last executing test programs: 8m12.509405754s ago: executing program 1 (id=733): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/v4l-subdev6\x00', 0x200, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='_\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) ioctl$auto(r0, 0xc0945662, r0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 8m11.819733952s ago: executing program 1 (id=737): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/uvcvideo/parameters/clock\x00', 0xb02, 0x0) sendfile$auto(r1, r1, 0x0, 0x7ff) 8m11.610470765s ago: executing program 1 (id=739): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) r1 = pidfd_open$auto(0x1, 0x0) setns(r1, 0x60020000) madvise$auto(0x4, 0x7fffffff7fffffff, 0xa) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NET_SET(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f00000019c0)=ANY=[@ANYBLOB="1c160000", @ANYRES16=r4, @ANYBLOB="20002dbd7000ffdbdf250f0000005b11038008005600060000006fbb46797f7cc24601f68004009b8004000d8095ab6a821e347bc984b4487450a3f35340543d7f5f1c5da7d484ba886569e7059f60ffa9b91bd0eab4fb05b9a434e158e4f4a85931b032bb400e4d614190fc276c0596b43eaed27e7968cc844c4d17737aba528ca3c6db19e7cc00bbd693a208f3916f68aaa3aaf8900254dbda0f19e6e090c30cb9e68bc7af9248a690926139d1c556bfbe74983d4ee4d971dbaa4142fb12275f70b8f8c041f64f5b06f494ef54db522e790c2483c3e5ac5355b752626ce7796858297f00560ea4aae3ae16461c1eac6c2bd17e633844751ebe82efc7c4ed003bedd0b2ef6e963d90bbbeacec48755ec9bc16e7e459e8d180664edf5acb4ab9a5415ea19e5efe82c8048e31313edc16423cd46e01c4ad651c32cc769a8cdd36c0c248a979a32c70e7947db76fe056045397fae9dda25408006a00ac14140d0800b700", @ANYRES32=r0, @ANYBLOB="0000f9a77534d11c3746f3fc1b8a17cc3c62b7b47c35e6127bdacbaa56442a1fa3440d2ba6272bbef27b61c6d9c60adea982e63e89446621cacd18bb9ac45fcdefd91c326256ef89cdca2214e21dbc9b21716f72eae95afea2637571a2f82c7ad19672b23641051cc81934fec6625ea545f2c6ea4c904552eec2bd09b24f67af92235349e1e1aad72da3f6e70ae6ae14cd2975c70358b51b8b92f6e873c5867c734550ba6c589a8f9850470e3c80b306ae8546addecd6b7012cb4157ec3e24d7e1bb0153c69d10e11b9461bc011c40066095836367edcec94fb6faabb08dbb79e7c5c09a107a66a05f960fa4f4e99698c4f984eb90284f817c91401d179bbf9f1fe9b2e44b4b985acd27f7344a8404362f57cd7e5bbea922c02a993450580976e999098c3836bd4b7b63e06b0a55eee33b732ec226ace0cff2d3d445bb82203b8fdc3e264dd6a5a8b2c6f585c031799e7cc157969b2eda3bd6e43d9dcf35a96061fd8b573feaa43092456b68021161d61d7b8e03b48a1ddf2be200148e896e178bd1b9767c9537d6e44ffc8ece080f26232a60a22eba8062779e7fa1294ce2c13c2c992ebfc39aac6ae698eb7d621a62cfa2bf5cdeef1b803ceca5fe619fec9b8017de702cdf247a15bcafef6d325a42844ee7d3d22ad554563953e4abc8e02e079c835415565c6407df71b9579cd530d7b182d681f5d34f71e0fd5e844fb4e052693ae28c2f874e034495cf4e48da9cb6622687524d1045c0e95ac3abe510e26cef1a1627d561d592a7be17ecbf39607a3d31047516d812e36e32b6b870966f96b749bd2ab119bd73bb63c7cede327a488c321e780e475f1351650e06d82c55a27669cdcb6c4b1281cae15927e601e6c219b2078c25fc1f0a5defc1ad2c31041b2ba6342ae0490f5a8da9d9db9868189a710f43bae3b701a3fd0b96532ed5feff405dc3f81d444e2c99b361bee6e70332ab9e831719c23d10e0573be3a9dcebf84154f59ee30be49970ea6b60bf44328d46012a017131123dd3c5613fd5e1ec65d898c8b57d0103f84d215dcb5addad577c6486adcb71e7f7fdc8e47ede194976286cee2f1c846c9fb8ef39de38556266991619b0f8a09919449b820d7220bb58b7b6ec24632e2cd921a65bdfebeb7177f0538104f59eb18b8d526ea4a73821253ad7427fdcb638a8f313279f4e085a691ba3dae67a32964eb4d87a638d7d5164fb707e6a106914870a85b0920b0e5bad6ff4c58b748e0c3c1bff31b1315deb80cca5eb3e4a717882eac9fa179b0f6c7849edcde00bb03ce32ed2645bfbd4f7f5d8985c1a608b69c89982cbc8cccc51c056d6f8f2d3591a326a37839767464900bd02de6ebc4a54827c48594d4580fa6787450980bbc337c6998579f5cfd7d00447bd7ebf38481662396194694efb0517c67ac68336df78a277ee4baaad1c19d9f1ab234a4778dccd90e846469940e8eb35844add4a9cc05844b750d8cbd3d679440943f8d472b555c83409b568b4a4093f8b8816fab885662d065224bf19f30efa4569d8605aa691fd46aa0b7ad810d2a7115837522b2718a6519776542f5bc4a3fd2f0a6ec836dae48326c33d2a34b48a82c3cb7a5629fee1ce3095a3ed7b4ac7861b9aed4a21b3fa33ebf1eb91d828b1d11b01175c55e6b5a1816aad0ba624c207187ffac923f746f6a0438d761c8427f6106b61bf9eba2ea889a4f4226ec82a24a1653de5dae513c35f6a994e0963b3c58f046adc54b2713ef6867f499b250dbb6fe9c9cb1dc46f7260115de87141138a77617639ec136dd0b5c33f4cfa45748a72e4c7840c1256d9ac3192b14ec47875c33d0c8489bc25cbccf02384392a402b232ee92e353143b0180f1dfd611d7b6e0ab42ae7b0881b2973df96541a7ca108410618feb0d2878ad1ac016c716f7281f2354a4751a359e1c58824c44e383e964074bcbfcae008df30cfccb795f4dbbdad28ab07e17b76679199e3f982ec6a76a726faa7304aa43dad1b8115656c9e498a11399ed6ae0669d7932a0cb713fff350f8b84f0548f9dd41d0730874c1c79cee92b19018d8cfc0592ec1dfdb17f5a66121d47647a940de3a94b34fd0debcefaf16f44922f6e5457591c784ced6099e03da76e25f3f7b6c559195ecc2e512db9c7a9a05ae4c97d3cd5ce655dd4ada70a4d8ede00285953998828f910d511c6d7c463ee2b6764ada701477dbb10cc756e37f88600605057f1911701debc06f49abdff121f4cfb6bca5e7e6ed02a9daf92e42fd4149e9eab093c2db9c6be1f6688b77e690a028c0d2357ec91a46631b96cb39ad2615e28ca0285ec80cb084bd89738b117d180f9858b8fba3a231dafd1eb6829b605daaaf7f1cf94d8702c277f28da1de7f0d5d50f7616d35742360b10721ea6be02fd3f4b074526b3adf5f25582aa323e068ab9a91549500cecc18bff7a75c5be86bfd5bf6839759f5936599b871db77fd7429777074de822f9a9764d88a9c6015fd1c29d0366023a0ac7fa7259f1a37ccc914e1fdd6029c3c1084ec2a5a9743befdf54338175bd202d90541ebdc05978c9b302d1fde8da4fe593775bdd2ba2c18c7ca3aa9440962803f64d1565b4e5bdc137843fb05985b0c42f97bde3375aa0fe6634116ce02d0582f1533525ba57ce955b7b9a073d20ed6e1e06b694d52fbf2a3f7016d04c72f17dfbed9ded4d7be36e33aad59904be30137f0afe0b85db947ae5bbfb067d5f905c0ac4908d3e1694be979d4225fb34e6804a4cab8f9a5a08f5195e721a463daa7e495e1a33c6b32bd8389b4ba389816ba731ef565cde762eec0708bca61204c96c3a7d56d1f52643d63e164ed8f6790dbe1fddc40df6b83a7481966258cf6f3e79b38e0efe9c43a36c303860164606ddab3ac73f81d576a3c14c3f222ce490b10fdd721dbbd0c285b96ccb69d67d83aae1aceaba20cb17cdf35dc0f68b391dd74dc162725d3c6044e0fac0faf3b0c8d30574803d531d231ba1c8fe4998c9a841df155d51859cd7b595c7e370f72b457ada20986d72a48867f6eebf1522202631c28fe4de7b08b34b168edd172817ba3e124a715bc5e5c38c43ce8b9c76a0169cec1a6395bbfa97fad16641865984dc3fbae9aa6774ad022b235d42967e43a4fba49fb0d552fdf3640b811681da06d7e200aff2baddcea92489f1029dd1901a5c63e30a869f1de647afd59c943c504c37e70c1c68cefbab3c1e7126180e6ddef939e59f06ae2beeb91049911c892c26a16474c4002da55a46a0ab8b4fa54d09b4c3ad8059e9c4137d3e7ae5446b7ce18d829bdcfc83718f49358f2c33a34c0cece13b3871c7e84aff108ac4c844736c1780c41eeb1c134db026b387d450f5eac3ab0fe6da2f0689efacffd8cbb9c29d694a2de802faf9d8c784e9fb64e6a45b731b2e3f563ddc2d422af9c0acfe0c701bd539ebb1fa2dca4fc7ba297167ce4fce246f6fd700bb9394c3d80e4bf5fc60dacc83d856cd06ab96611587be66768a5f211e1ec011dc7b9776aef749c3af310319ab4655ba82bd1d938b97f6ce4d0855edfe3deff849a2076834d69b928fc02dcb7ee1060c7aa2513d6bc093019be09842ab9c9996d58069c3abb35c0333545f3376812ea0f824e3c26ecbbb52b6d694eac29f07c6e0d1228f3be73ec936a8a0e6a303ed285fe2ff8447379b6670464db80ff2aee1a9b555874bddf52a1c59cafccf0f46788012cf70b6ed2d87a3a1e5cb1ed30d876fc6b9f05f13ae1a67d395fe723f78bfa5aa4b2bec11f5b04a73ad46cc3b93e3cd7f92244053d1d27a5f3d1ff5d85011459a109febf04be61bd3cded37ac38fe6a62ab3a88b52d2220a15532a49cb2f423d7455db22197159e3e4ff019d55df3a4bc315e44867ee9bbf1548fc97b91649a44627625b41969f9e10382fe89c15e6dcdd3ac7092c00e887b2a905f4a03d5bbd5f5d5e3c14d4bb92cbc483f049d00a47583c78ee21a27edcbab71ed13114698f0b3b7064221afb83ef8eee45be42c946c3064e8f095b22aa8d744ed7d6cd660155b2381c9c8ced3831c93e13992fb1e9792c510db63eba2b82d59d468b19a9cd5d3d6ad53dc63090583a09bc5ad725749230901c37649be45166a9f1f00b2d1a667558baeb8eb241c97337ecc193cc322e8c611307d7291d8063913b8bf156316b5215083f71ddf5740785877a0486c34ba9b64a444bf422354920c22c84c4c1a895ec26d06231ce44c55298ecbc97e138445368ddb59a307886de82cd057cc6c312b59a97d23452f1c82cf1fb96d81ec6f6c46d2b215ea05b63d6eb083ef18bd859dd5f1fa8e5e569f8a00365acf794099ddd43fb739ac83e9401095d193bc3ad6994f3d5890a24cecb990bd24edc2207752ae4005d0e0cb4894354a0676d9b20fbbfcdfbee2ca7086c582dd75b688777d8ffa2d6c489f015e8b74f7361dad7fd4fe95b3dd0fdc4afad8e66dff871b06a98f8a09671fb75848fa21ba66a5973b0b91d4bd162d20433fd8f996e5e1840435934cba67ff93c5034a376bf4692fb2b72ffdac96fdb8ef90062bb2aa68cac89df0ff55ae13679a440f77aee0306b2ba56188823be86137fe636519aa2802f61ae86270877df6a2e2ce94a23e6173b93f60572c3e25cd405e54998c009dc75e90817f2b7be782824f126b1f20ff07a28c4b6c92b8dde9a7f2fde9a7beee51c3f81e42f3142b2fa3894426b32a8e96beae5c0f6b455577fc8403157e89865fed891b2fce27049206ccb6352211cf3224a6ad16c7ba0fb1e44e472df6987444ad5e705eccee475de510d61f96a3319c8e4d6151476915754b599d900207da83213753d0afdbcacb77ccd7ec07b48887debdafc1bbb92f4ea0472d5615d70b01d79ff4827a7f30d5f7982d56667d45f6df27c76d05794b82a068f473da571300b277c80b619839a5e639646eed5d473eae9f4b54dbb8a718fb3adfd5251147798e24b724fedbea3d77928d7265cc7bde7a4b96872b5bab8a8de6618aaddf01945c8f5090d4aedffdc389621d589173a48c7ff10576495b3ec2fa978a1b679d33b23de0ffa1420b014e39ff10a1e3faf8eb12ca8b5916211f7c08b2c2f28c98921af3d4d9dab4f86d005a6c2ff5c645f29118d2c49ce16c33ae998bc5ee9fa3ab9180ed7fd8ed94156821bcf7a1d5b121da3b2462594b3c9dfd7f111c6a561c82265c1191187115a95e8b6a2371a5b41559ca868129408e07b8215d8500f576b8ff316bffd78ca9ea97447c775c8ca0bd01839cd4415d39b16ccd1b0adc2cf5cd646f21e4d94e085ce13bddebb9e7f482d5b11d8bd861648490cf2fd26e64784de82e2944cbeb600f51f56c9a3bcab872852009643b2bfc3d7d509c2458574080040d8840ff2aef709dd82dcd8f170eb44b8c7d0d27c267bf8dd9b524c7b16c4c427d7f46b389b0e582d272367a4bc2b8e923b6733b89b332ffa1af08bac9f6e113c3853b02c70cd3f23a9d550163f051d18b5b0108008238bb64f3f830939da4932297fe307473ee72c0f4aaf6eda74627ecfd7038a6d74c08560b64a680277519e87e2786747ae0173195d436e8fcdb30726b8cd67df9123d51a0e8bcf805a19e74fa44b83de284d46e668fa6d027ab5fac4823a9d73e8e38de62630fd0c14e0b81e259b288ab1ec232eca1ae0db9741ac5b0695dfeb353a67edbeff3847b25ca3991cd67a33cec4178ab2786f6ec470b87efe50deb3a10468f4b826146dc801289a273e37bf1f3d59ab6f291ae4e2fb7cb7a8dca4aad9fd9824bf8149227c13c1387ee9561784de8f248927210004000680a50401800601a580f4dda33c786300495c0523bb93d46d385d5638ff95f459b593849ea9562f8f07a8f63642ea48c34a90f97c08b219ea035fe9fd7260678e0500f6ff609107c7c3bff91ad924390d90b86784f330e329f265e0da787618a6b3eef37040707038ce63781b8205bade331586018f9d079608fb083dd1f5e2a4e8036c4136ae7efc34f38df3254332aaa357e67e932b59489160861bed045d679f40357513cc4a57a65707e7809d458ee00dc0869eeba562a94b198b102a87711262a8ac5efdb4defb03c14eb29b5680fb0af3720dda634efd545e9e6a15328e49df28eaf69c63c3529c9c3f09d2b566256dc01f150a705cee0ebfead231daf442014bc82b89f904002880000008005a0029d7adf01b060aea5f1bcebc514c72fce8ca6b9f1e94e0", @ANYRES32=r2, @ANYBLOB="64a9b1156ecfe6fdcece89f96f50a475f62201fe801400ba00fe8000000000000000000000000000aa04003880c02b8cf03c85b53109740e509cdfb6618ed8d758a4ee3bbfab2ec049fab93ff2a18b964f96053914ed27fcf0d981fe086eed1ddfee0ef0daa6724aea3f10b177c0c6ef107a01495681f3aa8626c7a09c564b815573de5680523f072025d667a4b196f1bae4dc1bb8980fe1ec01d8c99ef328398310cb3adcbb8564cd62cd4f38b266fadbe8a259937314f2b9ddabe8a63fdc509b4b3152ab9aeccf3f01e1642daab7175a970a3036dd3beb338d23fba7c77296455ea038de1f9823ff09d142896e81f42326c20f6fe50f17d99f38fc87d7288e633444fc15afaa3791222e5585e97431334488dbb59f7d9a01906c04004d800c00d9000400000000000000040003800400b8000000a900698004005f800800bc00", @ANYRES32=r1, @ANYBLOB="9671880ee0a1ef9bc00616ada7615ed8b80ec1296f01d7d115322f87fe7ba2a6bd788ea6284322796f858799aa95cf0bbad4226ad0aef949265c686f5b1dfa41ba8a83a5ec3f8d57e544a735bcd0aa04988ea738ba899949ef7081ac2a9de0e234613c0a78de42d889c33dcdfdcc851b1987c46866613784355c4289cb4e53c55a5705b6a140c00abbebfecf500507689fa411479a5cd92f050000003e00b480040086809f510d8f2e7d46d2b8be29413f491d3172bed31af39e3200dc56eba4432648012bf422ea2968b5d44a03a45acd9af6f8a3160cd9ce36000008000a00", @ANYRES32, @ANYBLOB="6701048033a03df30a9929a4561b86052b5532ee58fad4331eada5db7b38ab4744f0405c78ec08731bd4fa977559efe5bd1e96a73e55de4d71e71e9574b6a84cfd6448093f8aecaec7a146dc8901b3afc13d405734cd430002b60b9f1553737c6cb4ab3570f13799d3a047f67959294342cb293c2bf2c1794cd0e2445284532a4ba69a40b9d886ccb68a987a12914af604988a102541bd4c9b01f23ad8dc9a0750b301f09e5954d6b7eb04140f8b292fece455cfcaf0b8b10822d9c66fc2a9e8de45e8f8ba77d1f52eaa40931aac2590ff0935ff7f049d24cd0400e48015613e732e5a35250f1243531cede21e1eb87e8f212437fe0907cb4463090d06606f055ad375d2254d66bedc842dea644f730984c2505c4190affa1e2de652ba78c5e261ac253dfa290f86812d6811aeb41c61fad2c2d4c2cdae6a770e220b092a112addc60d06c6f3e2989d45d70f212cf645ec4e48060412894257a354d19313350a48e440355c7e9b00000000"], 0x161c}, 0x1, 0x0, 0x0, 0x40800}, 0x10) read$auto(r2, 0x0, 0x8) setsockopt$auto(0xffffffffffffffff, 0x6a, 0x1, 0x0, 0xc) sendfile$auto(r0, r0, 0x0, 0x7fffffffffffffff) mmap$auto(0x0, 0x61, 0x10001, 0xfa31, 0x400, 0x8000) syslog$auto(0x4, 0xfffffffffffffffc, 0x3) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0xfffffffffffffffc) 8m10.319292174s ago: executing program 1 (id=743): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/008/001\x00', 0x402, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x6) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000001040), 0xffffffffffffffff) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/cifsFYI\x00', 0x40c01, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) mmap$auto(0x9, 0x1, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) sendmsg$auto_GTP_CMD_NEWPDP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x34, r3, 0x1, 0x5, 0x25dfdbfd, {}, [@GTPA_I_TEI={0x8, 0x8, 0x5}, @GTPA_LINK={0x8, 0x1, 0x6551e4e0}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_O_TEI={0x8, 0x9, 0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x14) ioctl$auto_USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000180)={0x7, 0x6a, 0x0}) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_overcommit_hugepages\x00', 0x1c9282, 0x0) sendfile$auto(r4, r4, 0x0, 0xb) 8m8.526735493s ago: executing program 1 (id=750): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/net\x00') (fail_nth: 13) 8m7.756708964s ago: executing program 1 (id=754): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x4923c1, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x100010, r0, 0x6) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) read$auto(0x3, 0x0, 0x7fffffff) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x1a1000, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0xf7, 0x1e, 0x1000002) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) r2 = semctl$auto_GETPID(0x0, 0x2e3, 0xb, 0x10) r3 = prctl$auto(0x80000000, 0x1, r2, 0xfffffffffffffffe, 0x1) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) ioctl$auto_BLKTRACESETUP2(r3, 0xc0481273, 0x0) ioctl$auto_XFS_IOC_ALLOCSP(r3, 0x4030580a, &(0x7f0000000000)={0x1, 0x1, 0x1000001, 0xfffffffffffffff9, 0x3}) read$auto_mon_fops_binary_mon_bin(r4, 0x0, 0x0) ioctl$auto_MON_IOCG_STATS(r4, 0x80089203, 0x0) mmap$auto(0x8000000000000001, 0x8fffffffd, 0x6, 0x40eb1, 0xffffffffffffffff, 0x300080000000) setrlimit$auto(0x7, &(0x7f0000001380)={0x5, 0x6}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r5, 0xffffffffffdffe00, &(0x7f0000000140)=';') r6 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x40, 0x0) ioctl$auto(0x3, 0xc0086202, r6) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x0, 0x0) 7m52.668239288s ago: executing program 32 (id=754): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x4923c1, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x100010, r0, 0x6) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) read$auto(0x3, 0x0, 0x7fffffff) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x1a1000, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0xf7, 0x1e, 0x1000002) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) r2 = semctl$auto_GETPID(0x0, 0x2e3, 0xb, 0x10) r3 = prctl$auto(0x80000000, 0x1, r2, 0xfffffffffffffffe, 0x1) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) ioctl$auto_BLKTRACESETUP2(r3, 0xc0481273, 0x0) ioctl$auto_XFS_IOC_ALLOCSP(r3, 0x4030580a, &(0x7f0000000000)={0x1, 0x1, 0x1000001, 0xfffffffffffffff9, 0x3}) read$auto_mon_fops_binary_mon_bin(r4, 0x0, 0x0) ioctl$auto_MON_IOCG_STATS(r4, 0x80089203, 0x0) mmap$auto(0x8000000000000001, 0x8fffffffd, 0x6, 0x40eb1, 0xffffffffffffffff, 0x300080000000) setrlimit$auto(0x7, &(0x7f0000001380)={0x5, 0x6}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r5, 0xffffffffffdffe00, &(0x7f0000000140)=';') r6 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x40, 0x0) ioctl$auto(0x3, 0xc0086202, r6) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x0, 0x0) 10.137036254s ago: executing program 0 (id=2351): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) r0 = socket(0xa, 0x1, 0x84) setsockopt$auto(r0, 0x0, 0x60, 0x0, 0x4f) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) getsockopt$auto(0x4, 0x9fb, 0x2, 0xfffffffffffffffc, 0x0) socket(0xa, 0x1, 0x84) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20a01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) fcntl$auto_F_SETSIG(0xffffffffffffffff, 0xa, 0x0) unshare$auto(0x40000080) pwrite64$auto(0xc8, 0x0, 0xfdef, 0x3) close_range$auto(0x2, 0x8, 0x6) socket(0x10, 0x2, 0xc) socket(0xa, 0x3, 0x3a) r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) close_range$auto(0x2, 0x8, 0x0) statmount$auto(0x0, 0x0, 0x81, 0x968c) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1441, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0xffbffffffffffd0e, &(0x7f00000001c0)) mmap$auto(0x0, 0x202000c, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x64220b40f1085712, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vivid.0/video4linux/vbi1/dev\x00', 0x189c01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) socketpair$auto(0x3, 0xd, 0x8dc2, 0x0) close_range$auto(0x2, 0x8000, 0x0) 9.017015524s ago: executing program 0 (id=2353): close_range$auto(0x0, 0x5, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x60580, 0x0) r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x20003b4a, 0x8, 0x0, 0x0, 0x7) write$auto(r1, 0x0, 0xe) 8.814957195s ago: executing program 0 (id=2355): r0 = socket(0x10, 0x2, 0xc) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x71, r1, 0x10, 0x70bd2c, 0x25dfdbfb, {0xa, 0x0, 0xa00}, [@CTRL_ATTR_OP={0x8, 0xa, 0x5}, @CTRL_ATTR_FAMILY_ID={0x31, 0x1, 0x6}]}, 0x10e}, 0x1, 0x6000}, 0x10004010) 8.31758576s ago: executing program 2 (id=2356): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x49402, 0x0) read$auto(r0, 0x0, 0x9a28) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) fanotify_mark$auto(0xffffffffffffffff, 0x80, 0x5e50ee86, 0xffffffffffffffff, 0x0) mremap$auto(0x200000000ffe, 0x40, 0x3b, 0x3, 0x110c230000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x401000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) 8.250427905s ago: executing program 0 (id=2357): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x80000000000000a, 0x2, 0x0) getsockopt$auto(r0, 0x11, 0x67, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb3/threaded\x00', 0x8a801, 0x0) write$auto(r1, &(0x7f0000000000)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) msgsnd$auto(0x0, &(0x7f0000000180)={0xd, 0x7}, 0x400, 0xa01) mmap$auto(0x0, 0x40009, 0x8, 0x9b72, 0x7, 0x28800) r2 = socket(0x11, 0x80003, 0x300) sendfile$auto(r1, r2, 0x0, 0x762) dup2$auto(0x0, 0x3) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000280), 0x400, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x108000) setsockopt$auto(r1, 0x6, 0x24, 0x0, 0x9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x9, 0x0) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000100), r3) sendmsg$auto_GTP_CMD_ECHOREQ(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="8b41bd87", @ANYBLOB="01002bbd7000fb"], 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x8044) io_uring_setup$auto(0x9, &(0x7f00000002c0)={0x1, 0x4, 0xfffff17d, 0x0, 0x8, 0x2, 0xffffffffffffffff, [0x7f, 0x3ff, 0x7], {0x5, 0x2, 0x2, 0x6b06, 0x6, 0x4, 0x3, 0x6, 0x5}, {0x200, 0x9, 0x2, 0x3, 0x9, 0xe, 0x1, 0xef, 0x200000000000}}) r4 = pipe$auto(0x0) preadv$auto(r4, &(0x7f00000000c0)={&(0x7f0000000040)="ca65cfc9449b0e21165d583df14bba802407cd3c9cb2696df1a356c8893f8f284dea448a89344027969c4941cb9b9c2beb870dfe4b9220f4ed5efd74df", 0x4}, 0x6, 0x8000, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x801, 0x106) 7.615962692s ago: executing program 2 (id=2358): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb3, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mprotect$auto(0x200000000000, 0x806122, 0xc) sched_setscheduler$auto(0x0, 0x5, &(0x7f0000000040)={0x2}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getrlimit$auto(0x3, 0x0) fdatasync$auto(r0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0) pselect6$auto(0x8, &(0x7f0000000300)={[0x4, 0x7, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0xec, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) waitid$auto(0x3, 0xffffffffffffffff, &(0x7f00000000c0)={@_si_pad}, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/timer_list\x00', 0x1c9802, 0x0) mmap$auto(0x0, 0x20009, 0xe, 0xeb1, 0x403, 0x8000) 7.161604037s ago: executing program 0 (id=2362): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) ioctl$auto(r0, 0xc02c5625, r0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0x8, 0x4, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x5, 0x5, 0x6, 0x8, 0xae, 0xa, 0x2, 0x7, 0x5, 0x7}, 0x1fe, 0x80) fcntl$auto_F_CREATED_QUERY(r0, 0x404, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYRESOCT=r0], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4004) mmap$auto(0x0, 0x20009, 0x9, 0x18, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x4) r2 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/buffer_size_kb\x00', 0x40, 0x0) readv$auto(r2, &(0x7f0000000100)={0x0, 0x3}, 0x1) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) fsconfig$auto(r3, 0x8, &(0x7f00000014c0)='/sys/devices/LN\x01\xe9)oTM:00/LNXPWRBN:00/power/_count\x00\xa7l\xcf\"\x06u\x1d+\"\x90}\xda\xc1\x1f\xdc\x1bl\x151ZD\xc1\x8c\x1f\x80\xc9\x93\xd3m\xac\x94>\xc5#\xf6\x02\x01\x00\x00\x00\xc2<\x86w\xc5\x1b!