last executing test programs:
5.66605699s ago: executing program 1 (id=859):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
personality$auto(0xc)
seccomp$auto(0x3, 0x2, 0x0)
4.79006227s ago: executing program 2 (id=863):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptya6\x00', 0x40001, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto(r0, 0x89f1, r0)
4.186172689s ago: executing program 2 (id=868):
r0 = gettid()
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
rt_sigtimedwait$auto(&(0x7f0000000100)={0xfffffffffffffbff}, 0x0, 0x0, 0x8)
r1 = gettid()
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@buf=0x0, 0x8ab0, 0x6c0000c000, 0xc000}, 0x4)
kill$auto(r1, 0x11)
kill$auto(r0, 0x14)
3.87838621s ago: executing program 1 (id=870):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
3.516386635s ago: executing program 3 (id=872):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0)
close_range$auto(0x2, r0, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x7, 0x0, [{0x400000f4, 0x2, 0x6}]})
2.905316886s ago: executing program 3 (id=873):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x24000000000df, 0x40000000000ebc, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
getresgid$auto(0x0, 0x0, 0x0)
2.616728296s ago: executing program 1 (id=874):
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x24, 0x0, 0x300, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_MCAST_FLAGS_PRIV={0x8, 0x27, 0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x24008000)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\a'], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00'], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
2.330878646s ago: executing program 1 (id=876):
semctl$auto(0x2, 0xff, 0x1, 0x7ff)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
lremovexattr$auto(0x0, 0x0)
2.326547294s ago: executing program 2 (id=877):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
clone$auto(0x8, 0x7, 0x0, 0xffffffffffffffff, 0x80000001)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
statmount$auto(0x0, 0x0, 0x800, 0x0)
setfsuid$auto(0x0)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r0, 0x0, 0x39b8)
2.055448788s ago: executing program 0 (id=878):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
unshare$auto(0x40000080)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x50, &(0x7f0000000200)={0x0, 0x1ff}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0225020000000800030080"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x20040004)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x80000005, &(0x7f0000000180)={0x0, 0xc8}, 0x1, 0x0, 0x5}, 0x3}, 0x40000204, 0x0)
1.606000225s ago: executing program 0 (id=879):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
mq_notify$auto(0x4, &(0x7f0000000040)={@sival_int=0x5de7, @inferred, 0x2, @_tid})
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000040), 0x8000, 0x1}, 0x8}, 0x1, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xffffffff, 0x0, 0x4, 0x0, 0x1, 0xfffffff7}, 0x8c}, 0xb, 0xe)
1.545128954s ago: executing program 2 (id=880):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x141401, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x220802, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
ioctl$auto(0x3, 0x40bc5311, 0x38)
1.227901448s ago: executing program 3 (id=882):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0)
close_range$auto(0x2, r0, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x7, 0x0, [{0x40000023, 0x2, 0x6}]})
1.101885325s ago: executing program 2 (id=883):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x8000000000000000, 0x15)
pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000)
sysfs$auto(0x2, 0xa, 0x0)
r0 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
1.038096142s ago: executing program 1 (id=884):
mmap$auto(0x0, 0x30009, 0x8000000000000001, 0x4000eb1, 0x401, 0x48000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r0 = socket(0x2b, 0x1, 0x1)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, 0x0, 0x200c0885)
listen$auto(0x3, 0x81)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
1.023213763s ago: executing program 0 (id=885):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="13"], 0x1ac}}, 0x4004)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
859.857742ms ago: executing program 3 (id=886):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x7, 0xf, 0x1, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
memfd_create$auto(0x0, 0x1)
857.994174ms ago: executing program 0 (id=887):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0xa, 0x3, 0x3a)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
getsockopt$auto(r0, 0x29, 0x1, 0x0, 0x0)
816.717933ms ago: executing program 1 (id=888):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/modules\x00', 0x88880, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
write$auto(0x3, 0x0, 0x5c8)
mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f0000000240)={[0xe, 0x91e3, 0xb, 0xc, 0x0, 0xf58, 0x3, 0x104412d, 0x8, 0x0, 0x4, 0xd, 0x8000000000000, 0x84c, 0x3, 0x7]}, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
546.332144ms ago: executing program 2 (id=889):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0)
read$auto(r0, 0x0, 0x4)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x4)
r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r2, &(0x7f0000000040)='nbd\x00', 0x4)
544.837781ms ago: executing program 0 (id=897):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffdcb, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200040c4}, 0x440c5)
setfsuid$auto(0xee00)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x44, 0x7, 0xfffffffd, 0x0, 0x0, 0x0, 0x9, 0x10001, 0x7, 0x8001, 0x7ffffff8, 0x5, 0x7, 0x5, 0x10000000061, 0x2})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
371.40821ms ago: executing program 3 (id=890):
mmap$auto(0x4000000000000, 0xe75, 0x4000000000df, 0x3ff, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0)
sendfile$auto(r1, r1, 0x0, 0x1)
write$auto_proc_mem_operations_base(r0, 0x0, 0x0)
205.504914ms ago: executing program 0 (id=891):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000080)={0xa8, 0x700})
0s ago: executing program 3 (id=892):
mmap$auto(0x0, 0x2000a, 0x7e, 0xeb2, 0x401, 0x8000)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
write$auto(r0, &(0x7f0000000280)='S\x00\x00\x00\xfe\xff\xff\xff\xdf\x9e\xf4\x14\xd2d2\xc4\x97\xde0\xb1\x85\xc6vHI\x8bMJ}\x8d\xc1\x94D\xdbSt/\xdd\xb5\fnW{\xb0^:\x80\xb5\xdd\x8d\x1e\x96\xdf\xcb\xac\xbfB\xb3\xba\x9a\x02\xeaZ\xb9Rg\"\x87\x9e\x9c\xb3\xac\x16\xa3g\xad\xf7<\xc5c\xfa2\x97,O\xb2\xe3\xad\xe0v\x13\x1dc\xf6\xa8\xce*\xee\xcdX\x1dM\xe3\x8cT\xc6\x1dj\xe8\xc1\xc0\x85cp\xad\v,O\xb8\x9b\xd8\xe0\x964/\x8fQ\xaf\x13\xd7\xf14\x85\xe8\x0f\'\xc4\xe3\x1c\x92\x85\x88\\\xb0', 0x808587)
select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x4, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x3, 0x4698ecd2, 0x80, 0x84, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r1, 0x0, 0x400018)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
kernel console output (not intermixed with test programs):
Warning: Permanently added '10.128.0.211' (ED25519) to the list of known hosts.
[ 87.456310][ T5811] cgroup: Unknown subsys name 'net'
[ 87.572756][ T5811] cgroup: Unknown subsys name 'cpuset'
[ 87.583619][ T5811] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 89.371127][ T5811] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 91.270029][ T5826] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 91.288461][ T5826] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 91.296446][ T5826] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 91.308418][ T5826] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 91.318415][ T5826] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 91.389374][ T5145] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 91.410560][ T5145] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 91.419101][ T5145] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 91.427606][ T5145] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 91.436551][ T5145] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 91.478163][ T5826] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 91.486982][ T5826] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 91.495939][ T5826] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 91.504484][ T5826] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 91.512769][ T5826] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 91.535339][ T5833] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 91.551960][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 91.561348][ T5145] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 91.572286][ T5833] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 91.580174][ T5833] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 91.900701][ T1208] cfg80211: failed to load regulatory.db
[ 91.996804][ T5823] chnl_net:caif_netlink_parms(): no params data found
[ 92.240076][ T5831] chnl_net:caif_netlink_parms(): no params data found
[ 92.290162][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[ 92.298302][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[ 92.305530][ T5823] bridge_slave_0: entered allmulticast mode
[ 92.313411][ T5823] bridge_slave_0: entered promiscuous mode
[ 92.322217][ T5827] chnl_net:caif_netlink_parms(): no params data found
[ 92.369263][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[ 92.376504][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[ 92.384666][ T5823] bridge_slave_1: entered allmulticast mode
[ 92.392796][ T5823] bridge_slave_1: entered promiscuous mode
[ 92.473812][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 92.486566][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 92.530986][ T5829] chnl_net:caif_netlink_parms(): no params data found
[ 92.604432][ T5823] team0: Port device team_slave_0 added
[ 92.613338][ T5823] team0: Port device team_slave_1 added
[ 92.637227][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[ 92.644524][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[ 92.652183][ T5831] bridge_slave_0: entered allmulticast mode
[ 92.659766][ T5831] bridge_slave_0: entered promiscuous mode
[ 92.702444][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[ 92.709737][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[ 92.716926][ T5831] bridge_slave_1: entered allmulticast mode
[ 92.724536][ T5831] bridge_slave_1: entered promiscuous mode
[ 92.774821][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 92.781976][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 92.808775][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 92.828944][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[ 92.836716][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[ 92.844955][ T5827] bridge_slave_0: entered allmulticast mode
[ 92.852473][ T5827] bridge_slave_0: entered promiscuous mode
[ 92.873953][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 92.881217][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 92.907304][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 92.925559][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[ 92.932895][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[ 92.940581][ T5827] bridge_slave_1: entered allmulticast mode
[ 92.948449][ T5827] bridge_slave_1: entered promiscuous mode
[ 92.959327][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 92.971735][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.058950][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 93.092671][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.100366][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state
[ 93.107814][ T5829] bridge_slave_0: entered allmulticast mode
[ 93.115550][ T5829] bridge_slave_0: entered promiscuous mode
[ 93.126419][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.148979][ T5831] team0: Port device team_slave_0 added
[ 93.187516][ T5823] hsr_slave_0: entered promiscuous mode
[ 93.194367][ T5823] hsr_slave_1: entered promiscuous mode
[ 93.201432][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.208665][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.215835][ T5829] bridge_slave_1: entered allmulticast mode
[ 93.223682][ T5829] bridge_slave_1: entered promiscuous mode
[ 93.233004][ T5831] team0: Port device team_slave_1 added
[ 93.252716][ T5827] team0: Port device team_slave_0 added
[ 93.291055][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.298469][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 93.325413][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 93.338836][ T5833] Bluetooth: hci0: command tx timeout
[ 93.345280][ T5827] team0: Port device team_slave_1 added
[ 93.375288][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 93.382370][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 93.408419][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 93.434487][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 93.474508][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.498076][ T5833] Bluetooth: hci1: command tx timeout
[ 93.514717][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.521749][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 93.547781][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 93.578265][ T5833] Bluetooth: hci2: command tx timeout
[ 93.585322][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 93.593364][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 93.619721][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 93.632921][ T5829] team0: Port device team_slave_0 added
[ 93.657994][ T5833] Bluetooth: hci3: command tx timeout
[ 93.680014][ T5829] team0: Port device team_slave_1 added
[ 93.710340][ T5831] hsr_slave_0: entered promiscuous mode
[ 93.716782][ T5831] hsr_slave_1: entered promiscuous mode
[ 93.723761][ T5831] debugfs: 'hsr0' already exists in 'hsr'
[ 93.730315][ T5831] Cannot create hsr debugfs directory
[ 93.823789][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.830973][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 93.857198][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 93.870344][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 93.877341][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 93.903690][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 93.935606][ T5827] hsr_slave_0: entered promiscuous mode
[ 93.942890][ T5827] hsr_slave_1: entered promiscuous mode
[ 93.950074][ T5827] debugfs: 'hsr0' already exists in 'hsr'
[ 93.955878][ T5827] Cannot create hsr debugfs directory
[ 94.136845][ T5829] hsr_slave_0: entered promiscuous mode
[ 94.144257][ T5829] hsr_slave_1: entered promiscuous mode
[ 94.151409][ T5829] debugfs: 'hsr0' already exists in 'hsr'
[ 94.157184][ T5829] Cannot create hsr debugfs directory
[ 94.363385][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 94.376626][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 94.414860][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 94.425703][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 94.575079][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 94.589002][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 94.607112][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 94.635845][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 94.734396][ T5829] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 94.770406][ T5829] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 94.785472][ T5829] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 94.798414][ T5829] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 94.932295][ T5827] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 94.949865][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[ 94.962800][ T5827] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 94.974272][ T5827] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 95.004901][ T5827] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 95.027206][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.065147][ T48] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.072513][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.102600][ T1246] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.109779][ T1246] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.150661][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.230323][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.242380][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.266725][ T1246] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.273974][ T1246] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.285446][ T1246] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.292613][ T1246] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.361436][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.396603][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.403793][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.418101][ T5833] Bluetooth: hci0: command tx timeout
[ 95.443033][ T66] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.450259][ T66] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.490923][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[ 95.534591][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[ 95.557659][ T48] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.564931][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 95.580730][ T5833] Bluetooth: hci1: command tx timeout
[ 95.634432][ T48] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.641741][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 95.658200][ T5833] Bluetooth: hci2: command tx timeout
[ 95.739532][ T5833] Bluetooth: hci3: command tx timeout
[ 95.783929][ T5827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 95.941255][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 96.076586][ T5831] veth0_vlan: entered promiscuous mode
[ 96.110149][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 96.151277][ T5831] veth1_vlan: entered promiscuous mode
[ 96.254110][ T5823] veth0_vlan: entered promiscuous mode
[ 96.269812][ T5831] veth0_macvtap: entered promiscuous mode
[ 96.291961][ T5831] veth1_macvtap: entered promiscuous mode
[ 96.331921][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 96.345884][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 96.361346][ T5823] veth1_vlan: entered promiscuous mode
[ 96.376276][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 96.407193][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.425575][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 96.437810][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.465663][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.475264][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.523115][ T5829] veth0_vlan: entered promiscuous mode
[ 96.554895][ T5829] veth1_vlan: entered promiscuous mode
[ 96.580497][ T5823] veth0_macvtap: entered promiscuous mode
[ 96.614669][ T5827] veth0_vlan: entered promiscuous mode
[ 96.632255][ T5823] veth1_macvtap: entered promiscuous mode
[ 96.654742][ T5827] veth1_vlan: entered promiscuous mode
[ 96.712455][ T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.729908][ T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.752193][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 96.785054][ T5829] veth0_macvtap: entered promiscuous mode
[ 96.794956][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 96.806870][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 96.816658][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 96.831024][ T5829] veth1_macvtap: entered promiscuous mode
[ 96.857516][ T66] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.867290][ T66] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.923694][ T66] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 96.944367][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 96.964116][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 96.974744][ T5827] veth0_macvtap: entered promiscuous mode
[ 96.986835][ T66] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.005105][ T5827] veth1_macvtap: entered promiscuous mode
[ 97.018624][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 97.124594][ T66] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.138437][ T66] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.163912][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 97.181811][ T66] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.192558][ T5912] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2'.
