14692] ? __pfx___x64_sys_openat+0x10/0x10 [ 653.709898][T14692] ? ksys_write+0x1ac/0x250 [ 653.709921][T14692] ? rcu_is_watching+0x12/0xc0 [ 653.709946][T14692] do_syscall_64+0x10b/0xf80 [ 653.709968][T14692] ? clear_bhb_loop+0x40/0x90 [ 653.709989][T14692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.710013][T14692] RIP: 0033:0x7f01e219cdd9 [ 653.710029][T14692] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 653.710046][T14692] RSP: 002b:00007f01e3093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 653.710064][T14692] RAX: ffffffffffffffda RBX: 00007f01e2415fa0 RCX: 00007f01e219cdd9 [ 653.710076][T14692] RDX: 0000000000000802 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 653.710088][T14692] RBP: 00007f01e3093090 R08: 0000000000000000 R09: 0000000000000000 [ 653.710098][T14692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 653.710109][T14692] R13: 00007f01e2416038 R14: 00007f01e2415fa0 R15: 00007ffc44af02b8 [ 653.710132][T14692] [ 654.337473][T14690] NFSD: Failed to start, no listeners configured. [ 654.900148][T14713] aoe: could not set interface list: too many interfaces [ 655.304037][T14724] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2152'. [ 655.502493][T14728] FAULT_INJECTION: forcing a failure. [ 655.502493][T14728] name failslab, interval 1, probability 0, space 0, times 0 [ 655.577284][T14728] CPU: 0 UID: 0 PID: 14728 Comm: syz.3.2153 Tainted: G L syzkaller #0 PREEMPT(full) [ 655.577315][T14728] Tainted: [L]=SOFTLOCKUP [ 655.577322][T14728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 655.577333][T14728] Call Trace: [ 655.577339][T14728] [ 655.577347][T14728] dump_stack_lvl+0x100/0x190 [ 655.577372][T14728] should_fail_ex.cold+0x5/0xa [ 655.577394][T14728] ? tomoyo_realpath_from_path+0xb6/0x690 [ 655.577417][T14728] should_failslab+0xc2/0x120 [ 655.577438][T14728] __kmalloc_noprof+0xe0/0x850 [ 655.577465][T14728] ? kfree+0x1dd/0x6c0 [ 655.577493][T14728] tomoyo_realpath_from_path+0xb6/0x690 [ 655.577521][T14728] tomoyo_check_open_permission+0x2af/0x3c0 [ 655.577541][T14728] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 655.577568][T14728] ? hook_file_open+0x24e/0x7a0 [ 655.577597][T14728] ? lock_acquire+0x1b1/0x370 [ 655.577621][T14728] tomoyo_file_open+0x6b/0x90 [ 655.577647][T14728] security_file_open+0xb5/0x1e0 [ 655.577669][T14728] do_dentry_open+0x5aa/0x1660 [ 655.577697][T14728] vfs_open+0x82/0x3f0 [ 655.577731][T14728] path_openat+0x208c/0x31a0 [ 655.577761][T14728] ? __pfx_path_openat+0x10/0x10 [ 655.577792][T14728] do_file_open+0x20e/0x430 [ 655.577817][T14728] ? __pfx_do_file_open+0x10/0x10 [ 655.577855][T14728] ? alloc_fd+0x476/0x790 [ 655.577879][T14728] ? do_getname+0x191/0x390 [ 655.577908][T14728] do_sys_openat2+0x10d/0x1e0 [ 655.577935][T14728] ? __pfx_do_sys_openat2+0x10/0x10 [ 655.577968][T14728] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 655.577997][T14728] ? __fget_files+0x21f/0x3d0 [ 655.578021][T14728] __x64_sys_openat+0x12d/0x210 [ 655.578050][T14728] ? __pfx___x64_sys_openat+0x10/0x10 [ 655.578077][T14728] ? ksys_write+0x1ac/0x250 [ 655.578100][T14728] ? rcu_is_watching+0x12/0xc0 [ 655.578125][T14728] do_syscall_64+0x10b/0xf80 [ 655.578147][T14728] ? clear_bhb_loop+0x40/0x90 [ 655.578169][T14728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.578187][T14728] RIP: 0033:0x7fdc4459cdd9 [ 655.578203][T14728] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 655.578221][T14728] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 655.578239][T14728] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 655.578251][T14728] RDX: 0000000000000802 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 655.578262][T14728] RBP: 00007fdc4550d090 R08: 0000000000000000 R09: 0000000000000000 [ 655.578273][T14728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 655.578284][T14728] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 655.578307][T14728] [ 655.583211][T14728] ERROR: Out of memory at tomoyo_realpath_from_path. [ 656.790269][T14747] NFSD: Failed to start, no listeners configured. [ 658.236603][T14789] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2167'. [ 658.456037][T14793] FAULT_INJECTION: forcing a failure. [ 658.456037][T14793] name failslab, interval 1, probability 0, space 0, times 0 [ 658.520910][T14793] CPU: 0 UID: 0 PID: 14793 Comm: syz.3.2170 Tainted: G L syzkaller #0 PREEMPT(full) [ 658.520942][T14793] Tainted: [L]=SOFTLOCKUP [ 658.520948][T14793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 658.520959][T14793] Call Trace: [ 658.520966][T14793] [ 658.520973][T14793] dump_stack_lvl+0x100/0x190 [ 658.520999][T14793] should_fail_ex.cold+0x5/0xa [ 658.521022][T14793] ? tomoyo_encode2+0xfb/0x3c0 [ 658.521042][T14793] should_failslab+0xc2/0x120 [ 658.521063][T14793] __kmalloc_noprof+0xe0/0x850 [ 658.521091][T14793] ? rcu_is_watching+0x12/0xc0 [ 658.521117][T14793] tomoyo_encode2+0xfb/0x3c0 [ 658.521141][T14793] tomoyo_encode+0x29/0x50 [ 658.521162][T14793] tomoyo_realpath_from_path+0x18c/0x690 [ 658.521190][T14793] tomoyo_check_open_permission+0x2af/0x3c0 [ 658.521210][T14793] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 658.521237][T14793] ? hook_file_open+0x24e/0x7a0 [ 658.521266][T14793] ? lock_acquire+0x1b1/0x370 [ 658.521290][T14793] tomoyo_file_open+0x6b/0x90 [ 658.521316][T14793] security_file_open+0xb5/0x1e0 [ 658.521337][T14793] do_dentry_open+0x5aa/0x1660 [ 658.521366][T14793] vfs_open+0x82/0x3f0 [ 658.521395][T14793] path_openat+0x208c/0x31a0 [ 658.521424][T14793] ? __pfx_path_openat+0x10/0x10 [ 658.521460][T14793] do_file_open+0x20e/0x430 [ 658.521484][T14793] ? __pfx_do_file_open+0x10/0x10 [ 658.521523][T14793] ? alloc_fd+0x476/0x790 [ 658.521547][T14793] ? do_getname+0x191/0x390 [ 658.521575][T14793] do_sys_openat2+0x10d/0x1e0 [ 658.521602][T14793] ? __pfx_do_sys_openat2+0x10/0x10 [ 658.521628][T14793] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 658.521656][T14793] ? __fget_files+0x21f/0x3d0 [ 658.521681][T14793] __x64_sys_openat+0x12d/0x210 [ 658.521709][T14793] ? __pfx___x64_sys_openat+0x10/0x10 [ 658.521736][T14793] ? ksys_write+0x1ac/0x250 [ 658.521760][T14793] ? rcu_is_watching+0x12/0xc0 [ 658.521785][T14793] do_syscall_64+0x10b/0xf80 [ 658.521807][T14793] ? clear_bhb_loop+0x40/0x90 [ 658.521829][T14793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 658.521848][T14793] RIP: 0033:0x7fdc4459cdd9 [ 658.521864][T14793] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 658.521888][T14793] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 658.521906][T14793] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 658.521919][T14793] RDX: 0000000000000802 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 658.521930][T14793] RBP: 00007fdc4550d090 R08: 0000000000000000 R09: 0000000000000000 [ 658.521941][T14793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 658.521952][T14793] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 658.521975][T14793] [ 658.522021][T14793] ERROR: Out of memory at tomoyo_realpath_from_path. [ 659.341622][T14807] : Can't lookup blockdev [ 659.395445][T14807] netlink: 'syz.0.2173': attribute type 10 has an invalid length. [ 659.423180][T14807] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2173'. [ 659.857743][T14816] NFSD: Failed to start, no listeners configured. [ 660.459659][T14832] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2180'. [ 660.499851][T14833] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2180'. [ 660.769147][T14841] FAULT_INJECTION: forcing a failure. [ 660.769147][T14841] name failslab, interval 1, probability 0, space 0, times 0 [ 660.833801][T14841] CPU: 0 UID: 0 PID: 14841 Comm: syz.1.2183 Tainted: G L syzkaller #0 PREEMPT(full) [ 660.833832][T14841] Tainted: [L]=SOFTLOCKUP [ 660.833839][T14841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 660.833855][T14841] Call Trace: [ 660.833861][T14841] [ 660.833868][T14841] dump_stack_lvl+0x100/0x190 [ 660.833900][T14841] should_fail_ex.cold+0x5/0xa [ 660.833924][T14841] should_failslab+0xc2/0x120 [ 660.833946][T14841] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 660.833974][T14841] ? proc_reg_open+0x23f/0x5f0 [ 660.833999][T14841] proc_reg_open+0x23f/0x5f0 [ 660.834022][T14841] do_dentry_open+0x6d8/0x1660 [ 660.834044][T14841] ? __pfx_proc_reg_open+0x10/0x10 [ 660.834071][T14841] vfs_open+0x82/0x3f0 [ 660.834101][T14841] path_openat+0x208c/0x31a0 [ 660.834131][T14841] ? __pfx_path_openat+0x10/0x10 [ 660.834161][T14841] do_file_open+0x20e/0x430 [ 660.834186][T14841] ? __pfx_do_file_open+0x10/0x10 [ 660.834224][T14841] ? alloc_fd+0x476/0x790 [ 660.834248][T14841] ? do_getname+0x191/0x390 [ 660.834277][T14841] do_sys_openat2+0x10d/0x1e0 [ 660.834304][T14841] ? __pfx_do_sys_openat2+0x10/0x10 [ 660.834330][T14841] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 660.834358][T14841] ? __fget_files+0x21f/0x3d0 [ 660.834383][T14841] __x64_sys_openat+0x12d/0x210 [ 660.834411][T14841] ? __pfx___x64_sys_openat+0x10/0x10 [ 660.834438][T14841] ? ksys_write+0x1ac/0x250 [ 660.834462][T14841] ? rcu_is_watching+0x12/0xc0 [ 660.834487][T14841] do_syscall_64+0x10b/0xf80 [ 660.834509][T14841] ? clear_bhb_loop+0x40/0x90 [ 660.834531][T14841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.834549][T14841] RIP: 0033:0x7ff11579cdd9 [ 660.834565][T14841] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 660.834583][T14841] RSP: 002b:00007ff116570028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 660.834601][T14841] RAX: ffffffffffffffda RBX: 00007ff115a15fa0 RCX: 00007ff11579cdd9 [ 660.834613][T14841] RDX: 