\xd4HUx \xe4\x80\xad\xcc\xdd\x99\xdeC\x8at\xce\xf7\xb0\x1e1x\x80\x8e:X\xe0+n\xc75\x84\xe9\x93\x99\x8c\xb5dn\xdf\xea\xb1t\xd7\x00\xfb\x80\xdc\xcd\xeb\xca\x04&H\xba\x0e\x03\xf4\x81\xc8m\x8e\f\'\x0302N\xda[\x84\rq\x00{\x1b\x95u\x9aF\x062\x04\x9d\xd3\x02\xd6\x05\x94[\xc4\xf6hC\xf6i\xbf\x02\x93\xc4w\x95o\"x;\xda\xaf\x14\xef\xbd\xd3\xe1\xfc\xeaK\xe6\x8aOd\x1d\xf0\xde\xe7[\f\x0f\x03\xc7\xe2\x8b\xfeP!M\x1ac\xee\xea\r\xeaN\xaeH\xd3e0Y\xdci\x81B\xd2d\'fZ\xa2\xb4\xf7\x84\x90\xf5\xc5t\xed\xe7\xb9\xc6G\xf7\xd1\xa1:\xd5\xfc\xa9Z:\xa3PL<\x8b\xf6\xff\x03\xb1M\xc5\xdb\xd2\xf3\x8e\xe7VXKQ\xf2y\xb6cr\x93\xce\xc1\x01\xa6*\x9b\x9dH\xa5\xb3\x8a9\xaaA\x94\x9f\\\xb3\x187\xf71<\x19\xa1C\xa3\xac\x84CL\xf6\xfe\x80\xe2g\xe1\x137\xffA\x9fn\xd4\x8dm:\xae\vPH\x8a\xd90x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r1, r2, 0x4, 0xf, 0xffffffffffffffff, @relative_fd, 0xe600}, 0xf) r8 = getpid() pidfd_open$auto(r8, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000227bd7000fedbdf250100000008000900", @ANYRES32=r7, @ANYBLOB="08000200", @ANYRES32=r8, @ANYBLOB="1ef554776d9ffa20"], 0x2c}, 0x1, 0x0, 0x0, 0x20040000}, 0x88) msgsnd$auto(0x0, &(0x7f0000000180)={0xd, 0x7}, 0x400, 0xa01) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop12\x00', 0x14fa02, 0x0) open(&(0x7f00000001c0)='./file0\x00', 0x60142, 0x130) 6.133685031s ago: executing program 0 (id=2367): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = open(&(0x7f0000000100)='./file0\x00', 0x418e42, 0x40) r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/wchan\x00', 0x103283, 0x0) lseek$auto(r2, 0x7fd, 0x1) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000003240), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0xa, 0x2, 0x0) setsockopt$auto(r3, 0x11, 0xb, 0x0, 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0xffffffffffffffff, 0x300000000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6d0ef1b5922cc80f}, 0x40000) mmap$auto(0x93fffffff, 0x76, 0x8, 0x9b79, r1, 0x4) adjtimex$auto(0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80000, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/batadv0/hop_limit\x00', 0x82, 0x0) socket(0x10, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x101400, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/mdio_bus/drivers/RTL8226 2.5Gbps PHY/uevent\x00', 0x2440, 0x0) read$auto(r4, 0x0, 0x8000000000000803) select$auto(0x9, 0x0, 0x0, 0x0, 0x0) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/card0/pcm0p/sub3/sw_params\x00', 0x0, 0x0) close_range$auto(0x2, r0, 0x7) socket(0x8, 0x6, 0x82) close_range$auto(0x2, 0x8, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0xc0a041, 0x0) 4.473253616s ago: executing program 2 (id=2372): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/module/kvm_intel/parameters/vmentry_l1d_flush\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) timer_create$auto(0x7, 0x0, 0x0) timer_settime$auto(0x0, 0xffff8000, 0x0, 0x0) sendto$auto(r0, &(0x7f0000000000)="1e9d4b88568c778730cc700ea218", 0x80000001, 0x5, &(0x7f0000000040)=@isdn={0x22, 0x5, 0x0, 0x5, 0x9}, 0x2) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000280), 0x8000, 0x0) fcntl$auto(0x3, 0x4, 0xa553) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, 0x0, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) socket(0x29, 0x2, 0x0) ioprio_set$auto(0x3, 0x0, 0x4b34) 3.133355948s ago: executing program 3 (id=2376): r0 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async) mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/class/devcoredump/disabled\x00', 0xe3102, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x4) write$auto(0x3, 0x0, 0xffef) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) (async) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x13, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0x2}, 0x1002}, 0x739618ce, 0x311) 2.865372971s ago: executing program 4 (id=2378): r0 = open(0x0, 0x149443, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D1\x00', 0x0, 0x0) mmap$auto(0x0, 0x7e, 0xe1, 0x15, r0, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r1) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dri/card0\x00', 0x60200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) open(0x0, 0x149443, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x8000000000000006, 0xbc3, 0x5, 0x3, 0x8, 0x80000000, 0x400000000003, 0x3ff, 0xffffffffffffffff, 0xfffffffffffffffa, 0x6, 0x9, 0x7f, 0x20000004]}, 0x0) 2.698103694s ago: executing program 2 (id=2379): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x80000000000000a, 0x2, 0x0) getsockopt$auto(r0, 0x11, 0x67, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb3/threaded\x00', 0x8a801, 0x0) write$auto(r1, &(0x7f0000000000)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) msgsnd$auto(0x0, &(0x7f0000000180)={0xd, 0x7}, 0x400, 0xa01) mmap$auto(0x0, 0x40009, 0x8, 0x9b72, 0x7, 0x28800) r2 = socket(0x11, 0x80003, 0x300) sendfile$auto(r1, r2, 0x0, 0x762) dup2$auto(0x0, 0x3) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000280), 0x400, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x108000) setsockopt$auto(r1, 0x6, 0x24, 0x0, 0x9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x9, 0x0) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000100), r3) sendmsg$auto_GTP_CMD_ECHOREQ(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="8b41bd87", @ANYBLOB="01002bbd7000fb"], 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x8044) io_uring_setup$auto(0x9, &(0x7f00000002c0)={0x1, 0x4, 0xfffff17d, 0x0, 0x8, 0x2, 0xffffffffffffffff, [0x7f, 0x3ff, 0x7], {0x5, 0x2, 0x2, 0x6b06, 0x6, 0x4, 0x3, 0x6, 0x5}, {0x200, 0x9, 0x2, 0x3, 0x9, 0xe, 0x1, 0xef, 0x200000000000}}) r4 = pipe$auto(0x0) preadv$auto(r4, &(0x7f00000000c0)={&(0x7f0000000040)="ca65cfc9449b0e21165d583df14bba802407cd3c9cb2696df1a356c8893f8f284dea448a89344027969c4941cb9b9c2beb870dfe4b9220f4ed5efd74df", 0x4}, 0x6, 0x8000, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x801, 0x106) 2.180385261s ago: executing program 3 (id=2380): mmap$auto(0x0, 0x402000b, 0xdf, 0x80eb1, 0x401, 0x8000) sysfs$auto(0x80002, 0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x6, 0x4, 0x200, 0x1, 0x4, 0xffffffffffffffff, 0xa, "97184c79045d00001b00000000001000", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0x10) bpf$auto(0x1b, &(0x7f0000000380)=@task_fd_query={0x0, 0xffffffffffffffff, 0x2, 0x5, 0x4, 0x8, 0xffffffffffffffff, 0x8}, 0x92) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x801, 0x100) fsopen$auto(0x0, 0x1) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x40401, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x540b, 0x0) 1.891290134s ago: executing program 4 (id=2381): mmap$auto(0x6, 0x202000f, 0x5, 0x100000010, 0xfffffffffffffffa, 0x7ffd) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000040)='/dev/binderfs/binder0\x00', 0x0, 0x0) r1 = epoll_create$auto(0x200004) epoll_ctl$auto(r1, 0x1, r0, 0x0) ioctl$auto_BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) 1.753547094s ago: executing program 2 (id=2382): r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) getpeername$auto(r0, &(0x7f0000000080)=@vsock={0x28, 0x0, 0x2710, @hyper}, &(0x7f00000000c0)=0x9) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)='./file0\x00') rename$auto(&(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)='./file0\x00') r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) write$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffffff, 0x0, 0x0) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x3) ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, &(0x7f0000000100)) 1.72916919s ago: executing program 3 (id=2383): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x40, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0x14, 0x3, 0x0, 0x1, [@nested={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x5, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @pid}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x40}}, 0x24048084) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'veth0_to_bridge\x00'}) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) 1.552044161s ago: executing program 4 (id=2384): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) r0 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VFIO_IOMMU_MAP_DMA(r0, 0x3b71, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x708883, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:06/power/runtime_status\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) bind$auto(r2, 0x0, 0x3) keyctl$auto(0x9, 0xfffffffffffffffd, 0x7ffffffffffffffb, 0x80000000000000b, 0x8000000000000000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_udc.3/udc/dummy_udc.3/a_hnp_support\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000240)=""/140, 0x8c) write$auto(r1, &(0x7f0000000200)='7\x00\\\xa0\x04|\x03\'g\t$K\xcb\x12\xfa\x00\x00\xcfk', 0xb7f) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xdcfaeb3549db04fd, 0x0) prctl$auto(0x59616d61, 0x1, 0x0, 0x1, 0xda) close_range$auto(0x2, 0x8, 0x0) r4 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sda\x00', 0x0, 0x0) ioctl$auto(r5, 0x2284, r4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/tty/ttyw9/power/runtime_active_time\x00', 0x311002, 0x0) getsockopt$auto_SO_RCVMARK(r0, 0x6, 0x4b, &(0x7f0000000040)='/\'\x00', &(0x7f0000000080)=0x200) mmap$auto(0x0, 0x73, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto_SECCOMP_MODE_STRICT(0x243, 0x1, 0xffffffffffffffff, 0x3, 0x1c) 1.494167663s ago: executing program 2 (id=2385): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = open(&(0x7f0000000100)='./file0\x00', 0x418e42, 0x40) r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/wchan\x00', 0x103283, 0x0) lseek$auto(r2, 0x7fd, 0x1) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000003240), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0xa, 0x2, 0x0) setsockopt$auto(r3, 0x11, 0xb, 0x0, 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0xffffffffffffffff, 0x300000000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6d0ef1b5922cc80f}, 0x40000) mmap$auto(0x93fffffff, 0x76, 0x8, 0x9b79, r1, 0x4) adjtimex$auto(0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80000, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/batadv0/hop_limit\x00', 0x82, 0x0) socket(0x10, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x101400, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/mdio_bus/drivers/RTL8226 2.5Gbps PHY/uevent\x00', 0x2440, 0x0) read$auto(r4, 0x0, 0x8000000000000803) select$auto(0x9, 0x0, 0x0, 0x0, 0x0) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/card0/pcm0p/sub3/sw_params\x00', 0x0, 0x0) close_range$auto(0x2, r0, 0x7) socket(0x8, 0x6, 0x82) close_range$auto(0x2, 0x8, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0xc0a041, 0x0) 1.421299054s ago: executing program 3 (id=2386): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x2006, 0x7fa, 0xe, &(0x7f0000000280)}) (fail_nth: 8) readv$auto(0xffffffffffffffff, 0x0, 0x1) 772.489852ms ago: executing program 3 (id=2387): add_key$auto_KEY_SPEC_REQKEY_AUTH_KEY(&(0x7f0000000280)='/sys/devices/virtual/net/dummy0/ifalias\x00', &(0x7f00000002c0)='\x00', &(0x7f0000000300)="f7ba7237d16a07b7a33827ab5d812745b869bb22cc9daad169837947c61ff3cebba9f80c06532bb6b6e1555c2d9d61022e91896f64960aed42e3b44a7707f0d972260450d1dab9f67c3bccad9e4436837dd1f7340b197cf0cf5083a2ef8bcf6b713374f5dd", 0x7, 0xfffffffffffffff9) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/dummy0/ifalias\x00', 0x8041, 0x0) r0 = socket(0x1e, 0x4, 0x0) connect$auto(r0, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x0, 0x4}}, 0x10) write$auto(0x3, 0x0, 0xfdef) r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/net\x00') ioctl$NS_GET_PARENT(r1, 0xb702, 0x0) r2 = getpid() process_vm_readv$auto(r2, 0x0, 0x800000001, 0x0, 0x6, 0x0) msgctl$auto_MSG_STAT(0x4, 0xb, &(0x7f0000000400)={{0xd, 0xee01, 0xee00, 0x3, 0x5, 0x5, 0x8000}, &(0x7f0000000380)=0xe5, &(0x7f00000003c0)=0x2, 0xf, 0xfff, 0x1, 0x3, 0x4, 0xf, 0x400, 0xf6df, @inferred=r2, @raw=0xe}) stat$auto(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x6, 0x20000000000000, 0xfffffffffffffffe, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x45, 0x0, 0x7f, 0x3, 0xffffffffffffffff, 0xff, 0x0, 0x2, 0x0, 0x7}) msgctl$auto_IPC_INFO(0xaaf, 0x3, &(0x7f0000000600)={{0x0, 0xee01, 0xffffffffffffffff, 0x30000, 0x9, 0xffffb6e8, 0xd}, &(0x7f0000000580)=0x5, &(0x7f00000005c0), 0x9, 0xfffffffffffffffd, 0x6, 0xffffffffffffffff, 0x2, 0x8, 0x2, 0x6, @raw=0x33c6, @raw=0xf2a3}) keyctl$auto(0x8, r3, r5, r6, 0x9) r7 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x80000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r7, 0xc1105517, &(0x7f0000000140)={{@raw=0x80000000, 0x304, 0x1, 0x8, "311382e000a300000000000000220000000000000000000000000000687a00", @raw=0xffffffff}, 0x3, 0x3, 0x7, @inferred=0x0, @integer={0x0, 0xfffffffffffffffc, 0x8}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e808c334fdd7327b386425608af790adaf0bcab84a16f7ce8cbce0bb32777702b8d7c2d00"}) mmap$auto(0x0, 0x40009, 0x6, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0x5, 0x0) fanotify_init$auto(0x5, 0x2000000000002) inotify_init1$auto(0x3000000000000) r9 = setfsuid$auto(0xee00) setreuid$auto(r9, 0x0) keyctl$auto(0x4, 0x0, r9, 0x0, 0x8000000000000000) r10 = waitid$auto_P_PID(0x1, r8, &(0x7f0000000700)={@_si_pad}, 0x400, &(0x7f0000000780)={{0x10000, 0xf}, {0x5, 0x400}, 0x10000, 0x80000001, 0x1, 0x3, 0x1f0a0000000, 0x6, 0x0, 0x0, 0x6, 0x4, 0x4, 0x7ff, 0x18, 0x14}) msgctl$auto_MSG_STAT_ANY(0x4, 0xd, &(0x7f0000000840)={{0x1, r9, r4, 0x99, 0x2, 0xffff8001, 0x9b}, &(0x7f0000000680)=0x9, &(0x7f00000006c0)=0x1, 0x2, 0x6, 0x0, 0xa, 0xffff, 0x7fff, 0xcae, 0x5, @inferred=r2, @inferred=r10}) socket(0x15, 0x5, 0x0) getsockopt$auto(0x2, 0x114, 0x8, 0xfffffffffffffffc, 0x0) sched_getparam$auto(r2, &(0x7f00000000c0)={0x1}) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000040)={"23469e98cdb5f5bfede7bd45c6df25c26022db10972b2314591c3a7c64a5e706", 0x4, 0x9, 0x101, 0x27b, 0xffffffffffffffff, 0x0}) rt_tgsigqueueinfo$auto_SIGCONT(r2, r11, 0x12, &(0x7f00000000c0)={@_si_pad}) 696.279023ms ago: executing program 4 (id=2388): mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/driver/rtc\x00', 0x88000, 0x0) pread64$auto(r0, 0x0, 0x1f, 0x1300) 582.577681ms ago: executing program 3 (id=2389): r0 = open(0x0, 0x149443, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D1\x00', 0x0, 0x0) mmap$auto(0x0, 0x7e, 0xe1, 0x15, r0, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r1) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dri/card0\x00', 0x60200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) open(0x0, 0x149443, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x8000000000000006, 0xbc3, 0x5, 0x3, 0x8, 0x80000000, 0x400000000003, 0x3ff, 0xffffffffffffffff, 0xfffffffffffffffa, 0x6, 0x9, 0x7f, 0x20000004]}, 0x0) 453.704904ms ago: executing program 4 (id=2390): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x80000000000000a, 0x2, 0x0) getsockopt$auto(r0, 0x11, 0x67, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb3/threaded\x00', 0x8a801, 0x0) write$auto(r1, &(0x7f0000000000)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) msgsnd$auto(0x0, &(0x7f0000000180)={0xd, 0x7}, 0x400, 0xa01) mmap$auto(0x0, 0x40009, 0x8, 0x9b72, 0x7, 0x28800) r2 = socket(0x11, 0x80003, 0x300) sendfile$auto(r1, r2, 0x0, 0x762) dup2$auto(0x0, 0x3) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000280), 0x400, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x108000) setsockopt$auto(r1, 0x6, 0x24, 0x0, 0x9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x9, 0x0) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000100), r3) sendmsg$auto_GTP_CMD_ECHOREQ(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYRES16=r4, @ANYBLOB="01002bbd7000fb"], 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x8044) io_uring_setup$auto(0x9, &(0x7f00000002c0)={0x1, 0x4, 0xfffff17d, 0x0, 0x8, 0x2, 0xffffffffffffffff, [0x7f, 0x3ff, 0x7], {0x5, 0x2, 0x2, 0x6b06, 0x6, 0x4, 0x3, 0x6, 0x5}, {0x200, 0x9, 0x2, 0x3, 0x9, 0xe, 0x1, 0xef, 0x200000000000}}) r5 = pipe$auto(0x0) preadv$auto(r5, &(0x7f00000000c0)={&(0x7f0000000040)="ca65cfc9449b0e21165d583df14bba802407cd3c9cb2696df1a356c8893f8f284dea448a89344027969c4941cb9b9c2beb870dfe4b9220f4ed5efd74df", 0x4}, 0x6, 0x8000, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x801, 0x106) 0s ago: executing program 4 (id=2391): socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x8, 0xdd, 0x9b72, 0x2, 0x40008001) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0) socket(0x2, 0x1, 0x100) socket(0x1f, 0x80802, 0x1000000) io_uring_setup$auto(0x1, 0x0) socket(0x2, 0x5, 0x0) r0 = socketpair$auto(0x4001, 0x2, 0xfffffffa, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80f) mmap$auto(0x5, 0x2020006, 0x3, 0x11, r0, 0x8000) keyctl$auto(0x1c, 0x1, 0x6, 0xee00, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) mmap$auto(0x0, 0x9, 0x5, 0x9b72, 0xffffffffffffffff, 0x8000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0x4040ae77, 0x38) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x90001, 0x0) r3 = socket(0x10, 0x2, 0xfffffffe) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fbdbdf250a0000000800030009000000"], 0x1c}, 0x1, 0x0, 0x0, 0x891}, 0x10040) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) kernel console output (not intermixed with test programs): 4][T12792] ? __pfx_proc_ns_get_link+0x10/0x10 [ 538.549093][T12792] step_into_slowpath+0x9ba/0xf90 [ 538.549122][T12792] ? find_held_lock+0x2b/0x80 [ 538.549142][T12792] ? __pfx_step_into_slowpath+0x10/0x10 [ 538.549174][T12792] ? lookup_fast+0x2da/0x600 [ 538.549204][T12792] path_openat+0xf95/0x31a0 [ 538.549230][T12792] ? __pfx_path_openat+0x10/0x10 [ 538.549258][T12792] do_file_open+0x20e/0x430 [ 538.549279][T12792] ? __pfx_do_file_open+0x10/0x10 [ 538.549314][T12792] ? alloc_fd+0x476/0x790 [ 538.549334][T12792] ? do_getname+0x191/0x390 [ 538.549359][T12792] do_sys_openat2+0x10d/0x1e0 [ 538.549385][T12792] ? __pfx_do_sys_openat2+0x10/0x10 [ 538.549409][T12792] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 538.549438][T12792] ? __fget_files+0x21f/0x3d0 [ 538.549459][T12792] __x64_sys_openat+0x12d/0x210 [ 538.549485][T12792] ? __pfx___x64_sys_openat+0x10/0x10 [ 538.549509][T12792] ? ksys_write+0x1ac/0x250 [ 538.549533][T12792] do_syscall_64+0x106/0xf80 [ 538.549556][T12792] ? clear_bhb_loop+0x40/0x90 [ 538.549579][T12792] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.549599][T12792] RIP: 0033:0x7f676b75cfce [ 538.549621][T12792] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 538.549639][T12792] RSP: 002b:00007f676c6bfec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 538.549657][T12792] RAX: ffffffffffffffda RBX: 00007f676c6c06c0 RCX: 00007f676b75cfce [ 538.549669][T12792] RDX: 0000000000000000 RSI: 00007f676c6bff90 RDI: ffffffffffffff9c [ 538.549681][T12792] RBP: 00007f676c6c0090 R08: 0000000000000000 R09: 0000000000000000 [ 538.549692][T12792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 538.549704][T12792] R13: 00007f676ba16038 R14: 00007f676ba15fa0 R15: 00007ffdccf38448 [ 538.549727][T12792] [ 541.369437][T12827] netlink: 302 bytes leftover after parsing attributes in process `syz.4.1793'. [ 541.410882][T12826] FAULT_INJECTION: forcing a failure. [ 541.410882][T12826] name failslab, interval 1, probability 0, space 0, times 0 [ 541.486722][T12826] CPU: 0 UID: 0 PID: 12826 Comm: syz.3.1794 Tainted: G L syzkaller #0 PREEMPT(full) [ 