[ 97.206936][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 97.216218][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.224702][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.234953][ T66] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.245629][ T5913] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2'.
[ 97.291822][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.329720][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.383220][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.406928][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.439626][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.453355][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.499232][ T5833] Bluetooth: hci0: command tx timeout
[ 97.591914][ T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.622887][ T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.645109][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.671600][ T5833] Bluetooth: hci1: command tx timeout
[ 97.682773][ T5918] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6'.
[ 97.691924][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.738077][ T5833] Bluetooth: hci2: command tx timeout
[ 97.755200][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.765398][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 97.817993][ T5833] Bluetooth: hci3: command tx timeout
[ 97.853618][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 97.911051][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 98.341541][ T5929] netlink: 354 bytes leftover after parsing attributes in process `syz.1.8'.
[ 98.393344][ T5929] Zero length message leads to an empty skb
[ 98.578401][ T5931] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 98.686696][ T5928] FAULT_INJECTION: forcing a failure.
[ 98.686696][ T5928] name failslab, interval 1, probability 0, space 0, times 1
[ 98.709061][ T5928] CPU: 0 UID: 0 PID: 5928 Comm: syz.3.4 Not tainted syzkaller #0 PREEMPT(full)
[ 98.709125][ T5928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 98.709156][ T5928] Call Trace:
[ 98.709168][ T5928]
[ 98.709180][ T5928] dump_stack_lvl+0x100/0x190
[ 98.709246][ T5928] should_fail_ex.cold+0x5/0xa
[ 98.709283][ T5928] ? sk_prot_alloc+0x10b/0x2a0
[ 98.709313][ T5928] should_failslab+0xc2/0x120
[ 98.709347][ T5928] __kmalloc_noprof+0xe0/0x850
[ 98.709408][ T5928] sk_prot_alloc+0x10b/0x2a0
[ 98.709444][ T5928] sk_alloc+0x36/0xe80
[ 98.709490][ T5928] caif_create+0x10b/0x430
[ 98.709535][ T5928] __sock_create+0x339/0x860
[ 98.709580][ T5928] __sys_socket+0x14d/0x260
[ 98.709617][ T5928] ? __pfx___sys_socket+0x10/0x10
[ 98.709667][ T5928] __x64_sys_socket+0x72/0xb0
[ 98.709727][ T5928] ? lockdep_hardirqs_on+0x78/0x100
[ 98.709776][ T5928] do_syscall_64+0x106/0xf80
[ 98.709821][ T5928] ? clear_bhb_loop+0x40/0x90
[ 98.709872][ T5928] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 98.709907][ T5928] RIP: 0033:0x7f988df9c799
[ 98.709942][ T5928] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 98.709978][ T5928] RSP: 002b:00007f988edbb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 98.710014][ T5928] RAX: ffffffffffffffda RBX: 00007f988e215fa0 RCX: 00007f988df9c799
[ 98.710035][ T5928] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000025
[ 98.710054][ T5928] RBP: 00007f988e032c99 R08: 0000000000000000 R09: 0000000000000000
[ 98.710074][ T5928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 98.710093][ T5928] R13: 00007f988e216038 R14: 00007f988e215fa0 R15: 00007ffe6ca3bf68
[ 98.710132][ T5928]
[ 98.977387][ T5939] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12'.
[ 99.118712][ T5943] netlink: 326 bytes leftover after parsing attributes in process `syz.0.13'.
[ 99.578507][ T5833] Bluetooth: hci0: command tx timeout
[ 99.738158][ T5833] Bluetooth: hci1: command tx timeout
[ 99.827922][ T5833] Bluetooth: hci2: command tx timeout
[ 99.901155][ T5833] Bluetooth: hci3: command tx timeout
[ 100.122016][ T5963] netlink: 8 bytes leftover after parsing attributes in process `syz.2.20'.
[ 100.957985][ T5980] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[ 101.211606][ T5984] FAULT_INJECTION: forcing a failure.
[ 101.211606][ T5984] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 101.278114][ T5984] CPU: 1 UID: 0 PID: 5984 Comm: syz.3.27 Not tainted syzkaller #0 PREEMPT(full)
[ 101.278159][ T5984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 101.278177][ T5984] Call Trace:
[ 101.278188][ T5984]
[ 101.278200][ T5984] dump_stack_lvl+0x100/0x190
[ 101.278255][ T5984] should_fail_ex.cold+0x5/0xa
[ 101.278293][ T5984] _copy_to_iter+0x1f3/0x1720
[ 101.278334][ T5984] ? chacha_block_generic+0x211/0x330
[ 101.278383][ T5984] ? __pfx__copy_to_iter+0x10/0x10
[ 101.278427][ T5984] ? __pfx___might_resched+0x10/0x10
[ 101.278476][ T5984] ? crng_make_state+0x2b0/0x6c0
[ 101.278516][ T5984] get_random_bytes_user+0x17b/0x3d0
[ 101.278552][ T5984] ? __pfx_get_random_bytes_user+0x10/0x10
[ 101.278595][ T5984] ? do_futex+0x192/0x350
[ 101.278653][ T5984] ? __fget_files+0x21f/0x3d0
[ 101.278684][ T5984] ? import_ubuf+0x1b6/0x220
[ 101.278722][ T5984] __x64_sys_getrandom+0x183/0x290
[ 101.278760][ T5984] ? __pfx___x64_sys_getrandom+0x10/0x10
[ 101.278815][ T5984] do_syscall_64+0x106/0xf80
[ 101.278862][ T5984] ? clear_bhb_loop+0x40/0x90
[ 101.278901][ T5984] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 101.278935][ T5984] RIP: 0033:0x7f988df9c799
[ 101.278962][ T5984] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 101.278993][ T5984] RSP: 002b:00007f988edbb028 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[ 101.279024][ T5984] RAX: ffffffffffffffda RBX: 00007f988e215fa0 RCX: 00007f988df9c799
[ 101.279045][ T5984] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000
[ 101.279065][ T5984] RBP: 00007f988e032c99 R08: 0000000000000000 R09: 0000000000000000
[ 101.279085][ T5984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 101.279103][ T5984] R13: 00007f988e216038 R14: 00007f988e215fa0 R15: 00007ffe6ca3bf68
[ 101.279146][ T5984]
[ 101.642703][ T5988] netlink: 186 bytes leftover after parsing attributes in process `syz.2.31'.
[ 101.668176][ T5988] netlink: 186 bytes leftover after parsing attributes in process `syz.2.31'.
[ 102.436601][ T30] audit: type=1326 audit(1773733750.121:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6010 comm="syz.1.40" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9d2af9c799 code=0x0
[ 103.725700][ T6035] sctp: [Deprecated]: syz.0.49 (pid 6035) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 103.725700][ T6035] Use struct sctp_sack_info instead
[ 105.063502][ T6066] netlink: 20 bytes leftover after parsing attributes in process `syz.1.61'.
[ 105.913568][ T6083] netlink: 206 bytes leftover after parsing attributes in process `syz.1.68'.
[ 106.119874][ T6085] FAULT_INJECTION: forcing a failure.
[ 106.119874][ T6085] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 106.148992][ T6085] CPU: 0 UID: 0 PID: 6085 Comm: syz.1.69 Not tainted syzkaller #0 PREEMPT(full)
[ 106.149040][ T6085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 106.149061][ T6085] Call Trace:
[ 106.149072][ T6085]
[ 106.149085][ T6085] dump_stack_lvl+0x100/0x190
[ 106.149142][ T6085] should_fail_ex.cold+0x5/0xa
[ 106.149184][ T6085] ? prepare_alloc_pages+0x16d/0x5f0
[ 106.149228][ T6085] should_fail_alloc_page+0xeb/0x140
[ 106.149267][ T6085] prepare_alloc_pages+0x1f0/0x5f0
[ 106.149315][ T6085] __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 106.149377][ T6085] ? mark_held_locks+0x40/0x70
[ 106.149419][ T6085] ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 106.149464][ T6085] ? lockdep_hardirqs_on+0x78/0x100
[ 106.149511][ T6085] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 106.149556][ T6085] ? stack_depot_save_flags+0x479/0x9d0
[ 106.149601][ T6085] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 106.149657][ T6085] ? kasan_save_stack+0x3f/0x50
[ 106.149710][ T6085] ? kasan_save_track+0x14/0x30
[ 106.149760][ T6085] ? __kasan_kmalloc+0xaa/0xb0
[ 106.149809][ T6085] ? snd_pcm_attach_substream+0x451/0xd60
[ 106.149855][ T6085] ? snd_pcm_open_substream+0x90/0x1850
[ 106.149900][ T6085] ? snd_pcm_oss_open+0x735/0x1390
[ 106.149935][ T6085] ? soundcore_open+0x2e3/0x5a0
[ 106.149965][ T6085] ? chrdev_open+0x234/0x6a0
[ 106.149995][ T6085] ? do_dentry_open+0x6d8/0x1660
[ 106.150026][ T6085] ? vfs_open+0x82/0x3f0
[ 106.150068][ T6085] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 106.150114][ T6085] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 106.150182][ T6085] ? policy_nodemask+0xed/0x4f0
[ 106.150221][ T6085] alloc_pages_mpol+0x1fb/0x550
[ 106.150260][ T6085] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 106.150308][ T6085] alloc_pages_noprof+0x131/0x390
[ 106.150348][ T6085] alloc_pages_exact_noprof+0x32/0xf0
[ 106.150394][ T6085] snd_pcm_attach_substream+0x478/0xd60
[ 106.150455][ T6085] snd_pcm_open_substream+0x90/0x1850
[ 106.150506][ T6085] ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 106.150567][ T6085] snd_pcm_oss_open+0x735/0x1390
[ 106.150620][ T6085] ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 106.150659][ T6085] ? __lock_acquire+0xd73/0x2630
[ 106.150705][ T6085] ? __pfx_default_wake_function+0x10/0x10
[ 106.150742][ T6085] ? irqentry_exit+0x180/0x670
[ 106.150795][ T6085] ? lockdep_hardirqs_on+0x78/0x100
[ 106.150866][ T6085] ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 106.150906][ T6085] soundcore_open+0x2e3/0x5a0
[ 106.150943][ T6085] ? __pfx_soundcore_open+0x10/0x10
[ 106.150976][ T6085] chrdev_open+0x234/0x6a0
[ 106.151012][ T6085] ? __pfx_chrdev_open+0x10/0x10
[ 106.151049][ T6085] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 106.151094][ T6085] do_dentry_open+0x6d8/0x1660
[ 106.151127][ T6085] ? __pfx_chrdev_open+0x10/0x10
[ 106.151180][ T6085] vfs_open+0x82/0x3f0
[ 106.151228][ T6085] path_openat+0x208c/0x31a0
[ 106.151278][ T6085] ? __pfx_path_openat+0x10/0x10
[ 106.151330][ T6085] do_file_open+0x20e/0x430
[ 106.151369][ T6085] ? __pfx_do_file_open+0x10/0x10
[ 106.151436][ T6085] ? alloc_fd+0x476/0x790
[ 106.151473][ T6085] ? do_getname+0x191/0x390
[ 106.151520][ T6085] do_sys_openat2+0x10d/0x1e0
[ 106.151566][ T6085] ? __pfx_do_sys_openat2+0x10/0x10
[ 106.151614][ T6085] ? __fget_files+0x21f/0x3d0
[ 106.151655][ T6085] __x64_sys_openat+0x12d/0x210
[ 106.151703][ T6085] ? __pfx___x64_sys_openat+0x10/0x10
[ 106.151766][ T6085] do_syscall_64+0x106/0xf80
[ 106.151813][ T6085] ? clear_bhb_loop+0x40/0x90
[ 106.151855][ T6085] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 106.151891][ T6085] RIP: 0033:0x7f9d2af9c799
[ 106.151919][ T6085] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 106.151952][ T6085] RSP: 002b:00007f9d2bdfd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 106.151985][ T6085] RAX: ffffffffffffffda RBX: 00007f9d2b215fa0 RCX: 00007f9d2af9c799
[ 106.152007][ T6085] RDX: 0000000000020342 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 106.152030][ T6085] RBP: 00007f9d2b032c99 R08: 0000000000000000 R09: 0000000000000000
[ 106.152050][ T6085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 106.152071][ T6085] R13: 00007f9d2b216038 R14: 00007f9d2b215fa0 R15: 00007ffcb6056d18
[ 106.152116][ T6085]
[ 107.294525][ T6098] FAULT_INJECTION: forcing a failure.