0000000000000802 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 660.834624][T14841] RBP: 00007ff116570090 R08: 0000000000000000 R09: 0000000000000000 [ 660.834635][T14841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 660.834646][T14841] R13: 00007ff115a16038 R14: 00007ff115a15fa0 R15: 00007ffc7bad58c8 [ 660.834668][T14841] [ 661.698066][T14869] FAULT_INJECTION: forcing a failure. [ 661.698066][T14869] name failslab, interval 1, probability 0, space 0, times 0 [ 661.730834][T14850] FAULT_INJECTION: forcing a failure. [ 661.730834][T14850] name failslab, interval 1, probability 0, space 0, times 0 [ 661.760060][T14869] CPU: 0 UID: 0 PID: 14869 Comm: syz.2.2188 Tainted: G L syzkaller #0 PREEMPT(full) [ 661.760092][T14869] Tainted: [L]=SOFTLOCKUP [ 661.760100][T14869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 661.760111][T14869] Call Trace: [ 661.760118][T14869] [ 661.760126][T14869] dump_stack_lvl+0x100/0x190 [ 661.760151][T14869] should_fail_ex.cold+0x5/0xa [ 661.760175][T14869] should_failslab+0xc2/0x120 [ 661.760198][T14869] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 661.760227][T14869] ? prepare_creds+0x2c/0x950 [ 661.760247][T14869] ? from_kuid_munged+0xaa/0x130 [ 661.760276][T14869] prepare_creds+0x2c/0x950 [ 661.760298][T14869] __sys_setfsuid+0xda/0x380 [ 661.760324][T14869] do_syscall_64+0x10b/0xf80 [ 661.760348][T14869] ? clear_bhb_loop+0x40/0x90 [ 661.760370][T14869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.760389][T14869] RIP: 0033:0x7f5a95f9cdd9 [ 661.760405][T14869] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 661.760423][T14869] RSP: 002b:00007f5a96f35028 EFLAGS: 00000246 ORIG_RAX: 000000000000007a [ 661.760442][T14869] RAX: ffffffffffffffda RBX: 00007f5a96215fa0 RCX: 00007f5a95f9cdd9 [ 661.760454][T14869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01 [ 661.760465][T14869] RBP: 00007f5a96032d69 R08: 0000000000000000 R09: 0000000000000000 [ 661.760476][T14869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 661.760487][T14869] R13: 00007f5a96216038 R14: 00007f5a96215fa0 R15: 00007ffd92de74c8 [ 661.760510][T14869] [ 661.939043][T14850] CPU: 0 UID: 0 PID: 14850 Comm: syz.3.2184 Tainted: G L syzkaller #0 PREEMPT(full) [ 661.939077][T14850] Tainted: [L]=SOFTLOCKUP [ 661.939084][T14850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 661.939095][T14850] Call Trace: [ 661.939102][T14850] [ 661.939109][T14850] dump_stack_lvl+0x100/0x190 [ 661.939135][T14850] should_fail_ex.cold+0x5/0xa [ 661.939159][T14850] should_failslab+0xc2/0x120 [ 661.939181][T14850] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 661.939210][T14850] ? sk_prot_alloc+0x60/0x2a0 [ 661.939237][T14850] sk_prot_alloc+0x60/0x2a0 [ 661.939262][T14850] sk_alloc+0x36/0xe80 [ 661.939280][T14850] inet_create+0x3a0/0x1060 [ 661.939308][T14850] ? inet_create+0x94/0x1060 [ 661.939338][T14850] __sock_create+0x339/0x860 [ 661.939366][T14850] __sys_socket+0x14d/0x260 [ 661.939393][T14850] ? __pfx___sys_socket+0x10/0x10 [ 661.939418][T14850] ? ksys_write+0x1ac/0x250 [ 661.939445][T14850] __x64_sys_socket+0x72/0xb0 [ 661.939470][T14850] ? lockdep_hardirqs_on+0x78/0x100 [ 661.939493][T14850] do_syscall_64+0x10b/0xf80 [ 661.939516][T14850] ? clear_bhb_loop+0x40/0x90 [ 661.939538][T14850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.939557][T14850] RIP: 0033:0x7fdc4459cdd9 [ 661.939573][T14850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 661.939596][T14850] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 661.939615][T14850] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 661.939627][T14850] RDX: 000000000000000a RSI: 0000000000000003 RDI: 0000000000000002 [ 661.939637][T14850] RBP: 00007fdc44632d69 R08: 0000000000000000 R09: 0000000000000000 [ 661.939648][T14850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 661.939659][T14850] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 661.939682][T14850] [ 663.579809][T14902] NFSD: Failed to start, no listeners configured. [ 663.827954][T14898] netlink: 138 bytes leftover after parsing attributes in process `syz.3.2197'. [ 663.976052][T14910] FAULT_INJECTION: forcing a failure. [ 663.976052][T14910] name failslab, interval 1, probability 0, space 0, times 0 [ 664.228455][T14910] CPU: 0 UID: 0 PID: 14910 Comm: syz.0.2199 Tainted: G L syzkaller #0 PREEMPT(full) [ 664.228486][T14910] Tainted: [L]=SOFTLOCKUP [ 664.228493][T14910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 664.228503][T14910] Call Trace: [ 664.228510][T14910] [ 664.228517][T14910] dump_stack_lvl+0x100/0x190 [ 664.228542][T14910] should_fail_ex.cold+0x5/0xa [ 664.228565][T14910] should_failslab+0xc2/0x120 [ 664.228587][T14910] __kmalloc_cache_noprof+0x7a/0x6f0 [ 664.228612][T14910] ? single_open+0x4d/0x1d0 [ 