541.486776][T12826] Tainted: [L]=SOFTLOCKUP [ 541.486789][T12826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 541.486808][T12826] Call Trace: [ 541.486820][T12826] [ 541.486833][T12826] dump_stack_lvl+0x100/0x190 [ 541.486886][T12826] should_fail_ex.cold+0x5/0xa [ 541.486923][T12826] should_failslab+0xc2/0x120 [ 541.486956][T12826] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 541.487005][T12826] ? vm_area_alloc+0x1f/0x160 [ 541.487041][T12826] ? vma_merge_new_range+0x38b/0xa30 [ 541.487091][T12826] vm_area_alloc+0x1f/0x160 [ 541.487131][T12826] __mmap_region+0x10cc/0x29e0 [ 541.487175][T12826] ? kmem_cache_free+0x44b/0x6a0 [ 541.487213][T12826] ? __fput_deferred+0x3e6/0x490 [ 541.487249][T12826] ? path_openat+0xfec/0x31a0 [ 541.487278][T12826] ? do_file_open+0x20e/0x430 [ 541.487319][T12826] ? __pfx___mmap_region+0x10/0x10 [ 541.487360][T12826] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.487396][T12826] ? css_rstat_updated+0x1ce/0x5a0 [ 541.487432][T12826] ? __pfx_css_rstat_updated+0x10/0x10 [ 541.487483][T12826] ? __lock_acquire+0x4a5/0x2630 [ 541.487522][T12826] ? update_cfs_rq_load_avg+0x51/0x550 [ 541.487575][T12826] ? find_held_lock+0x2b/0x80 [ 541.487603][T12826] ? finish_task_switch.isra.0+0x200/0xb80 [ 541.487637][T12826] ? finish_task_switch.isra.0+0x200/0xb80 [ 541.487688][T12826] ? trace_sched_exit_tp+0x13a/0x180 [ 541.487725][T12826] ? __schedule+0x1000/0x6120 [ 541.487827][T12826] mmap_region+0x180/0x3e0 [ 541.487883][T12826] do_mmap+0xc63/0x12f0 [ 541.487925][T12826] ? __pfx_do_mmap+0x10/0x10 [ 541.487959][T12826] ? __pfx_down_write_killable+0x10/0x10 [ 541.488010][T12826] vm_mmap_pgoff+0x29e/0x470 [ 541.488051][T12826] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 541.488088][T12826] ? do_futex+0x192/0x350 [ 541.488127][T12826] ? __pfx_do_futex+0x10/0x10 [ 541.488163][T12826] ? __pfx_do_sys_openat2+0x10/0x10 [ 541.488211][T12826] ksys_mmap_pgoff+0xe1/0x650 [ 541.488243][T12826] ? __x64_sys_futex+0x34f/0x4d0 [ 541.488281][T12826] ? __x64_sys_futex+0x358/0x4d0 [ 541.488329][T12826] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 541.488362][T12826] ? xfd_validate_state+0x129/0x190 [ 541.488414][T12826] __x64_sys_mmap+0x125/0x190 [ 541.488464][T12826] do_syscall_64+0x106/0xf80 [ 541.488500][T12826] ? clear_bhb_loop+0x40/0x90 [ 541.488538][T12826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.488571][T12826] RIP: 0033:0x7f2dbdd9c799 [ 541.488597][T12826] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 541.488626][T12826] RSP: 002b:00007f2dbec17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 541.488656][T12826] RAX: ffffffffffffffda RBX: 00007f2dbe015fa0 RCX: 00007f2dbdd9c799 [ 541.488677][T12826] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000021000 [ 541.488696][T12826] RBP: 00007f2dbde32bd9 R08: 0000000000000002 R09: 0000000000008000 [ 541.488715][T12826] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 541.488733][T12826] R13: 00007f2dbe016038 R14: 00007f2dbe015fa0 R15: 00007ffee7f32068 [ 541.488775][T12826] [ 542.399340][T12823] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 542.407891][T12823] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 542.414254][T12823] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 542.441673][T12823] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 542.466584][T12823] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 543.148877][T12839] zswap: compressor 000 not available [ 543.335659][ T6552] Bluetooth: hci0: command 0x0c1a tx timeout [ 543.561872][T12843] zswap: compressor 000 not available [ 543.991179][T12863] FAULT_INJECTION: forcing a failure. [ 543.991179][T12863] name failslab, interval 1, probability 0, space 0, times 0 [ 544.136376][T12863] CPU: 0 UID: 0 PID: 12863 Comm: syz.0.1803 Tainted: G L syzkaller #0 PREEMPT(full) [ 544.136438][T12863] Tainted: [L]=SOFTLOCKUP [ 544.136450][T12863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 544.136469][T12863] Call Trace: [ 544.136480][T12863] [ 544.136493][T12863] dump_stack_lvl+0x100/0x190 [ 544.136545][T12863] should_fail_ex.cold+0x5/0xa [ 544.136582][T12863] ? tracepoint_add_func+0x2c5/0xf30 [ 544.136613][T12863] should_failslab+0xc2/0x120 [ 544.136646][T12863] __kmalloc_noprof+0xe0/0x850 [ 544.136699][T12863] ? __pfx_trace_event_raw_event_nfs4_lookup_event+0x10/0x10 [ 544.136752][T12863] tracepoint_add_func+0x2c5/0xf30 [ 544.136788][T12863] ? __pfx_trace_event_raw_event_nfs4_lookup_event+0x10/0x10 [ 544.136847][T12863] ? __pfx_trace_event_raw_event_nfs4_lookup_event+0x10/0x10 [ 544.136906][T12863] tracepoint_probe_register+0xc4/0x110 [ 544.136940][T12863] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 544.136971][T12863] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 544.137012][T12863] ? __pfx_trace_event_raw_event_nfs4_lookup_event+0x10/0x10 [ 544.137064][T12863] ? __pfx_probe_sched_switch+0x10/0x10 [ 544.137097][T12863] ? __lock_acquire+0x4a5/0x2630 [ 544.137143][T12863] trace_event_reg+0x209/0x350 [ 544.137192][T12863] __ftrace_event_enable_disable+0x211/0x6f0 [ 544.137230][T12863] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 544.137281][T12863] ftrace_set_clr_event+0x16e/0x330 [ 544.137322][T12863] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 544.137361][T12863] ? trace_get_user+0x3ae/0xa70 [ 544.137412][T12863] ftrace_event_write+0x259/0x2c0 [ 544.137451][T12863] ? __pfx_ftrace_event_write+0x10/0x10 [ 544.137509][T12863] vfs_write+0x2aa/0x1070 [ 544.137559][T12863] ? __pfx_ftrace_event_write+0x10/0x10 [ 544.137604][T12863] ? __pfx_vfs_write+0x10/0x10 [ 544.137651][T12863] ? __fget_files+0x215/0x3d0 [ 544.137690][T12863] ? __fget_files+0x21f/0x3d0 [ 544.137731][T12863] ksys_write+0x12a/0x250 [ 544.137759][T12863] ? __pfx_ksys_write+0x10/0x10 [ 544.137801][T12863] do_syscall_64+0x106/0xf80 [ 544.137837][T12863] ? clear_bhb_loop+0x40/0x90 [ 544.137876][T12863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 544.137917][T12863] RIP: 0033:0x7f676b79c799 [ 544.137944][T12863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 544.137974][T12863] RSP: 002b:00007f676c6c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 544.138004][T12863] RAX: ffffffffffffffda RBX: 00007f676ba15fa0 RCX: 00007f676b79c799 [ 544.138025][T12863] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 544.138043][T12863] RBP: 00007f676b832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 544.138062][T12863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 544.138089][T12863] R13: 00007f676ba16038 R14: 00007f676ba15fa0 R15: 00007ffdccf38448 [ 544.138134][T12863] [ 544.138151][T12863] event trace: Could not enable event nfs4_mkdir [ 544.474830][ T6552] Bluetooth: hci3: command 0x0c1a tx timeout [ 544.481176][ T6552] Bluetooth: hci2: command 0x0c1a tx timeout [ 544.487821][ T6374] Bluetooth: hci1: command 0x0c1a tx timeout [ 544.536819][ T6552] Bluetooth: hci4: command 0x0c1a tx timeout [ 545.712100][T12891] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 546.355387][T12900] vhci_hcd vhci_hcd.2: invalid port number 16 [ 546.406237][T12902] vhci_hcd vhci_hcd.2: invalid port number 16 [ 546.412687][T12902] vhci_hcd vhci_hcd.2: invalid port number 16 [ 546.474887][T12900] vhci_hcd vhci_hcd.2: invalid port number 16 [ 547.383386][T12915] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1815'. [ 548.456469][ T6552] block nbd0: Receive control failed (result -32) [ 549.855020][T12928] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 551.693432][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880328ec400: rx timeout, send abort [ 551.704960][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880328ec400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 552.943641][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807c8b9400: rx timeout, send abort [ 552.952580][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807c8b9c00: rx timeout, send abort [ 552.962282][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88807c8b9400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 552.977447][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88807c8b9c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 553.106314][T12927] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 556.536772][ T6552] Bluetooth: hci0: command 0x0c1a tx timeout [ 556.548443][T12945] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 556.781351][T12985] bridge0: port 3(team0) entered blocking state [ 556.813432][T12985] bridge0: port 3(team0) entered disabled state [ 556.866697][T12985] team0: entered allmulticast mode [ 556.928779][T12985] team_slave_0: entered allmulticast mode [ 556.985037][T12985] team_slave_1: entered allmulticast mode [ 557.025148][T12945] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 557.055291][T12985] team0: entered promiscuous mode [ 557.073037][T12985] team_slave_0: entered promiscuous mode [ 557.085007][T12945] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 557.091539][T12945] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 557.097165][T12985] team_slave_1: entered promiscuous mode [ 557.126068][T12985] bridge0: port 3(team0) entered blocking state [ 557.133203][T12985] bridge0: port 3(team0) entered forwarding state [ 557.152339][T12945] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 558.105743][T12990] ubi0: attaching mtd0 [ 558.196125][T12990] ubi0: scanning is finished [ 558.694929][ T6552] Bluetooth: hci1: command 0x0c1a tx timeout [ 558.756291][T12990] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 559.097749][ T6552] Bluetooth: hci3: command 0x0c1a tx timeout [ 559.104166][ T8076] Bluetooth: hci2: command 0x0c1a tx timeout [ 559.175628][ T6552] Bluetooth: hci4: command 0x0c1a tx timeout [ 560.499718][T13014] block2mtd: Using custom MTD label '' for dev [ 560.545154][T13014] block2mtd: error: cannot open device [ 560.894102][T13032] FAULT_INJECTION: forcing a failure. [ 560.894102][T13032] name failslab, interval 1, probability 0, space 0, times 0 [ 560.958528][T13032] CPU: 1 UID: 0 PID: 13032 Comm: syz.4.1841 Tainted: G L syzkaller #0 PREEMPT(full) [ 560.958575][T13032] Tainted: [L]=SOFTLOCKUP [ 560.958586][T13032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 560.958603][T13032] Call Trace: [ 560.958613][T13032] [ 560.958625][T13032] dump_stack_lvl+0x100/0x190 [ 560.958674][T13032] should_fail_ex.cold+0x5/0xa [ 560.958710][T13032] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 560.958739][T13032] should_failslab+0xc2/0x120 [ 560.958769][T13032] __kmalloc_noprof+0xe0/0x850 [ 560.958810][T13032] ? trace_kmalloc+0x101/0x130 [ 560.958846][T13032] kernfs_fop_write_iter+0x26a/0x5f0 [ 560.958883][T13032] iter_file_splice_write+0x830/0x10a0 [ 560.958935][T13032] ? __pfx_iter_file_splice_write+0x10/0x10 [ 560.958974][T13032] ? __pfx_copy_splice_read+0x10/0x10 [ 560.959046][T13032] ? __pfx_iter_file_splice_write+0x10/0x10 [ 560.959081][T13032] direct_splice_actor+0x192/0x6c0 [ 560.959133][T13032] splice_direct_to_actor+0x345/0xa30 [ 560.959165][T13032] ? __pfx_direct_splice_actor+0x10/0x10 [ 560.959215][T13032] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 560.959260][T13032] do_splice_direct+0x174/0x240 [ 560.959292][T13032] ? __pfx_do_splice_direct+0x10/0x10 [ 560.959325][T13032] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 560.959383][T13032] ? rw_verify_area+0xce/0x6d0 [ 560.959439][T13032] do_sendfile+0xadc/0xe20 [ 560.959493][T13032] ? __pfx_do_sendfile+0x10/0x10 [ 560.959538][T13032] ? __fget_files+0x21f/0x3d0 [ 560.959579][T13032] __x64_sys_sendfile64+0x1d8/0x220 [ 560.959612][T13032] ? ksys_write+0x1ac/0x250 [ 560.959638][T13032] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 560.959685][T13032] do_syscall_64+0x106/0xf80 [ 560.959720][T13032] ? clear_bhb_loop+0x40/0x90 [ 560.959759][T13032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 560.959789][T13032] RIP: 0033:0x7f037679c799 [ 560.959816][T13032] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 560.959844][T13032] RSP: 002b:00007f037772f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 560.959873][T13032] RAX: ffffffffffffffda RBX: 00007f0376a15fa0 RCX: 00007f037679c799 [ 560.959894][T13032] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 560.959912][T13032] RBP: 00007f037772f090 R08: 0000000000000000 R09: 0000000000000000 [ 560.959930][T13032] R10: 0000000000002683 R11: 0000000000000246 R12: 0000000000000001 [ 560.959948][T13032] R13: 00007f0376a16038 R14: 00007f0376a15fa0 R15: 00007fffab9f65e8 [ 560.959989][T13032] [ 561.888148][T13045] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1844'. [ 562.164562][T13050] FAULT_INJECTION: forcing a failure. [ 562.164562][T13050] name failslab, interval 1, probability 0, space 0, times 0 [ 562.211412][T13050] CPU: 0 UID: 0 PID: 13050 Comm: syz.2.1846 Tainted: G L syzkaller #0 PREEMPT(full) [ 562.211460][T13050] Tainted: [L]=SOFTLOCKUP [ 562.211471][T13050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 562.211488][T13050] Call Trace: [ 562.211498][T13050] [ 562.211510][T13050] dump_stack_lvl+0x100/0x190 [ 562.211556][T13050] should_fail_ex.cold+0x5/0xa [ 562.211589][T13050] ? alloc_pipe_info+0x1ec/0x590 [ 562.211616][T13050] should_failslab+0xc2/0x120 [ 562.211644][T13050] __kmalloc_noprof+0xe0/0x850 [ 562.211681][T13050] ? bpf_lsm_capable+0x9/0x10 [ 562.211705][T13050] ? security_capable+0x80/0x260 [ 562.211741][T13050] alloc_pipe_info+0x1ec/0x590 [ 562.211769][T13050] splice_direct_to_actor+0x78f/0xa30 [ 562.211795][T13050] ? __lock_acquire+0x4a5/0x2630 [ 562.211824][T13050] ? __pfx_direct_splice_actor+0x10/0x10 [ 562.211864][T13050] ? __pfx_aa_file_perm+0x10/0x10 [ 562.211894][T13050] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 562.211926][T13050] do_splice_direct+0x174/0x240 [ 562.211950][T13050] ? __pfx_do_splice_direct+0x10/0x10 [ 562.211975][T13050] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 562.212016][T13050] ? rw_verify_area+0xce/0x6d0 [ 562.212052][T13050] do_sendfile+0xadc/0xe20 [ 562.212094][T13050] ? __pfx_do_sendfile+0x10/0x10 [ 562.212130][T13050] ? __fget_files+0x21f/0x3d0 [ 562.212160][T13050] __x64_sys_sendfile64+0x1d8/0x220 [ 562.212186][T13050] ? ksys_write+0x1ac/0x250 [ 562.212214][T13050] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 562.212250][T13050] do_syscall_64+0x106/0xf80 [ 562.212279][T13050] ? clear_bhb_loop+0x40/0x90 [ 562.212308][T13050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 562.212332][T13050] RIP: 0033:0x7f9561f9c799 [ 562.212354][T13050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 562.212377][T13050] RSP: 002b:00007f9562f38028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 562.212400][T13050] RAX: ffffffffffffffda RBX: 00007f9562215fa0 RCX: 00007f9561f9c799 [ 562.212416][T13050] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 562.212509][T13050] RBP: 00007f9562f38090 R08: 0000000000000000 R09: 0000000000000000 [ 562.212535][T13050] R10: 0100000000000009 R11: 0000000000000246 R12: 0000000000000001 [ 562.212550][T13050] R13: 00007f9562216038 R14: 00007f9562215fa0 R15: 00007ffe629bfc48 [ 562.212586][T13050] [ 563.458143][T13055] tc_dump_action: action bad kind [ 563.610534][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.617344][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.804849][ T30] audit: type=1806 audit(4294969646.834:10): xattr="." res=0 [ 564.875481][T13072] FAULT_INJECTION: forcing a failure. [ 564.875481][T13072] name failslab, interval 1, probability 0, space 0, times 0 [ 564.935787][T13072] CPU: 1 UID: 0 PID: 13072 Comm: syz.4.1851 Tainted: G L syzkaller #0 PREEMPT(full) [ 564.935840][T13072] Tainted: [L]=SOFTLOCKUP [ 564.935852][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 564.935872][T13072] Call Trace: [ 564.935884][T13072] [ 564.935897][T13072] dump_stack_lvl+0x100/0x190 [ 564.935951][T13072] should_fail_ex.cold+0x5/0xa [ 564.935989][T13072] ? tomoyo_realpath_from_path+0xb6/0x690 [ 564.936025][T13072] should_failslab+0xc2/0x120 [ 564.936059][T13072] __kmalloc_noprof+0xe0/0x850 [ 564.936114][T13072] tomoyo_realpath_from_path+0xb6/0x690 [ 564.936159][T13072] tomoyo_check_open_permission+0x2af/0x3c0 [ 564.936209][T13072] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 564.936300][T13072] ? do_raw_spin_lock+0x128/0x260 [ 564.936346][T13072] ? path_get+0x61/0x80 [ 564.936385][T13072] tomoyo_file_open+0x6b/0x90 [ 564.936438][T13072] security_file_open+0xb5/0x1e0 [ 564.936474][T13072] do_dentry_open+0x5aa/0x1660 [ 564.936510][T13072] ? security_inode_permission+0xbf/0x250 [ 564.936566][T13072] vfs_open+0x82/0x3f0 [ 564.936611][T13072] path_openat+0x208c/0x31a0 [ 564.936659][T13072] ? __pfx_path_openat+0x10/0x10 [ 564.936709][T13072] do_file_open+0x20e/0x430 [ 564.936746][T13072] ? __pfx_do_file_open+0x10/0x10 [ 564.936810][T13072] ? alloc_fd+0x476/0x790 [ 564.936843][T13072] ? do_getname+0x191/0x390 [ 564.936880][T13072] do_sys_openat2+0x10d/0x1e0 [ 564.936919][T13072] ? __pfx_do_sys_openat2+0x10/0x10 [ 564.936975][T13072] __x64_sys_openat+0x12d/0x210 [ 564.937014][T13072] ? __pfx___x64_sys_openat+0x10/0x10 [ 564.937072][T13072] do_syscall_64+0x106/0xf80 [ 564.937110][T13072] ? clear_bhb_loop+0x40/0x90 [ 564.937151][T13072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.937184][T13072] RIP: 0033:0x7f037679c799 [ 564.937211][T13072] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 564.937240][T13072] RSP: 002b:00007f037772f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 564.937271][T13072] RAX: ffffffffffffffda RBX: 00007f0376a15fa0 RCX: 00007f037679c799 [ 564.937292][T13072] RDX: 0000000000000100 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 564.937312][T13072] RBP: 00007f0376832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 564.937331][T13072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 564.937349][T13072] R13: 00007f0376a16038 R14: 00007f0376a15fa0 R15: 00007fffab9f65e8 [ 564.937391][T13072] [ 564.937565][T13072] ERROR: Out of memory at tomoyo_realpath_from_path. [ 566.003132][T13089] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1854'. [ 566.065756][T13090] FAULT_INJECTION: forcing a failure. [ 566.065756][T13090] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 566.126814][T13086] netlink: 'syz.3.1854': attribute type 1 has an invalid length. [ 566.155883][T13090] CPU: 0 UID: 0 PID: 13090 Comm: syz.4.1853 Tainted: G L syzkaller #0 PREEMPT(full) [ 566.155935][T13090] Tainted: [L]=SOFTLOCKUP [ 566.155948][T13090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 566.155967][T13090] Call Trace: [ 566.155979][T13090] [ 566.155992][T13090] dump_stack_lvl+0x100/0x190 [ 566.156044][T13090] should_fail_ex.cold+0x5/0xa [ 566.156081][T13090] _copy_from_user+0x2e/0xd0 [ 566.156114][T13090] write_ldt+0xfd/0xd40 [ 566.156154][T13090] ? __pfx_write_ldt+0x10/0x10 [ 566.156184][T13090] ? __sys_socket+0xac/0x260 [ 566.156216][T13090] ? xfd_validate_state+0x129/0x190 [ 566.156270][T13090] __x64_sys_modify_ldt+0xb1/0x170 [ 566.156304][T13090] do_syscall_64+0x106/0xf80 [ 566.156341][T13090] ? clear_bhb_loop+0x40/0x90 [ 566.156376][T13090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.156407][T13090] RIP: 0033:0x7f037679c799 [ 566.156433][T13090] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 566.156463][T13090] RSP: 002b:00007f03776ed028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 566.156492][T13090] RAX: ffffffffffffffda RBX: 00007f0376a16180 RCX: 00007f037679c799 [ 566.156523][T13090] RDX: 0000000000000010 RSI: 0000200000000140 RDI: 0000000000000001 [ 566.156541][T13090] RBP: 00007f0376832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 566.156560][T13090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 566.156579][T13090] R13: 00007f0376a16218 R14: 00007f0376a16180 R15: 00007fffab9f65e8 [ 566.156621][T13090] [ 566.338883][T13086] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1854'. [ 566.349602][T13086] netlink: 'syz.3.1854': attribute type 1 has an invalid length. [ 566.913326][T13097] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 570.597979][T13139] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1865'. [ 572.335944][T13161] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 573.476121][T13173] FAULT_INJECTION: forcing a failure. [ 573.476121][T13173] name failslab, interval 1, probability 0, space 0, times 0 [ 573.567180][T13173] CPU: 1 UID: 0 PID: 13173 Comm: syz.4.1872 Tainted: G L syzkaller #0 PREEMPT(full) [ 573.567234][T13173] Tainted: [L]=SOFTLOCKUP [ 573.567246][T13173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 573.567264][T13173] Call Trace: [ 573.567274][T13173] [ 573.567287][T13173] dump_stack_lvl+0x100/0x190 [ 573.567339][T13173] should_fail_ex.cold+0x5/0xa [ 573.567378][T13173] should_failslab+0xc2/0x120 [ 573.567411][T13173] __kmalloc_cache_noprof+0x7a/0x6f0 [ 573.567452][T13173] ? assoc_array_delete+0x101/0xd10 [ 573.567490][T13173] ? __lock_acquire+0x4a5/0x2630 [ 573.567548][T13173] assoc_array_delete+0x101/0xd10 [ 573.567600][T13173] ? __pfx_assoc_array_delete+0x10/0x10 [ 573.567655][T13173] ? __pfx_down_write+0x10/0x10 [ 573.567695][T13173] ? __sys_bind+0x1c7/0x260 [ 573.567734][T13173] key_unlink+0xbc/0x310 [ 573.567771][T13173] ? __pfx_key_unlink+0x10/0x10 [ 573.567810][T13173] ? xfd_validate_state+0x129/0x190 [ 573.567860][T13173] keyctl_keyring_unlink+0xdc/0x1b0 [ 573.567904][T13173] __do_sys_keyctl+0x3dd/0x5a0 [ 573.567953][T13173] do_syscall_64+0x106/0xf80 [ 573.567990][T13173] ? clear_bhb_loop+0x40/0x90 [ 573.568028][T13173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.568061][T13173] RIP: 0033:0x7f037679c799 [ 573.568088][T13173] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 573.568117][T13173] RSP: 002b:00007f037772f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 573.568148][T13173] RAX: ffffffffffffffda RBX: 00007f0376a15fa0 RCX: 00007f037679c799 [ 573.568169][T13173] RDX: 7ffffffffffffffb RSI: fffffffffffffffd RDI: 0000000000000009 [ 573.568188][T13173] RBP: 00007f0376832bd9 R08: 8000000000000000 R09: 0000000000000000 [ 573.568207][T13173] R10: 080000000000000b R11: 0000000000000246 R12: 0000000000000000 [ 573.568227][T13173] R13: 00007f0376a16038 R14: 00007f0376a15fa0 R15: 00007fffab9f65e8 [ 573.568270][T13173] [ 574.839356][T13187] zswap: compressor 000 not available [ 575.303488][T13185] zswap: compressor not available [ 575.766622][T13204] zswap: compressor 000 not available [ 576.581565][T13226] FAULT_INJECTION: forcing a failure. [ 576.581565][T13226] name failslab, interval 1, probability 0, space 0, times 0 [ 576.655087][T13226] CPU: 1 UID: 0 PID: 13226 Comm: syz.3.1882 Tainted: G L syzkaller #0 PREEMPT(full) [ 576.655141][T13226] Tainted: [L]=SOFTLOCKUP [ 576.655154][T13226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 576.655174][T13226] Call Trace: [ 576.655185][T13226] [ 576.655198][T13226] dump_stack_lvl+0x100/0x190 [ 576.655248][T13226] should_fail_ex.cold+0x5/0xa [ 576.655283][T13226] should_failslab+0xc2/0x120 [ 576.655316][T13226] __kmalloc_cache_noprof+0x7a/0x6f0 [ 576.655354][T13226] ? assoc_array_delete+0x101/0xd10 [ 576.655398][T13226] ? __lock_acquire+0x4a5/0x2630 [ 576.655443][T13226] assoc_array_delete+0x101/0xd10 [ 576.655501][T13226] ? __pfx_assoc_array_delete+0x10/0x10 [ 576.655560][T13226] ? __pfx_down_write+0x10/0x10 [ 576.655599][T13226] ? __sys_bind+0x1c7/0x260 [ 576.655639][T13226] key_unlink+0xbc/0x310 [ 576.655674][T13226] ? __pfx_key_unlink+0x10/0x10 [ 576.655712][T13226] ? xfd_validate_state+0x129/0x190 [ 576.655763][T13226] keyctl_keyring_unlink+0xdc/0x1b0 [ 576.655810][T13226] __do_sys_keyctl+0x3dd/0x5a0 [ 576.655857][T13226] do_syscall_64+0x106/0xf80 [ 576.655892][T13226] ? clear_bhb_loop+0x40/0x90 [ 576.655931][T13226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.655960][T13226] RIP: 0033:0x7f2dbdd9c799 [ 576.655986][T13226] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 576.656015][T13226] RSP: 002b:00007f2dbec17028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 576.656047][T13226] RAX: ffffffffffffffda RBX: 00007f2dbe015fa0 RCX: 00007f2dbdd9c799 [ 576.656068][T13226] RDX: 7ffffffffffffffb RSI: fffffffffffffffd RDI: 0000000000000009 [ 576.656088][T13226] RBP: 00007f2dbde32bd9 R08: 8000000000000000 R09: 0000000000000000 [ 576.656107][T13226] R10: 080000000000000b R11: 0000000000000246 R12: 0000000000000000 [ 576.656126][T13226] R13: 00007f2dbe016038 R14: 00007f2dbe015fa0 R15: 00007ffee7f32068 [ 576.656170][T13226] [ 577.368494][T13236] FAULT_INJECTION: forcing a failure. [ 577.368494][T13236] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 577.482638][T13236] CPU: 1 UID: 0 PID: 13236 Comm: syz.3.1884 Tainted: G L syzkaller #0 PREEMPT(full) [ 577.482683][T13236] Tainted: [L]=SOFTLOCKUP [ 577.482693][T13236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 577.482710][T13236] Call Trace: [ 577.482720][T13236] [ 577.482731][T13236] dump_stack_lvl+0x100/0x190 [ 577.482781][T13236] should_fail_ex.cold+0x5/0xa [ 577.482815][T13236] _copy_to_user+0x32/0xd0 [ 577.482847][T13236] __sys_bpf+0x3b7e/0x4b90 [ 577.482887][T13236] ? __pfx___sys_bpf+0x10/0x10 [ 577.482918][T13236] ? proc_fail_nth_write+0x9f/0x220 [ 577.482954][T13236] ? find_held_lock+0x2b/0x80 [ 577.482991][T13236] ? find_held_lock+0x2b/0x80 [ 577.483017][T13236] ? ksys_write+0x190/0x250 [ 577.483053][T13236] ? __mutex_unlock_slowpath+0x15c/0x790 [ 577.483092][T13236] ? __fget_files+0x215/0x3d0 [ 577.483140][T13236] ? fput+0x79/0x100 [ 577.483175][T13236] ? ksys_write+0x1ac/0x250 [ 577.483200][T13236] ? __pfx_ksys_write+0x10/0x10 [ 577.483236][T13236] __x64_sys_bpf+0x7b/0xc0 [ 577.483270][T13236] ? lockdep_hardirqs_on+0x78/0x100 [ 577.483305][T13236] do_syscall_64+0x106/0xf80 [ 577.483338][T13236] ? clear_bhb_loop+0x40/0x90 [ 577.483375][T13236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.483405][T13236] RIP: 0033:0x7f2dbdd9c799 [ 577.483429][T13236] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 577.483456][T13236] RSP: 002b:00007f2dbec17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 577.483483][T13236] RAX: ffffffffffffffda RBX: 00007f2dbe015fa0 RCX: 00007f2dbdd9c799 [ 577.483510][T13236] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000015 [ 577.483527][T13236] RBP: 00007f2dbec17090 R08: 0000000000000000 R09: 0000000000000000 [ 577.483543][T13236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 577.483560][T13236] R13: 00007f2dbe016038 R14: 00007f2dbe015fa0 R15: 00007ffee7f32068 [ 577.483601][T13236] [ 577.945927][T13229] zswap: compressor 000 not available [ 578.230596][T13246] nvme_fcloop: unknown parameter or missing value '7' [ 578.324047][T13239] zswap: compressor 000 not available [ 578.525265][T13250] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 579.909886][T13270] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 579.941081][T13274] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 580.846220][T13279] FAULT_INJECTION: forcing a failure. [ 580.846220][T13279] name failslab, interval 1, probability 0, space 0, times 0 [ 580.861334][T13279] CPU: 1 UID: 0 PID: 13279 Comm: syz.3.1897 Tainted: G L syzkaller #0 PREEMPT(full) [ 580.861382][T13279] Tainted: [L]=SOFTLOCKUP [ 580.861393][T13279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 580.861410][T13279] Call Trace: [ 580.861421][T13279] [ 580.861434][T13279] dump_stack_lvl+0x100/0x190 [ 580.861497][T13279] should_fail_ex.cold+0x5/0xa [ 580.861531][T13279] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 580.861562][T13279] should_failslab+0xc2/0x120 [ 580.861594][T13279] __kmalloc_noprof+0xe0/0x850 [ 580.861647][T13279] kernfs_fop_write_iter+0x26a/0x5f0 [ 580.861686][T13279] vfs_write+0x6ac/0x1070 [ 580.861733][T13279] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 580.861769][T13279] ? __pfx_vfs_write+0x10/0x10 [ 580.861850][T13279] ksys_write+0x12a/0x250 [ 580.861878][T13279] ? __pfx_ksys_write+0x10/0x10 [ 580.861918][T13279] do_syscall_64+0x106/0xf80 [ 580.861955][T13279] ? clear_bhb_loop+0x40/0x90 [ 580.861992][T13279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.862022][T13279] RIP: 0033:0x7f2dbdd9c799 [ 580.862048][T13279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 580.862076][T13279] RSP: 002b:00007f2dbec17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 580.862104][T13279] RAX: ffffffffffffffda RBX: 00007f2dbe015fa0 RCX: 00007f2dbdd9c799 [ 580.862123][T13279] RDX: 0000000000000081 RSI: 0000200000000000 RDI: 0000000000000003 [ 580.862142][T13279] RBP: 00007f2dbec17090 R08: 0000000000000000 R09: 0000000000000000 [ 580.862160][T13279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 580.862179][T13279] R13: 00007f2dbe016038 R14: 00007f2dbe015fa0 R15: 00007ffee7f32068 [ 580.862221][T13279] [ 581.334159][T13285] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1898'. [ 583.865485][T13300] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 583.907427][T13309] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 584.729237][T13316] openvswitch: netlink: VXLAN extension message has 16 unknown bytes. [ 585.221159][T13317] zswap: compressor not available [ 585.525846][ T6552] Bluetooth: hci0: unexpected event 0x31 length: 19 > 6 [ 586.719453][T13354] random: crng reseeded on system resumption [ 586.751973][T13355] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1908'. [ 587.190306][T13348] zswap: compressor not available [ 587.372638][T13364] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 588.388342][T13368] zswap: compressor 000 not available [ 589.706167][T13388] ubi0: attaching mtd0 [ 589.713810][T13388] ubi0: scanning is finished [ 590.374546][T13388] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 590.835052][T13404] FAULT_INJECTION: forcing a failure. [ 590.835052][T13404] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 590.915528][T13404] CPU: 1 UID: 0 PID: 13404 Comm: syz.4.1922 Tainted: G L syzkaller #0 PREEMPT(full) [ 590.915587][T13404] Tainted: [L]=SOFTLOCKUP [ 590.915600][T13404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 590.915619][T13404] Call Trace: [ 590.915630][T13404] [ 590.915643][T13404] dump_stack_lvl+0x100/0x190 [ 590.915695][T13404] should_fail_ex.cold+0x5/0xa [ 590.915727][T13404] ? prepare_alloc_pages+0x16d/0x5f0 [ 590.915763][T13404] should_fail_alloc_page+0xeb/0x140 [ 590.915797][T13404] prepare_alloc_pages+0x1f0/0x5f0 [ 590.915839][T13404] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 590.915882][T13404] ? print_kernel_ident+0x11/0x40 [ 590.915911][T13404] ? is_bpf_text_address+0x8a/0x1a0 [ 590.915958][T13404] ? is_bpf_text_address+0x8a/0x1a0 [ 590.916002][T13404] ? bpf_ksym_find+0x124/0x1c0 [ 590.916039][T13404] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 590.916072][T13404] ? is_bpf_text_address+0x94/0x1a0 [ 590.916118][T13404] ? kernel_text_address+0x8d/0x100 [ 590.916160][T13404] ? __kernel_text_address+0xd/0x30 [ 590.916199][T13404] ? unwind_get_return_address+0x59/0xa0 [ 590.916229][T13404] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 590.916279][T13404] ? __pfx_stack_trace_save+0x10/0x10 [ 590.916303][T13404] ? stack_depot_save_flags+0x27/0x9d0 [ 590.916339][T13404] ? stack_trace_save+0x8e/0xc0 [ 590.916369][T13404] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 590.916412][T13404] ? policy_nodemask+0xed/0x4f0 [ 590.916441][T13404] alloc_pages_mpol+0x1fb/0x550 [ 590.916469][T13404] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 590.916505][T13404] alloc_pages_noprof+0x131/0x390 [ 590.916532][T13404] kimage_alloc_pages+0x72/0x380 [ 590.916577][T13404] kimage_alloc_control_pages+0x157/0xa20 [ 590.916612][T13404] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 590.916647][T13404] do_kexec_load+0x275/0x810 [ 590.916675][T13404] ? __pfx_do_kexec_load+0x10/0x10 [ 590.916703][T13404] ? _copy_from_user+0x59/0xd0 [ 590.916730][T13404] __x64_sys_kexec_load+0x1bf/0x230 [ 590.916758][T13404] do_syscall_64+0x106/0xf80 [ 590.916788][T13404] ? clear_bhb_loop+0x40/0x90 [ 590.916818][T13404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.916842][T13404] RIP: 0033:0x7f037679c799 [ 590.916865][T13404] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 590.916889][T13404] RSP: 002b:00007f037772f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 590.916913][T13404] RAX: ffffffffffffffda RBX: 00007f0376a15fa0 RCX: 00007f037679c799 [ 590.916929][T13404] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff [ 590.916944][T13404] RBP: 00007f0376832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 590.916960][T13404] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 590.916975][T13404] R13: 00007f0376a16038 R14: 00007f0376a15fa0 R15: 00007fffab9f65e8 [ 590.917009][T13404] [ 590.924269][T13404] kexec: Could not allocate control_code_buffer [ 591.104392][T13408] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1921'. [ 591.807709][T13416] netlink: 'syz.4.1925': attribute type 1 has an invalid length. [ 591.875031][T13416] netlink: 33 bytes leftover after parsing attributes in process `syz.4.1925'. [ 592.418781][T13423] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1926'. [ 592.750154][T13430] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1928'. [ 592.759556][T13423] team0 (unregistering): Port device team_slave_0 removed [ 593.065298][T13423] team0 (unregistering): Port device team_slave_1 removed [ 593.437606][T13439] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1930'. [ 594.859279][T13442] ubi0: attaching mtd0 [ 594.965234][T13442] ubi0: scanning is finished [ 596.035694][T13442] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 596.434125][T13442] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 596.576202][T13442] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 596.644110][T13442] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 596.708460][T13442] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 596.768749][T13442] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 596.800912][T13465] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 596.914859][T13442] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2433238908 [ 597.015215][T13442] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 597.090505][T13445] ubi0: detaching mtd0 [ 597.094861][T13460] ubi0: background thread "ubi_bgt0d" started, PID 13460 [ 597.143623][T13445] ubi0: mtd0 is detached [ 598.498624][T13489] FAULT_INJECTION: forcing a failure. [ 598.498624][T13489] name failslab, interval 1, probability 0, space 0, times 0 [ 598.575038][T13489] CPU: 1 UID: 0 PID: 13489 Comm: syz.4.1939 Tainted: G L syzkaller #0 PREEMPT(full) [ 598.575090][T13489] Tainted: [L]=SOFTLOCKUP [ 598.575102][T13489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 598.575120][T13489] Call Trace: [ 598.575131][T13489] [ 598.575144][T13489] dump_stack_lvl+0x100/0x190 [ 598.575199][T13489] should_fail_ex.cold+0x5/0xa [ 598.575236][T13489] should_failslab+0xc2/0x120 [ 598.575271][T13489] __kmalloc_cache_noprof+0x7a/0x6f0 [ 598.575310][T13489] ? assoc_array_delete+0x101/0xd10 [ 598.575348][T13489] ? __lock_acquire+0x4a5/0x2630 [ 598.575394][T13489] assoc_array_delete+0x101/0xd10 [ 598.575455][T13489] ? __pfx_assoc_array_delete+0x10/0x10 [ 598.575506][T13489] ? __pfx_down_write+0x10/0x10 [ 598.575543][T13489] ? __sys_bind+0x1c7/0x260 [ 598.575582][T13489] key_unlink+0xbc/0x310 [ 598.575618][T13489] ? __pfx_key_unlink+0x10/0x10 [ 598.575657][T13489] ? xfd_validate_state+0x129/0x190 [ 598.575790][T13489] keyctl_keyring_unlink+0xdc/0x1b0 [ 598.575845][T13489] __do_sys_keyctl+0x3dd/0x5a0 [ 598.575890][T13489] do_syscall_64+0x106/0xf80 [ 598.575928][T13489] ? clear_bhb_loop+0x40/0x90 [ 598.575967][T13489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.576000][T13489] RIP: 0033:0x7f037679c799 [ 598.576028][T13489] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 598.576057][T13489] RSP: 002b:00007f037772f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 598.576087][T13489] RAX: ffffffffffffffda RBX: 00007f0376a15fa0 RCX: 00007f037679c799 [ 598.576108][T13489] RDX: 7ffffffffffffffb RSI: fffffffffffffffd RDI: 0000000000000009 [ 598.576127][T13489] RBP: 00007f0376832bd9 R08: 8000000000000000 R09: 0000000000000000 [ 598.576147][T13489] R10: 080000000000000b R11: 0000000000000246 R12: 0000000000000000 [ 598.576166][T13489] R13: 00007f0376a16038 R14: 00007f0376a15fa0 R15: 00007fffab9f65e8 [ 598.576209][T13489] [ 600.402213][T13505] blktrace: Concurrent blktraces are not allowed on loop2 [ 602.622362][T13534] nvme_fabrics: missing parameter 'transport=%s' [ 602.775583][T13534] nvme_fabrics: missing parameter 'nqn=%s' [ 603.743592][T13552] Invalid ELF header magic: != ELF [ 604.293163][T13561] FAULT_INJECTION: forcing a failure. [ 604.293163][T13561] name failslab, interval 1, probability 0, space 0, times 0 [ 604.354919][T13561] CPU: 1 UID: 0 PID: 13561 Comm: syz.2.1957 Tainted: G L syzkaller #0 PREEMPT(full) [ 604.354973][T13561] Tainted: [L]=SOFTLOCKUP [ 604.354985][T13561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 604.355005][T13561] Call Trace: [ 604.355017][T13561] [ 604.355029][T13561] dump_stack_lvl+0x100/0x190 [ 604.355081][T13561] should_fail_ex.cold+0x5/0xa [ 604.355119][T13561] ? __register_sysctl_table+0xbe4/0x1650 [ 604.355171][T13561] should_failslab+0xc2/0x120 [ 604.355205][T13561] __kmalloc_noprof+0xe0/0x850 [ 604.355261][T13561] __register_sysctl_table+0xbe4/0x1650 [ 604.355320][T13561] ? __pfx___register_sysctl_table+0x10/0x10 [ 604.355367][T13561] ? rcu_is_cpu_rrupt_from_idle+0x1b1/0x270 [ 604.355419][T13561] ? __asan_memcpy+0x3c/0x60 [ 604.355477][T13561] register_pidns_sysctls+0x11d/0x1c0 [ 604.355522][T13561] ? __ns_common_init+0x299/0x4b0 [ 604.355562][T13561] copy_pid_ns+0x680/0x10a0 [ 604.355600][T13561] ? __pfx_copy_pid_ns+0x10/0x10 [ 604.355637][T13561] ? rcu_is_watching+0x12/0xc0 [ 604.355685][T13561] ? copy_mnt_ns+0x106/0xc30 [ 604.355719][T13561] ? create_new_namespaces+0x30/0xac0 [ 604.355761][T13561] create_new_namespaces+0x2aa/0xac0 [ 604.355804][T13561] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 604.355842][T13561] ksys_unshare+0x473/0xad0 [ 604.355883][T13561] ? __pfx_ksys_unshare+0x10/0x10 [ 604.355937][T13561] __x64_sys_unshare+0x31/0x40 [ 604.355975][T13561] do_syscall_64+0x106/0xf80 [ 604.356013][T13561] ? clear_bhb_loop+0x40/0x90 [ 604.356053][T13561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.356086][T13561] RIP: 0033:0x7f9561f9c799 [ 604.356113][T13561] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 604.356143][T13561] RSP: 002b:00007f9562f38028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 604.356174][T13561] RAX: ffffffffffffffda RBX: 00007f9562215fa0 RCX: 00007f9561f9c799 [ 604.356194][T13561] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 604.356212][T13561] RBP: 00007f9562032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 604.356231][T13561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 604.356248][T13561] R13: 00007f9562216038 R14: 00007f9562215fa0 R15: 00007ffe629bfc48 [ 604.356290][T13561] [ 604.356951][T13561] sysctl could not get directory: /kernel -12 [ 605.039005][T13567] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk [ 605.555940][T13583] tc_dump_action: action bad kind [ 606.746135][T13596] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 608.638228][T13619] FAULT_INJECTION: forcing a failure. [ 608.638228][T13619] name failslab, interval 1, probability 0, space 0, times 0 [ 608.684976][T13619] CPU: 0 UID: 0 PID: 13619 Comm: syz.2.1973 Tainted: G L syzkaller #0 PREEMPT(full) [ 608.685024][T13619] Tainted: [L]=SOFTLOCKUP [ 608.685034][T13619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 608.685051][T13619] Call Trace: [ 608.685061][T13619] [ 608.685073][T13619] dump_stack_lvl+0x100/0x190 [ 608.685122][T13619] should_fail_ex.cold+0x5/0xa [ 608.685157][T13619] ? copy_splice_read+0x1a3/0xb90 [ 608.685200][T13619] should_failslab+0xc2/0x120 [ 608.685231][T13619] __kmalloc_noprof+0xe0/0x850 [ 608.685281][T13619] copy_splice_read+0x1a3/0xb90 [ 608.685324][T13619] ? __pfx_iter_file_splice_write+0x10/0x10 [ 608.685360][T13619] ? __pfx_copy_splice_read+0x10/0x10 [ 608.685418][T13619] ? find_held_lock+0x2b/0x80 [ 608.685453][T13619] ? __pfx_copy_splice_read+0x10/0x10 [ 608.685497][T13619] do_splice_read+0x285/0x370 [ 608.685547][T13619] splice_direct_to_actor+0x2a1/0xa30 [ 608.685578][T13619] ? __pfx_direct_splice_actor+0x10/0x10 [ 608.685630][T13619] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 608.685679][T13619] do_splice_direct+0x174/0x240 [ 608.685709][T13619] ? __pfx_do_splice_direct+0x10/0x10 [ 608.685740][T13619] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 608.685789][T13619] ? rw_verify_area+0xce/0x6d0 [ 608.685834][T13619] do_sendfile+0xadc/0xe20 [ 608.685883][T13619] ? __pfx_do_sendfile+0x10/0x10 [ 608.685926][T13619] ? __fget_files+0x21f/0x3d0 [ 608.685963][T13619] __x64_sys_sendfile64+0x1d8/0x220 [ 608.685993][T13619] ? ksys_write+0x1ac/0x250 [ 608.686018][T13619] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 608.686062][T13619] do_syscall_64+0x106/0xf80 [ 608.686096][T13619] ? clear_bhb_loop+0x40/0x90 [ 608.686130][T13619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.686161][T13619] RIP: 0033:0x7f9561f9c799 [ 608.686185][T13619] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 608.686211][T13619] RSP: 