[ 107.294525][ T6098] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 107.372282][ T6098] CPU: 0 UID: 0 PID: 6098 Comm: syz.3.74 Not tainted syzkaller #0 PREEMPT(full)
[ 107.372327][ T6098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 107.372347][ T6098] Call Trace:
[ 107.372357][ T6098]
[ 107.372369][ T6098] dump_stack_lvl+0x100/0x190
[ 107.372426][ T6098] should_fail_ex.cold+0x5/0xa
[ 107.372458][ T6098] ? prepare_alloc_pages+0x16d/0x5f0
[ 107.372502][ T6098] should_fail_alloc_page+0xeb/0x140
[ 107.372541][ T6098] prepare_alloc_pages+0x1f0/0x5f0
[ 107.372588][ T6098] __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 107.372651][ T6098] ? reacquire_held_locks+0xce/0x1e0
[ 107.372697][ T6098] ? folio_lock_anon_vma_read+0x348/0xe30
[ 107.372750][ T6098] ? folio_lock_anon_vma_read+0x348/0xe30
[ 107.372801][ T6098] ? __up_read+0x2c5/0x700
[ 107.372849][ T6098] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 107.372901][ T6098] ? __pfx___up_read+0x10/0x10
[ 107.372956][ T6098] ? rmap_walk_anon+0x561/0x870
[ 107.373041][ T6098] __folio_alloc_noprof+0x13/0x2f0
[ 107.373105][ T6098] alloc_migration_target+0x1d7/0x6d0
[ 107.373158][ T6098] migrate_pages_batch+0x4f2/0x4530
[ 107.373203][ T6098] ? __pfx_alloc_migration_target+0x10/0x10
[ 107.373256][ T6098] ? walk_pgd_range+0x1115/0x1eb0
[ 107.373309][ T6098] ? __pfx_migrate_pages_batch+0x10/0x10
[ 107.373377][ T6098] migrate_pages_sync+0x12c/0x880
[ 107.373419][ T6098] ? __pfx_alloc_migration_target+0x10/0x10
[ 107.373468][ T6098] ? __pfx_migrate_pages_sync+0x10/0x10
[ 107.373505][ T6098] ? __pfx_queue_pages_test_walk+0x10/0x10
[ 107.373555][ T6098] ? walk_page_range_mm_unsafe+0x32c/0xa10
[ 107.373617][ T6098] migrate_pages+0x1aae/0x28a0
[ 107.373665][ T6098] ? __pfx_alloc_migration_target+0x10/0x10
[ 107.373715][ T6098] ? __pfx_migrate_pages+0x10/0x10
[ 107.373757][ T6098] ? queue_pages_range+0x11e/0x180
[ 107.373813][ T6098] ? __up_read+0x2c5/0x700
[ 107.373862][ T6098] ? __pfx___up_read+0x10/0x10
[ 107.373909][ T6098] ? do_migrate_pages+0x451/0x740
[ 107.373943][ T6098] ? do_migrate_pages+0x451/0x740
[ 107.373988][ T6098] do_migrate_pages+0x488/0x740
[ 107.374036][ T6098] ? __pfx_do_migrate_pages+0x10/0x10
[ 107.374079][ T6098] ? rcu_is_watching+0x12/0xc0
[ 107.374129][ T6098] ? cap_capable+0x107/0x460
[ 107.374200][ T6098] ? get_task_mm+0xc2/0xf0
[ 107.374233][ T6098] ? security_capable+0xbd/0x260
[ 107.374290][ T6098] kernel_migrate_pages+0x560/0x700
[ 107.374328][ T6098] ? __pfx_kernel_migrate_pages+0x10/0x10
[ 107.374389][ T6098] ? xfd_validate_state+0x129/0x190
[ 107.374449][ T6098] __x64_sys_migrate_pages+0x96/0x100
[ 107.374498][ T6098] ? lockdep_hardirqs_on+0x78/0x100
[ 107.374544][ T6098] do_syscall_64+0x106/0xf80
[ 107.374585][ T6098] ? clear_bhb_loop+0x40/0x90
[ 107.374624][ T6098] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 107.374657][ T6098] RIP: 0033:0x7f988df9c799
[ 107.374684][ T6098] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 107.374715][ T6098] RSP: 002b:00007f988edbb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000100
[ 107.374745][ T6098] RAX: ffffffffffffffda RBX: 00007f988e215fa0 RCX: 00007f988df9c799
[ 107.374767][ T6098] RDX: 0000200000000100 RSI: 000000000000000a RDI: 0000000000000000
[ 107.374786][ T6098] RBP: 00007f988e032c99 R08: 0000000000000000 R09: 0000000000000000
[ 107.374804][ T6098] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000
[ 107.374824][ T6098] R13: 00007f988e216038 R14: 00007f988e215fa0 R15: 00007ffe6ca3bf68
[ 107.374866][ T6098]
[ 108.286792][ T6111] CIFS: VFS: Invalid SecurityFlags:
[ 108.348885][ T6113] FAULT_INJECTION: forcing a failure.
[ 108.348885][ T6113] name failslab, interval 1, probability 0, space 0, times 0
[ 108.429396][ T6113] CPU: 1 UID: 0 PID: 6113 Comm: syz.3.77 Not tainted syzkaller #0 PREEMPT(full)
[ 108.429437][ T6113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 108.429464][ T6113] Call Trace:
[ 108.429474][ T6113]
[ 108.429485][ T6113] dump_stack_lvl+0x100/0x190
[ 108.429535][ T6113] should_fail_ex.cold+0x5/0xa
[ 108.429569][ T6113] should_failslab+0xc2/0x120
[ 108.429600][ T6113] kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 108.429648][ T6113] ? alloc_vmap_area+0x186c/0x2bd0
[ 108.429685][ T6113] alloc_vmap_area+0x186c/0x2bd0
[ 108.429731][ T6113] ? __pfx_alloc_vmap_area+0x10/0x10
[ 108.429772][ T6113] __get_vm_area_node+0x1ca/0x330
[ 108.429813][ T6113] __vmalloc_node_range_noprof+0x213/0x1530
[ 108.429851][ T6113] ? kernel_clone+0xfc/0x9a0
[ 108.429884][ T6113] ? find_held_lock+0x2b/0x80
[ 108.429911][ T6113] ? local_lock_release+0x99/0x130
[ 108.429945][ T6113] ? local_lock_release+0x99/0x130
[ 108.429990][ T6113] ? kernel_clone+0xfc/0x9a0
[ 108.430030][ T6113] ? find_held_lock+0x2b/0x80
[ 108.430061][ T6113] ? rcu_read_unlock+0x17/0x60
[ 108.430096][ T6113] ? rcu_read_unlock+0x17/0x60
[ 108.430133][ T6113] ? obj_cgroup_charge_account+0x46d/0x640
[ 108.430173][ T6113] ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 108.430219][ T6113] ? __memcg_slab_post_alloc_hook+0x51b/0x990
[ 108.430265][ T6113] ? rcu_is_watching+0x12/0xc0
[ 108.430318][ T6113] ? trace_kmem_cache_alloc+0xf3/0x120
[ 108.430356][ T6113] ? kernel_clone+0xfc/0x9a0
[ 108.430393][ T6113] __vmalloc_node_noprof+0xad/0xf0
[ 108.430435][ T6113] ? kernel_clone+0xfc/0x9a0
[ 108.430484][ T6113] copy_process+0x5ec/0x7a40
[ 108.430521][ T6113] ? __pfx___futex_wait+0x10/0x10
[ 108.430581][ T6113] ? __pfx_copy_process+0x10/0x10
[ 108.430633][ T6113] kernel_clone+0xfc/0x9a0
[ 108.430665][ T6113] ? __pfx_futex_wait+0x10/0x10
[ 108.430712][ T6113] ? __pfx_kernel_clone+0x10/0x10
[ 108.430766][ T6113] __do_sys_clone+0xd9/0x120
[ 108.430801][ T6113] ? __pfx___do_sys_clone+0x10/0x10
[ 108.430867][ T6113] do_syscall_64+0x106/0xf80
[ 108.430908][ T6113] ? clear_bhb_loop+0x40/0x90
[ 108.430951][ T6113] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 108.430987][ T6113] RIP: 0033:0x7f988df9c799
[ 108.431015][ T6113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 108.431048][ T6113] RSP: 002b:00007f988edbb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 108.431080][ T6113] RAX: ffffffffffffffda RBX: 00007f988e215fa0 RCX: 00007f988df9c799
[ 108.431103][ T6113] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008
[ 108.431122][ T6113] RBP: 00007f988e032c99 R08: 0000000000000002 R09: 0000000000000000
[ 108.431142][ T6113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 108.431163][ T6113] R13: 00007f988e216038 R14: 00007f988e215fa0 R15: 00007ffe6ca3bf68
[ 108.431207][ T6113]
[ 111.369757][ T6182] nvme_fcloop: unknown parameter or missing value '7=";�&L=j�"Yq'R"'
[ 111.565788][ T6186] netlink: 28 bytes leftover after parsing attributes in process `syz.0.97'.
[ 112.580907][ T6200] FAULT_INJECTION: forcing a failure.
[ 112.580907][ T6200] name failslab, interval 1, probability 0, space 0, times 0
[ 112.627996][ T6200] CPU: 0 UID: 0 PID: 6200 Comm: syz.1.100 Not tainted syzkaller #0 PREEMPT(full)
[ 112.628054][ T6200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 112.628074][ T6200] Call Trace:
[ 112.628085][ T6200]
[ 112.628096][ T6200] dump_stack_lvl+0x100/0x190
[ 112.628152][ T6200] should_fail_ex.cold+0x5/0xa
[ 112.628189][ T6200] ? landlock_init_hierarchy_log+0x186/0x820
[ 112.628234][ T6200] should_failslab+0xc2/0x120
[ 112.628269][ T6200] __kmalloc_noprof+0xe0/0x850
[ 112.628329][ T6200] landlock_init_hierarchy_log+0x186/0x820
[ 112.628386][ T6200] landlock_merge_ruleset+0x67b/0x830
[ 112.628424][ T6200] ? prepare_creds+0x5ee/0x950
[ 112.628480][ T6200] __do_sys_landlock_restrict_self+0x2a6/0x9e0
[ 112.628547][ T6200] do_syscall_64+0x106/0xf80
[ 112.628595][ T6200] ? clear_bhb_loop+0x40/0x90
[ 112.628634][ T6200] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 112.628667][ T6200] RIP: 0033:0x7f9d2af9c799
[ 112.628694][ T6200] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 112.628725][ T6200] RSP: 002b:00007f9d2bddc028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[ 112.628755][ T6200] RAX: ffffffffffffffda RBX: 00007f9d2b216090 RCX: 00007f9d2af9c799
[ 112.628782][ T6200] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000003
[ 112.628801][ T6200] RBP: 00007f9d2b032c99 R08: 0000000000000000 R09: 0000000000000000
[ 112.628821][ T6200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 112.628839][ T6200] R13: 00007f9d2b216128 R14: 00007f9d2b216090 R15: 00007ffcb6056d18
[ 112.628882][ T6200]
[ 113.198028][ T6206] mmap: syz.2.103 (6206) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 113.383368][ T6211] FAULT_INJECTION: forcing a failure.
[ 113.383368][ T6211] name failslab, interval 1, probability 0, space 0, times 0
[ 113.397905][ T6211] CPU: 0 UID: 0 PID: 6211 Comm: syz.2.105 Not tainted syzkaller #0 PREEMPT(full)
[ 113.397945][ T6211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 113.397963][ T6211] Call Trace:
[ 113.397972][ T6211]
[ 113.397993][ T6211] dump_stack_lvl+0x100/0x190
[ 113.398045][ T6211] should_fail_ex.cold+0x5/0xa
[ 113.398077][ T6211] should_failslab+0xc2/0x120
[ 113.398111][ T6211] __kmalloc_cache_noprof+0x7a/0x6f0
[ 113.398152][ T6211] ? snd_midi_event_new+0x6f/0x210
[ 113.398213][ T6211] snd_midi_event_new+0x6f/0x210
[ 113.398263][ T6211] snd_virmidi_input_open+0x107/0x4d0
[ 113.398302][ T6211] open_substream+0x480/0x9e0
[ 113.398347][ T6211] rawmidi_open_priv+0x55d/0x6f0
[ 113.398396][ T6211] snd_rawmidi_open+0x4c9/0xba0
[ 113.398444][ T6211] ? __pfx_snd_rawmidi_open+0x10/0x10
[ 113.398487][ T6211] ? __pfx_default_wake_function+0x10/0x10
[ 113.398521][ T6211] ? do_raw_spin_lock+0x128/0x260
[ 113.398569][ T6211] ? __pfx_snd_rawmidi_open+0x10/0x10
[ 113.398607][ T6211] snd_open+0x22d/0x4c0
[ 113.398637][ T6211] ? __pfx_snd_open+0x10/0x10
[ 113.398665][ T6211] chrdev_open+0x234/0x6a0
[ 113.398696][ T6211] ? __pfx_chrdev_open+0x10/0x10
[ 113.398727][ T6211] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 113.398765][ T6211] do_dentry_open+0x6d8/0x1660
[ 113.398792][ T6211] ? __pfx_chrdev_open+0x10/0x10
[ 113.398830][ T6211] vfs_open+0x82/0x3f0
[ 113.398879][ T6211] path_openat+0x208c/0x31a0
[ 113.398922][ T6211] ? __pfx_path_openat+0x10/0x10
[ 113.398967][ T6211] do_file_open+0x20e/0x430
[ 113.399012][ T6211] ? __pfx_do_file_open+0x10/0x10
[ 113.399068][ T6211] ? alloc_fd+0x476/0x790
[ 113.399100][ T6211] ? do_getname+0x191/0x390
[ 113.399140][ T6211] do_sys_openat2+0x10d/0x1e0
[ 113.399178][ T6211] ? __pfx_do_sys_openat2+0x10/0x10
[ 113.399219][ T6211] ? __fget_files+0x21f/0x3d0
[ 113.399254][ T6211] __x64_sys_openat+0x12d/0x210
[ 113.399293][ T6211] ? __pfx___x64_sys_openat+0x10/0x10
[ 113.399345][ T6211] do_syscall_64+0x106/0xf80
[ 113.399385][ T6211] ? clear_bhb_loop+0x40/0x90
[ 113.399420][ T6211] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 113.399450][ T6211] RIP: 0033:0x7fbc48d9c799
[ 113.399474][ T6211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 113.399504][ T6211] RSP: 002b:00007fbc49ca5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 113.399531][ T6211] RAX: ffffffffffffffda RBX: 00007fbc49015fa0 RCX: 00007fbc48d9c799
[ 113.399550][ T6211] RDX: 0000000000080102 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 113.399568][ T6211] RBP: 00007fbc48e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 113.399585][ T6211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 113.399601][ T6211] R13: 00007fbc49016038 R14: 00007fbc49015fa0 R15: 00007ffffd6e02f8
[ 113.399639][ T6211]
[ 114.012308][ T6217] netlink: 186 bytes leftover after parsing attributes in process `syz.0.107'.