664.228630][T14910] ? __pfx_cifs_mount_params_proc_show+0x10/0x10 [ 664.228653][T14910] single_open+0x4d/0x1d0 [ 664.228669][T14910] ? __pfx_cifs_mount_params_proc_open+0x10/0x10 [ 664.228689][T14910] proc_reg_open+0x2ab/0x5f0 [ 664.228712][T14910] do_dentry_open+0x6d8/0x1660 [ 664.228734][T14910] ? __pfx_proc_reg_open+0x10/0x10 [ 664.228760][T14910] vfs_open+0x82/0x3f0 [ 664.228789][T14910] path_openat+0x208c/0x31a0 [ 664.228818][T14910] ? __pfx_path_openat+0x10/0x10 [ 664.228848][T14910] do_file_open+0x20e/0x430 [ 664.228873][T14910] ? __pfx_do_file_open+0x10/0x10 [ 664.228917][T14910] ? alloc_fd+0x476/0x790 [ 664.228940][T14910] ? do_getname+0x191/0x390 [ 664.228968][T14910] do_sys_openat2+0x10d/0x1e0 [ 664.229000][T14910] ? __pfx_do_sys_openat2+0x10/0x10 [ 664.229026][T14910] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 664.229055][T14910] ? __fget_files+0x21f/0x3d0 [ 664.229079][T14910] __x64_sys_openat+0x12d/0x210 [ 664.229108][T14910] ? __pfx___x64_sys_openat+0x10/0x10 [ 664.229134][T14910] ? ksys_write+0x1ac/0x250 [ 664.229158][T14910] ? rcu_is_watching+0x12/0xc0 [ 664.229183][T14910] do_syscall_64+0x10b/0xf80 [ 664.229205][T14910] ? clear_bhb_loop+0x40/0x90 [ 664.229226][T14910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.229245][T14910] RIP: 0033:0x7f01e219cdd9 [ 664.229261][T14910] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 664.229279][T14910] RSP: 002b:00007f01e3093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 664.229297][T14910] RAX: ffffffffffffffda RBX: 00007f01e2415fa0 RCX: 00007f01e219cdd9 [ 664.229308][T14910] RDX: 0000000000000802 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 664.229320][T14910] RBP: 00007f01e3093090 R08: 0000000000000000 R09: 0000000000000000 [ 664.229331][T14910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 664.229341][T14910] R13: 00007f01e2416038 R14: 00007f01e2415fa0 R15: 00007ffc44af02b8 [ 664.229364][T14910] [ 665.541004][T14942] cgroup: fork rejected by pids controller in /syz0 [ 666.748776][T14991] FAULT_INJECTION: forcing a failure. [ 666.748776][T14991] name failslab, interval 1, probability 0, space 0, times 0 [ 666.827492][T14991] CPU: 0 UID: 0 PID: 14991 Comm: syz.2.2213 Tainted: G L syzkaller #0 PREEMPT(full) [ 666.827524][T14991] Tainted: [L]=SOFTLOCKUP [ 666.827531][T14991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 666.827541][T14991] Call Trace: [ 666.827548][T14991] [ 666.827555][T14991] dump_stack_lvl+0x100/0x190 [ 666.827580][T14991] should_fail_ex.cold+0x5/0xa [ 666.827603][T14991] should_failslab+0xc2/0x120 [ 666.827625][T14991] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 666.827654][T14991] ? seq_open+0x55/0x170 [ 666.827683][T14991] ? __pfx_cifs_mount_params_proc_show+0x10/0x10 [ 666.827706][T14991] seq_open+0x55/0x170 [ 666.827732][T14991] ? __pfx_cifs_mount_params_proc_show+0x10/0x10 [ 666.827753][T14991] single_open+0xfc/0x1d0 [ 666.827773][T14991] ? __pfx_cifs_mount_params_proc_open+0x10/0x10 [ 666.827800][T14991] proc_reg_open+0x2ab/0x5f0 [ 666.827823][T14991] do_dentry_open+0x6d8/0x1660 [ 666.827845][T14991] ? __pfx_proc_reg_open+0x10/0x10 [ 666.827872][T14991] vfs_open+0x82/0x3f0 [ 666.827901][T14991] path_openat+0x208c/0x31a0 [ 666.827931][T14991] ? __pfx_path_openat+0x10/0x10 [ 666.827961][T14991] do_file_open+0x20e/0x430 [ 666.827986][T14991] ? __pfx_do_file_open+0x10/0x10 [ 666.828024][T14991] ? alloc_fd+0x476/0x790 [ 666.828048][T14991] ? do_getname+0x191/0x390 [ 666.828076][T14991] do_sys_openat2+0x10d/0x1e0 [ 666.828103][T14991] ? __pfx_do_sys_openat2+0x10/0x10 [ 666.828129][T14991] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 666.828158][T14991] ? __fget_files+0x21f/0x3d0 [ 666.828182][T14991] __x64_sys_openat+0x12d/0x210 [ 666.828211][T14991] ? __pfx___x64_sys_openat+0x10/0x10 [ 666.828238][T14991] ? ksys_write+0x1ac/0x250 [ 666.828260][T14991] ? rcu_is_watching+0x12/0xc0 [ 666.828286][T14991] do_syscall_64+0x10b/0xf80 [ 666.828308][T14991] ? clear_bhb_loop+0x40/0x90 [ 666.828330][T14991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.828348][T14991] RIP: 0033:0x7f5a95f9cdd9 [ 666.828364][T14991] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 666.828382][T14991] RSP: 002b:00007f5a96f35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 666.828401][T14991] RAX: ffffffffffffffda RBX: 00007f5a96215fa0 RCX: 00007f5a95f9cdd9 [ 666.828413][T14991] RDX: 0000000000000802 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 666.828425][T14991] RBP: 00007f5a96f35090 R08: 0000000000000000 R09: 0000000000000000 [ 666.828435][T14991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 666.828446][T14991] R13: 00007f5a96216038 R14: 00007f5a96215fa0 R15: 00007ffd92de74c8 [ 666.828468][T14991] [ 667.600349][T14997] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 