002b:00007f9562f38028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 608.686240][T13619] RAX: ffffffffffffffda RBX: 00007f9562215fa0 RCX: 00007f9561f9c799 [ 608.686260][T13619] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 608.686277][T13619] RBP: 00007f9562f38090 R08: 0000000000000000 R09: 0000000000000000 [ 608.686294][T13619] R10: 0000000000002683 R11: 0000000000000246 R12: 0000000000000001 [ 608.686312][T13619] R13: 00007f9562216038 R14: 00007f9562215fa0 R15: 00007ffe629bfc48 [ 608.686352][T13619] [ 610.898169][T13641] mkiss: ax0: crc mode is auto. [ 611.792646][ T6552] Bluetooth: hci4: ISO packet for unknown connection handle 0 [ 612.140292][T13658] FAULT_INJECTION: forcing a failure. [ 612.140292][T13658] name failslab, interval 1, probability 0, space 0, times 0 [ 612.165511][T13648] NFSD: Failed to start, no listeners configured. [ 612.204687][T13658] CPU: 0 UID: 0 PID: 13658 Comm: syz.2.1983 Tainted: G L syzkaller #0 PREEMPT(full) [ 612.204736][T13658] Tainted: [L]=SOFTLOCKUP [ 612.204748][T13658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 612.204764][T13658] Call Trace: [ 612.204775][T13658] [ 612.204786][T13658] dump_stack_lvl+0x100/0x190 [ 612.204834][T13658] should_fail_ex.cold+0x5/0xa [ 612.204869][T13658] ? copy_splice_read+0x1a3/0xb90 [ 612.204914][T13658] should_failslab+0xc2/0x120 [ 612.204946][T13658] __kmalloc_noprof+0xe0/0x850 [ 612.204995][T13658] copy_splice_read+0x1a3/0xb90 [ 612.205048][T13658] ? __pfx_copy_splice_read+0x10/0x10 [ 612.205098][T13658] ? look_up_lock_class+0x55/0x120 [ 612.205141][T13658] ? lockdep_init_map_type+0x5c/0x250 [ 612.205181][T13658] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 612.205228][T13658] ? __pfx_copy_splice_read+0x10/0x10 [ 612.205274][T13658] do_splice_read+0x285/0x370 [ 612.205324][T13658] splice_direct_to_actor+0x2a1/0xa30 [ 612.205356][T13658] ? __pfx_direct_splice_actor+0x10/0x10 [ 612.205410][T13658] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 612.205460][T13658] do_splice_direct+0x174/0x240 [ 612.205490][T13658] ? __pfx_do_splice_direct+0x10/0x10 [ 612.205520][T13658] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 612.205572][T13658] ? rw_verify_area+0xce/0x6d0 [ 612.205617][T13658] do_sendfile+0xadc/0xe20 [ 612.205669][T13658] ? __pfx_do_sendfile+0x10/0x10 [ 612.205711][T13658] ? __fget_files+0x21f/0x3d0 [ 612.205749][T13658] __x64_sys_sendfile64+0x1d8/0x220 [ 612.205780][T13658] ? ksys_write+0x1ac/0x250 [ 612.205805][T13658] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 612.205850][T13658] do_syscall_64+0x106/0xf80 [ 612.205883][T13658] ? clear_bhb_loop+0x40/0x90 [ 612.205920][T13658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.205949][T13658] RIP: 0033:0x7f9561f9c799 [ 612.205974][T13658] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 612.206001][T13658] RSP: 002b:00007f9562f38028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 612.206029][T13658] RAX: ffffffffffffffda RBX: 00007f9562215fa0 RCX: 00007f9561f9c799 [ 612.206048][T13658] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 612.206065][T13658] RBP: 00007f9562f38090 R08: 0000000000000000 R09: 0000000000000000 [ 612.206082][T13658] R10: 0100000000000009 R11: 0000000000000246 R12: 0000000000000001 [ 612.206100][T13658] R13: 00007f9562216038 R14: 00007f9562215fa0 R15: 00007ffe629bfc48 [ 612.206139][T13658] [ 614.807923][T13674] FAULT_INJECTION: forcing a failure. [ 614.807923][T13674] name failslab, interval 1, probability 0, space 0, times 0 [ 614.873094][T13674] CPU: 0 UID: 0 PID: 13674 Comm: syz.2.1988 Tainted: G L syzkaller #0 PREEMPT(full) [ 614.873128][T13674] Tainted: [L]=SOFTLOCKUP [ 614.873135][T13674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 614.873147][T13674] Call Trace: [ 614.873154][T13674] [ 614.873162][T13674] dump_stack_lvl+0x100/0x190 [ 614.873194][T13674] should_fail_ex.cold+0x5/0xa [ 614.873216][T13674] should_failslab+0xc2/0x120 [ 614.873236][T13674] __kmalloc_cache_noprof+0x7a/0x6f0 [ 614.873261][T13674] ? do_getname+0x238/0x390 [ 614.873284][T13674] ? strncpy_from_user+0x19d/0x2d0 [ 614.873317][T13674] do_getname+0x238/0x390 [ 614.873342][T13674] do_sys_openat2+0xc5/0x1e0 [ 614.873367][T13674] ? __pfx_do_sys_openat2+0x10/0x10 [ 614.873399][T13674] __x64_sys_openat+0x12d/0x210 [ 614.873425][T13674] ? __pfx___x64_sys_openat+0x10/0x10 [ 614.873458][T13674] do_syscall_64+0x106/0xf80 [ 614.873490][T13674] ? clear_bhb_loop+0x40/0x90 [ 614.873514][T13674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 614.873534][T13674] RIP: 0033:0x7f9561f9c799 [ 614.873551][T13674] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 614.873570][T13674] RSP: 002b:00007f9562f38028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 614.873589][T13674] RAX: ffffffffffffffda RBX: 00007f9562215fa0 RCX: 00007f9561f9c799 [ 614.873602][T13674] RDX: 0000000000002304 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 614.873613][T13674] RBP: 00007f9562032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 614.873624][T13674] R10: 0000000000001a00 R11: 0000000000000246 R12: 0000000000000000 [ 614.873635][T13674] R13: 00007f9562216038 R14: 00007f9562215fa0 R15: 00007ffe629bfc48 [ 614.873659][T13674] [ 615.873122][T13681] nvme_fabrics: missing parameter 'transport=%s' [ 615.902062][T13681] nvme_fabrics: missing parameter 'nqn=%s' [ 617.698266][T13698] ubi0: attaching mtd0 [ 617.732306][T13698] ubi0: scanning is finished [ 617.767269][T13698] ubi0 warning: ubi_read_volume_table: volume table copy #1 is corrupted [ 617.827548][T13698] ubi0: volume table was restored [ 618.331821][T13726] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 618.362857][T13698] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 619.992526][ T30] audit: type=1800 audit(4294969703.094:11): pid=13752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=111037 res=0 errno=0 [ 620.366306][T13752] could not allocate digest TFM handle [ 624.246339][T13809] usbip-vudc usbip-vudc.0: gadget not bound [ 624.968425][T13820] FAULT_INJECTION: forcing a failure. [ 624.968425][T13820] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 625.024642][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 625.034773][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.079310][T13820] CPU: 1 UID: 0 PID: 13820 Comm: syz.0.2027 Tainted: G L syzkaller #0 PREEMPT(full) [ 625.079359][T13820] Tainted: [L]=SOFTLOCKUP [ 625.079371][T13820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 625.079389][T13820] Call Trace: [ 625.079399][T13820] [ 625.079411][T13820] dump_stack_lvl+0x100/0x190 [ 625.079461][T13820] should_fail_ex.cold+0x5/0xa [ 625.079497][T13820] _copy_to_user+0x32/0xd0 [ 625.079541][T13820] simple_read_from_buffer+0xcb/0x170 [ 625.079591][T13820] proc_fail_nth_read+0x1af/0x230 [ 625.079630][T13820] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 625.079669][T13820] ? rw_verify_area+0xce/0x6d0 [ 625.079710][T13820] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 625.079746][T13820] vfs_read+0x1e4/0xb30 [ 625.079807][T13820] ? __pfx_vfs_read+0x10/0x10 [ 625.079851][T13820] ? __fget_files+0x215/0x3d0 [ 625.079889][T13820] ? __fget_files+0x21f/0x3d0 [ 625.079928][T13820] ksys_read+0x12a/0x250 [ 625.079973][T13820] ? __pfx_ksys_read+0x10/0x10 [ 625.080029][T13820] do_syscall_64+0x106/0xf80 [ 625.080064][T13820] ? clear_bhb_loop+0x40/0x90 [ 625.080101][T13820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.080132][T13820] RIP: 0033:0x7f676b75cfce [ 625.080157][T13820] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 625.080184][T13820] RSP: 002b:00007f676c6bffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 625.080213][T13820] RAX: ffffffffffffffda RBX: 00007f676c6c06c0 RCX: 00007f676b75cfce [ 625.080232][T13820] RDX: 000000000000000f RSI: 00007f676c6c00a0 RDI: 0000000000000001 [ 625.080250][T13820] RBP: 00007f676c6c0090 R08: 0000000000000000 R09: 0000000000000000 [ 625.080267][T13820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 625.080284][T13820] R13: 00007f676ba16038 R14: 00007f676ba15fa0 R15: 00007ffdccf38448 [ 625.080325][T13820] [ 626.145630][T13838] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 626.406127][T13836] zswap: compressor not available [ 628.493028][T13869] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2039'. [ 629.214944][T13877] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 629.898074][T13885] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2045'. [ 630.360138][T13891] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2047'. [ 630.464665][T13893] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2047'. [ 635.494994][ T6552] Bluetooth: hci0: command 0x0c1a tx timeout [ 635.501749][T13912] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 636.164034][T13934] hub 1-0:1.0: USB hub found [ 636.170325][T13934] hub 1-0:1.0: 1 port detected [ 637.155154][T13912] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 637.225411][T13912] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 637.245206][T13912] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 637.270765][T13912] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 637.655219][ T6552] Bluetooth: hci1: command 0x0c1a tx timeout [ 638.167691][T13954] FAULT_INJECTION: forcing a failure. [ 638.167691][T13954] name fail_futex, interval 1, probability 0, space 0, times 0 [ 638.186641][T13954] CPU: 1 UID: 0 PID: 13954 Comm: syz.4.2063 Tainted: G L syzkaller #0 PREEMPT(full) [ 638.186696][T13954] Tainted: [L]=SOFTLOCKUP [ 638.186708][T13954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 638.186728][T13954] Call Trace: [ 638.186739][T13954] [ 638.186752][T13954] dump_stack_lvl+0x100/0x190 [ 638.186803][T13954] should_fail_ex.cold+0x5/0xa [ 638.186840][T13954] get_futex_key+0x1d2/0x1620 [ 638.186891][T13954] ? __pfx_get_futex_key+0x10/0x10 [ 638.186926][T13954] ? path_noexec+0x1be/0x230 [ 638.186971][T13954] ? do_mmap+0x93f/0x12f0 [ 638.187006][T13954] ? __pfx_userfaultfd_unmap_complete+0x10/0x10 [ 638.187064][T13954] futex_wake+0xea/0x530 [ 638.187112][T13954] ? __pfx_futex_wake+0x10/0x10 [ 638.187174][T13954] do_futex+0x32b/0x350 [ 638.187215][T13954] ? __pfx_do_futex+0x10/0x10 [ 638.187258][T13954] ? fput+0x79/0x100 [ 638.187297][T13954] __x64_sys_futex+0x34f/0x4d0 [ 638.187339][T13954] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 638.187373][T13954] ? __pfx___x64_sys_futex+0x10/0x10 [ 638.187426][T13954] do_syscall_64+0x106/0xf80 [ 638.187462][T13954] ? clear_bhb_loop+0x40/0x90 [ 638.187500][T13954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 638.187532][T13954] RIP: 0033:0x7f037679c799 [ 638.187558][T13954] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 638.187586][T13954] RSP: 002b:00007f037772f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 638.187615][T13954] RAX: ffffffffffffffda RBX: 00007f0376a15fa8 RCX: 00007f037679c799 [ 638.187635][T13954] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0376a15fac [ 638.187654][T13954] RBP: 00007f0376a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 638.187673][T13954] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 638.187693][T13954] R13: 00007f0376a16038 R14: 00007fffab9f6500 R15: 00007fffab9f65e8 [ 638.187735][T13954] [ 639.256701][ T6552] Bluetooth: hci3: command 0x0c1a tx timeout [ 639.263122][ T8076] Bluetooth: hci2: command 0x0c1a tx timeout [ 639.349023][ T6552] Bluetooth: hci4: command 0x0c1a tx timeout [ 640.315834][T13974] ubi0: attaching mtd0 [ 640.322719][T13974] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 3 [ 640.367319][T13974] eraseblock attaching information dump: [ 640.373553][T13974] ec 2 [ 640.455691][T13974] pnum 0 [ 640.459341][T13974] lnum 0 [ 640.462738][T13974] scrub 0 [ 640.547146][T13974] sqnum 3 [ 640.550682][T13974] Volume identifier header dump: [ 640.726340][T13974] magic 55424921 [ 640.731142][T13974] version 1 [ 640.769861][T13974] vol_type 1 [ 640.773585][T13974] copy_flag 0 [ 640.847595][T13974] compat 5 [ 640.852090][T13974] vol_id 2147479551 [ 640.950739][T13974] lnum 0 [ 640.954540][T13974] data_size 0 [ 641.015489][T13974] used_ebs 0 [ 641.019372][T13974] data_pad 0 [ 641.023262][T13974] sqnum 3 [ 641.071832][T13974] hdr_crc 05ef0866 [ 641.090747][T13974] Volume identifier header hexdump: [ 641.866650][T13974] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 641.978110][T14004] FAULT_INJECTION: forcing a failure. [ 641.978110][T14004] name failslab, interval 1, probability 0, space 0, times 0 [ 642.042869][T14004] CPU: 1 UID: 0 PID: 14004 Comm: syz.2.2077 Tainted: G L syzkaller #0 PREEMPT(full) [ 642.042917][T14004] Tainted: [L]=SOFTLOCKUP [ 642.042929][T14004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 642.042947][T14004] Call Trace: [ 642.042957][T14004] [ 642.042968][T14004] dump_stack_lvl+0x100/0x190 [ 642.043016][T14004] should_fail_ex.cold+0x5/0xa [ 642.043051][T14004] should_failslab+0xc2/0x120 [ 642.043082][T14004] __kmalloc_cache_noprof+0x7a/0x6f0 [ 642.043118][T14004] ? assoc_array_insert+0x262/0x32c0 [ 642.043167][T14004] assoc_array_insert+0x262/0x32c0 [ 642.043205][T14004] ? __mutex_lock+0x26a/0x1b90 [ 642.043245][T14004] ? key_link+0x2bb/0x390 [ 642.043292][T14004] ? __pfx_assoc_array_insert+0x10/0x10 [ 642.043329][T14004] ? __pfx___might_resched+0x10/0x10 [ 642.043369][T14004] ? keyring_free_preparse+0x9/0x10 [ 642.043409][T14004] ? down_write+0x146/0x1f0 [ 642.043455][T14004] __key_link_begin+0xf5/0x260 [ 642.043495][T14004] key_link+0x103/0x390 [ 642.043533][T14004] ? __pfx_keyring_search_iterator+0x10/0x10 [ 642.043569][T14004] ? __pfx_key_link+0x10/0x10 [ 642.043631][T14004] ? keyring_alloc+0x8e/0xc0 [ 642.043671][T14004] look_up_user_keyrings+0x539/0x790 [ 642.043722][T14004] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 642.043784][T14004] lookup_user_key+0x456/0x1300 [ 642.043836][T14004] ? __pfx_lookup_user_key+0x10/0x10 [ 642.043882][T14004] ? __pfx_do_futex+0x10/0x10 [ 642.043921][T14004] ? __sys_bind+0x1c7/0x260 [ 642.043953][T14004] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 642.044011][T14004] ? xfd_validate_state+0x129/0x190 [ 642.044060][T14004] keyctl_keyring_unlink+0x1f/0x1b0 [ 642.044103][T14004] __do_sys_keyctl+0x3dd/0x5a0 [ 642.044150][T14004] do_syscall_64+0x106/0xf80 [ 642.044185][T14004] ? clear_bhb_loop+0x40/0x90 [ 642.044221][T14004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 642.044251][T14004] RIP: 0033:0x7f9561f9c799 [ 642.044278][T14004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 642.044305][T14004] RSP: 002b:00007f9562f38028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 642.044333][T14004] RAX: ffffffffffffffda RBX: 00007f9562215fa0 RCX: 00007f9561f9c799 [ 642.044352][T14004] RDX: 7ffffffffffffffb RSI: fffffffffffffffd RDI: 0000000000000009 [ 642.044371][T14004] RBP: 00007f9562032bd9 R08: 8000000000000000 R09: 0000000000000000 [ 642.044389][T14004] R10: 080000000000000b R11: 0000000000000246 R12: 0000000000000000 [ 642.044407][T14004] R13: 00007f9562216038 R14: 00007f9562215fa0 R15: 00007ffe629bfc48 [ 642.044450][T14004] [ 642.434060][T14007] FAULT_INJECTION: forcing a failure. [ 642.434060][T14007] name failslab, interval 1, probability 0, space 0, times 0 [ 642.537015][T14007] CPU: 0 UID: 0 PID: 14007 Comm: syz.2.2077 Tainted: G L syzkaller #0 PREEMPT(full) [ 642.537062][T14007] Tainted: [L]=SOFTLOCKUP [ 642.537073][T14007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 642.537090][T14007] Call Trace: [ 642.537100][T14007] [ 642.537111][T14007] dump_stack_lvl+0x100/0x190 [ 642.537160][T14007] should_fail_ex.cold+0x5/0xa [ 642.537195][T14007] should_failslab+0xc2/0x120 [ 642.537225][T14007] __kmalloc_cache_noprof+0x7a/0x6f0 [ 642.537262][T14007] ? yama_ptracer_add+0x48/0x590 [ 642.537293][T14007] ? find_get_task_by_vpid+0x19e/0x310 [ 642.537333][T14007] ? find_get_task_by_vpid+0x19e/0x310 [ 642.537377][T14007] yama_ptracer_add+0x48/0x590 [ 642.537412][T14007] yama_task_prctl+0xf4/0x1c0 [ 642.537447][T14007] security_task_prctl+0xc2/0x160 [ 642.537490][T14007] __do_sys_prctl+0x9b/0x2330 [ 642.537534][T14007] ? __pfx___do_sys_prctl+0x10/0x10 [ 642.537587][T14007] do_syscall_64+0x106/0xf80 [ 642.537620][T14007] ? clear_bhb_loop+0x40/0x90 [ 642.537656][T14007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 642.537685][T14007] RIP: 0033:0x7f9561f9c799 [ 642.537709][T14007] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 642.537736][T14007] RSP: 002b:00007f9562f17028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 642.537764][T14007] RAX: ffffffffffffffda RBX: 00007f9562216090 RCX: 00007f9561f9c799 [ 642.537783][T14007] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000059616d61 [ 642.537800][T14007] RBP: 00007f9562f17090 R08: 0000000000000000 R09: 0000000000000000 [ 642.537817][T14007] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 642.537834][T14007] R13: 00007f9562216128 R14: 00007f9562216090 R15: 00007ffe629bfc48 [ 642.537883][T14007] [ 643.209731][T14011] zswap: compressor 000 not available [ 643.926157][T14027] ubi0: attaching mtd0 [ 643.967387][T14027] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 3 [ 644.063298][T14027] eraseblock attaching information dump: [ 644.095260][T14027] ec 2 [ 644.098895][T14027] pnum 0 [ 644.121094][T14027] lnum 0 [ 644.137602][T14027] scrub 0 [ 644.161865][T14027] sqnum 3 [ 644.195221][T14027] Volume identifier header dump: [ 644.231536][T14027] magic 55424921 [ 644.254998][T14027] version 1 [ 644.269051][T14027] vol_type 1 [ 644.273170][T14027] copy_flag 0 [ 644.356747][T14027] compat 5 [ 644.374452][T14027] vol_id 2147479551 [ 644.442214][T14027] lnum 0 [ 644.458231][T14027] data_size 0 [ 644.502645][T14027] used_ebs 0 [ 644.528509][T14027] data_pad 0 [ 644.574812][T14027] sqnum 3 [ 644.589168][T14027] hdr_crc 05ef0866 [ 644.689058][T14027] Volume identifier header hexdump: [ 644.715324][T14042] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 645.101077][T14048] block2mtd: device name too long [ 645.167042][T14027] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 645.935932][T14065] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 647.096548][T14078] FAULT_INJECTION: forcing a failure. [ 647.096548][T14078] name failslab, interval 1, probability 0, space 0, times 0 [ 647.131711][T14078] CPU: 1 UID: 0 PID: 14078 Comm: syz.2.2093 Tainted: G L syzkaller #0 PREEMPT(full) [ 647.131759][T14078] Tainted: [L]=SOFTLOCKUP [ 647.131768][T14078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 647.131801][T14078] Call Trace: [ 647.131819][T14078] [ 647.131834][T14078] dump_stack_lvl+0x100/0x190 [ 647.131888][T14078] should_fail_ex.cold+0x5/0xa [ 647.131999][T14078] should_failslab+0xc2/0x120 [ 647.132035][T14078] __kmalloc_cache_noprof+0x7a/0x6f0 [ 647.132077][T14078] ? assoc_array_insert+0x10b/0x32c0 [ 647.132129][T14078] assoc_array_insert+0x10b/0x32c0 [ 647.132172][T14078] ? __mutex_lock+0x26a/0x1b90 [ 647.132217][T14078] ? key_link+0x2bb/0x390 [ 647.132270][T14078] ? __pfx_assoc_array_insert+0x10/0x10 [ 647.132310][T14078] ? __pfx___might_resched+0x10/0x10 [ 647.132352][T14078] ? keyring_free_preparse+0x9/0x10 [ 647.132481][T14078] ? down_write+0x146/0x1f0 [ 647.132531][T14078] __key_link_begin+0xf5/0x260 [ 647.132575][T14078] key_link+0x103/0x390 [ 647.132616][T14078] ? __pfx_keyring_search_iterator+0x10/0x10 [ 647.132651][T14078] ? __pfx_key_link+0x10/0x10 [ 647.132695][T14078] ? keyring_alloc+0x8e/0xc0 [ 647.132733][T14078] look_up_user_keyrings+0x539/0x790 [ 647.132784][T14078] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 647.132848][T14078] lookup_user_key+0x456/0x1300 [ 647.132910][T14078] ? __pfx_lookup_user_key+0x10/0x10 [ 647.132959][T14078] ? __pfx_do_futex+0x10/0x10 [ 647.132999][T14078] ? __sys_bind+0x1c7/0x260 [ 647.133033][T14078] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 647.133091][T14078] ? __pfx___x64_sys_futex+0x10/0x10 [ 647.133141][T14078] keyctl_keyring_unlink+0x1f/0x1b0 [ 647.133184][T14078] __do_sys_keyctl+0x3dd/0x5a0 [ 647.133233][T14078] do_syscall_64+0x106/0xf80 [ 647.133270][T14078] ? clear_bhb_loop+0x40/0x90 [ 647.133309][T14078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.133343][T14078] RIP: 0033:0x7f9561f9c799 [ 647.133375][T14078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 647.133405][T14078] RSP: 002b:00007f9562f17028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 647.133437][T14078] RAX: ffffffffffffffda RBX: 00007f9562216090 RCX: 00007f9561f9c799 [ 647.133458][T14078] RDX: 7ffffffffffffffb RSI: fffffffffffffffd RDI: 0000000000000009 [ 647.133478][T14078] RBP: 00007f9562032bd9 R08: 8000000000000000 R09: 0000000000000000 [ 647.133499][T14078] R10: 080000000000000b R11: 