last executing test programs: 7.12863968s ago: executing program 2 (id=1630): openat$auto_kernel_debug_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000040), 0x242780, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/set_event\x00', 0x121001, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) madvise$auto(0x0, 0xff7fffffffff0001, 0x15) r3 = socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) shutdown$auto(0x200000003, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x9}, 0x8) futex_waitv$auto(&(0x7f0000000000)={0x200000000000000, 0x5, 0x8000000}, 0x6, 0x4, &(0x7f0000000080)={0x0, 0x6}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = socket(0x10, 0x6, 0x200014) r5 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) r6 = open_by_handle_at$auto(r5, &(0x7f0000000180)={0x20, 0xffffffff, "b99fc22cd177f6e2cde2b279f777f230d45ade6f3a3f2b300bd40ed0b3937261"}, 0x2) socket(0x18, 0x5, 0x2) socket(0x18, 0xa, 0xb) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r7 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r7, 0xc0285700, &(0x7f0000000080)={0x1, "36a2662b59209f6bd4aafa4ed15fdb9c791daf044ae6ff089930def80ce28999", @inferred=0xffffffffffffffff}) fsconfig$auto_XFS_DAX_ALWAYS(r8, 0x8, &(0x7f0000000400)='\'/{\x00', &(0x7f0000000440)="3bec07f3fc9b1e4af86a647f9e19221e53eb191b3265004985acc7e62b3c0f3d6e39b5b69484de5a5f56113ffb2d3e6bce7c51c766ff28351d08a5311219415cfbbd47b6340c2552265078ac714fa0dc69e4348a70bfdcf2ccf372410f8596f028249ce058dfeda28a853b8f78eddea8fd68f1c28d35c68b4892c249d595295d6a91ca64161375d5e0b1742ffccd04a8378c790dcb35629373481f5e29ecfb85fbd50b0b6e832d68d0313b9d33901ff943ba3e71767d641983f168448295bdaf62d0b69bb46e8cedc13c1344f8625c881a068227fb6b", 0x1) ppoll$auto(&(0x7f0000000100)={r8, 0x3ff, 0x4}, 0x1, 0x0, 0x0, 0x8) ioctl$auto_SW_SYNC_IOC_INC(r7, 0x40045701, &(0x7f0000000040)=0xa) io_uring_register$auto_IORING_UNREGISTER_NAPI(r6, 0x1c, &(0x7f0000000300)="1573cea420a81e0a0585a1f11452c54592423648de9d0b3785024f89233b182dc86e605f023b3d38e87808fa28a2079966f556ddc2df60bc392ec9b1e3d1888e721bbf687522e1cb43f49043dd39d02c90a001932960ee62684a8e6648a61dbe9a3221a3306d08a255dbe017da6b2dc4bc6a472da0e2777a38dd0e99dbc39ed77615f91c80e69a783782277d11408e37fe9ba545b8e1635fcb712f72a204f9cee4ff80aa43daf988e431352f0b2979280e31a6c28b31ab36b1ffcadf7b29b317ef563b799b5e95e85ef90059814ef8f4be8dfa", 0x0) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000280)=ANY=[@ANYRES64=r3, @ANYBLOB="010027bd7000ffdbdf25100000000c00018008000100", @ANYRES32, @ANYBLOB="080006"], 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x400a0) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=ANY=[@ANYRESDEC=r1], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xd}, 0x2}, 0x3, 0x0) close_range$auto(r0, 0x8, 0x0) 5.679093687s ago: executing program 2 (id=1636): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000080)={0x14, r1, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}}, 0x40d0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000000), r0) ioctl$auto_SNDCTL_TMR_CONTINUE(r2, 0x5459, &(0x7f0000000040)) membarrier$auto(0x48000000, 0x2, 0x8000) 4.847893367s ago: executing program 2 (id=1639): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), r0) mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x800) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x129821, 0x0) select$auto(0x6, 0x0, &(0x7f0000000000)={[0x5, 0x20000000000002, 0x5, 0x19, 0x6, 0x44, 0xffffffffffffffd4, 0x200000f, 0x0, 0x0, 0xf, 0xd59, 0x900000000105, 0x9b, 0x2, 0xffffffffffffffff]}, 0x0, 0x0) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) write$auto(r3, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) ioctl$auto(r2, 0x540a, 0x0) socket(0xa, 0x5, 0x0) timer_create$auto(0x0, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) 4.460830338s ago: executing program 0 (id=1640): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/039/001\x00', 0x90600, 0x0) ioctl$auto(r0, 0x5522, 0xf15) ioctl$auto(r0, 0x5523, r0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mtd/mtd0/size\x00', 0x80000, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.7/usb8/power/wakeup_total_time_ms\x00', 0x0, 0x0) socket(0x11, 0x2, 0x2) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/006/001\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000000c0), 0x222680, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/nr_anon\x00', 0x0, 0x0) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x109500, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socketpair$auto(0x4004, 0x8, 0x7, 0x0) ioctl$auto_TCFLSH2(r1, 0x5408, 0x0) 4.02599029s ago: executing program 3 (id=1642): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000200)={0x14, r1, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) 3.95515129s ago: executing program 0 (id=1643): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001480)='/proc/sys/net/ipv6/conf/geneve0/disable_ipv6\x00', 0x40001, 0x0) pwritev$auto(r0, &(0x7f0000000040)={&(0x7f0000000000), 0x1}, 0x6, 0x3, 0x5) r1 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x2, 0x8, 0x3f) ioctl$auto(r1, 0x40106f52, 0xffffffffffffffff) 3.706525361s ago: executing program 3 (id=1644): mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x0, 0x0) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x2, 0x10000002, 0x6}) ioctl$auto(r0, 0xc01070ce, r0) 3.596275411s ago: executing program 1 (id=1645): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) munmap$auto(0x8000, 0xffffffff) msgctl$auto_MSG_STAT_ANY(0x3, 0xd, &(0x7f0000000200)={{0x7, 0x0, 0xffffffffffffffff, 0xefe, 0x2, 0x2, 0x448}, 0x0, 0x0, 0x8, 0x6, 0x2, 0xb0a, 0x2, 0x7f, 0x17f, 0x2, @inferred, @raw=0x7}) socket(0xa, 0x801, 0x84) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000005c0), r0) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000180)={0x2c, r1, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000004}, 0x10) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) read$auto(r2, 0x0, 0x80000000) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x9}, 0x5) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) 3.216989097s ago: executing program 3 (id=1646): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x208, 0x1, 0x401bf, 0x734f, 0x37, 0x67f, 0xfffffff8, 0x7, 0x3, 0x20000002, 0x80d, 0x3, 0x1, 0x2091, 0xb4, 0x9, 0x6, 0x6, 0x80, 0x2, 0x1cd7, 0x1000, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x7fffffff, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x3, 0x0, 0x2, 0x0, 0x3]}, 0x1fe, 0xd) io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000280), 0x1) 2.755307725s ago: executing program 0 (id=1647): mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, 0x0, 0x6a) sendto$auto(0xffffffffffffffff, 0x0, 0x401, 0x7f, 0x0, 0x1c) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x2, 0x10000002, 0x6}) ioctl$auto(0xffffffffffffffff, 0xc01070ce, 0xffffffffffffffff) 2.700846312s ago: executing program 0 (id=1648): socket(0xa, 0x5, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop15\x00', 0x0, 0x0) write$auto(r0, 0x0, 0x80000000) mmap$auto(0x4, 0x810004, 0x40, 0x8000000008011, 0x3, 0x40) timer_create$auto(0x0, 0x0, 0x0) fadvise64$auto(0x0, 0x9, 0x9, 0xb28) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x2) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/oom_score_adj\x00', 0x101180, 0x0) mmap$auto(0x600000, 0x2020009, 0x5, 0x10, 0xfffffffffffffffa, 0x8000) r2 = setfsuid$auto(0xee00) r3 = setfsuid$auto(0xee01) setresuid$auto(r3, r2, r2) write$auto(0x3, 0x0, 0xfffffdef) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x121080, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, 0x0, 0x11c5dd01e68cf680) io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0x1) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x8) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IPVS_CMD_SET_SERVICE(r5, 0x0, 0x4000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) bind$auto(0x3, 0x0, 0xa861) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x0, 0xfffff004, 0x2) 2.646233615s ago: executing program 1 (id=1649): mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, 0x0, 0x6a) sendto$auto(0xffffffffffffffff, 0x0, 0x401, 0x7f, 0x0, 0x1c) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x0, 0x0) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x2, 0x10000002, 0x6}) ioctl$auto(r0, 0xc030128a, r0) 2.580570369s ago: executing program 1 (id=1650): r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x9, 0x3, 0xffffffffffffffff, 0x100, 0x7fffffff) mmap$auto(0x0, 0x200006, 0x7, 0x40eb1, r0, 0x300000000000) mq_open$auto(0x0, 0x68, 0x8, 0x0) r1 = socket(0xa, 0x80803, 0x6) bind$auto(r1, &(0x7f0000000040)=@generic={0xa, "2c551d000000fe8000"}, 0x1b) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x0, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r2, 0x4c03, 0x0) waitid$auto(0x9, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000001c0)={{0x4, 0x4000000000002}, {0x3}, 0xffffffffffffff74, 0x3ff, 0x4, 0x3, 0x4, 0x3, 0x7c3, 0x6, 0x1, 0x3, 0x9, 0x2, 0x9, 0x200}) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x2802, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffff7effffd08, &(0x7f00000001c0)) mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x28082, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptytc\x00', 0x6ca42, 0x0) ioctl$auto(r4, 0x5606, r4) writev$auto(0xffffffffffffffff, 0x0, 0x6) poll$auto(0x0, 0x6, 0x7f) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r5, 0xaf01, 0x5) ioctl$auto(r5, 0x4004af07, r5) socket(0xa, 0x3, 0x3b) read$auto(0xffffffffffffffff, 0x0, 0x1) msync$auto(0x8000, 0x100000005, 0x7) futex_waitv$auto(&(0x7f0000000000)={0xfff, 0xb, 0x4002, 0x4}, 0x80000077, 0xfffffff8, 0x0, 0x162bd) socket(0x10, 0x2, 0x4) futex_wait$auto(&(0x7f00000000c0)="72284ef0971650a8da6ee0b7cb4b8fb3009d9cbe0ae51fa8b4638de6e8", 0x7, 0x80000001, 0x9ee, &(0x7f0000000100)={0x54, 0x200}, 0x1) 2.305633006s ago: executing program 0 (id=1651): openat$auto_kernel_debug_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000040), 0x242780, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/set_event\x00', 0x121001, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) madvise$auto(0x0, 0xff7fffffffff0001, 0x15) r3 = socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) shutdown$auto(0x200000003, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x9}, 0x8) futex_waitv$auto(&(0x7f0000000000)={0x200000000000000, 0x5, 0x8000000}, 0x6, 0x4, &(0x7f0000000080)={0x0, 0x6}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = socket(0x10, 0x6, 0x200014) r5 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) r6 = open_by_handle_at$auto(r5, &(0x7f0000000180)={0x20, 0xffffffff, "b99fc22cd177f6e2cde2b279f777f230d45ade6f3a3f2b300bd40ed0b3937261"}, 0x2) socket(0x18, 0x5, 0x2) r7 = socket(0x18, 0xa, 0xb) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r8 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r8, 0xc0285700, &(0x7f0000000080)={0x1, "36a2662b59209f6bd4aafa4ed15fdb9c791daf044ae6ff089930def80ce28999", @inferred=0xffffffffffffffff}) fsconfig$auto_XFS_DAX_ALWAYS(r9, 0x8, &(0x7f0000000400)='\'/{\x00', &(0x7f0000000440)="3bec07f3fc9b1e4af86a647f9e19221e53eb191b3265004985acc7e62b3c0f3d6e39b5b69484de5a5f56113ffb2d3e6bce7c51c766ff28351d08a5311219415cfbbd47b6340c2552265078ac714fa0dc69e4348a70bfdcf2ccf372410f8596f028249ce058dfeda28a853b8f78eddea8fd68f1c28d35c68b4892c249d595295d6a91ca64161375d5e0b1742ffccd04a8378c790dcb35629373481f5e29ecfb85fbd50b0b6e832d68d0313b9d33901ff943ba3e71767d641983f168448295bdaf62d0b69bb46e8cedc13c1344f8625c881a068227fb6b", 0x1) ppoll$auto(&(0x7f0000000100)={r9, 0x3ff, 0x4}, 0x1, 0x0, 0x0, 0x8) ioctl$auto_SW_SYNC_IOC_INC(r8, 0x40045701, &(0x7f0000000040)=0xa) io_uring_register$auto_IORING_UNREGISTER_NAPI(r6, 0x1c, &(0x7f0000000300)="1573cea420a81e0a0585a1f11452c54592423648de9d0b3785024f89233b182dc86e605f023b3d38e87808fa28a2079966f556ddc2df60bc392ec9b1e3d1888e721bbf687522e1cb43f49043dd39d02c90a001932960ee62684a8e6648a61dbe9a3221a3306d08a255dbe017da6b2dc4bc6a472da0e2777a38dd0e99dbc39ed77615f91c80e69a783782277d11408e37fe9ba545b8e1635fcb712f72a204f9cee4ff80aa43daf988e431352f0b2979280e31a6c28b31ab36b1ffcadf7b29b317ef563b799b5e95e85ef90059814ef8f4be8dfa", 0x0) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000280)=ANY=[@ANYRES64=r3, @ANYBLOB="010027bd7000ffdbdf25100000000c00018008000100", @ANYRES32, @ANYBLOB="080006"], 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x400a0) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=ANY=[@ANYRESDEC=r1], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r7], 0x1ac}}, 0x20008041) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xd}, 0x2}, 0x3, 0x0) close_range$auto(r0, 0x8, 0x0) 2.23974312s ago: executing program 3 (id=1652): mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) io_uring_setup$auto(0x1ff, 0x0) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x9) r0 = pidfd_open$auto(0x1, 0x0) move_mount$auto(0xffffffffffffffff, 0x0, r0, 0x0, 0x273) close_range$auto(0x2, 0x8, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0xb, 0xa, 0x40007fff, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x5e, 0x80000001, 0x7, 0x2, 0x93, 0x400000001, 0x2]}, 0x0) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r1 = gettid() rt_sigtimedwait$auto(&(0x7f00000000c0)={0x7fffffff}, 0x0, 0x0, 0x8) kill$auto(r1, 0x11) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x1, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 2.204448934s ago: executing program 1 (id=1653): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r3, 0x40000000029, 0x6, 0xfffffffffffffffe, 0x0) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000140)={0x28, r2, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x10}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0xfffffffe}]}, 0x28}, 0x1, 0x0, 0x0, 0x51}, 0x0) msgctl$auto_IPC_INFO(0x8, 0x3, &(0x7f0000000140)={{0x8001, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, 0x6}, &(0x7f0000000040)=0x8, &(0x7f00000000c0)=0x3, 0x8, 0xabb9, 0x76, 0xaa, 0x7, 0xa57d, 0x0, 0x0, @raw=0x9, @raw=0x7}) sendmsg$auto_NL802154_CMD_SET_LBT_MODE(r0, &(0x7f0000000540)={&(0x7f0000000000), 0xc, &(0x7f0000000500)={&(0x7f00000001c0)={0x318, r2, 0x0, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x9}, @NL802154_ATTR_SEC_KEY={0x2ed, 0x30, 0x0, 0x1, [@generic="8b86dfa4a7620a87215667a9907d71c2b7661236a90f6f519e344740225bcb6d44e6225a2a6c670a2d34a7838b27c51583b585d0ea", @generic="f364d7b4226d9c40b20bad76b12895c95fce039e1e6a6d57cee8773e1ebfd9de4ba7a2481a0755e3223b9cdc6dbbba24eb252f1f38a34999e3883ab7dc9eb8e2ef483be9199b8a79955550cfe697d1d990797ad57cdac21fa8cb9c485f45613306", @nested={0x16b, 0x60, 0x0, 0x1, [@typed={0x8, 0xeb, 0x0, 0x0, @ipv4=@local}, @generic="39deda48bc17c513cf8993cde1c5863cbb92b959c75bbd7927d87424f12df627c1fb320f61e2a2593c0d466ae3a99f5861c5", @typed={0x59, 0x125, 0x0, 0x0, @binary="3d33c164936a619520f5795ec75294fe268366afc292023962a798e56f64e63613846c2ed74f683ac5d2026832c3429435728bb6d836c317f9e1a1b5a797eebf897526f277424da7ddb9547711857fa65758b47a8d"}, @typed={0x14, 0xe9, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}, @typed={0x14, 0x21, 0x0, 0x0, @ipv6=@private1}, @generic="8f5adba197f3213170dd1ce869a15f1ecc437f6af992a009a6b9e50a67a5d829563d3aa90046a7ef9b995751d26f26682c6a89145aa8ebdb14c0b46ef7e00f408f0a1b72009401b6a108667191199aac0a4810a4375ca01085418229bc1866062ef50b2af702bec680a7c8e7efa2caffecf0769f3a98d3a9afec01c99389703e890b59503ac1607c4fee8d7527", @typed={0x8, 0x8b, 0x0, 0x0, @uid=r4}, @nested={0x4, 0xab}, @nested={0x4, 0xf}, @typed={0xc, 0xd2, 0x0, 0x0, @u64=0x5}]}, @nested={0x8, 0x109, 0x0, 0x1, [@nested={0x4, 0x44}]}, @typed={0xc, 0x13e, 0x0, 0x0, @u64=0x1000}, @generic="dbc0420f4afb8af445322a40c1d63666d61068c08df1f77fa9cb8804b92266911cef282c50d5d085b1d0506177026ec9855cdaeff2f0a7993e7ff943c99125", @typed={0x14, 0x40, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @generic="37e35a9e68f9ed9c46d5f00f4492dd81cd6ebb5160264ed8ce9403e572d654ec55ba52140d472ea3cb15720eb8f9b9565f893900f62f598e2ede8b0768846066b86c3f9b2149cd1d0d773efce655c981212d6d0487ba2ff6762303c7b45a9c772f775ee52a7b6deea5452a06e27a7bc16728f1a3a074af394964e66eb4615962"]}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x9}]}, 0x318}, 0x1, 0x0, 0x0, 0x8811}, 0x20000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mlockall$auto(0x7) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000009c0), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) sendmsg$auto_IPVS_CMD_SET_SERVICE(r6, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000005400)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="014f873b33ad010a8c250200000008000180040001"], 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x4000000) bpf$auto(0x5, &(0x7f0000000000)=@test={0x12, 0x1, 0xa93f, 0x9, 0x3, 0x3, 0x3da1, 0x0, 0xb4, 0x5, 0x140000000000, 0x0, 0x7fffffff, 0x9, 0x1}, 0x171) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='Y\x00\x00\x00', @ANYRES16, @ANYBLOB="01002dbd7000fcdbdf2501"], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) r8 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r8, &(0x7f0000000000)='-\x00', 0x2fb) pwrite64$auto(r5, 0x0, 0x0, 0x2000000000040007) socketpair$auto(0x80, 0x8, 0x6, &(0x7f0000000580)=0x7) 1.923708538s ago: executing program 2 (id=1654): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x0) r2 = getsockopt$auto(r1, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x3b) r3 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000140), r0) r4 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000240), r1) sendmsg$auto_SMC_PNETID_GET(r1, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x5c, r4, 0x800, 0x70bd29, 0x25dfdbfc, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x6}, @SMC_PNETID_NAME={0x8, 0x1, '(}%\x00'}, @SMC_PNETID_ETHNAME={0xc, 0x2, 'nl80211\x00'}, @SMC_PNETID_NAME={0x5, 0x1, '\x00'}, @SMC_PNETID_IBNAME={0xa, 0x3, 'IOAM6\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x7}, @SMC_PNETID_NAME={0x7, 0x1, '\x1b\\\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0xb}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44000}, 0x4000080) sendmsg$auto_IOAM6_CMD_DUMP_SCHEMAS(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001ec0)={0x14, r3, 0x721, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x4008004) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) unshare$auto(0x40000080) mmap$auto(0x0, 0x7, 0xde, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x1e, 0x805, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_DROP(r2, 0x40045730, &(0x7f0000000000)=0x2e8) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x3, 0x0) r6 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="37bf3a07b3ccc7a68818ac00dfb188e1367113a8f857d477218f2c997dd5e05154fd4d96cf91ad8096cf4b25e798e9e62423e60a1c4d6e9be3be76468960f9ff6b21ce191886ad2fcceadbd41313e6d1ef7d7b7feb0dd1304d171bd739577f14e6cd3c17", @ANYRES16=r6, @ANYRESHEX=0x0, @ANYRESOCT=r5], 0x2c}, 0x1, 0x0, 0x0, 0x20008094}, 0x0) mmap$auto(0x0, 0x20000400005, 0xdf, 0x9b72, 0x5, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) 1.774187697s ago: executing program 