last executing test programs: 4.920088923s ago: executing program 1 (id=2800): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000580)='/sys/power/disk\x00', 0xc0082, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa022, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) 3.549628235s ago: executing program 1 (id=2813): syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) socket(0x18, 0x80004, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0) write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0) sendfile$auto(r1, r1, 0x0, 0x1) 3.059859004s ago: executing program 0 (id=2816): sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) bpf$auto(0x1, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x8, 0x7fffffff, 0xffffffffffffffff, 0x2, 0x8}, 0x100000cf) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f2, 0x24) 2.070321475s ago: executing program 3 (id=2821): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/xfs/stats/stats_clear\x00', 0x20681, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) read$auto(r0, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) 1.994457839s ago: executing program 0 (id=2822): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, 0x0, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x4000000) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r1, @ANYBLOB="01"], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef) 1.984372647s ago: executing program 2 (id=2823): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x101001, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/start_ro\x00', 0x80302, 0x0) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000180), 0x8c00, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d39, 0x5, 0x2, 0x1]}, 0x0) 1.851198431s ago: executing program 3 (id=2824): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) writev$auto(0xffffffffffffffff, 0x0, 0xa) readv$auto(0xffffffffffffffff, 0x0, 0x5) mkdir$auto(&(0x7f0000004440)='./file0\x00', 0x1) mount$auto(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='xfs\x00', 0x5, 0x0) 1.772291868s ago: executing program 2 (id=2825): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) socket(0x10, 0x2, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0) socketpair$auto(0x2d, 0x2, 0x8000000000000000, 0x0) r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r0, 0x0, 0xe) 1.73935297s ago: executing program 1 (id=2826): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0x4, 0xfffffffe, 0xcb, 0x0, 0x800049) 1.692300804s ago: executing program 3 (id=2827): r0 = socket(0x10, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x3, 0x0, 0x5, 0x0, 0x2000000200002, 0x2}, 0x803}, 0xfffffff9, 0x14, 0x0) write$auto_proc_clear_refs_operations_internal(0xffffffffffffffff, 0x0, 0xffffff4b) r1 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0xa00, 0x0) ioctl$auto_RTC_UIE_ON(r1, 0x7003, 0x4) ioctl$auto_RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000180)={0x19, 0x7, 0x8, 0x4, 0x5, 0xfd, 0x1ff, 0xfffffffc, 0x77d}) 1.639530808s ago: executing program 0 (id=2828): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf2502cff3291849be3657003c80080019"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.533389378s ago: executing program 3 (id=2829): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) unshare$auto(0x40000080) io_uring_setup$auto(0x6, 0x0) getsockopt$auto(r0, 0x84, 0x7c, 0x0, 0x0) 1.53293585s ago: executing program 2 (id=2837): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) faccessat$auto(0xffffffffffffffff, 0x0, 0x4) socket(0x2, 0x3, 0xa) 1.450622225s ago: executing program 0 (id=2830): r0 = getpid() r1 = gettid() setfsuid$auto(0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fcntl$auto(r2, 0x400, 0x1) truncate$auto(&(0x7f0000000080)='./file0\x00', 0x7f) rt_tgsigqueueinfo$auto(r0, r1, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x2, 0xffffffff}}}) close_range$auto(0x2, 0xa, 0x0) 1.260688473s ago: executing program 0 (id=2831): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) socket(0x11, 0x80003, 0x300) socket(0xa, 0x2, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = socket(0xa, 0x801, 0x6) setsockopt$auto(r0, 0x6, 0x24, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 