last executing test programs: 6.178322782s ago: executing program 0 (id=2068): r0 = io_uring_setup$auto(0x6, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/zoneinfo\x00', 0x0, 0x0) read$auto(r2, &(0x7f0000000240)='/proc/scsi/sg\x00\x00\x00\x00ices\x00\r\xe2\xc9\x04\x986\xbc\xb0FI\xb9-E\xe3\x87j\xdes1\xa7\xdf\xc4\b\xb3\xeelc\x7f\xfdg\x18*\a:_\xb0\x92\xacwH\x9c\x9dF\xb1\xc47\x85\xc7\x13\xe1\x19UR\x96\xd8\x86\xd3\xe4\xa9R\x1c\xeb\xc8\xe5X\xfcR\xc7\vdU\x8b\xaa^\xfd\x83#\xc1o\x04\xeca\xbf\x8bYz\xd9\r\xcbk\xfd\x9e\x97\xcbOf\x80', 0xffffffff) sendmsg$auto_NL80211_CMD_GET_FTM_RESPONDER_STATS(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000000c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r1], 0xd0}, 0x1, 0x0, 0x0, 0x4084}, 0x80004) rseq$auto(&(0x7f0000000200)={0xe, 0x400, 0xfb82, 0xfc, 0xffffffff, 0x200}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x44, r6, 0xa11, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1000008}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5299}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, 0x3}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x9}]}, 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x48080) r7 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D0c\x00', 0x141080, 0x0) read$auto_snd_pcm_f_ops_pcm1(r7, 0x0, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/nvme_core/parameters/iopolicy\x00', 0x2062, 0x0) write$auto(r8, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) ioctl$auto_VHOST_SET_VRING_CALL2(r0, 0x4008af21, &(0x7f00000003c0)={0xce4, r7}) ioctl$auto_SNDCTL_MIDI_INFO(r11, 0xc074510c, &(0x7f0000000400)="c337b3ed2df2c66c596b9ea9ff85625c9087e736fd353cef7423e56280488ce25e1982c5517f6123e9f9c672978e79ea2a8b") sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="1b0026bd7000fddbdf2503000000040008000c00f37f08000b8004002c5932af79fc13c0a8462beb9becedff558012000100898771f1a9e31d029ec5c77016e776553ce06a2e35a61cd2fdd16ca3014fe2edbf168d51e2086d5c36977c18710be945c858e025b5cfe55e5b0a98815b61966c948286dbfd655f573bff33b4dab985880aaaf5fb60f650e18fe31f0275d767996ed6135736de97deebd95928081144447fd9c2b241387e698040ced2a48e8073045cd961a40e4e1bf52f6a2e187b31c9738bf447db35745711b7e0d3c033b24238f081e3203f6568b32b07cd0c44481163c99d6cff02288c68995f0543b694c229e131437aca17621373c1c95897996ab6b1884ca1ca721878c7380d89cd438cd803"], 0x3c}, 0x1, 0x0, 0x0, 0x50}, 0xc800) ioctl$auto(r4, 0x401870c8, r3) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r12 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYBLOB='p'], 0x1ac}}, 0x40000) sendmmsg$auto(r12, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r13 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setuid$auto(0xe) get_robust_list$auto(r13, &(0x7f00000006c0)=&(0x7f0000000680)={{&(0x7f0000000480)={&(0x7f0000000440)}}, 0x400, &(0x7f0000000600)}, &(0x7f0000000700)=0x4) 5.532938773s ago: executing program 2 (id=2070): socket(0x2, 0x1, 0x106) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x2, 0x1) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x614a839e936ea30a, 0x0) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1) 5.412391341s ago: executing program 1 (id=2071): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyy2\x00', 0x100, 0x0) select$auto(0x4, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x7, 0x2, 0x1, 0x948b, 0x1000000000000004, 0x15f4da0a, 0x39, 0x3, 0x2fffffffffffffe, 0x80000002, 0x7a142c64, 0x6d3c, 0x5, 0x80, 0xfb]}, 0x0) write$auto(0xca, 0x0, 0x2d9) ioctl$auto(0x3, 0x5412, 0x38) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103b02, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0x9, 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xc2d3) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0005"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0xfe, 0x6fb3, 0x8a, 0x9, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b3}, {0x0, 0xfc, 0x6, 0x0, 0x0, 0xf89, 0x9, 0x837, 0x8}}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x1ac}}, 0x40000) r3 = socket(0x11, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f00000003c0), 0x5, 0x1000}, 0x5}, 0x2, 0x100) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3) r4 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0) ioctl$auto_FS_IOC_RESVSP64(r4, 0x4030582a, 0x6) ioctl$auto(r4, 0x80, r4) 5.311648461s ago: executing program 2 (id=2072): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) socket(0x11, 0x80003, 0x300) socket(0x2, 0x3, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2a, 0x2, 0x0) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sda\x00', 0x48001, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x2, 0x73) io_uring_setup$auto(0xa, 0x0) socket(0x1e, 0x1, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0xa, 0x5, 0x0) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c804}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0xffffff7f, 0x9}, 0x2}, 0x3, 0x0) 5.202786696s ago: executing program 0 (id=2074): quotactl_fd$auto(0x0, 0x80000201, 0x0, 0xfffffffffffffffd) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0xf) syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000080), 0xffffffffffffffff) msgctl$auto_IPC_RMID(0x7c9d, 0x0, &(0x7f0000000140)={{0x5, 0x0, 0xee01, 0xf, 0x401, 0x8000, 0x1000}, &(0x7f00000000c0)=0x16, &(0x7f0000000100)=0x29, 0x9, 0x0, 0x10, 0x4, 0x2, 0x4, 0xd4, 0x0, @inferred, @raw=0xc013}) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x101000, 0x0) setsockopt$auto(0x3, 0x0, 0x18, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000640)=@in={0x2, 0x0, @empty}, 0x69) 4.828452918s ago: executing program 2 (id=2075): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) pivot_root$auto(0x0, 0x0) io_uring_setup$auto(0x4, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x541b, 0x38) 4.289590339s ago: executing program 0 (id=2076): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) pivot_root$auto(0x0, 0x0) io_uring_setup$auto(0x4, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x541b, 0x38) 3.963739083s ago: executing program 3 (id=2077): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x8, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0x6, 0x3, 0x29f, 0xfe, 0x7ffffffb, 0x101, 0x800, 0x3}, {0x2000008, 0x1, 0x52, 0x5, 0x2, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001140)='/proc/sys/net/ipv4/conf/macvlan0/proxy_arp\x00', 0x8a042, 0x0) sendfile$auto(r0, r0, 0x0, 0x10000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd07, &(0x7f00000001c0)) io_uring_enter$auto(r1, 0xe, 0x2a, 0x7, &(0x7f0000000000)="83331d635d4fc0750463faef3a3760b6e39902e55e9124383b68e0d48b28757b5aa47c5d", 0x3) r2 = openat$auto_fops_ulong_ro_(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/ieee80211/phy14/netdev:wlan1/stations/08:02:11:00:00:00/rx_duplicates\x00', 0xa0800, 0x0) r3 = bpf$auto_BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000480)=@test={r2, 0x4, 0x92ed, 0x2, 0x5, 0x4, 0x7c67, 0x0, 0x9, 0x0, 0x9, 0x0, 0x8, 0x82, 0x4}, 0x9) ioctl$auto_FIOCLEX(r3, 0x5451, 0x101) openat$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x404041, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x1ffffffffffd, 0xb4, 0x9, 0x8, 0x10007, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40]}, 0x1fe, 0xd) r4 = socket(0x2a, 0x2, 0x1) connect$auto(r4, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) ioctl$auto(0xffffffffffffffff, 0x8, 0x1) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_KSMBD_EVENT_SHUTTING_DOWN(r4, 0x0, 0x20004880) ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000000280)={r4, &(0x7f0000000100)="ad8426d8572f", 0xc, 0x0, 0x8000, 0x0, 0x0}) io_uring_setup$auto(0x1, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) 3.829893332s ago: executing program 1 (id=2078): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) socket(0x27, 0x80000, 0x73) mmap$auto(0xfffffffffffffff9, 0x2000a, 0x100000000009f, 0xeb2, 0x401, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x769700, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) r1 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) getdents64$auto(r1, 0x0, 0x400) clone$auto(0x100000020003b49, 0x80000000002, 0x0, 0x0, 0x4) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(0x0, 0x22240, 0x154) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r2, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_add_rule$auto(r2, 0x1, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0) write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x81) write$auto(r0, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x2}, 0xed7138c}, 0x2, 0x9) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000480)='/dev/sda1\x00', 0x8800, 0x0) setfsuid$auto(0xee00) cachestat$auto(r4, &(0x7f0000000640)={0x8, 0x4000000000008}, 0x0, 0x0) r5 = socket(0xa, 0x5, 0x84) sendto$auto(r5, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe800007fec000"}, 0x1c) mmap$auto(0x2b04, 0x202000a, 0x403, 0xeb1, 0xfffffffffffffffa, 0x10000000008000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0) 3.504266823s ago: executing program 2 (id=2079): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) r0 = socket(0x2b, 0x800, 0x76) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0x80100, 0x0) r2 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000b00), r2) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000140)=""/122, 0x7a) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snd/midiC2D3\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsetxattr$auto(0x1, 0x0, 0x0, 0x0, 0x2) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000002c0), r0) shmctl$auto_SHM_LOCK(0x1, 0xb, &(0x7f0000000500)={{0x2, 0x0, 0xffffffffffffffff, 0x80, 0x38cb, 0x1, 0x1}, 0xe44, 0x7, 0xffffffffffffffff, 0x28, @inferred, @raw=0x1, 0x73c, 0x0, &(0x7f0000000240)="fd683e63025f8b65954c19e3414772f4d09eec96611720ea05094b772e19345731c54b547d0b5aacf1ee3def038114f474fbdf75c55aa8da271d2ca062668777bebd53e4225cf62dbbbc", &(0x7f0000000400)="51abaff804a0f24de290a35755a98bf8d533cf2fc4686c81977b4e151eaca2a08390c94ece0d5166568b3114e6240b337623418575f06448b94a147e196113e435e64841a059a5695d8d39e2beb6668c72a2094a4a78aabb325d01ba9455d8523e05fd4454a70fe85cff8ff410666bd8874ff0c36b7141c0651fe69ed4636fa1278f1d1897cf96ad8db3a668f2b6c8b45314b1c4a51c"}) sendmsg$auto_TIPC_NL_BEARER_ADD(r4, &(0x7f0000000ac0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="8c010000", @ANYRES16=r5, @ANYBLOB="000429bd700000dcdf2515000000040004800800098004007b800c0005800800a5002c122f005d010480f4828adf6f6bd020180a8a2d0718d2c5fdc6987418a0e2726dfecb5e215ceb34ff877a5b3eedfee5e4f02e40ab12930b5e080ccd5d4e3cb44189d08f1ab9ec77a5d418aa2b8e4f6c0aa1e27a58bfca78563cb061ffe34b050000008e3db995011272e5e3498980cb2c30c606c1b2f68e4df1c2ea0c1c4c25470828ed62c589bec1832e04aa1063c42aa8dae2c50f4580353efc3db98fe69df8ab129fe072c8d3b30488a6701f83bc0ab3b4db69465cad436b09cac804a658f5f7df7d023ac1d5d92a59407512e6d95b00d486291a07786bdc80752f0ce4eb9f4fe34178bd67c652d9122e0314497ee219038f63c4353c7894e9d64e880c8d3a5d2888a732ca999741d3c934b14538ff308ff0e57033fac7dd9024743adfce19b7d0aeba4d2dab24c6a6147e0f832e8216f4c5650cb75f43c64ec7b845f8a463cab44326412daf42f075a3fec3040f989bf410cea1f4912807e3e6634c5fcfdf000000"], 0x18c}, 0x1, 0x0, 0x0, 0x40030}, 0xd0) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/net/ip_vs_conn\x00', 0x121040, 0x0) pread64$auto(r6, 0x0, 0x87ff, 0x5) mmap$auto(0x0, 0x400008, 0x3, 0xffffffff, 0xffffffffffffffff, 0x8000) r7 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r7, 0x8, 0x1) 3.483652757s ago: executing program 1 (id=2080): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) getsockopt$auto_SO_NO_CHECK(r0, 0x7, 0xb, 0x0, 0x0) getcwd$auto(0x0, 0x3) bpf$auto(0x0, &(0x7f0000000580)=@task_fd_query={0x7, 0x4, 0x200, 0x37e, 0x0, 0xf, 0xffffffffffffffff, 0x2, 0x5}, 0x6f4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3) mbind$auto(0x1000, 0xb, 0x3, &(0x7f0000000180)=0xffff, 0x3, 0x3) r2 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_kernel_debug_fops_orangefs_debugfs(r2, &(0x7f0000000640)=""/4096, 0x1000) read$auto_l2cap_debugfs_fops_(r2, 0x0, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r2, 0x4018bc0e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2a}) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 3.379018702s ago: executing program 0 (id=2081): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2a, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'team0\x00'}) socket(0x27, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'veth0_to_hsr\x00'}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x4048800) r2 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/bdi/252:0/min_ratio_fine\x00', 0xc0082, 0x0) sendfile$auto(r3, r3, 0x0, 0xef3) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r2, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x4000005}, 0x6, 0xf8, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r5) ioctl$auto_KVM_CREATE_VM(r4, 0xae80, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) io_uring_register$auto(0x2, 0x1d, 0x0, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) 3.378839009s ago: executing program 3 (id=2082): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x140242, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fchdir$auto(r0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0xdef, 0x0) socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x2, 0xdf, 0x15, 0x401, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x8, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) link$auto(&(0x7f0000001200)='./file0\x00', 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/slab/kmalloc-64/failslab\x00', 0x149301, 0x0) write$auto(r1, &(0x7f0000000340)=',02.15.4 ]\x98\x0f7V\xd4l\xf2AC\x04\xecQ=\xa2\xce\nO}\x1d\xd7\xb5\x92\xf7\xb2\xc2\xddm\xfbR\xfb\x92x\xd8\xb2\x8a&\xda\\\xa1}&^\x03\x02\xf28\xfd|\xed~\a\xaf\x14\xb5.\x92\"-6.\xb2$\x88\xeb\xdc\x0f\xba$?c\x8b\xcb\xf4q\r\xf5>}4\x99(\xb8D\x15\xb8\xc9U\x14\xd6r\xc9\x81\xbbI\xc9+^\x00\xf6\xb5\xd9\x1e\x89G?/\xc5\x86\xd0\xab\xb3\xfd\xc9?\xa7B\x1b\xdc\xff\xab\xb6~\x96\xd6\x9f\x1d\xfb\xa1dg\x9d\x8d]\xdek\x9c0\xea\xb3\nV\x1d\x10g\xaa\xf9\xf0\xc9\n\x8c\xf25G\x9c\x19\xe5\xd8\xa3\xee\x11\x12f\xd5o\x00\xeaY\n\xe0\x9f\r\xd4\x8e9G\x01\x04\xb2j\xbfYX\x9a)OQ\xedk\xb9\x85\x03c\xf3\x80\x10eG(\x94m81PL\x8d\xa47\x1a\x16\x11\xcd\xcdf\x15\r\x19\xc3\x90\xbe\x12\x85V\xeb\x8d\x97\xf0\x9c!\x86:\xe8\x8b\xa7@l', 0x3) 2.431422617s ago: executing program 1 (id=2083): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000180), 0x200, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x10, 0x2, 0x6) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x20004, 0x20d3e, 0x1, 0x6, 0x100000003, 0x800295f4da0d, 0x5, 0x3, 0x62, 0x80000001, 0x50a7, 0xc2, 0x6, 0xfffffffffffffff8, 0x3]}, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) lsetxattr$auto(0x0, 0x0, 0x0, 0xfffffffffffffffa, 0x3ff) 2.234524815s ago: executing program 3 (id=2084): quotactl_fd$auto(0x0, 0x80000201, 0x0, 0xfffffffffffffffd) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0xf) syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000080), 0xffffffffffffffff) msgctl$auto_IPC_RMID(0x7c9d, 0x0, &(0x7f0000000140)={{0x5, 0x0, 0xee01, 0xf, 0x401, 0x8000, 0x1000}, &(0x7f00000000c0)=0x16, &(0x7f0000000100)=0x29, 0x9, 0x0, 0x10, 0x4, 0x2, 0x4, 0xd4, 0x0, @inferred, @raw=0xc013}) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x101000, 0x0) setsockopt$auto(0x3, 0x0, 0x18, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000640)=@in={0x2, 0x0, @empty}, 0x69) 2.225598491s ago: executing program 2 (id=2085): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20001, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)="8c66381957a4f7888c094143a0c718e5e4d04a0030448293116b01bb6fe18e8345aef2917b9c680544a343ba8e006cd4f6434ab1a5e700778e9fc7ba9af47487ca1f9d52939c66c96da4ce5a4f25feef3efd5b8c7733") close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/pcm0p/info\x00', 0x1b04, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f00000000c0)=""/10, 0xa) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x1b) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0) ioctl$auto(0x3, 0x4008af03, 0x0) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) setsockopt$auto_SO_LINGER(r2, 0x2, 0xd, &(0x7f0000000080)='/proc/\xcaxlf/maps\x00\xf8\xd1\xc6\x9e*w)\xd4_\x9b\xf2\x0fj1\xc9\\\xa7\xd6\x8b\x97\xe0)\x11\x05n$I\x8a5\xef\x80\x0e\xcc|\x8eVp\xd1\xc4\xb2\x19\xea`\x9bD.\xc2)\xcc\\\xef\x98\xce\xd8\x99r\x86\xe0\xe0\xba\xad\xe2\x9a\xba\xdb\x9a\xe0\x0e\x16\x01\xcd\xb8JM\xdd\xd4@\xa7K\x864\xab\xaa-\x83\xb5\x00\xc7\r!\xd2<\x0eB\x84\x84:\xdc,\xb5\xd6\x98\x84|\x18\xaa>}\x83\x03\x94=\xda\x00\x00\x00\x00\x00\x00\x00', 0x3) ioctl$auto_PROCMAP_QUERY(r2, 0xc0686611, 0x0) 1.974873502s ago: executing program 2 (id=2086): r0 = ioctl$auto_userfaultfd_dev_fops_userfaultfd(0xffffffffffffffff, 0x9, &(0x7f0000000180)="668b4954e768f6c9be318087b8284973784dc2c869556b70ea5d327da07d029f66cf2bd55089cf71ecaec9d5c5b31377bd0c7443486d83e43dac40d617fc7994d80e8a4c09d522628fa7878f11e615") mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, r0, 0x8000) r1 = socket(0xa, 0x2, 0x73) unshare$auto(0x40000080) mmap$auto(0x200000000000a, 0x1002000d, 0x1ff, 0xffffffffffffffff, r1, 0xfffffffffffff645) mmap$auto(0x3, 0x9, 0x7, 0xeb1, 0x404, 0x10008000) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01022dbd3000fffffc0000000000"], 0x14}}, 0x400c0) r2 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000840)="5142651f911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb12dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666", 0x6ea) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x100000000000008, 0x20000007c9, 0xda46, 0xfffefffffffffffc, r3, 0x300000000002) write$auto(0x3, 0x0, 0x7fffffff) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1000000000000001, 0x0, 0x1, 0x0) unshare$auto(0x1) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x80000000001002, 0x12000000000000, 0x4000000000df, 0xeb4, 0x6, 0x8000008003) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r5 = socket(0x31, 0x6, 0x7fff) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r6, 0x0, 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040)="32e3eec48051c4cc1bd9d90076d5507aee20a1ffccd1c9977b45b2ce215a1ae8", 0xfff}, 0x3) socket(0x8, 0x2, 0x1) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000240), r5) 1.845827523s ago: executing program 0 (id=2087): mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000) mmap$auto(0x6, 0x20009, 0xe2, 0x10, 0xf6f6, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) msgctl$auto_IPC_STAT(0x0, 0x2, 0x0) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec14\x00', 0x0, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23) read$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffffff, &(0x7f0000000180)=""/18, 0x12) close_range$auto(r0, 0x8, 0xffffffff) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) r3 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(r3, 0x0, 0x20000000001, 0x7fff) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0) writev$auto(r4, 0x0, 0x3) r5 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@can={0x1d, r6, 0xfd}, 0x6a) sendmsg$auto_MACSEC_CMD_UPD_RXSA(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="20002cbd7000fcdbdf2509d1461f9181191b3a3699feddd0000000"], 0x14}, 0x1, 0x0, 0x0, 0x14}, 0x8840) r7 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="ab2c6130a5f689f9ac516bcb4dbada481e26e2dfcac9593ae0a29f77a427394ed4a9f1d44fe552febd57c3907e350b93357b6084493264eb1c27fb387e29369f33bd01b57bc127061c3bd0f86beaf555abb53046d088427e7bdebaabd863c2ff7c905f560b418c5f055591598233e2ea6524623096f01a068386a01cefa10bbe6a59c81d29a20f1ac6fe3b8e3568c6999d04e4c84b22e62de42bae4a91bea5f38bf8b838ba23be1d5dfe3c87d92353fb5ff367bfab1dd7d475f0137be7456041eb656f8165db589cbf6538cf412ee0e2ba2e1cb8a93fc782d60edcb791694301efd413c10fb6587777c31dd90d9f920cb780118fb4de0bcae4e1720754646954f1", @ANYRES16=r7, @ANYBLOB="080028bd7000fddbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x20004004}, 