3 (id=1655): socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x10001) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000240)={0x0, 0x7}, 0x2) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r2, 0x8000) 1.430664499s ago: executing program 1 (id=1656): openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x4c8300, 0x0) r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x78, 0x0, 0x14) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'pim6reg\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000140)={0x40, r3, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r4}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x80}, @OVS_DP_ATTR_NAME={0x11, 0x1, 'ovs_\x12\x12\x00\x00\x00\x00\a\x00\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'xfrm0\x00'}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'pim6reg0\x00'}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_1\x00'}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) r7 = socket(0x1d, 0x2, 0x2) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000001340)={'ip6gretap0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_UPD_RXSC(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, r6, 0x201, 0x70bd2a, 0x25dfdbfe, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0xa}]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004054}, 0x480b0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'netpci0\x00'}) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'wg0\x00', 0x0}) r11 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), 0xffffffffffffffff) sendmsg$auto_WG_CMD_SET_DEVICE(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, r11, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r10}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e20}]}, 0x24}}, 0x810) r12 = socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'}) sendmsg$auto_ETHTOOL_MSG_TSCONFIG_GET(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000240)={0x14, r1, 0x8, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20008080) 702.500516ms ago: executing program 2 (id=1657): close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x6, 0x800, 0x5) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x4e20, @remote}, 0x55) (async, rerun: 32) listen$auto(0x3, 0x81) (rerun: 32) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x800) (async, rerun: 64) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) (rerun: 64) openat$auto_dfs_sched_itmt_fops_itmt(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim6/ports/2/bpf_xdpdrv_accept\x00', 0x48000, 0x0) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) sysfs$auto(0x2, 0x4a, 0x0) (async, rerun: 32) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/013/001\x00', 0xa901, 0x0) (rerun: 32) kexec_load$auto(0x813f, 0x1000000, &(0x7f0000000000)={@buf=&(0x7f00000003c0), 0x2ffff, 0x10001, 0x1}, 0x1000000ff) (async, rerun: 64) ioctl$auto_USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000080)={0x2, 0x80, 0x10001, 0x5, &(0x7f0000000100)="c9f62659cc84673abcaa43429eecfaf52db9ce3fdbb29dc71c4c41e4902d154489eaa0df810e4bff5834f7d7eb15638a1909bda667d7676f7e200eeffae310dae858e8e19d31fc1d0b2cc4567a8bbb44bc9d0173e66250fce04be0bb74af2674eb36365a5fe71a8deda3577f9eefb9ae7926e0ca5db1a9752ca81f20bc", 0x9, 0x3, 0x2, @stream_id=0x2, 0x7, 0x476, 0x0}) (async, rerun: 64) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x6, 0x0, 0x0, 0x0) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64) timer_create$auto(0x803, 0x0, 0x0) (rerun: 64) mmap$auto(0x0, 0x101, 0x8, 0xeb1, 0x200000401, 0x8000) (async) sysfs$auto(0x2, 0x5, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) sendmsg$auto_NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040080}, 0x140) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) (async, rerun: 32) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (rerun: 32) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x9, 0xa, 0x1400009, 0xffffffffffffffff, 0x202, 0x3}, 0x6f3) fsopen$auto(0x0, 0x1) (async) close_range$auto(0x2, 0x8, 0x0) 619.735009ms ago: executing program 3 (id=1658): process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) r0 = socket(0x2b, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv$auto(0x40000000000003, 0x0, 0x6, 0xe27c, 0x8) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10004}, 0x5, 0x20000000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto(0x0, 0xff7fffffffff0001, 0x15) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x80, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x1000, 0x400050, 0x9) (fail_nth: 2) 318.89894ms ago: executing program 0 (id=1659): socket(0xa, 0x2, 0x0) socket(0x6, 0x3, 0x37) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x26, 0x5, 0x8c68) futex_waitv$auto(0x0, 0x7ff, 0x8, &(0x7f00000000c0)={0x1000000004, 0x10}, 0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x74c40, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) (async) lsm_list_modules$auto(0x0, 0x0, 0x0) r3 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, 0x0, 0x2, 0x0) pwrite64$auto(r3, &(0x7f0000000340)='\v\f_U\xe0w\xbf\xe3\xb8\x92\xac.X_|\xc8R\x99!\xd2\xfb\xfe\xa7\xe4&#sn\x91p\xe6\x1eRN8\x99C\x05s\x1cJ\x99\x1d[s\x15z\x87\xe1\xb6\xba#7*/\x13\x00:\x00!\rW6\x00\x00\x00\x00\xb4\x1avP\x00\xc5\xc7\xf1\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\xa7\xd1\xdd\x85\as*l\x9c\xa1\xf7\x8c\xa1\xfb\xb5\b\x00\x00\x00\x00\x00\x00\x00\xb4\xfb\x99\x00\xed\v\xfa\xaa[\f\xa2\xea40\r\xcd\x86\x9d\xac\xde\xec\x85\x93\x93\xd3G\x8c\x9b\x9d\a\xbf\x1f\x95n\x94\xbc[\xb5\xfa\xe0t\\\xbc\x11\x94\x0fF\xf9\xac\vv\xb5\xc3\xd9j\x05\boe\xa5\xc2l\x05\xbcTu\x18\xda\xf2#\x80\xd5\xb4\xf54\x04M\xc8G\x0e/\xae\xab\x9b\x14\x8f\xeb\x19\xc80Dq\x9f\f\x106\x1b\xa7\xe6jU\x00X\x8e\xe4\v\xbb\x91\a\x14\x8c\xc9z\'a\xdd\x89<\xf5\xeeC\xb4\xa7\x976\xfcO\x17\x1a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00<\xbc\xd7\xa7T^\x9fs\xec_Nl/+\x9a\xbb\xb3[\xcb\xf8\x87\x18\xe6,\xad_\xfe~M\x80X\x1ak7g\xff\xc8', 0x52, 0x5231) ioctl$auto_TUNATTACHFILTER(r0, 0x401054d5, 0x0) (async) ioctl$auto_TUNATTACHFILTER(r0, 0x401054d5, 0x0) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x40146f2c, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x50ba82, 0x0) (async) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x50ba82, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) (async) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x11, 0x80000, 0x5) socket(0x10, 0x1, 0xff) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) (async) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) setsockopt$auto(0x400000000000003, 0x29, 0x400, 0x0, 0x568) (async) setsockopt$auto(0x400000000000003, 0x29, 0x400, 0x0, 0x568) socket$nl_generic(0x10, 0x3, 0x10) 252.064395ms ago: executing program 1 (id=1660): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), r0) mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) r1 = syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd43a6ac90df250300000004000800140001800800028004001d80080003"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x800) fsopen$auto(0x0, 0x203ca) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x129821, 0x0) select$auto(0x6, 0x0, &(0x7f0000000000)={[0x5, 0x20000000000002, 0x5, 0x19, 0x6, 0x44, 0xffffffffffffffd4, 0x200000f, 0x0, 0x0, 0xf, 0xd59, 0x900000000105, 0x9b, 0x2, 0xffffffffffffffff]}, 0x0, 0x0) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) write$auto(r4, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) ioctl$auto(r3, 0x540a, 0x0) socket(0xa, 0x5, 0x0) timer_create$auto(0x0, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0) ioctl$auto_PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000340)=0x4) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) 0s ago: executing program 2 (id=1661): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r0, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x208, 0x1, 0x401bf, 0x734f, 0x37, 0x67f, 0xfffffff8, 0x7, 0x3, 0x20000002, 0x80d, 0x3, 0x1, 0x2091, 0xb4, 0x9, 0x6, 0x6, 0x80, 0x2, 0x1cd7, 0x1000, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x7fffffff, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x3, 0x0, 0x2, 0x0, 0x3]}, 0x1fe, 0xd) io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000280), 0x1) kernel console output (not intermixed with test programs): .445854][T10765] dump_stack_lvl+0x100/0x190 [ 500.445910][T10765] should_fail_ex.cold+0x5/0xa [ 500.445950][T10765] get_futex_key+0x1d2/0x1620 [ 500.445997][T10765] ? __pfx_get_futex_key+0x10/0x10 [ 500.446036][T10765] ? find_held_lock+0x2b/0x80 [ 500.446067][T10765] ? futex_wake+0x456/0x530 [ 500.446126][T10765] futex_wake+0xea/0x530 [ 500.446180][T10765] ? __pfx_futex_wake+0x10/0x10 [ 500.446228][T10765] ? __lock_acquire+0x4a5/0x2630 [ 500.446272][T10765] ? __pfx___handle_mm_fault+0x10/0x10 [ 500.446320][T10765] ? __pfx_css_rstat_updated+0x10/0x10 [ 500.446365][T10765] do_futex+0x32b/0x350 [ 500.446414][T10765] ? __pfx_do_futex+0x10/0x10 [ 500.446461][T10765] ? apparmor_capable+0x1d7/0x4d0 [ 500.446523][T10765] __x64_sys_futex+0x34f/0x4d0 [ 500.446576][T10765] ? __pfx___x64_sys_futex+0x10/0x10 [ 500.446622][T10765] ? __pfx___do_sys_prctl+0x10/0x10 [ 500.446686][T10765] do_syscall_64+0x106/0xf80 [ 500.446727][T10765] ? clear_bhb_loop+0x40/0x90 [ 500.446769][T10765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 500.446805][T10765] RIP: 0033:0x7f008b59c799 [ 500.446833][T10765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 500.446866][T10765] RSP: 002b:00007f008c3b30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 500.446898][T10765] RAX: ffffffffffffffda RBX: 00007f008b815fa8 RCX: 00007f008b59c799 [ 500.446920][T10765] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f008b815fac [ 500.446940][T10765] RBP: 00007f008b815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 500.446960][T10765] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 500.446981][T10765] R13: 00007f008b816038 R14: 00007ffc2e3bb620 R15: 00007ffc2e3bb708 [ 500.447025][T10765] [ 501.639749][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.646312][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 505.299215][T10799] FAULT_INJECTION: forcing a failure. [ 505.299215][T10799] name failslab, interval 1, probability 0, space 0, times 0 [ 505.398415][T10799] CPU: 1 UID: 0 PID: 10799 Comm: syz.2.1100 Tainted: G U L syzkaller #0 PREEMPT(full) [ 505.398479][T10799] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 505.398493][T10799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 505.398512][T10799] Call Trace: [ 505.398522][T10799] [ 505.398536][T10799] dump_stack_lvl+0x100/0x190 [ 505.398591][T10799] should_fail_ex.cold+0x5/0xa [ 505.398630][T10799] should_failslab+0xc2/0x120 [ 505.398667][T10799] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 505.398719][T10799] ? __proc_create+0x2cb/0x8c0 [ 505.398783][T10799] __proc_create+0x2cb/0x8c0 [ 505.398838][T10799] ? __pfx___proc_create+0x10/0x10 [ 505.398898][T10799] ? _raw_spin_unlock+0x28/0x50 [ 505.398941][T10799] proc_create_reg+0x75/0x170 [ 505.398979][T10799] proc_create_net_data+0x8e/0x1c0 [ 505.399047][T10799] ? __pfx_proc_create_net_data+0x10/0x10 [ 505.399114][T10799] ? __pfx_arp_net_init+0x10/0x10 [ 505.399286][T10799] arp_net_init+0x53/0x80 [ 505.399335][T10799] ops_init+0x1e2/0x5f0 [ 505.399415][T10799] setup_net+0x118/0x3a0 [ 505.399461][T10799] ? __pfx_setup_net+0x10/0x10 [ 505.399504][T10799] ? lockdep_init_map_type+0x5c/0x250 [ 505.399553][T10799] ? mutex_init_lockep+0x110/0x150 [ 505.399605][T10799] copy_net_ns+0x46f/0x7c0 [ 505.399658][T10799] create_new_namespaces+0x3ea/0xac0 [ 505.399704][T10799] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 505.399745][T10799] ksys_unshare+0x473/0xad0 [ 505.399791][T10799] ? __pfx_ksys_unshare+0x10/0x10 [ 505.399850][T10799] __x64_sys_unshare+0x31/0x40 [ 505.399892][T10799] do_syscall_64+0x106/0xf80 [ 505.399931][T10799] ? clear_bhb_loop+0x40/0x90 [ 505.399973][T10799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 505.400008][T10799] RIP: 0033:0x7f008b59c799 [ 505.400043][T10799] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 505.400076][T10799] RSP: 002b:00007f008c3b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 505.400108][T10799] RAX: ffffffffffffffda RBX: 00007f008b815fa0 RCX: 00007f008b59c799 [ 505.400131][T10799] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 505.400152][T10799] RBP: 00007f008b632c99 R08: 0000000000000000 R09: 0000000000000000 [ 505.400173][T10799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 505.400194][T10799] R13: 00007f008b816038 R14: 00007f008b815fa0 R15: 00007ffc2e3bb708 [ 505.400240][T10799] [ 506.359808][ T7336] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 506.545530][T10820] FAULT_INJECTION: forcing a failure. [ 506.545530][T10820] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 506.590782][T10820] CPU: 1 UID: 0 PID: 10820 Comm: syz.0.1107 Tainted: G U L syzkaller #0 PREEMPT(full) [ 506.590832][T10820] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 506.590858][T10820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 506.590877][T10820] Call Trace: [ 506.590887][T10820] [ 506.590899][T10820] dump_stack_lvl+0x100/0x190 [ 506.590952][T10820] should_fail_ex.cold+0x5/0xa [ 506.590990][T10820] _copy_from_user+0x2e/0xd0 [ 506.591023][T10820] core_sys_select+0x319/0xbb0 [ 506.591083][T10820] ? __pfx_core_sys_select+0x10/0x10 [ 506.591134][T10820] ? get_pid_task+0xfc/0x250 [ 506.591181][T10820] ? get_pid_task+0x106/0x250 [ 506.591248][T10820] ? __mutex_unlock_slowpath+0x15c/0x790 [ 506.591368][T10820] ? __fget_files+0x215/0x3d0 [ 506.591399][T10820] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 506.591448][T10820] kern_select+0x20c/0x270 [ 506.591511][T10820] ? __pfx_kern_select+0x10/0x10 [ 506.591567][T10820] ? __pfx_ksys_write+0x10/0x10 [ 506.591603][T10820] __x64_sys_select+0xbd/0x160 [ 506.591652][T10820] ? do_syscall_64+0x95/0xf80 [ 506.591690][T10820] ? lockdep_hardirqs_on+0x78/0x100 [ 506.591730][T10820] do_syscall_64+0x106/0xf80 [ 506.591767][T10820] ? clear_bhb_loop+0x40/0x90 [ 506.591807][T10820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.591841][T10820] RIP: 0033:0x7fd18bf9c799 [ 506.591867][T10820] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 506.591898][T10820] RSP: 002b:00007fd18ce4b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 506.591929][T10820] RAX: ffffffffffffffda RBX: 00007fd18c215fa0 RCX: 00007fd18bf9c799 [ 506.591950][T10820] RDX: 0000200000000080 RSI: 0000000000000000 RDI: 0000000000000004 [ 506.591969][T10820] RBP: 00007fd18ce4b090 R08: 0000000000000000 R09: 0000000000000000 [ 506.591988][T10820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 506.592007][T10820] R13: 00007fd18c216038 R14: 00007fd18c215fa0 R15: 00007ffffb3c0428 [ 506.592049][T10820] [ 507.044768][T10826] random: crng reseeded on system resumption [ 507.203783][T10827] kvm: kvm [10823]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x1 [ 507.365147][T10836] FAULT_INJECTION: forcing a failure. [ 507.365147][T10836] name failslab, interval 1, probability 0, space 0, times 0 [ 507.409574][T10836] CPU: 1 UID: 0 PID: 10836 Comm: syz.3.1113 Tainted: G U L syzkaller #0 PREEMPT(full) [ 507.409619][T10836] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 507.409630][T10836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 507.409647][T10836] Call Trace: [ 507.409657][T10836] [ 507.409670][T10836] dump_stack_lvl+0x100/0x190 [ 507.409719][T10836] should_fail_ex.cold+0x5/0xa [ 507.409753][T10836] should_failslab+0xc2/0x120 [ 507.409783][T10836] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 507.409823][T10836] ? security_file_alloc+0x34/0x2c0 [ 507.409853][T10836] ? trace_kmem_cache_alloc+0xf3/0x120 [ 507.409889][T10836] security_file_alloc+0x34/0x2c0 [ 507.409919][T10836] init_file+0x95/0x480 [ 507.409953][T10836] alloc_empty_file+0x73/0x1c0 [ 507.409989][T10836] path_openat+0xe8/0x31a0 [ 507.410016][T10836] ? kasan_save_stack+0x3f/0x50 [ 507.410056][T10836] ? kasan_save_stack+0x30/0x50 [ 507.410095][T10836] ? kasan_save_track+0x14/0x30 [ 507.410135][T10836] ? __kasan_slab_alloc+0x89/0x90 [ 507.410160][T10836] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 507.410198][T10836] ? do_getname+0x35/0x390 [ 507.410230][T10836] ? do_sys_openat2+0xc5/0x1e0 [ 507.410265][T10836] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.410299][T10836] ? __pfx_path_openat+0x10/0x10 [ 507.410340][T10836] do_file_open+0x20e/0x430 [ 507.410371][T10836] ? __pfx_do_file_open+0x10/0x10 [ 507.410442][T10836] ? alloc_fd+0x476/0x790 [ 507.410474][T10836] ? do_getname+0x191/0x390 [ 507.410514][T10836] do_sys_openat2+0x10d/0x1e0 [ 507.410553][T10836] ? __pfx_do_sys_openat2+0x10/0x10 [ 507.410597][T10836] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 507.410643][T10836] ? __fget_files+0x21f/0x3d0 [ 507.410675][T10836] __x64_sys_openat+0x12d/0x210 [ 507.410715][T10836] ? __pfx___x64_sys_openat+0x10/0x10 [ 507.410753][T10836] ? ksys_write+0x1ac/0x250 [ 507.410792][T10836] do_syscall_64+0x106/0xf80 [ 507.410844][T10836] ? clear_bhb_loop+0x40/0x90 [ 507.410883][T10836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.410916][T10836] RIP: 0033:0x7f29acf9c799 [ 507.410941][T10836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 507.410978][T10836] RSP: 002b:00007f29addd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 507.411009][T10836] RAX: ffffffffffffffda RBX: 00007f29ad215fa0 RCX: 00007f29acf9c799 [ 507.411029][T10836] RDX: 00000000000a0241 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 507.411068][T10836] RBP: 00007f29addd8090 R08: 0000000000000000 R09: 0000000000000000 [ 507.411088][T10836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 507.411108][T10836] R13: 00007f29ad216038 R14: 00007f29ad215fa0 R15: 00007ffdfd0e5e88 [ 507.411151][T10836] [ 508.141651][T10842] FAULT_INJECTION: forcing a failure. [ 508.141651][T10842] name fail_futex, interval 1, probability 0, space 0, times 0 [ 508.182149][T10842] CPU: 1 UID: 0 PID: 10842 Comm: syz.3.1115 Tainted: G U L syzkaller #0 PREEMPT(full) [ 508.182202][T10842] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 508.182214][T10842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 508.182232][T10842] Call Trace: [ 508.182242][T10842] [ 508.182254][T10842] dump_stack_lvl+0x100/0x190 [ 508.182320][T10842] should_fail_ex.cold+0x5/0xa [ 508.182359][T10842] get_futex_key+0x1d2/0x1620 [ 508.182403][T10842] ? __pfx_get_futex_key+0x10/0x10 [ 508.182444][T10842] ? kasan_save_track+0x14/0x30 [ 508.182495][T10842] ? __kasan_kmalloc+0xaa/0xb0 [ 508.182549][T10842] futex_lock_pi+0x1d3/0x7b0 [ 508.182602][T10842] ? __pfx_futex_lock_pi+0x10/0x10 [ 508.182708][T10842] ? __pfx_futex_wake_mark+0x10/0x10 [ 508.182766][T10842] ? find_held_lock+0x2b/0x80 [ 508.182796][T10842] ? ksys_write+0x190/0x250 [ 508.182825][T10842] ? ksys_write+0x190/0x250 [ 508.182861][T10842] do_futex+0x18a/0x350 [ 508.182903][T10842] ? __pfx_do_futex+0x10/0x10 [ 508.182961][T10842] __x64_sys_futex+0x34f/0x4d0 [ 508.183006][T10842] ? fput+0x79/0x100 [ 