[ 115.136121][ T6242] HfR: entered promiscuous mode
[ 115.185153][ T6242] netlink: 12 bytes leftover after parsing attributes in process `syz.0.115'.
[ 115.352049][ T6242] HfR: left promiscuous mode
[ 115.634350][ T6250] netlink: 342 bytes leftover after parsing attributes in process `syz.0.119'.
[ 117.488913][ T6286] netlink: 342 bytes leftover after parsing attributes in process `syz.3.130'.
[ 117.600084][ T6286] netlink: 342 bytes leftover after parsing attributes in process `syz.3.130'.
[ 117.711062][ T6281] Invalid ELF header magic: != ELF
[ 117.995152][ T6293] netlink: 8 bytes leftover after parsing attributes in process `syz.3.134'.
[ 118.168111][ T6297] netlink: 330 bytes leftover after parsing attributes in process `syz.2.136'.
[ 118.836420][ T6307] sctp: [Deprecated]: syz.1.139 (pid 6307) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 118.836420][ T6307] Use struct sctp_sack_info instead
[ 119.870069][ T6337] netlink: 'syz.1.150': attribute type 4 has an invalid length.
[ 119.882105][ T6337] netlink: 314 bytes leftover after parsing attributes in process `syz.1.150'.
[ 120.163457][ T6345] ubi0: attaching mtd0
[ 120.175031][ T6345] ubi0: scanning is finished
[ 120.195523][ T6345] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 120.452043][ T6345] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 121.273778][ T6369] kvm: kvm [6368]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x1
[ 122.270907][ T6380] netlink: 342 bytes leftover after parsing attributes in process `syz.3.164'.
[ 122.954218][ T6389] netlink: 342 bytes leftover after parsing attributes in process `syz.0.169'.
[ 124.769083][ T6445] tc_dump_action: action bad kind
[ 125.850687][ T6464] FAULT_INJECTION: forcing a failure.
[ 125.850687][ T6464] name failslab, interval 1, probability 0, space 0, times 0
[ 125.889476][ T6464] CPU: 1 UID: 0 PID: 6464 Comm: syz.2.195 Not tainted syzkaller #0 PREEMPT(full)
[ 125.889522][ T6464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 125.889542][ T6464] Call Trace:
[ 125.889553][ T6464]
[ 125.889565][ T6464] dump_stack_lvl+0x100/0x190
[ 125.889640][ T6464] should_fail_ex.cold+0x5/0xa
[ 125.889680][ T6464] should_failslab+0xc2/0x120
[ 125.889715][ T6464] __kmalloc_node_track_caller_noprof+0xe3/0x850
[ 125.889772][ T6464] ? landlock_restrict_sibling_threads+0x48a/0x1280
[ 125.889830][ T6464] krealloc_node_align_noprof+0x30a/0x3e0
[ 125.889902][ T6464] landlock_restrict_sibling_threads+0x48a/0x1280
[ 125.889961][ T6464] ? __pfx_landlock_restrict_sibling_threads+0x10/0x10
[ 125.890049][ T6464] ? __pfx___might_resched+0x10/0x10
[ 125.890103][ T6464] ? landlock_merge_ruleset+0x213/0x830
[ 125.890147][ T6464] __do_sys_landlock_restrict_self+0x5c9/0x9e0
[ 125.890219][ T6464] do_syscall_64+0x106/0xf80
[ 125.890267][ T6464] ? clear_bhb_loop+0x40/0x90
[ 125.890310][ T6464] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 125.890346][ T6464] RIP: 0033:0x7fbc48d9c799
[ 125.890382][ T6464] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 125.890417][ T6464] RSP: 002b:00007fbc49c84028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[ 125.890449][ T6464] RAX: ffffffffffffffda RBX: 00007fbc49016090 RCX: 00007fbc48d9c799
[ 125.890472][ T6464] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000003
[ 125.890492][ T6464] RBP: 00007fbc48e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 125.890512][ T6464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 125.890532][ T6464] R13: 00007fbc49016128 R14: 00007fbc49016090 R15: 00007ffffd6e02f8
[ 125.890577][ T6464]
[ 126.311785][ T6476] netlink: 146 bytes leftover after parsing attributes in process `syz.0.201'.
[ 126.566219][ T6482] netlink: 'syz.2.205': attribute type 33 has an invalid length.
[ 126.579275][ T6482] netlink: 322 bytes leftover after parsing attributes in process `syz.2.205'.
[ 126.596218][ T6482] netlink: 'syz.2.205': attribute type 33 has an invalid length.
[ 126.638609][ T6482] netlink: 322 bytes leftover after parsing attributes in process `syz.2.205'.
[ 127.633322][ T6501] netlink: 334 bytes leftover after parsing attributes in process `syz.0.210'.
[ 128.117079][ T6515] netlink: 'syz.2.215': attribute type 27 has an invalid length.
[ 128.135335][ T6515] netlink: 334 bytes leftover after parsing attributes in process `syz.2.215'.
[ 128.327146][ T6521] netlink: 342 bytes leftover after parsing attributes in process `syz.1.218'.
[ 128.494024][ T6525] netlink: 4 bytes leftover after parsing attributes in process `syz.0.219'.
[ 128.504460][ T6525] netlink: 25 bytes leftover after parsing attributes in process `syz.0.219'.
[ 129.492005][ T6561] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 129.668538][ T6564] netlink: 25 bytes leftover after parsing attributes in process `syz.1.235'.
[ 130.581034][ T6586] FAULT_INJECTION: forcing a failure.
[ 130.581034][ T6586] name failslab, interval 1, probability 0, space 0, times 0
[ 130.615595][ T6586] CPU: 0 UID: 0 PID: 6586 Comm: syz.0.241 Tainted: G L syzkaller #0 PREEMPT(full)
[ 130.615651][ T6586] Tainted: [L]=SOFTLOCKUP
[ 130.615663][ T6586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 130.615683][ T6586] Call Trace:
[ 130.615694][ T6586]
[ 130.615707][ T6586] dump_stack_lvl+0x100/0x190
[ 130.615767][ T6586] should_fail_ex.cold+0x5/0xa
[ 130.615807][ T6586] should_failslab+0xc2/0x120
[ 130.615844][ T6586] __kmalloc_node_track_caller_noprof+0xe3/0x850
[ 130.615902][ T6586] ? landlock_restrict_sibling_threads+0x48a/0x1280
[ 130.615961][ T6586] krealloc_node_align_noprof+0x30a/0x3e0
[ 130.616023][ T6586] landlock_restrict_sibling_threads+0x48a/0x1280
[ 130.616082][ T6586] ? __pfx_landlock_restrict_sibling_threads+0x10/0x10
[ 130.616169][ T6586] ? __pfx___might_resched+0x10/0x10
[ 130.616225][ T6586] ? landlock_merge_ruleset+0x213/0x830
[ 130.616268][ T6586] __do_sys_landlock_restrict_self+0x5c9/0x9e0
[ 130.616336][ T6586] do_syscall_64+0x106/0xf80
[ 130.616385][ T6586] ? clear_bhb_loop+0x40/0x90
[ 130.616436][ T6586] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 130.616472][ T6586] RIP: 0033:0x7f0693f9c799
[ 130.616499][ T6586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 130.616531][ T6586] RSP: 002b:00007f0694df4028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[ 130.616562][ T6586] RAX: ffffffffffffffda RBX: 00007f0694216090 RCX: 00007f0693f9c799
[ 130.616583][ T6586] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000003
[ 130.616602][ T6586] RBP: 00007f0694032c99 R08: 0000000000000000 R09: 0000000000000000
[ 130.616622][ T6586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 130.616642][ T6586] R13: 00007f0694216128 R14: 00007f0694216090 R15: 00007fff912dc668
[ 130.616685][ T6586]
[ 130.812015][ T6590] netlink: 'syz.2.244': attribute type 21 has an invalid length.
[ 130.820115][ T6590] netlink: 334 bytes leftover after parsing attributes in process `syz.2.244'.
[ 131.173050][ T5833] Bluetooth: hci0: SCO packet for unknown connection handle 0
[ 131.418083][ T6607] tc_dump_action: action bad kind
[ 132.231677][ T6616] mkiss: ax0: crc mode is auto.
[ 132.604004][ T6619] FAULT_INJECTION: forcing a failure.
[ 132.604004][ T6619] name failslab, interval 1, probability 0, space 0, times 0
[ 132.617065][ T6619] CPU: 1 UID: 0 PID: 6619 Comm: syz.2.255 Tainted: G L syzkaller #0 PREEMPT(full)
[ 132.617123][ T6619] Tainted: [L]=SOFTLOCKUP
[ 132.617136][ T6619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 132.617155][ T6619] Call Trace:
[ 132.617167][ T6619]
[ 132.617180][ T6619] dump_stack_lvl+0x100/0x190
[ 132.617240][ T6619] should_fail_ex.cold+0x5/0xa
[ 132.617281][ T6619] should_failslab+0xc2/0x120
[ 132.617318][ T6619] __kmalloc_node_track_caller_noprof+0xe3/0x850
[ 132.617386][ T6619] ? landlock_restrict_sibling_threads+0x48a/0x1280
[ 132.617444][ T6619] krealloc_node_align_noprof+0x30a/0x3e0
[ 132.617506][ T6619] landlock_restrict_sibling_threads+0x48a/0x1280
[ 132.617564][ T6619] ? __pfx_landlock_restrict_sibling_threads+0x10/0x10
[ 132.617652][ T6619] ? __pfx___might_resched+0x10/0x10
[ 132.617706][ T6619] ? landlock_merge_ruleset+0x213/0x830
[ 132.617750][ T6619] __do_sys_landlock_restrict_self+0x5c9/0x9e0
[ 132.617819][ T6619] do_syscall_64+0x106/0xf80
[ 132.617866][ T6619] ? clear_bhb_loop+0x40/0x90
[ 132.617908][ T6619] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 132.617943][ T6619] RIP: 0033:0x7fbc48d9c799
[ 132.617973][ T6619] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 132.618006][ T6619] RSP: 002b:00007fbc49c84028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[ 132.618038][ T6619] RAX: ffffffffffffffda RBX: 00007fbc49016090 RCX: 00007fbc48d9c799
[ 132.618060][ T6619] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000003
[ 132.618080][ T6619] RBP: 00007fbc48e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 132.618101][ T6619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 132.618121][ T6619] R13: 00007fbc49016128 R14: 00007fbc49016090 R15: 00007ffffd6e02f8
[ 132.618166][ T6619]
[ 132.898679][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 132.917328][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 133.364228][ T6628] phram: parameter too long
[ 133.721371][ T6638] netlink: 86 bytes leftover after parsing attributes in process `syz.1.262'.
[ 134.555401][ T5833] Bluetooth: hci3: Malformed LE Event: 0x0b
[ 135.222226][ T6678] netlink: 334 bytes leftover after parsing attributes in process `syz.1.276'.
[ 138.667176][ T6698] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[ 139.856828][ T6734] netlink: 'syz.1.296': attribute type 4 has an invalid length.
[ 142.018995][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 142.431641][ T6796] netlink: 334 bytes leftover after parsing attributes in process `syz.0.322'.
[ 142.853786][ T6804] netlink: 'syz.1.332': attribute type 4 has an invalid length.
[ 144.089672][ T6824] netlink: 334 bytes leftover after parsing attributes in process `syz.1.331'.
[ 144.438893][ T6838] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 145.321739][ T6854] FAULT_INJECTION: forcing a failure.