0xc010) sendmsg$auto_NFC_CMD_FW_DOWNLOAD(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000001380)={0x14, r7, 0x800, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4840}, 0x4048801) process_madvise$auto_MADV_RANDOM(r2, 0x0, 0xfffffffffffffffb, 0x1, 0xfffffffe) ioctl$auto(0x3, 0x4020afa4, r1) 1.292181089s ago: executing program 3 (id=2088): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) pivot_root$auto(0x0, 0x0) io_uring_setup$auto(0x4, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x541b, 0x38) 1.230600894s ago: executing program 1 (id=2089): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x8, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0x6, 0x3, 0x29f, 0xfe, 0x7ffffffb, 0x101, 0x800, 0x3}, {0x2000008, 0x1, 0x52, 0x5, 0x2, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001140)='/proc/sys/net/ipv4/conf/macvlan0/proxy_arp\x00', 0x8a042, 0x0) sendfile$auto(r0, r0, 0x0, 0x10000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd07, &(0x7f00000001c0)) io_uring_enter$auto(r1, 0xe, 0x2a, 0x7, &(0x7f0000000000)="83331d635d4fc0750463faef3a3760b6e39902e55e9124383b68e0d48b28757b5aa47c5d", 0x3) r2 = openat$auto_fops_ulong_ro_(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/ieee80211/phy14/netdev:wlan1/stations/08:02:11:00:00:00/rx_duplicates\x00', 0xa0800, 0x0) r3 = bpf$auto_BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000480)=@test={r2, 0x4, 0x92ed, 0x2, 0x5, 0x4, 0x7c67, 0x0, 0x9, 0x0, 0x9, 0x0, 0x8, 0x82, 0x4}, 0x9) ioctl$auto_FIOCLEX(r3, 0x5451, 0x101) openat$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x404041, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x1ffffffffffd, 0xb4, 0x9, 0x8, 0x10007, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40]}, 0x1fe, 0xd) r4 = socket(0x2a, 0x2, 0x1) connect$auto(r4, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) ioctl$auto(0xffffffffffffffff, 0x8, 0x1) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_KSMBD_EVENT_SHUTTING_DOWN(r4, 0x0, 0x20004880) ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000000280)={r4, &(0x7f0000000100)="ad8426d8572f", 0xc, 0x0, 0x8000, 0x0, 0x0}) io_uring_setup$auto(0x1, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) 655.23548ms ago: executing program 3 (id=2090): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) pivot_root$auto(0x0, 0x0) io_uring_setup$auto(0x4, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x541b, 0x38) 547.490871ms ago: executing program 0 (id=2091): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) ioctl$auto(r0, 0x6, r0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) sched_setattr$auto(0x0, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) fanotify_mark$auto(0xffffffffffffffff, 0x9, 0x9, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r3, 0x560a, 0x7) getsockopt$auto(r2, 0x84, 0x1, 0x0, &(0x7f0000000000)=0x9d) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nbd12\x00', 0x44003, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000180)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x1, 0x6, 0x3}}, 0xfffffffc) ioctl$auto_BLKPG(0xffffffffffffffff, 0x1269, 0x300) getdents$auto(0xffffffffffffffff, 0x0, 0x400018) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) msgrcv$auto(0x2, 0x0, 0x7, 0x5, 0xc0d1) 80.201847ms ago: executing program 3 (id=2092): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r0) statx$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2, 0x4, &(0x7f0000000180)={0x6, 0x0, 0xd57, 0xff, 0xee01, 0xffffffffffffffff, 0x5, 0x2, 0x444c59c2, 0x80, 0x6000000000, 0x9, {0xffffffffffffff38, 0xc78}, {0x0, 0x9}, {0x0, 0xfffffffd}, {0x7fffffff, 0x4}, 0xfffffff9, 0xfffffff9, 0x8f, 0x7c2b, 0x1000000000000004, 0x0, 0x0, 0x74a, 0x9, 0x9, 0x0, 0x40, [0x0, 0x10, 0xfffffffeffffffff, 0x3, 0x8, 0x9, 0x6, 0x1, 0x9]}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535", @raw=0x1}, 0x1, @integer=@value=[0x6d, 0x7, 0xb7, 0xbb, 0x4, 0x80000000, 0x1, 0x10001, 0x1, 0x400000000009, 0xc4, 0x9, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x4, 0x401, 0x6, 0x0, 0xa0, 0x5, 0x2, 0x30, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb75, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x7, 0xd, 0x1, 0x71, 0x0, 0x8, 0x2, 0x3, 0x3, 0x2d7, 0x1, 0x1, 0x6, 0x100000, 0x800000001, 0x6, 0x7, 0x2, 0x6, 0x4, 0x3, 0x40a, 0xd, 0x3fd, 0x8, 0x5, 0xffff, 0x50ce0883, 0xbd6, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x7, 0x46e, 0xa5cf, 0x8, 0x7, 0x8000000000000000, 0x7, 0x9, 0x6, 0x8000002, 0x6, 0x1, 0x3, 0x3, 0xfffffffffffff16a, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x8, 0x4, 0x2, 0x2000000003, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x14b, 0x2, 0x45f3, 0x0, 0x0, 0x4, 0x0, 0x8001, 0x0, 0x1, 0x7, 0xcf4, 0x1, 0x3, 0x0, 0x4, 0x7, 0x6, 0x25e2, 0x2, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x7, 0x9, 0xfffffffffffffff8, 0x40], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0xb}}) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5a}, 0x80000800}, 0x7, 0x4008) sendmsg$auto_SMC_NETLINK_ADD_UEID(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000900)={&(0x7f0000000680)=ANY=[@ANYBLOB="34020000", @ANYRES16=0x0, @ANYBLOB="000429bd7000fcdbdf250a0000008b0000005be2fdb89a4555bc0ab8fe1b8e4b4655d23babd081a509722b09545c7ad5b15ca3467eb11f74ec1e377cded66879fbe15c54ec9992338ae2d0a419c32c522f30bc4e4370bfae178ac65e63fbd8e692413b826bc301c4542c7efb16e35c150064a9e4e8259c24b140a3a8591f066a48f8c356516fe9edbf6a68cb19153f283eb8d53190f1ccefa000880000003ba25d07da672c3db6dd6dc67b9dd4a3c92a962f87b97f400b4c824450e38852c453e6975cea992a5b1a2fb3227a00c406494e75e8649b8f837b83137118a6e2f97eaf7cd4e3755e13530057b7a79b2ae4aba37bdd15b1376f983a5ac5348b8bf7157c1e8a9213dab3daf1375e34e0e2b945d59fdcfd7ba143d5b25c4266a8800671545ad00000009bfd36b23676e1676a1a0880ba1bbf8888c5fd90879a8e323b23d8b34d95a2b0ebdf481ca2325ebd345e239de065fff85e60d7b879a6bf635a03eaac2f88a4e4802265a6d7e376756740aa8520f5452af53cf7ad2ec33c0f9d8810f4a6a484a5b52f52ca2af73346ba26b789e5cb65bd17513d5d232b47839ecc214b304ce6c884f01617e11f92749e8c0c685107b0315772af3773d4ebcf7bf7a6e4aa0ce18533991cb44675cd5a0879ae1cd42619bc787182703edd015004f391846b93cacb900085d7d2e32a59c9ba00f20800010026275d29340000006b647518189034624ef645950c5c4080c4ab9c204ad1cc33d0bc224de2377c3dff6e6b835062851211dca584465acbc6"], 0x234}, 0x1, 0x0, 0x0, 0x5}, 0x8000) open(0x0, 0x22040, 0x75) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x11, 0x0) sysfs$auto(0x1, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) pivot_root$auto(0x0, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) unshare$auto(0x40000080) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) mq_open$auto(&(0x7f0000000240)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5, 0x3, 0x0) 0s ago: executing program 1 (id=2093): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) getsockopt$auto_SO_NO_CHECK(r0, 0x7, 0xb, 0x0, 0x0) getcwd$auto(0x0, 0x3) bpf$auto(0x0, &(0x7f0000000580)=@task_fd_query={0x7, 0x4, 0x200, 0x37e, 0x0, 0xf, 0xffffffffffffffff, 0x2, 0x5}, 0x6f4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3) mbind$auto(0x1000, 0xb, 0x3, &(0x7f0000000180)=0xffff, 0x3, 0x3) r2 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_kernel_debug_fops_orangefs_debugfs(r2, &(0x7f0000000640)=""/4096, 0x1000) read$auto_l2cap_debugfs_fops_(r2, 0x0, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r2, 0x4018bc0e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2a}) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) kernel console output (not intermixed with test programs): RSP: 002b:00007f3f68e93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 522.061289][T12390] RAX: ffffffffffffffda RBX: 00007f3f681e5fa0 RCX: 00007f3f67f8f7c9 [ 522.061298][T12390] RDX: 00000000000000df RSI: 000000000000088b RDI: 0000000000000000 [ 522.061306][T12390] RBP: 00007f3f68013f91 R08: ffffffffffffffff R09: 0000000000008000 [ 522.061314][T12390] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 522.061322][T12390] R13: 00007f3f681e6038 R14: 00007f3f681e5fa0 R15: 00007ffd4f3a9d68 [ 522.061341][T12390] [ 522.402361][T12392] futex_wake_op: syz.0.1552 tries to shift op by -2048; fix this program [ 523.098822][T12393] kexec: Could not allocate control_code_buffer [ 525.213742][T12431] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 525.251371][T12431] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 525.287978][T12431] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 525.309319][T12431] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 526.034097][T12445] Invalid ELF header magic: != ELF [ 526.459181][T11404] Bluetooth: hci0: command 0x0419 tx timeout [ 527.249690][T11404] Bluetooth: hci1: command 0x0419 tx timeout [ 527.328371][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 527.334467][T11404] Bluetooth: hci3: command 0x0419 tx timeout [ 528.056219][T12469] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 528.082734][T12469] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 528.094246][T12469] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 528.120800][T12469] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 529.043997][T12474] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 529.070051][T12474] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 529.089346][T12474] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 529.107564][T12474] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 529.636735][T12486] FAULT_INJECTION: forcing a failure. [ 529.636735][T12486] name failslab, interval 1, probability 0, space 0, times 0 [ 529.715774][T12486] CPU: 0 UID: 0 PID: 12486 Comm: syz.0.1582 Tainted: G L syzkaller #0 PREEMPT(full) [ 529.715805][T12486] Tainted: [L]=SOFTLOCKUP [ 529.715810][T12486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 529.715819][T12486] Call Trace: [ 529.715825][T12486] [ 529.715832][T12486] dump_stack_lvl+0x16c/0x1f0 [ 529.715853][T12486] should_fail_ex+0x512/0x640 [ 529.715870][T12486] ? __kmalloc_cache_noprof+0x5f/0x800 [ 529.715893][T12486] should_failslab+0xc2/0x120 [ 529.715910][T12486] __kmalloc_cache_noprof+0x72/0x800 [ 529.715930][T12486] ? snd_pcm_oss_change_params_locked+0x247/0x3a40 [ 529.715948][T12486] ? snd_pcm_oss_change_params_locked+0x247/0x3a40 [ 529.715962][T12486] snd_pcm_oss_change_params_locked+0x247/0x3a40 [ 529.715977][T12486] ? trace_contention_end+0xa5/0x110 [ 529.715995][T12486] ? __mutex_lock+0x27b/0x1b10 [ 529.716013][T12486] ? snd_pcm_oss_make_ready+0xc4/0x1b0 [ 529.716028][T12486] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 529.716043][T12486] ? __pfx___mutex_lock+0x10/0x10 [ 529.716064][T12486] ? __fsnotify_parent+0x24b/0xc40 [ 529.716086][T12486] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 529.716101][T12486] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 529.716114][T12486] snd_pcm_oss_sync+0x1de/0x840 [ 529.716127][T12486] ? kmem_cache_free+0x171/0x770 [ 529.716149][T12486] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 529.716162][T12486] snd_pcm_oss_release+0x28b/0x310 [ 529.716177][T12486] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 529.716190][T12486] __fput+0x402/0xb70 [ 529.716212][T12486] task_work_run+0x150/0x240 [ 529.716231][T12486] ? __pfx_task_work_run+0x10/0x10 [ 529.716247][T12486] ? __do_sys_close_range+0x278/0x730 [ 529.716269][T12486] exit_to_user_mode_loop+0xfb/0x540 [ 529.716291][T12486] do_syscall_64+0x4ee/0xf80 [ 529.716308][T12486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.716322][T12486] RIP: 0033:0x7f2f2f78f7c9 [ 529.716334][T12486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 529.716349][T12486] RSP: 002b:00007f2f30640038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 529.716363][T12486] RAX: 0000000000000000 RBX: 00007f2f2f9e5fa0 RCX: 00007f2f2f78f7c9 [ 529.716372][T12486] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 529.716380][T12486] RBP: 00007f2f2f813f91 R08: 0000000000000000 R09: 0000000000000000 [ 529.716389][T12486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 529.716397][T12486] R13: 00007f2f2f9e6038 R14: 00007f2f2f9e5fa0 R15: 00007fff1252bec8 [ 529.716416][T12486] [ 530.425298][T12484] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 530.432607][T12484] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 530.446018][T12501] Invalid ELF header magic: != ELF [ 530.461055][T12484] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 530.494733][T12484] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 531.489951][T12506] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 531.496959][T12506] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 531.503605][T12506] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 531.510146][T12506] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 531.642781][T12522] futex_wake_op: syz.1.1592 tries to shift op by -2048; fix this program [ 531.803063][T12528] FAULT_INJECTION: forcing a failure. [ 531.803063][T12528] name failslab, interval 1, probability 0, space 0, times 0 [ 531.862612][T12528] CPU: 0 UID: 0 PID: 12528 Comm: syz.1.1586 Tainted: G L syzkaller #0 PREEMPT(full) [ 531.862638][T12528] Tainted: [L]=SOFTLOCKUP [ 531.862643][T12528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 531.862651][T12528] Call Trace: [ 531.862656][T12528] [ 531.862662][T12528] dump_stack_lvl+0x16c/0x1f0 [ 531.862682][T12528] should_fail_ex+0x512/0x640 [ 531.862701][T12528] should_failslab+0xc2/0x120 [ 531.862718][T12528] kmem_cache_alloc_noprof+0x75/0x760 [ 531.862738][T12528] ? skb_clone+0x190/0x3f0 [ 531.862760][T12528] ? skb_clone+0x190/0x3f0 [ 531.862775][T12528] skb_clone+0x190/0x3f0 [ 531.862793][T12528] netlink_deliver_tap+0xabd/0xd30 [ 531.862817][T12528] netlink_unicast+0x71f/0x870 [ 531.862840][T12528] ? __pfx_netlink_unicast+0x10/0x10 [ 531.862860][T12528] ? idr_get_next+0xec/0x150 [ 531.862880][T12528] ctrl_getfamily+0x40a/0x540 [ 531.862895][T12528] ? __pfx_ctrl_getfamily+0x10/0x10 [ 531.862910][T12528] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 531.862925][T12528] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 531.862944][T12528] genl_family_rcv_msg_doit+0x209/0x2f0 [ 531.862960][T12528] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 531.862974][T12528] ? genl_get_cmd+0x194/0x580 [ 531.862993][T12528] ? __radix_tree_lookup+0x21f/0x2c0 [ 531.863017][T12528] genl_rcv_msg+0x55c/0x800 [ 531.863033][T12528] ? __pfx_genl_rcv_msg+0x10/0x10 [ 531.863047][T12528] ? __pfx_ctrl_getfamily+0x10/0x10 [ 531.863069][T12528] netlink_rcv_skb+0x158/0x420 [ 531.863089][T12528] ? __pfx_genl_rcv_msg+0x10/0x10 [ 531.863104][T12528] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 531.863132][T12528] ? netlink_deliver_tap+0x1ae/0xd30 [ 531.863154][T12528] genl_rcv+0x28/0x40 [ 531.863166][T12528] netlink_unicast+0x5aa/0x870 [ 531.863189][T12528] ? __pfx_netlink_unicast+0x10/0x10 [ 531.863209][T12528] ? __pfx___might_resched+0x10/0x10 [ 531.863229][T12528] netlink_sendmsg+0x8c8/0xdd0 [ 531.863252][T12528] ? __pfx_netlink_sendmsg+0x10/0x10 [ 531.863275][T12528] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 531.863301][T12528] __sys_sendto+0x4a3/0x520 [ 531.863317][T12528] ? __pfx___sys_sendto+0x10/0x10 [ 531.863349][T12528] ? ksys_write+0x1ac/0x250 [ 531.863363][T12528] ? __pfx_ksys_write+0x10/0x10 [ 531.863380][T12528] __x64_sys_sendto+0xe0/0x1c0 [ 531.863394][T12528] ? do_syscall_64+0x91/0xf80 [ 531.863408][T12528] ? lockdep_hardirqs_on+0x7c/0x110 [ 531.863422][T12528] do_syscall_64+0xcd/0xf80 [ 531.863443][T12528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 531.863457][T12528] RIP: 0033:0x7f92c4d9165c [ 531.863469][T12528] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 531.863486][T12528] RSP: 002b:00007f92c5cb7ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 531.863500][T12528] RAX: ffffffffffffffda RBX: 00007f92c5cb7fc0 RCX: 00007f92c4d9165c [ 531.863508][T12528] RDX: 0000000000000020 RSI: 00007f92c5cb8010 RDI: 0000000000000003 [ 531.863516][T12528] RBP: 0000000000000000 R08: 00007f92c5cb7f14 R09: 000000000000000c [ 531.863524][T12528] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 531.863532][T12528] R13: 00007f92c5cb7f68 R14: 00007f92c5cb8010 R15: 0000000000000000 [ 531.863551][T12528] [ 532.850724][T11404] Bluetooth: hci0: command 0x0419 tx timeout [ 533.090167][T12541] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 533.538008][ T5833] Bluetooth: hci1: command 0x0419 tx timeout [ 533.544129][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 533.550404][T11404] Bluetooth: hci3: command 0x0419 tx timeout [ 533.596323][T12550] Invalid ELF header magic: != ELF [ 534.969936][T12560] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 535.000839][T12560] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 535.033406][T12560] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 535.067023][T12560] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 535.087381][T12568] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1591'. [ 535.515968][T12575] futex_wake_op: syz.1.1595 tries to shift op by -2048; fix this program [ 535.731416][T12579] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1596'. [ 536.247907][T12583] FAULT_INJECTION: forcing a failure. [ 536.247907][T12583] name failslab, interval 1, probability 0, space 0, times 0 [ 536.292399][T12573] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 536.311862][T12573] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 536.318727][T12583] CPU: 0 UID: 0 PID: 12583 Comm: syz.0.1597 Tainted: G L syzkaller #0 PREEMPT(full) [ 536.318756][T12583] Tainted: [L]=SOFTLOCKUP [ 536.318761][T12583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 536.318771][T12583] Call Trace: [ 536.318776][T12583] [ 536.318794][T12583] dump_stack_lvl+0x16c/0x1f0 [ 536.318815][T12583] should_fail_ex+0x512/0x640 [ 536.318833][T12583] ? __kvmalloc_node_noprof+0x129/0xa50 [ 536.318850][T12583] should_failslab+0xc2/0x120 [ 536.318868][T12583] __kvmalloc_node_noprof+0x13c/0xa50 [ 536.318882][T12583] ? bucket_table_alloc.isra.0+0x88/0x460 [ 536.318910][T12583] ? bucket_table_alloc.isra.0+0x88/0x460 [ 536.318930][T12583] bucket_table_alloc.isra.0+0x88/0x460 [ 536.318953][T12583] rhashtable_init_noprof+0x41a/0x7e0 [ 536.318968][T12583] ipc_init_ids+0x92/0x280 [ 536.318986][T12583] copy_ipcs+0x582/0x790 [ 536.319002][T12583] create_new_namespaces+0x20a/0xab0 [ 536.319022][T12583] ? security_capable+0x7e/0x260 [ 536.319046][T12583] copy_namespaces+0x468/0x570 [ 536.319067][T12583] copy_process+0x27c6/0x74e0 [ 536.319080][T12583] ? __pfx___schedule+0x10/0x10 [ 536.319100][T12583] ? __pfx_copy_process+0x10/0x10 [ 536.319118][T12583] ? _copy_from_user+0x59/0xd0 [ 536.319134][T12583] kernel_clone+0xfc/0x910 [ 536.319149][T12583] ? __pfx_kernel_clone+0x10/0x10 [ 536.319160][T12583] ? futex_private_hash_put+0x160/0x1b0 [ 536.319183][T12583] ? __pfx_futex_wake+0x10/0x10 [ 536.319206][T12583] __do_sys_clone3+0x212/0x290 [ 536.319219][T12583] ? __pfx___do_sys_clone3+0x10/0x10 [ 536.319240][T12583] ? find_held_lock+0x2b/0x80 [ 536.319282][T12583] do_syscall_64+0xcd/0xf80 [ 536.319299][T12583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 536.319314][T12583] RIP: 0033:0x7f2f2f78f7c9 [ 536.319327][T12583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 536.319341][T12583] RSP: 002b:00007f2f3061ef08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 536.319354][T12583] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f2f2f78f7c9 [ 536.319364][T12583] RDX: 00007f2f3061ef20 RSI: 0000000000000058 RDI: 00007f2f3061ef20 [ 536.319372][T12583] RBP: 00007f2f2f813f91 R08: 0000000000000000 R09: 0000000000000058 [ 536.319381][T12583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 536.319388][T12583] R13: 00007f2f2f9e6128 R14: 00007f2f2f9e6090 R15: 00007fff1252bec8 [ 536.319407][T12583] [ 536.599184][T12573] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 536.605330][T12573] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 