508.183045][T10842] ? __pfx___x64_sys_futex+0x10/0x10 [ 508.183086][T10842] ? ksys_write+0x1ac/0x250 [ 508.183114][T10842] ? __pfx_ksys_write+0x10/0x10 [ 508.183156][T10842] do_syscall_64+0x106/0xf80 [ 508.183197][T10842] ? clear_bhb_loop+0x40/0x90 [ 508.183238][T10842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 508.183272][T10842] RIP: 0033:0x7f29acf9c799 [ 508.183305][T10842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 508.183338][T10842] RSP: 002b:00007f29addb7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 508.183369][T10842] RAX: ffffffffffffffda RBX: 00007f29ad216090 RCX: 00007f29acf9c799 [ 508.183391][T10842] RDX: 0000000000000008 RSI: 0000000000000086 RDI: 0000000000000000 [ 508.183411][T10842] RBP: 00007f29addb7090 R08: 0000000000000000 R09: 0000000000000007 [ 508.183431][T10842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 508.183450][T10842] R13: 00007f29ad216128 R14: 00007f29ad216090 R15: 00007ffdfd0e5e88 [ 508.183492][T10842] [ 509.907538][T10851] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1119'. [ 510.159044][T10856] random: crng reseeded on system resumption [ 510.358679][T10858] random: crng reseeded on system resumption [ 510.463721][T10858] sd 0:0:1:0: PR command failed: 1026 [ 510.477234][T10858] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 510.491207][T10858] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 510.976978][T10872] FAULT_INJECTION: forcing a failure. [ 510.976978][T10872] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 511.001782][T10872] CPU: 0 UID: 0 PID: 10872 Comm: syz.1.1127 Tainted: G U L syzkaller #0 PREEMPT(full) [ 511.001834][T10872] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 511.001847][T10872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 511.001866][T10872] Call Trace: [ 511.001877][T10872] [ 511.001888][T10872] dump_stack_lvl+0x100/0x190 [ 511.001942][T10872] should_fail_ex.cold+0x5/0xa [ 511.001981][T10872] _copy_from_user+0x2e/0xd0 [ 511.002016][T10872] memdup_user+0x6b/0xe0 [ 511.002047][T10872] strndup_user+0x78/0xe0 [ 511.002078][T10872] __x64_sys_mount+0x136/0x310 [ 511.002118][T10872] ? __pfx___x64_sys_mount+0x10/0x10 [ 511.002169][T10872] do_syscall_64+0x106/0xf80 [ 511.002207][T10872] ? clear_bhb_loop+0x40/0x90 [ 511.002247][T10872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.002280][T10872] RIP: 0033:0x7fad9239c799 [ 511.002307][T10872] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 511.002339][T10872] RSP: 002b:00007fad931d5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 511.002370][T10872] RAX: ffffffffffffffda RBX: 00007fad92616090 RCX: 00007fad9239c799 [ 511.002392][T10872] RDX: 0000200000000580 RSI: 00002000000000c0 RDI: 0000000000000000 [ 511.002413][T10872] RBP: 00007fad931d5090 R08: 0000000000000000 R09: 0000000000000000 [ 511.002449][T10872] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 511.002469][T10872] R13: 00007fad92616128 R14: 00007fad92616090 R15: 00007ffdf4b3ae58 [ 511.002513][T10872] [ 512.622689][T10902] random: crng reseeded on system resumption [ 512.898538][T10907] random: crng reseeded on system resumption [ 513.034947][T10907] sd 0:0:1:0: PR command failed: 1026 [ 513.054312][T10907] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 513.083423][T10907] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 513.919475][T10925] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 514.428463][T10928] zswap: compressor not available [ 515.081956][T10921] can: request_module (can-proto-3) failed. [ 515.444988][T10957] random: crng reseeded on system resumption [ 520.547727][T11014] random: crng reseeded on system resumption [ 520.961933][T11016] bond0: invalid ARP target specified [ 521.455910][T11016] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1156'. [ 521.654464][T11022] sd 0:0:1:0: PR command failed: 1026 [ 521.659985][T11022] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 521.684923][T11022] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 523.150541][T11039] random: crng reseeded on system resumption [ 523.245997][T11039] sd 0:0:1:0: PR command failed: 1026 [ 523.261597][T11039] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 523.280757][T11039] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 523.391810][T11047] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1164'. [ 523.685209][T11051] ptrace attach of "./syz-executor exec"[5821] was attempted by "./syz-executor exec"[11051] [ 524.894471][T11072] random: crng reseeded on system resumption [ 525.118028][T11076] smpboot: CPU 1 is now offline [ 526.063078][T11082] bridge0: port 3(dummy0) entered blocking state [ 526.094567][T11082] bridge0: port 3(dummy0) entered disabled state [ 526.117099][T11082] dummy0: entered allmulticast mode [ 526.178706][T11082] dummy0: entered promiscuous mode [ 526.216170][T11082] bridge0: port 3(dummy0) entered blocking state [ 526.222651][T11082] bridge0: port 3(dummy0) entered forwarding state [ 526.365762][T11085] FAULT_INJECTION: forcing a failure. [ 526.365762][T11085] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 526.484371][T11085] CPU: 0 UID: 0 PID: 11085 Comm: syz.2.1174 Tainted: G U L syzkaller #0 PREEMPT(full) [ 526.484411][T11085] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 526.484420][T11085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 526.484434][T11085] Call Trace: [ 526.484442][T11085] [ 526.484451][T11085] dump_stack_lvl+0x100/0x190 [ 526.484490][T11085] should_fail_ex.cold+0x5/0xa [ 526.484517][T11085] _copy_from_user+0x2e/0xd0 [ 526.484541][T11085] memdup_user+0x6b/0xe0 [ 526.484563][T11085] strndup_user+0x78/0xe0 [ 526.484586][T11085] fs_index+0x1d/0x120 [ 526.484614][T11085] __x64_sys_sysfs+0x91/0x190 [ 526.484643][T11085] do_syscall_64+0x106/0xf80 [ 526.484671][T11085] ? clear_bhb_loop+0x40/0x90 [ 526.484700][T11085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.484723][T11085] RIP: 0033:0x7f008b59c799 [ 526.484742][T11085] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 526.484766][T11085] RSP: 002b:00007f008c3b3028 EFLAGS: 00000246 ORIG_RAX: 000000000000008b [ 526.484787][T11085] RAX: ffffffffffffffda RBX: 00007f008b815fa0 RCX: 00007f008b59c799 [ 526.484802][T11085] RDX: 0000000000000005 RSI: 0000000000000005 RDI: 0000000000000001 [ 526.484816][T11085] RBP: 00007f008c3b3090 R08: 0000000000000000 R09: 0000000000000000 [ 526.484830][T11085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 526.484843][T11085] R13: 00007f008b816038 R14: 00007f008b815fa0 R15: 00007ffc2e3bb708 [ 526.484873][T11085] [ 526.673861][T11087] random: crng reseeded on system resumption [ 526.879097][T11087] sd 0:0:1:0: PR command failed: 1026 [ 526.924720][T11087] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 526.931491][T11087] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 530.916340][T11151] random: crng reseeded on system resumption [ 531.105235][T11151] sd 0:0:1:0: PR command failed: 1026 [ 531.139863][T11151] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 531.206198][T11151] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 531.396240][T11158] ptrace attach of "./syz-executor exec"[5830] was attempted by "./syz-executor exec"[11158] [ 531.781037][T11166] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 534.456711][T11200] FAULT_INJECTION: forcing a failure. [ 534.456711][T11200] name failslab, interval 1, probability 0, space 0, times 0 [ 534.544953][T11200] CPU: 0 UID: 0 PID: 11200 Comm: syz.1.1198 Tainted: G U L syzkaller #0 PREEMPT(full) [ 534.544993][T11200] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 534.545003][T11200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 534.545018][T11200] Call Trace: [ 534.545025][T11200] [ 534.545034][T11200] dump_stack_lvl+0x100/0x190 [ 534.545076][T11200] should_fail_ex.cold+0x5/0xa [ 534.545105][T11200] should_failslab+0xc2/0x120 [ 534.545130][T11200] __kmalloc_cache_noprof+0x7a/0x6f0 [ 534.545163][T11200] ? virtual_ncidev_open+0x49/0x220 [ 534.545197][T11200] virtual_ncidev_open+0x49/0x220 [ 534.545225][T11200] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 534.545252][T11200] misc_open+0x26d/0x450 [ 534.545275][T11200] ? __pfx_misc_open+0x10/0x10 [ 534.545296][T11200] chrdev_open+0x234/0x6a0 [ 534.545320][T11200] ? __pfx_apparmor_file_open+0x10/0x10 [ 534.545357][T11200] ? __pfx_chrdev_open+0x10/0x10 [ 534.545383][T11200] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 534.545414][T11200] do_dentry_open+0x6d8/0x1660 [ 534.545438][T11200] ? __pfx_chrdev_open+0x10/0x10 [ 534.545469][T11200] vfs_open+0x82/0x3f0 [ 534.545510][T11200] path_openat+0x208c/0x31a0 [ 534.545546][T11200] ? __pfx_path_openat+0x10/0x10 [ 534.545582][T11200] do_file_open+0x20e/0x430 [ 534.545608][T11200] ? __pfx_do_file_open+0x10/0x10 [ 534.545654][T11200] ? alloc_fd+0x476/0x790 [ 534.545680][T11200] ? do_getname+0x191/0x390 [ 534.545713][T11200] do_sys_openat2+0x10d/0x1e0 [ 534.545744][T11200] ? __pfx_do_sys_openat2+0x10/0x10 [ 534.545787][T11200] __x64_sys_openat+0x12d/0x210 [ 534.545819][T11200] ? __pfx___x64_sys_openat+0x10/0x10 [ 534.545863][T11200] do_syscall_64+0x106/0xf80 [ 534.545893][T11200] ? clear_bhb_loop+0x40/0x90 [ 534.545923][T11200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.545948][T11200] RIP: 0033:0x7fad9239c799 [ 534.545967][T11200] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 534.545991][T11200] RSP: 002b:00007fad931f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 534.546014][T11200] RAX: ffffffffffffffda RBX: 00007fad92615fa0 RCX: 00007fad9239c799 [ 534.546031][T11200] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 534.546046][T11200] RBP: 00007fad92432c99 R08: 0000000000000000 R09: 0000000000000000 [ 534.546061][T11200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 534.546076][T11200] R13: 00007fad92616038 R14: 00007fad92615fa0 R15: 00007ffdf4b3ae58 [ 534.546107][T11200] [ 538.499060][T11266] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1212'. [ 540.387848][T11288] random: crng reseeded on system resumption [ 541.248592][T11299] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 541.796155][T11312] ptrace attach of "./syz-executor exec"[5830] was attempted by "./syz-executor exec"[11312] [ 542.528750][T11317] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 547.974585][T11383] FAULT_INJECTION: forcing a failure. [ 547.974585][T11383] name failslab, interval 1, probability 0, space 0, times 0 [ 548.081455][T11383] CPU: 0 UID: 0 PID: 11383 Comm: syz.1.1236 Tainted: G U L syzkaller #0 PREEMPT(full) [ 548.081494][T11383] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 548.081502][T11383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 548.081516][T11383] Call Trace: [ 548.081524][T11383] [ 548.081533][T11383] dump_stack_lvl+0x100/0x190 [ 548.081572][T11383] should_fail_ex.cold+0x5/0xa [ 548.081600][T11383] should_failslab+0xc2/0x120 [ 548.081625][T11383] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 548.081663][T11383] ? alloc_empty_file+0x55/0x1c0 [ 548.081699][T11383] alloc_empty_file+0x55/0x1c0 [ 548.081730][T11383] alloc_file_pseudo+0x13a/0x230 [ 548.081773][T11383] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 548.081803][T11383] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 548.081850][T11383] create_pipe_files+0x360/0x970 [ 548.081879][T11383] do_pipe2+0xbd/0x1e0 [ 548.081903][T11383] ? __pfx_do_pipe2+0x10/0x10 [ 548.081927][T11383] ? xfd_validate_state+0x129/0x190 [ 548.081963][T11383] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 548.082000][T11383] __x64_sys_pipe2+0x54/0x80 [ 548.082024][T11383] do_syscall_64+0x106/0xf80 [ 548.082054][T11383] ? clear_bhb_loop+0x40/0x90 [ 548.082083][T11383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 548.082108][T11383] RIP: 0033:0x7fad9239c799 [ 548.082127][T11383] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 548.082151][T11383] RSP: 002b:00007fad931f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000125 [ 548.082173][T11383] RAX: ffffffffffffffda RBX: 00007fad92615fa0 RCX: 00007fad9239c799 [ 548.082189][T11383] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 548.082204][T11383] RBP: 00007fad92432c99 R08: 0000000000000000 R09: 0000000000000000 [ 548.082218][T11383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 548.082232][T11383] R13: 00007fad92616038 R14: 00007fad92615fa0 R15: 00007ffdf4b3ae58 [ 548.082263][T11383] [ 548.981598][T11403] bond0: invalid ARP target specified [ 549.094655][T11405] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1242'. [ 549.232732][T11403] FAULT_INJECTION: forcing a failure. [ 549.232732][T11403] name failslab, interval 1, probability 0, space 0, times 0 [ 549.392542][T11403] CPU: 0 UID: 0 PID: 11403 Comm: syz.2.1242 Tainted: G U L syzkaller #0 PREEMPT(full) [ 549.392582][T11403] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 549.392591][T11403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 549.392605][T11403] Call Trace: [ 549.392613][T11403] [ 549.392622][T11403] dump_stack_lvl+0x100/0x190 [ 549.392663][T11403] should_fail_ex.cold+0x5/0xa [ 549.392691][T11403] should_failslab+0xc2/0x120 [ 549.392716][T11403] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 549.392753][T11403] ? do_getname+0x35/0x390 [ 549.392789][T11403] do_getname+0x35/0x390 [ 549.392821][T11403] do_sys_openat2+0xc5/0x1e0 [ 549.392853][T11403] ? __pfx_do_sys_openat2+0x10/0x10 [ 549.392887][T11403] ? __sys_sendmsg+0x18f/0x220 [ 549.392923][T11403] __x64_sys_openat+0x12d/0x210 [ 549.392959][T11403] ? __pfx___x64_sys_openat+0x10/0x10 [ 549.393004][T11403] do_syscall_64+0x106/0xf80 [ 549.393033][T11403] ? clear_bhb_loop+0x40/0x90 [ 549.393063][T11403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 549.393088][T11403] RIP: 0033:0x7f008b59c799 [ 549.393106][T11403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 549.393138][T11403] RSP: 002b:00007f008c3b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 549.393161][T11403] RAX: ffffffffffffffda RBX: 00007f008b815fa0 RCX: 00007f008b59c799 [ 549.393178][T11403] RDX: 0000000000000004 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 549.393192][T11403] RBP: 00007f008b632c99 R08: 0000000000000000 R09: 0000000000000000 [ 549.393207][T11403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 549.393221][T11403] R13: 00007f008b816038 R14: 00007f008b815fa0 R15: 00007ffc2e3bb708 [ 549.393252][T11403] [ 552.046181][ T30] audit: type=1800 audit(1773189801.949:16): pid=11449 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1254" name="version" dev="configfs" ino=142299 res=0 errno=0 [ 552.091118][T11449] bdi 43:192: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 552.248263][T11452] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1255'. [ 552.452657][T11456] bond0: invalid ARP target specified [ 552.513963][T11456] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1256'. [ 552.609452][T11456] FAULT_INJECTION: forcing a failure. [ 552.609452][T11456] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 552.683885][T11456] CPU: 0 UID: 0 PID: 11456 Comm: syz.0.1256 Tainted: G U L syzkaller #0 PREEMPT(full) [ 552.683925][T11456] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 552.683934][T11456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 552.683949][T11456] Call Trace: [ 552.683957][T11456] [ 552.683965][T11456] dump_stack_lvl+0x100/0x190 [ 552.684007][T11456] should_fail_ex.cold+0x5/0xa [ 552.684030][T11456] ? prepare_alloc_pages+0x16d/0x5f0 [ 552.684064][T11456] should_fail_alloc_page+0xeb/0x140 [ 552.684092][T11456] prepare_alloc_pages+0x1f0/0x5f0 [ 552.684124][T11456] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 552.684169][T11456] ? __lock_acquire+0x4a5/0x2630 [ 552.684209][T11456] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 552.684249][T11456] ? do_raw_spin_lock+0x128/0x260 [ 552.684286][T11456] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 552.684321][T11456] ? find_held_lock+0x2b/0x80 [ 552.684352][T11456] ? __lock_acquire+0x4a5/0x2630 [ 552.684382][T11456] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 552.684425][T11456] ? policy_nodemask+0xed/0x4f0 [ 552.684453][T11456] alloc_pages_mpol+0x1fb/0x550 [ 552.684479][T11456] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 552.684505][T11456] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 552.684543][T11456] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 552.684587][T11456] folio_alloc_mpol_noprof+0x36/0x340 [ 552.684619][T11456] shmem_alloc_folio+0x135/0x160 [ 552.684650][T11456] shmem_alloc_and_add_folio+0x371/0xd40 [ 552.684695][T11456] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 552.684734][T11456] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 552.684778][T11456] shmem_get_folio_gfp+0x6ab/0x1900 [ 552.684832][T11456] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 552.684871][T11456] ? filemap_map_pages+0xe69/0x2020 [ 552.684913][T11456] shmem_fault+0x1f9/0xa20 [ 552.684948][T11456] ? __lock_acquire+0x4a5/0x2630 [ 552.684979][T11456] ? __pfx_shmem_fault+0x10/0x10 [ 552.685020][T11456] ? __pfx_filemap_map_pages+0x10/0x10 [ 552.685065][T11456] __do_fault+0x10d/0x550 [ 552.685090][T11456] do_fault+0xabb/0x1990 [ 552.685122][T11456] __handle_mm_fault+0x180f/0x2b60 [ 552.685159][T11456] ? mt_find+0x45e/0x8e0 [ 552.685193][T11456] ? __pfx___handle_mm_fault+0x10/0x10 [ 552.685224][T11456] ? __pfx_mt_find+0x10/0x10 [ 552.685271][T11456] ? find_vma+0xbf/0x140 [ 552.685293][T11456] ? __pfx_find_vma+0x10/0x10 [ 552.685318][T11456] handle_mm_fault+0x36d/0xa20 [ 552.685357][T11456] do_user_addr_fault+0x74c/0x12f0 [ 552.685406][T11456] exc_page_fault+0x6f/0xd0 [ 552.685435][T11456] asm_exc_page_fault+0x26/0x30 [ 552.685460][T11456] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 552.685498][T11456] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 cf 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 552.685522][T11456] RSP: 0018:ffffc900039dfd30 EFLAGS: 00050206 [ 552.685541][T11456] RAX: 0000000000000001 RBX: 0000000000001fe4 RCX: 0000000000007b84 [ 552.685556][T11456] RDX: 0000000000000001 RSI: 0000000000002000 RDI: ffffc900033d007c [ 552.685570][T11456] RBP: 0000000000007ba0 R08: 0000000000000001 R09: fffff5200067af7f [ 552.685585][T11456] R10: ffffc900033d7bff R11: 0000000000000000 R12: 0000000000000000 [ 552.685600][T11456] R13: ffffc900033d0060 R14: 0000000000007ba0 R15: ffffc900033d0060 [ 552.685629][T11456] _copy_from_user+0x98/0xd0 [ 552.685655][T11456] bpf_prog_create_from_user+0x109/0x2f0 [ 552.685690][T11456] ? __pfx_seccomp_check_filter+0x10/0x10 [ 552.685723][T11456] do_seccomp+0x7f7/0x2740 [ 552.685760][T11456] ? __pfx_do_seccomp+0x10/0x10 [ 552.685791][T11456] ? __x64_sys_openat+0x12d/0x210 [ 552.685830][T11456] ? xfd_validate_state+0x129/0x190 [ 552.685877][T11456] do_syscall_64+0x106/0xf80 [ 552.685905][T11456] ? clear_bhb_loop+0x40/0x90 [ 552.685934][T11456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.685959][T11456] RIP: 0033:0x7fd18bf9c799 [ 552.685977][T11456] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 552.686000][T11456] RSP: 