1.114520349s ago: executing program 0 (id=2832): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) kexec_load$auto(0x5, 0x2, 0x0, 0x4) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) timerfd_settime$auto(0xffffffffffffffff, 0x3, 0x0, 0x0) fsopen$auto(0x0, 0x1) 879.465606ms ago: executing program 3 (id=2833): syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0) read$auto(r1, 0x0, 0x1f) read$auto(r0, 0x0, 0x80) 410.735065ms ago: executing program 1 (id=2834): openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x301f82, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0p\x00', 0x80, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000003c0), 0x101200, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC0\x00', 0x80, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x2000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x200e02, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x7d48, 0x948b, 0x4, 0x15f4da0c, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x4, 0x5, 0x2, 0x1]}, 0x0) 409.840311ms ago: executing program 2 (id=2835): r0 = setfsuid$auto(0xee00) r1 = setfsuid$auto(0xee01) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x2, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) setresuid$auto(r0, r1, r0) r2 = socket(0x15, 0x5, 0x0) setsockopt$auto_SO_BUSY_POLL_BUDGET(r2, 0x1, 0x46, 0x0, 0x94) 354.662072ms ago: executing program 2 (id=2836): mmap$auto(0x0, 0x6, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) write$auto(0x6, 0x0, 0x100000001) splice$auto(0x4, 0x0, r0, 0x0, 0x10000, 0x7) 273.84123ms ago: executing program 1 (id=2838): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 273.12356ms ago: executing program 3 (id=2839): mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x20000008000) syz_clone3(&(0x7f00000000c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, 0x0, 0x41180, 0x0) read$auto(r0, 0x0, 0x58b22256) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x123002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x3) 209.172568ms ago: executing program 2 (id=2840): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mprotect$auto(0x8000, 0x8, 0x8) r0 = syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) wait4$auto(r0, 0x0, 0x80000001, 0x0) 0s ago: executing program 1 (id=2841): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x9, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20100, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) close_range$auto(0x2, 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/module/i915/parameters/mitigations\x00', 0x88302, 0x0) kernel console output (not intermixed with test programs): T9576] ? __pfx___x64_sys_openat+0x10/0x10 [ 268.293387][ T9576] do_syscall_64+0x106/0xf80 [ 268.293409][ T9576] ? clear_bhb_loop+0x40/0x90 [ 268.293427][ T9576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.293448][ T9576] RIP: 0033:0x7fa7d635cfce [ 268.293462][ T9576] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 268.293477][ T9576] RSP: 002b:00007fa7d7257ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 268.293491][ T9576] RAX: ffffffffffffffda RBX: 00007fa7d72586c0 RCX: 00007fa7d635cfce [ 268.293501][ T9576] RDX: 0000000000000002 RSI: 00007fa7d7257f90 RDI: ffffffffffffff9c [ 268.293510][ T9576] RBP: 00007fa7d6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 268.293518][ T9576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.293527][ T9576] R13: 00007fa7d6616038 R14: 00007fa7d6615fa0 R15: 00007ffe7bae9ef8 [ 268.293546][ T9576] [ 269.225315][ T9585] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1291'. [ 269.637932][ T9595] netlink: 'syz.3.1296': attribute type 4 has an invalid length. [ 269.863508][ T9600] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1298'. [ 269.873733][ T9599] sg_write: data in/out 220/90 bytes for SCSI command 0x0-- guessing data in; [ 269.873733][ T9599] program syz.3.1297 not setting count and/or reply_len properly [ 271.200625][ T9633] random: crng reseeded on system resumption [ 271.266135][ T9633] FAULT_INJECTION: forcing a failure. [ 271.266135][ T9633] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 271.353182][ T9633] CPU: 0 UID: 0 PID: 9633 Comm: syz.3.1311 Tainted: G L syzkaller #0 PREEMPT(full) [ 271.353208][ T9633] Tainted: [L]=SOFTLOCKUP [ 271.353213][ T9633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 271.353222][ T9633] Call Trace: [ 271.353227][ T9633] [ 271.353233][ T9633] dump_stack_lvl+0x100/0x190 [ 271.353260][ T9633] should_fail_ex.cold+0x5/0xa [ 271.353275][ T9633] ? prepare_alloc_pages+0x16d/0x5f0 [ 271.353294][ T9633] should_fail_alloc_page+0xeb/0x140 [ 271.353313][ T9633] prepare_alloc_pages+0x1f0/0x5f0 [ 271.353333][ T9633] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 271.353357][ T9633] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 271.353385][ T9633] ? stack_trace_save+0x8e/0xc0 [ 271.353401][ T9633] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 271.353423][ T9633] ? stack_depot_save_flags+0x27/0x9d0 [ 271.353442][ T9633] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 271.353467][ T9633] ? kasan_save_stack+0x3f/0x50 [ 271.353479][ T9633] ? kasan_save_stack+0x30/0x50 [ 271.353491][ T9633] ? kasan_save_track+0x14/0x30 [ 271.353508][ T9633] ? do_sys_openat2+0x10d/0x1e0 [ 271.353526][ T9633] ? __x64_sys_openat+0x12d/0x210 [ 271.353544][ T9633] ? do_syscall_64+0x106/0xf80 [ 271.353565][ T9633] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.353581][ T9633] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 271.353598][ T9633] ? policy_nodemask+0xed/0x4f0 [ 271.353615][ T9633] alloc_pages_mpol+0x1fb/0x550 [ 271.353640][ T9633] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 271.353658][ T9633] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 271.353677][ T9633] alloc_pages_noprof+0x131/0x390 [ 271.353695][ T9633] get_zeroed_page_noprof+0x18/0xb0 [ 271.353715][ T9633] get_image_page+0x18/0x1a0 [ 271.353738][ T9633] alloc_rtree_node+0x3c/0xb0 [ 271.353753][ T9633] memory_bm_create+0x65e/0xba0 [ 271.353775][ T9633] create_basic_memory_bitmaps+0x10b/0x350 [ 271.353794][ T9633] snapshot_open+0x230/0x2a0 [ 271.353810][ T9633] ? __pfx_snapshot_open+0x10/0x10 [ 271.353827][ T9633] misc_open+0x26d/0x450 [ 271.353845][ T9633] ? __pfx_misc_open+0x10/0x10 [ 271.353862][ T9633] chrdev_open+0x234/0x6a0 [ 271.353877][ T9633] ? __pfx_apparmor_file_open+0x10/0x10 [ 271.353892][ T9633] ? __pfx_chrdev_open+0x10/0x10 [ 271.353909][ T9633] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 271.353930][ T9633] do_dentry_open+0x6d8/0x1660 [ 271.353944][ T9633] ? __pfx_chrdev_open+0x10/0x10 [ 271.353964][ T9633] vfs_open+0x82/0x3f0 [ 271.353984][ T9633] path_openat+0x208c/0x31a0 [ 271.354007][ T9633] ? __pfx_path_openat+0x10/0x10 [ 271.354029][ T9633] do_file_open+0x20e/0x430 [ 271.354046][ T9633] ? __pfx_do_file_open+0x10/0x10 [ 271.354075][ T9633] ? alloc_fd+0x476/0x790 [ 271.354092][ T9633] ? do_getname+0x191/0x390 [ 271.354111][ T9633] do_sys_openat2+0x10d/0x1e0 [ 271.354131][ T9633] ? __pfx_do_sys_openat2+0x10/0x10 [ 271.354151][ T9633] ? find_held_lock+0x2b/0x80 [ 271.354169][ T9633] __x64_sys_openat+0x12d/0x210 [ 271.354189][ T9633] ? __pfx___x64_sys_openat+0x10/0x10 [ 271.354216][ T9633] do_syscall_64+0x106/0xf80 [ 271.354237][ T9633] ? clear_bhb_loop+0x40/0x90 [ 271.354254][ T9633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.354269][ T9633] RIP: 0033:0x7fa7d639c799 [ 271.354283][ T9633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 271.354296][ T9633] RSP: 002b:00007fa7d7258028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 271.354311][ T9633] RAX: ffffffffffffffda RBX: 00007fa7d6615fa0 RCX: 00007fa7d639c799 [ 271.354320][ T9633] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 271.354329][ T9633] RBP: 00007fa7d6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 271.354338][ T9633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 271.354346][ T9633] R13: 00007fa7d6616038 R14: 00007fa7d6615fa0 R15: 00007ffe7bae9ef8 [ 271.354367][ T9633] [ 272.182288][ T9644] sd 0:0:1:0: PR command failed: 1026 [ 272.202645][ T9644] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 272.232595][ T9644] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 273.100275][ T9664] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1322'. [ 273.161941][ T9664] netlink: 'syz.0.1322': attribute type 7 has an invalid length. [ 273.876830][ T9673] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1325'. [ 274.240969][ T9680] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1328'. [ 274.541579][ T9688] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1332'. [ 275.146240][ T9696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1335'. [ 275.219526][ T9696] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1335'. [ 275.280470][ T9696] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1335'. [ 278.163956][ T5830] Bluetooth: hci0: command 0x0406 tx timeout [ 279.150813][ T5825] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 279.372414][ T9775] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1360'. [ 280.011813][ T9789] FAULT_INJECTION: forcing a failure. [ 280.011813][ T9789] name failslab, interval 1, probability 0, space 0, times 0 [ 280.086423][ T9786] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1363'. [ 280.135026][ T9789] CPU: 0 UID: 0 PID: 9789 Comm: syz.1.1364 Tainted: G L syzkaller #0 PREEMPT(full) [ 280.135052][ T9789] Tainted: [L]=SOFTLOCKUP [ 280.135058][ T9789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 280.135067][ T9789] Call Trace: [ 280.135072][ T9789] [ 280.135078][ T9789] dump_stack_lvl+0x100/0x190 [ 280.135105][ T9789] should_fail_ex.cold+0x5/0xa [ 280.135124][ T9789] should_failslab+0xc2/0x120 [ 280.135140][ T9789] __kmalloc_cache_noprof+0x7a/0x6f0 [ 280.135160][ T9789] ? snd_virmidi_input_open+0xc8/0x4d0 [ 280.135176][ T9789] ? __kasan_kmalloc+0xaa/0xb0 [ 280.135201][ T9789] snd_virmidi_input_open+0xc8/0x4d0 [ 280.135220][ T9789] open_substream+0x480/0x9e0 [ 280.135242][ T9789] rawmidi_open_priv+0x524/0x6f0 [ 280.135265][ T9789] snd_rawmidi_open+0x4c9/0xba0 [ 280.135288][ T9789] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 280.135309][ T9789] ? __pfx_default_wake_function+0x10/0x10 [ 280.135326][ T9789] ? soundcore_open+0x231/0x5a0 [ 280.135341][ T9789] ? soundcore_open+0x231/0x5a0 [ 280.135357][ T9789] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 280.135378][ T9789] soundcore_open+0x2e3/0x5a0 [ 280.135394][ T9789] ? __pfx_soundcore_open+0x10/0x10 [ 280.135409][ T9789] chrdev_open+0x234/0x6a0 [ 280.135426][ T9789] ? __pfx_chrdev_open+0x10/0x10 [ 280.135442][ T9789] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 280.135463][ T9789] do_dentry_open+0x6d8/0x1660 [ 280.135477][ T9789] ? __pfx_chrdev_open+0x10/0x10 [ 280.135497][ T9789] vfs_open+0x82/0x3f0 [ 280.135517][ T9789] path_openat+0x208c/0x31a0 [ 280.135540][ T9789] ? __pfx_path_openat+0x10/0x10 [ 280.135562][ T9789] do_file_open+0x20e/0x430 [ 280.135579][ T9789] ? __pfx_do_file_open+0x10/0x10 [ 280.135609][ T9789] ? alloc_fd+0x476/0x790 [ 280.135625][ T9789] ? do_getname+0x191/0x390 [ 280.135645][ T9789] do_sys_openat2+0x10d/0x1e0 [ 280.135665][ T9789] ? __pfx_do_sys_openat2+0x10/0x10 [ 280.135685][ T9789] ? __fget_files+0x21f/0x3d0 [ 280.135704][ T9789] __x64_sys_openat+0x12d/0x210 [ 280.135732][ T9789] ? __pfx___x64_sys_openat+0x10/0x10 [ 280.135760][ T9789] do_syscall_64+0x106/0xf80 [ 280.135783][ T9789] ? clear_bhb_loop+0x40/0x90 [ 280.135802][ T9789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.135817][ T9789] RIP: 0033:0x7fe9c639c799 [ 280.135830][ T9789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 280.135845][ T9789] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 280.135859][ T9789] RAX: ffffffffffffffda RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 280.135869][ T9789] RDX: 0000000000000800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 280.135879][ T9789] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 280.135888][ T9789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.135897][ T9789] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 280.135917][ T9789] [ 284.916425][ T5825] Bluetooth: hci2: Malformed LE Event: 0x0b [ 285.374071][ T9866] FAULT_INJECTION: forcing a failure. [ 285.374071][ T9866] name failslab, interval 1, probability 0, space 0, times 0 [ 285.479343][ T9866] CPU: 0 UID: 0 PID: 9866 Comm: syz.1.1391 Tainted: G L syzkaller #0 PREEMPT(full) [ 285.479369][ T9866] Tainted: [L]=SOFTLOCKUP [ 285.479375][ T9866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 285.479384][ T9866] Call