536.710451][T12590] Invalid ELF header magic: != ELF [ 537.594927][T11404] Bluetooth: hci0: command 0x0419 tx timeout [ 538.311264][ T5842] Bluetooth: hci1: command 0x0419 tx timeout [ 538.317528][T11404] Bluetooth: hci2: command 0x0419 tx timeout [ 538.335638][T12619] futex_wake_op: syz.2.1605 tries to shift op by -2048; fix this program [ 538.869580][T11404] Bluetooth: hci3: command 0x0419 tx timeout [ 538.891420][T12611] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 538.930688][T12611] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 538.963568][T12611] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 538.988122][T12611] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 539.151976][T12631] Invalid ELF header magic: != ELF [ 540.165142][T12636] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 540.182041][T12636] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 540.198348][T12636] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 540.214523][T12636] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 541.170652][T12658] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 541.179091][T12658] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 541.185245][T12658] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 541.192331][T12658] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 541.335035][T12672] futex_wake_op: syz.0.1617 tries to shift op by -2048; fix this program [ 541.358609][T12673] Invalid ELF header magic: != ELF [ 541.365796][T12672] futex_wake_op: syz.0.1617 tries to shift op by -2048; fix this program [ 542.451296][T11404] Bluetooth: hci0: command 0x0419 tx timeout [ 542.825890][T12698] Invalid ELF header magic: != ELF [ 543.246432][ T5833] Bluetooth: hci1: command 0x0419 tx timeout [ 543.252570][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 543.258853][T11404] Bluetooth: hci3: command 0x0419 tx timeout [ 544.335170][T12721] futex_wake_op: syz.1.1631 tries to shift op by -2048; fix this program [ 544.784697][T12724] futex_wake_op: syz.1.1641 tries to shift op by -2048; fix this program [ 545.076974][T12718] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 545.083610][T12718] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 545.125895][T12718] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 545.131920][T12718] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 546.428936][T11404] Bluetooth: hci0: command 0x0419 tx timeout [ 546.744865][T12741] Process accounting paused [ 547.136348][T12760] Invalid ELF header magic: != ELF [ 547.145398][ T5842] Bluetooth: hci1: command 0x0419 tx timeout [ 547.151439][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 547.159253][T11404] Bluetooth: hci2: command 0x0419 tx timeout [ 547.185300][T12758] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 547.216346][T12758] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 547.252022][T12758] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 547.284730][T12758] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 547.784728][T12769] FAULT_INJECTION: forcing a failure. [ 547.784728][T12769] name failslab, interval 1, probability 0, space 0, times 0 [ 547.842707][T12769] CPU: 0 UID: 0 PID: 12769 Comm: syz.2.1643 Tainted: G L syzkaller #0 PREEMPT(full) [ 547.842732][T12769] Tainted: [L]=SOFTLOCKUP [ 547.842737][T12769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 547.842745][T12769] Call Trace: [ 547.842750][T12769] [ 547.842757][T12769] dump_stack_lvl+0x16c/0x1f0 [ 547.842776][T12769] should_fail_ex+0x512/0x640 [ 547.842792][T12769] ? __kmalloc_noprof+0xca/0x8f0 [ 547.842813][T12769] should_failslab+0xc2/0x120 [ 547.842829][T12769] __kmalloc_noprof+0xdd/0x8f0 [ 547.842847][T12769] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 547.842867][T12769] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 547.842882][T12769] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 547.842902][T12769] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 547.842918][T12769] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 547.842932][T12769] ? genl_get_cmd+0x194/0x580 [ 547.842949][T12769] ? bpf_lsm_capable+0x9/0x10 [ 547.842961][T12769] ? security_capable+0x7e/0x260 [ 547.842983][T12769] ? ns_capable+0xd7/0x110 [ 547.843004][T12769] genl_rcv_msg+0x55c/0x800 [ 547.843021][T12769] ? __pfx_genl_rcv_msg+0x10/0x10 [ 547.843035][T12769] ? __pfx_ethnl_act_cable_test+0x10/0x10 [ 547.843062][T12769] netlink_rcv_skb+0x158/0x420 [ 547.843082][T12769] ? __pfx_genl_rcv_msg+0x10/0x10 [ 547.843101][T12769] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 547.843128][T12769] ? netlink_deliver_tap+0x1ae/0xd30 [ 547.843151][T12769] genl_rcv+0x28/0x40 [ 547.843167][T12769] netlink_unicast+0x5aa/0x870 [ 547.843190][T12769] ? __pfx_netlink_unicast+0x10/0x10 [ 547.843217][T12769] netlink_sendmsg+0x8c8/0xdd0 [ 547.843240][T12769] ? __pfx_netlink_sendmsg+0x10/0x10 [ 547.843263][T12769] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 547.843288][T12769] ____sys_sendmsg+0xa5d/0xc30 [ 547.843310][T12769] ? copy_msghdr_from_user+0x10a/0x160 [ 547.843327][T12769] ? __pfx_____sys_sendmsg+0x10/0x10 [ 547.843346][T12769] ? __lock_acquire+0x433/0x22f0 [ 547.843370][T12769] ___sys_sendmsg+0x134/0x1d0 [ 547.843388][T12769] ? __pfx____sys_sendmsg+0x10/0x10 [ 547.843405][T12769] ? __lock_acquire+0x433/0x22f0 [ 547.843442][T12769] __sys_sendmsg+0x16d/0x220 [ 547.843459][T12769] ? __pfx___sys_sendmsg+0x10/0x10 [ 547.843488][T12769] do_syscall_64+0xcd/0xf80 [ 547.843505][T12769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.843520][T12769] RIP: 0033:0x7f4213d8f7c9 [ 547.843531][T12769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.843545][T12769] RSP: 002b:00007f4214b66038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 547.843558][T12769] RAX: ffffffffffffffda RBX: 00007f4213fe5fa0 RCX: 00007f4213d8f7c9 [ 547.843568][T12769] RDX: 0000000000040000 RSI: 0000200000000ac0 RDI: 0000000000000003 [ 547.843576][T12769] RBP: 00007f4214b66090 R08: 0000000000000000 R09: 0000000000000000 [ 547.843584][T12769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 547.843592][T12769] R13: 00007f4213fe6038 R14: 00007f4213fe5fa0 R15: 00007ffcd449dff8 [ 547.843611][T12769] [ 549.241104][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 549.247232][T11404] Bluetooth: hci1: command 0x0419 tx timeout [ 549.305851][T11404] Bluetooth: hci2: command 0x0419 tx timeout [ 549.311904][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 550.707583][T12785] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 550.796994][T12785] syz.1.1648 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 551.328205][T12801] binder: 12800:12801 ioctl 40046210 0 returned -14 [ 552.429852][T12815] cougar: G6 mapped to F18 [ 552.973293][T12822] Invalid ELF header magic: != ELF [ 553.273656][T12814] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 553.314266][T12814] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 553.341592][T12814] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 553.359447][T12814] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 553.697299][T12833] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 553.714262][T12833] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 553.743398][T12833] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 553.775027][T12833] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 554.623522][T12843] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 554.751048][T12845] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 555.740828][T11404] Bluetooth: hci2: command 0x0419 tx timeout [ 555.746886][ T5840] Bluetooth: hci0: command 0x0419 tx timeout [ 555.752966][ T5842] Bluetooth: hci1: command 0x0419 tx timeout [ 555.759015][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 556.288759][T12865] block2mtd: Using custom MTD label '' for dev [ 556.348961][T12866] FAULT_INJECTION: forcing a failure. [ 556.348961][T12866] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 556.409676][T12865] block2mtd: error: cannot open device [ 556.570847][T12866] CPU: 0 UID: 0 PID: 12866 Comm: syz.0.1665 Tainted: G L syzkaller #0 PREEMPT(full) [ 556.570873][T12866] Tainted: [L]=SOFTLOCKUP [ 556.570878][T12866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 556.570886][T12866] Call Trace: [ 556.570891][T12866] [ 556.570897][T12866] dump_stack_lvl+0x16c/0x1f0 [ 556.570916][T12866] should_fail_ex+0x512/0x640 [ 556.570935][T12866] _copy_to_iter+0x463/0x1710 [ 556.570955][T12866] ? __pfx__copy_to_iter+0x10/0x10 [ 556.570969][T12866] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 556.570988][T12866] ? rhashtable_walk_stop+0x1cd/0x320 [ 556.571008][T12866] ? find_held_lock+0x2b/0x80 [ 556.571029][T12866] ? seq_read_iter+0xc8a/0x12d0 [ 556.571047][T12866] seq_read_iter+0xd02/0x12d0 [ 556.571068][T12866] seq_read+0x3a3/0x570 [ 556.571082][T12866] ? __pfx_seq_read+0x10/0x10 [ 556.571099][T12866] ? lock_acquire+0x179/0x330 [ 556.571121][T12866] ? __pfx_seq_read+0x10/0x10 [ 556.571134][T12866] proc_reg_read+0x240/0x330 [ 556.571156][T12866] ? __pfx_proc_reg_read+0x10/0x10 [ 556.571180][T12866] vfs_read+0x1e4/0xcf0 [ 556.571195][T12866] ? __pfx___mutex_lock+0x10/0x10 [ 556.571212][T12866] ? __pfx_vfs_read+0x10/0x10 [ 556.571231][T12866] ? __fget_files+0x20e/0x3c0 [ 556.571251][T12866] ksys_read+0x12a/0x250 [ 556.571264][T12866] ? __pfx_ksys_read+0x10/0x10 [ 556.571284][T12866] do_syscall_64+0xcd/0xf80 [ 556.571300][T12866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 556.571314][T12866] RIP: 0033:0x7f2f2f78f7c9 [ 556.571326][T12866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 556.571339][T12866] RSP: 002b:00007f2f305fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 556.571353][T12866] RAX: ffffffffffffffda RBX: 00007f2f2f9e6180 RCX: 00007f2f2f78f7c9 [ 556.571363][T12866] RDX: 0000000000000009 RSI: 0000200000000040 RDI: 0000000000000004 [ 556.571371][T12866] RBP: 00007f2f305fe090 R08: 0000000000000000 R09: 0000000000000000 [ 556.571379][T12866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 556.571387][T12866] R13: 00007f2f2f9e6218 R14: 00007f2f2f9e6180 R15: 00007fff1252bec8 [ 556.571406][T12866] [ 559.588474][T12893] binder: 12891:12893 ioctl 40046210 0 returned -14 [ 561.088637][T12910] zswap: compressor not available [ 561.924214][T12932] Invalid ELF header magic: != ELF [ 563.005074][T12952] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 563.188114][T12959] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 565.778586][T12981] FAULT_INJECTION: forcing a failure. [ 565.778586][T12981] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 565.842934][T12981] CPU: 0 UID: 0 PID: 12981 Comm: syz.2.1692 Tainted: G L syzkaller #0 PREEMPT(full) [ 565.842960][T12981] Tainted: [L]=SOFTLOCKUP [ 565.842965][T12981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 565.842974][T12981] Call Trace: [ 565.842979][T12981] [ 565.842985][T12981] dump_stack_lvl+0x16c/0x1f0 [ 565.843005][T12981] should_fail_ex+0x512/0x640 [ 565.843026][T12981] should_fail_alloc_page+0xe7/0x130 [ 565.843046][T12981] prepare_alloc_pages+0x3c2/0x610 [ 565.843066][T12981] __alloc_frozen_pages_noprof+0x18b/0x2440 [ 565.843096][T12981] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 565.843119][T12981] ? validate_mm+0x403/0x560 [ 565.843139][T12981] ? __pfx_validate_mm+0x10/0x10 [ 565.843155][T12981] ? __vma_enter_locked+0x163/0x3f0 [ 565.843176][T12981] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 565.843192][T12981] ? policy_nodemask+0xea/0x4e0 [ 565.843209][T12981] alloc_pages_mpol+0x1fb/0x550 [ 565.843225][T12981] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 565.843243][T12981] ? pgd_none+0x9f/0xe0 [ 565.843262][T12981] alloc_pages_noprof+0x12d/0x180 [ 565.843278][T12981] __pmd_alloc+0x3b/0x8b0 [ 565.843294][T12981] move_page_tables+0x30b7/0x4230 [ 565.843318][T12981] ? __pfx_copy_vma+0x10/0x10 [ 565.843340][T12981] ? __pfx_move_page_tables+0x10/0x10 [ 565.843367][T12981] ? lock_acquire+0x179/0x330 [ 565.843384][T12981] ? find_held_lock+0x2b/0x80 [ 565.843406][T12981] copy_vma_and_data+0x24e/0x790 [ 565.843427][T12981] ? __pfx_copy_vma_and_data+0x10/0x10 [ 565.843450][T12981] ? __vma_enter_locked+0x163/0x3f0 [ 565.843469][T12981] ? find_held_lock+0x2b/0x80 [ 565.843489][T12981] ? move_vma+0x52e/0x1770 [ 565.843506][T12981] ? __vm_enough_memory+0x184/0x3f0 [ 565.843524][T12981] move_vma+0x540/0x1770 [ 565.843546][T12981] ? __pfx_move_vma+0x10/0x10 [ 565.843567][T12981] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 565.843582][T12981] ? cap_mmap_addr+0x4b/0x120 [ 565.843594][T12981] ? bpf_lsm_mmap_addr+0x9/0x10 [ 565.843612][T12981] ? security_mmap_addr+0x6c/0x1e0 [ 565.843629][T12981] ? __get_unmapped_area+0x267/0x440 [ 565.843645][T12981] ? vrm_set_new_addr+0x208/0x290 [ 565.843665][T12981] mremap_to+0x1b7/0x450 [ 565.843685][T12981] do_mremap+0x13a8/0x2020 [ 565.843705][T12981] ? futex_private_hash_put+0x160/0x1b0 [ 565.843727][T12981] ? __pfx_do_mremap+0x10/0x10 [ 565.843750][T12981] ? __lock_acquire+0x433/0x22f0 [ 565.843771][T12981] __do_sys_mremap+0x119/0x170 [ 565.843789][T12981] ? __pfx___do_sys_mremap+0x10/0x10 [ 565.843809][T12981] ? find_held_lock+0x2b/0x80 [ 565.843831][T12981] ? __x64_sys_futex+0x1e0/0x4c0 [ 565.843869][T12981] do_syscall_64+0xcd/0xf80 [ 565.843888][T12981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 565.843902][T12981] RIP: 0033:0x7f4213d8f7c9 [ 565.843916][T12981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 565.843929][T12981] RSP: 002b:00007f4214b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 565.843943][T12981] RAX: ffffffffffffffda RBX: 00007f4213fe5fa0 RCX: 00007f4213d8f7c9 [ 565.843953][T12981] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 565.843961][T12981] RBP: 00007f4213e13f91 R08: 0000000100000000 R09: 0000000000000000 [ 565.843970][T12981] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 565.843978][T12981] R13: 00007f4213fe6038 R14: 00007f4213fe5fa0 R15: 00007ffcd449dff8 [ 565.843998][T12981] [ 566.574591][T12982] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1689'. [ 566.625344][T12977] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1689'. [ 567.211242][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 567.219736][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 567.768308][T13000] Invalid ELF header magic: != ELF [ 569.305029][T13033] Invalid ELF header magic: != ELF [ 569.378343][T13019] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 569.398870][T13019] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 569.420545][T13019] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 569.440687][T13019] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 570.048160][T13038] [U]  [ 570.051121][T13038] [U] [ 570.053797][T13038] [U] [ 570.056469][T13038] [U] [ 570.104708][T13038] [U] [ 570.107420][T13038] [U] [ 570.110099][T13038] [U] [ 570.112778][T13038] [U] [ 570.158759][T13038] [U] [ 570.161477][T13038] [U] [ 570.164149][T13038] [U] [ 570.166818][T13038] [U] [ 570.213897][T13038] [U] [ 570.216610][T13038] [U] [ 570.219281][T13038] [U] [ 570.221951][T13038] [U] [ 570.268037][T13038] [U] [ 570.270749][T13038] [U] [ 570.273422][T13038] [U] [ 570.276095][T13038] [U] [ 570.325260][T13038] [U] [ 570.327977][T13038] [U] [ 570.330656][T13038] [U] [ 570.333332][T13038] [U] [ 570.400016][T13038] [U] [ 570.402723][T13038] [U] [ 570.405394][T13038] [U] [ 570.408063][T13038] [U] [ 570.434165][T13040] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 570.464508][T13040] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 570.485281][T13040] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 570.505711][T13038] [U] [ 570.508432][T13038] [U] [ 570.511106][T13038] [U] [ 570.513779][T13038] [U] [ 570.523916][T13040] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 570.556704][T13038] [U] [ 570.750690][T13058] ptm ptm4: ldisc open failed (-12), clearing slot 4 [ 570.784570][T13059] ttyS ttyS2: ldisc open failed (-12), clearing slot 2 [ 571.129735][T13069] Invalid ELF header magic: != ELF [ 571.535516][T13078] Invalid ELF header magic: != ELF [ 571.737343][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 572.518688][T13082] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 572.525765][T13082] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 572.525956][T13082] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 572.527041][T13082] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 572.880040][ T5833] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 572.943916][T13105] FAULT_INJECTION: forcing a failure. [ 572.943916][T13105] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 572.943946][T13105] CPU: 0 UID: 0 PID: 13105 Comm: syz.0.1722 Tainted: G L syzkaller #0 PREEMPT(full) [ 572.943966][T13105] Tainted: [L]=SOFTLOCKUP [ 572.943970][T13105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 572.943978][T13105] Call Trace: [ 572.943983][T13105] [ 572.943989][T13105] dump_stack_lvl+0x16c/0x1f0 [ 572.944008][T13105] should_fail_ex+0x512/0x640 [ 572.944027][T13105] _copy_from_user+0x2e/0xd0 [ 572.944044][T13105] copy_msghdr_from_user+0x98/0x160 [ 572.944062][T13105] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 572.944079][T13105] ? __lock_acquire+0x433/0x22f0 [ 572.944103][T13105] ___sys_sendmsg+0xfe/0x1d0 [ 572.944121][T13105] ? __pfx____sys_sendmsg+0x10/0x10 [ 572.944137][T13105] ? __lock_acquire+0x433/0x22f0 [ 572.944173][T13105] __sys_sendmsg+0x16d/0x220 [ 572.944191][T13105] ? __pfx___sys_sendmsg+0x10/0x10 [ 572.944219][T13105] do_syscall_64+0xcd/0xf80 [ 572.944235][T13105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 572.944250][T13105] RIP: 0033:0x7f2f2f78f7c9 [ 572.944263][T13105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 572.944275][T13105] RSP: 002b:00007f2f305fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 572.944288][T13105] RAX: ffffffffffffffda RBX: 00007f2f2f9e6180 RCX: 00007f2f2f78f7c9 [ 572.944297][T13105] RDX: 0000000000004000 RSI: 0000200000003480 RDI: 0000000000000007 [ 572.944305][T13105] RBP: 00007f2f305fe090 R08: 0000000000000000 R09: 0000000000000000 [ 572.944314][T13105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 572.944321][T13105] R13: 00007f2f2f9e6218 R14: 00007f2f2f9e6180 R15: 00007fff1252bec8 [ 572.944340][T13105] [ 573.604915][ T5833] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 573.614866][ T5833] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0' [ 573.614901][ T5833] CPU: 0 UID: 0 PID: 5833 Comm: kworker/u9:2 Tainted: G L syzkaller #0 PREEMPT(full) [ 573.614922][ T5833] Tainted: [L]=SOFTLOCKUP [ 573.614927][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 573.614937][ T5833] Workqueue: hci2 hci_rx_work [ 573.614961][ T5833] Call Trace: [ 573.614966][ T5833] [ 573.614973][ T5833] dump_stack_lvl+0x16c/0x1f0 [ 573.614990][ T5833] sysfs_warn_dup+0x7f/0xa0 [ 573.615012][ T5833] sysfs_create_dir_ns+0x24b/0x2b0 [ 573.615032][ T5833] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 573.615052][ T5833] ? find_held_lock+0x2b/0x80 [ 573.615077][ T5833] ? do_raw_spin_unlock+0x172/0x230 [ 573.615098][ T5833] kobject_add_internal+0x2c4/0x9b0 [ 573.615119][ T5833] kobject_add+0x16e/0x240 [ 573.615135][ T5833] ? __pfx_kobject_add+0x10/0x10 [ 573.615153][ T5833] ? do_raw_spin_unlock+0x172/0x230 [ 573.615182][ T5833] ? kobject_put+0xab/0x590 [ 573.615205][ T5833] device_add+0x288/0x1950 [ 573.615228][ T5833] ? __pfx_dev_set_name+0x10/0x10 [ 573.615243][ T5833] ? __pfx_device_add+0x10/0x10 [ 573.615264][ T5833] ? mgmt_send_event_skb+0x2fb/0x460 [ 573.615290][ T5833] hci_conn_add_sysfs+0x17e/0x230 [ 573.615305][ T5833] le_conn_complete_evt+0x11ed/0x1f20 [ 573.615330][ T5833] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 573.615349][ T5833] ? __pfx_bt_warn+0x10/0x10 [ 573.615372][ T5833] hci_le_conn_complete_evt+0x23c/0x370 [ 573.615397][ T5833] hci_le_meta_evt+0x357/0x5e0 [ 573.615417][ T5833] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 573.615440][ T5833] hci_event_packet+0x685/0x11c0 [ 573.615460][ T5833] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 573.615482][ T5833] ? __pfx_hci_event_packet+0x10/0x10 [ 573.615503][ T5833] ? kcov_remote_start+0x384/0x670 [ 573.615517][ T5833] ? lockdep_hardirqs_on+0x7c/0x110 [ 573.615537][ T5833] hci_rx_work+0x2c9/0xeb0 [ 573.615559][ T5833] process_one_work+0x9ba/0x1b20 [ 573.615585][ T5833] ? __pfx_process_one_work+0x10/0x10 [ 573.615608][ T5833] ? assign_work+0x1a0/0x250 [ 573.615627][ T5833] worker_thread+0x6c8/0xf10 [ 573.615652][ T5833] ? __pfx_worker_thread+0x10/0x10 [ 573.615670][ T5833] kthread+0x3c5/0x780 [ 573.615687][ T5833] ? __pfx_kthread+0x10/0x10 [ 573.615704][ T5833] ? rcu_is_watching+0x12/0xc0 [ 573.615718][ T5833] ? __pfx_kthread+0x10/0x10 [ 573.615735][ T5833] ret_from_fork+0x983/0xb10 [ 573.615751][ T5833] ? __pfx_ret_from_fork+0x10/0x10 [ 573.615767][ T5833] ? __switch_to+0x7af/0x10d0 [ 573.615785][ T5833] ? __pfx_kthread+0x10/0x10 [ 573.615802][ T5833] ret_from_fork_asm+0x1a/0x30 [ 573.615832][ T5833] [ 573.615850][ T5833] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 573.615879][ T5833] Bluetooth: hci2: failed to register connection device [ 573.886727][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 574.523062][T11404] Bluetooth: hci1: command 0x0419 tx timeout [ 574.523108][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 574.523135][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 575.608855][T13110] tty tty17: ldisc open failed (-12), clearing slot 16 [ 575.635659][T13113] ttyS ttyS1: ldisc open failed (-12), clearing slot 1 [ 575.650727][T13114] tty tty12: ldisc open failed (-12), clearing slot 11 [ 575.926761][T13137] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1731'. [ 576.592562][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 577.273904][T13142] Process accounting resumed [ 578.026069][T13164] FAULT_INJECTION: forcing a failure. [ 578.026069][T13164] name failslab, interval 1, probability 0, space 0, times 0 [ 578.242073][T13164] CPU: 0 UID: 0 PID: 13164 Comm: syz.3.1736 Tainted: G L syzkaller #0 PREEMPT(full) [ 578.242098][T13164] Tainted: [L]=SOFTLOCKUP [ 578.242104][T13164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 578.242113][T13164] Call Trace: [ 578.242117][T13164] [ 578.242123][T13164] dump_stack_lvl+0x16c/0x1f0 [ 578.242143][T13164] should_fail_ex+0x512/0x640 [ 578.242159][T13164] ? fs_reclaim_acquire+0xae/0x150 [ 578.242177][T13164] should_failslab+0xc2/0x120 [ 578.242194][T13164] __kmalloc_noprof+0xdd/0x8f0 [ 578.242213][T13164] ? tomoyo_encode2+0x100/0x3e0 [ 578.242234][T13164] ? tomoyo_encode2+0x100/0x3e0 [ 578.242251][T13164] tomoyo_encode2+0x100/0x3e0 [ 578.242271][T13164] tomoyo_encode+0x29/0x50 [ 578.242288][T13164] tomoyo_realpath_from_path+0x18f/0x6e0 [ 578.242308][T13164] ? tomoyo_profile+0x47/0x60 [ 578.242330][T13164] tomoyo_path_number_perm+0x245/0x580 [ 578.242345][T13164] ? tomoyo_path_number_perm+0x237/0x580 [ 578.242362][T13164] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 578.242379][T13164] ? find_held_lock+0x2b/0x80 [ 578.242416][T13164] ? find_held_lock+0x2b/0x80 [ 578.242436][T13164] ? hook_file_ioctl_common+0x144/0x410 [ 578.242457][T13164] ? __fget_files+0x20e/0x3c0 [ 578.242475][T13164] security_file_ioctl+0x9b/0x240 [ 578.242492][T13164] __x64_sys_ioctl+0xb7/0x210 [ 578.242515][T13164] do_syscall_64+0xcd/0xf80 [ 578.242532][T13164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 578.242546][T13164] RIP: 0033:0x7f3f67f8f7c9 [ 578.242558][T13164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 578.242573][T13164] RSP: 002b:00007f3f68e51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 578.242586][T13164] RAX: ffffffffffffffda RBX: 00007f3f681e6180 RCX: 00007f3f67f8f7c9 [ 578.242596][T13164] RDX: 0000000000000038 RSI: 0000000080108907 RDI: 0000000000000003 [ 578.242605][T13164] RBP: 00007f3f68e51090 R08: 0000000000000000 R09: 0000000000000000 [ 578.242613][T13164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 578.242621][T13164] R13: 00007f3f681e6218 R14: 00007f3f681e6180 R15: 00007ffd4f3a9d68 [ 578.242640][T13164] [ 578.242658][T13164] ERROR: Out of memory at tomoyo_realpath_from_path. [ 578.480720][T13155] ACPI: Can not change Invalid GPE/Fixed Event status [ 578.549500][T13169] netlink: Setting conntrack mark requires 'commit' flag. [ 578.689319][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 579.642487][T13186] random: crng reseeded on system resumption [ 580.332221][T13210] ACPI: Can not change Invalid GPE/Fixed Event status [ 580.664586][T13207] zswap: compressor 000 not available [ 580.730678][ T5840] Bluetooth: hci2: command 0x0419 tx timeout [ 582.564026][T13236] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1755'. [ 582.636273][T13238] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1755'. [ 582.801079][ T5840] Bluetooth: hci2: command 0x0419 tx timeout [ 583.560536][T13248] Invalid ELF header magic: != ELF [ 584.199694][T13268] FAULT_INJECTION: forcing a failure. [ 584.199694][T13268] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 584.256736][T13268] CPU: 0 UID: 0 PID: 13268 Comm: syz.1.1763 Tainted: G L syzkaller #0 PREEMPT(full) [ 584.256763][T13268] Tainted: [L]=SOFTLOCKUP [ 584.256769][T13268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 584.256779][T13268] Call Trace: [ 584.256784][T13268] [ 584.256790][T13268] dump_stack_lvl+0x16c/0x1f0 [ 584.256811][T13268] should_fail_ex+0x512/0x640 [ 584.256831][T13268] _copy_from_user+0x2e/0xd0 [ 584.256848][T13268] do_seccomp+0x185/0x2640 [ 584.256870][T13268] ? __pfx_do_seccomp+0x10/0x10 [ 584.256891][T13268] ? xfd_validate_state+0x61/0x180 [ 584.256905][T13268] ? __pfx_ksys_read+0x10/0x10 [ 584.256926][T13268] do_syscall_64+0xcd/0xf80 [ 584.256943][T13268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.256958][T13268] RIP: 0033:0x7f92c4d8f7c9 [ 584.256970][T13268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 584.256984][T13268] RSP: 002b:00007f92c5cb9038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 584.256998][T13268] RAX: ffffffffffffffda RBX: 00007f92c4fe5fa0 RCX: 00007f92c4d8f7c9 [ 584.257007][T13268] RDX: 00002000000000c0 RSI: 0000000000000000 RDI: 0000000000000001 [ 584.257016][T13268] RBP: 00007f92c4e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 584.257024][T13268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 584.257032][T13268] R13: 00007f92c4fe6038 R14: 00007f92c4fe5fa0 R15: 00007ffc07a18f78 [ 584.257051][T13268] [ 584.634723][T13258] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 584.642525][T13258] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 584.649315][T13258] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 584.676900][T13258] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 585.057035][T13285] ACPI: Can not change Invalid GPE/Fixed Event status [ 585.619080][T13294] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 585.903711][ T5840] Bluetooth: hci0: command 0x0419 tx timeout [ 585.913630][T13303] futex_wake_op: syz.1.1771 tries to shift op by -1; fix this program [ 586.237913][T13295] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 586.699727][ T5833] Bluetooth: hci1: command 0x0419 tx timeout [ 586.705787][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 586.711887][ T5840] Bluetooth: hci3: command 0x0419 tx timeout [ 587.712193][T13320] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 587.732573][T13320] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 587.754573][T13320] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 587.783218][T13320] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 589.009203][ T5840] Bluetooth: hci0: command 0x0419 tx timeout [ 589.028688][T13353] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 589.070251][T13353] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 589.129896][T13353] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 589.210975][T13353] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 589.511793][T13363] FAULT_INJECTION: forcing a failure. [ 589.511793][T13363] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 589.579386][T13363] CPU: 0 UID: 0 PID: 13363 Comm: syz.3.1785 Tainted: G L syzkaller #0 PREEMPT(full) [ 589.579413][T13363] Tainted: [L]=SOFTLOCKUP [ 589.579419][T13363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 589.579428][T13363] Call Trace: [ 589.579434][T13363] [ 589.579440][T13363] dump_stack_lvl+0x16c/0x1f0 [ 589.579460][T13363] should_fail_ex+0x512/0x640 [ 589.579480][T13363] _copy_from_user+0x2e/0xd0 [ 589.579498][T13363] do_seccomp+0x185/0x2640 [ 589.579520][T13363] ? __pfx_do_seccomp+0x10/0x10 [ 589.579541][T13363] ? xfd_validate_state+0x61/0x180 [ 589.579555][T13363] ? __pfx_ksys_read+0x10/0x10 [ 589.579575][T13363] do_syscall_64+0xcd/0xf80 [ 589.579592][T13363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.579607][T13363] RIP: 0033:0x7f3f67f8f7c9 [ 589.579619][T13363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.579633][T13363] RSP: 002b:00007f3f68e93038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 589.579646][T13363] RAX: ffffffffffffffda RBX: 00007f3f681e5fa0 RCX: 00007f3f67f8f7c9 [ 589.579656][T13363] RDX: 00002000000000c0 RSI: 0000000000000000 RDI: 0000000000000001 [ 589.579665][T13363] RBP: 00007f3f68013f91 R08: 0000000000000000 R09: 0000000000000000 [ 589.579673][T13363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 589.579681][T13363] R13: 00007f3f681e6038 R14: 00007f3f681e5fa0 R15: 00007ffd4f3a9d68 [ 589.579700][T13363] [ 589.898213][T13368] FAULT_INJECTION: forcing a failure. [ 589.898213][T13368] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 589.936458][T13368] CPU: 0 UID: 0 PID: 13368 Comm: syz.2.1787 Tainted: G L syzkaller #0 PREEMPT(full) [ 589.936482][T13368] Tainted: [L]=SOFTLOCKUP [ 589.936487][T13368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 589.936495][T13368] Call Trace: [ 589.936501][T13368] [ 589.936507][T13368] dump_stack_lvl+0x16c/0x1f0 [ 589.936527][T13368] should_fail_ex+0x512/0x640 [ 589.936546][T13368] _copy_to_iter+0x29f/0x1710 [ 589.936563][T13368] ? __pfx___skb_try_recv_datagram+0x10/0x10 [ 589.936581][T13368] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 589.936598][T13368] ? __pfx__copy_to_iter+0x10/0x10 [ 589.936615][T13368] ? __skb_recv_datagram+0x1b2/0x220 [ 589.936638][T13368] simple_copy_to_iter+0x46/0x90 [ 589.936653][T13368] __skb_datagram_iter+0x129/0x900 [ 589.936667][T13368] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 589.936683][T13368] ? skb_recv_datagram+0x88/0xc0 [ 589.936700][T13368] skb_copy_datagram_iter+0xa6/0x220 [ 589.936716][T13368] netlink_recvmsg+0x27e/0xa90 [ 589.936738][T13368] ? __pfx_netlink_recvmsg+0x10/0x10 [ 589.936758][T13368] ? __fget_files+0x204/0x3c0 [ 589.936775][T13368] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 589.936801][T13368] sock_recvmsg+0x1f9/0x250 [ 589.936823][T13368] __sys_recvfrom+0x203/0x310 [ 589.936840][T13368] ? __pfx___sys_recvfrom+0x10/0x10 [ 589.936871][T13368] ? ksys_write+0x1ac/0x250 [ 589.936886][T13368] ? __pfx_ksys_write+0x10/0x10 [ 589.936902][T13368] __x64_sys_recvfrom+0xe0/0x1c0 [ 589.936925][T13368] ? do_syscall_64+0x91/0xf80 [ 589.936940][T13368] ? lockdep_hardirqs_on+0x7c/0x110 [ 589.936957][T13368] do_syscall_64+0xcd/0xf80 [ 589.936972][T13368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.936987][T13368] RIP: 0033:0x7f4213d91594 [ 589.937001][T13368] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04 [ 589.937015][T13368] RSP: 002b:00007f4214b64ed0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 589.937028][T13368] RAX: ffffffffffffffda RBX: 00007f4214b64fc0 RCX: 00007f4213d91594 [ 589.937037][T13368] RDX: 0000000000001000 RSI: 00007f4214b65010 RDI: 0000000000000003 [ 589.937046][T13368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 589.937054][T13368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 589.937062][T13368] R13: 00007f4214b64f68 R14: 00007f4214b65010 R15: 0000000000000000 [ 589.937080][T13368] [ 590.569253][T13365] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 590.613731][T13365] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 590.659201][T13365] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 590.686625][T13365] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 591.747052][T13398] FAULT_INJECTION: forcing a failure. [ 591.747052][T13398] name failslab, interval 1, probability 0, space 0, times 0 [ 591.772512][T13383] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 591.785003][T13398] CPU: 0 UID: 0 PID: 13398 Comm: syz.2.1793 Tainted: G L syzkaller #0 PREEMPT(full) [ 591.785048][T13398] Tainted: [L]=SOFTLOCKUP [ 591.785054][T13398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 591.785063][T13398] Call Trace: [ 591.785068][T13398] [ 591.785075][T13398] dump_stack_lvl+0x16c/0x1f0 [ 591.785095][T13398] should_fail_ex+0x512/0x640 [ 591.785113][T13398] ? kmem_cache_alloc_noprof+0x62/0x760 [ 591.785137][T13398] should_failslab+0xc2/0x120 [ 591.785155][T13398] kmem_cache_alloc_noprof+0x75/0x760 [ 591.785175][T13398] ? prepare_creds+0x2c/0x740 [ 591.785197][T13398] ? prepare_creds+0x2c/0x740 [ 591.785214][T13398] prepare_creds+0x2c/0x740 [ 591.785234][T13398] cap_task_prctl+0x559/0xa80 [ 591.785250][T13398] security_task_prctl+0xc2/0x160 [ 591.785274][T13398] __do_sys_prctl+0xaa/0x2220 [ 591.785293][T13398] ? __pfx___do_sys_prctl+0x10/0x10 [ 591.785316][T13398] do_syscall_64+0xcd/0xf80 [ 591.785333][T13398] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 591.785348][T13398] RIP: 0033:0x7f4213d8f7c9 [ 591.785360][T13398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 591.785374][T13398] RSP: 002b:00007f4214b66038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 591.785388][T13398] RAX: ffffffffffffffda RBX: 00007f4213fe5fa0 RCX: 00007f4213d8f7c9 [ 591.785398][T13398] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000018 [ 591.785407][T13398] RBP: 00007f4213e13f91 R08: 0100000000000000 R09: 0000000000000000 [ 591.785416][T13398] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 591.785424][T13398] R13: 00007f4213fe6038 R14: 00007f4213fe5fa0 R15: 00007ffcd449dff8 [ 591.785443][T13398] [ 591.982884][T13383] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 591.990434][T13383] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 591.996536][T13383] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 592.123433][T13404] unchecked MSR access error: WRMSR to 0x40c (tried to write 0x0000000000000004) at rIP: 0xffffffff8165469a (__mcheck_cpu_init_prepare_banks+0x18a/0x380) [ 592.139045][T13404] Call Trace: [ 592.142317][T13404] [ 592.145236][T13404] ? __pfx___mcheck_cpu_init_prepare_banks+0x10/0x10 [ 592.151900][T13404] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 592.157689][T13404] ? debug_object_deactivate+0x1ec/0x3a0 [ 592.163314][T13404] mce_cpu_restart+0xd9/0x1f0 [ 592.167973][T13404] ? __pfx_mce_cpu_restart+0x10/0x10 [ 592.173242][T13404] smp_call_function_many_cond+0x1200/0x15e0 [ 592.179212][T13404] ? __pfx_mce_cpu_restart+0x10/0x10 [ 592.184478][T13404] ? mark_held_locks+0x49/0x80 [ 592.189225][T13404] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 592.195013][T13404] ? lockdep_hardirqs_on+0x7c/0x110 [ 592.200197][T13404] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 592.205989][T13404] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 592.212300][T13404] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 592.218273][T13404] ? __pfx_mce_cpu_restart+0x10/0x10 [ 592.223542][T13404] on_each_cpu_cond_mask+0x40/0x90 [ 592.228644][T13404] set_bank+0x240/0x3a0 [ 592.232825][T13404] ? __pfx_set_bank+0x10/0x10 [ 592.237483][T13404] ? find_held_lock+0x2b/0x80 [ 592.242152][T13404] ? __pfx_set_bank+0x10/0x10 [ 592.246810][T13404] dev_attr_store+0x58/0x80 [ 592.251303][T13404] ? __pfx_dev_attr_store+0x10/0x10 [ 592.256488][T13404] sysfs_kf_write+0xf2/0x150 [ 592.261065][T13404] kernfs_fop_write_iter+0x3af/0x570 [ 592.266332][T13404] ? __pfx_sysfs_kf_write+0x10/0x10 [ 592.271519][T13404] vfs_write+0x7d3/0x11d0 [ 592.275832][T13404] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 592.281625][T13404] ? __pfx_vfs_write+0x10/0x10 [ 592.286384][T13404] ksys_write+0x12a/0x250 [ 592.290720][T13404] ? __pfx_ksys_write+0x10/0x10 [ 592.295561][T13404] do_syscall_64+0xcd/0xf80 [ 592.300053][T13404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.305932][T13404] RIP: 0033:0x7f4213d8f7c9 [ 592.310334][T13404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 592.329925][T13404] RSP: 002b:00007f4214b45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 592.338322][T13404] RAX: ffffffffffffffda RBX: 00007f4213fe6090 RCX: 00007f4213d8f7c9 [ 592.346275][T13404] RDX: 0000000000000001 RSI: 0000200000000200 RDI: 0000000000000005 [ 592.354230][T13404] RBP: 00007f4213e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 592.362183][T13404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 592.370187][T13404] R13: 00007f4213fe6128 R14: 00007f4213fe6090 R15: 00007ffcd449dff8 [ 592.378155][T13404] [ 592.490519][T13409] random: crng reseeded on system resumption [ 593.067242][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 594.419787][ T5842] Bluetooth: hci3: command 0x0419 tx timeout [ 594.428724][ T5840] Bluetooth: hci1: command 0x0419 tx timeout [ 594.436767][ T5833] Bluetooth: hci2: command 0x0419 tx timeout [ 594.957350][T13443] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 594.978904][T13443] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 594.999072][T13443] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 595.019225][T13443] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 595.887980][T13463] FAULT_INJECTION: forcing a failure. [ 595.887980][T13463] name failslab, interval 1, probability 0, space 0, times 0 [ 595.953204][T13463] CPU: 0 UID: 0 PID: 13463 Comm: syz.1.1809 Tainted: G L syzkaller #0 PREEMPT(full) [ 595.953231][T13463] Tainted: [L]=SOFTLOCKUP [ 595.953237][T13463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 595.953246][T13463] Call Trace: [ 595.953251][T13463] [ 595.953258][T13463] dump_stack_lvl+0x16c/0x1f0 [ 595.953279][T13463] should_fail_ex+0x512/0x640 [ 595.953296][T13463] ? kmem_cache_alloc_noprof+0x62/0x760 [ 595.953320][T13463] should_failslab+0xc2/0x120 [ 595.953337][T13463] kmem_cache_alloc_noprof+0x75/0x760 [ 595.953357][T13463] ? prepare_creds+0x2c/0x740 [ 595.953380][T13463] ? prepare_creds+0x2c/0x740 [ 595.953396][T13463] prepare_creds+0x2c/0x740 [ 595.953416][T13463] __sys_setresuid+0x46d/0x1160 [ 595.953440][T13463] do_syscall_64+0xcd/0xf80 [ 595.953456][T13463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.953471][T13463] RIP: 0033:0x7f92c4d8f7c9 [ 595.953483][T13463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 595.953497][T13463] RSP: 002b:00007f92c5cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 595.953511][T13463] RAX: ffffffffffffffda RBX: 00007f92c4fe5fa0 RCX: 00007f92c4d8f7c9 [ 595.953530][T13463] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: ffffffffffffffff [ 595.953545][T13463] RBP: 00007f92c4e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 595.953555][T13463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.953564][T13463] R13: 00007f92c4fe6038 R14: 00007f92c4fe5fa0 R15: 00007ffc07a18f78 [ 595.953584][T13463] [ 596.354032][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 596.640821][T13468] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 596.647177][T13468] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 596.654541][T13468] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 596.707797][T13468] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 597.274157][T13490] FAULT_INJECTION: forcing a failure. [ 597.274157][T13490] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 597.364937][T13490] CPU: 0 UID: 