002b:00007fd18ce4b028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 552.686022][T11456] RAX: ffffffffffffffda RBX: 00007fd18c215fa0 RCX: 00007fd18bf9c799 [ 552.686038][T11456] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 552.686053][T11456] RBP: 00007fd18c032c99 R08: 0000000000000000 R09: 0000000000000000 [ 552.686068][T11456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 552.686082][T11456] R13: 00007fd18c216038 R14: 00007fd18c215fa0 R15: 00007ffffb3c0428 [ 552.686113][T11456] [ 553.771048][T11472] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 556.266024][T11507] random: crng reseeded on system resumption [ 556.321633][T11505] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12 [ 556.344888][T11509] bond0: invalid ARP target specified [ 556.384559][T11511] futex_wake_op: syz.0.1265 tries to shift op by -2048; fix this program [ 556.431110][T11509] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1267'. [ 556.759703][T11517] random: crng reseeded on system resumption [ 557.945321][T11538] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff81b108da (__mcheck_cpu_init_prepare_banks+0x18a/0x380) [ 557.961023][T11538] Call Trace: [ 557.964310][T11538] [ 557.967253][T11538] ? __pfx___mcheck_cpu_init_prepare_banks+0x10/0x10 [ 557.973962][T11538] ? __pfx_debug_object_deactivate+0x10/0x10 [ 557.979994][T11538] mce_cpu_restart+0xd5/0x1f0 [ 557.984702][T11538] ? __pfx_mce_cpu_restart+0x10/0x10 [ 557.990043][T11538] smp_call_function_many_cond+0x11fc/0x1500 [ 557.996045][T11538] ? __pfx_mce_cpu_restart+0x10/0x10 [ 558.001380][T11538] ? mark_held_locks+0x40/0x70 [ 558.006162][T11538] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 558.012015][T11538] ? lockdep_hardirqs_on+0x78/0x100 [ 558.017241][T11538] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 558.023079][T11538] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 558.029424][T11538] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 558.035425][T11538] ? __timer_delete_sync+0x151/0x1c0 [ 558.040751][T11538] ? __pfx_mce_cpu_restart+0x10/0x10 [ 558.046063][T11538] on_each_cpu_cond_mask+0x40/0x90 [ 558.051193][T11538] set_bank+0x240/0x3a0 [ 558.055372][T11538] ? __pfx_set_bank+0x10/0x10 [ 558.060070][T11538] ? find_held_lock+0x2b/0x80 [ 558.064756][T11538] ? sysfs_file_kobj+0xe4/0x290 [ 558.069645][T11538] ? sysfs_file_kobj+0xe4/0x290 [ 558.074512][T11538] ? __pfx_set_bank+0x10/0x10 [ 558.079211][T11538] dev_attr_store+0x58/0x80 [ 558.083819][T11538] ? __pfx_dev_attr_store+0x10/0x10 [ 558.089041][T11538] sysfs_kf_write+0xf2/0x150 [ 558.093649][T11538] kernfs_fop_write_iter+0x3e0/0x5f0 [ 558.098965][T11538] ? __pfx_sysfs_kf_write+0x10/0x10 [ 558.104212][T11538] vfs_write+0x6ac/0x1070 [ 558.108560][T11538] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 558.114411][T11538] ? __pfx_vfs_write+0x10/0x10 [ 558.119236][T11538] ksys_write+0x12a/0x250 [ 558.123589][T11538] ? __pfx_ksys_write+0x10/0x10 [ 558.128462][T11538] do_syscall_64+0x106/0xf80 [ 558.133092][T11538] ? clear_bhb_loop+0x40/0x90 [ 558.137804][T11538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 558.143714][T11538] RIP: 0033:0x7f29acf9c799 [ 558.148133][T11538] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 558.167753][T11538] RSP: 002b:00007f29addd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 558.176275][T11538] RAX: ffffffffffffffda RBX: 00007f29ad215fa0 RCX: 00007f29acf9c799 [ 558.184254][T11538] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000004 [ 558.192239][T11538] RBP: 00007f29ad032c99 R08: 0000000000000000 R09: 0000000000000000 [ 558.200220][T11538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 558.208201][T11538] R13: 00007f29ad216038 R14: 00007f29ad215fa0 R15: 00007ffdfd0e5e88 [ 558.216197][T11538] [ 559.174417][T11552] random: crng reseeded on system resumption [ 559.485060][T11547] FAULT_INJECTION: forcing a failure. [ 559.485060][T11547] name fail_futex, interval 1, probability 0, space 0, times 0 [ 559.559391][T11557] netlink: 'syz.0.1280': attribute type 15 has an invalid length. [ 559.654328][T11557] netlink: 'syz.0.1280': attribute type 16 has an invalid length. [ 559.692981][T11557] netlink: 194 bytes leftover after parsing attributes in process `syz.0.1280'. [ 559.705574][T11547] CPU: 0 UID: 0 PID: 11547 Comm: syz.1.1278 Tainted: G U L syzkaller #0 PREEMPT(full) [ 559.705613][T11547] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 559.705625][T11547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 559.705638][T11547] Call Trace: [ 559.705646][T11547] [ 559.705654][T11547] dump_stack_lvl+0x100/0x190 [ 559.705696][T11547] should_fail_ex.cold+0x5/0xa [ 559.705725][T11547] get_futex_key+0x295/0x1620 [ 559.705757][T11547] ? __pfx_get_futex_key+0x10/0x10 [ 559.705788][T11547] ? get_futex_key+0x507/0x1620 [ 559.705823][T11547] futex_wait_setup+0x83/0x510 [ 559.705868][T11547] futex_wait_requeue_pi+0x240/0x870 [ 559.705909][T11547] ? __pfx_futex_wait_requeue_pi+0x10/0x10 [ 559.705949][T11547] ? __pfx___futex_wait+0x10/0x10 [ 559.706013][T11547] ? __pfx_futex_wake_mark+0x10/0x10 [ 559.706057][T11547] ? ksys_write+0x190/0x250 [ 559.706078][T11547] ? ksys_write+0x190/0x250 [ 559.706104][T11547] do_futex+0x24f/0x350 [ 559.706142][T11547] ? __pfx_do_futex+0x10/0x10 [ 559.706182][T11547] __x64_sys_futex+0x34f/0x4d0 [ 559.706219][T11547] ? __pfx___x64_sys_futex+0x10/0x10 [ 559.706264][T11547] do_syscall_64+0x106/0xf80 [ 559.706294][T11547] ? clear_bhb_loop+0x40/0x90 [ 559.706325][T11547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 559.706351][T11547] RIP: 0033:0x7fad9239c799 [ 559.706370][T11547] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 559.706395][T11547] RSP: 002b:00007fad931f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 559.706418][T11547] RAX: ffffffffffffffda RBX: 00007fad92615fa0 RCX: 00007fad9239c799 [ 559.706436][T11547] RDX: 0000000000000001 RSI: 000000000000000b RDI: 0000200000000080 [ 559.706451][T11547] RBP: 00007fad92432c99 R08: 0000000000000000 R09: 00000000fffffffa [ 559.706467][T11547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 559.706482][T11547] R13: 00007fad92616038 R14: 00007fad92615fa0 R15: 00007ffdf4b3ae58 [ 559.706513][T11547] [ 559.957846][T11542] program syz.2.1275 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 560.246955][ T30] audit: type=1800 audit(1773189809.829:17): pid=11559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1281" name="trace_pipe" dev="tracefs" ino=4313 res=0 errno=0 [ 561.775749][ C0] sd 0:0:1:0: [sda] tag#1302 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 561.786259][ C0] sd 0:0:1:0: [sda] tag#1302 CDB: Read(6) 08 00 00 00 10 00 00 00 00 00 00 00 [ 561.815333][T11584] FAULT_INJECTION: forcing a failure. [ 561.815333][T11584] name failslab, interval 1, probability 0, space 0, times 0 [ 561.884283][T11584] CPU: 0 UID: 0 PID: 11584 Comm: syz.0.1287 Tainted: G U L syzkaller #0 PREEMPT(full) [ 561.884323][T11584] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 561.884333][T11584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 561.884347][T11584] Call Trace: [ 561.884355][T11584] [ 561.884364][T11584] dump_stack_lvl+0x100/0x190 [ 561.884409][T11584] should_fail_ex.cold+0x5/0xa [ 561.884438][T11584] should_failslab+0xc2/0x120 [ 561.884467][T11584] __kmalloc_cache_noprof+0x7a/0x6f0 [ 561.884500][T11584] ? snd_seq_prioq_new+0x3f/0x110 [ 561.884604][T11584] ? lockdep_init_map_type+0x5c/0x250 [ 561.884644][T11584] snd_seq_prioq_new+0x3f/0x110 [ 561.884673][T11584] snd_seq_queue_alloc+0x153/0x590 [ 561.884704][T11584] snd_seq_ioctl_create_queue+0xa9/0x370 [ 561.884757][T11584] call_seq_client_ctl+0xa3/0x130 [ 561.884795][T11584] snd_seq_kernel_client_ctl+0x77/0xd0 [ 561.884832][T11584] alloc_seq_queue+0xdb/0x180 [ 561.884886][T11584] ? __pfx_alloc_seq_queue+0x10/0x10 [ 561.884940][T11584] ? mark_held_locks+0x40/0x70 [ 561.884970][T11584] ? _raw_spin_unlock_irq+0x23/0x50 [ 561.884999][T11584] ? lockdep_hardirqs_on+0x78/0x100 [ 561.885032][T11584] snd_seq_oss_open+0x2b2/0xa10 [ 561.885075][T11584] odev_open+0x79/0xc0 [ 561.885107][T11584] ? __pfx_odev_open+0x10/0x10 [ 561.885141][T11584] soundcore_open+0x2e3/0x5a0 [ 561.885206][T11584] ? __pfx_soundcore_open+0x10/0x10 [ 561.885242][T11584] chrdev_open+0x234/0x6a0 [ 561.885267][T11584] ? __pfx_apparmor_file_open+0x10/0x10 [ 561.885306][T11584] ? __pfx_chrdev_open+0x10/0x10 [ 561.885333][T11584] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 561.885366][T11584] do_dentry_open+0x6d8/0x1660 [ 561.885389][T11584] ? __pfx_chrdev_open+0x10/0x10 [ 561.885422][T11584] vfs_open+0x82/0x3f0 [ 561.885456][T11584] path_openat+0x208c/0x31a0 [ 561.885491][T11584] ? __pfx_path_openat+0x10/0x10 [ 561.885533][T11584] do_file_open+0x20e/0x430 [ 561.885561][T11584] ? __pfx_do_file_open+0x10/0x10 [ 561.885608][T11584] ? alloc_fd+0x476/0x790 [ 561.885635][T11584] ? do_getname+0x191/0x390 [ 561.885669][T11584] do_sys_openat2+0x10d/0x1e0 [ 561.885702][T11584] ? __pfx_do_sys_openat2+0x10/0x10 [ 561.885736][T11584] ? __fget_files+0x21f/0x3d0 [ 561.885765][T11584] __x64_sys_openat+0x12d/0x210 [ 561.885799][T11584] ? __pfx___x64_sys_openat+0x10/0x10 [ 561.885844][T11584] do_syscall_64+0x106/0xf80 [ 561.885873][T11584] ? clear_bhb_loop+0x40/0x90 [ 561.885904][T11584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.885930][T11584] RIP: 0033:0x7fd18bf9c799 [ 561.885951][T11584] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 561.885976][T11584] RSP: 002b:00007fd18ce2a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 561.885999][T11584] RAX: ffffffffffffffda RBX: 00007fd18c216090 RCX: 00007fd18bf9c799 [ 561.886016][T11584] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 561.886032][T11584] RBP: 00007fd18c032c99 R08: 0000000000000000 R09: 0000000000000000 [ 561.886048][T11584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 561.886063][T11584] R13: 00007fd18c216128 R14: 00007fd18c216090 R15: 00007ffffb3c0428 [ 561.886095][T11584] [ 563.175367][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.184626][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.378778][T11597] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1290'. [ 563.493007][T11598] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1290'. [ 563.538853][T11596] bond0: invalid ARP target specified [ 563.707363][T11596] FAULT_INJECTION: forcing a failure. [ 563.707363][T11596] name failslab, interval 1, probability 0, space 0, times 0 [ 563.766055][T11596] CPU: 0 UID: 0 PID: 11596 Comm: syz.0.1290 Tainted: G U L syzkaller #0 PREEMPT(full) [ 563.766094][T11596] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 563.766103][T11596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 563.766118][T11596] Call Trace: [ 563.766126][T11596] [ 563.766135][T11596] dump_stack_lvl+0x100/0x190 [ 563.766177][T11596] should_fail_ex.cold+0x5/0xa [ 563.766206][T11596] should_failslab+0xc2/0x120 [ 563.766232][T11596] __kmalloc_cache_noprof+0x7a/0x6f0 [ 563.766265][T11596] ? bpf_prog_alloc_no_stats+0x15f/0x640 [ 563.766330][T11596] bpf_prog_alloc_no_stats+0x15f/0x640 [ 563.766371][T11596] bpf_prog_alloc+0x3b/0x200 [ 563.766409][T11596] bpf_prog_create_from_user+0xb4/0x2f0 [ 563.766446][T11596] ? __pfx_seccomp_check_filter+0x10/0x10 [ 563.766479][T11596] do_seccomp+0x7f7/0x2740 [ 563.766518][T11596] ? __pfx_do_seccomp+0x10/0x10 [ 563.766549][T11596] ? __x64_sys_openat+0x12d/0x210 [ 563.766582][T11596] ? xfd_validate_state+0x129/0x190 [ 563.766629][T11596] do_syscall_64+0x106/0xf80 [ 563.766659][T11596] ? clear_bhb_loop+0x40/0x90 [ 563.766689][T11596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.766715][T11596] RIP: 0033:0x7fd18bf9c799 [ 563.766734][T11596] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 563.766758][T11596] RSP: 002b:00007fd18ce4b028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 563.766782][T11596] RAX: ffffffffffffffda RBX: 00007fd18c215fa0 RCX: 00007fd18bf9c799 [ 563.766798][T11596] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 563.766814][T11596] RBP: 00007fd18c032c99 R08: 0000000000000000 R09: 0000000000000000 [ 563.766830][T11596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 563.766845][T11596] R13: 00007fd18c216038 R14: 00007fd18c215fa0 R15: 00007ffffb3c0428 [ 563.766876][T11596] [ 566.540077][T11621] FAULT_INJECTION: forcing a failure. [ 566.540077][T11621] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 566.635442][T11621] CPU: 0 UID: 0 PID: 11621 Comm: syz.0.1296 Tainted: G U L syzkaller #0 PREEMPT(full) [ 566.635483][T11621] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 566.635493][T11621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 566.635507][T11621] Call Trace: [ 566.635515][T11621] [ 566.635524][T11621] dump_stack_lvl+0x100/0x190 [ 566.635564][T11621] should_fail_ex.cold+0x5/0xa [ 566.635598][T11621] _copy_to_iter+0x1f3/0x1720 [ 566.635723][T11621] ? __pfx__copy_to_iter+0x10/0x10 [ 566.635764][T11621] ? __lock_acquire+0x4a5/0x2630 [ 566.635803][T11621] signalfd_copyinfo+0x404/0x780 [ 566.635832][T11621] ? __pfx_signalfd_copyinfo+0x10/0x10 [ 566.635860][T11621] ? do_raw_spin_lock+0x128/0x260 [ 566.635905][T11621] ? signalfd_read_iter+0x55f/0x750 [ 566.635932][T11621] ? rcu_is_watching+0x12/0xc0 [ 566.635968][T11621] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 566.635996][T11621] ? signalfd_read_iter+0x55f/0x750 [ 566.636025][T11621] signalfd_read_iter+0x342/0x750 [ 566.636060][T11621] ? __pfx_signalfd_read_iter+0x10/0x10 [ 566.636088][T11621] ? __pfx___might_resched+0x10/0x10 [ 566.636127][T11621] ? __pfx_default_wake_function+0x10/0x10 [ 566.636160][T11621] ? bpf_lsm_file_permission+0x9/0x10 [ 566.636206][T11621] ? security_file_permission+0x76/0x210 [ 566.636232][T11621] ? rw_verify_area+0xce/0x6d0 [ 566.636265][T11621] ? __pfx_signalfd_read_iter+0x10/0x10 [ 566.636295][T11621] vfs_read+0x825/0xb30 [ 566.636335][T11621] ? __pfx_vfs_read+0x10/0x10 [ 566.636370][T11621] ? find_held_lock+0x2b/0x80 [ 566.636409][T11621] ksys_read+0x12a/0x250 [ 566.636445][T11621] ? __pfx_ksys_read+0x10/0x10 [ 566.636494][T11621] do_syscall_64+0x106/0xf80 [ 566.636522][T11621] ? clear_bhb_loop+0x40/0x90 [ 566.636551][T11621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.636581][T11621] RIP: 0033:0x7fd18bf9c799 [ 566.636600][T11621] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 566.636624][T11621] RSP: 002b:00007fd18ce4b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 566.636646][T11621] RAX: ffffffffffffffda RBX: 00007fd18c215fa0 RCX: 00007fd18bf9c799 [ 566.636662][T11621] RDX: 0000000000001004 RSI: 0000200000001a40 RDI: 0000000000000004 [ 566.636677][T11621] RBP: 00007fd18ce4b090 R08: 0000000000000000 R09: 0000000000000000 [ 566.636692][T11621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 566.636707][T11621] R13: 00007fd18c216038 R14: 00007fd18c215fa0 R15: 00007ffffb3c0428 [ 566.636737][T11621] [ 567.758350][T11630] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 567.774964][T11629] dyndbg: expected <4096 bytes into control [ 567.930577][T11632] bond0: invalid ARP target specified [ 568.008152][T11632] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1300'. [ 568.152544][T11633] netlink: 'syz.0.1299': attribute type 2 has an invalid length. [ 568.606365][T11642] random: crng reseeded on system resumption [ 569.169583][T11638] FAULT_INJECTION: forcing a failure. [ 569.169583][T11638] name failslab, interval 1, probability 0, space 0, times 0 [ 569.270384][T11638] CPU: 0 UID: 0 PID: 11638 Comm: syz.3.1301 Tainted: G U L syzkaller #0 PREEMPT(full) [ 569.270432][T11638] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 569.270442][T11638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 569.270457][T11638] Call Trace: [ 569.270465][T11638] [ 569.270475][T11638] dump_stack_lvl+0x100/0x190 [ 569.270517][T11638] should_fail_ex.cold+0x5/0xa [ 569.270546][T11638] should_failslab+0xc2/0x120 [ 569.270572][T11638] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 569.270609][T11638] ? __kernfs_new_node+0xd2/0x960 [ 569.270652][T11638] __kernfs_new_node+0xd2/0x960 [ 569.270690][T11638] ? __pfx___kernfs_new_node+0x10/0x10 [ 569.270733][T11638] ? find_held_lock+0x2b/0x80 [ 569.270755][T11638] ? kernfs_root+0xee/0x2a0 [ 569.270788][T11638] ? kernfs_root+0xee/0x2a0 [ 569.270829][T11638] kernfs_new_node+0x11b/0x1a0 [ 569.270872][T11638] kernfs_create_dir_ns+0x4c/0x1a0 [ 569.270916][T11638] internal_create_group+0x36f/0xf40 [ 569.270957][T11638] ? kernfs_add_one+0x214/0x850 [ 569.270996][T11638] ? __pfx_internal_create_group+0x10/0x10 [ 569.271037][T11638] ? __pfx_dev_add_physical_location+0x10/0x10 [ 569.271165][T11638] ? bus_to_subsys+0x114/0x150 [ 569.271198][T11638] dpm_sysfs_add+0x80/0x280 [ 569.271271][T11638] device_add+0x9ef/0x1950 [ 569.271297][T11638] ? __pfx_device_add+0x10/0x10 [ 569.271332][T11638] nfc_register_device+0x41/0x3e0 [ 569.271366][T11638] nci_register_device+0x7f1/0xb80 [ 569.271410][T11638] ? __pfx_nci_register_device+0x10/0x10 [ 569.271460][T11638] ? lockdep_init_map_type+0x5c/0x250 [ 569.271499][T11638] virtual_ncidev_open+0x141/0x220 [ 569.271529][T11638] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 569.271558][T11638] misc_open+0x26d/0x450 [ 569.271582][T11638] ? __pfx_misc_open+0x10/0x10 [ 569.271604][T11638] chrdev_open+0x234/0x6a0 [ 569.271629][T11638] ? __pfx_apparmor_file_open+0x10/0x10 [ 569.271667][T11638] ? __pfx_chrdev_open+0x10/0x10 [ 569.271695][T11638] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 569.271727][T11638] do_dentry_open+0x6d8/0x1660 [ 569.271751][T11638] ? __pfx_chrdev_open+0x10/0x10 [ 569.271783][T11638] vfs_open+0x82/0x3f0 [ 569.271818][T11638] path_openat+0x208c/0x31a0 [ 569.271853][T11638] ? __pfx_path_openat+0x10/0x10 [ 569.271890][T11638] do_file_open+0x20e/0x430 [ 569.271917][T11638] ? __pfx_do_file_open+0x10/0x10 [ 569.271964][T11638] ? alloc_fd+0x476/0x790 [ 569.271991][T11638] ? do_getname+0x191/0x390 [ 569.272024][T11638] do_sys_openat2+0x10d/0x1e0 [ 569.272056][T11638] ? __pfx_do_sys_openat2+0x10/0x10 [ 569.272100][T11638] __x64_sys_openat+0x12d/0x210 [ 569.272133][T11638] ? __pfx___x64_sys_openat+0x10/0x10 [ 569.272178][T11638] do_syscall_64+0x106/0xf80 [ 569.272208][T11638] ? clear_bhb_loop+0x40/0x90 [ 569.272239][T11638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.272265][T11638] RIP: 0033:0x7f29acf9c799 [ 569.272285][T11638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 569.272309][T11638] RSP: 002b:00007f29addd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 569.272332][T11638] RAX: ffffffffffffffda RBX: 00007f29ad215fa0 RCX: 00007f29acf9c799 [ 569.272349][T11638] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 569.272364][T11638] RBP: 00007f29ad032c99 R08: 0000000000000000 R09: 0000000000000000 [ 569.272380][T11638] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 569.272396][T11638] R13: 00007f29ad216038 R14: 00007f29ad215fa0 R15: 00007ffdfd0e5e88 [ 569.272434][T11638] [ 571.262838][T11666] FAULT_INJECTION: forcing a failure. [ 571.262838][T11666] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 571.369591][T11666] CPU: 0 UID: 0 PID: 11666 Comm: syz.1.1303 Tainted: G U L syzkaller #0 PREEMPT(full) [ 571.369631][T11666] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 571.369641][T11666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 571.369655][T11666] Call Trace: [ 571.369663][T11666] [ 571.369672][T11666] dump_stack_lvl+0x100/0x190 [ 571.369713][T11666] should_fail_ex.cold+0x5/0xa [ 571.369741][T11666] _copy_to_user+0x32/0xd0 [ 571.369767][T11666] simple_read_from_buffer+0xcb/0x170 [ 571.369807][T11666] proc_fail_nth_read+0x1af/0x230 [ 571.369837][T11666] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 571.369868][T11666] ? rw_verify_area+0xce/0x6d0 [ 571.369902][T11666] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 571.369931][T11666] vfs_read+0x1e4/0xb30 [ 571.369968][T11666] ? __pfx_tty_ioctl+0x10/0x10 [ 571.370076][T11666] ? __pfx_vfs_read+0x10/0x10 [ 571.370119][T11666] ? do_handle_open+0x2ca/0xce0 [ 571.370151][T11666] ? hook_file_ioctl_common+0x146/0x410 [ 571.370199][T11666] ksys_read+0x12a/0x250 [ 571.370235][T11666] ? __pfx_ksys_read+0x10/0x10 [ 571.370273][T11666] ? __pfx_tty_ioctl+0x10/0x10 [ 571.370308][T11666] do_syscall_64+0x106/0xf80 [ 571.370337][T11666] ? clear_bhb_loop+0x40/0x90 [ 571.370366][T11666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.370390][T11666] RIP: 0033:0x7fad9235cfce [ 571.370410][T11666] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 571.370434][T11666] RSP: 002b:00007fad931f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 571.370457][T11666] RAX: ffffffffffffffda RBX: 00007fad931f66c0 RCX: 00007fad9235cfce [ 571.370473][T11666] RDX: 000000000000000f RSI: 00007fad931f60a0 RDI: 0000000000000007 [ 571.370488][T11666] RBP: 00007fad931f6090 R08: 0000000000000000 R09: 0000000000000000 [ 571.370503][T11666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 571.370517][T11666] R13: 00007fad92616038 R14: 00007fad92615fa0 R15: 00007ffdf4b3ae58 [ 571.370547][T11666] [ 576.926923][T11720] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 576.972725][T11720] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 577.002751][T11720] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 577.049183][T11720] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 577.104307][T11720] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 577.401347][T11730] ubi0: attaching mtd1 [ 577.474283][T11730] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 578.274475][ T7336] Bluetooth: hci0: command 0x0c1a tx timeout [ 578.995131][ T7336] Bluetooth: hci1: command 0x0c1a tx timeout [ 579.074300][ T7336] Bluetooth: hci3: command 0x0c1a tx timeout [ 579.080584][ T7336] Bluetooth: hci2: command 0x0c1a tx timeout [ 580.746622][T11768] ptrace attach of "./syz-executor exec"[5830] was attempted by "./syz-executor exec"[11768] [ 581.154218][T11756] Bluetooth: hci3: command 0x0c1a tx timeout [ 583.826370][T11815] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1337'. [ 583.896744][T11817] sd 0:0:1:0: PR command failed: 1026 [ 584.015212][T11817] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 584.113940][T11817] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 584.248476][T11825] FAULT_INJECTION: forcing a failure. [ 584.248476][T11825] name fail_futex, interval 1, probability 0, space 0, times 0 [ 584.261367][T11825] CPU: 0 UID: 0 PID: 11825 Comm: syz.2.1338 Tainted: G U L syzkaller #0 PREEMPT(full) [ 584.261405][T11825] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 584.261414][T11825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 584.261428][T11825] Call Trace: [ 584.261437][T11825] [ 584.261446][T11825] dump_stack_lvl+0x100/0x190 [ 584.261486][T11825] should_fail_ex.cold+0x5/0xa [ 584.261514][T11825] should_fail_futex+0x4c/0x60 [ 584.261543][T11825] futex_lock_pi_atomic+0x12d/0xaf0 [ 584.261584][T11825] futex_lock_pi+0x246/0x7b0 [ 584.261622][T11825] ? __pfx_futex_lock_pi+0x10/0x10 [ 584.261687][T11825] ? __pfx_futex_wake_mark+0x10/0x10 [ 584.261728][T11825] ? find_held_lock+0x2b/0x80 [ 584.261750][T11825] ? ksys_write+0x190/0x250 [ 584.261771][T11825] ? ksys_write+0x190/0x250 [ 584.261797][T11825] do_futex+0x18a/0x350 [ 584.261828][T11825] ? __pfx_do_futex+0x10/0x10 [ 584.261866][T11825] __x64_sys_futex+0x34f/0x4d0 [ 584.261899][T11825] ? fput+0x79/0x100 [ 584.261924][T11825] ? __pfx___x64_sys_futex+0x10/0x10 [ 584.261954][T11825] ? ksys_write+0x1ac/0x250 [ 584.261981][T11825] ? __pfx_ksys_write+0x10/0x10 [ 584.262010][T11825] do_syscall_64+0x106/0xf80 [ 584.262039][T11825] ? clear_bhb_loop+0x40/0x90 [ 584.262069][T11825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.262093][T11825] RIP: 0033:0x7f008b59c799 [ 584.262112][T11825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 584.262136][T11825] RSP: 002b:00007f008c392028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 584.262159][T11825] RAX: ffffffffffffffda RBX: 00007f008b816090 RCX: 00007f008b59c799 [ 584.262175][T11825] RDX: 0000000000000008 RSI: 0000000000000086 RDI: 0000000000000000 [ 584.262189][T11825] RBP: 00007f008c392090 R08: 0000000000000000 R09: 0000000000000007 [ 584.262205][T11825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 584.262220][T11825] R13: 00007f008b816128 R14: 00007f008b816090 R15: 00007ffc2e3bb708 [ 584.262250][T11825] [ 585.090728][T11838] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 585.219024][T11843] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1343'. [ 586.358114][T11858] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input11 [ 586.899355][T11862] random: crng reseeded on system resumption [ 588.057327][T11878] bond0: invalid ARP target specified [ 588.494756][T11880] bond0: invalid ARP target specified [ 588.558891][T11880] FAULT_INJECTION: forcing a failure. [ 588.558891][T11880] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 588.649221][T11880] CPU: 0 UID: 0 PID: 11880 Comm: syz.2.1351 Tainted: G U L syzkaller #0 PREEMPT(full) [ 588.649262][T11880] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 588.649272][T11880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 588.649287][T11880] Call Trace: [ 588.649295][T11880] [ 588.649305][T11880] dump_stack_lvl+0x100/0x190 [ 588.649346][T11880] should_fail_ex.cold+0x5/0xa [ 588.649371][T11880] ? prepare_alloc_pages+0x16d/0x5f0 [ 588.649402][T11880] should_fail_alloc_page+0xeb/0x140 [ 588.649430][T11880] prepare_alloc_pages+0x1f0/0x5f0 [ 588.649463][T11880] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 588.649508][T11880] ? __lock_acquire+0x4a5/0x2630 [ 588.649548][T11880] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 588.649590][T11880] ? do_raw_spin_lock+0x128/0x260 [ 588.649627][T11880] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 588.649663][T11880] ? find_held_lock+0x2b/0x80 [ 588.649694][T11880] ? __lock_acquire+0x4a5/0x2630 [ 588.649731][T11880] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 588.649775][T11880] ? policy_nodemask+0xed/0x4f0 [ 588.649803][T11880] alloc_pages_mpol+0x1fb/0x550 [ 588.649831][T11880] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 588.649858][T11880] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 588.649896][T11880] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 588.649941][T11880] folio_alloc_mpol_noprof+0x36/0x340 [ 588.649974][T11880] shmem_alloc_folio+0x135/0x160 [ 588.650007][T11880] shmem_alloc_and_add_folio+0x371/0xd40 [ 588.650051][T11880] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 588.650092][T11880] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 588.650137][T11880] shmem_get_folio_gfp+0x6ab/0x1900 [ 588.650181][T11880] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 588.650221][T11880] ? filemap_map_pages+0xe69/0x2020 [ 588.650266][T11880] shmem_fault+0x1f9/0xa20 [ 588.650303][T11880] ? __lock_acquire+0x4a5/0x2630 [ 588.650334][T11880] ? __pfx_shmem_fault+0x10/0x10 [ 588.650377][T11880] ? __pfx_filemap_map_pages+0x10/0x10 [ 588.650422][T11880] __do_fault+0x10d/0x550 [ 588.650448][T11880] do_fault+0xabb/0x1990 [ 588.650481][T11880] __handle_mm_fault+0x180f/0x2b60 [ 588.650519][T11880] ? mt_find+0x45e/0x8e0 [ 588.650554][T11880] ? __pfx___handle_mm_fault+0x10/0x10 [ 588.650587][T11880] ? __pfx_mt_find+0x10/0x10 [ 588.650635][T11880] ? find_vma+0xbf/0x140 [ 588.650657][T11880] ? __pfx_find_vma+0x10/0x10 [ 588.650684][T11880] handle_mm_fault+0x36d/0xa20 [ 588.650728][T11880] do_user_addr_fault+0x74c/0x12f0 [ 588.650778][T11880] exc_page_fault+0x6f/0xd0 [ 588.650809][T11880] asm_exc_page_fault+0x26/0x30 [ 588.650833][T11880] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 588.650873][T11880] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 cf 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 588.650899][T11880] RSP: 0018:ffffc90005a47d30 EFLAGS: 00050206 [ 588.650919][T11880] RAX: 0000000000000001 RBX: 0000000000001fe4 RCX: 0000000000006b84 [ 588.650935][T11880] RDX: 0000000000000001 RSI: 0000000000003000 RDI: ffffc90005a6407c [ 588.650951][T11880] RBP: 0000000000007ba0 R08: 0000000000000001 R09: fffff52000b4d57f [ 588.650966][T11880] R10: ffffc90005a6abff R11: 0000000000000000 R12: 0000000000000000 [ 588.650982][T11880] R13: ffffc90005a63060 R14: 0000000000007ba0 R15: ffffc90005a63060 [ 588.651011][T11880] _copy_from_user+0x98/0xd0 [ 588.651037][T11880] bpf_prog_create_from_user+0x109/0x2f0 [ 588.651073][T11880] ? __pfx_seccomp_check_filter+0x10/0x10 [ 588.651107][T11880] do_seccomp+0x7f7/0x2740 [ 588.651146][T11880] ? __pfx_do_seccomp+0x10/0x10 [ 588.651177][T11880] ? __x64_sys_openat+0x12d/0x210 [ 588.651211][T11880] ? xfd_validate_state+0x129/0x190 [ 588.651257][T11880] do_syscall_64+0x106/0xf80 [ 588.651286][T11880] ? clear_bhb_loop+0x40/0x90 [ 588.651316][T11880] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.651341][T11880] RIP: 0033:0x7f008b59c799 [ 588.651361][T11880] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 588.651385][T11880] RSP: 002b:00007f008c3b3028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 588.651406][T11880] RAX: ffffffffffffffda RBX: 00007f008b815fa0 RCX: 00007f008b59c799 [ 588.651422][T11880] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 588.651438][T11880] RBP: 00007f008b632c99 R08: 0000000000000000 R09: 0000000000000000 [ 588.651453][T11880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 588.651468][T11880] R13: 00007f008b816038 R14: 00007f008b815fa0 R15: 00007ffc2e3bb708 [ 588.651499][T11880] [ 589.981613][T11869] can: request_module (can-proto-3) failed. [ 590.756093][T11900] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 592.630992][T11935] bond0: invalid ARP target specified [ 592.694972][T11935] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1363'. [ 592.775034][T11942] FAULT_INJECTION: forcing a failure. [ 592.775034][T11942] name failslab, interval 1, probability 0, space 0, times 0 [ 592.863374][T11942] CPU: 0 UID: 0 PID: 11942 Comm: syz.2.1363 Tainted: G U L syzkaller #0 PREEMPT(full) [ 592.863416][T11942] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 592.863426][T11942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 592.863441][T11942] Call Trace: [ 592.863450][T11942] [ 592.863460][T11942] dump_stack_lvl+0x100/0x190 [ 592.863501][T11942] should_fail_ex.cold+0x5/0xa [ 592.863531][T11942] should_failslab+0xc2/0x120 [ 592.863557][T11942] __kmalloc_cache_noprof+0x7a/0x6f0 [ 592.863590][T11942] ? bpf_prog_alloc_no_stats+0x15f/0x640 [ 592.863634][T11942] bpf_prog_alloc_no_stats+0x15f/0x640 [ 592.863675][T11942] bpf_prog_alloc+0x3b/0x200 [ 592.863713][T11942] bpf_prog_create_from_user+0xb4/0x2f0 [ 592.863749][T11942] ? __pfx_seccomp_check_filter+0x10/0x10 [ 592.863782][T11942] do_seccomp+0x7f7/0x2740 [ 592.863827][T11942] ? __pfx_do_seccomp+0x10/0x10 [ 592.863859][T11942] ? __x64_sys_openat+0x12d/0x210 [ 592.863893][T11942] ? xfd_validate_state+0x129/0x190 [ 592.863939][T11942] do_syscall_64+0x106/0xf80 [ 592.863968][T11942] ? clear_bhb_loop+0x40/0x90 [ 592.863999][T11942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.864024][T11942] RIP: 0033:0x7f008b59c799 [ 592.864044][T11942] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 592.864068][T11942] RSP: 002b:00007f008c392028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 592.864092][T11942] RAX: ffffffffffffffda RBX: 00007f008b816090 RCX: 00007f008b59c799 [ 592.864112][T11942] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 592.864127][T11942] RBP: 00007f008b632c99 R08: 0000000000000000 R09: 0000000000000000 [ 592.864142][T11942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 592.864157][T11942] R13: 00007f008b816128 R14: 00007f008b816090 R15: 00007ffc2e3bb708 [ 592.864189][T11942] [ 593.971722][T11958] usb usb27: usbfs: interface 0 claimed by hub while 'syz.1.1366' sets config #131073 [ 594.724215][T11963] sd 0:0:1:0: PR command failed: 1026 [ 594.729661][T11963] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 594.883549][T11963] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 595.463238][T11975] ptrace attach of "./syz-executor exec"[5825] was attempted by "./syz-executor exec"[11975] [ 595.996740][T11980] bond0: invalid ARP target specified [ 596.976527][T11995] bond0: invalid ARP target specified [ 597.042757][T11995] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1375'. [ 597.164672][T11995] FAULT_INJECTION: forcing a failure. [ 597.164672][T11995] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 597.254651][T11995] CPU: 0 UID: 0 PID: 11995 Comm: syz.2.1375 Tainted: G U L syzkaller #0 PREEMPT(full) [ 597.254692][T11995] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 597.254702][T11995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 597.254717][T11995] Call Trace: [ 597.254725][T11995] [ 597.254735][T11995] dump_stack_lvl+0x100/0x190 [ 597.254778][T11995] should_fail_ex.cold+0x5/0xa [ 597.254816][T11995] ? prepare_alloc_pages+0x16d/0x5f0 [ 597.254848][T11995] should_fail_alloc_page+0xeb/0x140 [ 597.254882][T11995] prepare_alloc_pages+0x1f0/0x5f0 [ 597.254910][T11995] ? __kernel_text_address+0xd/0x30 [ 597.254951][T11995] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 597.254995][T11995] ? __lock_acquire+0x4a5/0x2630 [ 597.255027][T11995] ? stack_trace_save+0x8e/0xc0 [ 597.255051][T11995] ? __pfx_stack_trace_save+0x10/0x10 [ 597.255076][T11995] ? stack_depot_save_flags+0x27/0x9d0 [ 597.255105][T11995] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 597.255149][T11995] ? __lock_acquire+0x4a5/0x2630 [ 597.255184][T11995] ? __lock_acquire+0x4a5/0x2630 [ 597.255219][T11995] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 597.255262][T11995] ? policy_nodemask+0xed/0x4f0 [ 597.255290][T11995] alloc_pages_mpol+0x1fb/0x550 [ 597.255317][T11995] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 597.255351][T11995] folio_alloc_mpol_noprof+0x36/0x340 [ 597.255383][T11995] shmem_alloc_folio+0x135/0x160 [ 597.255415][T11995] shmem_alloc_and_add_folio+0x371/0xd40 [ 597.255460][T11995] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 597.255500][T11995] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 597.255545][T11995] shmem_get_folio_gfp+0x6ab/0x1900 [ 597.255589][T11995] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 597.255629][T11995] ? filemap_map_pages+0xe69/0x2020 [ 597.255670][T11995] shmem_fault+0x1f9/0xa20 [ 597.255706][T11995] ? __lock_acquire+0x4a5/0x2630 [ 597.255738][T11995] ? __pfx_shmem_fault+0x10/0x10 [ 597.255780][T11995] ? __pfx_filemap_map_pages+0x10/0x10 [ 597.255825][T11995] __do_fault+0x10d/0x550 [ 597.255851][T11995] do_fault+0xabb/0x1990 [ 597.255889][T11995] __handle_mm_fault+0x180f/0x2b60 [ 597.255928][T11995] ? mt_find+0x45e/0x8e0 [ 597.255962][T11995] ? __pfx___handle_mm_fault+0x10/0x10 [ 597.255994][T11995] ? __pfx_mt_find+0x10/0x10 [ 597.256042][T11995] ? find_vma+0xbf/0x140 [ 597.256064][T11995] ? __pfx_find_vma+0x10/0x10 [ 597.256091][T11995] handle_mm_fault+0x36d/0xa20 [ 597.256130][T11995] do_user_addr_fault+0x74c/0x12f0 [ 597.256180][T11995] exc_page_fault+0x6f/0xd0 [ 597.256210][T11995] asm_exc_page_fault+0x26/0x30 [ 597.256235][T11995] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 597.256274][T11995] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 cf 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 597.256298][T11995] RSP: 0018:ffffc90007327d30 EFLAGS: 00050206 [ 597.256318][T11995] RAX: 0000000000000001 RBX: 0000000000001fe4 RCX: 0000000000007ba0 [ 597.256333][T11995] RDX: 0000000000000001 RSI: 0000000000001fe4 RDI: ffffc90006398060 [ 597.256349][T11995] RBP: 0000000000007ba0 R08: 0000000000000001 R09: fffff52000c73f7f [ 597.256365][T11995] R10: ffffc9000639fbff R11: 0000000000000000 R12: 0000000000000000 [ 597.256381][T11995] R13: ffffc90006398060 R14: 0000000000007ba0 R15: ffffc90006398060 [ 597.256411][T11995] _copy_from_user+0x98/0xd0 [ 597.256437][T11995] bpf_prog_create_from_user+0x109/0x2f0 [ 597.256473][T11995] ? __pfx_seccomp_check_filter+0x10/0x10 [ 597.256507][T11995] do_seccomp+0x7f7/0x2740 [ 597.256546][T11995] ? __pfx_do_seccomp+0x10/0x10 [ 597.256578][T11995] ? __x64_sys_openat+0x12d/0x210 [ 597.256611][T11995] ? xfd_validate_state+0x129/0x190 [ 597.256658][T11995] do_syscall_64+0x106/0xf80 [ 597.256687][T11995] ? clear_bhb_loop+0x40/0x90 [ 597.256717][T11995] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.256742][T11995] RIP: 0033:0x7f008b59c799 [ 597.256762][T11995] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 597.256786][T11995] RSP: 002b:00007f008c3b3028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 597.256809][T11995] RAX: ffffffffffffffda RBX: 00007f008b815fa0 RCX: 00007f008b59c799 [ 597.256825][T11995] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 597.256841][T11995] RBP: 00007f008b632c99 R08: 0000000000000000 R09: 0000000000000000 [ 597.256856][T11995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 597.256878][T11995] R13: 00007f008b816038 R14: 00007f008b815fa0 R15: 00007ffc2e3bb708 [ 597.256909][T11995] [ 599.494357][T12019] FAULT_INJECTION: forcing a failure. [ 599.494357][T12019] name failslab, interval 1, probability 0, space 0, times 0 [ 599.587824][T12019] CPU: 0 UID: 0 PID: 12019 Comm: syz.2.1385 Tainted: G U L syzkaller #0 PREEMPT(full) [ 599.587865][T12019] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 599.587875][T12019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 599.587890][T12019] Call Trace: [ 599.587898][T12019] [ 599.587908][T12019] dump_stack_lvl+0x100/0x190 [ 599.587949][T12019] should_fail_ex.cold+0x5/0xa [ 599.587978][T12019] should_failslab+0xc2/0x120 [ 599.588005][T12019] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 599.588048][T12019] ? kasprintf+0xc7/0x100 [ 599.588074][T12019] ? __lock_acquire+0x4a5/0x2630 [ 599.588109][T12019] kvasprintf+0xbc/0x150 [ 599.588133][T12019] ? __pfx_kvasprintf+0x10/0x10 [ 599.588170][T12019] kasprintf+0xc7/0x100 [ 599.588194][T12019] ? __pfx_kasprintf+0x10/0x10 [ 599.588228][T12019] ? __is_module_percpu_address+0x1c2/0x430 [ 599.588268][T12019] alloc_workqueue_noprof+0x114/0x200 [ 599.588299][T12019] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 599.588337][T12019] ? __pfx___debug_object_init+0x10/0x10 [ 599.588381][T12019] nci_register_device+0x21e/0xb80 [ 599.588424][T12019] ? __pfx_nci_register_device+0x10/0x10 [ 599.588468][T12019] ? lockdep_init_map_type+0x5c/0x250 [ 599.588506][T12019] virtual_ncidev_open+0x141/0x220 [ 599.588536][T12019] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 599.588564][T12019] misc_open+0x26d/0x450 [ 599.588588][T12019] ? __pfx_misc_open+0x10/0x10 [ 599.588611][T12019] chrdev_open+0x234/0x6a0 [ 599.588636][T12019] ? __pfx_apparmor_file_open+0x10/0x10 [ 599.588674][T12019] ? __pfx_chrdev_open+0x10/0x10 [ 599.588700][T12019] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 599.588733][T12019] do_dentry_open+0x6d8/0x1660 [ 599.588757][T12019] ? __pfx_chrdev_open+0x10/0x10 [ 599.588790][T12019] vfs_open+0x82/0x3f0 [ 599.588824][T12019] path_openat+0x208c/0x31a0 [ 599.588859][T12019] ? __pfx_path_openat+0x10/0x10 [ 599.588896][T12019] do_file_open+0x20e/0x430 [ 599.588923][T12019] ? __pfx_do_file_open+0x10/0x10 [ 599.588970][T12019] ? alloc_fd+0x476/0x790 [ 599.588996][T12019] ? do_getname+0x191/0x390 [ 599.589029][T12019] do_sys_openat2+0x10d/0x1e0 [ 599.589062][T12019] ? __pfx_do_sys_openat2+0x10/0x10 [ 599.589105][T12019] __x64_sys_openat+0x12d/0x210 [ 599.589138][T12019] ? __pfx___x64_sys_openat+0x10/0x10 [ 599.589184][T12019] do_syscall_64+0x106/0xf80 [ 599.589219][T12019] ? clear_bhb_loop+0x40/0x90 [ 599.589250][T12019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.589276][T12019] RIP: 0033:0x7f008b59c799 [ 599.589296][T12019] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 599.589321][T12019] RSP: 002b:00007f008c3b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 599.589344][T12019] RAX: ffffffffffffffda RBX: 00007f008b815fa0 RCX: 00007f008b59c799 [ 599.589361][T12019] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 599.589377][T12019] RBP: 00007f008b632c99 R08: 0000000000000000 R09: 0000000000000000 [ 599.589392][T12019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 599.589407][T12019] R13: 00007f008b816038 R14: 00007f008b815fa0 R15: 00007ffc2e3bb708 [ 599.589439][T12019] [ 601.869269][T12041] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1387'. [ 601.926214][T12043] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(8) [ 601.976450][T12043] futex_wake_op: syz.0.1389 tries to shift op by -2048; fix this program [ 602.232725][T12046] FAULT_INJECTION: forcing a failure. [ 602.232725][T12046] name fail_futex, interval 1, probability 0, space 0, times 0 [ 602.351633][T12046] CPU: 0 UID: 0 PID: 12046 Comm: syz.3.1386 Tainted: G U L syzkaller #0 PREEMPT(full) [ 602.351676][T12046] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 602.351686][T12046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 602.351701][T12046] Call Trace: [ 602.351710][T12046] [ 602.351719][T12046] dump_stack_lvl+0x100/0x190 [ 602.351761][T12046] should_fail_ex.cold+0x5/0xa [ 602.351790][T12046] get_futex_key+0x1d2/0x1620 [ 602.351824][T12046] ? __pfx_get_futex_key+0x10/0x10 [ 602.351864][T12046] futex_wake+0xea/0x530 [ 602.351903][T12046] ? __pfx_futex_wake+0x10/0x10 [ 602.351944][T12046] ? putname+0xb1/0x110 [ 602.351968][T12046] ? kmem_cache_free+0x124/0x6a0 [ 602.352001][T12046] ? do_sys_openat2+0x1b4/0x1e0 [ 602.352038][T12046] do_futex+0x32b/0x350 [ 602.352069][T12046] ? __pfx_do_futex+0x10/0x10 [ 602.352099][T12046] ? __pfx_do_sys_openat2+0x10/0x10 [ 602.352133][T12046] ? do_raw_spin_lock+0x128/0x260 [ 602.352173][T12046] __x64_sys_futex+0x34f/0x4d0 [ 602.352207][T12046] ? __x64_sys_openat+0x12d/0x210 [ 602.352240][T12046] ? __pfx___x64_sys_futex+0x10/0x10 [ 602.352283][T12046] do_syscall_64+0x106/0xf80 [ 602.352314][T12046] ? clear_bhb_loop+0x40/0x90 [ 602.352344][T12046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 602.352370][T12046] RIP: 0033:0x7f29acf9c799 [ 602.352389][T12046] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 602.352414][T12046] RSP: 002b:00007f29addb70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 602.352437][T12046] RAX: ffffffffffffffda RBX: 00007f29ad216098 RCX: 00007f29acf9c799 [ 602.352454][T12046] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f29ad21609c [ 602.352470][T12046] RBP: 00007f29ad216090 R08: 0000000000000000 R09: 0000000000000000 [ 602.352485][T12046] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 602.352501][T12046] R13: 00007f29ad216128 R14: 00007ffdfd0e5da0 R15: 00007ffdfd0e5e88 [ 602.352532][T12046] [ 605.633809][T12079] FAULT_INJECTION: forcing a failure. [ 605.633809][T12079] name failslab, interval 1, probability 0, space 0, times 0 [ 605.788782][T12079] CPU: 0 UID: 0 PID: 12079 Comm: syz.0.1397 Tainted: G U L syzkaller #0 PREEMPT(full) [ 605.788823][T12079] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 605.788833][T12079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 605.788848][T12079] Call Trace: [ 605.788856][T12079] [ 605.788866][T12079] dump_stack_lvl+0x100/0x190 [ 605.788907][T12079] should_fail_ex.cold+0x5/0xa [ 605.788937][T12079] should_failslab+0xc2/0x120 [ 605.788963][T12079] __kmalloc_cache_noprof+0x7a/0x6f0 [ 605.788995][T12079] ? __alloc_workqueue+0x1a0/0x1880 [ 605.789032][T12079] __alloc_workqueue+0x1a0/0x1880 [ 605.789060][T12079] ? __pfx_vsnprintf+0x10/0x10 [ 605.789088][T12079] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 605.789120][T12079] ? lockdep_hardirqs_on+0x78/0x100 [ 605.789150][T12079] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 605.789181][T12079] alloc_workqueue_noprof+0xd2/0x200 [ 605.789211][T12079] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 605.789255][T12079] ? __pfx___debug_object_init+0x10/0x10 [ 605.789300][T12079] nci_register_device+0x511/0xb80 [ 605.789342][T12079] ? __pfx_nci_register_device+0x10/0x10 [ 605.789386][T12079] ? lockdep_init_map_type+0x5c/0x250 [ 605.789425][T12079] virtual_ncidev_open+0x141/0x220 [ 605.789455][T12079] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 605.789483][T12079] misc_open+0x26d/0x450 [ 605.789506][T12079] ? __pfx_misc_open+0x10/0x10 [ 605.789530][T12079] chrdev_open+0x234/0x6a0 [ 605.789554][T12079] ? __pfx_apparmor_file_open+0x10/0x10 [ 605.789592][T12079] ? __pfx_chrdev_open+0x10/0x10 [ 605.789619][T12079] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 605.789651][T12079] do_dentry_open+0x6d8/0x1660 [ 605.789674][T12079] ? __pfx_chrdev_open+0x10/0x10 [ 605.789706][T12079] vfs_open+0x82/0x3f0 [ 605.789741][T12079] path_openat+0x208c/0x31a0 [ 605.789776][T12079] ? __pfx_path_openat+0x10/0x10 [ 605.789812][T12079] do_file_open+0x20e/0x430 [ 605.789839][T12079] ? __pfx_do_file_open+0x10/0x10 [ 605.789886][T12079] ? alloc_fd+0x476/0x790 [ 605.789912][T12079] ? do_getname+0x191/0x390 [ 605.789945][T12079] do_sys_openat2+0x10d/0x1e0 [ 605.789977][T12079] ? __pfx_do_sys_openat2+0x10/0x10 [ 605.790021][T12079] __x64_sys_openat+0x12d/0x210 [ 605.790054][T12079] ? __pfx___x64_sys_openat+0x10/0x10 [ 605.790099][T12079] do_syscall_64+0x106/0xf80 [ 605.790127][T12079] ? clear_bhb_loop+0x40/0x90 [ 605.790158][T12079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.790184][T12079] RIP: 0033:0x7fd18bf9c799 [ 605.790205][T12079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 605.790236][T12079] RSP: 002b:00007fd18ce4b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 605.790260][T12079] RAX: ffffffffffffffda RBX: 00007fd18c215fa0 RCX: 00007fd18bf9c799 [ 605.790277][T12079] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 605.790294][T12079] RBP: 00007fd18c032c99 R08: 0000000000000000 R09: 0000000000000000 [ 605.790310][T12079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 605.790325][T12079] R13: 00007fd18c216038 R14: 00007fd18c215fa0 R15: 00007ffffb3c0428 [ 605.790357][T12079] [ 606.734679][T12091] FAULT_INJECTION: forcing a failure. [ 606.734679][T12091] name failslab, interval 1, probability 0, space 0, times 0 [ 606.775752][T12091] CPU: 0 UID: 0 PID: 12091 Comm: syz.2.1400 Tainted: G U L syzkaller #0 PREEMPT(full) [ 606.775792][T12091] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 606.775802][T12091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 606.775817][T12091] Call Trace: [ 606.775825][T12091] [ 606.775834][T12091] dump_stack_lvl+0x100/0x190 [ 606.775876][T12091] should_fail_ex.cold+0x5/0xa [ 606.775906][T12091] should_failslab+0xc2/0x120 [ 606.775933][T12091] __kmalloc_cache_noprof+0x7a/0x6f0 [ 606.775965][T12091] ? nfc_allocate_device+0x15b/0x5e0 [ 606.776002][T12091] nfc_allocate_device+0x15b/0x5e0 [ 606.776030][T12091] ? __init_swait_queue_head+0xca/0x150 [ 606.776073][T12091] nci_allocate_device+0x23b/0x410 [ 606.776121][T12091] virtual_ncidev_open+0x6f/0x220 [ 606.776152][T12091] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 606.776180][T12091] misc_open+0x26d/0x450 [ 606.776204][T12091] ? __pfx_misc_open+0x10/0x10 [ 606.776226][T12091] chrdev_open+0x234/0x6a0 [ 606.776251][T12091] ? __pfx_apparmor_file_open+0x10/0x10 [ 606.776288][T12091] ? __pfx_chrdev_open+0x10/0x10 [ 606.776315][T12091] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 606.776347][T12091] do_dentry_open+0x6d8/0x1660 [ 606.776372][T12091] ? __pfx_chrdev_open+0x10/0x10 [ 606.776404][T12091] vfs_open+0x82/0x3f0 [ 606.776437][T12091] path_openat+0x208c/0x31a0 [ 606.776472][T12091] ? __pfx_path_openat+0x10/0x10 [ 606.776509][T12091] do_file_open+0x20e/0x430 [ 606.776536][T12091] ? __pfx_do_file_open+0x10/0x10 [ 606.776582][T12091] ? alloc_fd+0x476/0x790 [ 606.776609][T12091] ? do_getname+0x191/0x390 [ 606.776642][T12091] do_sys_openat2+0x10d/0x1e0 [ 606.776674][T12091] ? __pfx_do_sys_openat2+0x10/0x10 [ 606.776707][T12091] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 606.776752][T12091] __x64_sys_openat+0x12d/0x210 [ 606.776788][T12091] ? __pfx___x64_sys_openat+0x10/0x10 [ 606.776833][T12091] do_syscall_64+0x106/0xf80 [ 606.776862][T12091] ? clear_bhb_loop+0x40/0x90 [ 606.776892][T12091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 606.776918][T12091] RIP: 0033:0x7f008b59c799 [ 606.776937][T12091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 606.776961][T12091] RSP: 002b:00007f008c3b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 606.776984][T12091] RAX: ffffffffffffffda RBX: 00007f008b815fa0 RCX: 00007f008b59c799 [ 606.777002][T12091] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 606.777017][T12091] RBP: 00007f008b632c99 R08: 0000000000000000 R09: 0000000000000000 [ 606.777032][T12091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 606.777047][T12091] R13: 00007f008b816038 R14: 00007f008b815fa0 R15: 00007ffc2e3bb708 [ 606.777079][T12091] [ 607.603338][T12101] random: crng reseeded on system resumption [ 608.607996][T12118] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 610.555840][T12132] random: crng reseeded on system resumption [ 610.959955][T12132] sd 0:0:1:0: PR command failed: 1026 [ 611.044244][T12132] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 611.139130][T12135] FAULT_INJECTION: forcing a failure. [ 611.139130][T12135] name failslab, interval 1, probability 0, space 0, times 0 [ 611.174716][T12132] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 611.222526][T12135] CPU: 0 UID: 0 PID: 12135 Comm: syz.0.1410 Tainted: G U L syzkaller #0 PREEMPT(full) [ 611.222566][T12135] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 611.222576][T12135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 611.222591][T12135] Call Trace: [ 611.222600][T12135] [ 611.222609][T12135] dump_stack_lvl+0x100/0x190 [ 611.222650][T12135] should_fail_ex.cold+0x5/0xa [ 611.222679][T12135] should_failslab+0xc2/0x120 [ 611.222705][T12135] __kmalloc_cache_noprof+0x7a/0x6f0 [ 611.222738][T12135] ? virtual_ncidev_open+0x49/0x220 [ 611.222773][T12135] virtual_ncidev_open+0x49/0x220 [ 611.222802][T12135] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 611.222829][T12135] misc_open+0x26d/0x450 [ 611.222853][T12135] ? __pfx_misc_open+0x10/0x10 [ 611.222875][T12135] chrdev_open+0x234/0x6a0 [ 611.222899][T12135] ? __pfx_apparmor_file_open+0x10/0x10 [ 611.222937][T12135] ? __pfx_chrdev_open+0x10/0x10 [ 611.222968][T12135] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 611.223001][T12135] do_dentry_open+0x6d8/0x1660 [ 611.223024][T12135] ? __pfx_chrdev_open+0x10/0x10 [ 611.223057][T12135] vfs_open+0x82/0x3f0 [ 611.223091][T12135] path_openat+0x208c/0x31a0 [ 611.223126][T12135] ? __pfx_path_openat+0x10/0x10 [ 611.223167][T12135] do_file_open+0x20e/0x430 [ 611.223195][T12135] ? __pfx_do_file_open+0x10/0x10 [ 611.223241][T12135] ? alloc_fd+0x476/0x790 [ 611.223268][T12135] ? do_getname+0x191/0x390 [ 611.223302][T12135] do_sys_openat2+0x10d/0x1e0 [ 611.223335][T12135] ? __pfx_do_sys_openat2+0x10/0x10 [ 611.223379][T12135] __x64_sys_openat+0x12d/0x210 [ 611.223412][T12135] ? __pfx___x64_sys_openat+0x10/0x10 [ 611.223457][T12135] do_syscall_64+0x106/0xf80 [ 611.223487][T12135] ? clear_bhb_loop+0x40/0x90 [ 611.223517][T12135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 611.223543][T12135] RIP: 0033:0x7fd18bf9c799 [ 611.223563][T12135] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 611.223587][T12135] RSP: 002b:00007fd18ce4b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 611.223610][T12135] RAX: ffffffffffffffda RBX: 00007fd18c215fa0 RCX: 00007fd18bf9c799 [ 611.223627][T12135] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 611.223643][T12135] RBP: 00007fd18c032c99 R08: 0000000000000000 R09: 0000000000000000 [ 611.223658][T12135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 611.223673][T12135] R13: 00007fd18c216038 R14: 00007fd18c215fa0 R15: 00007ffffb3c0428 [ 611.223705][T12135] [ 612.926648][T12141] FAULT_INJECTION: forcing a failure. [ 612.926648][T12141] name failslab, interval 1, probability 0, space 0, times 0 [ 612.984508][T12141] CPU: 0 UID: 0 PID: 12141 Comm: syz.0.1412 Tainted: G U L syzkaller #0 PREEMPT(full) [ 612.984553][T12141] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 612.984562][T12141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 612.984577][T12141] Call Trace: [ 612.984585][T12141] [ 612.984594][T12141] dump_stack_lvl+0x100/0x190 [ 612.984634][T12141] should_fail_ex.cold+0x5/0xa [ 612.984662][T12141] should_failslab+0xc2/0x120 [ 612.984687][T12141] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 612.984724][T12141] ? taskstats_exit+0x650/0xbd0 [ 612.984767][T12141] taskstats_exit+0x650/0xbd0 [ 612.984804][T12141] ? __pfx_acct_update_integrals+0x10/0x10 [ 612.984844][T12141] ? __pfx_taskstats_exit+0x10/0x10 [ 612.984883][T12141] ? rcu_read_lock_any_held+0x6a/0xa0 [ 612.984906][T12141] ? exit_signals+0x395/0xaf0 [ 612.984934][T12141] do_exit+0x659/0x2b60 [ 612.984963][T12141] ? __pfx___might_resched+0x10/0x10 [ 612.985003][T12141] ? __pfx_do_exit+0x10/0x10 [ 612.985033][T12141] ? do_raw_spin_lock+0x128/0x260 [ 612.985068][T12141] ? find_held_lock+0x2b/0x80 [ 612.985090][T12141] ? get_signal+0x7e0/0x21e0 [ 612.985116][T12141] do_group_exit+0xd5/0x2a0 [ 612.985150][T12141] get_signal+0x1ec7/0x21e0 [ 612.985179][T12141] ? task_work_add+0x201/0x3b0 [ 612.985216][T12141] ? __pfx_get_signal+0x10/0x10 [ 612.985242][T12141] ? __pfx_vfs_read+0x10/0x10 [ 612.985283][T12141] arch_do_signal_or_restart+0x91/0x770 [ 612.985312][T12141] ? __pfx___fput_deferred+0x10/0x10 [ 612.985341][T12141] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 612.985379][T12141] ? ksys_read+0x1ac/0x250 [ 612.985421][T12141] exit_to_user_mode_loop+0x86/0x4a0 [ 612.985454][T12141] do_syscall_64+0x668/0xf80 [ 612.985483][T12141] ? clear_bhb_loop+0x40/0x90 [ 612.985512][T12141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.985537][T12141] RIP: 0033:0x7fd18bf9c799 [ 612.985561][T12141] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 612.985584][T12141] RSP: 002b:00007fd18ce4b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 612.985606][T12141] RAX: fffffffffffffe00 RBX: 00007fd18c215fa0 RCX: 00007fd18bf9c799 [ 612.985622][T12141] RDX: 0000000000001004 RSI: 0000200000001a40 RDI: 0000000000000004 [ 612.985637][T12141] RBP: 00007fd18ce4b090 R08: 0000000000000000 R09: 0000000000000000 [ 612.985652][T12141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 612.985666][T12141] R13: 00007fd18c216038 R14: 00007fd18c215fa0 R15: 00007ffffb3c0428 [ 612.985696][T12141] [ 613.519394][T12147] random: crng reseeded on system resumption [ 615.371036][T12173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1421'. [ 615.915401][T12179] sd 0:0:1:0: PR command failed: 1026 [ 615.941281][T12179] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 615.991772][T12179] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 617.486622][T12208] ptrace attach of "./syz-executor exec"[5831] was attempted by "./syz-executor exec"[12208] [ 619.050191][T12217] random: crng reseeded on system resumption [ 620.186983][T12233] random: crng reseeded on system resumption [ 620.820796][T12237] serio: Serial port ttyS2 [ 620.862962][T12239] FAULT_INJECTION: forcing a failure. [ 620.862962][T12239] name failslab, interval 1, probability 0, space 0, times 0 [ 620.916896][T12239] CPU: 0 UID: 0 PID: 12239 Comm: syz.3.1437 Tainted: G U L syzkaller #0 PREEMPT(full) [ 620.916937][T12239] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 620.916947][T12239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 620.916962][T12239] Call Trace: [ 620.916971][T12239] [ 620.916980][T12239] dump_stack_lvl+0x100/0x190 [ 620.917022][T12239] should_fail_ex.cold+0x5/0xa [ 620.917052][T12239] should_failslab+0xc2/0x120 [ 620.917079][T12239] __kmalloc_cache_noprof+0x7a/0x6f0 [ 620.917135][T12239] ? virtual_ncidev_open+0x49/0x220 [ 620.917170][T12239] virtual_ncidev_open+0x49/0x220 [ 620.917202][T12239] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 620.917230][T12239] misc_open+0x26d/0x450 [ 620.917254][T12239] ? __pfx_misc_open+0x10/0x10 [ 620.917277][T12239] chrdev_open+0x234/0x6a0 [ 620.917301][T12239] ? __pfx_apparmor_file_open+0x10/0x10 [ 620.917339][T12239] ? __pfx_chrdev_open+0x10/0x10 [ 620.917365][T12239] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 620.917398][T12239] do_dentry_open+0x6d8/0x1660 [ 620.917422][T12239] ? __pfx_chrdev_open+0x10/0x10 [ 620.917455][T12239] vfs_open+0x82/0x3f0 [ 620.917488][T12239] path_openat+0x208c/0x31a0 [ 620.917524][T12239] ? __pfx_path_openat+0x10/0x10 [ 620.917560][T12239] do_file_open+0x20e/0x430 [ 620.917588][T12239] ? __pfx_do_file_open+0x10/0x10 [ 620.917634][T12239] ? alloc_fd+0x476/0x790 [ 620.917661][T12239] ? do_getname+0x191/0x390 [ 620.917694][T12239] do_sys_openat2+0x10d/0x1e0 [ 620.917727][T12239] ? __pfx_do_sys_openat2+0x10/0x10 [ 620.917770][T12239] __x64_sys_openat+0x12d/0x210 [ 620.917804][T12239] ? __pfx___x64_sys_openat+0x10/0x10 [ 620.917854][T12239] do_syscall_64+0x106/0xf80 [ 620.917884][T12239] ? clear_bhb_loop+0x40/0x90 [ 620.917915][T12239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.917941][T12239] RIP: 0033:0x7f29acf9c799 [ 620.917961][T12239] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 620.917985][T12239] RSP: 002b:00007f29addb7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 620.918008][T12239] RAX: ffffffffffffffda RBX: 