[ 145.321739][ T6854] name failslab, interval 1, probability 0, space 0, times 0
[ 145.335554][ T6854] CPU: 1 UID: 0 PID: 6854 Comm: syz.1.342 Tainted: G L syzkaller #0 PREEMPT(full)
[ 145.335610][ T6854] Tainted: [L]=SOFTLOCKUP
[ 145.335622][ T6854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 145.335643][ T6854] Call Trace:
[ 145.335654][ T6854]
[ 145.335667][ T6854] dump_stack_lvl+0x100/0x190
[ 145.335726][ T6854] should_fail_ex.cold+0x5/0xa
[ 145.335765][ T6854] should_failslab+0xc2/0x120
[ 145.335801][ T6854] __kvmalloc_node_noprof+0xfa/0xa00
[ 145.335854][ T6854] ? v4l2_ctrl_new+0x4a6/0x23a0
[ 145.335932][ T6854] v4l2_ctrl_new+0x4a6/0x23a0
[ 145.336017][ T6854] ? __pfx_v4l2_ctrl_new+0x10/0x10
[ 145.336078][ T6854] ? __pfx_v4l2_ctrl_new+0x10/0x10
[ 145.336149][ T6854] v4l2_ctrl_new_std+0x1bb/0x290
[ 145.336217][ T6854] ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[ 145.336269][ T6854] ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[ 145.336328][ T6854] ? trace_kmalloc+0x101/0x130
[ 145.336368][ T6854] ? v4l2_ctrl_handler_init_class+0x201/0x350
[ 145.336420][ T6854] ? lockdep_init_map_type+0x30/0x250
[ 145.336481][ T6854] ? media_request_object_init+0x105/0x180
[ 145.336534][ T6854] vim2m_open+0x164/0x830
[ 145.336583][ T6854] v4l2_open+0x1d2/0x490
[ 145.336634][ T6854] ? __pfx_v4l2_open+0x10/0x10
[ 145.336684][ T6854] chrdev_open+0x234/0x6a0
[ 145.336716][ T6854] ? __pfx_apparmor_file_open+0x10/0x10
[ 145.336770][ T6854] ? __pfx_chrdev_open+0x10/0x10
[ 145.336806][ T6854] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 145.336849][ T6854] do_dentry_open+0x6d8/0x1660
[ 145.336880][ T6854] ? __pfx_chrdev_open+0x10/0x10
[ 145.336924][ T6854] vfs_open+0x82/0x3f0
[ 145.336970][ T6854] path_openat+0x208c/0x31a0
[ 145.337018][ T6854] ? __pfx_path_openat+0x10/0x10
[ 145.337074][ T6854] do_file_open+0x20e/0x430
[ 145.337112][ T6854] ? __pfx_do_file_open+0x10/0x10
[ 145.337178][ T6854] ? alloc_fd+0x476/0x790
[ 145.337214][ T6854] ? do_getname+0x191/0x390
[ 145.337277][ T6854] do_sys_openat2+0x10d/0x1e0
[ 145.337321][ T6854] ? __pfx_do_sys_openat2+0x10/0x10
[ 145.337370][ T6854] ? __fget_files+0x21f/0x3d0
[ 145.337411][ T6854] __x64_sys_openat+0x12d/0x210
[ 145.337457][ T6854] ? __pfx___x64_sys_openat+0x10/0x10
[ 145.337531][ T6854] do_syscall_64+0x106/0xf80
[ 145.337577][ T6854] ? clear_bhb_loop+0x40/0x90
[ 145.337616][ T6854] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 145.337649][ T6854] RIP: 0033:0x7f9d2af9c799
[ 145.337677][ T6854] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 145.337707][ T6854] RSP: 002b:00007f9d2bdfd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 145.337739][ T6854] RAX: ffffffffffffffda RBX: 00007f9d2b215fa0 RCX: 00007f9d2af9c799
[ 145.337760][ T6854] RDX: 000000000002aa01 RSI: 0000200000000180 RDI: ffffffffffffff9c
[ 145.337781][ T6854] RBP: 00007f9d2b032c99 R08: 0000000000000000 R09: 0000000000000000
[ 145.337800][ T6854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 145.337818][ T6854] R13: 00007f9d2b216038 R14: 00007f9d2b215fa0 R15: 00007ffcb6056d18
[ 145.337861][ T6854]
[ 145.817016][ T6864] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 146.615861][ T6881] process 'syz.2.352' launched '/dev/fd/3' with NULL argv: empty string added
[ 147.021201][ T6899] netlink: 4 bytes leftover after parsing attributes in process `syz.2.359'.
[ 147.654949][ T6914] netlink: 326 bytes leftover after parsing attributes in process `syz.3.363'.
[ 148.085542][ T6927] netlink: 25 bytes leftover after parsing attributes in process `syz.1.369'.
[ 148.564514][ T6935] netlink: 334 bytes leftover after parsing attributes in process `syz.1.371'.
[ 148.798605][ T6941] netlink: 342 bytes leftover after parsing attributes in process `syz.1.373'.
[ 150.379822][ T6979] FAULT_INJECTION: forcing a failure.
[ 150.379822][ T6979] name failslab, interval 1, probability 0, space 0, times 0
[ 150.427497][ T6979] CPU: 0 UID: 0 PID: 6979 Comm: syz.1.382 Tainted: G L syzkaller #0 PREEMPT(full)
[ 150.427549][ T6979] Tainted: [L]=SOFTLOCKUP
[ 150.427560][ T6979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 150.427580][ T6979] Call Trace:
[ 150.427591][ T6979]
[ 150.427604][ T6979] dump_stack_lvl+0x100/0x190
[ 150.427660][ T6979] should_fail_ex.cold+0x5/0xa
[ 150.427698][ T6979] should_failslab+0xc2/0x120
[ 150.427734][ T6979] __kmalloc_cache_noprof+0x7a/0x6f0
[ 150.427778][ T6979] ? snd_virmidi_output_open+0xc4/0x670
[ 150.427824][ T6979] snd_virmidi_output_open+0xc4/0x670
[ 150.427862][ T6979] open_substream+0x480/0x9e0
[ 150.427904][ T6979] rawmidi_open_priv+0x595/0x6f0
[ 150.427955][ T6979] snd_rawmidi_open+0x4c9/0xba0
[ 150.428008][ T6979] ? __pfx_snd_rawmidi_open+0x10/0x10
[ 150.428051][ T6979] ? __pfx_default_wake_function+0x10/0x10
[ 150.428093][ T6979] ? soundcore_open+0x231/0x5a0
[ 150.428123][ T6979] ? soundcore_open+0x231/0x5a0
[ 150.428157][ T6979] ? __pfx_snd_rawmidi_open+0x10/0x10
[ 150.428201][ T6979] soundcore_open+0x2e3/0x5a0
[ 150.428236][ T6979] ? __pfx_soundcore_open+0x10/0x10
[ 150.428268][ T6979] chrdev_open+0x234/0x6a0
[ 150.428303][ T6979] ? __pfx_chrdev_open+0x10/0x10
[ 150.428338][ T6979] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 150.428382][ T6979] do_dentry_open+0x6d8/0x1660
[ 150.428413][ T6979] ? __pfx_chrdev_open+0x10/0x10
[ 150.428455][ T6979] vfs_open+0x82/0x3f0
[ 150.428501][ T6979] path_openat+0x208c/0x31a0
[ 150.428547][ T6979] ? __pfx_path_openat+0x10/0x10
[ 150.428597][ T6979] do_file_open+0x20e/0x430
[ 150.428635][ T6979] ? __pfx_do_file_open+0x10/0x10
[ 150.428697][ T6979] ? alloc_fd+0x476/0x790
[ 150.428734][ T6979] ? do_getname+0x191/0x390
[ 150.428779][ T6979] do_sys_openat2+0x10d/0x1e0
[ 150.428822][ T6979] ? __pfx_do_sys_openat2+0x10/0x10
[ 150.428870][ T6979] ? __fget_files+0x21f/0x3d0
[ 150.428909][ T6979] __x64_sys_openat+0x12d/0x210
[ 150.428954][ T6979] ? __pfx___x64_sys_openat+0x10/0x10
[ 150.429015][ T6979] do_syscall_64+0x106/0xf80
[ 150.429061][ T6979] ? clear_bhb_loop+0x40/0x90
[ 150.429113][ T6979] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 150.429147][ T6979] RIP: 0033:0x7f9d2af9c799
[ 150.429175][ T6979] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 150.429207][ T6979] RSP: 002b:00007f9d2bdfd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 150.429238][ T6979] RAX: ffffffffffffffda RBX: 00007f9d2b215fa0 RCX: 00007f9d2af9c799
[ 150.429261][ T6979] RDX: 0000000000060c01 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 150.429282][ T6979] RBP: 00007f9d2b032c99 R08: 0000000000000000 R09: 0000000000000000
[ 150.429302][ T6979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 150.429321][ T6979] R13: 00007f9d2b216038 R14: 00007f9d2b215fa0 R15: 00007ffcb6056d18
[ 150.429364][ T6979]
[ 151.835842][ T7025] ptrace attach of "./syz-executor exec"[5823] was attempted by ""[7025]
[ 152.572340][ T7047] netlink: 334 bytes leftover after parsing attributes in process `syz.0.402'.
[ 152.798767][ T7048] netlink: 146 bytes leftover after parsing attributes in process `syz.2.403'.
[ 152.901022][ T7055] netlink: 'syz.0.406': attribute type 29 has an invalid length.
[ 152.932281][ T7055] netlink: 334 bytes leftover after parsing attributes in process `syz.0.406'.
[ 154.830849][ T7107] netlink: 330 bytes leftover after parsing attributes in process `syz.0.424'.
[ 156.348704][ T7147] netlink: 'syz.2.440': attribute type 14 has an invalid length.
[ 156.387997][ T7147] netlink: 330 bytes leftover after parsing attributes in process `syz.2.440'.
[ 157.811335][ T7190] FAULT_INJECTION: forcing a failure.
[ 157.811335][ T7190] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 157.825702][ T7190] CPU: 0 UID: 0 PID: 7190 Comm: syz.2.456 Tainted: G L syzkaller #0 PREEMPT(full)
[ 157.825750][ T7190] Tainted: [L]=SOFTLOCKUP
[ 157.825761][ T7190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 157.825779][ T7190] Call Trace:
[ 157.825788][ T7190]
[ 157.825800][ T7190] dump_stack_lvl+0x100/0x190
[ 157.825852][ T7190] should_fail_ex.cold+0x5/0xa
[ 157.825882][ T7190] ? prepare_alloc_pages+0x16d/0x5f0
[ 157.825919][ T7190] should_fail_alloc_page+0xeb/0x140
[ 157.825954][ T7190] prepare_alloc_pages+0x1f0/0x5f0
[ 157.825992][ T7190] __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 157.826044][ T7190] ? __lock_acquire+0x4a5/0x2630
[ 157.826092][ T7190] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 157.826138][ T7190] ? do_raw_spin_lock+0x128/0x260
[ 157.826180][ T7190] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 157.826222][ T7190] ? find_held_lock+0x2b/0x80
[ 157.826258][ T7190] ? __lock_acquire+0x4a5/0x2630
[ 157.826293][ T7190] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 157.826342][ T7190] ? policy_nodemask+0xed/0x4f0
[ 157.826375][ T7190] alloc_pages_mpol+0x1fb/0x550
[ 157.826405][ T7190] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 157.826443][ T7190] ? __folio_batch_add_and_move+0x5e5/0xc60
[ 157.826489][ T7190] ? __folio_batch_add_and_move+0x5e5/0xc60
[ 157.826540][ T7190] folio_alloc_mpol_noprof+0x36/0x340
[ 157.826578][ T7190] shmem_alloc_folio+0x135/0x160
[ 157.826616][ T7190] shmem_alloc_and_add_folio+0x371/0xd40
[ 157.826668][ T7190] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 157.826714][ T7190] ? shmem_allowable_huge_orders+0x2bd/0x400
[ 157.826756][ T7190] ? __lock_acquire+0x400/0x2630
[ 157.826798][ T7190] shmem_get_folio_gfp+0x6ab/0x1900
[ 157.826849][ T7190] ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 157.826894][ T7190] ? __pfx___might_resched+0x10/0x10
[ 157.826936][ T7190] ? noop_dirty_folio+0xfd/0x160
[ 157.826969][ T7190] shmem_fallocate+0x6d7/0x1060
[ 157.827027][ T7190] ? __pfx_shmem_fallocate+0x10/0x10
[ 157.827069][ T7190] ? aa_file_perm+0x7f3/0x14d0
[ 157.827117][ T7190] ? __lock_acquire+0x4a5/0x2630
[ 157.827179][ T7190] ? __pfx_shmem_fallocate+0x10/0x10
[ 157.827223][ T7190] vfs_fallocate+0x576/0x10d0
[ 157.827255][ T7190] ? __pfx_vfs_fallocate+0x10/0x10
[ 157.827293][ T7190] __x64_sys_fallocate+0xd5/0x140
[ 157.827326][ T7190] do_syscall_64+0x106/0xf80
[ 157.827366][ T7190] ? clear_bhb_loop+0x40/0x90
[ 157.827401][ T7190] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 157.827438][ T7190] RIP: 0033:0x7fbc48d9c799
[ 157.827462][ T7190] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 157.827490][ T7190] RSP: 002b:00007fbc49ca5028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 157.827517][ T7190] RAX: ffffffffffffffda RBX: 00007fbc49015fa0 RCX: 00007fbc48d9c799
[ 157.827536][ T7190] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005
[ 157.827553][ T7190] RBP: 00007fbc48e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 157.827571][ T7190] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000
[ 157.827588][ T7190] R13: 00007fbc49016038 R14: 00007fbc49015fa0 R15: 00007ffffd6e02f8
[ 157.827627][ T7190]
[ 158.875323][ T7204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00
[ 158.898397][ T7204] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 158.906988][ T7204] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 158.947919][ T7204] page_type: f5(slab)
[ 158.951992][ T7204] raw: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122
[ 158.995256][ T7204] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000
[ 159.029073][ T7204] head: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122
[ 159.047964][ T7204] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000
[ 159.067957][ T7204] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff
[ 159.076978][ T7204] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 159.138697][ T7204] page dumped because: unmovable page
[ 159.144163][ T7204] page_owner tracks the page as allocated
[ 159.168234][ T7204] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5190, tgid 5190 (S02sysctl), ts 33730252547, free_ts 30865875762
[ 159.217924][ T7204] post_alloc_hook+0x153/0x170
[ 159.222812][ T7204] get_page_from_freelist+0x111d/0x3140
[ 159.237944][ T7204] __alloc_frozen_pages_noprof+0x27c/0x2ba0
[ 159.243955][ T7204] new_slab+0xa6/0x6b0
[ 159.277907][ T7204] refill_objects+0x26b/0x400
[ 159.282715][ T7204] __pcs_replace_empty_main+0x1ab/0x660
[ 159.298904][ T7204] __kmalloc_cache_noprof+0x493/0x6f0
[ 159.306444][ T7204] tomoyo_init_log+0x1a0/0x20c0
[ 159.327855][ T7204] tomoyo_supervisor+0x506/0x1340
[ 159.333003][ T7204] tomoyo_env_perm+0x191/0x200
[ 159.348575][ T7204] tomoyo_find_next_domain+0x13d7/0x2010
[ 159.354324][ T7204] tomoyo_bprm_check_security+0x12d/0x1d0
[ 159.377855][ T7204] security_bprm_check+0x87/0x1e0
[ 159.383008][ T7204] bprm_execve+0x84b/0x1680
[ 159.387589][ T7204] do_execveat_common.isra.0+0x4a5/0x580
[ 159.427901][ T7204] __x64_sys_execve+0x93/0xd0
[ 159.432700][ T7204] page last free pid 1 tgid 1 stack trace:
[ 159.464885][ T7204] __free_frozen_pages+0x7e1/0x10d0
[ 159.470266][ T7204] free_contig_range+0xde/0x1d0
[ 159.475195][ T7204] destroy_args+0xa8/0x7a0
[ 159.503258][ T7204] debug_vm_pgtable+0x1b66/0x34c0
[ 159.510310][ T7204] do_one_initcall+0x11d/0x760
[ 159.515158][ T7204] kernel_init_freeable+0x6e5/0x7a0
[ 159.528169][ T7204] kernel_init+0x1f/0x1e0
[ 159.532588][ T7204] ret_from_fork+0x754/0xd80
[ 159.537245][ T7204] ret_from_fork_asm+0x1a/0x30
[ 159.784354][ T7212] netlink: 342 bytes leftover after parsing attributes in process `syz.2.462'.