0 PID: 13490 Comm: syz.2.1817 Tainted: G L syzkaller #0 PREEMPT(full) [ 597.364962][T13490] Tainted: [L]=SOFTLOCKUP [ 597.364967][T13490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 597.364976][T13490] Call Trace: [ 597.364980][T13490] [ 597.364987][T13490] dump_stack_lvl+0x16c/0x1f0 [ 597.365006][T13490] should_fail_ex+0x512/0x640 [ 597.365026][T13490] _copy_from_user+0x2e/0xd0 [ 597.365042][T13490] ____sys_sendmsg+0x607/0xc30 [ 597.365065][T13490] ? __pfx_____sys_sendmsg+0x10/0x10 [ 597.365089][T13490] ? __pfx__kstrtoull+0x10/0x10 [ 597.365111][T13490] ___sys_sendmsg+0x134/0x1d0 [ 597.365129][T13490] ? __pfx____sys_sendmsg+0x10/0x10 [ 597.365155][T13490] ? find_held_lock+0x2b/0x80 [ 597.365187][T13490] __sys_sendmmsg+0x200/0x420 [ 597.365207][T13490] ? __pfx___sys_sendmmsg+0x10/0x10 [ 597.365230][T13490] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 597.365253][T13490] ? fput+0x70/0xf0 [ 597.365270][T13490] ? ksys_write+0x1ac/0x250 [ 597.365285][T13490] ? __pfx_ksys_write+0x10/0x10 [ 597.365302][T13490] __x64_sys_sendmmsg+0x9c/0x100 [ 597.365319][T13490] ? lockdep_hardirqs_on+0x7c/0x110 [ 597.365334][T13490] do_syscall_64+0xcd/0xf80 [ 597.365350][T13490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.365364][T13490] RIP: 0033:0x7f4213d8f7c9 [ 597.365376][T13490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 597.365389][T13490] RSP: 002b:00007f4214b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 597.365403][T13490] RAX: ffffffffffffffda RBX: 00007f4213fe5fa0 RCX: 00007f4213d8f7c9 [ 597.365412][T13490] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000004 [ 597.365421][T13490] RBP: 00007f4214b66090 R08: 0000000000000000 R09: 0000000000000000 [ 597.365429][T13490] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 597.365437][T13490] R13: 00007f4213fe6038 R14: 00007f4213fe5fa0 R15: 00007ffcd449dff8 [ 597.365456][T13490] [ 597.824536][T13496] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 598.640341][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 598.717819][ T5842] Bluetooth: hci1: command 0x0419 tx timeout [ 598.723863][ T5840] Bluetooth: hci2: command 0x0419 tx timeout [ 598.729936][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 599.006426][T13498] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 599.046534][T13514] FAULT_INJECTION: forcing a failure. [ 599.046534][T13514] name fail_futex, interval 1, probability 0, space 0, times 0 [ 599.191581][T13514] CPU: 0 UID: 0 PID: 13514 Comm: syz.0.1823 Tainted: G L syzkaller #0 PREEMPT(full) [ 599.191609][T13514] Tainted: [L]=SOFTLOCKUP [ 599.191614][T13514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 599.191624][T13514] Call Trace: [ 599.191630][T13514] [ 599.191636][T13514] dump_stack_lvl+0x16c/0x1f0 [ 599.191658][T13514] should_fail_ex+0x512/0x640 [ 599.191678][T13514] get_futex_key+0x1d0/0x15f0 [ 599.191700][T13514] ? __pfx_get_futex_key+0x10/0x10 [ 599.191725][T13514] futex_wake+0xea/0x530 [ 599.191749][T13514] ? __pfx_futex_wake+0x10/0x10 [ 599.191778][T13514] do_futex+0x1e3/0x350 [ 599.191797][T13514] ? __pfx_do_futex+0x10/0x10 [ 599.191820][T13514] __x64_sys_futex+0x1e0/0x4c0 [ 599.191841][T13514] ? __pfx___x64_sys_futex+0x10/0x10 [ 599.191861][T13514] ? syscall_user_dispatch+0x78/0x140 [ 599.191882][T13514] ? __sys_setresuid+0x6ad/0x1160 [ 599.191906][T13514] do_syscall_64+0xcd/0xf80 [ 599.191923][T13514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.191937][T13514] RIP: 0033:0x7f2f2f78f7c9 [ 599.191950][T13514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 599.191964][T13514] RSP: 002b:00007f2f306400e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 599.191978][T13514] RAX: ffffffffffffffda RBX: 00007f2f2f9e5fa8 RCX: 00007f2f2f78f7c9 [ 599.191988][T13514] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2f2f9e5fac [ 599.191996][T13514] RBP: 00007f2f2f9e5fa0 R08: 00007f2f30641000 R09: 0000000000000000 [ 599.192005][T13514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 599.192013][T13514] R13: 00007f2f2f9e6038 R14: 00007fff1252bde0 R15: 00007fff1252bec8 [ 599.192033][T13514] [ 600.872445][T13530] Invalid ELF header magic: != ELF [ 601.766243][T13544] FAULT_INJECTION: forcing a failure. [ 601.766243][T13544] name failslab, interval 1, probability 0, space 0, times 0 [ 601.831697][T13544] CPU: 0 UID: 0 PID: 13544 Comm: syz.3.1830 Tainted: G L syzkaller #0 PREEMPT(full) [ 601.831723][T13544] Tainted: [L]=SOFTLOCKUP [ 601.831728][T13544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 601.831737][T13544] Call Trace: [ 601.831742][T13544] [ 601.831749][T13544] dump_stack_lvl+0x16c/0x1f0 [ 601.831769][T13544] should_fail_ex+0x512/0x640 [ 601.831785][T13544] ? __kmalloc_cache_noprof+0x5f/0x800 [ 601.831807][T13544] should_failslab+0xc2/0x120 [ 601.831824][T13544] __kmalloc_cache_noprof+0x72/0x800 [ 601.831843][T13544] ? j1939_session_new+0x7a/0x4e0 [ 601.831861][T13544] ? j1939_session_new+0x7a/0x4e0 [ 601.831875][T13544] j1939_session_new+0x7a/0x4e0 [ 601.831892][T13544] j1939_tp_send+0x1fd/0x860 [ 601.831910][T13544] j1939_sk_sendmsg+0xaf8/0x13d0 [ 601.831927][T13544] ? __pfx_aa_sk_perm+0x10/0x10 [ 601.831943][T13544] ? iovec_from_user+0xbb/0x140 [ 601.831961][T13544] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 601.831975][T13544] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 601.832001][T13544] ____sys_sendmsg+0xa5d/0xc30 [ 601.832024][T13544] ? copy_msghdr_from_user+0x10a/0x160 [ 601.832042][T13544] ? __pfx_____sys_sendmsg+0x10/0x10 [ 601.832066][T13544] ? __pfx__kstrtoull+0x10/0x10 [ 601.832088][T13544] ___sys_sendmsg+0x134/0x1d0 [ 601.832119][T13544] ? __pfx____sys_sendmsg+0x10/0x10 [ 601.832154][T13544] ? __pfx___might_resched+0x10/0x10 [ 601.832172][T13544] __sys_sendmmsg+0x200/0x420 [ 601.832192][T13544] ? __pfx___sys_sendmmsg+0x10/0x10 [ 601.832215][T13544] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 601.832239][T13544] ? fput+0x70/0xf0 [ 601.832257][T13544] ? ksys_write+0x1ac/0x250 [ 601.832271][T13544] ? __pfx_ksys_write+0x10/0x10 [ 601.832288][T13544] __x64_sys_sendmmsg+0x9c/0x100 [ 601.832305][T13544] ? lockdep_hardirqs_on+0x7c/0x110 [ 601.832320][T13544] do_syscall_64+0xcd/0xf80 [ 601.832335][T13544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.832350][T13544] RIP: 0033:0x7f3f67f8f7c9 [ 601.832362][T13544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 601.832375][T13544] RSP: 002b:00007f3f68e72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 601.832389][T13544] RAX: ffffffffffffffda RBX: 00007f3f681e6090 RCX: 00007f3f67f8f7c9 [ 601.832399][T13544] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 601.832408][T13544] RBP: 00007f3f68e72090 R08: 0000000000000000 R09: 0000000000000000 [ 601.832416][T13544] R10: 000000003f0000f5 R11: 0000000000000246 R12: 0000000000000001 [ 601.832424][T13544] R13: 00007f3f681e6128 R14: 00007f3f681e6090 R15: 00007ffd4f3a9d68 [ 601.832443][T13544] [ 602.965363][T13549] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 602.971555][T13549] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 602.991045][T13549] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 603.029315][T13549] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 605.004787][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 605.010832][ T5840] Bluetooth: hci1: command 0x0419 tx timeout [ 605.017175][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 605.093331][ T5842] Bluetooth: hci3: command 0x0419 tx timeout [ 606.066691][T13585] [U]  [ 606.069489][T13585] [U] [ 606.072162][T13585] [U] [ 606.074835][T13585] [U] [ 606.150333][T13585] [U] [ 606.153053][T13585] [U] [ 606.155728][T13585] [U] [ 606.158400][T13585] [U] [ 606.261986][T13585] [U] [ 606.264701][T13585] [U] [ 606.267372][T13585] [U] [ 606.270046][T13585] [U] [ 606.333512][T13585] [U] [ 606.336221][T13585] [U] [ 606.338896][T13585] [U] [ 606.341565][T13585] [U] [ 606.414330][T13585] [U] [ 606.417040][T13585] [U] [ 606.419713][T13585] [U] [ 606.422383][T13585] [U] [ 606.500469][T13585] [U] [ 607.510105][T13594] Process accounting paused [ 609.033472][T13617] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 609.053955][T13617] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 609.059975][T13617] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 609.092573][T13617] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 609.385916][T13629] [U]  [ 609.388725][T13629] [U] [ 609.391400][T13629] [U] [ 609.394068][T13629] [U] [ 609.439433][T13629] [U] [ 609.442152][T13629] [U] [ 609.444821][T13629] [U] [ 609.447499][T13629] [U] [ 609.485958][T13629] [U] [ 609.488665][T13629] [U] [ 609.491338][T13629] [U] [ 609.494009][T13629] [U] [ 609.529012][T13629] [U] [ 609.531721][T13629] [U] [ 609.534392][T13629] [U] [ 609.537062][T13629] [U] [ 609.573889][T13629] [U] [ 609.576606][T13629] [U] [ 609.579284][T13629] [U] [ 609.581964][T13629] [U] [ 609.621101][T13629] [U] [ 609.623812][T13629] [U] [ 609.626486][T13629] [U] [ 609.629156][T13629] [U] [ 609.672395][T13629] [U] [ 609.675116][T13629] [U] [ 609.677785][T13629] [U] [ 609.680458][T13629] [U] [ 609.721181][T13629] [U] [ 609.723904][T13629] [U] [ 609.726591][T13629] [U] [ 609.729274][T13629] [U] [ 609.758992][T13629] [U] [ 609.761706][T13629] [U] [ 609.764387][T13629] [U] [ 609.767058][T13629] [U] [ 609.796301][T13629] [U] [ 609.799010][T13629] [U] [ 609.801680][T13629] [U] [ 609.804348][T13629] [U] [ 609.833705][T13629] [U] [ 609.836416][T13629] [U] [ 609.839091][T13629] [U] [ 609.841760][T13629] [U] [ 609.872473][T13629] [U] [ 609.875188][T13629] [U] [ 609.877860][T13629] [U] [ 609.880528][T13629] [U] [ 609.909019][T13629] [U] [ 609.911732][T13629] [U] [ 609.914405][T13629] [U] [ 609.917072][T13629] [U] [ 609.946988][T13629] [U] [ 609.950661][T13629] [U] [ 609.953339][T13629] [U] [ 609.956013][T13629] [U] [ 609.985636][T13629] [U] [ 609.988353][T13629] [U] [ 609.991026][T13629] [U] [ 609.993693][T13629] [U] [ 610.037843][T13629] [U] [ 610.177441][ T5842] Bluetooth: hci0: command 0x0419 tx timeout [ 610.670452][T13646] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 611.132893][ T5833] Bluetooth: hci2: command 0x0419 tx timeout [ 611.140619][ T5842] Bluetooth: hci3: command 0x0419 tx timeout [ 611.146640][ T5840] Bluetooth: hci1: command 0x0419 tx timeout [ 611.543350][T13673] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1868'. [ 612.647806][T13684] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input22 [ 615.030395][T13715] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 615.055485][T13715] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 615.079141][T13715] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 615.088510][T13727] FAULT_INJECTION: forcing a failure. [ 615.088510][T13727] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 615.110999][T13715] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 615.231915][T13718] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 615.264363][T13718] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 615.292869][T13718] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 615.317326][T13718] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 615.327943][T13727] CPU: 0 UID: 0 PID: 13727 Comm: syz.2.1879 Tainted: G L syzkaller #0 PREEMPT(full) [ 615.327969][T13727] Tainted: [L]=SOFTLOCKUP [ 615.327974][T13727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 615.327983][T13727] Call Trace: [ 615.327988][T13727] [ 615.327994][T13727] dump_stack_lvl+0x16c/0x1f0 [ 615.328014][T13727] should_fail_ex+0x512/0x640 [ 615.328033][T13727] _copy_to_user+0x32/0xd0 [ 615.328057][T13727] simple_read_from_buffer+0xcb/0x170 [ 615.328074][T13727] proc_fail_nth_read+0x197/0x240 [ 615.328093][T13727] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 615.328113][T13727] ? rw_verify_area+0xcf/0x6c0 [ 615.328134][T13727] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 615.328152][T13727] vfs_read+0x1e4/0xcf0 [ 615.328167][T13727] ? __pfx___mutex_lock+0x10/0x10 [ 615.328184][T13727] ? __pfx_vfs_read+0x10/0x10 [ 615.328203][T13727] ? __fget_files+0x20e/0x3c0 [ 615.328223][T13727] ksys_read+0x12a/0x250 [ 615.328237][T13727] ? __pfx_ksys_read+0x10/0x10 [ 615.328257][T13727] do_syscall_64+0xcd/0xf80 [ 615.328274][T13727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.328288][T13727] RIP: 0033:0x7f4213d8e1dc [ 615.328300][T13727] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 615.328313][T13727] RSP: 002b:00007f4211fb4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 615.328328][T13727] RAX: ffffffffffffffda RBX: 00007f4213fe6360 RCX: 00007f4213d8e1dc [ 615.328337][T13727] RDX: 000000000000000f RSI: 00007f4211fb40a0 RDI: 0000000000000007 [ 615.328346][T13727] RBP: 00007f4211fb4090 R08: 0000000000000000 R09: 0000000000000000 [ 615.328354][T13727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 615.328363][T13727] R13: 00007f4213fe63f8 R14: 00007f4213fe6360 R15: 00007ffcd449dff8 [ 615.328382][T13727] [ 615.859245][T13738] FAULT_INJECTION: forcing a failure. [ 615.859245][T13738] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 615.908576][T13738] CPU: 0 UID: 0 PID: 13738 Comm: syz.2.1882 Tainted: G L syzkaller #0 PREEMPT(full) [ 615.908602][T13738] Tainted: [L]=SOFTLOCKUP [ 615.908607][T13738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 615.908615][T13738] Call Trace: [ 615.908621][T13738] [ 615.908627][T13738] dump_stack_lvl+0x16c/0x1f0 [ 615.908647][T13738] should_fail_ex+0x512/0x640 [ 615.908666][T13738] _copy_to_user+0x32/0xd0 [ 615.908683][T13738] simple_read_from_buffer+0xcb/0x170 [ 615.908700][T13738] proc_fail_nth_read+0x197/0x240 [ 615.908720][T13738] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 615.908739][T13738] ? rw_verify_area+0xcf/0x6c0 [ 615.908760][T13738] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 615.908778][T13738] vfs_read+0x1e4/0xcf0 [ 615.908793][T13738] ? __pfx___mutex_lock+0x10/0x10 [ 615.908811][T13738] ? __pfx_vfs_read+0x10/0x10 [ 615.908846][T13738] ? __fget_files+0x20e/0x3c0 [ 615.908866][T13738] ksys_read+0x12a/0x250 [ 615.908880][T13738] ? __pfx_ksys_read+0x10/0x10 [ 615.908899][T13738] do_syscall_64+0xcd/0xf80 [ 615.908916][T13738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.908931][T13738] RIP: 0033:0x7f4213d8e1dc [ 615.908943][T13738] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 615.908957][T13738] RSP: 002b:00007f4214b66030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 615.908971][T13738] RAX: ffffffffffffffda RBX: 00007f4213fe5fa0 RCX: 00007f4213d8e1dc [ 615.908980][T13738] RDX: 000000000000000f RSI: 00007f4214b660a0 RDI: 0000000000000003 [ 615.908989][T13738] RBP: 00007f4214b66090 R08: 0000000000000000 R09: 0000000000000000 [ 615.908997][T13738] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001 [ 615.909011][T13738] R13: 00007f4213fe6038 R14: 00007f4213fe5fa0 R15: 00007ffcd449dff8 [ 615.909030][T13738] [ 616.582610][T13749] futex_wake_op: syz.1.1887 tries to shift op by -2048; fix this program [ 616.592401][T13749] futex_wake_op: syz.1.1887 tries to shift op by -2048; fix this program [ 617.260717][ T5833] Bluetooth: hci1: command 0x0419 tx timeout [ 617.344807][ T5840] Bluetooth: hci2: command 0x0419 tx timeout [ 617.353895][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 617.560018][T13752] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 617.601569][T13752] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 617.631279][T13752] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 617.683196][T13752] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 618.932364][ T5840] Bluetooth: hci0: command 0x0419 tx timeout [ 619.648456][ T5833] Bluetooth: hci1: command 0x0419 tx timeout [ 619.654924][ T5840] Bluetooth: hci2: command 0x0419 tx timeout [ 619.728112][ T5840] Bluetooth: hci3: command 0x0419 tx timeout [ 619.846358][T13799] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 619.878908][T13799] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 619.909876][T13799] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 619.935801][T13799] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 620.146429][ T30] audit: type=1800 audit(1764995909.471:10): pid=13824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1912" name="dbroot" dev="configfs" ino=53331 res=0 errno=0 [ 621.080803][ T5840] Bluetooth: hci0: command 0x0419 tx timeout [ 621.642597][T13843] FAULT_INJECTION: forcing a failure. [ 621.642597][T13843] name failslab, interval 1, probability 0, space 0, times 0 [ 621.718978][T13843] CPU: 0 UID: 0 PID: 13843 Comm: syz.0.1906 Tainted: G L syzkaller #0 PREEMPT(full) [ 621.719005][T13843] Tainted: [L]=SOFTLOCKUP [ 621.719010][T13843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 621.719018][T13843] Call Trace: [ 621.719023][T13843] [ 621.719029][T13843] dump_stack_lvl+0x16c/0x1f0 [ 621.719049][T13843] should_fail_ex+0x512/0x640 [ 621.719065][T13843] ? kmem_cache_alloc_lru_noprof+0x66/0x760 [ 621.719088][T13843] should_failslab+0xc2/0x120 [ 621.719105][T13843] kmem_cache_alloc_lru_noprof+0x79/0x760 [ 621.719125][T13843] ? __d_lookup+0x25c/0x4a0 [ 621.719145][T13843] ? __d_alloc+0x35/0xa80 [ 621.719164][T13843] ? __d_alloc+0x35/0xa80 [ 621.719179][T13843] __d_alloc+0x35/0xa80 [ 621.719198][T13843] d_alloc+0x4a/0x1e0 [ 621.719215][T13843] lookup_one_qstr_excl+0x175/0x250 [ 621.719237][T13843] start_dirop+0x59/0xb0 [ 621.719252][T13843] simple_start_creating+0xf4/0x100 [ 621.719268][T13843] ? __pfx_simple_start_creating+0x10/0x10 [ 621.719281][T13843] ? do_raw_spin_unlock+0x172/0x230 [ 621.719302][T13843] ? simple_pin_fs+0xa3/0x190 [ 621.719316][T13843] debugfs_start_creating.part.0+0x82/0x190 [ 621.719333][T13843] __debugfs_create_file+0xa7/0x6b0 [ 621.719351][T13843] debugfs_create_file_full+0x41/0x60 [ 621.719369][T13843] ref_tracker_dir_debugfs+0x19d/0x290 [ 621.719386][T13843] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 621.719420][T13843] ? lockdep_init_map_type+0x5c/0x270 [ 621.719441][T13843] preinit_net.part.0+0x24e/0x8f0 [ 621.719462][T13843] copy_net_ns+0x405/0x5d0 [ 621.719484][T13843] create_new_namespaces+0x3ea/0xab0 [ 621.719509][T13843] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 621.719532][T13843] ksys_unshare+0x45b/0xa40 [ 621.719547][T13843] ? __pfx_ksys_unshare+0x10/0x10 [ 621.719562][T13843] ? ksys_write+0x1ac/0x250 [ 621.719582][T13843] __x64_sys_unshare+0x31/0x40 [ 621.719603][T13843] do_syscall_64+0xcd/0xf80 [ 621.719620][T13843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.719635][T13843] RIP: 0033:0x7f2f2f78f7c9 [ 621.719647][T13843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 621.719660][T13843] RSP: 002b:00007f2f30640038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 621.719674][T13843] RAX: ffffffffffffffda RBX: 00007f2f2f9e5fa0 RCX: 00007f2f2f78f7c9 [ 621.719683][T13843] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 621.719692][T13843] RBP: 00007f2f30640090 R08: 0000000000000000 R09: 0000000000000000 [ 621.719700][T13843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 621.719708][T13843] R13: 00007f2f2f9e6038 R14: 00007f2f2f9e5fa0 R15: 00007fff1252bec8 [ 621.719727][T13843] [ 622.060745][T13850] FAULT_INJECTION: forcing a failure. [ 622.060745][T13850] name failslab, interval 1, probability 0, space 0, times 0 [ 622.073604][T13850] CPU: 0 UID: 0 PID: 13850 Comm: syz.2.1908 Tainted: G L syzkaller #0 PREEMPT(full) [ 622.073630][T13850] Tainted: [L]=SOFTLOCKUP [ 622.073635][T13850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 622.073645][T13850] Call Trace: [ 622.073651][T13850] [ 622.073657][T13850] dump_stack_lvl+0x16c/0x1f0 [ 622.073677][T13850] should_fail_ex+0x512/0x640 [ 622.073694][T13850] ? __kmalloc_noprof+0xca/0x8f0 [ 622.073716][T13850] should_failslab+0xc2/0x120 [ 622.073733][T13850] __kmalloc_noprof+0xdd/0x8f0 [ 622.073752][T13850] ? __register_sysctl_table+0xb3/0x1900 [ 622.073771][T13850] ? __register_sysctl_table+0xb3/0x1900 [ 622.073786][T13850] __register_sysctl_table+0xb3/0x1900 [ 622.073801][T13850] ? is_module_address+0x5f/0xf0 [ 622.073824][T13850] ? __pfx___register_sysctl_table+0x10/0x10 [ 622.073838][T13850] ? is_module_address+0x69/0xf0 [ 622.073856][T13850] ? register_net_sysctl_sz+0x222/0x3d0 [ 622.073875][T13850] ? __asan_memcpy+0x3c/0x60 [ 622.073898][T13850] xfrm6_net_init+0xf0/0x1c0 [ 622.073919][T13850] ? __pfx_xfrm6_net_init+0x10/0x10 [ 622.073938][T13850] ops_init+0x1e2/0x5f0 [ 622.073959][T13850] setup_net+0x11d/0x3a0 [ 622.073978][T13850] ? __pfx_setup_net+0x10/0x10 [ 622.073995][T13850] ? lockdep_init_map_type+0x5c/0x270 [ 622.074013][T13850] ? mutex_init_lockep+0x110/0x150 [ 622.074033][T13850] copy_net_ns+0x351/0x5d0 [ 622.074056][T13850] create_new_namespaces+0x3ea/0xab0 [ 622.074081][T13850] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 622.074103][T13850] ksys_unshare+0x45b/0xa40 [ 622.074119][T13850] ? __pfx_ksys_unshare+0x10/0x10 [ 622.074134][T13850] ? xfd_validate_state+0x61/0x180 [ 622.074154][T13850] __x64_sys_unshare+0x31/0x40 [ 622.074168][T13850] do_syscall_64+0xcd/0xf80 [ 622.074186][T13850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 622.074200][T13850] RIP: 0033:0x7f4213d8f7c9 [ 622.074213][T13850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 622.074227][T13850] RSP: 002b:00007f4214b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 622.074241][T13850] RAX: ffffffffffffffda RBX: 00007f4213fe5fa0 RCX: 00007f4213d8f7c9 [ 622.074251][T13850] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 622.074259][T13850] RBP: 00007f4213e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 622.074268][T13850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 622.074276][T13850] R13: 00007f4213fe6038 R14: 00007f4213fe5fa0 R15: 00007ffcd449dff8 [ 622.074296][T13850] [ 622.330259][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 622.336546][ T5840] Bluetooth: hci1: command 0x0419 tx timeout [ 622.392422][T13855] usbcore.quirks: string doesn't fit in 127 chars. [ 622.422877][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 622.744397][T13871] FAULT_INJECTION: forcing a failure. [ 622.744397][T13871] name failslab, interval 1, probability 0, space 0, times 0 [ 622.888524][T13871] CPU: 0 UID: 0 PID: 13871 Comm: syz.2.1911 Tainted: G L syzkaller #0 PREEMPT(full) [ 622.888549][T13871] Tainted: [L]=SOFTLOCKUP [ 622.888554][T13871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 622.888563][T13871] Call Trace: [ 622.888568][T13871] [ 622.888574][T13871] dump_stack_lvl+0x16c/0x1f0 [ 622.888594][T13871] should_fail_ex+0x512/0x640 [ 622.888610][T13871] ? kmem_cache_alloc_noprof+0x62/0x760 [ 622.888633][T13871] should_failslab+0xc2/0x120 [ 622.888650][T13871] kmem_cache_alloc_noprof+0x75/0x760 [ 622.888668][T13871] ? __pfx_acct_collect+0x10/0x10 [ 622.888681][T13871] ? taskstats_exit+0x654/0xbe0 [ 622.888698][T13871] ? taskstats_exit+0x654/0xbe0 [ 622.888710][T13871] taskstats_exit+0x654/0xbe0 [ 622.888725][T13871] ? __pfx_taskstats_exit+0x10/0x10 [ 622.888740][T13871] ? exit_signals+0x388/0xb00 [ 622.888763][T13871] do_exit+0x5e4/0x2bd0 [ 622.888782][T13871] ? __pfx_do_exit+0x10/0x10 [ 622.888797][T13871] ? do_raw_spin_lock+0x12c/0x2b0 [ 622.888815][T13871] ? find_held_lock+0x2b/0x80 [ 622.888839][T13871] do_group_exit+0xd3/0x2a0 [ 622.888856][T13871] get_signal+0x2671/0x26d0 [ 622.888883][T13871] ? __pfx_get_signal+0x10/0x10 [ 622.888905][T13871] ? do_futex+0x122/0x350 [ 622.888925][T13871] arch_do_signal_or_restart+0x8f/0x7a0 [ 622.888946][T13871] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 622.888971][T13871] ? __pfx___x64_sys_futex+0x10/0x10 [ 622.888993][T13871] exit_to_user_mode_loop+0x8c/0x540 [ 622.889016][T13871] do_syscall_64+0x4ee/0xf80 [ 622.889033][T13871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 622.889047][T13871] RIP: 0033:0x7f4213d8f7c9 [ 622.889060][T13871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 622.889074][T13871] RSP: 002b:00007f4214b660e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 622.889089][T13871] RAX: fffffffffffffe00 RBX: 00007f4213fe5fa8 RCX: 00007f4213d8f7c9 [ 622.889098][T13871] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4213fe5fa8 [ 622.889107][T13871] RBP: 00007f4213fe5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 622.889115][T13871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 622.889123][T13871] R13: 00007f4213fe6038 R14: 00007ffcd449df10 R15: 00007ffcd449dff8 [ 622.889142][T13871] [ 623.539804][T13886] bond0: invalid ARP target specified [ 624.155482][T13899] FAULT_INJECTION: forcing a failure. [ 624.155482][T13899] name fail_futex, interval 1, probability 0, space 0, times 0 [ 624.264953][T13899] CPU: 0 UID: 0 PID: 13899 Comm: syz.3.1917 Tainted: G L syzkaller #0 PREEMPT(full) [ 624.264980][T13899] Tainted: [L]=SOFTLOCKUP [ 624.264986][T13899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 624.264995][T13899] Call Trace: [ 624.265001][T13899] [ 624.265008][T13899] dump_stack_lvl+0x16c/0x1f0 [ 624.265028][T13899] should_fail_ex+0x512/0x640 [ 624.265048][T13899] get_futex_key+0x1d0/0x15f0 [ 624.265069][T13899] ? lock_acquire+0x179/0x330 [ 624.265085][T13899] ? __pfx_get_futex_key+0x10/0x10 [ 624.265101][T13899] ? find_held_lock+0x2b/0x80 [ 624.265123][T13899] ? trace_ignore_this_task+0xbc/0x100 [ 624.265144][T13899] futex_wait_setup+0x9d/0x570 [ 624.265162][T13899] __futex_wait+0x193/0x2f0 [ 624.265176][T13899] ? __pfx___futex_wait+0x10/0x10 [ 624.265188][T13899] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 624.265201][T13899] ? lockdep_hardirqs_on+0x7c/0x110 [ 624.265218][T13899] ? __pfx_futex_wake_mark+0x10/0x10 [ 624.265243][T13899] ? find_held_lock+0x2b/0x80 [ 624.265266][T13899] ? futex_private_hash_put+0x160/0x1b0 [ 624.265285][T13899] futex_wait+0xe8/0x380 [ 624.265297][T13899] ? __pfx_futex_wait+0x10/0x10 [ 624.265314][T13899] ? __might_fault+0xe3/0x190 [ 624.265333][T13899] ? __might_fault+0x13b/0x190 [ 624.265363][T13899] do_futex+0x229/0x350 [ 624.265382][T13899] ? __pfx_do_futex+0x10/0x10 [ 624.265401][T13899] ? fput+0x70/0xf0 [ 624.265420][T13899] ? __sys_connect+0xe0/0x160 [ 624.265439][T13899] __x64_sys_futex+0x1e0/0x4c0 [ 624.265460][T13899] ? __pfx___x64_sys_futex+0x10/0x10 [ 624.265479][T13899] ? xfd_validate_state+0x61/0x180 [ 624.265492][T13899] ? __pfx_ksys_write+0x10/0x10 [ 624.265512][T13899] do_syscall_64+0xcd/0xf80 [ 624.265528][T13899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.265542][T13899] RIP: 0033:0x7f3f67f8f7c9 [ 624.265555][T13899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 624.265569][T13899] RSP: 002b:00007f3f68e930e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 624.265583][T13899] RAX: ffffffffffffffda RBX: 00007f3f681e5fa8 RCX: 00007f3f67f8f7c9 [ 624.265593][T13899] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3f681e5fa8 [ 624.265602][T13899] RBP: 00007f3f681e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 624.265610][T13899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 624.265619][T13899] R13: 00007f3f681e6038 R14: 00007ffd4f3a9c80 R15: 00007ffd4f3a9d68 [ 624.265638][T13899] [ 625.388387][ T30] audit: type=1800 audit(1764995914.668:11): pid=13920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1920" name="dbroot" dev="configfs" ino=53787 res=0 errno=0 [ 626.662727][T13947] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 626.688775][T13947] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 626.728599][T13947] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 626.764584][T13947] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 628.329038][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 628.335414][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 628.721432][ T5842] Bluetooth: hci0: command 0x0419 tx timeout [ 628.727497][ T5840] Bluetooth: hci1: command 0x0419 tx timeout [ 628.733710][ T5833] Bluetooth: hci2: command 0x0419 tx timeout [ 628.800690][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 629.024198][T13990] usbcore.quirks: string doesn't fit in 127 chars. [ 632.084390][T14036] [U]  [ 632.087198][T14036] [U] [ 632.089889][T14036] [U] [ 632.092561][T14036] [U] [ 632.151567][T14036] [U] [ 632.154285][T14036] [U] [ 632.156960][T14036] [U] [ 632.159643][T14036] [U] [ 632.223210][T14036] [U] [ 632.225931][T14036] [U] [ 632.228609][T14036] [U] [ 632.231284][T14036] [U] [ 632.262685][ T5833] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 632.262713][ T5833] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 632.278491][ T5833] Bluetooth: hci1: Dropping invalid advertising data [ 632.286797][ T5833] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 632.286820][ T5833] Bluetooth: hci1: unknown advertising packet type: 0xbd [ 632.293936][ T5833] Bluetooth: hci1: Dropping invalid advertising data [ 632.313763][ T5833] Bluetooth: hci1: Malformed LE Event: 0x02 [ 632.405435][T14036] [U] [ 634.458397][T14082] FAULT_INJECTION: forcing a failure. [ 634.458397][T14082] name failslab, interval 1, probability 0, space 0, times 0 [ 634.527273][T14082] CPU: 0 UID: 0 PID: 14082 Comm: syz.2.1946 Tainted: G L syzkaller #0 PREEMPT(full) [ 634.527300][T14082] Tainted: [L]=SOFTLOCKUP [ 634.527306][T14082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 634.527315][T14082] Call Trace: [ 634.527320][T14082] [ 634.527327][T14082] dump_stack_lvl+0x16c/0x1f0 [ 634.527348][T14082] should_fail_ex+0x512/0x640 [ 634.527365][T14082] ? __kmalloc_cache_noprof+0x5f/0x800 [ 634.527388][T14082] should_failslab+0xc2/0x120 [ 634.527417][T14082] __kmalloc_cache_noprof+0x72/0x800 [ 634.527438][T14082] ? find_held_lock+0x2b/0x80 [ 634.527459][T14082] ? yama_ptracer_add+0x48/0x590 [ 634.527480][T14082] ? yama_ptracer_add+0x48/0x590 [ 634.527498][T14082] yama_ptracer_add+0x48/0x590 [ 634.527518][T14082] yama_task_prctl+0xf4/0x1d0 [ 634.527537][T14082] security_task_prctl+0xc2/0x160 [ 634.527560][T14082] __do_sys_prctl+0xaa/0x2220 [ 634.527580][T14082] ? __pfx___do_sys_prctl+0x10/0x10 [ 634.527609][T14082] do_syscall_64+0xcd/0xf80 [ 634.527626][T14082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 634.527642][T14082] RIP: 0033:0x7f4213d8f7c9 [ 634.527655][T14082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 634.527669][T14082] RSP: 002b:00007f4214b66038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 634.527683][T14082] RAX: ffffffffffffffda RBX: 00007f4213fe5fa0 RCX: 00007f4213d8f7c9 [ 634.527693][T14082] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000059616d61 [ 634.527701][T14082] RBP: 00007f4213e13f91 R08: 0000000007000000 R09: 0000000000000000 [ 634.527710][T14082] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 634.527719][T14082] R13: 00007f4213fe6038 R14: 00007f4213fe5fa0 R15: 00007ffcd449dff8 [ 634.527737][T14082] [ 635.209246][ T5833] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 635.276011][T14092] netlink: zone id is out of range [ 635.295585][T14092] netlink: del zone limit has 4 unknown bytes [ 635.730804][T14099] FAULT_INJECTION: forcing a failure. [ 635.730804][T14099] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 635.805982][T14099] CPU: 0 UID: 0 PID: 14099 Comm: syz.0.1951 Tainted: G L syzkaller #0 PREEMPT(full) [ 635.806007][T14099] Tainted: [L]=SOFTLOCKUP [ 635.806013][T14099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 635.806022][T14099] Call Trace: [ 635.806027][T14099] [ 635.806033][T14099] dump_stack_lvl+0x16c/0x1f0 [ 635.806053][T14099] should_fail_ex+0x512/0x640 [ 635.806073][T14099] _copy_to_iter+0x29f/0x1710 [ 635.806090][T14099] ? __pfx___skb_try_recv_datagram+0x10/0x10 [ 635.806107][T14099] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 635.806125][T14099] ? __pfx__copy_to_iter+0x10/0x10 [ 635.806141][T14099] ? __skb_recv_datagram+0x1b2/0x220 [ 635.806161][T14099] simple_copy_to_iter+0x46/0x90 [ 635.806175][T14099] __skb_datagram_iter+0x129/0x900 [ 635.806189][T14099] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 635.806204][T14099] ? skb_recv_datagram+0x88/0xc0 [ 635.806222][T14099] skb_copy_datagram_iter+0xa6/0x220 [ 635.806238][T14099] netlink_recvmsg+0x27e/0xa90 [ 635.806260][T14099] ? __pfx_netlink_recvmsg+0x10/0x10 [ 635.806280][T14099] ? __fget_files+0x204/0x3c0 [ 635.806297][T14099] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 635.806322][T14099] sock_recvmsg+0x1f9/0x250 [ 635.806345][T14099] __sys_recvfrom+0x203/0x310 [ 635.806362][T14099] ? __pfx___sys_recvfrom+0x10/0x10 [ 635.806384][T14099] ? find_held_lock+0x2b/0x80 [ 635.806412][T14099] ? exc_page_fault+0x64/0xc0 [ 635.806431][T14099] __x64_sys_recvfrom+0xe0/0x1c0 [ 635.806446][T14099] ? do_syscall_64+0x91/0xf80 [ 635.806460][T14099] ? lockdep_hardirqs_on+0x7c/0x110 [ 635.806481][T14099] do_syscall_64+0xcd/0xf80 [ 635.806496][T14099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.806511][T14099] RIP: 0033:0x7f2f2f791594 [ 635.806524][T14099] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04 [ 635.806537][T14099] RSP: 002b:00007f2f3061ded0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 635.806551][T14099] RAX: ffffffffffffffda RBX: 00007f2f3061dfc0 RCX: 00007f2f2f791594 [ 635.806561][T14099] RDX: 0000000000001000 RSI: 00007f2f3061e010 RDI: 0000000000000003 [ 635.806570][T14099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 635.806578][T14099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 635.806587][T14099] R13: 00007f2f3061df68 R14: 00007f2f3061e010 R15: 0000000000000000 [ 635.806605][T14099] [ 636.107434][T14102] [U]  [ 636.110230][T14102] [U] [ 636.112905][T14102] [U] [ 636.115571][T14102] [U] [ 636.118511][T14102] [U] [ 636.121188][T14102] [U] [ 636.123857][T14102] [U] [ 636.126524][T14102] [U] [ 636.129521][T14102] [U] [ 636.132198][T14102] [U] [ 636.134868][T14102] [U] [ 636.137535][T14102] [U] [ 636.140378][T14102] [U] [ 636.143052][T14102] [U] [ 636.145732][T14102] [U] [ 636.148427][T14102] [U] [ 636.151421][T14102] [U] [ 636.154110][T14102] [U] [ 636.156781][T14102] [U] [ 636.159453][T14102] [U] [ 636.163442][T14102] [U] [ 636.166134][T14102] [U] [ 636.168807][T14102] [U] [ 636.171477][T14102] [U] [ 636.174565][T14102] [U] [ 636.177244][T14102] [U] [ 636.179951][T14102] [U] [ 636.182645][T14102] [U] [ 636.185585][T14102] [U] [ 636.188271][T14102] [U] [ 636.190947][T14102] [U] [ 636.193626][T14102] [U] [ 636.197274][T14102] [U] [ 636.200054][T14102] [U] [ 636.202733][T14102] [U] [ 636.205405][T14102] [U] [ 636.209125][T14102] [U] [ 636.211816][T14102] [U] [ 636.214499][T14102] [U] [ 636.217171][T14102] [U] [ 636.220262][T14102] [U] [ 636.222944][T14102] [U] [ 636.225621][T14102] [U] [ 636.228291][T14102] [U] [ 636.231195][T14102] [U] [ 636.233870][T14102] [U] [ 636.236548][T14102] [U] [ 636.239216][T14102] [U] [ 636.242349][T14102] [U] [ 636.245029][T14102] [U] [ 636.247701][T14102] [U] [ 636.250371][T14102] [U] [ 636.253264][T14102] [U] [ 636.255936][T14102] [U] [ 636.258604][T14102] [U] [ 636.261274][T14102] [U] [ 636.264244][T14102] [U] [ 636.266918][T14102] [U] [ 636.269586][T14102] [U] [ 636.272254][T14102] [U] [ 636.275145][T14102] [U] [ 636.277820][T14102] [U] [ 636.280491][T14102] [U] [ 636.283161][T14102] [U] [ 636.286181][T14102] [U] [ 636.288856][T14102] [U] [ 636.291525][T14102] [U] [ 636.294195][T14102] [U] [ 636.297082][T14102] [U] [ 636.299766][T14102] [U] [ 636.302435][T14102] [U] [ 636.305116][T14102] [U] [ 636.351722][T14102] [U] [ 636.354431][T14102] [U] [ 636.357106][T14102] [U] [ 636.359785][T14102] [U] [ 636.411452][T14102] [U] [ 636.414166][T14102] [U] [ 636.416840][T14102] [U] [ 636.419509][T14102] [U] [ 636.511575][T14102] [U] [ 636.514301][T14102] [U] [ 636.516976][T14102] [U] [ 636.519647][T14102] [U] [ 636.570338][T14102] [U] [ 636.573050][T14102] [U] [ 636.575722][T14102] [U] [ 636.578391][T14102] [U] [ 636.651769][T14102] [U] [ 636.654507][T14102] [U] [ 636.657180][T14102] [U] [ 636.659850][T14102] [U] [ 636.709842][T14102] [U] [ 636.712550][T14102] [U] [ 636.715220][T14102] [U] [ 636.717892][T14102] [U] [ 636.752349][T14102] [U] [ 637.030906][T14116] FAULT_INJECTION: forcing a failure. [ 637.030906][T14116] name fail_futex, interval 1, probability 0, space 0, times 0 [ 637.137484][T14116] CPU: 0 UID: 0 PID: 14116 Comm: syz.1.1955 Tainted: G L syzkaller #0 PREEMPT(full) [ 637.137509][T14116] Tainted: [L]=SOFTLOCKUP [ 637.137515][T14116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 637.137525][T14116] Call Trace: [ 637.137530][T14116] [ 637.137537][T14116] dump_stack_lvl+0x16c/0x1f0 [ 637.137558][T14116] should_fail_ex+0x512/0x640 [ 637.137579][T14116] get_futex_key+0x1d0/0x15f0 [ 637.137601][T14116] ? __pfx_get_futex_key+0x10/0x10 [ 637.137626][T14116] futex_wake+0xea/0x530 [ 637.137646][T14116] ? futex_wait+0x120/0x380 [ 637.137659][T14116] ? __pfx_futex_wait+0x10/0x10 [ 637.137672][T14116] ? __pfx_futex_wake+0x10/0x10 [ 637.137696][T14116] ? __lock_acquire+0x433/0x22f0 [ 637.137717][T14116] do_futex+0x1e3/0x350 [ 637.137735][T14116] ? __pfx_do_futex+0x10/0x10 [ 637.137755][T14116] ? __pfx_sched_core_share_pid+0x10/0x10 [ 637.137772][T14116] __x64_sys_futex+0x1e0/0x4c0 [ 637.137801][T14116] ? __pfx___x64_sys_futex+0x10/0x10 [ 637.137821][T14116] ? __pfx___do_sys_prctl+0x10/0x10 [ 637.137846][T14116] do_syscall_64+0xcd/0xf80 [ 637.137864][T14116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.137879][T14116] RIP: 0033:0x7f92c4d8f7c9 [ 637.137892][T14116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.137905][T14116] RSP: 002b:00007f92c5cb90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 637.137920][T14116] RAX: ffffffffffffffda RBX: 00007f92c4fe5fa8 RCX: 00007f92c4d8f7c9 [ 637.137930][T14116] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f92c4fe5fac [ 637.137939][T14116] RBP: 00007f92c4fe5fa0 R08: 00007f92c5cba000 R09: 0000000000000000 [ 637.137948][T14116] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 637.137957][T14116] R13: 00007f92c4fe6038 R14: 00007ffc07a18e90 R15: 00007ffc07a18f78 [ 637.137975][T14116] [ 637.347165][T14119] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 637.612541][T14121] mmap: syz.2.1954 (14121) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 637.666359][T14121] netlink: 'syz.2.1954': attribute type 1 has an invalid length. [ 637.674155][T14121] netlink: 190 bytes leftover after parsing attributes in process `syz.2.1954'. [ 637.710523][T14127] netlink: 'syz.2.1954': attribute type 1 has an invalid length. [ 637.720241][ T5833] Bluetooth: hci2: command 0x0419 tx timeout [ 637.740497][T14127] netlink: 54 bytes leftover after parsing attributes in process `syz.2.1954'. [ 637.760935][T14117] ima: policy update failed [ 637.787069][T14117] Process accounting resumed [ 637.792174][ T30] audit: type=1802 audit(1764995927.182:12): pid=14117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1954" res=0 errno=0 [ 639.353830][T14143] FAULT_INJECTION: forcing a failure. [ 639.353830][T14143] name fail_futex, interval 1, probability 0, space 0, times 0 [ 639.432083][T14143] CPU: 0 UID: 0 PID: 14143 Comm: syz.0.1962 Tainted: G L syzkaller #0 PREEMPT(full) [ 639.432110][T14143] Tainted: [L]=SOFTLOCKUP [ 639.432116][T14143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 639.432125][T14143] Call Trace: [ 639.432131][T14143] [ 639.432138][T14143] dump_stack_lvl+0x16c/0x1f0 [ 639.432158][T14143] should_fail_ex+0x512/0x640 [ 639.432178][T14143] get_futex_key+0x1d0/0x15f0 [ 639.432200][T14143] ? __pfx_get_futex_key+0x10/0x10 [ 639.432233][T14143] futex_wake+0xea/0x530 [ 639.432255][T14143] ? futex_wait+0x120/0x380 [ 639.432270][T14143] ? __pfx_futex_wake+0x10/0x10 [ 639.432300][T14143] do_futex+0x1e3/0x350 [ 639.432320][T14143] ? __pfx_do_futex+0x10/0x10 [ 639.432343][T14143] __x64_sys_futex+0x1e0/0x4c0 [ 639.432363][T14143] ? fdget_pos+0x2b8/0x370 [ 639.432380][T14143] ? __pfx___x64_sys_futex+0x10/0x10 [ 639.432399][T14143] ? __pfx_do_writev+0x10/0x10 [ 639.432419][T14143] do_syscall_64+0xcd/0xf80 [ 639.432435][T14143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.432449][T14143] RIP: 