00007f29ad216090 RCX: 00007f29acf9c799 [ 620.918025][T12239] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 620.918041][T12239] RBP: 00007f29ad032c99 R08: 0000000000000000 R09: 0000000000000000 [ 620.918056][T12239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.918071][T12239] R13: 00007f29ad216128 R14: 00007f29ad216090 R15: 00007ffdfd0e5e88 [ 620.918103][T12239] [ 623.815652][T12263] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 623.858575][T12267] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 624.524507][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.530837][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.961609][T12288] random: crng reseeded on system resumption [ 626.320280][T12294] ovs_: entered promiscuous mode [ 628.482542][T11756] Bluetooth: hci2: unexpected event 0x20 length: 123 > 7 [ 628.715066][T12328] [ 630.738586][T12359] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1462'. [ 632.475026][T12382] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1469'. [ 634.126791][T12403] ovs_: entered promiscuous mode [ 635.887571][T12431] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 636.134778][T12439] syz.3.1479 uses obsolete (PF_INET,SOCK_PACKET) [ 637.381961][T12449] random: crng reseeded on system resumption [ 638.982004][T12462] ovs_: entered promiscuous mode [ 639.781411][T12479] bond0: invalid ARP target specified [ 639.849266][T12479] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1487'. [ 639.861704][T12451] can: request_module (can-proto-3) failed. [ 639.939271][ T30] audit: type=1800 audit(1773255426.838:18): pid=12482 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1487" name="features" dev="configfs" ino=186502 res=0 errno=0 [ 639.986088][T12479] FAULT_INJECTION: forcing a failure. [ 639.986088][T12479] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 640.026201][T12481] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input12 [ 640.102260][T12479] CPU: 0 UID: 0 PID: 12479 Comm: syz.2.1487 Tainted: G U L syzkaller #0 PREEMPT(full) [ 640.102301][T12479] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 640.102310][T12479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 640.102325][T12479] Call Trace: [ 640.102333][T12479] [ 640.102343][T12479] dump_stack_lvl+0x100/0x190 [ 640.102386][T12479] should_fail_ex.cold+0x5/0xa [ 640.102411][T12479] ? prepare_alloc_pages+0x16d/0x5f0 [ 640.102442][T12479] should_fail_alloc_page+0xeb/0x140 [ 640.102470][T12479] prepare_alloc_pages+0x1f0/0x5f0 [ 640.102503][T12479] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 640.102549][T12479] ? __lock_acquire+0x4a5/0x2630 [ 640.102589][T12479] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 640.102631][T12479] ? do_raw_spin_lock+0x128/0x260 [ 640.102668][T12479] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 640.102705][T12479] ? find_held_lock+0x2b/0x80 [ 640.102736][T12479] ? __lock_acquire+0x4a5/0x2630 [ 640.102767][T12479] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 640.102811][T12479] ? policy_nodemask+0xed/0x4f0 [ 640.102839][T12479] alloc_pages_mpol+0x1fb/0x550 [ 640.102867][T12479] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 640.102894][T12479] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 640.102933][T12479] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 640.102980][T12479] folio_alloc_mpol_noprof+0x36/0x340 [ 640.103013][T12479] shmem_alloc_folio+0x135/0x160 [ 640.103046][T12479] shmem_alloc_and_add_folio+0x371/0xd40 [ 640.103091][T12479] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 640.103132][T12479] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 640.103177][T12479] shmem_get_folio_gfp+0x6ab/0x1900 [ 640.103227][T12479] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 640.103268][T12479] ? filemap_map_pages+0xe69/0x2020 [ 640.103316][T12479] shmem_fault+0x1f9/0xa20 [ 640.103352][T12479] ? __lock_acquire+0x4a5/0x2630 [ 640.103384][T12479] ? __pfx_shmem_fault+0x10/0x10 [ 640.103426][T12479] ? __pfx_filemap_map_pages+0x10/0x10 [ 640.103472][T12479] __do_fault+0x10d/0x550 [ 640.103498][T12479] do_fault+0xabb/0x1990 [ 640.103531][T12479] __handle_mm_fault+0x180f/0x2b60 [ 640.103569][T12479] ? mt_find+0x45e/0x8e0 [ 640.103604][T12479] ? __pfx___handle_mm_fault+0x10/0x10 [ 640.103635][T12479] ? __pfx_mt_find+0x10/0x10 [ 640.103683][T12479] ? find_vma+0xbf/0x140 [ 640.103706][T12479] ? __pfx_find_vma+0x10/0x10 [ 640.103732][T12479] handle_mm_fault+0x36d/0xa20 [ 640.103771][T12479] do_user_addr_fault+0x74c/0x12f0 [ 640.103821][T12479] exc_page_fault+0x6f/0xd0 [ 640.103851][T12479] asm_exc_page_fault+0x26/0x30 [ 640.103876][T12479] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 640.103915][T12479] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 cf 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 640.103939][T12479] RSP: 0018:ffffc900050dfd30 EFLAGS: 00050206 [ 640.103959][T12479] RAX: 0000000000000001 RBX: 0000000000001fe4 RCX: 0000000000005b84 [ 640.103975][T12479] RDX: 0000000000000001 RSI: 0000000000004000 RDI: ffffc90004ffa07c [ 640.103990][T12479] RBP: 0000000000007ba0 R08: 0000000000000001 R09: fffff520009fff7f [ 640.104006][T12479] R10: ffffc90004fffbff R11: 0000000000000000 R12: 0000000000000000 [ 640.104021][T12479] R13: ffffc90004ff8060 R14: 0000000000007ba0 R15: ffffc90004ff8060 [ 640.104052][T12479] _copy_from_user+0x98/0xd0 [ 640.104078][T12479] bpf_prog_create_from_user+0x109/0x2f0 [ 640.104114][T12479] ? __pfx_seccomp_check_filter+0x10/0x10 [ 640.104149][T12479] do_seccomp+0x7f7/0x2740 [ 640.104189][T12479] ? __pfx_do_seccomp+0x10/0x10 [ 640.104225][T12479] ? __x64_sys_openat+0x12d/0x210 [ 640.104262][T12479] ? xfd_validate_state+0x129/0x190 [ 640.104308][T12479] do_syscall_64+0x106/0xf80 [ 640.104336][T12479] ? clear_bhb_loop+0x40/0x90 [ 640.104367][T12479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.104392][T12479] RIP: 0033:0x7f008b59c799 [ 640.104412][T12479] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 640.104435][T12479] RSP: 002b:00007f008c3b3028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 640.104457][T12479] RAX: ffffffffffffffda RBX: 00007f008b815fa0 RCX: 00007f008b59c799 [ 640.104474][T12479] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 640.104490][T12479] RBP: 00007f008b632c99 R08: 0000000000000000 R09: 0000000000000000 [ 640.104505][T12479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 640.104520][T12479] R13: 00007f008b816038 R14: 00007f008b815fa0 R15: 00007ffc2e3bb708 [ 640.104553][T12479] [ 641.038664][T12486] FAULT_INJECTION: forcing a failure. [ 641.038664][T12486] name failslab, interval 1, probability 0, space 0, times 0 [ 641.094223][T12486] CPU: 0 UID: 0 PID: 12486 Comm: syz.3.1489 Tainted: G U L syzkaller #0 PREEMPT(full) [ 641.094264][T12486] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 641.094274][T12486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 641.094290][T12486] Call Trace: [ 641.094298][T12486] [ 641.094308][T12486] dump_stack_lvl+0x100/0x190 [ 641.094350][T12486] should_fail_ex.cold+0x5/0xa [ 641.094379][T12486] should_failslab+0xc2/0x120 [ 641.094406][T12486] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 641.094444][T12486] ? __kernfs_new_node+0xd2/0x960 [ 641.094485][T12486] __kernfs_new_node+0xd2/0x960 [ 641.094521][T12486] ? __lock_acquire+0x4a5/0x2630 [ 641.094554][T12486] ? __pfx___kernfs_new_node+0x10/0x10 [ 641.094595][T12486] ? find_held_lock+0x2b/0x80 [ 641.094618][T12486] ? kernfs_root+0xee/0x2a0 [ 641.094650][T12486] ? kernfs_root+0xee/0x2a0 [ 641.094691][T12486] kernfs_new_node+0x11b/0x1a0 [ 641.094735][T12486] __kernfs_create_file+0x53/0x350 [ 641.094767][T12486] sysfs_add_file_mode_ns+0x207/0x3c0 [ 641.094807][T12486] internal_create_group+0x593/0xf40 [ 641.094851][T12486] ? __pfx_internal_create_group+0x10/0x10 [ 641.094893][T12486] ? kernfs_create_link+0x1bd/0x240 [ 641.094926][T12486] internal_create_groups+0x9d/0x150 [ 641.094965][T12486] device_add+0x77a/0x1950 [ 641.094993][T12486] ? __pfx_device_add+0x10/0x10 [ 641.095014][T12486] ? __pfx___might_resched+0x10/0x10 [ 641.095050][T12486] ? lockdep_hardirqs_on+0x78/0x100 [ 641.095090][T12486] __add_disk+0x518/0xe40 [ 641.095214][T12486] add_disk_fwnode+0x118/0x5c0 [ 641.095256][T12486] loop_add+0x90b/0xb60 [ 641.095284][T12486] ? __pfx_loop_add+0x10/0x10 [ 641.095331][T12486] ? find_held_lock+0x2b/0x80 [ 641.095352][T12486] ? __fget_files+0x215/0x3d0 [ 641.095378][T12486] loop_control_ioctl+0xae/0x620 [ 641.095408][T12486] ? __pfx_loop_control_ioctl+0x10/0x10 [ 641.095443][T12486] ? __pfx_loop_control_ioctl+0x10/0x10 [ 641.095474][T12486] __x64_sys_ioctl+0x18e/0x210 [ 641.095512][T12486] do_syscall_64+0x106/0xf80 [ 641.095541][T12486] ? clear_bhb_loop+0x40/0x90 [ 641.095572][T12486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 641.095598][T12486] RIP: 0033:0x7f29acf9c799 [ 641.095619][T12486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 641.095643][T12486] RSP: 002b:00007f29addd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 641.095666][T12486] RAX: ffffffffffffffda RBX: 00007f29ad215fa0 RCX: 00007f29acf9c799 [ 641.095683][T12486] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 641.095699][T12486] RBP: 00007f29ad032c99 R08: 0000000000000000 R09: 0000000000000000 [ 641.095714][T12486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 641.095729][T12486] R13: 00007f29ad216038 R14: 00007f29ad215fa0 R15: 00007ffdfd0e5e88 [ 641.095760][T12486] [ 642.454313][T12489] zswap: compressor not available [ 642.464925][T12499] random: crng reseeded on system resumption [ 643.079813][T12512] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1495'. [ 645.266100][T12540] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 645.744375][T12541] zswap: compressor not available [ 646.890193][T12564] random: crng reseeded on system resumption [ 647.704327][T12573] random: crng reseeded on system resumption [ 648.232337][T12582] random: crng reseeded on system resumption [ 648.736226][T12596] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:-2147483648 is already present [ 650.221903][T12610] can: request_module (can-proto-0) failed. [ 650.251166][T12614] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 652.254895][T12643] sd 0:0:1:0: PR command failed: 1026 [ 652.260346][T12643] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 652.372665][T12643] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 657.619865][ C0] sd 0:0:1:0: [sda] tag#1304 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 657.630358][ C0] sd 0:0:1:0: [sda] tag#1304 CDB: Read(6) 08 00 00 00 10 00 00 00 00 00 00 00 [ 658.856588][T12758] netlink: 'syz.0.1547': attribute type 2 has an invalid length. [ 659.384929][T12767] FAULT_INJECTION: forcing a failure. [ 659.384929][T12767] name failslab, interval 1, probability 0, space 0, times 0 [ 659.481885][T12767] CPU: 0 UID: 0 PID: 12767 Comm: syz.3.1550 Tainted: G U L syzkaller #0 PREEMPT(full) [ 659.481926][T12767] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 659.481936][T12767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 659.481952][T12767] Call Trace: [ 659.481960][T12767] [ 659.481969][T12767] dump_stack_lvl+0x100/0x190 [ 659.482013][T12767] should_fail_ex.cold+0x5/0xa [ 659.482043][T12767] should_failslab+0xc2/0x120 [ 659.482069][T12767] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 659.482108][T12767] ? __d_alloc+0x34/0xa80 [ 659.482142][T12767] __d_alloc+0x34/0xa80 [ 659.482172][T12767] d_alloc_pseudo+0x1c/0xc0 [ 659.482207][T12767] alloc_file_pseudo+0xcf/0x230 [ 659.482240][T12767] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 659.482280][T12767] __shmem_file_setup+0x221/0x490 [ 659.482314][T12767] ? __pfx___shmem_file_setup+0x10/0x10 [ 659.482354][T12767] ? vm_area_alloc+0x1f/0x160 [ 659.482390][T12767] shmem_zero_setup+0x96/0x1b0 [ 659.482431][T12767] __mmap_region+0x2198/0x29e0 [ 659.482479][T12767] ? __pfx___mmap_region+0x10/0x10 [ 659.482548][T12767] ? sched_clock+0x38/0x60 [ 659.482595][T12767] ? lockdep_hardirqs_on+0x78/0x100 [ 659.482626][T12767] ? finish_task_switch.isra.0+0x205/0xb80 [ 659.482653][T12767] ? rcu_is_watching+0x12/0xc0 [ 659.482725][T12767] ? rcu_is_watching+0x12/0xc0 [ 659.482762][T12767] ? cap_capable+0x107/0x460 [ 659.482803][T12767] mmap_region+0x180/0x3e0 [ 659.482845][T12767] do_mmap+0xc63/0x12f0 [ 659.482877][T12767] ? __pfx_do_mmap+0x10/0x10 [ 659.482904][T12767] ? __pfx_down_write_killable+0x10/0x10 [ 659.482946][T12767] vm_mmap_pgoff+0x29e/0x470 [ 659.482984][T12767] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 659.483014][T12767] ? do_futex+0x192/0x350 [ 659.483046][T12767] ? __pfx_do_futex+0x10/0x10 [ 659.483077][T12767] ? fd_install+0x223/0x580 [ 659.483103][T12767] ksys_mmap_pgoff+0xe1/0x650 [ 659.483130][T12767] ? __x64_sys_futex+0x34f/0x4d0 [ 659.483162][T12767] ? __x64_sys_futex+0x358/0x4d0 [ 659.483194][T12767] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 659.483221][T12767] ? xfd_validate_state+0x129/0x190 [ 659.483262][T12767] __x64_sys_mmap+0x125/0x190 [ 659.483301][T12767] do_syscall_64+0x106/0xf80 [ 659.483330][T12767] ? clear_bhb_loop+0x40/0x90 [ 659.483361][T12767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.483387][T12767] RIP: 0033:0x7f29acf9c799 [ 659.483408][T12767] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 659.483433][T12767] RSP: 002b:00007f29addd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 659.483457][T12767] RAX: ffffffffffffffda RBX: 00007f29ad215fa0 RCX: 00007f29acf9c799 [ 659.483479][T12767] RDX: 00000000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 659.483495][T12767] RBP: 00007f29ad032c99 R08: 0000000000000401 R09: 2000000000008000 [ 659.483511][T12767] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 659.483526][T12767] R13: 00007f29ad216038 R14: 00007f29ad215fa0 R15: 00007ffdfd0e5e88 [ 659.483580][T12767] [ 659.803877][T12768] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input13 [ 661.913262][T12792] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1558'. [ 661.939487][T12786] FAULT_INJECTION: forcing a failure. [ 661.939487][T12786] name fail_futex, interval 1, probability 0, space 0, times 0 [ 661.992612][T12796] Line length is too long: Should be less than 4094 [ 662.282440][T12786] CPU: 0 UID: 0 PID: 12786 Comm: syz.2.1556 Tainted: G U L syzkaller #0 PREEMPT(full) [ 662.282482][T12786] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 662.282492][T12786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 662.282507][T12786] Call Trace: [ 662.282516][T12786] [ 662.282526][T12786] dump_stack_lvl+0x100/0x190 [ 662.282569][T12786] should_fail_ex.cold+0x5/0xa [ 662.282598][T12786] get_futex_key+0x295/0x1620 [ 662.282632][T12786] ? __pfx_get_futex_key+0x10/0x10 [ 662.282662][T12786] ? get_futex_key+0x507/0x1620 [ 662.282697][T12786] futex_wait_setup+0x83/0x510 [ 662.282751][T12786] futex_wait_requeue_pi+0x240/0x870 [ 662.282792][T12786] ? __pfx_futex_wait_requeue_pi+0x10/0x10 [ 662.282833][T12786] ? __pfx___futex_wait+0x10/0x10 [ 662.282869][T12786] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 662.282897][T12786] ? lockdep_hardirqs_on+0x78/0x100 [ 662.282951][T12786] ? __pfx_futex_wake_mark+0x10/0x10 [ 662.282998][T12786] ? ksys_write+0x190/0x250 [ 662.283020][T12786] ? ksys_write+0x190/0x250 [ 662.283047][T12786] do_futex+0x24f/0x350 [ 662.283079][T12786] ? __pfx_do_futex+0x10/0x10 [ 662.283119][T12786] __x64_sys_futex+0x34f/0x4d0 [ 662.283155][T12786] ? __pfx___x64_sys_futex+0x10/0x10 [ 662.283199][T12786] do_syscall_64+0x106/0xf80 [ 662.283228][T12786] ? clear_bhb_loop+0x40/0x90 [ 662.283258][T12786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.283284][T12786] RIP: 0033:0x7f008b59c799 [ 662.283304][T12786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 662.283329][T12786] RSP: 002b:00007f008c3b3028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 662.283353][T12786] RAX: ffffffffffffffda RBX: 00007f008b815fa0 RCX: 00007f008b59c799 [ 662.283370][T12786] RDX: 0000000000000001 RSI: 000000000000000b RDI: 0000200000000080 [ 662.283385][T12786] RBP: 00007f008b632c99 R08: 0000000000000000 R09: 00000000fffffffa [ 662.283401][T12786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 662.283416][T12786] R13: 00007f008b816038 R14: 00007f008b815fa0 R15: 00007ffc2e3bb708 [ 662.283450][T12786] [ 662.888740][T12809] FAULT_INJECTION: forcing a failure. [ 662.888740][T12809] name failslab, interval 1, probability 0, space 0, times 0 [ 662.954274][T12809] CPU: 0 UID: 0 PID: 12809 Comm: syz.0.1563 Tainted: G U L syzkaller #0 PREEMPT(full) [ 662.954312][T12809] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 662.954321][T12809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 662.954335][T12809] Call Trace: [ 662.954342][T12809] [ 662.954351][T12809] dump_stack_lvl+0x100/0x190 [ 662.954391][T12809] should_fail_ex.cold+0x5/0xa [ 662.954417][T12809] ? tomoyo_realpath_from_path+0xb6/0x690 [ 662.954444][T12809] should_failslab+0xc2/0x120 [ 662.954468][T12809] __kmalloc_noprof+0xe0/0x850 [ 662.954507][T12809] tomoyo_realpath_from_path+0xb6/0x690 [ 662.954541][T12809] tomoyo_path_number_perm+0x23c/0x580 [ 662.954575][T12809] ? tomoyo_path_number_perm+0x22e/0x580 [ 662.954622][T12809] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 662.954681][T12809] ? find_held_lock+0x2b/0x80 [ 662.954699][T12809] ? __fget_files+0x215/0x3d0 [ 662.954724][T12809] ? hook_file_ioctl_common+0x146/0x410 [ 662.954763][T12809] ? __fget_files+0x21f/0x3d0 [ 662.954785][T12809] security_file_ioctl+0xd3/0x230 [ 662.954820][T12809] __x64_sys_ioctl+0xb7/0x210 [ 662.954851][T12809] do_syscall_64+0x106/0xf80 [ 662.954877][T12809] ? clear_bhb_loop+0x40/0x90 [ 662.954902][T12809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.954923][T12809] RIP: 0033:0x7fd18bf9c799 [ 662.954940][T12809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 662.954960][T12809] RSP: 002b:00007fd18ce4b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 662.954980][T12809] RAX: ffffffffffffffda RBX: 00007fd18c215fa0 RCX: 00007fd18bf9c799 [ 662.954993][T12809] RDX: 0000000000000000 RSI: 0000000000006f2a RDI: 0000000000000003 [ 662.955006][T12809] RBP: 00007fd18ce4b090 R08: 0000000000000000 R09: 0000000000000000 [ 662.955018][T12809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 662.955031][T12809] R13: 00007fd18c216038 R14: 00007fd18c215fa0 R15: 00007ffffb3c0428 [ 662.955057][T12809] [ 662.955292][T12809] ERROR: Out of memory at tomoyo_realpath_from_path. [ 664.299662][T12817] bond0: invalid ARP target specified [ 664.376926][T12817] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1565'. [ 666.125159][T12842] ubi0: attaching mtd1 [ 666.197852][T12842] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 666.330640][ T30] audit: type=1800 audit(2147483662.550:19): pid=12827 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=200190 res=0 errno=0 [ 666.511125][T12827] could not allocate digest TFM handle [ 667.366099][T12867] openvswitch: ovs_: Dropping previously announced user features [ 668.502298][T12892] random: crng reseeded on system resumption [ 668.685037][T12896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1578'. [ 672.021640][T12942] random: crng reseeded on system resumption [ 672.062894][T12943] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.1587: iget: checksum invalid [ 672.332546][T12943] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 672.494451][T12943] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.1587: iget: checksum invalid [ 672.714631][T12943] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 672.955103][T12943] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.1587: iget: checksum invalid [ 672.955329][T12943] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 672.955478][T12943] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.1587: iget: checksum invalid [ 672.955636][T12943] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 672.955672][T12943] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 672.955696][T12943] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 673.503546][T12959] bond0: invalid ARP target specified [ 673.506598][T12959] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1596'. [ 673.960958][T12968] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 674.564653][T12978] random: crng reseeded on system resumption [ 675.145432][T12981] random: crng reseeded on system resumption [ 677.466150][T13017] random: crng reseeded on system resumption [ 678.293823][T13033] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 680.710605][T13047] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1616'. [ 681.048032][T13052] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.1617: iget: checksum invalid [ 681.114658][T13052] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 681.206944][T13052] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.1617: iget: checksum invalid [ 681.283374][T13052] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 681.358319][T13052] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.1617: iget: checksum invalid [ 681.431316][T13052] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 681.494580][T13052] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.1617: iget: checksum invalid [ 681.564663][T13052] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 681.642597][T13052] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 681.714449][T13052] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 682.116149][T13071] random: crng reseeded on system resumption [ 683.015489][T13083] FAULT_INJECTION: forcing a failure. [ 683.015489][T13083] name failslab, interval 1, probability 0, space 0, times 0 [ 683.114998][T13083] CPU: 0 UID: 0 PID: 13083 Comm: syz.3.1622 Tainted: G U L syzkaller #0 PREEMPT(full) [ 683.115040][T13083] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 683.115051][T13083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 683.115066][T13083] Call Trace: [ 683.115075][T13083] [ 683.115085][T13083] dump_stack_lvl+0x100/0x190 [ 683.115130][T13083] should_fail_ex.cold+0x5/0xa [ 683.115163][T13083] should_failslab+0xc2/0x120 [ 683.115191][T13083] __kmalloc_cache_noprof+0x7a/0x6f0 [ 683.115226][T13083] ? single_open+0x4d/0x1d0 [ 683.115260][T13083] ? __debugfs_file_get+0x1fc/0x860 [ 683.115380][T13083] ? __pfx_drm_state_info+0x10/0x10 [ 683.115439][T13083] ? __pfx_drm_debugfs_entry_open+0x10/0x10 [ 683.115513][T13083] single_open+0x4d/0x1d0 [ 683.115549][T13083] drm_debugfs_entry_open+0x127/0x1c0 [ 683.115589][T13083] full_proxy_open_regular+0x1b6/0x370 [ 683.115627][T13083] do_dentry_open+0x6d8/0x1660 [ 683.115651][T13083] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 683.115693][T13083] vfs_open+0x82/0x3f0 [ 683.115727][T13083] path_openat+0x208c/0x31a0 [ 683.115763][T13083] ? __pfx_path_openat+0x10/0x10 [ 683.115800][T13083] do_file_open+0x20e/0x430 [ 683.115827][T13083] ? __pfx_do_file_open+0x10/0x10 [ 683.115873][T13083] ? alloc_fd+0x476/0x790 [ 683.115900][T13083] ? do_getname+0x191/0x390 [ 683.115940][T13083] do_sys_openat2+0x10d/0x1e0 [ 683.115973][T13083] ? __pfx_do_sys_openat2+0x10/0x10 [ 683.116007][T13083] ? do_raw_spin_lock+0x128/0x260 [ 683.116053][T13083] __x64_sys_openat+0x12d/0x210 [ 683.116086][T13083] ? __pfx___x64_sys_openat+0x10/0x10 [ 683.116131][T13083] do_syscall_64+0x106/0xf80 [ 683.116164][T13083] ? clear_bhb_loop+0x40/0x90 [ 683.116196][T13083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.116221][T13083] RIP: 0033:0x7f29acf9c799 [ 683.116241][T13083] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 683.116266][T13083] RSP: 002b:00007f29addb7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 683.116290][T13083] RAX: ffffffffffffffda RBX: 00007f29ad216090 RCX: 00007f29acf9c799 [ 683.116306][T13083] RDX: 0000000000000200 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 683.116322][T13083] RBP: 00007f29ad032c99 R08: 0000000000000000 R09: 0000000000000000 [ 683.116337][T13083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 683.116353][T13083] R13: 00007f29ad216128 R14: 00007f29ad216090 R15: 00007ffdfd0e5e88 [ 683.116384][T13083] [ 683.795844][T13098] binder: 13092:13098 ioctl c018620c 0 returned -1 [ 684.147379][T13105] netlink: 'syz.1.1626': attribute type 1 has an invalid length. [ 685.249259][T13114] openvswitch: ovs_: Dropping previously announced user features [ 685.768203][T13125] random: crng reseeded on system resumption [ 685.969687][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.979862][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.143586][T13129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1630'. [ 687.303771][T13157] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1635'. [ 688.044691][T13166] netlink: 'syz.1.1637': attribute type 2 has an invalid length. [ 688.738141][T13177] random: crng reseeded on system resumption [ 689.544182][T13187] sd 0:0:1:0: PR command failed: 1026 [ 689.591382][T13187] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 689.647987][T13187] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 689.779753][T13191] FAULT_INJECTION: forcing a failure. [ 689.779753][T13191] name failslab, interval 1, probability 0, space 0, times 0 [ 689.881840][T13191] CPU: 0 UID: 0 PID: 13191 Comm: syz.1.1645 Tainted: G U L syzkaller #0 PREEMPT(full) [ 689.881881][T13191] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 689.881891][T13191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 689.881905][T13191] Call Trace: [ 689.881913][T13191] [ 689.881923][T13191] dump_stack_lvl+0x100/0x190 [ 689.881965][T13191] should_fail_ex.cold+0x5/0xa [ 689.881994][T13191] should_failslab+0xc2/0x120 [ 689.882020][T13191] __kmalloc_cache_noprof+0x7a/0x6f0 [ 689.882053][T13191] ? snd_seq_timer_new+0x44/0x1b0 [ 689.882093][T13191] snd_seq_timer_new+0x44/0x1b0 [ 689.882125][T13191] snd_seq_queue_alloc+0x177/0x590 [ 689.882156][T13191] snd_seq_ioctl_create_queue+0xa9/0x370 [ 689.882192][T13191] call_seq_client_ctl+0xa3/0x130 [ 689.882230][T13191] snd_seq_kernel_client_ctl+0x77/0xd0 [ 689.882267][T13191] alloc_seq_queue+0xdb/0x180 [ 689.882304][T13191] ? __pfx_alloc_seq_queue+0x10/0x10 [ 689.882357][T13191] ? mark_held_locks+0x40/0x70 [ 689.882388][T13191] ? _raw_spin_unlock_irq+0x23/0x50 [ 689.882415][T13191] ? lockdep_hardirqs_on+0x78/0x100 [ 689.882448][T13191] snd_seq_oss_open+0x2b2/0xa10 [ 689.882491][T13191] odev_open+0x79/0xc0 [ 689.882523][T13191] ? __pfx_odev_open+0x10/0x10 [ 689.882557][T13191] soundcore_open+0x2e3/0x5a0 [ 689.882597][T13191] ? __pfx_soundcore_open+0x10/0x10 [ 689.882641][T13191] chrdev_open+0x234/0x6a0 [ 689.882665][T13191] ? __pfx_apparmor_file_open+0x10/0x10 [ 689.882705][T13191] ? __pfx_chrdev_open+0x10/0x10 [ 689.882736][T13191] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 689.882769][T13191] do_dentry_open+0x6d8/0x1660 [ 689.882792][T13191] ? __pfx_chrdev_open+0x10/0x10 [ 689.882824][T13191] vfs_open+0x82/0x3f0 [ 689.882858][T13191] path_openat+0x208c/0x31a0 [ 689.882893][T13191] ? __pfx_path_openat+0x10/0x10 [ 689.882929][T13191] do_file_open+0x20e/0x430 [ 689.882957][T13191] ? __pfx_do_file_open+0x10/0x10 [ 689.883003][T13191] ? alloc_fd+0x476/0x790 [ 689.883030][T13191] ? do_getname+0x191/0x390 [ 689.883063][T13191] do_sys_openat2+0x10d/0x1e0 [ 689.883095][T13191] ? __pfx_do_sys_openat2+0x10/0x10 [ 689.883130][T13191] ? __fget_files+0x21f/0x3d0 [ 689.883159][T13191] __x64_sys_openat+0x12d/0x210 [ 689.883192][T13191] ? __pfx___x64_sys_openat+0x10/0x10 [ 689.883237][T13191] do_syscall_64+0x106/0xf80 [ 689.883266][T13191] ? clear_bhb_loop+0x40/0x90 [ 689.883297][T13191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.883323][T13191] RIP: 0033:0x7fad9239c799 [ 689.883343][T13191] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 689.883368][T13191] RSP: 002b:00007fad931d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 689.883391][T13191] RAX: ffffffffffffffda RBX: 00007fad92616090 RCX: 00007fad9239c799 [ 689.883408][T13191] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 689.883424][T13191] RBP: 00007fad92432c99 R08: 0000000000000000 R09: 0000000000000000 [ 689.883439][T13191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 689.883454][T13191] R13: 00007fad92616128 R14: 00007fad92616090 R15: 00007ffdf4b3ae58 [ 689.883486][T13191] [ 690.516173][T13203] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 690.535187][T13203] futex_wake_op: syz.1.1650 tries to shift op by -2048; fix this program [ 690.964903][T13208] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1651'. [ 691.940035][T13228] ovs_: entered promiscuous mode [ 692.929099][T13248] FAULT_INJECTION: forcing a failure. [ 692.929099][T13248] name failslab, interval 1, probability 0, space 0, times 0 [ 693.052543][T13248] CPU: 0 UID: 0 PID: 13248 Comm: syz.0.1659 Tainted: G U L syzkaller #0 PREEMPT(full) [ 693.052582][T13248] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 693.052591][T13248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 693.052605][T13248] Call Trace: [ 693.052613][T13248] [ 693.052623][T13248] dump_stack_lvl+0x100/0x190 [ 693.052662][T13248] should_fail_ex.cold+0x5/0xa [ 693.052690][T13248] should_failslab+0xc2/0x120 [ 693.052716][T13248] __kmalloc_cache_noprof+0x7a/0x6f0 [ 693.052748][T13248] ? vidtv_psi_pmt_stream_init+0x4e/0x3e0 [ 693.052866][T13248] ? vidtv_psi_pmt_table_init+0x363/0x430 [ 693.052903][T13248] vidtv_psi_pmt_stream_init+0x4e/0x3e0 [ 693.052933][T13248] vidtv_channel_si_init+0x1289/0x18d0 [ 693.052993][T13248] vidtv_mux_init+0x526/0xbf0 [ 693.053030][T13248] vidtv_start_feed+0x33e/0x4c0 [ 693.053091][T13248] ? __pfx_vidtv_start_feed+0x10/0x10 [ 693.053130][T13248] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 693.053174][T13248] ? mark_held_locks+0x40/0x70 [ 693.053209][T13248] ? __pfx_vidtv_start_feed+0x10/0x10 [ 693.053246][T13248] dmx_ts_feed_start_filtering+0xf6/0x220 [ 693.053316][T13248] dvb_dmxdev_start_feed+0x273/0x3f0 [ 693.053378][T13248] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 693.053417][T13248] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 693.053457][T13248] dvb_demux_do_ioctl+0xe64/0x1200 [ 693.053502][T13248] dvb_usercopy+0x167/0x340 [ 693.053533][T13248] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 693.053572][T13248] ? __pfx_dvb_usercopy+0x10/0x10 [ 693.053616][T13248] ? __fget_files+0x21f/0x3d0 [ 693.053644][T13248] dvb_demux_ioctl+0x29/0x40 [ 693.053676][T13248] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 693.053711][T13248] __x64_sys_ioctl+0x18e/0x210 [ 693.053747][T13248] do_syscall_64+0x106/0xf80 [ 693.053776][T13248] ? clear_bhb_loop+0x40/0x90 [ 693.053805][T13248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.053830][T13248] RIP: 0033:0x7fd18bf9c799 [ 693.053849][T13248] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 693.053873][T13248] RSP: 002b:00007fd18ce4b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 693.053896][T13248] RAX: ffffffffffffffda RBX: 00007fd18c215fa0 RCX: 00007fd18bf9c799 [ 693.053912][T13248] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 693.053927][T13248] RBP: 00007fd18c032c99 R08: 0000000000000000 R09: 0000000000000000 [ 693.053942][T13248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 693.053956][T13248] R13: 00007fd18c216038 R14: 00007fd18c215fa0 R15: 00007ffffb3c0428 [ 693.053987][T13248] [ 693.054048][T13248] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 693.322884][T13248] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 693.331307][T13248] CPU: 0 UID: 0 PID: 13248 Comm: syz.0.1659 Tainted: G U L syzkaller #0 PREEMPT(full) [ 693.342265][T13248] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 693.347475][T13248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 693.357533][T13248] RIP: 0010:vidtv_psi_desc_assign+0x24/0x90 [ 693.363440][T13248] Code: 90 90 90 90 90 90 0f 1f 40 d6 41 54 55 48 89 f5 53 48 89 fb e8 6d 08 dc f9 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 75 4c 4c 8b 23 49 39 ec 74 36 e8 49 08 dc f9 4d 85 e4 [ 693.383070][T13248] RSP: 0018:ffffc900048c7a10 EFLAGS: 00010247 [ 693.389146][T13248] RAX: dffffc0000000000 RBX: 0000000000000005 RCX: 0000000000000000 [ 693.397122][T13248] RDX: 0000000000000000 RSI: ffffffff882c0d13 RDI: 0000000000000005 [ 693.405100][T13248] RBP: ffff88802a9ae4e0 R08: 0000000000000000 R09: 4453534204050000 [ 693.413084][T13248] R10: 0000000000000005 R11: ffffffff82736f24 R12: 0000000000000000 [ 693.421056][T13248] R13: ffff888082992880 R14: ffff888026bac2e0 R15: ffff888026dde480 [ 693.429035][T13248] FS: 00007fd18ce4b6c0(0000) GS:ffff88812434d000(0000) knlGS:0000000000000000 [ 693.438002][T13248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 693.444622][T13248] CR2: 0000001b30a14ff8 CR3: 000000001fb50000 CR4: 00000000003526f0 [ 693.452602][T13248] Call Trace: [ 693.455884][T13248] [ 693.458843][T13248] vidtv_channel_si_init+0x12fc/0x18d0 [ 693.464323][T13248] vidtv_mux_init+0x526/0xbf0 [ 693.469026][T13248] vidtv_start_feed+0x33e/0x4c0 [ 693.473900][T13248] ? __pfx_vidtv_start_feed+0x10/0x10 [ 693.479294][T13248] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 693.485912][T13248] ? mark_held_locks+0x40/0x70 [ 693.490691][T13248] ? __pfx_vidtv_start_feed+0x10/0x10 [ 693.496084][T13248] dmx_ts_feed_start_filtering+0xf6/0x220 [ 693.501815][T13248] dvb_dmxdev_start_feed+0x273/0x3f0 [ 693.507128][T13248] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 693.512623][T13248] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 693.517862][T13248] dvb_demux_do_ioctl+0xe64/0x1200 [ 693.523008][T13248] dvb_usercopy+0x167/0x340 [ 693.527533][T13248] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 693.533122][T13248] ? __pfx_dvb_usercopy+0x10/0x10 [ 693.538172][T13248] ? __fget_files+0x21f/0x3d0 [ 693.542859][T13248] dvb_demux_ioctl+0x29/0x40 [ 693.547469][T13248] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 693.552780][T13248] __x64_sys_ioctl+0x18e/0x210 [ 693.557564][T13248] do_syscall_64+0x106/0xf80 [ 693.562169][T13248] ? clear_bhb_loop+0x40/0x90 [ 693.566858][T13248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.572762][T13248] RIP: 0033:0x7fd18bf9c799 [ 693.577183][T13248] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 693.596819][T13248] RSP: 002b:00007fd18ce4b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 693.605243][T13248] RAX: ffffffffffffffda RBX: 00007fd18c215fa0 RCX: 00007fd18bf9c799 [ 693.613232][T13248] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 693.621208][T13248] RBP: 00007fd18c032c99 R08: 0000000000000000 R09: 0000000000000000 [ 693.629185][T13248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 693.637160][T13248] R13: 00007fd18c216038 R14: 00007fd18c215fa0 R15: 00007ffffb3c0428 [ 693.645146][T13248] [ 693.648171][T13248] Modules linked in: [ 693.652940][T13248] ---[ end trace 0000000000000000 ]--- [ 693.773432][T13247] FAULT_INJECTION: forcing a failure. [ 693.773432][T13247] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 693.798841][T13247] CPU: 0 UID: 0 PID: 13247 Comm: syz.3.1658 Tainted: G UD L syzkaller #0 PREEMPT(full) [ 693.798883][T13247] Tainted: [U]=USER, [D]=DIE, [L]=SOFTLOCKUP [ 693.798893][T13247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 693.798908][T13247] Call Trace: [ 693.798915][T13247] [ 693.798924][T13247] dump_stack_lvl+0x100/0x190 [ 693.798960][T13247] should_fail_ex.cold+0x5/0xa [ 693.798985][T13247] _copy_to_user+0x32/0xd0 [ 693.799009][T13247] simple_read_from_buffer+0xcb/0x170 [ 693.799046][T13247] proc_fail_nth_read+0x1af/0x230 [ 693.799074][T13247] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 693.799101][T13247] ? security_file_permission+0x76/0x210 [ 693.799125][T13247] ? rw_verify_area+0xce/0x6d0 [ 693.799158][T13247] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 693.799184][T13247] vfs_read+0x1e4/0xb30 [ 693.799220][T13247] ? __pfx_vfs_read+0x10/0x10 [ 693.799256][T13247] ? rcu_is_watching+0x12/0xc0 [ 693.799294][T13247] ? __fget_files+0x21f/0x3d0 [ 693.799319][T13247] ksys_read+0x12a/0x250 [ 693.799362][T13247] ? __pfx_ksys_read+0x10/0x10 [ 693.799398][T13247] ? rcu_is_watching+0x12/0xc0 [ 693.799434][T13247] do_syscall_64+0x106/0xf80 [ 693.799462][T13247] ? clear_bhb_loop+0x40/0x90 [ 693.799489][T13247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.799512][T13247] RIP: 0033:0x7f29acf5cfce [ 693.799530][T13247] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 693.799553][T13247] RSP: 002b:00007f29add95fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 693.799575][T13247] RAX: ffffffffffffffda RBX: 00007f29add966c0 RCX: 00007f29acf5cfce [ 693.799591][T13247] RDX: 000000000000000f RSI: 00007f29add960a0 RDI: 0000000000000004 [ 693.799606][T13247] RBP: 00007f29add96090 R08: 0000000000000000 R09: 0000000000000000 [ 693.799620][T13247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 693.799635][T13247] R13: 00007f29ad216218 R14: 00007f29ad216180 R15: 00007ffdfd0e5e88 [ 693.799658][T13247] [ 695.348181][T13248] RIP: 0010:vidtv_psi_desc_assign+0x24/0x90 [ 695.373363][T13248] Code: 90 90 90 90 90 90 0f 1f 40 d6 41 54 55 48 89 f5 53 48 89 fb e8 6d 08 dc f9 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 75 4c 4c 8b 23 49 39 ec 74 36 e8 49 08 dc f9 4d 85 e4 [ 695.466458][T13248] RSP: 0018:ffffc900048c7a10 EFLAGS: 00010247 [ 695.491248][T13248] RAX: dffffc0000000000 RBX: 0000000000000005 RCX: 0000000000000000 [ 695.531647][T13248] RDX: 0000000000000000 RSI: ffffffff882c0d13 RDI: 0000000000000005 [ 695.621130][T13248] RBP: ffff88802a9ae4e0 R08: 0000000000000000 R09: 4453534204050000 [ 695.659492][T13248] R10: 0000000000000005 R11: ffffffff82736f24 R12: 0000000000000000 [ 695.701241][T13248] R13: ffff888082992880 R14: ffff888026bac2e0 R15: ffff888026dde480 [ 695.735752][T13248] FS: 00007fd18ce4b6c0(0000) GS:ffff88812434d000(0000) knlGS:0000000000000000 [ 695.784166][T13248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 695.813386][T13248] CR2: 0000000000000000 CR3: 000000001fb50000 CR4: 00000000003526f0 [ 695.851030][T13248] Kernel panic - not syncing: Fatal exception [ 695.857179][T13248] Kernel Offset: disabled [ 695.861518][T13248] Rebooting in 86400 seconds..