[ 160.063271][ T7218] netlink: 16 bytes leftover after parsing attributes in process `syz.0.467'.
[ 162.478884][ T7282] binder: 7281:7282 ioctl c0306201 2000000000c0 returned -14
[ 164.428019][ T7307] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 164.435255][ T7307] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 164.453540][ T7307] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 164.484845][ T7307] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 164.495867][ T7307] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 164.588797][ T7307] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 164.630428][ T7307] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 164.670381][ T7307] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 164.685705][ T7307] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 164.766044][ T7307] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 164.796800][ T7307] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 164.817081][ T7307] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 165.091026][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 165.827959][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[ 166.548059][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout
[ 166.698006][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[ 166.779259][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[ 167.494458][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[ 167.559623][ T7370] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 167.580972][ T7370] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 167.601320][ T7370] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 167.608677][ T7370] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 168.227184][ T7397] FAULT_INJECTION: forcing a failure.
[ 168.227184][ T7397] name failslab, interval 1, probability 0, space 0, times 0
[ 168.264296][ T7397] CPU: 1 UID: 0 PID: 7397 Comm: syz.1.528 Tainted: G L syzkaller #0 PREEMPT(full)
[ 168.264343][ T7397] Tainted: [L]=SOFTLOCKUP
[ 168.264353][ T7397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 168.264371][ T7397] Call Trace:
[ 168.264381][ T7397]
[ 168.264392][ T7397] dump_stack_lvl+0x100/0x190
[ 168.264445][ T7397] should_fail_ex.cold+0x5/0xa
[ 168.264479][ T7397] should_failslab+0xc2/0x120
[ 168.264510][ T7397] __kvmalloc_node_noprof+0xfa/0xa00
[ 168.264563][ T7397] ? v4l2_ctrl_new+0x4a6/0x23a0
[ 168.264608][ T7397] ? register_lock_class+0x40/0x560
[ 168.264658][ T7397] v4l2_ctrl_new+0x4a6/0x23a0
[ 168.264722][ T7397] ? __pfx_v4l2_ctrl_new+0x10/0x10
[ 168.264770][ T7397] ? lock_acquire+0x1cf/0x380
[ 168.264814][ T7397] ? rcu_is_watching+0x12/0xc0
[ 168.264865][ T7397] v4l2_ctrl_new_std+0x1bb/0x290
[ 168.264936][ T7397] ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[ 168.264997][ T7397] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 168.265050][ T7397] ? __asan_memset+0x23/0x50
[ 168.265100][ T7397] ? __asan_memcpy+0x3c/0x60
[ 168.265141][ T7397] ? find_ref+0x209/0x420
[ 168.265190][ T7397] handler_new_ref+0x82f/0xc60
[ 168.265248][ T7397] v4l2_ctrl_new+0xe67/0x23a0
[ 168.265311][ T7397] ? __pfx_v4l2_ctrl_new+0x10/0x10
[ 168.265412][ T7397] v4l2_ctrl_new_std+0x1bb/0x290
[ 168.265476][ T7397] ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[ 168.265541][ T7397] ? trace_kmalloc+0x101/0x130
[ 168.265576][ T7397] ? __kasan_kmalloc+0xaa/0xb0
[ 168.265629][ T7397] ? v4l2_ctrl_handler_init_class+0x201/0x350
[ 168.265680][ T7397] ? lockdep_init_map_type+0x30/0x250
[ 168.265727][ T7397] ? media_request_object_init+0x105/0x180
[ 168.265781][ T7397] vim2m_open+0x140/0x830
[ 168.265832][ T7397] v4l2_open+0x1d2/0x490
[ 168.265884][ T7397] ? __pfx_v4l2_open+0x10/0x10
[ 168.265943][ T7397] chrdev_open+0x234/0x6a0
[ 168.265976][ T7397] ? __pfx_apparmor_file_open+0x10/0x10
[ 168.266032][ T7397] ? __pfx_chrdev_open+0x10/0x10
[ 168.266069][ T7397] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 168.266114][ T7397] do_dentry_open+0x6d8/0x1660
[ 168.266146][ T7397] ? __pfx_chrdev_open+0x10/0x10
[ 168.266191][ T7397] vfs_open+0x82/0x3f0
[ 168.266237][ T7397] path_openat+0x208c/0x31a0
[ 168.266285][ T7397] ? __pfx_path_openat+0x10/0x10
[ 168.266335][ T7397] do_file_open+0x20e/0x430
[ 168.266373][ T7397] ? __pfx_do_file_open+0x10/0x10
[ 168.266437][ T7397] ? alloc_fd+0x476/0x790
[ 168.266481][ T7397] ? do_getname+0x191/0x390
[ 168.266528][ T7397] do_sys_openat2+0x10d/0x1e0
[ 168.266572][ T7397] ? __pfx_do_sys_openat2+0x10/0x10
[ 168.266644][ T7397] __x64_sys_openat+0x12d/0x210
[ 168.266687][ T7397] ? __pfx___x64_sys_openat+0x10/0x10
[ 168.266744][ T7397] do_syscall_64+0x106/0xf80
[ 168.266786][ T7397] ? clear_bhb_loop+0x40/0x90
[ 168.266823][ T7397] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 168.266855][ T7397] RIP: 0033:0x7f9d2af9c799
[ 168.266880][ T7397] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 168.266916][ T7397] RSP: 002b:00007f9d2bdfd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 168.266947][ T7397] RAX: ffffffffffffffda RBX: 00007f9d2b215fa0 RCX: 00007f9d2af9c799
[ 168.266967][ T7397] RDX: 000000000002aa01 RSI: 0000200000000180 RDI: ffffffffffffff9c
[ 168.266987][ T7397] RBP: 00007f9d2b032c99 R08: 0000000000000000 R09: 0000000000000000
[ 168.267005][ T7397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 168.267024][ T7397] R13: 00007f9d2b216038 R14: 00007f9d2b215fa0 R15: 00007ffcb6056d18
[ 168.267065][ T7397]
[ 168.959489][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[ 169.578324][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout
[ 169.658337][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[ 169.658363][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout
[ 169.798216][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 169.823531][ T7409] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 169.839997][ T7409] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 169.847458][ T7409] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 169.869358][ T7409] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 170.518662][ T7448] vcan0: tx drop: invalid da for name 0x000000000000003f
[ 170.868153][ T7463] netlink: 342 bytes leftover after parsing attributes in process `syz.0.566'.
[ 171.136954][ T7473] FAULT_INJECTION: forcing a failure.
[ 171.136954][ T7473] name failslab, interval 1, probability 0, space 0, times 0
[ 171.178629][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[ 171.194811][ T7473] CPU: 1 UID: 0 PID: 7473 Comm: syz.3.562 Tainted: G L syzkaller #0 PREEMPT(full)
[ 171.194862][ T7473] Tainted: [L]=SOFTLOCKUP
[ 171.194873][ T7473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 171.194894][ T7473] Call Trace:
[ 171.194905][ T7473]
[ 171.194916][ T7473] dump_stack_lvl+0x100/0x190
[ 171.194972][ T7473] should_fail_ex.cold+0x5/0xa
[ 171.195009][ T7473] should_failslab+0xc2/0x120
[ 171.195045][ T7473] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 171.195097][ T7473] ? security_inode_alloc+0x3b/0x2c0
[ 171.195129][ T7473] ? lockdep_init_map_type+0x5c/0x250
[ 171.195183][ T7473] security_inode_alloc+0x3b/0x2c0
[ 171.195217][ T7473] inode_init_always_gfp+0xced/0x1040
[ 171.195257][ T7473] alloc_inode+0x8e/0x250
[ 171.195299][ T7473] path_from_stashed+0x25b/0x750
[ 171.195342][ T7473] ns_get_path+0x60/0x80
[ 171.195377][ T7473] proc_ns_get_link+0x121/0x230
[ 171.195424][ T7473] ? __pfx_proc_ns_get_link+0x10/0x10
[ 171.195474][ T7473] ? atime_needs_update+0x8b/0x6b0
[ 171.195524][ T7473] pick_link+0xd17/0x13c0
[ 171.195571][ T7473] ? __pfx_proc_ns_get_link+0x10/0x10
[ 171.195620][ T7473] step_into_slowpath+0x9ba/0xf90
[ 171.195676][ T7473] ? __pfx_step_into_slowpath+0x10/0x10
[ 171.195733][ T7473] ? find_held_lock+0x2b/0x80
[ 171.195779][ T7473] path_openat+0xf95/0x31a0
[ 171.195827][ T7473] ? __pfx_path_openat+0x10/0x10
[ 171.195875][ T7473] do_file_open+0x20e/0x430
[ 171.195913][ T7473] ? __pfx_do_file_open+0x10/0x10
[ 171.195986][ T7473] ? alloc_fd+0x476/0x790
[ 171.196021][ T7473] ? do_getname+0x191/0x390
[ 171.196064][ T7473] do_sys_openat2+0x10d/0x1e0
[ 171.196107][ T7473] ? __pfx_do_sys_openat2+0x10/0x10
[ 171.196153][ T7473] ? __fget_files+0x21f/0x3d0
[ 171.196191][ T7473] __x64_sys_openat+0x12d/0x210
[ 171.196235][ T7473] ? __pfx___x64_sys_openat+0x10/0x10
[ 171.196292][ T7473] do_syscall_64+0x106/0xf80
[ 171.196338][ T7473] ? clear_bhb_loop+0x40/0x90
[ 171.196378][ T7473] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 171.196411][ T7473] RIP: 0033:0x7f988df5cfce
[ 171.196439][ T7473] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 171.196470][ T7473] RSP: 002b:00007f988edbaec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 171.196501][ T7473] RAX: ffffffffffffffda RBX: 00007f988edbb6c0 RCX: 00007f988df5cfce
[ 171.196520][ T7473] RDX: 0000000000000002 RSI: 00007f988edbaf90 RDI: ffffffffffffff9c
[ 171.196540][ T7473] RBP: 00007f988e032c99 R08: 0000000000000000 R09: 0000000000000000
[ 171.196558][ T7473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 171.196576][ T7473] R13: 00007f988e216038 R14: 00007f988e215fa0 R15: 00007ffe6ca3bf68
[ 171.196617][ T7473]
[ 171.255557][ T7475] FAULT_INJECTION: forcing a failure.
[ 171.255557][ T7475] name failslab, interval 1, probability 0, space 0, times 0
[ 171.535795][ T7475] CPU: 0 UID: 0 PID: 7475 Comm: syz.0.563 Tainted: G L syzkaller #0 PREEMPT(full)
[ 171.535846][ T7475] Tainted: [L]=SOFTLOCKUP
[ 171.535857][ T7475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 171.535875][ T7475] Call Trace:
[ 171.535885][ T7475]
[ 171.535896][ T7475] dump_stack_lvl+0x100/0x190
[ 171.535951][ T7475] should_fail_ex.cold+0x5/0xa
[ 171.535986][ T7475] ? argv_split+0x173/0x420
[ 171.536022][ T7475] should_failslab+0xc2/0x120
[ 171.536053][ T7475] __kmalloc_noprof+0xe0/0x850
[ 171.536111][ T7475] ? __asan_memcpy+0x3c/0x60
[ 171.536161][ T7475] argv_split+0x173/0x420
[ 171.536201][ T7475] ? __pfx___trace_eprobe_create+0x10/0x10
[ 171.536243][ T7475] trace_probe_create+0x7d/0x100
[ 171.536290][ T7475] ? __pfx_trace_probe_create+0x10/0x10
[ 171.536346][ T7475] create_dyn_event+0xee/0x1d0
[ 171.536386][ T7475] trace_parse_run_command+0x1ab/0x3b0
[ 171.536436][ T7475] ? __pfx_create_dyn_event+0x10/0x10
[ 171.536482][ T7475] vfs_write+0x2aa/0x1070
[ 171.536511][ T7475] ? __pfx_dyn_event_write+0x10/0x10
[ 171.536552][ T7475] ? __pfx_vfs_write+0x10/0x10
[ 171.536602][ T7475] ? __fget_files+0x215/0x3d0
[ 171.536640][ T7475] ? __fget_files+0x21f/0x3d0
[ 171.536680][ T7475] ksys_write+0x12a/0x250
[ 171.536709][ T7475] ? __pfx_ksys_write+0x10/0x10
[ 171.536749][ T7475] do_syscall_64+0x106/0xf80
[ 171.536791][ T7475] ? clear_bhb_loop+0x40/0x90
[ 171.536827][ T7475] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 171.536859][ T7475] RIP: 0033:0x7f0693f9c799
[ 171.536885][ T7475] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 171.536915][ T7475] RSP: 002b:00007f0694e15028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 171.536941][ T7475] RAX: ffffffffffffffda RBX: 00007f0694215fa0 RCX: 00007f0693f9c799
[ 171.536962][ T7475] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000005
[ 171.536980][ T7475] RBP: 00007f0694032c99 R08: 0000000000000000 R09: 0000000000000000
[ 171.536999][ T7475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 171.537016][ T7475] R13: 00007f0694216038 R14: 00007f0694215fa0 R15: 00007fff912dc668
[ 171.537057][ T7475]
[ 171.905181][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[ 171.911520][ T5826] Bluetooth: hci3: command 0x0c1a tx timeout
[ 171.924252][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout
[ 173.624716][ T7526] netlink: 'syz.0.585': attribute type 28 has an invalid length.