667.676861][T14998] loop6: detected capacity change from 0 to 524288000 [ 668.908278][T15021] FAULT_INJECTION: forcing a failure. [ 668.908278][T15021] name failslab, interval 1, probability 0, space 0, times 0 [ 669.043057][T15021] CPU: 0 UID: 0 PID: 15021 Comm: syz.1.2219 Tainted: G L syzkaller #0 PREEMPT(full) [ 669.043093][T15021] Tainted: [L]=SOFTLOCKUP [ 669.043101][T15021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 669.043112][T15021] Call Trace: [ 669.043119][T15021] [ 669.043127][T15021] dump_stack_lvl+0x100/0x190 [ 669.043153][T15021] should_fail_ex.cold+0x5/0xa [ 669.043176][T15021] should_failslab+0xc2/0x120 [ 669.043199][T15021] __kvmalloc_node_noprof+0xfa/0xa00 [ 669.043217][T15021] ? io_alloc_cache_init+0x38/0x170 [ 669.043244][T15021] ? lockdep_init_map_type+0x5c/0x250 [ 669.043265][T15021] io_alloc_cache_init+0x38/0x170 [ 669.043293][T15021] io_uring_setup.cold+0x3cd/0x1c6e [ 669.043326][T15021] ? __pfx_io_uring_setup+0x10/0x10 [ 669.043348][T15021] ? do_futex+0x192/0x350 [ 669.043369][T15021] ? __pfx_do_futex+0x10/0x10 [ 669.043400][T15021] ? xfd_validate_state+0x129/0x190 [ 669.043418][T15021] ? ksys_write+0x1ac/0x250 [ 669.043444][T15021] __x64_sys_io_uring_setup+0xc2/0x170 [ 669.043467][T15021] do_syscall_64+0x10b/0xf80 [ 669.043489][T15021] ? clear_bhb_loop+0x40/0x90 [ 669.043512][T15021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 669.043530][T15021] RIP: 0033:0x7ff11579cdd9 [ 669.043546][T15021] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 669.043564][T15021] RSP: 002b:00007ff1139f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 669.043583][T15021] RAX: ffffffffffffffda RBX: 00007ff115a16090 RCX: 00007ff11579cdd9 [ 669.043596][T15021] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000a [ 669.043606][T15021] RBP: 00007ff115832d69 R08: 0000000000000000 R09: 0000000000000000 [ 669.043617][T15021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 669.043628][T15021] R13: 00007ff115a16128 R14: 00007ff115a16090 R15: 00007ffc7bad58c8 [ 669.043652][T15021] [ 669.993415][T15036] FAULT_INJECTION: forcing a failure. [ 669.993415][T15036] name failslab, interval 1, probability 0, space 0, times 0 [ 670.125689][T15036] CPU: 0 UID: 0 PID: 15036 Comm: syz.1.2224 Tainted: G L syzkaller #0 PREEMPT(full) [ 670.125721][T15036] Tainted: [L]=SOFTLOCKUP [ 670.125729][T15036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 670.125741][T15036] Call Trace: [ 670.125748][T15036] [ 670.125756][T15036] dump_stack_lvl+0x100/0x190 [ 670.125788][T15036] should_fail_ex.cold+0x5/0xa [ 670.125812][T15036] should_failslab+0xc2/0x120 [ 670.125834][T15036] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 670.125863][T15036] ? do_getname+0x35/0x390 [ 670.125894][T15036] do_getname+0x35/0x390 [ 670.125923][T15036] do_sys_openat2+0xc5/0x1e0 [ 670.125951][T15036] ? __pfx_do_sys_openat2+0x10/0x10 [ 670.125981][T15036] ? __fget_files+0x21f/0x3d0 [ 670.126007][T15036] __x64_sys_openat+0x12d/0x210 [ 670.126035][T15036] ? __pfx___x64_sys_openat+0x10/0x10 [ 670.126067][T15036] ? rcu_is_watching+0x12/0xc0 [ 670.126092][T15036] do_syscall_64+0x10b/0xf80 [ 670.126115][T15036] ? clear_bhb_loop+0x40/0x90 [ 670.126137][T15036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.126156][T15036] RIP: 0033:0x7ff11579cdd9 [ 670.126172][T15036] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 670.126190][T15036] RSP: 002b:00007ff116570028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 670.126209][T15036] RAX: ffffffffffffffda RBX: 00007ff115a15fa0 RCX: 00007ff11579cdd9 [ 670.126221][T15036] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 670.126233][T15036] RBP: 00007ff115832d69 R08: 0000000000000000 R09: 0000000000000000 [ 670.126244][T15036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 670.126256][T15036] R13: 00007ff115a16038 R14: 00007ff115a15fa0 R15: 00007ffc7bad58c8 [ 670.126278][T15036] [ 670.713899][ T50] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 671.150198][T15047] FAULT_INJECTION: forcing a failure. [ 671.150198][T15047] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 671.364257][T15047] CPU: 0 UID: 0 PID: 15047 Comm: syz.1.2229 Tainted: G L syzkaller #0 PREEMPT(full) [ 671.364289][T15047] Tainted: [L]=SOFTLOCKUP [ 671.364296][T15047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 671.364307][T15047] Call Trace: [ 671.364314][T15047] [ 671.364322][T15047] dump_stack_lvl+0x100/0x190 [ 671.364347][T15047] should_fail_ex.cold+0x5/0xa [ 671.364370][T15047] _copy_to_user+0x32/0xd0 [ 671.364401][T15047] simple_read_from_buffer+0xcb/0x170 [ 671.364423][T15047] proc_fail_nth_read+0x1af/0x230 [ 671.364453][T15047] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 671.364482][T15047] ? rw_verify_area+0xce/0x6d0 [ 