0033:0x7f2f2f78f7c9 [ 639.432461][T14143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.432475][T14143] RSP: 002b:00007f2f306400e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 639.432489][T14143] RAX: ffffffffffffffda RBX: 00007f2f2f9e5fa8 RCX: 00007f2f2f78f7c9 [ 639.432499][T14143] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2f2f9e5fac [ 639.432507][T14143] RBP: 00007f2f2f9e5fa0 R08: 00007f2f30641000 R09: 0000000000000000 [ 639.432516][T14143] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 639.432525][T14143] R13: 00007f2f2f9e6038 R14: 00007fff1252bde0 R15: 00007fff1252bec8 [ 639.432544][T14143] [ 639.843441][ T5840] Bluetooth: hci2: command 0x0419 tx timeout [ 640.341047][T14149] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 640.372705][T14149] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 640.400539][T14168] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1967'. [ 640.425127][T14149] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 640.444908][T14149] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 640.935145][T14184] FAULT_INJECTION: forcing a failure. [ 640.935145][T14184] name failslab, interval 1, probability 0, space 0, times 0 [ 640.978933][T14184] CPU: 0 UID: 0 PID: 14184 Comm: syz.0.1973 Tainted: G L syzkaller #0 PREEMPT(full) [ 640.978961][T14184] Tainted: [L]=SOFTLOCKUP [ 640.978967][T14184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 640.978975][T14184] Call Trace: [ 640.978981][T14184] [ 640.978988][T14184] dump_stack_lvl+0x16c/0x1f0 [ 640.979009][T14184] should_fail_ex+0x512/0x640 [ 640.979026][T14184] ? __kmalloc_noprof+0xca/0x8f0 [ 640.979047][T14184] should_failslab+0xc2/0x120 [ 640.979071][T14184] __kmalloc_noprof+0xdd/0x8f0 [ 640.979091][T14184] ? lsm_blob_alloc+0x68/0x90 [ 640.979114][T14184] ? lsm_blob_alloc+0x68/0x90 [ 640.979133][T14184] lsm_blob_alloc+0x68/0x90 [ 640.979154][T14184] security_prepare_creds+0x2f/0x270 [ 640.979174][T14184] prepare_creds+0x501/0x740 [ 640.979195][T14184] __sys_setresgid+0x4af/0x1150 [ 640.979219][T14184] do_syscall_64+0xcd/0xf80 [ 640.979236][T14184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.979251][T14184] RIP: 0033:0x7f2f2f78f7c9 [ 640.979264][T14184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 640.979278][T14184] RSP: 002b:00007f2f30640038 EFLAGS: 00000246 ORIG_RAX: 0000000000000077 [ 640.979292][T14184] RAX: ffffffffffffffda RBX: 00007f2f2f9e5fa0 RCX: 00007f2f2f78f7c9 [ 640.979302][T14184] RDX: 0000000000000008 RSI: 00000000800000a0 RDI: 0000000000000081 [ 640.979311][T14184] RBP: 00007f2f2f813f91 R08: 0000000000000000 R09: 0000000000000000 [ 640.979319][T14184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 640.979328][T14184] R13: 00007f2f2f9e6038 R14: 00007f2f2f9e5fa0 R15: 00007fff1252bec8 [ 640.979346][T14184] [ 641.414380][T14186] FAULT_INJECTION: forcing a failure. [ 641.414380][T14186] name fail_futex, interval 1, probability 0, space 0, times 0 [ 641.474507][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 641.481045][T14186] CPU: 0 UID: 0 PID: 14186 Comm: syz.2.1975 Tainted: G L syzkaller #0 PREEMPT(full) [ 641.481070][T14186] Tainted: [L]=SOFTLOCKUP [ 641.481075][T14186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 641.481086][T14186] Call Trace: [ 641.481091][T14186] [ 641.481098][T14186] dump_stack_lvl+0x16c/0x1f0 [ 641.481119][T14186] should_fail_ex+0x512/0x640 [ 641.481139][T14186] get_futex_key+0x1d0/0x15f0 [ 641.481160][T14186] ? kasan_save_stack+0x42/0x60 [ 641.481174][T14186] ? kasan_save_stack+0x33/0x60 [ 641.481188][T14186] ? __pfx_get_futex_key+0x10/0x10 [ 641.481204][T14186] ? __do_sys_keyctl+0x25c/0x590 [ 641.481218][T14186] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 641.481239][T14186] futex_wake+0xea/0x530 [ 641.481262][T14186] ? __pfx_futex_wake+0x10/0x10 [ 641.481291][T14186] do_futex+0x1e3/0x350 [ 641.481309][T14186] ? __pfx_do_futex+0x10/0x10 [ 641.481328][T14186] ? kick_process+0xf6/0x1b0 [ 641.481350][T14186] __x64_sys_futex+0x1e0/0x4c0 [ 641.481371][T14186] ? __pfx___x64_sys_futex+0x10/0x10 [ 641.481391][T14186] ? keyctl_session_to_parent+0x39a/0xaf0 [ 641.481411][T14186] do_syscall_64+0xcd/0xf80 [ 641.481433][T14186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 641.481447][T14186] RIP: 0033:0x7f4213d8f7c9 [ 641.481461][T14186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 641.481476][T14186] RSP: 002b:00007f4214b660e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 641.481495][T14186] RAX: ffffffffffffffda RBX: 00007f4213fe5fa8 RCX: 00007f4213d8f7c9 [ 641.481505][T14186] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4213fe5fac [ 641.481517][T14186] RBP: 00007f4213fe5fa0 R08: 00007f4214b67000 R09: 0000000000000000 [ 641.481527][T14186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 641.481535][T14186] R13: 00007f4213fe6038 R14: 00007ffcd449df10 R15: 00007ffcd449dff8 [ 641.481556][T14186] [ 642.299583][T14193] kexec: Could not allocate control_code_buffer [ 642.412912][ T5833] Bluetooth: hci1: command 0x0419 tx timeout [ 642.489976][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 642.496075][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 644.445342][T14241] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 645.087757][T14248] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 645.748811][ T5833] Bluetooth: hci3: unexpected event 0x20 length: 123 > 7 [ 645.750247][T14263] random: crng reseeded on system resumption [ 647.726555][T14314] FAULT_INJECTION: forcing a failure. [ 647.726555][T14314] name failslab, interval 1, probability 0, space 0, times 0 [ 647.766604][T14314] CPU: 1 UID: 0 PID: 14314 Comm: syz.1.2003 Tainted: G L syzkaller #0 PREEMPT(full) [ 647.766631][T14314] Tainted: [L]=SOFTLOCKUP [ 647.766637][T14314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 647.766646][T14314] Call Trace: [ 647.766652][T14314] [ 647.766658][T14314] dump_stack_lvl+0x16c/0x1f0 [ 647.766679][T14314] should_fail_ex+0x512/0x640 [ 647.766698][T14314] ? __kmalloc_noprof+0xca/0x8f0 [ 647.766719][T14314] should_failslab+0xc2/0x120 [ 647.766737][T14314] __kmalloc_noprof+0xdd/0x8f0 [ 647.766756][T14314] ? lsm_blob_alloc+0x68/0x90 [ 647.766779][T14314] ? lsm_blob_alloc+0x68/0x90 [ 647.766797][T14314] lsm_blob_alloc+0x68/0x90 [ 647.766817][T14314] security_prepare_creds+0x2f/0x270 [ 647.766837][T14314] prepare_creds+0x501/0x740 [ 647.766858][T14314] cap_task_prctl+0x559/0xa80 [ 647.766873][T14314] security_task_prctl+0xc2/0x160 [ 647.766896][T14314] __do_sys_prctl+0xaa/0x2220 [ 647.766915][T14314] ? __pfx___do_sys_prctl+0x10/0x10 [ 647.766938][T14314] do_syscall_64+0xcd/0xf80 [ 647.766955][T14314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.766970][T14314] RIP: 0033:0x7f92c4d8f7c9 [ 647.766982][T14314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 647.766996][T14314] RSP: 002b:00007f92c5cb9038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 647.767010][T14314] RAX: ffffffffffffffda RBX: 00007f92c4fe5fa0 RCX: 00007f92c4d8f7c9 [ 647.767019][T14314] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000018 [ 647.767028][T14314] RBP: 00007f92c4e13f91 R08: 0300000000000000 R09: 0000000000000000 [ 647.767036][T14314] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 647.767045][T14314] R13: 00007f92c4fe6038 R14: 00007f92c4fe5fa0 R15: 00007ffc07a18f78 [ 647.767064][T14314] [ 648.542028][T14326] Invalid ELF header magic: != ELF [ 650.232815][T14356] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2015'. [ 650.304753][T14358] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 651.323397][T14370] can: request_module (can-proto-5) failed. [ 651.851620][ T5833] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 651.851644][ T5833] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 651.866378][ T5833] Bluetooth: hci3: Dropping invalid advertising data [ 651.873096][ T5833] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 651.873119][ T5833] Bluetooth: hci3: unknown advertising packet type: 0xbd [ 651.880171][ T5833] Bluetooth: hci3: Dropping invalid advertising data [ 651.894410][ T5833] Bluetooth: hci3: Malformed LE Event: 0x02 [ 652.171843][T14375] FAULT_INJECTION: forcing a failure. [ 652.171843][T14375] name failslab, interval 1, probability 0, space 0, times 0 [ 652.227769][T14375] CPU: 0 UID: 0 PID: 14375 Comm: syz.3.2022 Tainted: G L syzkaller #0 PREEMPT(full) [ 652.227802][T14375] Tainted: [L]=SOFTLOCKUP [ 652.227808][T14375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 652.227818][T14375] Call Trace: [ 652.227823][T14375] [ 652.227830][T14375] dump_stack_lvl+0x16c/0x1f0 [ 652.227851][T14375] should_fail_ex+0x512/0x640 [ 652.227868][T14375] ? kmem_cache_alloc_noprof+0x62/0x760 [ 652.227892][T14375] should_failslab+0xc2/0x120 [ 652.227909][T14375] kmem_cache_alloc_noprof+0x75/0x760 [ 652.227929][T14375] ? cred_alloc_blank+0x1c/0xa0 [ 652.227952][T14375] ? cred_alloc_blank+0x1c/0xa0 [ 652.227970][T14375] cred_alloc_blank+0x1c/0xa0 [ 652.227989][T14375] keyctl_session_to_parent+0x55/0xaf0 [ 652.228008][T14375] __do_sys_keyctl+0x25c/0x590 [ 652.228024][T14375] do_syscall_64+0xcd/0xf80 [ 652.228040][T14375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.228054][T14375] RIP: 0033:0x7f3f67f8f7c9 [ 652.228067][T14375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 652.228081][T14375] RSP: 002b:00007f3f68e93038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 652.228096][T14375] RAX: ffffffffffffffda RBX: 00007f3f681e5fa0 RCX: 00007f3f67f8f7c9 [ 652.228105][T14375] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 652.228114][T14375] RBP: 00007f3f68013f91 R08: 0000000000000001 R09: 0000000000000000 [ 652.228123][T14375] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 652.228131][T14375] R13: 00007f3f681e6038 R14: 00007f3f681e5fa0 R15: 00007ffd4f3a9d68 [ 652.228150][T14375] [ 652.838741][T14403] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2027'. [ 658.324342][T14449] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 658.357241][T14449] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 658.378704][T14449] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 658.402258][T14449] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 658.473572][T14456] FAULT_INJECTION: forcing a failure. [ 658.473572][T14456] name failslab, interval 1, probability 0, space 0, times 0 [ 658.487705][T14456] CPU: 0 UID: 0 PID: 14456 Comm: syz.0.2039 Tainted: G L syzkaller #0 PREEMPT(full) [ 658.487752][T14456] Tainted: [L]=SOFTLOCKUP [ 658.487762][T14456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 658.487776][T14456] Call Trace: [ 658.487785][T14456] [ 658.487794][T14456] dump_stack_lvl+0x16c/0x1f0 [ 658.487826][T14456] should_fail_ex+0x512/0x640 [ 658.487853][T14456] ? fs_reclaim_acquire+0xae/0x150 [ 658.487884][T14456] should_failslab+0xc2/0x120 [ 658.487913][T14456] __kmalloc_noprof+0xdd/0x8f0 [ 658.487945][T14456] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 658.487985][T14456] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 658.488015][T14456] tomoyo_realpath_from_path+0xc2/0x6e0 [ 658.488051][T14456] ? tomoyo_profile+0x47/0x60 [ 658.488090][T14456] tomoyo_path_number_perm+0x245/0x580 [ 658.488116][T14456] ? tomoyo_path_number_perm+0x237/0x580 [ 658.488147][T14456] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 658.488176][T14456] ? find_held_lock+0x2b/0x80 [ 658.488245][T14456] ? find_held_lock+0x2b/0x80 [ 658.488279][T14456] ? hook_file_ioctl_common+0x144/0x410 [ 658.488315][T14456] ? __fget_files+0x20e/0x3c0 [ 658.488347][T14456] security_file_ioctl+0x9b/0x240 [ 658.488377][T14456] __x64_sys_ioctl+0xb7/0x210 [ 658.488416][T14456] do_syscall_64+0xcd/0xf80 [ 658.488445][T14456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 658.488471][T14456] RIP: 0033:0x7f2f2f78f7c9 [ 658.488491][T14456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 658.488515][T14456] RSP: 002b:00007f2f30640038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 658.488538][T14456] RAX: ffffffffffffffda RBX: 00007f2f2f9e5fa0 RCX: 00007f2f2f78f7c9 [ 658.488563][T14456] RDX: 0000000000000000 RSI: 000000000000127c RDI: 0000000000000003 [ 658.488578][T14456] RBP: 00007f2f30640090 R08: 0000000000000000 R09: 0000000000000000 [ 658.488594][T14456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 658.488609][T14456] R13: 00007f2f2f9e6038 R14: 00007f2f2f9e5fa0 R15: 00007fff1252bec8 [ 658.488644][T14456] [ 658.488661][T14456] ERROR: Out of memory at tomoyo_realpath_from_path. [ 659.309950][T12534] smpboot: CPU 1 is now offline [ 659.520947][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 659.548260][T14473] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 660.406894][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 660.406927][ T5840] Bluetooth: hci1: command 0x0419 tx timeout [ 660.419197][ T5842] Bluetooth: hci2: command 0x0419 tx timeout [ 660.816873][T14517] ACPI: Can not change Invalid GPE/Fixed Event status [ 660.908261][T14519] FAULT_INJECTION: forcing a failure. [ 660.908261][T14519] name failslab, interval 1, probability 0, space 0, times 0 [ 660.921090][T14519] CPU: 1 UID: 0 PID: 14519 Comm: syz.1.2050 Tainted: G L syzkaller #0 PREEMPT(full) [ 660.921131][T14519] Tainted: [L]=SOFTLOCKUP [ 660.921140][T14519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 660.921155][T14519] Call Trace: [ 660.921163][T14519] [ 660.921174][T14519] dump_stack_lvl+0x16c/0x1f0 [ 660.921205][T14519] should_fail_ex+0x512/0x640 [ 660.921234][T14519] ? __kmalloc_noprof+0xca/0x8f0 [ 660.921269][T14519] should_failslab+0xc2/0x120 [ 660.921298][T14519] __kmalloc_noprof+0xdd/0x8f0 [ 660.921331][T14519] ? kernfs_fop_write_iter+0x237/0x570 [ 660.921366][T14519] ? kernfs_fop_write_iter+0x237/0x570 [ 660.921393][T14519] kernfs_fop_write_iter+0x237/0x570 [ 660.921428][T14519] vfs_write+0x7d3/0x11d0 [ 660.921457][T14519] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 660.921489][T14519] ? __pfx_vfs_write+0x10/0x10 [ 660.921541][T14519] ksys_write+0x12a/0x250 [ 660.921566][T14519] ? __pfx_ksys_write+0x10/0x10 [ 660.921603][T14519] do_syscall_64+0xcd/0xf80 [ 660.921632][T14519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.921657][T14519] RIP: 0033:0x7f92c4d8f7c9 [ 660.921677][T14519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.921702][T14519] RSP: 002b:00007f92c5cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 660.921726][T14519] RAX: ffffffffffffffda RBX: 00007f92c4fe5fa0 RCX: 00007f92c4d8f7c9 [ 660.921743][T14519] RDX: 0000000000000006 RSI: 0000200000000140 RDI: 0000000000000003 [ 660.921759][T14519] RBP: 00007f92c5cb9090 R08: 0000000000000000 R09: 0000000000000000 [ 660.921774][T14519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 660.921789][T14519] R13: 00007f92c4fe6038 R14: 00007f92c4fe5fa0 R15: 00007ffc07a18f78 [ 660.921827][T14519] [ 661.527049][T14523] ACPI: Can not change Invalid GPE/Fixed Event status [ 662.584028][T14545] FAULT_INJECTION: forcing a failure. [ 662.584028][T14545] name failslab, interval 1, probability 0, space 0, times 0 [ 662.598000][T14545] CPU: 1 UID: 0 PID: 14545 Comm: syz.0.2059 Tainted: G L syzkaller #0 PREEMPT(full) [ 662.598043][T14545] Tainted: [L]=SOFTLOCKUP [ 662.598052][T14545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 662.598067][T14545] Call Trace: [ 662.598076][T14545] [ 662.598088][T14545] dump_stack_lvl+0x16c/0x1f0 [ 662.598125][T14545] should_fail_ex+0x512/0x640 [ 662.598155][T14545] ? __kmalloc_noprof+0xca/0x8f0 [ 662.598194][T14545] should_failslab+0xc2/0x120 [ 662.598225][T14545] __kmalloc_noprof+0xdd/0x8f0 [ 662.598261][T14545] ? __vb2_queue_alloc+0x23e/0x1280 [ 662.598295][T14545] ? __vb2_queue_alloc+0x23e/0x1280 [ 662.598320][T14545] __vb2_queue_alloc+0x23e/0x1280 [ 662.598349][T14545] ? trace_kmalloc+0x2b/0xb0 [ 662.598378][T14545] ? vb2_core_allocated_buffers_storage+0xc4/0x220 [ 662.598422][T14545] vb2_core_reqbufs+0xa90/0xfe0 [ 662.598458][T14545] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 662.598507][T14545] __vb2_init_fileio+0x3f1/0x1100 [ 662.598549][T14545] vb2_core_poll+0x486/0x700 [ 662.598581][T14545] vb2_poll+0x4b/0xe0 [ 662.598606][T14545] vb2_fop_poll+0x10f/0x2c0 [ 662.598635][T14545] ? __pfx_vb2_fop_poll+0x10/0x10 [ 662.598661][T14545] v4l2_poll+0x163/0x320 [ 662.598705][T14545] ? __pfx_v4l2_poll+0x10/0x10 [ 662.598740][T14545] do_select+0xd3d/0x17e0 [ 662.598797][T14545] ? __pfx_do_select+0x10/0x10 [ 662.598836][T14545] ? __pfx_pollwake+0x10/0x10 [ 662.598920][T14545] ? find_held_lock+0x2b/0x80 [ 662.598958][T14545] ? __might_fault+0xe3/0x190 [ 662.598993][T14545] ? __might_fault+0xe3/0x190 [ 662.599026][T14545] ? __might_fault+0x13b/0x190 [ 662.599070][T14545] ? core_sys_select+0x457/0xae0 [ 662.599092][T14545] core_sys_select+0x457/0xae0 [ 662.599127][T14545] ? __pfx_core_sys_select+0x10/0x10 [ 662.599162][T14545] ? futex_wait+0x120/0x380 [ 662.599216][T14545] ? __pfx_do_futex+0x10/0x10 [ 662.599259][T14545] kern_select+0x15d/0x1e0 [ 662.599286][T14545] ? __pfx_kern_select+0x10/0x10 [ 662.599317][T14545] ? xfd_validate_state+0x61/0x180 [ 662.599343][T14545] ? __pfx_ksys_write+0x10/0x10 [ 662.599376][T14545] __x64_sys_select+0xbd/0x160 [ 662.599403][T14545] ? do_syscall_64+0x91/0xf80 [ 662.599430][T14545] ? lockdep_hardirqs_on+0x7c/0x110 [ 662.599458][T14545] do_syscall_64+0xcd/0xf80 [ 662.599486][T14545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.599512][T14545] RIP: 0033:0x7f2f2f78f7c9 [ 662.599535][T14545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 662.599561][T14545] RSP: 002b:00007f2f30640038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 662.599588][T14545] RAX: ffffffffffffffda RBX: 00007f2f2f9e5fa0 RCX: 00007f2f2f78f7c9 [ 662.599606][T14545] RDX: 00002000000005c0 RSI: 0000000000000000 RDI: 0000000000000005 [ 662.599623][T14545] RBP: 00007f2f2f813f91 R08: 0000000000000000 R09: 0000000000000000 [ 662.599641][T14545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 662.599657][T14545] R13: 00007f2f2f9e6038 R14: 00007f2f2f9e5fa0 R15: 00007fff1252bec8 [ 662.599703][T14545] [ 662.604294][T14531] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 662.953321][T14531] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 662.962500][T14531] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 662.974031][T14531] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 663.317462][T14555] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 663.355384][T14555] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 663.486496][T14555] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 663.583118][T14555] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 663.742606][T14561] FAULT_INJECTION: forcing a failure. [ 663.742606][T14561] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 663.776816][T14568] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 663.822599][T14561] CPU: 0 UID: 0 PID: 14561 Comm: syz.2.2061 Tainted: G L syzkaller #0 PREEMPT(full) [ 663.822639][T14561] Tainted: [L]=SOFTLOCKUP [ 663.822648][T14561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 663.822662][T14561] Call Trace: [ 663.822671][T14561] [ 663.822681][T14561] dump_stack_lvl+0x16c/0x1f0 [ 663.822713][T14561] should_fail_ex+0x512/0x640 [ 663.822746][T14561] _copy_from_user+0x2e/0xd0 [ 663.822775][T14561] get_timespec64+0x8b/0x1b0 [ 663.822805][T14561] ? __pfx_get_timespec64+0x10/0x10 [ 663.822832][T14561] ? ktime_get+0x200/0x310 [ 663.822869][T14561] __x64_sys_futex+0x288/0x4c0 [ 663.822907][T14561] ? __pfx___x64_sys_futex+0x10/0x10 [ 663.822940][T14561] ? xfd_validate_state+0x61/0x180 [ 663.822977][T14561] do_syscall_64+0xcd/0xf80 [ 663.823006][T14561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 663.823032][T14561] RIP: 0033:0x7f4213d8f7c9 [ 663.823052][T14561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 663.823076][T14561] RSP: 002b:00007ffcd449e158 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 663.823100][T14561] RAX: ffffffffffffffda RBX: 00000000000a25f1 RCX: 00007f4213d8f7c9 [ 663.823117][T14561] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4213fe5fac [ 663.823132][T14561] RBP: 0000000000000032 R08: 00007f4214b67000 R09: 0000000fd449e44f [ 663.823148][T14561] R10: 00007ffcd449e250 R11: 0000000000000246 R12: 00007f4213fe5fac [ 663.823163][T14561] R13: 00007ffcd449e250 R14: 00000000000a2623 R15: 00007ffcd449e270 [ 663.823199][T14561] [ 665.330770][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 665.411199][ T5833] Bluetooth: hci1: command 0x0419 tx timeout [ 665.490330][ T5833] Bluetooth: hci2: command 0x0419 tx timeout [ 665.650194][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 665.975725][T14606] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 666.020112][T14606] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2068'. [ 666.071196][T14609] sd 0:0:1:0: PR command failed: 1026 [ 666.081827][T14609] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 666.111446][T14609] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 666.705854][T14614] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2072'. [ 666.775708][T14616] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2073'. [ 667.270052][T14626] [U]  [ 667.272904][T14626] [U] [ 667.275620][T14626] [U] [ 667.278337][T14626] [U] [ 667.304050][T14626] [U] [ 667.306813][T14626] [U] [ 667.309524][T14626] [U] [ 667.312277][T14626] [U] [ 667.360622][T14626] [U] [ 667.363365][T14626] [U] [ 667.366068][T14626] [U] [ 667.368771][T14626] [U] [ 667.411201][T14626] [U] [ 667.413946][T14626] [U] [ 667.416665][T14626] [U] [ 667.419378][T14626] [U] [ 667.480520][T14622] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2071'. [ 667.493047][T14626] [U] [ 667.495784][T14626] [U] [ 667.498492][T14626] [U] [ 667.501207][T14626] [U] [ 667.560720][T14626] [U] [ 667.563477][T14626] [U] [ 667.566199][T14626] [U] [ 667.568915][T14626] [U] [ 667.639573][T14626] [U] [ 667.642314][T14626] [U] [ 667.644994][T14626] [U] [ 667.647683][T14626] [U] [ 667.688213][T14626] [U] [ 667.690963][T14626] [U] [ 667.693676][T14626] [U] [ 667.696374][T14626] [U] [ 667.754740][T14626] [U] [ 667.757452][T14626] [U] [ 667.760158][T14626] [U] [ 667.762871][T14626] [U] [ 667.803231][T14626] [U] [ 667.805957][T14626] [U] [ 667.808635][T14626] [U] [ 667.811309][T14626] [U] [ 667.837119][T14626] [U] [ 667.839874][T14626] [U] [ 667.842592][T14626] [U] [ 667.845308][T14626] [U] [ 667.909965][T14626] [U] [ 667.912716][T14626] [U] [ 667.915428][T14626] [U] [ 667.918135][T14626] [U] [ 668.030764][T14626] [U] [ 668.033519][T14626] [U] [ 668.036233][T14626] [U] [ 668.038954][T14626] [U] [ 668.076545][T14633] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 668.087972][T14626] [U] [ 668.090683][T14626] [U] [ 668.093358][T14626] [U] [ 668.096032][T14626] [U] [ 668.119408][T14626] [U] [ 668.122157][T14626] [U] [ 668.124881][T14626] [U] [ 668.127591][T14626] [U] [ 668.186841][T14626] [U] [ 668.189589][T14626] [U] [ 668.192298][T14626] [U] [ 668.195007][T14626] [U] [ 668.206000][T14626] [U] [ 668.208746][T14626] [U] [ 668.211458][T14626] [U] [ 668.214165][T14626] [U] [ 668.257656][T14626] [U] [ 668.320057][T14626] Process accounting paused [ 668.797701][T14648] ======================================================= [ 668.797701][T14648] WARNING: The mand mount option has been deprecated and [ 668.797701][T14648] and is ignored by this kernel. Remove the mand [ 668.797701][T14648] option from the mount to silence this warning. [ 668.797701][T14648] ======================================================= [ 669.437677][T14641] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 669.489133][T14641] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 669.500685][T14641] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 669.510554][T14641] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 670.584399][ T5833] Bluetooth: hci0: command 0x0419 tx timeout [ 670.671053][T14676] [U]  [ 670.671099][T14676] [U] [ 670.671122][T14676] [U] [ 670.671146][T14676] [U] [ 670.671248][T14676] [U] [ 670.671272][T14676] [U] [ 670.671295][T14676] [U] [ 670.671318][T14676] [U] [ 670.671880][T14676] [U] [ 670.671906][T14676] [U] [ 670.671928][T14676] [U] [ 670.671952][T14676] [U] [ 670.672052][T14676] [U] [ 670.672075][T14676] [U] [ 670.672097][T14676] [U] [ 670.672120][T14676] [U] [ 670.672269][T14676] [U] [ 670.672293][T14676] [U] [ 670.672316][T14676] [U] [ 670.672339][T14676] [U] [ 670.672437][T14676] [U] [ 670.672460][T14676] [U] [ 670.672482][T14676] [U] [ 670.672505][T14676] [U] [ 670.672645][T14676] [U] [ 670.672670][T14676] [U] [ 670.672693][T14676] [U] [ 670.672717][T14676] [U] [ 670.673918][T14676] [U] [ 670.673960][T14676] [U] [ 670.674005][T14676] [U] [ 670.674043][T14676] [U] [ 670.682138][T14676] [U] [ 670.682185][T14676] [U] [ 670.682224][T14676] [U] [ 670.682262][T14676] [U] [ 670.682391][T14676] [U] [ 670.682416][T14676] [U] [ 670.682439][T14676] [U] [ 670.682462][T14676] [U] [ 670.682614][T14676] [U] [ 670.682639][T14676] [U] [ 670.682662][T14676] [U] [ 670.682686][T14676] [U] [ 670.682930][T14676] [U] [ 670.682966][T14676] [U] [ 670.682999][T14676] [U] [ 670.683033][T14676] [U] [ 670.683275][T14676] [U] [ 670.683317][T14676] [U] [ 670.683355][T14676] [U] [ 670.683394][T14676] [U] [ 670.683559][T14676] [U] [ 670.683597][T14676] [U] [ 670.683636][T14676] [U] [ 670.683675][T14676] [U] [ 670.683930][T14676] [U] [ 670.683974][T14676] [U] [ 670.684012][T14676] [U] [ 670.684052][T14676] [U] [ 670.684214][T14676] [U] [ 670.684254][T14676] [U] [ 670.684291][T14676] [U] [ 670.684329][T14676] [U] [ 670.684581][T14676] [U] [ 670.684619][T14676] [U] [ 670.684675][T14676] [U] [ 670.684716][T14676] [U] [ 670.684890][T14676] [U] [ 670.684926][T14676] [U] [ 670.684966][T14676] [U] [ 670.685005][T14676] [U] [ 670.685250][T14676] [U] [ 670.685292][T14676] [U] [ 670.685330][T14676] [U] [ 670.685367][T14676] [U] [ 670.685530][T14676] [U] [ 670.685568][T14676] [U] [ 670.685607][T14676] [U] [ 670.685646][T14676] [U] [ 670.685901][T14676] [U] [ 670.685943][T14676] [U] [ 670.685985][T14676] [U] [ 670.686023][T14676] [U] [ 670.686185][T14676] [U] [ 670.686225][T14676] [U] [ 670.686264][T14676] [U] [ 670.686302][T14676] [U] [ 670.686552][T14676] [U] [ 670.686592][T14676] [U] [ 670.686631][T14676] [U] [ 670.686669][T14676] [U] [ 670.686843][T14676] [U] [ 670.686885][T14676] [U] [ 670.686929][T14676] [U] [ 670.686970][T14676] [U] [ 670.687307][T14676] [U] [ 670.687346][T14676] [U] [ 670.687386][T14676] [U] [ 670.687425][T14676] [U] [ 670.687588][T14676] [U] [ 670.687627][T14676] [U] [ 670.687667][T14676] [U] [ 670.687705][T14676] [U] [ 670.687969][T14676] [U] [ 670.688010][T14676] [U] [ 670.688049][T14676] [U] [ 670.688088][T14676] [U] [ 670.688244][T14676] [U] [ 670.688283][T14676] [U] [ 670.688322][T14676] [U] [ 670.688361][T14676] [U] [ 670.688615][T14676] [U] [ 670.688654][T14676] [U] [ 670.688691][T14676] [U] [ 670.688730][T14676] [U] [ 670.688901][T14676] [U] [ 670.688941][T14676] [U] [ 670.688982][T14676] [U] [ 670.689021][T14676] [U] [ 670.689268][T14676] [U] [ 670.689309][T14676] [U] [ 670.689346][T14676] [U] [ 670.689384][T14676] [U] [ 670.689517][T14676] [U] [ 670.689556][T14676] [U] [ 670.689596][T14676] [U] [ 670.743713][T14679] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 670.804185][T14675] [U] [ 671.554439][ T5833] Bluetooth: hci3: command 0x0419 tx timeout [ 671.554479][ T5833] Bluetooth: hci2: command 0x0419 tx timeout [ 671.554499][ T5833] Bluetooth: hci1: command 0x0419 tx timeout [ 672.290172][ T22] numa_remove_cpu cpu 1 node 0: mask now 0 [ 672.290238][ T22] numa_remove_cpu cpu 1 node 1: mask now 0 [ 672.292293][ T10] smpboot: CPU 1 is now offline [ 672.484578][T14694] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 672.485465][ T0] numa_add_cpu cpu 1 node 0: mask now 0-1 [ 672.485493][ T0] numa_add_cpu cpu 1 node 1: mask now 0-1 [ 672.485615][T14636] ------------[ cut here ]------------ [ 672.486760][T14636] WARNING: kernel/sched/sched.h:1549 at update_rq_clock+0x34a/0xc70, CPU#0: syz.1.2078/14636 [ 672.486801][T14636] Modules linked in: [ 672.487321][T14636] CPU: 0 UID: 0 PID: 14636 Comm: syz.1.2078 Tainted: G L syzkaller #0 PREEMPT(full) [ 672.487357][T14636] Tainted: [L]=SOFTLOCKUP [ 672.487367][T14636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 672.487382][T14636] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 672.487407][T14636] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 98 6b dc 09 a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 672.487430][T14636] RSP: 0018:ffffc900045c6d18 EFLAGS: 00010046 [ 672.487450][T14636] RAX: 0000000000000000 RBX: ffff8880b853acc0 RCX: 0000000000000001 [ 672.487467][T14636] RDX: 0000000000000000 RSI: ffffffff8da94318 RDI: ffffffff8bf21680 [ 672.487484][T14636] RBP: 0000000000000001 R08: ffff8880b843b7c8 R09: fffffbfff210eafa [ 672.487500][T14636] R10: ffffffff908757d7 R11: 0000000000000001 R12: ffffffff90878854 [ 672.487516][T14636] R13: ffffffff8dd53260 R14: ffff88801d6f3d00 R15: ffff8880b853acc0 [ 672.487534][T14636] FS: 0000000000000000(0000) GS:ffff888124965000(0000) knlGS:0000000000000000 [ 672.487557][T14636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 672.487575][T14636] CR2: 00000000000c2000 CR3: 0000000047e7a000 CR4: 00000000003526f0 [ 672.487591][T14636] Call Trace: [ 672.487600][T14636] [ 672.487618][T14636] __schedule+0x212d/0x6150 [ 672.487663][T14636] ? __pfx___schedule+0x10/0x10 [ 672.487690][T14636] ? preempt_schedule_notrace_thunk+0x16/0x30 [ 672.487718][T14636] preempt_schedule_notrace+0x62/0xe0 [ 672.487744][T14636] preempt_schedule_notrace_thunk+0x16/0x30 [ 672.487783][T14636] rcu_is_watching+0x8e/0xc0 [ 672.487807][T14636] unwind_next_frame+0xa3b/0x20a0 [ 672.487839][T14636] ? shmem_evict_inode+0x3a1/0xbe0 [ 672.487876][T14636] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 672.487906][T14636] arch_stack_walk+0x94/0x100 [ 672.487941][T14636] ? evict+0x3c2/0xad0 [ 672.487977][T14636] stack_trace_save+0x8e/0xc0 [ 672.488004][T14636] ? __pfx_stack_trace_save+0x10/0x10 [ 672.488035][T14636] ? __lock_acquire+0x433/0x22f0 [ 672.488063][T14636] ? lockdep_hardirqs_on+0x7c/0x110 [ 672.488090][T14636] save_stack+0x160/0x1f0 [ 672.488115][T14636] ? __pfx_save_stack+0x10/0x10 [ 672.488138][T14636] ? free_unref_folios+0xa15/0x1600 [ 672.488169][T14636] ? folios_put_refs+0x4be/0x750 [ 672.488200][T14636] ? shmem_undo_range+0x58f/0x1140 [ 672.488230][T14636] ? shmem_evict_inode+0x3a1/0xbe0 [ 672.488270][T14636] ? page_ext_put+0x3e/0xd0 [ 672.488311][T14636] __reset_page_owner+0x84/0x1a0 [ 672.488340][T14636] free_unref_folios+0xa15/0x1600 [ 672.488379][T14636] ? rcu_is_watching+0x12/0xc0 [ 672.488402][T14636] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 672.488430][T14636] folios_put_refs+0x4be/0x750 [ 672.488469][T14636] ? __pfx_folios_put_refs+0x10/0x10 [ 672.488508][T14636] ? mlock_drain_local+0x24c/0x4e0 [ 672.488547][T14636] shmem_undo_range+0x58f/0x1140 [ 672.488590][T14636] ? __pfx_shmem_undo_range+0x10/0x10 [ 672.488623][T14636] ? __lock_acquire+0x433/0x22f0 [ 672.488676][T14636] ? find_held_lock+0x2b/0x80 [ 672.488712][T14636] ? is_bpf_text_address+0x8a/0x1a0 [ 672.488783][T14636] ? stack_trace_save+0x8e/0xc0 [ 672.488808][T14636] ? percpu_counter_add_batch+0xca/0x200 [ 672.488840][T14636] shmem_evict_inode+0x3a1/0xbe0 [ 672.488875][T14636] ? inode_wait_for_writeback+0x170/0x390 [ 672.488911][T14636] ? kasan_save_stack+0x42/0x60 [ 672.488936][T14636] ? __pfx_shmem_evict_inode+0x10/0x10 [ 672.488969][T14636] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 672.489008][T14636] ? find_held_lock+0x2b/0x80 [ 672.489044][T14636] ? evict+0x37e/0xad0 [ 672.489076][T14636] ? __pfx_shmem_evict_inode+0x10/0x10 [ 672.489109][T14636] evict+0x3c2/0xad0 [ 672.489137][T14636] ? find_held_lock+0x2b/0x80 [ 672.489174][T14636] ? __pfx_evict+0x10/0x10 [ 672.489210][T14636] ? iput.part.0+0x619/0x1190 [ 672.489248][T14636] iput.part.0+0x621/0x1190 [ 672.489284][T14636] iput+0x35/0x40 [ 672.489313][T14636] dentry_unlink_inode+0x29c/0x480 [ 672.489345][T14636] __dentry_kill+0x1d0/0x600 [ 672.489379][T14636] dput.part.0+0x4b1/0x9b0 [ 672.489412][T14636] dput+0x1f/0x30 [ 672.489440][T14636] __fput+0x51c/0xb70 [ 672.489479][T14636] task_work_run+0x150/0x240 [ 672.489510][T14636] ? __pfx_task_work_run+0x10/0x10 [ 672.489550][T14636] do_exit+0x87f/0x2bd0 [ 672.489581][T14636] ? proc_coredump_connector+0x2d1/0x4f0 [ 672.489606][T14636] ? __pfx_do_exit+0x10/0x10 [ 672.489642][T14636] do_group_exit+0xd3/0x2a0 [ 672.489671][T14636] get_signal+0x2671/0x26d0 [ 672.489719][T14636] ? __pfx_get_signal+0x10/0x10 [ 672.489760][T14636] ? __pfx_force_sig_fault+0x10/0x10 [ 672.489801][T14636] arch_do_signal_or_restart+0x8f/0x7a0 [ 672.489833][T14636] ? fixup_vdso_exception+0x34b/0x400 [ 672.489870][T14636] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 672.489912][T14636] ? lock_mm_and_find_vma+0xa6/0x6e0 [ 672.489952][T14636] irqentry_exit+0x38a/0x8c0 [ 672.489983][T14636] asm_exc_page_fault+0x26/0x30 [ 672.490007][T14636] RIP: 0033:0x7f92c4d8f7d1 [ 672.490026][T14636] Code: Unable to access opcode bytes at 0x7f92c4d8f7a7. [ 672.490038][T14636] RSP: 002b:0000080000000002 EFLAGS: 00010217 [ 672.490058][T14636] RAX: 0000000000000000 RBX: 00007f92c4fe5fa0 RCX: 00007f92c4d8f7c9 [ 672.490075][T14636] RDX: 0000000000000000 RSI: 0000080000000002 RDI: 0100000020003b49 [ 672.490091][T14636] RBP: 00007f92c4e13f91 R08: 0000000000000004 R09: 0000000000000000 [ 672.490107][T14636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 672.490123][T14636] R13: 00007f92c4fe6038 R14: 00007f92c4fe5fa0 R15: 00007ffc07a18f78 [ 672.490158][T14636] [ 672.490170][T14636] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 672.490188][T14636] CPU: 0 UID: 0 PID: 14636 Comm: syz.1.2078 Tainted: G L syzkaller #0 PREEMPT(full) [ 672.490222][T14636] Tainted: [L]=SOFTLOCKUP [ 672.490231][T14636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 672.490245][T14636] Call Trace: [ 672.490253][T14636] [ 672.490263][T14636] dump_stack_lvl+0x3d/0x1f0 [ 672.490290][T14636] vpanic+0x640/0x6f0 [ 672.490318][T14636] ? update_rq_clock+0x34a/0xc70 [ 672.490339][T14636] panic+0xca/0xd0 [ 672.490364][T14636] ? __pfx_panic+0x10/0x10 [ 672.490401][T14636] ? check_panic_on_warn+0x1f/0xb0 [ 672.490431][T14636] check_panic_on_warn+0xab/0xb0 [ 672.490460][T14636] __warn+0x108/0x3c0 [ 672.490492][T14636] __report_bug+0x2a0/0x520 [ 672.490524][T14636] ? update_rq_clock+0x34a/0xc70 [ 672.490550][T14636] ? __pfx___report_bug+0x10/0x10 [ 672.490592][T14636] ? __lock_acquire+0x433/0x22f0 [ 672.490625][T14636] ? update_rq_clock+0x34a/0xc70 [ 672.490648][T14636] report_bug+0xb2/0x220 [ 672.490681][T14636] ? update_rq_clock+0x34a/0xc70 [ 672.490703][T14636] handle_bug+0x127/0x260 [ 672.490732][T14636] exc_invalid_op+0x17/0x50 [ 672.490766][T14636] asm_exc_invalid_op+0x1a/0x20 [ 672.490789][T14636] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 672.490811][T14636] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 98 6b dc 09 a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 672.490834][T14636] RSP: 0018:ffffc900045c6d18 EFLAGS: 00010046 [ 672.490853][T14636] RAX: 0000000000000000 RBX: ffff8880b853acc0 RCX: 0000000000000001 [ 672.490869][T14636] RDX: 0000000000000000 RSI: ffffffff8da94318 RDI: ffffffff8bf21680 [ 672.490885][T14636] RBP: 0000000000000001 R08: ffff8880b843b7c8 R09: fffffbfff210eafa [ 672.490901][T14636] R10: ffffffff908757d7 R11: 0000000000000001 R12: ffffffff90878854 [ 672.490918][T14636] R13: ffffffff8dd53260 R14: ffff88801d6f3d00 R15: ffff8880b853acc0 [ 672.490952][T14636] ? update_rq_clock+0x99/0xc70 [ 672.490979][T14636] __schedule+0x212d/0x6150 [ 672.491022][T14636] ? __pfx___schedule+0x10/0x10 [ 672.491051][T14636] ? preempt_schedule_notrace_thunk+0x16/0x30 [ 672.491077][T14636] preempt_schedule_notrace+0x62/0xe0 [ 672.491103][T14636] preempt_schedule_notrace_thunk+0x16/0x30 [ 672.491135][T14636] rcu_is_watching+0x8e/0xc0 [ 672.491159][T14636] unwind_next_frame+0xa3b/0x20a0 [ 672.491189][T14636] ? shmem_evict_inode+0x3a1/0xbe0 [ 672.491225][T14636] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 672.491254][T14636] arch_stack_walk+0x94/0x100 [ 672.491288][T14636] ? evict+0x3c2/0xad0 [ 672.491323][T14636] stack_trace_save+0x8e/0xc0 [ 672.491350][T14636] ? __pfx_stack_trace_save+0x10/0x10 [ 672.491381][T14636] ? __lock_acquire+0x433/0x22f0 [ 672.491409][T14636] ? lockdep_hardirqs_on+0x7c/0x110 [ 672.491434][T14636] save_stack+0x160/0x1f0 [ 672.491458][T14636] ? __pfx_save_stack+0x10/0x10 [ 672.491481][T14636] ? free_unref_folios+0xa15/0x1600 [ 672.491510][T14636] ? folios_put_refs+0x4be/0x750 [ 672.491541][T14636] ? shmem_undo_range+0x58f/0x1140 [ 672.491570][T14636] ? shmem_evict_inode+0x3a1/0xbe0 [ 672.491609][T14636] ? page_ext_put+0x3e/0xd0 [ 672.491639][T14636] __reset_page_owner+0x84/0x1a0 [ 672.491668][T14636] free_unref_folios+0xa15/0x1600 [ 672.491707][T14636] ? rcu_is_watching+0x12/0xc0 [ 672.491730][T14636] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 672.491762][T14636] folios_put_refs+0x4be/0x750 [ 672.491801][T14636] ? __pfx_folios_put_refs+0x10/0x10 [ 672.491839][T14636] ? mlock_drain_local+0x24c/0x4e0 [ 672.491875][T14636] shmem_undo_range+0x58f/0x1140 [ 672.491918][T14636] ? __pfx_shmem_undo_range+0x10/0x10 [ 672.491950][T14636] ? __lock_acquire+0x433/0x22f0 [ 672.492003][T14636] ? find_held_lock+0x2b/0x80 [ 672.492039][T14636] ? is_bpf_text_address+0x8a/0x1a0 [ 672.492104][T14636] ? stack_trace_save+0x8e/0xc0 [ 672.492128][T14636] ? percpu_counter_add_batch+0xca/0x200 [ 672.492158][T14636] shmem_evict_inode+0x3a1/0xbe0 [ 672.492193][T14636] ? inode_wait_for_writeback+0x170/0x390 [ 672.492227][T14636] ? kasan_save_stack+0x42/0x60 [ 672.492251][T14636] ? __pfx_shmem_evict_inode+0x10/0x10 [ 672.492283][T14636] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 672.492323][T14636] ? find_held_lock+0x2b/0x80 [ 672.492358][T14636] ? evict+0x37e/0xad0 [ 672.492391][T14636] ? __pfx_shmem_evict_inode+0x10/0x10 [ 672.492423][T14636] evict+0x3c2/0xad0 [ 672.492451][T14636] ? find_held_lock+0x2b/0x80 [ 672.492488][T14636] ? __pfx_evict+0x10/0x10 [ 672.492523][T14636] ? iput.part.0+0x619/0x1190 [ 672.492561][T14636] iput.part.0+0x621/0x1190 [ 672.492598][T14636] iput+0x35/0x40 [ 672.492626][T14636] dentry_unlink_inode+0x29c/0x480 [ 672.492658][T14636] __dentry_kill+0x1d0/0x600 [ 672.492692][T14636] dput.part.0+0x4b1/0x9b0 [ 672.492725][T14636] dput+0x1f/0x30 [ 672.492759][T14636] __fput+0x51c/0xb70 [ 672.492796][T14636] task_work_run+0x150/0x240 [ 672.492827][T14636] ? __pfx_task_work_run+0x10/0x10 [ 672.492866][T14636] do_exit+0x87f/0x2bd0 [ 672.492897][T14636] ? proc_coredump_connector+0x2d1/0x4f0 [ 672.492921][T14636] ? __pfx_do_exit+0x10/0x10 [ 672.492956][T14636] do_group_exit+0xd3/0x2a0 [ 672.492985][T14636] get_signal+0x2671/0x26d0 [ 672.493032][T14636] ? __pfx_get_signal+0x10/0x10 [ 672.493068][T14636] ? __pfx_force_sig_fault+0x10/0x10 [ 672.493109][T14636] arch_do_signal_or_restart+0x8f/0x7a0 [ 672.493141][T14636] ? fixup_vdso_exception+0x34b/0x400 [ 672.493175][T14636] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 672.493216][T14636] ? lock_mm_and_find_vma+0xa6/0x6e0 [ 672.493256][T14636] irqentry_exit+0x38a/0x8c0 [ 672.493286][T14636] asm_exc_page_fault+0x26/0x30 [ 672.493308][T14636] RIP: 0033:0x7f92c4d8f7d1 [ 672.493326][T14636] Code: Unable to access opcode bytes at 0x7f92c4d8f7a7. [ 672.493338][T14636] RSP: 002b:0000080000000002 EFLAGS: 00010217 [ 672.493356][T14636] RAX: 0000000000000000 RBX: 00007f92c4fe5fa0 RCX: 00007f92c4d8f7c9 [ 672.493373][T14636] RDX: 0000000000000000 RSI: 0000080000000002 RDI: 0100000020003b49 [ 672.493389][T14636] RBP: 00007f92c4e13f91 R08: 0000000000000004 R09: 0000000000000000 [ 672.493405][T14636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 672.493420][T14636] R13: 00007f92c4fe6038 R14: 00007f92c4fe5fa0 R15: 00007ffc07a18f78 [ 672.493455][T14636] [ 672.493524][T14636] Kernel Offset: disabled