[ 173.657948][ T7526] netlink: 334 bytes leftover after parsing attributes in process `syz.0.585'.
[ 173.963307][ T7532] zswap: compressor not available
[ 174.143013][ T7545] netlink: 'syz.0.600': attribute type 19 has an invalid length.
[ 174.166793][ T7545] netlink: 334 bytes leftover after parsing attributes in process `syz.0.600'.
[ 175.316136][ T7561] random: crng reseeded on system resumption
[ 175.868210][ T7581] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 176.217237][ T7592] phram: not enough arguments
[ 177.059959][ T7604] netlink: 198 bytes leftover after parsing attributes in process `syz.0.613'.
[ 179.566244][ T7645] zswap: compressor not available
[ 179.980472][ T7658] netlink: 334 bytes leftover after parsing attributes in process `syz.3.631'.
[ 183.081831][ T7725] netlink: 334 bytes leftover after parsing attributes in process `syz.3.653'.
[ 183.277246][ T7730] sg_write: data in/out 81/90 bytes for SCSI command 0x0-- guessing data in;
[ 183.277246][ T7730] program syz.1.656 not setting count and/or reply_len properly
[ 187.782129][ T7815] netlink: 74 bytes leftover after parsing attributes in process `syz.1.684'.
[ 188.230999][ T7822] FAULT_INJECTION: forcing a failure.
[ 188.230999][ T7822] name failslab, interval 1, probability 0, space 0, times 0
[ 188.272902][ T7822] CPU: 1 UID: 0 PID: 7822 Comm: syz.3.687 Tainted: G L syzkaller #0 PREEMPT(full)
[ 188.272955][ T7822] Tainted: [L]=SOFTLOCKUP
[ 188.272967][ T7822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 188.272986][ T7822] Call Trace:
[ 188.272996][ T7822]
[ 188.273008][ T7822] dump_stack_lvl+0x100/0x190
[ 188.273090][ T7822] should_fail_ex.cold+0x5/0xa
[ 188.273130][ T7822] should_failslab+0xc2/0x120
[ 188.273167][ T7822] __kmalloc_node_noprof+0xe6/0x850
[ 188.273220][ T7822] ? user_buffer_init+0x2a1/0x6d0
[ 188.273280][ T7822] user_buffer_init+0x2a1/0x6d0
[ 188.273336][ T7822] tracing_mark_open+0x1b7/0x240
[ 188.273392][ T7822] do_dentry_open+0x6d8/0x1660
[ 188.273424][ T7822] ? __pfx_tracing_mark_open+0x10/0x10
[ 188.273489][ T7822] vfs_open+0x82/0x3f0
[ 188.273535][ T7822] path_openat+0x208c/0x31a0
[ 188.273586][ T7822] ? __pfx_path_openat+0x10/0x10
[ 188.273638][ T7822] do_file_open+0x20e/0x430
[ 188.273676][ T7822] ? __pfx_do_file_open+0x10/0x10
[ 188.273743][ T7822] ? alloc_fd+0x476/0x790
[ 188.273781][ T7822] ? do_getname+0x191/0x390
[ 188.273828][ T7822] do_sys_openat2+0x10d/0x1e0
[ 188.273872][ T7822] ? __pfx_do_sys_openat2+0x10/0x10
[ 188.273933][ T7822] __x64_sys_openat+0x12d/0x210
[ 188.273980][ T7822] ? __pfx___x64_sys_openat+0x10/0x10
[ 188.274054][ T7822] do_syscall_64+0x106/0xf80
[ 188.274102][ T7822] ? clear_bhb_loop+0x40/0x90
[ 188.274145][ T7822] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 188.274179][ T7822] RIP: 0033:0x7f988df9c799
[ 188.274207][ T7822] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 188.274239][ T7822] RSP: 002b:00007f988edbb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 188.274271][ T7822] RAX: ffffffffffffffda RBX: 00007f988e215fa0 RCX: 00007f988df9c799
[ 188.274293][ T7822] RDX: 0000000000000043 RSI: 0000200000000280 RDI: ffffffffffffff9c
[ 188.274313][ T7822] RBP: 00007f988e032c99 R08: 0000000000000000 R09: 0000000000000000
[ 188.274331][ T7822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 188.274350][ T7822] R13: 00007f988e216038 R14: 00007f988e215fa0 R15: 00007ffe6ca3bf68
[ 188.274394][ T7822]
[ 189.039127][ T7836] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 189.428573][ T7851] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 190.575205][ T7884] =======================================================
[ 190.575205][ T7884] WARNING: The mand mount option has been deprecated and
[ 190.575205][ T7884] and is ignored by this kernel. Remove the mand
[ 190.575205][ T7884] option from the mount to silence this warning.
[ 190.575205][ T7884] =======================================================
[ 192.303873][ T7910] zswap: compressor not available
[ 194.302795][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 194.316731][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 195.644471][ T7984] netlink: 'syz.1.746': attribute type 64 has an invalid length.
[ 195.653175][ T7984] netlink: 74 bytes leftover after parsing attributes in process `syz.1.746'.
[ 196.044625][ T8001] FAULT_INJECTION: forcing a failure.
[ 196.044625][ T8001] name failslab, interval 1, probability 0, space 0, times 0
[ 196.059638][ T8000] netlink: 302 bytes leftover after parsing attributes in process `syz.1.751'.
[ 196.091856][ T8001] CPU: 1 UID: 0 PID: 8001 Comm: syz.2.750 Tainted: G L syzkaller #0 PREEMPT(full)
[ 196.091909][ T8001] Tainted: [L]=SOFTLOCKUP
[ 196.091922][ T8001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 196.091942][ T8001] Call Trace:
[ 196.091952][ T8001]
[ 196.091965][ T8001] dump_stack_lvl+0x100/0x190
[ 196.092022][ T8001] should_fail_ex.cold+0x5/0xa
[ 196.092062][ T8001] should_failslab+0xc2/0x120
[ 196.092099][ T8001] __kmalloc_cache_noprof+0x7a/0x6f0
[ 196.092144][ T8001] ? __kthread_create_on_node+0xce/0x3f0
[ 196.092183][ T8001] ? lockdep_init_map_type+0x5c/0x250
[ 196.092236][ T8001] ? __pfx_tomoyo_gc_thread+0x10/0x10
[ 196.092274][ T8001] __kthread_create_on_node+0xce/0x3f0
[ 196.092317][ T8001] ? __pfx___kthread_create_on_node+0x10/0x10
[ 196.092378][ T8001] ? __pfx_tomoyo_gc_thread+0x10/0x10
[ 196.092417][ T8001] kthread_create_on_node+0xc7/0x100
[ 196.092457][ T8001] ? __pfx_kthread_create_on_node+0x10/0x10
[ 196.092500][ T8001] ? lockdep_hardirqs_on+0x78/0x100
[ 196.092558][ T8001] ? find_held_lock+0x2b/0x80
[ 196.092589][ T8001] ? tomoyo_notify_gc+0xc6/0x480
[ 196.092636][ T8001] tomoyo_notify_gc+0x102/0x480
[ 196.092671][ T8001] ? ima_iint_find+0xe9/0x130
[ 196.092722][ T8001] ? __pfx_tomoyo_release+0x10/0x10
[ 196.092768][ T8001] tomoyo_release+0x31/0x40
[ 196.092811][ T8001] __fput+0x3ff/0xb40
[ 196.092862][ T8001] task_work_run+0x150/0x240
[ 196.092913][ T8001] ? __pfx_task_work_run+0x10/0x10
[ 196.092975][ T8001] exit_to_user_mode_loop+0x100/0x4a0
[ 196.093025][ T8001] do_syscall_64+0x668/0xf80
[ 196.093072][ T8001] ? clear_bhb_loop+0x40/0x90
[ 196.093114][ T8001] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 196.093149][ T8001] RIP: 0033:0x7fbc48d9c799
[ 196.093177][ T8001] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 196.093208][ T8001] RSP: 002b:00007fbc49ca5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 196.093239][ T8001] RAX: 0000000000000000 RBX: 00007fbc49015fa0 RCX: 00007fbc48d9c799
[ 196.093261][ T8001] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 196.093280][ T8001] RBP: 00007fbc48e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 196.093300][ T8001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 196.093319][ T8001] R13: 00007fbc49016038 R14: 00007fbc49015fa0 R15: 00007ffffd6e02f8
[ 196.093363][ T8001]
[ 196.405920][ T8007] netlink: 334 bytes leftover after parsing attributes in process `syz.1.754'.
[ 196.596841][ T8007] netlink: 334 bytes leftover after parsing attributes in process `syz.1.754'.
[ 196.880281][ T8019] device-mapper: ioctl: name not supplied when creating device
[ 197.118272][ T8027] netlink: 21 bytes leftover after parsing attributes in process `syz.0.762'.
[ 197.324198][ T8036] mkiss: ax0: crc mode is auto.
[ 197.909417][ T8053] netlink: 342 bytes leftover after parsing attributes in process `syz.3.771'.
[ 197.932212][ T8053] IPv6: NLM_F_CREATE should be specified when creating new route
[ 197.958279][ T8053] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 197.965968][ T8053] IPv6: NLM_F_CREATE should be set when creating new route
[ 197.973316][ T8053] IPv6: NLM_F_CREATE should be set when creating new route
[ 197.996315][ T8057] netlink: 342 bytes leftover after parsing attributes in process `syz.3.771'.
[ 198.013868][ T8057] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 198.666304][ T8079] netlink: 330 bytes leftover after parsing attributes in process `syz.2.778'.
[ 200.298527][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 200.568874][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[ 201.086257][ T8123] UHID_CREATE from different security context by process 520 (syz.1.794), this is not allowed.
[ 202.033156][ T8145] syz.1.801 (8145): /proc/8144/oom_adj is deprecated, please use /proc/8144/oom_score_adj instead.
[ 203.624819][ T8177] FAULT_INJECTION: forcing a failure.
[ 203.624819][ T8177] name failslab, interval 1, probability 0, space 0, times 0
[ 203.638819][ T8177] CPU: 1 UID: 0 PID: 8177 Comm: syz.0.814 Tainted: G L syzkaller #0 PREEMPT(full)
[ 203.638866][ T8177] Tainted: [L]=SOFTLOCKUP
[ 203.638876][ T8177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 203.638893][ T8177] Call Trace:
[ 203.638909][ T8177]
[ 203.638921][ T8177] dump_stack_lvl+0x100/0x190
[ 203.638981][ T8177] should_fail_ex.cold+0x5/0xa
[ 203.639014][ T8177] ? tracepoint_add_func+0x2c5/0xf30
[ 203.639041][ T8177] should_failslab+0xc2/0x120
[ 203.639071][ T8177] __kmalloc_noprof+0xe0/0x850
[ 203.639120][ T8177] ? __pfx_probe_sched_wakeup+0x10/0x10
[ 203.639149][ T8177] tracepoint_add_func+0x2c5/0xf30
[ 203.639175][ T8177] ? __pfx_probe_sched_wakeup+0x10/0x10
[ 203.639210][ T8177] ? __pfx_probe_sched_wakeup+0x10/0x10
[ 203.639238][ T8177] tracepoint_probe_register+0xc4/0x110
[ 203.639267][ T8177] ? __pfx_tracepoint_probe_register+0x10/0x10
[ 203.639296][ T8177] ? __pfx_probe_sched_wakeup+0x10/0x10
[ 203.639335][ T8177] tracing_start_sched_switch+0xdc/0x170
[ 203.639402][ T8177] __ftrace_event_enable_disable+0x557/0x6f0
[ 203.639438][ T8177] __ftrace_set_clr_event_nolock+0x390/0xc30
[ 203.639481][ T8177] ftrace_set_clr_event+0x16e/0x330
[ 203.639519][ T8177] ? __pfx_ftrace_set_clr_event+0x10/0x10
[ 203.639554][ T8177] ? trace_get_user+0x3ae/0xa70
[ 203.639605][ T8177] ftrace_event_write+0x259/0x2c0
[ 203.639645][ T8177] ? __pfx_ftrace_event_write+0x10/0x10
[ 203.639697][ T8177] vfs_write+0x2aa/0x1070
[ 203.639724][ T8177] ? __pfx_ftrace_event_write+0x10/0x10
[ 203.639769][ T8177] ? __pfx_vfs_write+0x10/0x10
[ 203.639815][ T8177] ? __fget_files+0x215/0x3d0
[ 203.639850][ T8177] ? __fget_files+0x21f/0x3d0
[ 203.639886][ T8177] ksys_write+0x12a/0x250
[ 203.639912][ T8177] ? __pfx_ksys_write+0x10/0x10
[ 203.639949][ T8177] do_syscall_64+0x106/0xf80
[ 203.639989][ T8177] ? clear_bhb_loop+0x40/0x90
[ 203.640025][ T8177] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 203.640053][ T8177] RIP: 0033:0x7f0693f9c799
[ 203.640078][ T8177] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 203.640109][ T8177] RSP: 002b:00007f0694e15028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 203.640137][ T8177] RAX: ffffffffffffffda RBX: 00007f0694215fa0 RCX: 00007f0693f9c799
[ 203.640157][ T8177] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000005
[ 203.640173][ T8177] RBP: 00007f0694032c99 R08: 0000000000000000 R09: 0000000000000000
[ 203.640190][ T8177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 203.640206][ T8177] R13: 00007f0694216038 R14: 00007f0694215fa0 R15: 00007fff912dc668
[ 203.640245][ T8177]
[ 203.640344][ T8177] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup_new
[ 204.677576][ T8212] netlink: 'syz.3.828': attribute type 4 has an invalid length.