0000000000000246 R12: 0000000000000000 [ 647.133518][T14078] R13: 00007f9562216128 R14: 00007f9562216090 R15: 00007ffe629bfc48 [ 647.133562][T14078] [ 651.527701][T14113] zswap: compressor 000 not available [ 651.789723][T13993] usb usb40-port2: attempt power cycle [ 652.479896][T13993] usb usb40-port2: unable to enumerate USB device [ 652.710180][T14129] Invalid ELF header magic: != ELF [ 652.736522][T14132] FAULT_INJECTION: forcing a failure. [ 652.736522][T14132] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 652.750439][T14132] CPU: 0 UID: 0 PID: 14132 Comm: syz.2.2103 Tainted: G L syzkaller #0 PREEMPT(full) [ 652.750483][T14132] Tainted: [L]=SOFTLOCKUP [ 652.750495][T14132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 652.750514][T14132] Call Trace: [ 652.750524][T14132] [ 652.750534][T14132] dump_stack_lvl+0x100/0x190 [ 652.750572][T14132] should_fail_ex.cold+0x5/0xa [ 652.750595][T14132] _copy_from_user+0x2e/0xd0 [ 652.750615][T14132] snd_pcm_oss_write2+0x1c2/0x400 [ 652.750647][T14132] ? __pfx_snd_pcm_oss_write2+0x10/0x10 [ 652.750687][T14132] snd_pcm_oss_write+0x729/0xa30 [ 652.750708][T14132] ? security_file_permission+0x76/0x210 [ 652.750734][T14132] vfs_write+0x2aa/0x1070 [ 652.750764][T14132] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 652.750784][T14132] ? __pfx_vfs_write+0x10/0x10 [ 652.750811][T14132] ? find_held_lock+0x2b/0x80 [ 652.750828][T14132] ? __fget_files+0x215/0x3d0 [ 652.750846][T14132] ? __fget_files+0x215/0x3d0 [ 652.750866][T14132] ? __fget_files+0x21f/0x3d0 [ 652.750890][T14132] ksys_write+0x12a/0x250 [ 652.750906][T14132] ? __pfx_ksys_write+0x10/0x10 [ 652.750939][T14132] do_syscall_64+0x106/0xf80 [ 652.750962][T14132] ? clear_bhb_loop+0x40/0x90 [ 652.750985][T14132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.751005][T14132] RIP: 0033:0x7f9561f9c799 [ 652.751022][T14132] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 652.751039][T14132] RSP: 002b:00007f9562ed5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 652.751058][T14132] RAX: ffffffffffffffda RBX: 00007f9562216270 RCX: 00007f9561f9c799 [ 652.751070][T14132] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 652.751082][T14132] RBP: 00007f9562032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 652.751093][T14132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 652.751103][T14132] R13: 00007f9562216308 R14: 00007f9562216270 R15: 00007ffe629bfc48 [ 652.751128][T14132] [ 653.316217][ T30] audit: type=1800 audit(4294969736.414:12): pid=14138 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2106" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 655.267895][T14148] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 656.481036][T14163] FAULT_INJECTION: forcing a failure. [ 656.481036][T14163] name failslab, interval 1, probability 0, space 0, times 0 [ 656.592379][T14163] CPU: 1 UID: 0 PID: 14163 Comm: syz.2.2113 Tainted: G L syzkaller #0 PREEMPT(full) [ 656.592432][T14163] Tainted: [L]=SOFTLOCKUP [ 656.592444][T14163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 656.592462][T14163] Call Trace: [ 656.592473][T14163] [ 656.592486][T14163] dump_stack_lvl+0x100/0x190 [ 656.592540][T14163] should_fail_ex.cold+0x5/0xa [ 656.592577][T14163] ? tomoyo_realpath_from_path+0xb6/0x690 [ 656.592614][T14163] should_failslab+0xc2/0x120 [ 656.592648][T14163] __kmalloc_noprof+0xe0/0x850 [ 656.592700][T14163] tomoyo_realpath_from_path+0xb6/0x690 [ 656.592875][T14163] tomoyo_check_open_permission+0x2af/0x3c0 [ 656.592933][T14163] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 656.593036][T14163] ? do_raw_spin_lock+0x128/0x260 [ 656.593084][T14163] ? path_get+0x61/0x80 [ 656.593124][T14163] tomoyo_file_open+0x6b/0x90 [ 656.593174][T14163] security_file_open+0xb5/0x1e0 [ 656.593210][T14163] do_dentry_open+0x5aa/0x1660 [ 656.593247][T14163] ? security_inode_permission+0xbf/0x250 [ 656.593303][T14163] vfs_open+0x82/0x3f0 [ 656.593353][T14163] path_openat+0x208c/0x31a0 [ 656.593401][T14163] ? __pfx_path_openat+0x10/0x10 [ 656.593453][T14163] do_file_open+0x20e/0x430 [ 656.593490][T14163] ? __pfx_do_file_open+0x10/0x10 [ 656.593553][T14163] ? alloc_fd+0x476/0x790 [ 656.593591][T14163] ? do_getname+0x191/0x390 [ 656.593634][T14163] do_sys_openat2+0x10d/0x1e0 [ 656.593675][T14163] ? __pfx_do_sys_openat2+0x10/0x10 [ 656.593732][T14163] __x64_sys_openat+0x12d/0x210 [ 656.593791][T14163] ? __pfx___x64_sys_openat+0x10/0x10 [ 656.593851][T14163] do_syscall_64+0x106/0xf80 [ 656.593892][T14163] ? clear_bhb_loop+0x40/0x90 [ 656.593944][T14163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.593980][T14163] RIP: 0033:0x7f9561f9c799 [ 656.594008][T14163] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 656.594035][T14163] RSP: 002b:00007f9562f38028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 656.594065][T14163] RAX: ffffffffffffffda RBX: 00007f9562215fa0 RCX: 00007f9561f9c799 [ 656.594084][T14163] RDX: 0000000000000100 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 656.594104][T14163] RBP: 00007f9562032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 656.594124][T14163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 656.594145][T14163] R13: 00007f9562216038 R14: 00007f9562215fa0 R15: 00007ffe629bfc48 [ 656.594191][T14163] [ 656.594241][T14163] ERROR: Out of memory at tomoyo_realpath_from_path. [ 657.466987][T14176] tc_dump_action: action bad kind [ 662.504019][T14217] zswap: compressor 000 not available [ 664.390818][T14245] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 665.670829][T14259] can: request_module (can-proto-4) failed. [ 668.901426][T14295] zswap: compressor 000 not available [ 669.823271][T14309] zswap: compressor 000 not available [ 673.135041][T14357] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 673.172338][T14357] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 673.230880][T14357] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 673.246105][T14361] FAULT_INJECTION: forcing a failure. [ 673.246105][T14361] name failslab, interval 1, probability 0, space 0, times 0 [ 673.382457][T14361] CPU: 0 UID: 0 PID: 14361 Comm: syz.4.2153 Tainted: G L syzkaller #0 PREEMPT(full) [ 673.382490][T14361] Tainted: [L]=SOFTLOCKUP [ 673.382497][T14361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 673.382508][T14361] Call Trace: [ 673.382515][T14361] [ 673.382523][T14361] dump_stack_lvl+0x100/0x190 [ 673.382557][T14361] should_fail_ex.cold+0x5/0xa [ 673.382579][T14361] should_failslab+0xc2/0x120 [ 673.382600][T14361] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 673.382628][T14361] ? vm_area_dup+0x27/0x8e0 [ 673.382675][T14361] vm_area_dup+0x27/0x8e0 [ 673.382702][T14361] __split_vma+0x18c/0xd90 [ 673.382731][T14361] ? __pfx___split_vma+0x10/0x10 [ 673.382764][T14361] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 673.382789][T14361] vma_modify+0x1121/0x2250 [ 673.382838][T14361] ? __lock_acquire+0x4a5/0x2630 [ 673.382863][T14361] ? __pfx_vma_modify+0x10/0x10 [ 673.382895][T14361] vma_modify_flags+0x257/0x3d0 [ 673.382924][T14361] ? __pfx_vma_modify_flags+0x10/0x10 [ 673.382971][T14361] mprotect_fixup+0x209/0xb70 [ 673.383000][T14361] ? __pfx_mprotect_fixup+0x10/0x10 [ 673.383028][T14361] ? __pfx_mas_prev+0x10/0x10 [ 673.383064][T14361] do_mprotect_pkey+0x9e1/0xe70 [ 673.383097][T14361] ? __pfx_do_mprotect_pkey+0x10/0x10 [ 673.383124][T14361] ? __mutex_unlock_slowpath+0x15c/0x790 [ 673.383155][T14361] ? __fget_files+0x21f/0x3d0 [ 673.383181][T14361] ? __pfx_ksys_write+0x10/0x10 [ 673.383203][T14361] __x64_sys_mprotect+0x78/0xc0 [ 673.383257][T14361] ? lockdep_hardirqs_on+0x78/0x100 [ 673.383281][T14361] do_syscall_64+0x106/0xf80 [ 673.383303][T14361] ? clear_bhb_loop+0x40/0x90 [ 673.383335][T14361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 673.383355][T14361] RIP: 0033:0x7f037679c799 [ 673.383371][T14361] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 673.383390][T14361] RSP: 002b:00007f037770e028 EFLAGS: 00000246 ORIG_RAX: 000000000000000a [ 673.383409][T14361] RAX: ffffffffffffffda RBX: 00007f0376a16090 RCX: 00007f037679c799 [ 673.383421][T14361] RDX: 0000000000000008 RSI: 0000000000806121 RDI: 0000200000000000 [ 673.383432][T14361] RBP: 00007f037770e090 R08: 0000000000000000 R09: 0000000000000000 [ 673.383444][T14361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 673.383455][T14361] R13: 00007f0376a16128 R14: 00007f0376a16090 R15: 00007fffab9f65e8 [ 673.383479][T14361] [ 674.247466][T14357] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 674.312046][T14357] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 674.980649][T14369] usbip-vudc usbip-vudc.0: gadget not bound [ 675.044219][T14370] FAULT_INJECTION: forcing a failure. [ 675.044219][T14370] name failslab, interval 1, probability 0, space 0, times 0 [ 675.168145][T14370] CPU: 1 UID: 0 PID: 14370 Comm: syz.4.2156 Tainted: G L syzkaller #0 PREEMPT(full) [ 675.168196][T14370] Tainted: [L]=SOFTLOCKUP [ 675.168209][T14370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 675.168226][T14370] Call Trace: [ 675.168237][T14370] [ 675.168250][T14370] dump_stack_lvl+0x100/0x190 [ 675.168300][T14370] should_fail_ex.cold+0x5/0xa [ 675.168335][T14370] should_failslab+0xc2/0x120 [ 675.168367][T14370] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 675.168408][T14370] ? __pmd_alloc+0xbf/0x9c0 [ 675.168451][T14370] __pmd_alloc+0xbf/0x9c0 [ 675.168482][T14370] ? __pud_alloc+0x57a/0x760 [ 675.168517][T14370] walk_to_pmd+0x3a3/0x4c0 [ 675.168557][T14370] get_locked_pte+0x25/0xc0 [ 675.168595][T14370] map_ldt_struct+0x3c1/0xa70 [ 675.168635][T14370] ? __pfx_map_ldt_struct+0x10/0x10 [ 675.168665][T14370] ? alloc_pages_noprof+0x233/0x390 [ 675.168703][T14370] write_ldt+0x6d3/0xd40 [ 675.168732][T14370] ? __fget_files+0x21f/0x3d0 [ 675.168761][T14370] ? __pfx_write_ldt+0x10/0x10 [ 675.168788][T14370] ? fput+0x79/0x100 [ 675.168818][T14370] ? ksys_write+0x1ac/0x250 [ 675.168844][T14370] ? __pfx_ksys_write+0x10/0x10 [ 675.168878][T14370] __x64_sys_modify_ldt+0xb1/0x170 [ 675.168910][T14370] do_syscall_64+0x106/0xf80 [ 675.168944][T14370] ? clear_bhb_loop+0x40/0x90 [ 675.168981][T14370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.169013][T14370] RIP: 0033:0x7f037679c799 [ 675.169051][T14370] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 675.169079][T14370] RSP: 002b:00007f037772f028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 675.169108][T14370] RAX: ffffffffffffffda RBX: 00007f0376a15fa0 RCX: 00007f037679c799 [ 675.169127][T14370] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000001 [ 675.169146][T14370] RBP: 00007f037772f090 R08: 0000000000000000 R09: 0000000000000000 [ 675.169164][T14370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 675.169183][T14370] R13: 00007f0376a16038 R14: 00007f0376a15fa0 R15: 00007fffab9f65e8 [ 675.169224][T14370] [ 675.173435][ T6552] Bluetooth: hci1: command 0x0c1a tx timeout [ 675.429276][ T8076] Bluetooth: hci0: command 0x0c1a tx timeout [ 675.435849][ T8076] Bluetooth: hci2: command 0x0c1a tx timeout [ 676.040377][T14383] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 676.295567][ T6552] Bluetooth: hci3: command 0x0c1a tx timeout [ 676.372248][ T6552] Bluetooth: hci4: command 0x0c1a tx timeout [ 678.109965][T14403] Invalid ELF header magic: != ELF [ 682.385568][T14433] misc userio: Invalid payload size [ 684.832004][T14461] mkiss: ax0: crc mode is auto. [ 685.548892][T14476] vivid-012: ================= START STATUS ================= [ 685.608207][T14476] vivid-012: Radio HW Seek Mode: Bounded [ 685.632613][T14476] vivid-012: Radio Programmable HW Seek: false [ 685.760019][T14476] vivid-012: RDS Rx I/O Mode: Block I/O [ 685.766769][T14476] vivid-012: Generate RBDS Instead of RDS: false [ 685.839503][T14476] vivid-012: RDS Reception: true [ 685.844632][T14476] vivid-012: RDS Program Type: 0 inactive [ 686.070446][T14476] vivid-012: RDS PS Name: inactive [ 686.076464][T14476] vivid-012: RDS Radio Text: inactive [ 686.192858][T14476] vivid-012: RDS Traffic Announcement: false inactive [ 686.195293][T14472] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2181: iget: checksum invalid [ 686.347438][T14472] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 686.366173][T14472] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2181: iget: checksum invalid [ 686.379770][T14476] vivid-012: RDS Traffic Program: false inactive [ 686.379848][T14476] vivid-012: RDS Music: false inactive [ 686.379953][T14476] vivid-012: ================== END STATUS ================== [ 686.404813][T14472] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 686.417659][T14472] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2181: iget: checksum invalid [ 686.436123][T14472] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 686.475425][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.477849][T14472] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2181: iget: checksum invalid [ 686.483841][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.635682][T14472] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 686.691072][T14472] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 686.767089][T14472] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 688.715394][T14504] nvme_fcloop: unknown parameter or missing value '0' [ 689.095086][T14513] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2192'. [ 689.126039][T14515] FAULT_INJECTION: forcing a failure. [ 689.126039][T14515] name failslab, interval 1, probability 0, space 0, times 0 [ 689.175349][T14515] CPU: 1 UID: 0 PID: 14515 Comm: syz.4.2193 Tainted: G L syzkaller #0 PREEMPT(full) [ 689.175402][T14515] Tainted: [L]=SOFTLOCKUP [ 689.175415][T14515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 689.175435][T14515] Call Trace: [ 689.175446][T14515] [ 689.175459][T14515] dump_stack_lvl+0x100/0x190 [ 689.175512][T14515] should_fail_ex.cold+0x5/0xa [ 689.175551][T14515] should_failslab+0xc2/0x120 [ 689.175585][T14515] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 689.175633][T14515] ? security_inode_alloc+0x3b/0x2c0 [ 689.175686][T14515] ? lockdep_init_map_type+0x5c/0x250 [ 689.175728][T14515] security_inode_alloc+0x3b/0x2c0 [ 689.175772][T14515] inode_init_always_gfp+0xced/0x1040 [ 689.175811][T14515] alloc_inode+0x8e/0x250 [ 689.175853][T14515] sock_alloc+0x44/0x280 [ 689.175902][T14515] ? security_socket_create+0x7f/0x250 [ 689.175950][T14515] __sock_create+0xc2/0x860 [ 689.176006][T14515] __sys_socket+0x14d/0x260 [ 689.176033][T14515] ? exc_page_fault+0x6f/0xd0 [ 689.176067][T14515] ? __pfx___sys_socket+0x10/0x10 [ 689.176101][T14515] ? do_user_addr_fault+0x8d6/0x12f0 [ 689.176154][T14515] __x64_sys_socket+0x72/0xb0 [ 689.176181][T14515] ? lockdep_hardirqs_on+0x78/0x100 [ 689.176219][T14515] do_syscall_64+0x106/0xf80 [ 689.176256][T14515] ? clear_bhb_loop+0x40/0x90 [ 689.176296][T14515] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.176329][T14515] RIP: 0033:0x7f037679e007 [ 689.176355][T14515] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 689.176385][T14515] RSP: 002b:00007f037772df98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 689.176417][T14515] RAX: ffffffffffffffda RBX: 00007f0376a15fa0 RCX: 00007f037679e007 [ 689.176438][T14515] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 689.176457][T14515] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 689.176476][T14515] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 689.176495][T14515] R13: 00007f0376a16038 R14: 00007f0376a15fa0 R15: 00007fffab9f65e8 [ 689.176549][T14515] [ 689.566709][T14515] socket: no more sockets [ 692.288719][T14554] zswap: compressor 000 not available [ 693.147307][T14568] FAULT_INJECTION: forcing a failure. [ 693.147307][T14568] name failslab, interval 1, probability 0, space 0, times 0 [ 693.194780][T14568] CPU: 1 UID: 0 PID: 14568 Comm: syz.4.2204 Tainted: G L syzkaller #0 PREEMPT(full) [ 693.194831][T14568] Tainted: [L]=SOFTLOCKUP [ 693.194843][T14568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 693.194861][T14568] Call Trace: [ 693.194872][T14568] [ 693.194884][T14568] dump_stack_lvl+0x100/0x190 [ 693.196431][T14568] should_fail_ex.cold+0x5/0xa [ 693.196467][T14568] should_failslab+0xc2/0x120 [ 693.196503][T14568] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 693.196548][T14568] ? alloc_empty_file+0x55/0x1c0 [ 693.196584][T14568] ? __pfx_stack_trace_save+0x10/0x10 [ 693.196619][T14568] alloc_empty_file+0x55/0x1c0 [ 693.196667][T14568] path_openat+0xe8/0x31a0 [ 693.196698][T14568] ? kasan_save_stack+0x3f/0x50 [ 693.196746][T14568] ? kasan_save_stack+0x30/0x50 [ 693.196785][T14568] ? kasan_save_track+0x14/0x30 [ 693.196827][T14568] ? __kasan_slab_alloc+0x89/0x90 [ 693.196860][T14568] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 693.196898][T14568] ? do_getname+0x35/0x390 [ 693.196924][T14568] ? do_sys_openat2+0xc5/0x1e0 [ 693.196954][T14568] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.196985][T14568] ? __pfx_path_openat+0x10/0x10 [ 693.197031][T14568] do_file_open+0x20e/0x430 [ 693.197064][T14568] ? __pfx_do_file_open+0x10/0x10 [ 693.197122][T14568] ? alloc_fd+0x476/0x790 [ 693.197238][T14568] ? do_getname+0x191/0x390 [ 693.197280][T14568] do_sys_openat2+0x10d/0x1e0 [ 693.197321][T14568] ? __pfx_do_sys_openat2+0x10/0x10 [ 693.197376][T14568] __x64_sys_openat+0x12d/0x210 [ 693.197416][T14568] ? __pfx___x64_sys_openat+0x10/0x10 [ 693.197452][T14568] ? ksys_write+0x1ac/0x250 [ 693.197493][T14568] do_syscall_64+0x106/0xf80 [ 693.197529][T14568] ? clear_bhb_loop+0x40/0x90 [ 693.197567][T14568] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.197598][T14568] RIP: 0033:0x7f037679c799 [ 693.197623][T14568] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 693.197651][T14568] RSP: 002b:00007f037770e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 693.197680][T14568] RAX: ffffffffffffffda RBX: 00007f0376a16090 RCX: 00007f037679c799 [ 693.197701][T14568] RDX: 0000000000002304 RSI: 0000200000001580 RDI: ffffffffffffff9c [ 693.197722][T14568] RBP: 00007f0376832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 693.197741][T14568] R10: 0000000000001a00 R11: 0000000000000246 R12: 0000000000000000 [ 693.197760][T14568] R13: 00007f0376a16128 R14: 00007f0376a16090 R15: 00007fffab9f65e8 [ 693.197803][T14568] [ 694.536144][ T30] audit: type=1800 audit(4294967320.251:13): pid=14578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2206" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 695.608464][T14585] ubi0: attaching mtd0 [ 695.630685][T14585] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 3 [ 695.675707][T14585] eraseblock attaching information dump: [ 695.702461][T14585] ec 2 [ 695.706713][T14585] pnum 0 [ 695.710574][T14585] lnum 0 [ 695.783956][T14585] scrub 0 [ 695.813139][T14585] sqnum 3 [ 695.816990][T14585] Volume identifier header dump: [ 695.860574][T14585] magic 55424921 [ 696.107543][T14585] version 1 [ 696.113162][T14585] vol_type 1 [ 696.117529][T14585] copy_flag 0 [ 696.121383][T14585] compat 5 [ 696.169783][T14585] vol_id 2147479551 [ 696.290705][T14585] lnum 0 [ 696.305577][T14585] data_size 0 [ 696.352342][T14585] used_ebs 0 [ 696.386825][T14585] data_pad 0 [ 696.391129][T14585] sqnum 3 [ 696.441277][T14585] hdr_crc 05ef0866 [ 696.476634][T14585] Volume identifier header hexdump: [ 696.965490][T14585] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 697.956625][T14619] usbip-vudc usbip-vudc.0: gadget not bound [ 700.236967][T14648] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input30 [ 700.825195][T14662] tc_dump_action: action bad kind [ 704.058721][T14701] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 704.438294][ T6552] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 704.447473][ T6374] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 707.311894][T14717] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2236'. [ 707.742070][T14723] random: crng reseeded on system resumption [ 707.771636][T14721] FAULT_INJECTION: forcing a failure. [ 707.771636][T14721] name failslab, interval 1, probability 0, space 0, times 0 [ 707.840221][T14723] hub 1-0:1.0: USB hub found [ 707.845632][T14723] hub 1-0:1.0: 1 port detected [ 707.936643][T14721] CPU: 1 UID: 0 PID: 14721 Comm: syz.3.2238 Tainted: G L syzkaller #0 PREEMPT(full) [ 707.936689][T14721] Tainted: [L]=SOFTLOCKUP [ 707.936700][T14721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 707.936716][T14721] Call Trace: [ 707.936727][T14721] [ 707.936739][T14721] dump_stack_lvl+0x100/0x190 [ 707.936786][T14721] should_fail_ex.cold+0x5/0xa [ 707.936822][T14721] ? tomoyo_encode2+0xfb/0x3c0 [ 707.936854][T14721] should_failslab+0xc2/0x120 [ 707.936886][T14721] __kmalloc_noprof+0xe0/0x850 [ 707.936937][T14721] tomoyo_encode2+0xfb/0x3c0 [ 707.936976][T14721] tomoyo_encode+0x29/0x50 [ 707.937008][T14721] tomoyo_realpath_from_path+0x18c/0x690 [ 707.937053][T14721] tomoyo_check_open_permission+0x2af/0x3c0 [ 707.937102][T14721] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 707.937152][T14721] ? mntput_no_expire+0xd8/0x220 [ 707.937242][T14721] ? do_raw_spin_lock+0x128/0x260 [ 707.937291][T14721] ? path_get+0x61/0x80 [ 707.937330][T14721] tomoyo_file_open+0x6b/0x90 [ 707.937370][T14721] security_file_open+0xb5/0x1e0 [ 707.937404][T14721] do_dentry_open+0x5aa/0x1660 [ 707.937437][T14721] ? security_inode_permission+0xbf/0x250 [ 707.937491][T14721] vfs_open+0x82/0x3f0 [ 707.937535][T14721] path_openat+0x208c/0x31a0 [ 707.937582][T14721] ? __pfx_path_openat+0x10/0x10 [ 707.937626][T14721] do_file_open+0x20e/0x430 [ 707.937667][T14721] ? __pfx_do_file_open+0x10/0x10 [ 707.937728][T14721] ? alloc_fd+0x476/0x790 [ 707.937764][T14721] ? do_getname+0x191/0x390 [ 707.937803][T14721] do_sys_openat2+0x10d/0x1e0 [ 707.937842][T14721] ? __pfx_do_sys_openat2+0x10/0x10 [ 707.937877][T14721] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 707.937922][T14721] ? __fget_files+0x21f/0x3d0 [ 707.937956][T14721] __x64_sys_openat+0x12d/0x210 [ 707.937993][T14721] ? __pfx___x64_sys_openat+0x10/0x10 [ 707.938029][T14721] ? ksys_write+0x1ac/0x250 [ 707.938070][T14721] do_syscall_64+0x106/0xf80 [ 707.938105][T14721] ? clear_bhb_loop+0x40/0x90 [ 707.938141][T14721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 707.938173][T14721] RIP: 0033:0x7f2dbdd5cfce [ 707.938198][T14721] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 707.938235][T14721] RSP: 002b:00007f2dbec16ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 707.938265][T14721] RAX: ffffffffffffffda RBX: 00007f2dbec176c0 RCX: 00007f2dbdd5cfce [ 707.938286][T14721] RDX: 0000000000000000 RSI: 00007f2dbec16f90 RDI: ffffffffffffff9c [ 707.938305][T14721] RBP: 00007f2dbec17090 R08: 0000000000000000 R09: 0000000000000000 [ 707.938323][T14721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 707.938342][T14721] R13: 00007f2dbe016038 R14: 00007f2dbe015fa0 R15: 00007ffee7f32068 [ 707.938380][T14721] [ 707.938451][T14721] ERROR: Out of memory at tomoyo_realpath_from_path. [ 709.166431][T14744] FAULT_INJECTION: forcing a failure. [ 709.166431][T14744] name fail_futex, interval 1, probability 0, space 0, times 0 [ 709.245107][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.2.2247 Tainted: G L syzkaller #0 PREEMPT(full) [ 709.245161][T14744] Tainted: [L]=SOFTLOCKUP [ 709.245173][T14744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 709.245193][T14744] Call Trace: [ 709.245204][T14744] [ 709.245215][T14744] dump_stack_lvl+0x100/0x190 [ 709.245365][T14744] should_fail_ex.cold+0x5/0xa [ 709.245408][T14744] get_futex_key+0x1d2/0x1620 [ 709.245451][T14744] ? __pfx_get_futex_key+0x10/0x10 [ 709.245492][T14744] ? arch_get_unmapped_area_topdown+0x3e6/0x9b0 [ 709.245546][T14744] futex_wait_setup+0x83/0x510 [ 709.245602][T14744] __futex_wait+0x19f/0x300 [ 709.245657][T14744] ? __pfx___futex_wait+0x10/0x10 [ 709.245705][T14744] ? __pfx_futex_wake_mark+0x10/0x10 [ 709.245755][T14744] ? futex_hash+0x2c5/0x380 [ 709.245805][T14744] futex_wait+0xed/0x380 [ 709.245853][T14744] ? __pfx_futex_wait+0x10/0x10 [ 709.245922][T14744] do_futex+0x1ef/0x350 [ 709.245962][T14744] ? __pfx_do_futex+0x10/0x10 [ 709.246123][T14744] ? __pfx_do_sys_openat2+0x10/0x10 [ 709.246175][T14744] __x64_sys_futex+0x34f/0x4d0 [ 709.246233][T14744] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 709.246263][T14744] ? __pfx___x64_sys_futex+0x10/0x10 [ 709.246313][T14744] do_syscall_64+0x106/0xf80 [ 709.246354][T14744] ? clear_bhb_loop+0x40/0x90 [ 709.246396][T14744] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.246432][T14744] RIP: 0033:0x7f9561f9c799 [ 709.246461][T14744] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 709.246495][T14744] RSP: 002b:00007f9562f380e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 709.246548][T14744] RAX: ffffffffffffffda RBX: 00007f9562215fa8 RCX: 00007f9561f9c799 [ 709.246573][T14744] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9562215fa8 [ 709.246593][T14744] RBP: 00007f9562215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 709.246615][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 709.246634][T14744] R13: 00007f9562216038 R14: 00007ffe629bfb60 R15: 00007ffe629bfc48 [ 709.246679][T14744] [ 714.652421][T14823] futex_wake_op: syz.3.2265 tries to shift op by -2048; fix this program [ 714.712632][T14823] futex_wake_op: syz.3.2265 tries to shift op by -2048; fix this program [ 714.763918][T14825] 0x000000000001-0x000000020000 : "" [ 714.850986][T14823] misc userio: No port type given on /dev/userio [ 714.983800][T14825] ftl_cs: FTL header corrupt! [ 716.537571][T14839] ubi0: attaching mtd0 [ 716.580099][T14839] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 3 [ 716.607276][T14839] eraseblock attaching information dump: [ 716.753549][T14839] ec 2 [ 716.757170][T14839] pnum 0 [ 716.760849][T14839] lnum 0 [ 716.772495][T14846] tc_dump_action: action bad kind [ 716.887104][T14839] scrub 0 [ 716.890470][T14839] sqnum 3 [ 716.924701][T14839] Volume identifier header dump: [ 716.984389][T14839] magic 55424921 [ 716.998503][T14839] version 1 [ 717.039454][T14839] vol_type 1 [ 717.069492][T14839] copy_flag 0 [ 717.099690][T14839] compat 5 [ 717.112697][T14854] FAULT_INJECTION: forcing a failure. [ 717.112697][T14854] name failslab, interval 1, probability 0, space 0, times 0 [ 717.125862][T14839] vol_id 2147479551 [ 717.130599][T14839] lnum 0 [ 717.162575][T14839] data_size 0 [ 717.185100][T14839] used_ebs 0 [ 717.188720][T14839] data_pad 0 [ 717.193479][T14854] CPU: 1 UID: 0 PID: 14854 Comm: syz.2.2272 Tainted: G L syzkaller #0 PREEMPT(full) [ 717.193523][T14854] Tainted: [L]=SOFTLOCKUP [ 717.193533][T14854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 717.193551][T14854] Call Trace: [ 717.193560][T14854] [ 717.193572][T14854] dump_stack_lvl+0x100/0x190 [ 717.193619][T14854] should_fail_ex.cold+0x5/0xa [ 717.193652][T14854] ? __blkdev_direct_IO_simple+0x112/0x890 [ 717.193688][T14854] should_failslab+0xc2/0x120 [ 717.193719][T14854] __kmalloc_noprof+0xe0/0x850 [ 717.193761][T14854] ? find_held_lock+0x2b/0x80 [ 717.193797][T14854] __blkdev_direct_IO_simple+0x112/0x890 [ 717.193842][T14854] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 717.193903][T14854] ? __filemap_fdatawait_range+0x1af/0x230 [ 717.193965][T14854] blkdev_direct_IO+0xc76/0x1fb0 [ 717.194019][T14854] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 717.194055][T14854] ? filemap_check_errors+0xa9/0x150 [ 717.194090][T14854] ? filemap_write_and_wait_range.part.0+0xea/0x110 [ 717.194140][T14854] blkdev_read_iter+0x225/0x4f0 [ 717.194181][T14854] ? __pfx_blkdev_read_iter+0x10/0x10 [ 717.194219][T14854] vfs_read+0x825/0xb30 [ 717.194417][T14854] ? __pfx_vfs_read+0x10/0x10 [ 717.194474][T14854] ? find_held_lock+0x2b/0x80 [ 717.194526][T14854] ksys_read+0x12a/0x250 [ 717.194569][T14854] ? __pfx_ksys_read+0x10/0x10 [ 717.194626][T14854] do_syscall_64+0x106/0xf80 [ 717.194661][T14854] ? clear_bhb_loop+0x40/0x90 [ 717.194699][T14854] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.194730][T14854] RIP: 0033:0x7f9561f9c799 [ 717.194758][T14854] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 717.194785][T14854] RSP: 002b:00007f9562f17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 717.194813][T14854] RAX: ffffffffffffffda RBX: 00007f9562216090 RCX: 00007f9561f9c799 [ 717.194833][T14854] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 717.194851][T14854] RBP: 00007f9562f17090 R08: 0000000000000000 R09: 0000000000000000 [ 717.194868][T14854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 717.194884][T14854] R13: 00007f9562216128 R14: 00007f9562216090 R15: 00007ffe629bfc48 [ 717.194924][T14854] [ 717.561602][T14839] sqnum 3 [ 717.575546][T14839] hdr_crc 05ef0866 [ 717.592614][T14839] Volume identifier header hexdump: [ 717.721508][ T30] audit: type=1326 audit(4294967343.413:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14855 comm="syz.3.2273" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2dbdd9c799 code=0x0 [ 718.059792][T14839] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 718.207590][T14863] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2275'. [ 718.662486][T14876] FAULT_INJECTION: forcing a failure. [ 718.662486][T14876] name failslab, interval 1, probability 0, space 0, times 0 [ 718.765952][T14876] CPU: 0 UID: 0 PID: 14876 Comm: syz.0.2278 Tainted: G L syzkaller #0 PREEMPT(full) [ 718.765985][T14876] Tainted: [L]=SOFTLOCKUP [ 718.765992][T14876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 718.766004][T14876] Call Trace: [ 718.766011][T14876] [ 718.766019][T14876] dump_stack_lvl+0x100/0x190 [ 718.766052][T14876] should_fail_ex.cold+0x5/0xa [ 718.766074][T14876] ? iter_file_splice_write+0x1d8/0x10a0 [ 718.766093][T14876] should_failslab+0xc2/0x120 [ 718.766115][T14876] __kmalloc_noprof+0xe0/0x850 [ 718.766148][T14876] iter_file_splice_write+0x1d8/0x10a0 [ 718.766167][T14876] ? lockdep_hardirqs_on+0x78/0x100 [ 718.766193][T14876] ? copy_splice_read+0x734/0xb90 [ 718.766222][T14876] ? kfree+0x1f6/0x6b0 [ 718.766251][T14876] ? __pfx_iter_file_splice_write+0x10/0x10 [ 718.766271][T14876] ? __lock_acquire+0x4a5/0x2630 [ 718.766298][T14876] ? __pfx_copy_splice_read+0x10/0x10 [ 718.766341][T14876] ? __pfx_iter_file_splice_write+0x10/0x10 [ 718.766370][T14876] direct_splice_actor+0x192/0x6c0 [ 718.766410][T14876] splice_direct_to_actor+0x345/0xa30 [ 718.766431][T14876] ? __pfx_direct_splice_actor+0x10/0x10 [ 718.766467][T14876] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 718.766493][T14876] do_splice_direct+0x174/0x240 [ 718.766512][T14876] ? __pfx_do_splice_direct+0x10/0x10 [ 718.766532][T14876] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 718.766567][T14876] ? rw_verify_area+0xce/0x6d0 [ 718.766596][T14876] do_sendfile+0xadc/0xe20 [ 718.766630][T14876] ? __pfx_do_sendfile+0x10/0x10 [ 718.766659][T14876] ? __fget_files+0x21f/0x3d0 [ 718.766683][T14876] __x64_sys_sendfile64+0x1d8/0x220 [ 718.766703][T14876] ? ksys_write+0x1ac/0x250 [ 718.766721][T14876] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 718.766750][T14876] do_syscall_64+0x106/0xf80 [ 718.766772][T14876] ? clear_bhb_loop+0x40/0x90 [ 718.766797][T14876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.766817][T14876] RIP: 0033:0x7f676b79c799 [ 718.766833][T14876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 718.766857][T14876] RSP: 002b:00007f676c6c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 718.766876][T14876] RAX: ffffffffffffffda RBX: 00007f676ba15fa0 RCX: 00007f676b79c799 [ 718.766888][T14876] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 718.766899][T14876] RBP: 00007f676c6c0090 R08: 0000000000000000 R09: 0000000000000000 [ 718.766911][T14876] R10: 0100000000000009 R11: 0000000000000246 R12: 0000000000000001 [ 718.766922][T14876] R13: 00007f676ba16038 R14: 00007f676ba15fa0 R15: 00007ffdccf38448 [ 718.766946][T14876] [ 721.351190][T14887] zswap: compressor 000 not available [ 723.362628][T14923] nbd: must specify at least one socket [ 723.778007][T14923] nvme_fabrics: missing parameter 'transport=%s' [ 723.808500][T14923] nvme_fabrics: missing parameter 'nqn=%s' [ 724.117006][ T30] audit: type=1800 audit(4294967349.896:15): pid=14941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2297" name="dbroot" dev="configfs" ino=170153 res=0 errno=0 [ 724.153748][T14941] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2297'. [ 724.229142][T14941] team0: Port device team_slave_1 removed [ 724.272560][T14949] FAULT_INJECTION: forcing a failure. [ 724.272560][T14949] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 724.318485][T14949] CPU: 0 UID: 0 PID: 14949 Comm: syz.0.2298 Tainted: G L syzkaller #0 PREEMPT(full) [ 724.318522][T14949] Tainted: [L]=SOFTLOCKUP [ 724.318529][T14949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 724.318541][T14949] Call Trace: [ 724.318551][T14949] [ 724.318560][T14949] dump_stack_lvl+0x100/0x190 [ 724.318599][T14949] should_fail_ex.cold+0x5/0xa [ 724.318622][T14949] _copy_from_iter+0x1f4/0x1690 [ 724.318645][T14949] ? __asan_memset+0x23/0x50 [ 724.318672][T14949] ? __pfx__copy_from_iter+0x10/0x10 [ 724.318691][T14949] ? __pfx___alloc_skb+0x10/0x10 [ 724.318722][T14949] netlink_sendmsg+0x808/0xda0 [ 724.318752][T14949] ? __pfx_netlink_sendmsg+0x10/0x10 [ 724.318777][T14949] ? __import_iovec+0x1d2/0x640 [ 724.318798][T14949] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 724.318829][T14949] ____sys_sendmsg+0x9e1/0xb70 [ 724.318857][T14949] ? __pfx_netlink_sendmsg+0x10/0x10 [ 724.318893][T14949] ? __pfx_____sys_sendmsg+0x10/0x10 [ 724.318932][T14949] ___sys_sendmsg+0x190/0x1e0 [ 724.318963][T14949] ? __pfx____sys_sendmsg+0x10/0x10 [ 724.319020][T14949] __sys_sendmsg+0x170/0x220 [ 724.319044][T14949] ? __pfx___sys_sendmsg+0x10/0x10 [ 724.319069][T14949] ? irqentry_exit+0x180/0x670 [ 724.319105][T14949] do_syscall_64+0x106/0xf80 [ 724.319128][T14949] ? clear_bhb_loop+0x40/0x90 [ 724.319151][T14949] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.319172][T14949] RIP: 0033:0x7f676b79c799 [ 724.319188][T14949] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 724.319206][T14949] RSP: 002b:00007f676c67e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 724.319225][T14949] RAX: ffffffffffffffda RBX: 00007f676ba16180 RCX: 00007f676b79c799 [ 724.319237][T14949] RDX: 0000000000000000 RSI: 0000200000000cc0 RDI: 0000000000000003 [ 724.319249][T14949] RBP: 00007f676c67e090 R08: 0000000000000000 R09: 0000000000000000 [ 724.319260][T14949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 724.319271][T14949] R13: 00007f676ba16218 R14: 00007f676ba16180 R15: 00007ffdccf38448 [ 724.319302][T14949] [ 725.267236][T14959] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2303'. [ 726.247613][T14961] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2302: iget: checksum invalid [ 726.343847][ T6552] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 726.360932][T14979] FAULT_INJECTION: forcing a failure. [ 726.360932][T14979] name failslab, interval 1, probability 0, space 0, times 0 [ 726.377396][ T6552] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 726.386417][ T6552] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 726.417406][ T6552] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 726.437604][T14979] CPU: 1 UID: 0 PID: 14979 Comm: syz.4.2307 Tainted: G L syzkaller #0 PREEMPT(full) [ 726.437657][T14979] Tainted: [L]=SOFTLOCKUP [ 726.437669][T14979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 726.437687][T14979] Call Trace: [ 726.437696][T14979] [ 726.437710][T14979] dump_stack_lvl+0x100/0x190 [ 726.437759][T14979] should_fail_ex.cold+0x5/0xa [ 726.437787][T14979] ? tomoyo_realpath_from_path+0xb6/0x690 [ 726.437801][ T6552] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 726.437823][T14979] should_failslab+0xc2/0x120 [ 726.437857][T14979] __kmalloc_noprof+0xe0/0x850 [ 726.437903][T14979] tomoyo_realpath_from_path+0xb6/0x690 [ 726.437945][T14979] tomoyo_check_open_permission+0x2af/0x3c0 [ 726.437989][T14979] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 726.438068][T14979] ? do_raw_spin_lock+0x128/0x260 [ 726.438109][T14979] ? path_get+0x61/0x80 [ 726.438143][T14979] tomoyo_file_open+0x6b/0x90 [ 726.438190][T14979] security_file_open+0xb5/0x1e0 [ 726.438220][T14979] do_dentry_open+0x5aa/0x1660 [ 726.438252][T14979] ? security_inode_permission+0xbf/0x250 [ 726.438301][T14979] vfs_open+0x82/0x3f0 [ 726.438340][T14979] path_openat+0x208c/0x31a0 [ 726.438446][T14979] ? __pfx_path_openat+0x10/0x10 [ 726.438503][T14979] do_file_open+0x20e/0x430 [ 726.438537][T14979] ? __pfx_do_file_open+0x10/0x10 [ 726.438594][T14979] ? alloc_fd+0x476/0x790 [ 726.438627][T14979] ? do_getname+0x191/0x390 [ 726.438665][T14979] do_sys_openat2+0x10d/0x1e0 [ 726.438702][T14979] ? __pfx_do_sys_openat2+0x10/0x10 [ 726.438751][T14979] __x64_sys_openat+0x12d/0x210 [ 726.438788][T14979] ? __pfx___x64_sys_openat+0x10/0x10 [ 726.438838][T14979] do_syscall_64+0x106/0xf80 [ 726.438870][T14979] ? clear_bhb_loop+0x40/0x90 [ 726.438903][T14979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.438932][T14979] RIP: 0033:0x7f037679c799 [ 726.438968][T14979] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 726.438995][T14979] RSP: 002b:00007f037772f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 726.439024][T14979] RAX: ffffffffffffffda RBX: 00007f0376a15fa0 RCX: 00007f037679c799 [ 726.439042][T14979] RDX: 0000000000000100 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 726.439059][T14979] RBP: 00007f0376832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 726.439076][T14979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 726.439092][T14979] R13: 00007f0376a16038 R14: 00007f0376a15fa0 R15: 00007fffab9f65e8 [ 726.439245][T14979] [ 726.439260][T14979] ERROR: Out of memory at tomoyo_realpath_from_path. [ 726.691297][T14961] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 726.791942][T14961] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2302: iget: checksum invalid [ 726.920929][T14961] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 726.987016][T14961] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2302: iget: checksum invalid [ 727.189721][T14961] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 727.354970][T14961] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2302: iget: checksum invalid [ 727.467276][T14961] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 727.648189][T14961] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 727.716643][T14961] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 728.036132][T14992] zswap: compressor 000 not available [ 728.475962][T14977] chnl_net:caif_netlink_parms(): no params data found [ 728.938547][T15021] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 728.986169][ T6374] Bluetooth: hci5: command tx timeout [ 729.113237][T15020] can: request_module (can-proto-0) failed. [ 729.298552][T14977] bridge0: port 1(bridge_slave_0) entered blocking state [ 729.318767][T14977] bridge0: port 1(bridge_slave_0) entered disabled state [ 729.364449][T14977] bridge_slave_0: entered allmulticast mode [ 729.428483][T14977] bridge_slave_0: entered promiscuous mode [ 729.487362][T14977] bridge0: port 2(bridge_slave_1) entered blocking state [ 729.529310][T14977] bridge0: port 2(bridge_slave_1) entered disabled state [ 729.582715][T14977] bridge_slave_1: entered allmulticast mode [ 729.625868][T14977] bridge_slave_1: entered promiscuous mode [ 729.954566][T14977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 729.988588][T14977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 730.059571][ T6374] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 730.204620][T15033] syz_tun: tun_chr_ioctl cmd 3 [ 730.286503][T12702] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 730.353756][T14977] team0: Port device team_slave_0 added [ 730.395218][T14977] team0: Port device team_slave_1 added [ 730.452013][T12702] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 730.621912][T12702] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 730.663258][T14977] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 730.690194][T14977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 730.758103][T14977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 730.783063][T14977] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 730.801503][T15037] ubi0: attaching mtd0 [ 730.806380][T14977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 730.841165][T15037] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 3 [ 730.852864][T15037] eraseblock attaching information dump: [ 730.859046][T15037] ec 2 [ 730.862605][T15037] pnum 0 [ 730.866500][T15037] lnum 0 [ 730.870100][T15037] scrub 0 [ 730.874018][T15037] sqnum 3 [ 730.874901][T14977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 730.877964][T15037] Volume identifier header dump: [ 730.901082][T15037] magic 55424921 [ 730.905478][T15037] version 1 [ 730.910984][T15037] vol_type 1 [ 730.915767][T15037] copy_flag 0 [ 730.919502][T15037] compat 5 [ 730.923539][T15037] vol_id 2147479551 [ 730.928643][T15037] lnum 0 [ 730.932260][T15037] data_size 0 [ 730.939601][T15037] used_ebs 0 [ 730.956532][T12702] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 730.970249][T15037] data_pad 0 [ 730.973693][T15037] sqnum 3 [ 730.984278][T15037] hdr_crc 05ef0866 [ 730.991418][T15037] Volume identifier header hexdump: [ 731.072483][ T6374] Bluetooth: hci5: command tx timeout [ 731.130428][T14977] hsr_slave_0: entered promiscuous mode [ 731.148138][T14977] hsr_slave_1: entered promiscuous mode [ 731.163386][T14977] debugfs: 'hsr0' already exists in 'hsr' [ 731.200786][T14977] Cannot create hsr debugfs directory [ 731.597193][T15037] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 731.931115][T15051] zswap: compressor 000 not available [ 731.989609][T12702] bridge_slave_1: left allmulticast mode [ 732.024643][T12702] bridge_slave_1: left promiscuous mode [ 732.034067][T12702] bridge0: port 2(bridge_slave_1) entered disabled state [ 732.184816][ T8076] Bluetooth: hci0: command 0x0c1a tx timeout [ 732.251094][T12702] bridge_slave_0: left allmulticast mode [ 732.282152][T12702] bridge_slave_0: left promiscuous mode [ 732.294522][T12702] bridge0: port 1(bridge_slave_0) entered disabled state [ 733.058557][T12702] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 733.089844][T12702] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 733.118091][T12702] bond0 (unregistering): Released all slaves [ 733.145933][ T6374] Bluetooth: hci5: command tx timeout [ 733.538034][T12702] HfR: left promiscuous mode [ 733.618972][T15095] Console: switching to colour VGA+ 80x25 [ 733.803663][T15101] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 733.896284][T15096] zswap: compressor 000 not available [ 734.271444][ T6374] Bluetooth: hci0: command 0x0c1a tx timeout [ 734.869808][T12702] hsr_slave_0: left promiscuous mode [ 734.894041][T12702] hsr_slave_1: left promiscuous mode [ 734.933320][T12702] veth1_vlan: left promiscuous mode [ 734.939429][T12702] veth0_vlan: left promiscuous mode [ 735.230102][ T8076] Bluetooth: hci5: command tx timeout [ 735.408937][T12702] team0 (unregistering): Port device team_slave_0 removed [ 736.004060][T14977] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 736.097064][T14977] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 736.224700][T14977] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 736.322208][T14977] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 736.915628][T14977] 8021q: adding VLAN 0 to HW filter on device bond0 [ 737.095897][T15156] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2334'. [ 737.204858][T14977] 8021q: adding VLAN 0 to HW filter on device team0 [ 737.258269][T12699] bridge0: port 1(bridge_slave_0) entered blocking state [ 737.265750][T12699] bridge0: port 1(bridge_slave_0) entered forwarding state [ 737.596196][T15162] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2335'. [ 737.759674][T15175] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2335'. [ 737.839866][T15162] zswap: compressor not available [ 737.875979][T12699] bridge0: port 2(bridge_slave_1) entered blocking state [ 737.883414][T12699] bridge0: port 2(bridge_slave_1) entered forwarding state [ 739.955775][T14977] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 740.293597][T14977] veth0_vlan: entered promiscuous mode [ 740.357956][T14977] veth1_vlan: entered promiscuous mode [ 740.849400][T14977] veth0_macvtap: entered promiscuous mode [ 741.010666][T14977] veth1_macvtap: entered promiscuous mode [ 741.244884][T14977] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 741.313282][T14977] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 741.554916][T12702] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 741.587121][T12702] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 741.670066][T12702] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 741.756701][T12702] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 741.928716][T12702] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 741.958228][T12702] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 742.046742][T12702] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 742.070651][T12702] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 742.772370][T15276] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(14) [ 743.102056][T15280] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(14) [ 743.270806][T15286] ubi0: attaching mtd0 [ 743.311177][T15286] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 3 [ 743.386429][T15286] eraseblock attaching information dump: [ 743.443721][T15286] ec 2 [ 743.460580][T15286] pnum 0 [ 743.520783][T15286] lnum 0 [ 743.529024][T15286] scrub 0 [ 743.533437][T15286] sqnum 3 [ 743.536980][T15286] Volume identifier header dump: [ 743.547052][T15286] magic 55424921 [ 743.556548][T15286] version 1 [ 743.584232][T15286] vol_type 1 [ 743.592952][T15286] copy_flag 0 [ 743.606821][T15286] compat 5 [ 743.624999][T15286] vol_id 2147479551 [ 743.653623][T15286] lnum 0 [ 743.657334][T15286] data_size 0 [ 743.709701][T15286] used_ebs 0 [ 743.723878][T15286] data_pad 0 [ 743.744235][T15286] sqnum 3 [ 743.754371][T15286] hdr_crc 05ef0866 [ 743.776497][T15286] Volume identifier header hexdump: [ 744.028134][T15286] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 744.451578][T15299] netlink: 'syz.0.2355': attribute type 1 has an invalid length. [ 744.491541][T15299] netlink: 33 bytes leftover after parsing attributes in process `syz.0.2355'. [ 744.771177][T15302] FAULT_INJECTION: forcing a failure. [ 744.771177][T15302] name failslab, interval 1, probability 0, space 0, times 0 [ 744.806692][T15302] CPU: 1 UID: 0 PID: 15302 Comm: syz.2.2356 Tainted: G L syzkaller #0 PREEMPT(full) [ 744.806745][T15302] Tainted: [L]=SOFTLOCKUP [ 744.806756][T15302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 744.806775][T15302] Call Trace: [ 744.806786][T15302] [ 744.806799][T15302] dump_stack_lvl+0x100/0x190 [ 744.806850][T15302] should_fail_ex.cold+0x5/0xa [ 744.806887][T15302] should_failslab+0xc2/0x120 [ 744.806922][T15302] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 744.806969][T15302] ? vm_area_alloc+0x1f/0x160 [ 744.807008][T15302] ? vma_merge_new_range+0x38b/0xa30 [ 744.807059][T15302] vm_area_alloc+0x1f/0x160 [ 744.807099][T15302] __mmap_region+0x10cc/0x29e0 [ 744.807145][T15302] ? kmem_cache_free+0x44b/0x6a0 [ 744.807183][T15302] ? __fput_deferred+0x3e6/0x490 [ 744.807218][T15302] ? path_openat+0xfec/0x31a0 [ 744.807246][T15302] ? do_file_open+0x20e/0x430 [ 744.807276][T15302] ? __pfx___mmap_region+0x10/0x10 [ 744.807313][T15302] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.807346][T15302] ? css_rstat_updated+0x1ce/0x5a0 [ 744.807381][T15302] ? __pfx_css_rstat_updated+0x10/0x10 [ 744.807437][T15302] ? __lock_acquire+0x4a5/0x2630 [ 744.807476][T15302] ? trace_pelt_se_tp+0x159/0x1b0 [ 744.807534][T15302] ? find_held_lock+0x2b/0x80 [ 744.807562][T15302] ? finish_task_switch.isra.0+0x200/0xb80 [ 744.807593][T15302] ? finish_task_switch.isra.0+0x200/0xb80 [ 744.807640][T15302] ? trace_sched_exit_tp+0x13a/0x180 [ 744.807676][T15302] ? __schedule+0x1000/0x6120 [ 744.807776][T15302] mmap_region+0x180/0x3e0 [ 744.807833][T15302] do_mmap+0xc63/0x12f0 [ 744.807877][T15302] ? __pfx_do_mmap+0x10/0x10 [ 744.807912][T15302] ? __pfx_down_write_killable+0x10/0x10 [ 744.807962][T15302] vm_mmap_pgoff+0x29e/0x470 [ 744.808005][T15302] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 744.808042][T15302] ? do_futex+0x192/0x350 [ 744.808082][T15302] ? __pfx_do_futex+0x10/0x10 [ 744.808118][T15302] ? __pfx_do_sys_openat2+0x10/0x10 [ 744.808165][T15302] ksys_mmap_pgoff+0xe1/0x650 [ 744.808198][T15302] ? __x64_sys_futex+0x34f/0x4d0 [ 744.808234][T15302] ? __x64_sys_futex+0x358/0x4d0 [ 744.808274][T15302] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 744.808307][T15302] ? xfd_validate_state+0x129/0x190 [ 744.808358][T15302] __x64_sys_mmap+0x125/0x190 [ 744.808407][T15302] do_syscall_64+0x106/0xf80 [ 744.808452][T15302] ? clear_bhb_loop+0x40/0x90 [ 744.808490][T15302] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.808521][T15302] RIP: 0033:0x7f9561f9c799 [ 744.808548][T15302] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 744.808580][T15302] RSP: 002b:00007f9562f38028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 744.808611][T15302] RAX: ffffffffffffffda RBX: 00007f9562215fa0 RCX: 00007f9561f9c799 [ 744.808631][T15302] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000401000 [ 744.808651][T15302] RBP: 00007f9562032bd9 R08: 0000000000000002 R09: 0000000000008000 [ 744.808670][T15302] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 744.808690][T15302] R13: 00007f9562216038 R14: 00007f9562215fa0 R15: 00007ffe629bfc48 [ 744.808733][T15302] [ 745.469228][ T8076] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 746.076424][T15322] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2361'. [ 746.112760][T15314] zswap: compressor 000 not available [ 746.240735][T15308] Invalid ELF header magic: != ELF [ 746.761921][T15330] input: jJǸ-9%vJ86 as /devices/virtual/input/input32 [ 747.129703][T15337] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2366'. [ 747.602857][T15345] tc_dump_action: action bad kind [ 747.889697][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.896291][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 750.478104][ T6374] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 750.491461][ T6374] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 750.510589][ T6374] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 750.522555][ T6374] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 750.531198][ T6374] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 751.651163][T15410] FAULT_INJECTION: forcing a failure. [ 751.651163][T15410] name failslab, interval 1, probability 0, space 0, times 0 [ 751.710621][T15410] CPU: 1 UID: 0 PID: 15410 Comm: syz.4.2384 Tainted: G L syzkaller #0 PREEMPT(full) [ 751.710673][T15410] Tainted: [L]=SOFTLOCKUP [ 751.710685][T15410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 751.710704][T15410] Call Trace: [ 751.710715][T15410] [ 751.710728][T15410] dump_stack_lvl+0x100/0x190 [ 751.710782][T15410] should_fail_ex.cold+0x5/0xa [ 751.710820][T15410] should_failslab+0xc2/0x120 [ 751.710856][T15410] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 751.710903][T15410] ? do_getname+0x35/0x390 [ 751.710952][T15410] do_getname+0x35/0x390 [ 751.710998][T15410] do_sys_openat2+0xc5/0x1e0 [ 751.711048][T15410] ? __pfx_do_sys_openat2+0x10/0x10 [ 751.711092][T15410] ? up_write+0x290/0x4f0 [ 751.711142][T15410] __x64_sys_openat+0x12d/0x210 [ 751.711184][T15410] ? __pfx___x64_sys_openat+0x10/0x10 [ 751.711237][T15410] do_syscall_64+0x106/0xf80 [ 751.711276][T15410] ? clear_bhb_loop+0x40/0x90 [ 751.711323][T15410] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.711355][T15410] RIP: 0033:0x7f037679c799 [ 751.711382][T15410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 751.711413][T15410] RSP: 002b:00007f037772f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 751.711444][T15410] RAX: ffffffffffffffda RBX: 00007f0376a15fa0 RCX: 00007f037679c799 [ 751.711465][T15410] RDX: 0000000000000100 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 751.711484][T15410] RBP: 00007f0376832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 751.711502][T15410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 751.711521][T15410] R13: 00007f0376a16038 R14: 00007f0376a15fa0 R15: 00007fffab9f65e8 [ 751.711653][T15410] [ 752.048743][T15385] chnl_net:caif_netlink_parms(): no params data found [ 752.660233][ T6374] Bluetooth: hci1: command tx timeout [ 753.115353][T15385] bridge0: port 1(bridge_slave_0) entered blocking state [ 753.215882][T15385] bridge0: port 1(bridge_slave_0) entered disabled state [ 753.247431][T15295] ------------[ cut here ]------------ [ 753.254475][T15295] ODEBUG: free active (active state 0) object: ffff88802c6f9460 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 753.268058][T15295] WARNING: lib/debugobjects.c:629 at debug_print_object+0x18e/0x2a0, CPU#1: syz.0.2353/15295 [ 753.279213][T15295] Modules linked in: [ 753.283640][T15295] CPU: 1 UID: 0 PID: 15295 Comm: syz.0.2353 Tainted: G L syzkaller #0 PREEMPT(full) [ 753.295823][T15295] Tainted: [L]=SOFTLOCKUP [ 753.300743][T15295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 753.311633][T15295] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 753.321251][T15295] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d a2 6c e8 0b 41 56 48 8b 14 dd e0 0a 1b 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 ec 0d de 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 753.343039][T15295] RSP: 0018:ffffc900036e7748 EFLAGS: 00010246 [ 753.349245][T15295] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 753.357639][T15295] RDX: ffffffff8c1b0a20 RSI: ffffffff8c1b0640 RDI: ffffffff90e43f90 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 753.366079][T15295] RBP: 0000000000000001 R08: ffff88802c6f9460 R09: ffffffff8bb2b860 [ 753.375098][T15295] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1b0640 [ 753.384576][T15295] R13: ffffffff8bb2b8a0 R14: ffffffff8a95d880 R15: ffffc900036e7848 [ 753.393948][T15295] FS: 0000000000000000(0000) GS:ffff88812444d000(0000) knlGS:0000000000000000 [ 753.403591][T15295] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 753.411446][T15295] CR2: 00007f037770dff8 CR3: 000000005410c000 CR4: 00000000003526f0 [ 753.420644][T15295] Call Trace: [ 753.423967][T15295] [ 753.426930][T15295] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 753.433087][T15295] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 753.439519][T15295] debug_check_no_obj_freed+0x4da/0x630 [ 753.445821][T15295] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 753.452432][T15295] ? __page_table_check_zero+0x333/0x410 [ 753.458394][T15295] ? __page_table_check_zero+0x338/0x410 [ 753.464756][T15295] __free_frozen_pages+0x392/0x10d0 [ 753.471061][T15295] hci_release_dev+0x4ef/0x630 [ 753.476281][T15295] ? __pfx_hci_release_dev+0x10/0x10 [ 753.482061][T15295] ? device_release+0x69/0x240 [ 753.487212][T15295] ? rcu_is_watching+0x12/0xc0 [ 753.492387][T15295] ? device_release+0x69/0x240 [ 753.498069][T15295] ? kfree+0x2ec/0x6b0 [ 753.502240][T15295] bt_host_release+0x6a/0xb0 [ 753.506940][T15295] ? __pfx_bt_host_release+0x10/0x10 [ 753.512762][T15295] device_release+0xa4/0x240 [ 753.518172][T15295] kobject_put+0x1f7/0x640 [ 753.523159][T15295] put_device+0x1f/0x30 [ 753.527642][T15295] vhci_release+0x185/0x230 [ 753.532354][T15295] ? __pfx_vhci_release+0x10/0x10 [ 753.537821][T15295] __fput+0x3ff/0xb40 [ 753.542348][T15295] task_work_run+0x150/0x240 [ 753.547309][T15295] ? __pfx_task_work_run+0x10/0x10 [ 753.552613][T15295] do_exit+0x8b8/0x2b60 [ 753.556917][T15295] ? __pfx_do_exit+0x10/0x10 [ 753.562012][T15295] ? __pfx_proc_coredump_connector+0x10/0x10 [ 753.568192][T15295] do_group_exit+0xd5/0x2a0 [ 753.573467][T15295] get_signal+0x1ec7/0x21e0 [ 753.578903][T15295] ? __pfx_get_signal+0x10/0x10 [ 753.585335][T15295] ? bad_area_access_error+0xab/0x1d0 [ 753.592851][T15295] ? fixup_vdso_exception+0x2d1/0x370 [ 753.598501][T15295] arch_do_signal_or_restart+0x91/0x770 [ 753.604839][T15295] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 753.611085][T15295] ? do_user_addr_fault+0x8d6/0x12f0 [ 753.616688][T15295] irqentry_exit+0x1f8/0x670 [ 753.622076][T15295] asm_exc_page_fault+0x26/0x30 [ 753.627145][T15295] RIP: 0033:0x0 [ 753.631265][T15295] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 753.638949][T15295] RSP: 002b:0000000000000010 EFLAGS: 00010217 [ 753.646047][T15295] RAX: 0000000000000000 RBX: 00007f676ba15fa0 RCX: 00007f676b79c799 [ 753.654283][T15295] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000020003b4a [ 753.662529][T15295] RBP: 00007f676b832bd9 R08: 0000000000000007 R09: 0000000000000000 [ 753.670943][T15295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 753.679316][T15295] R13: 00007f676ba16038 R14: 00007f676ba15fa0 R15: 00007ffdccf38448 [ 753.687739][T15295] [ 753.691015][T15295] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 753.698585][T15295] CPU: 1 UID: 0 PID: 15295 Comm: syz.0.2353 Tainted: G L syzkaller #0 PREEMPT(full) [ 753.709730][T15295] Tainted: [L]=SOFTLOCKUP [ 753.714161][T15295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 753.724321][T15295] Call Trace: [ 753.727748][T15295] [ 753.730752][T15295] dump_stack_lvl+0x100/0x190 [ 753.735758][T15295] vpanic+0x552/0x970 [ 753.740198][T15295] ? __pfx_vpanic+0x10/0x10 [ 753.744927][T15295] panic+0xd1/0xe0 [ 753.748686][T15295] ? __pfx_panic+0x10/0x10 [ 753.753135][T15295] ? check_panic_on_warn+0x1f/0x90 [ 753.758642][T15295] check_panic_on_warn.cold+0x19/0x34 [ 753.764045][T15295] ? debug_print_object+0x18e/0x2a0 [ 753.769276][T15295] __warn.cold+0x191/0x348 [ 753.773900][T15295] __report_bug+0x296/0x3d0 [ 753.778704][T15295] ? debug_print_object+0x18e/0x2a0 [ 753.783949][T15295] ? __pfx___report_bug+0x10/0x10 [ 753.789096][T15295] ? __lock_acquire+0x4a5/0x2630 [ 753.794669][T15295] report_bug_entry+0xe1/0x290 [ 753.799937][T15295] ? debug_print_object+0x19b/0x2a0 [ 753.805824][T15295] handle_bug+0x1cd/0x2a0 [ 753.810291][T15295] exc_invalid_op+0x17/0x50 [ 753.814915][T15295] asm_exc_invalid_op+0x1a/0x20 [ 753.820065][T15295] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 753.826569][T15295] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d a2 6c e8 0b 41 56 48 8b 14 dd e0 0a 1b 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 ec 0d de 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 753.847010][T15295] RSP: 0018:ffffc900036e7748 EFLAGS: 00010246 [ 753.853505][T15295] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 753.861778][T15295] RDX: ffffffff8c1b0a20 RSI: ffffffff8c1b0640 RDI: ffffffff90e43f90 [ 753.870407][T15295] RBP: 0000000000000001 R08: ffff88802c6f9460 R09: ffffffff8bb2b860 [ 753.878841][T15295] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1b0640 [ 753.886951][T15295] R13: ffffffff8bb2b8a0 R14: ffffffff8a95d880 R15: ffffc900036e7848 [ 753.895414][T15295] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 753.900916][T15295] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 753.906560][T15295] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 753.912390][T15295] debug_check_no_obj_freed+0x4da/0x630 [ 753.918322][T15295] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 753.924673][T15295] ? __page_table_check_zero+0x333/0x410 [ 753.930340][T15295] ? __page_table_check_zero+0x338/0x410 [ 753.936522][T15295] __free_frozen_pages+0x392/0x10d0 [ 753.941869][T15295] hci_release_dev+0x4ef/0x630 [ 753.946692][T15295] ? __pfx_hci_release_dev+0x10/0x10 [ 753.952334][T15295] ? device_release+0x69/0x240 [ 753.957319][T15295] ? rcu_is_watching+0x12/0xc0 [ 753.962497][T15295] ? device_release+0x69/0x240 [ 753.967467][T15295] ? kfree+0x2ec/0x6b0 [ 753.971699][T15295] bt_host_release+0x6a/0xb0 [ 753.976591][T15295] ? __pfx_bt_host_release+0x10/0x10 [ 753.982375][T15295] device_release+0xa4/0x240 [ 753.987066][T15295] kobject_put+0x1f7/0x640 [ 753.991760][T15295] put_device+0x1f/0x30 [ 753.995937][T15295] vhci_release+0x185/0x230 [ 754.000530][T15295] ? __pfx_vhci_release+0x10/0x10 [ 754.005662][T15295] __fput+0x3ff/0xb40 [ 754.009872][T15295] task_work_run+0x150/0x240 [ 754.014494][T15295] ? __pfx_task_work_run+0x10/0x10 [ 754.019721][T15295] do_exit+0x8b8/0x2b60 [ 754.023896][T15295] ? __pfx_do_exit+0x10/0x10 [ 754.028683][T15295] ? __pfx_proc_coredump_connector+0x10/0x10 [ 754.034950][T15295] do_group_exit+0xd5/0x2a0 [ 754.039597][T15295] get_signal+0x1ec7/0x21e0 [ 754.044401][T15295] ? __pfx_get_signal+0x10/0x10 [ 754.049777][T15295] ? bad_area_access_error+0xab/0x1d0 [ 754.055807][T15295] ? fixup_vdso_exception+0x2d1/0x370 [ 754.061215][T15295] arch_do_signal_or_restart+0x91/0x770 [ 754.066971][T15295] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 754.073258][T15295] ? do_user_addr_fault+0x8d6/0x12f0 [ 754.079642][T15295] irqentry_exit+0x1f8/0x670 [ 754.085763][T15295] asm_exc_page_fault+0x26/0x30 [ 754.090810][T15295] RIP: 0033:0x0 [ 754.094470][T15295] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 754.102287][T15295] RSP: 002b:0000000000000010 EFLAGS: 00010217 [ 754.108561][T15295] RAX: 0000000000000000 RBX: 00007f676ba15fa0 RCX: 00007f676b79c799 [ 754.117116][T15295] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000020003b4a [ 754.125206][T15295] RBP: 00007f676b832bd9 R08: 0000000000000007 R09: 0000000000000000 [ 754.133763][T15295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.142021][T15295] R13: 00007f676ba16038 R14: 00007f676ba15fa0 R15: 00007ffdccf38448 [ 754.150464][T15295] [ 754.154120][T15295] Kernel Offset: disabled [ 754.158575][T15295] Rebooting in 86400 seconds..