671.364500][T15047] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 671.364528][T15047] vfs_read+0x1e4/0xb30 [ 671.364551][T15047] ? __pfx_vfs_read+0x10/0x10 [ 671.364570][T15047] ? __fget_files+0x215/0x3d0 [ 671.364599][T15047] ? __fget_files+0x21f/0x3d0 [ 671.364626][T15047] ksys_read+0x12a/0x250 [ 671.364646][T15047] ? __pfx_ksys_read+0x10/0x10 [ 671.364667][T15047] ? rcu_is_watching+0x12/0xc0 [ 671.364693][T15047] do_syscall_64+0x10b/0xf80 [ 671.364716][T15047] ? clear_bhb_loop+0x40/0x90 [ 671.364738][T15047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 671.364757][T15047] RIP: 0033:0x7ff11575d60e [ 671.364774][T15047] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 671.364792][T15047] RSP: 002b:00007ff11656ffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 671.364810][T15047] RAX: ffffffffffffffda RBX: 00007ff1165706c0 RCX: 00007ff11575d60e [ 671.364822][T15047] RDX: 000000000000000f RSI: 00007ff1165700a0 RDI: 0000000000000005 [ 671.364833][T15047] RBP: 00007ff116570090 R08: 0000000000000000 R09: 0000000000000000 [ 671.364843][T15047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 671.364861][T15047] R13: 00007ff115a16038 R14: 00007ff115a15fa0 R15: 00007ffc7bad58c8 [ 671.364883][T15047] [ 671.594880][T15056] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[5624] was attempted by "ci-qemu-gce-upstream-auto/syz-executor exec"[15056] [ 672.929453][T13092] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 672.956297][T13092] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 672.968209][T13092] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 672.978510][T13092] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 672.989356][T13092] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 673.082299][T13092] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 673.309062][T15079] FAULT_INJECTION: forcing a failure. [ 673.309062][T15079] name failslab, interval 1, probability 0, space 0, times 0 [ 673.421499][T15079] CPU: 0 UID: 0 PID: 15079 Comm: syz.3.2237 Tainted: G L syzkaller #0 PREEMPT(full) [ 673.421532][T15079] Tainted: [L]=SOFTLOCKUP [ 673.421539][T15079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 673.421549][T15079] Call Trace: [ 673.421557][T15079] [ 673.421564][T15079] dump_stack_lvl+0x100/0x190 [ 673.421589][T15079] should_fail_ex.cold+0x5/0xa [ 673.421618][T15079] should_failslab+0xc2/0x120 [ 673.421640][T15079] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 673.421668][T15079] ? alloc_empty_file+0x5b/0x1c0 [ 673.421695][T15079] ? __pfx_stack_trace_save+0x10/0x10 [ 673.421724][T15079] alloc_empty_file+0x5b/0x1c0 [ 673.421760][T15079] path_openat+0xe8/0x31a0 [ 673.421782][T15079] ? kasan_save_stack+0x3f/0x50 [ 673.421799][T15079] ? kasan_save_stack+0x30/0x50 [ 673.421815][T15079] ? kasan_save_track+0x14/0x30 [ 673.421832][T15079] ? __kasan_slab_alloc+0x89/0x90 [ 673.421850][T15079] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 673.421877][T15079] ? do_getname+0x35/0x390 [ 673.421902][T15079] ? do_sys_openat2+0xc5/0x1e0 [ 673.421929][T15079] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 673.421952][T15079] ? __pfx_path_openat+0x10/0x10 [ 673.421984][T15079] do_file_open+0x20e/0x430 [ 673.422008][T15079] ? __pfx_do_file_open+0x10/0x10 [ 673.422047][T15079] ? alloc_fd+0x476/0x790 [ 673.422071][T15079] ? do_getname+0x191/0x390 [ 673.422100][T15079] do_sys_openat2+0x10d/0x1e0 [ 673.422128][T15079] ? __pfx_do_sys_openat2+0x10/0x10 [ 673.422157][T15079] ? __fget_files+0x21f/0x3d0 [ 673.422183][T15079] __x64_sys_openat+0x12d/0x210 [ 673.422211][T15079] ? __pfx___x64_sys_openat+0x10/0x10 [ 673.422243][T15079] ? rcu_is_watching+0x12/0xc0 [ 673.422268][T15079] do_syscall_64+0x10b/0xf80 [ 673.422291][T15079] ? clear_bhb_loop+0x40/0x90 [ 673.422313][T15079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 673.422332][T15079] RIP: 0033:0x7fdc4459cdd9 [ 673.422349][T15079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 673.422367][T15079] RSP: 002b:00007fdc4550d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 673.422387][T15079] RAX: ffffffffffffffda RBX: 00007fdc44815fa0 RCX: 00007fdc4459cdd9 [ 673.422399][T15079] RDX: 00000000000dc780 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 673.422410][T15079] RBP: 00007fdc44632d69 R08: 0000000000000000 R09: 0000000000000000 [ 673.422421][T15079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 673.422431][T15079] R13: 00007fdc44816038 R14: 00007fdc44815fa0 R15: 00007ffcbeecf358 [ 673.422454][T15079] [ 674.052901][ T9441] ------------[ cut here ]------------ [ 674.059101][ T9441] ODEBUG: free active (active state 0) object: ffff8880347c5438 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 674.072232][ T9441] WARNING: lib/debugobjects.c:629 at debug_print_object+0x18e/0x2a0, CPU#0: syz.2.879/9441 [ 674.082294][ T9441] Modules linked in: [ 674.086302][ T9441] CPU: 0 UID: 0 PID: 9441 Comm: syz.2.879 Tainted: G L syzkaller #0 PREEMPT(full) [ 674.097140][ T9441] Tainted: [L]=SOFTLOCKUP [ 674.101464][ T9441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 674.111719][ T9441] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 674.118452][ T9441] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d f2 d1 e2 0b 41 56 48 8b 14 dd 40 36 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 ec 5c d8 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 674.138385][ T9441] RSP: 0018:ffffc9000539f708 EFLAGS: 00010246 [ 674.144529][ T9441] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 674.152720][ T9441] RDX: ffffffff8c1c3580 RSI: ffffffff8c1c31a0 RDI: ffffffff90e26fc0 [ 674.161439][ T9441] RBP: 0000000000000001 R08: ffff8880347c5438 R09: ffffffff8bb2b700 [ 674.170169][ T9441] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1c31a0 [ 674.178265][ T9441] R13: ffffffff8bb2b740 R14: ffffffff8a921fc0 R15: ffffc9000539f808 [ 674.186288][ T9441] FS: 0000000000000000(0000) GS:ffff88812437d000(0000) knlGS:0000000000000000 [ 674.195270][ T9441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 674.201882][ T9441] CR2: 0000001b34701ff8 CR3: 000000008c74a000 CR4: 00000000003526f0 [ 674.209905][ T9441] Call Trace: [ 674.213342][ T9441] [ 674.216443][ T9441] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 674.222030][ T9441] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 674.227909][ T9441] debug_check_no_obj_freed+0x4da/0x630 [ 674.233493][ T9441] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 674.239626][ T9441] ? __page_table_check_zero+0x333/0x410 [ 674.245293][ T9441] ? __page_table_check_zero+0x333/0x410 [ 674.251089][ T9441] ? __page_table_check_zero+0x338/0x410 [ 674.256981][ T9441] __free_frozen_pages+0x3f5/0x1040 [ 674.262873][ T9441] hci_release_dev+0x4ef/0x630 [ 674.268033][ T9441] ? __pfx_hci_release_dev+0x10/0x10 [ 674.273345][ T9441] ? device_release+0x97/0x270 [ 674.278156][ T9441] ? rcu_is_watching+0x12/0xc0 [ 674.282925][ T9441] ? device_release+0x97/0x270 [ 674.287739][ T9441] bt_host_release+0x6a/0xb0 [ 674.292338][ T9441] ? __pfx_bt_host_release+0x10/0x10 [ 674.297676][ T9441] device_release+0xd2/0x270 [ 674.302278][ T9441] kobject_put+0x1f7/0x640 [ 674.306738][ T9441] put_device+0x1f/0x30 [ 674.310905][ T9441] vhci_release+0x185/0x230 [ 674.315605][ T9441] ? __pfx_vhci_release+0x10/0x10 [ 674.320747][ T9441] __fput+0x3ff/0xb50 [ 674.324805][ T9441] task_work_run+0x150/0x240 [ 674.329425][ T9441] ? __pfx_task_work_run+0x10/0x10 [ 674.334605][ T9441] do_exit+0x8d2/0x2a60 [ 674.338794][ T9441] ? __pfx_do_exit+0x10/0x10 [ 674.343402][ T9441] ? do_raw_spin_lock+0x128/0x260 [ 674.348483][ T9441] ? find_held_lock+0x2b/0x80 [ 674.353331][ T9441] ? get_signal+0x7e0/0x21e0 [ 674.358062][ T9441] do_group_exit+0xd5/0x2a0 [ 674.362593][ T9441] get_signal+0x1ec7/0x21e0 [ 674.367775][ T9441] ? __pfx___handle_mm_fault+0x10/0x10 [ 674.373588][ T9441] ? __pfx_css_rstat_updated+0x10/0x10 [ 674.379110][ T9441] ? __pfx_get_signal+0x10/0x10 [ 674.383969][ T9441] ? do_futex+0x192/0x350 [ 674.388335][ T9441] arch_do_signal_or_restart+0x91/0x770 [ 674.393897][ T9441] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 674.400128][ T9441] ? __pfx___x64_sys_futex+0x10/0x10 [ 674.405468][ T9441] ? rcu_is_watching+0x12/0xc0 [ 674.410246][ T9441] exit_to_user_mode_loop+0x86/0x4a0 [ 674.415562][ T9441] ? do_syscall_64+0x519/0xf80 [ 674.420504][ T9441] do_syscall_64+0x6f2/0xf80 [ 674.425214][ T9441] ? clear_bhb_loop+0x40/0x90 [ 674.429903][ T9441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.435839][ T9441] RIP: 0033:0x7f5a95f9cdd9 [ 674.440272][ T9441] Code: Unable to access opcode bytes at 0x7f5a95f9cdaf. [ 674.447316][ T9441] RSP: 002b:00007f5a96f350e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 674.455922][ T9441] RAX: fffffffffffffe00 RBX: 00007f5a96215fa8 RCX: 00007f5a95f9cdd9 [ 674.463911][ T9441] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5a96215fa8 [ 674.472566][ T9441] RBP: 00007f5a96215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 674.480888][ T9441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 674.488902][ T9441] R13: 00007f5a96216038 R14: 00007ffd92de73e0 R15: 00007ffd92de74c8 [ 674.496908][ T9441] [ 674.499931][ T9441] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 674.507211][ T9441] CPU: 0 UID: 0 PID: 9441 Comm: syz.2.879 Tainted: G L syzkaller #0 PREEMPT(full) [ 674.517982][ T9441] Tainted: [L]=SOFTLOCKUP [ 674.522298][ T9441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 674.532356][ T9441] Call Trace: [ 674.535631][ T9441] [ 674.538559][ T9441] dump_stack_lvl+0x100/0x190 [ 674.543243][ T9441] vpanic+0x552/0x970 [ 674.547227][ T9441] ? __pfx_vpanic+0x10/0x10 [ 674.551737][ T9441] panic+0xd1/0xe0 [ 674.555461][ T9441] ? __pfx_panic+0x10/0x10 [ 674.559898][ T9441] ? check_panic_on_warn+0x1f/0x90 [ 674.565012][ T9441] check_panic_on_warn.cold+0x19/0x34 [ 674.570401][ T9441] ? debug_print_object+0x18e/0x2a0 [ 674.575605][ T9441] __warn.cold+0x191/0x328 [ 674.580043][ T9441] __report_bug+0x296/0x3d0 [ 674.584552][ T9441] ? debug_print_object+0x18e/0x2a0 [ 674.589763][ T9441] ? __pfx___report_bug+0x10/0x10 [ 674.594813][ T9441] ? __lock_acquire+0x4a5/0x2630 [ 674.599757][ T9441] ? unwind_next_frame+0x3c8/0x2090 [ 674.604963][ T9441] report_bug_entry+0xe1/0x290 [ 674.609736][ T9441] ? debug_print_object+0x19b/0x2a0 [ 674.614943][ T9441] handle_bug+0x1cd/0x2a0 [ 674.619283][ T9441] exc_invalid_op+0x17/0x50 [ 674.623797][ T9441] asm_exc_invalid_op+0x1a/0x20 [ 674.628657][ T9441] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 674.634472][ T9441] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d f2 d1 e2 0b 41 56 48 8b 14 dd 40 36 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 ec 5c d8 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 674.654097][ T9441] RSP: 0018:ffffc9000539f708 EFLAGS: 00010246 [ 674.660174][ T9441] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 674.668141][ T9441] RDX: ffffffff8c1c3580 RSI: ffffffff8c1c31a0 RDI: ffffffff90e26fc0 [ 674.676124][ T9441] RBP: 0000000000000001 R08: ffff8880347c5438 R09: ffffffff8bb2b700 [ 674.684113][ T9441] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1c31a0 [ 674.692108][ T9441] R13: ffffffff8bb2b740 R14: ffffffff8a921fc0 R15: ffffc9000539f808 [ 674.700173][ T9441] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 674.705678][ T9441] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 674.711143][ T9441] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 674.716970][ T9441] debug_check_no_obj_freed+0x4da/0x630 [ 674.722540][ T9441] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 674.728619][ T9441] ? __page_table_check_zero+0x333/0x410 [ 674.734255][ T9441] ? __page_table_check_zero+0x333/0x410 [ 674.739896][ T9441] ? __page_table_check_zero+0x338/0x410 [ 674.745535][ T9441] __free_frozen_pages+0x3f5/0x1040 [ 674.750751][ T9441] hci_release_dev+0x4ef/0x630 [ 674.755518][ T9441] ? __pfx_hci_release_dev+0x10/0x10 [ 674.760808][ T9441] ? device_release+0x97/0x270 [ 674.765583][ T9441] ? rcu_is_watching+0x12/0xc0 [ 674.770354][ T9441] ? device_release+0x97/0x270 [ 674.775127][ T9441] bt_host_release+0x6a/0xb0 [ 674.779727][ T9441] ? __pfx_bt_host_release+0x10/0x10 [ 674.785029][ T9441] device_release+0xd2/0x270 [ 674.789632][ T9441] kobject_put+0x1f7/0x640 [ 674.794063][ T9441] put_device+0x1f/0x30 [ 674.798231][ T9441] vhci_release+0x185/0x230 [ 674.803001][ T9441] ? __pfx_vhci_release+0x10/0x10 [ 674.808033][ T9441] __fput+0x3ff/0xb50 [ 674.812025][ T9441] task_work_run+0x150/0x240 [ 674.816619][ T9441] ? __pfx_task_work_run+0x10/0x10 [ 674.821757][ T9441] do_exit+0x8d2/0x2a60 [ 674.825944][ T9441] ? __pfx_do_exit+0x10/0x10 [ 674.830544][ T9441] ? do_raw_spin_lock+0x128/0x260 [ 674.835574][ T9441] ? find_held_lock+0x2b/0x80 [ 674.840261][ T9441] ? get_signal+0x7e0/0x21e0 [ 674.844857][ T9441] do_group_exit+0xd5/0x2a0 [ 674.849378][ T9441] get_signal+0x1ec7/0x21e0 [ 674.853901][ T9441] ? __pfx___handle_mm_fault+0x10/0x10 [ 674.859373][ T9441] ? __pfx_css_rstat_updated+0x10/0x10 [ 674.864846][ T9441] ? __pfx_get_signal+0x10/0x10 [ 674.869707][ T9441] ? do_futex+0x192/0x350 [ 674.874047][ T9441] arch_do_signal_or_restart+0x91/0x770 [ 674.879608][ T9441] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 674.885776][ T9441] ? __pfx___x64_sys_futex+0x10/0x10 [ 674.891067][ T9441] ? rcu_is_watching+0x12/0xc0 [ 674.895852][ T9441] exit_to_user_mode_loop+0x86/0x4a0 [ 674.901138][ T9441] ? do_syscall_64+0x519/0xf80 [ 674.905910][ T9441] do_syscall_64+0x6f2/0xf80 [ 674.910521][ T9441] ? clear_bhb_loop+0x40/0x90 [ 674.915292][ T9441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.921299][ T9441] RIP: 0033:0x7f5a95f9cdd9 [ 674.925734][ T9441] Code: Unable to access opcode bytes at 0x7f5a95f9cdaf. [ 674.932796][ T9441] RSP: 002b:00007f5a96f350e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 674.941220][ T9441] RAX: fffffffffffffe00 RBX: 00007f5a96215fa8 RCX: 00007f5a95f9cdd9 [ 674.949190][ T9441] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5a96215fa8 [ 674.957158][ T9441] RBP: 00007f5a96215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 674.965146][ T9441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 674.973131][ T9441] R13: 00007f5a96216038 R14: 00007ffd92de73e0 R15: 00007ffd92de74c8 [ 674.981133][ T9441] [ 674.984224][ T9441] Kernel Offset: disabled [ 674.988549][ T9441] Rebooting in 86400 seconds..