[ 204.879355][ T8221] netlink: 130 bytes leftover after parsing attributes in process `syz.0.831'.
[ 205.066066][ T8225] FAULT_INJECTION: forcing a failure.
[ 205.066066][ T8225] name failslab, interval 1, probability 0, space 0, times 0
[ 205.116139][ T8225] CPU: 1 UID: 0 PID: 8225 Comm: syz.0.833 Tainted: G L syzkaller #0 PREEMPT(full)
[ 205.116194][ T8225] Tainted: [L]=SOFTLOCKUP
[ 205.116205][ T8225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 205.116226][ T8225] Call Trace:
[ 205.116237][ T8225]
[ 205.116249][ T8225] dump_stack_lvl+0x100/0x190
[ 205.116307][ T8225] should_fail_ex.cold+0x5/0xa
[ 205.116345][ T8225] should_failslab+0xc2/0x120
[ 205.116379][ T8225] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 205.116431][ T8225] ? alloc_empty_file+0x55/0x1c0
[ 205.116480][ T8225] alloc_empty_file+0x55/0x1c0
[ 205.116524][ T8225] alloc_file_pseudo+0x13a/0x230
[ 205.116570][ T8225] ? __pfx_alloc_file_pseudo+0x10/0x10
[ 205.116615][ T8225] ? tipc_sk_finish_conn+0x600/0x7a0
[ 205.116689][ T8225] sock_alloc_file+0x50/0x210
[ 205.116744][ T8225] __sys_socketpair+0x353/0x5b0
[ 205.116785][ T8225] ? __pfx___sys_socketpair+0x10/0x10
[ 205.116823][ T8225] ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 205.116859][ T8225] ? xfd_validate_state+0x129/0x190
[ 205.116919][ T8225] __x64_sys_socketpair+0x96/0x100
[ 205.116958][ T8225] ? lockdep_hardirqs_on+0x78/0x100
[ 205.117008][ T8225] do_syscall_64+0x106/0xf80
[ 205.117054][ T8225] ? clear_bhb_loop+0x40/0x90
[ 205.117096][ T8225] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 205.117131][ T8225] RIP: 0033:0x7f0693f9c799
[ 205.117164][ T8225] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 205.117197][ T8225] RSP: 002b:00007f0694e15028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 205.117230][ T8225] RAX: ffffffffffffffda RBX: 00007f0694215fa0 RCX: 00007f0693f9c799
[ 205.117254][ T8225] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[ 205.117274][ T8225] RBP: 00007f0694032c99 R08: 0000000000000000 R09: 0000000000000000
[ 205.117295][ T8225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 205.117316][ T8225] R13: 00007f0694216038 R14: 00007f0694215fa0 R15: 00007fff912dc668
[ 205.117361][ T8225]
[ 205.585503][ T8237] netlink: 342 bytes leftover after parsing attributes in process `syz.3.838'.
[ 205.759419][ T8241] netlink: 338 bytes leftover after parsing attributes in process `syz.3.840'.
[ 206.142153][ T8254] netlink: 146 bytes leftover after parsing attributes in process `syz.2.845'.
[ 206.330061][ T8260] kvm: user requested TSC rate below hardware speed
[ 209.581234][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[ 210.038176][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 210.545416][ T8359] netlink: 334 bytes leftover after parsing attributes in process `syz.1.874'.
[ 210.614613][ T8328] kexec: Could not allocate control_code_buffer
[ 212.629740][ T8403] bridge0: port 3(netdevsim1) entered blocking state
[ 212.638157][ T8403] bridge0: port 3(netdevsim1) entered disabled state
[ 212.645120][ T8403] netdevsim netdevsim0 netdevsim1: entered allmulticast mode
[ 212.678557][ T8403] netdevsim netdevsim0 netdevsim1: entered promiscuous mode
[ 212.693882][ T8403] bridge0: port 3(netdevsim1) entered blocking state
[ 212.701102][ T8403] bridge0: port 3(netdevsim1) entered forwarding state
[ 212.751067][ T8407] random: crng reseeded on system resumption
[ 213.094951][ T8405] ------------[ cut here ]------------
[ 213.100716][ T8405] IS_ERR(old)
[ 213.100735][ T8405] WARNING: kernel/tracepoint.c:367 at tracepoint_probe_unregister+0x837/0xd10, CPU#1: syz.2.889/8405
[ 213.115105][ T8405] Modules linked in:
[ 213.119297][ T8405] CPU: 1 UID: 0 PID: 8405 Comm: syz.2.889 Tainted: G L syzkaller #0 PREEMPT(full)
[ 213.130311][ T8405] Tainted: [L]=SOFTLOCKUP
[ 213.134677][ T8405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 213.144851][ T8405] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10
[ 213.153215][ T8405] Code: cc e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 20 dc 09 82 48 c7 c7 40 31 87 8e e8 e6 79 e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00
[ 213.174184][ T8405] RSP: 0018:ffffc900093cf8a8 EFLAGS: 00010283
[ 213.180758][ T8405] RAX: 00000000000078ad RBX: 00000000fffffffe RCX: ffffc90005852000
[ 213.188889][ T8405] RDX: 0000000000080000 RSI: ffffffff8209ed16 RDI: ffff888027b6bd00
[ 213.196964][ T8405] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[ 213.205086][ T8405] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff821007e0
[ 213.213201][ T8405] R13: 0000000000000202 R14: 0000000000000002 R15: ffffffff8f786aa0
[ 213.221301][ T8405] FS: 00007fbc49ca56c0(0000) GS:ffff88812444a000(0000) knlGS:0000000000000000
[ 213.230360][ T8405] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 213.237098][ T8405] CR2: 0000001b30f1aff8 CR3: 000000002f564000 CR4: 00000000003526f0
[ 213.245190][ T8405] Call Trace:
[ 213.248583][ T8405]
[ 213.251578][ T8405] tracing_stop_cmdline_record+0x66/0xa0
[ 213.257303][ T8405] __ftrace_event_enable_disable+0x5c4/0x6f0
[ 213.263425][ T8405] ftrace_event_set_open+0x224/0x380
[ 213.269334][ T8405] do_dentry_open+0x6d8/0x1660
[ 213.274167][ T8405] ? __pfx_ftrace_event_set_open+0x10/0x10
[ 213.280434][ T8405] vfs_open+0x82/0x3f0
[ 213.284590][ T8405] path_openat+0x208c/0x31a0
[ 213.289459][ T8405] ? __pfx_path_openat+0x10/0x10
[ 213.294483][ T8405] do_file_open+0x20e/0x430
[ 213.299561][ T8405] ? __pfx_do_file_open+0x10/0x10
[ 213.304696][ T8405] ? alloc_fd+0x476/0x790
[ 213.309176][ T8405] ? do_getname+0x191/0x390
[ 213.313805][ T8405] do_sys_openat2+0x10d/0x1e0
[ 213.318671][ T8405] ? __pfx_do_sys_openat2+0x10/0x10
[ 213.323960][ T8405] ? __fget_files+0x21f/0x3d0
[ 213.328759][ T8405] __x64_sys_openat+0x12d/0x210
[ 213.333739][ T8405] ? __pfx___x64_sys_openat+0x10/0x10
[ 213.339271][ T8405] do_syscall_64+0x106/0xf80
[ 213.343937][ T8405] ? clear_bhb_loop+0x40/0x90
[ 213.348761][ T8405] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 213.354731][ T8405] RIP: 0033:0x7fbc48d9c799
[ 213.359257][ T8405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 213.379481][ T8405] RSP: 002b:00007fbc49ca5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 213.388419][ T8405] RAX: ffffffffffffffda RBX: 00007fbc49015fa0 RCX: 00007fbc48d9c799
[ 213.396492][ T8405] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 213.404563][ T8405] RBP: 00007fbc48e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 213.412701][ T8405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 213.420812][ T8405] R13: 00007fbc49016038 R14: 00007fbc49015fa0 R15: 00007ffffd6e02f8
[ 213.428910][ T8405]
[ 213.431982][ T8405] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 213.439326][ T8405] CPU: 1 UID: 0 PID: 8405 Comm: syz.2.889 Tainted: G L syzkaller #0 PREEMPT(full)
[ 213.450150][ T8405] Tainted: [L]=SOFTLOCKUP
[ 213.454512][ T8405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 213.464636][ T8405] Call Trace:
[ 213.467953][ T8405]
[ 213.470924][ T8405] dump_stack_lvl+0x100/0x190
[ 213.475680][ T8405] vpanic+0x552/0x970
[ 213.479708][ T8405] ? __pfx_vpanic+0x10/0x10
[ 213.484266][ T8405] panic+0xd1/0xe0
[ 213.488033][ T8405] ? __pfx_panic+0x10/0x10
[ 213.492505][ T8405] check_panic_on_warn.cold+0x19/0x34
[ 213.497919][ T8405] ? tracepoint_probe_unregister+0x837/0xd10
[ 213.503945][ T8405] __warn.cold+0x191/0x348
[ 213.508406][ T8405] __report_bug+0x296/0x3d0
[ 213.512953][ T8405] ? tracepoint_probe_unregister+0x837/0xd10
[ 213.518979][ T8405] ? __pfx___report_bug+0x10/0x10
[ 213.524055][ T8405] ? rcu_is_watching+0x12/0xc0
[ 213.528872][ T8405] ? trace_contention_end+0x140/0x180
[ 213.534303][ T8405] ? __mutex_lock+0x26a/0x1b90
[ 213.539120][ T8405] ? tracepoint_probe_unregister+0x31/0xd10
[ 213.545054][ T8405] ? tracepoint_probe_unregister+0x837/0xd10
[ 213.551067][ T8405] report_bug+0xb2/0x220
[ 213.555355][ T8405] ? tracepoint_probe_unregister+0x837/0xd10
[ 213.561383][ T8405] handle_bug+0x16a/0x2a0
[ 213.565788][ T8405] exc_invalid_op+0x17/0x50
[ 213.570342][ T8405] asm_exc_invalid_op+0x1a/0x20
[ 213.575249][ T8405] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10
[ 213.582014][ T8405] Code: cc e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 20 dc 09 82 48 c7 c7 40 31 87 8e e8 e6 79 e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00
[ 213.601661][ T8405] RSP: 0018:ffffc900093cf8a8 EFLAGS: 00010283
[ 213.607787][ T8405] RAX: 00000000000078ad RBX: 00000000fffffffe RCX: ffffc90005852000
[ 213.615803][ T8405] RDX: 0000000000080000 RSI: ffffffff8209ed16 RDI: ffff888027b6bd00
[ 213.623902][ T8405] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[ 213.631947][ T8405] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff821007e0
[ 213.639956][ T8405] R13: 0000000000000202 R14: 0000000000000002 R15: ffffffff8f786aa0
[ 213.647969][ T8405] ? __pfx_probe_sched_switch+0x10/0x10
[ 213.653565][ T8405] ? tracepoint_probe_unregister+0x836/0xd10
[ 213.659589][ T8405] ? tracepoint_probe_unregister+0x836/0xd10
[ 213.665625][ T8405] tracing_stop_cmdline_record+0x66/0xa0
[ 213.671324][ T8405] __ftrace_event_enable_disable+0x5c4/0x6f0
[ 213.677362][ T8405] ftrace_event_set_open+0x224/0x380
[ 213.682709][ T8405] do_dentry_open+0x6d8/0x1660
[ 213.687519][ T8405] ? __pfx_ftrace_event_set_open+0x10/0x10
[ 213.693391][ T8405] vfs_open+0x82/0x3f0
[ 213.697706][ T8405] path_openat+0x208c/0x31a0
[ 213.702358][ T8405] ? __pfx_path_openat+0x10/0x10
[ 213.707360][ T8405] do_file_open+0x20e/0x430
[ 213.711910][ T8405] ? __pfx_do_file_open+0x10/0x10
[ 213.717027][ T8405] ? alloc_fd+0x476/0x790
[ 213.721418][ T8405] ? do_getname+0x191/0x390
[ 213.725971][ T8405] do_sys_openat2+0x10d/0x1e0
[ 213.730691][ T8405] ? __pfx_do_sys_openat2+0x10/0x10
[ 213.735937][ T8405] ? __fget_files+0x21f/0x3d0
[ 213.740665][ T8405] __x64_sys_openat+0x12d/0x210
[ 213.745568][ T8405] ? __pfx___x64_sys_openat+0x10/0x10
[ 213.751003][ T8405] do_syscall_64+0x106/0xf80
[ 213.755648][ T8405] ? clear_bhb_loop+0x40/0x90
[ 213.760365][ T8405] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 213.766291][ T8405] RIP: 0033:0x7fbc48d9c799
[ 213.770748][ T8405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 213.790404][ T8405] RSP: 002b:00007fbc49ca5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 213.798857][ T8405] RAX: ffffffffffffffda RBX: 00007fbc49015fa0 RCX: 00007fbc48d9c799
[ 213.806860][ T8405] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 213.814861][ T8405] RBP: 00007fbc48e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 213.822864][ T8405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 213.830865][ T8405] R13: 00007fbc49016038 R14: 00007fbc49015fa0 R15: 00007ffffd6e02f8
[ 213.838885][ T8405]
[ 213.842519][ T8405] Kernel Offset: disabled
[ 213.846863][ T8405] Rebooting in 86400 seconds..