Trace: [ 285.479389][ T9866] [ 285.479395][ T9866] dump_stack_lvl+0x100/0x190 [ 285.479422][ T9866] should_fail_ex.cold+0x5/0xa [ 285.479441][ T9866] ? drm_atomic_state_init+0xf4/0x490 [ 285.479460][ T9866] should_failslab+0xc2/0x120 [ 285.479477][ T9866] __kmalloc_noprof+0xe0/0x850 [ 285.479505][ T9866] drm_atomic_state_init+0xf4/0x490 [ 285.479523][ T9866] ? kasan_save_track+0x14/0x30 [ 285.479538][ T9866] drm_atomic_state_alloc+0xd3/0x120 [ 285.479558][ T9866] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 285.479580][ T9866] ? trace_contention_end+0x140/0x180 [ 285.479601][ T9866] ? __mutex_lock+0x26a/0x1b90 [ 285.479616][ T9866] ? __mutex_lock+0x26a/0x1b90 [ 285.479630][ T9866] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 285.479652][ T9866] ? drm_master_internal_acquire+0x21/0x80 [ 285.479690][ T9866] drm_client_modeset_commit_locked+0x14d/0x580 [ 285.479715][ T9866] drm_client_modeset_commit+0x4f/0x80 [ 285.479737][ T9866] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 285.479762][ T9866] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 285.479785][ T9866] drm_fbdev_client_restore+0x1b/0x30 [ 285.479803][ T9866] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 285.479820][ T9866] drm_client_dev_restore+0x205/0x2a0 [ 285.479844][ T9866] drm_release+0x2c6/0x360 [ 285.479865][ T9866] ? __pfx_drm_release+0x10/0x10 [ 285.479884][ T9866] __fput+0x3ff/0xb40 [ 285.479907][ T9866] task_work_run+0x150/0x240 [ 285.479928][ T9866] ? __pfx_task_work_run+0x10/0x10 [ 285.479955][ T9866] exit_to_user_mode_loop+0x100/0x4a0 [ 285.479976][ T9866] do_syscall_64+0x668/0xf80 [ 285.479997][ T9866] ? clear_bhb_loop+0x40/0x90 [ 285.480016][ T9866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.480031][ T9866] RIP: 0033:0x7fe9c639c799 [ 285.480044][ T9866] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 285.480058][ T9866] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 285.480073][ T9866] RAX: 0000000000000000 RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 285.480082][ T9866] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 285.480091][ T9866] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 285.480099][ T9866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.480108][ T9866] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 285.480129][ T9866] [ 287.732025][ T9904] FAULT_INJECTION: forcing a failure. [ 287.732025][ T9904] name failslab, interval 1, probability 0, space 0, times 0 [ 287.912553][ T9904] CPU: 0 UID: 0 PID: 9904 Comm: syz.1.1406 Tainted: G L syzkaller #0 PREEMPT(full) [ 287.912579][ T9904] Tainted: [L]=SOFTLOCKUP [ 287.912584][ T9904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 287.912593][ T9904] Call Trace: [ 287.912599][ T9904] [ 287.912605][ T9904] dump_stack_lvl+0x100/0x190 [ 287.912631][ T9904] should_fail_ex.cold+0x5/0xa [ 287.912650][ T9904] should_failslab+0xc2/0x120 [ 287.912666][ T9904] __kvmalloc_node_noprof+0xfa/0xa00 [ 287.912690][ T9904] ? v4l2_ctrl_new+0x4a6/0x23a0 [ 287.912703][ T9904] ? register_lock_class+0x40/0x560 [ 287.912727][ T9904] v4l2_ctrl_new+0x4a6/0x23a0 [ 287.912749][ T9904] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 287.912764][ T9904] ? lock_acquire+0x1cf/0x380 [ 287.912786][ T9904] ? rcu_is_watching+0x12/0xc0 [ 287.912810][ T9904] v4l2_ctrl_new_std+0x1bb/0x290 [ 287.912831][ T9904] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 287.912849][ T9904] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 287.912867][ T9904] ? __asan_memset+0x23/0x50 [ 287.912887][ T9904] ? __asan_memcpy+0x3c/0x60 [ 287.912908][ T9904] ? find_ref+0x209/0x420 [ 287.912923][ T9904] handler_new_ref+0x82f/0xc60 [ 287.912951][ T9904] v4l2_ctrl_new+0xe67/0x23a0 [ 287.912972][ T9904] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 287.912997][ T9904] v4l2_ctrl_new_std+0x1bb/0x290 [ 287.913017][ T9904] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 287.913035][ T9904] ? trace_kmalloc+0x101/0x130 [ 287.913050][ T9904] ? __kasan_kmalloc+0xaa/0xb0 [ 287.913073][ T9904] ? v4l2_ctrl_handler_init_class+0x201/0x350 [ 287.913097][ T9904] ? lockdep_set_lock_cmp_fn+0x60/0xe0 [ 287.913118][ T9904] ? media_request_object_init+0x105/0x180 [ 287.913142][ T9904] vim2m_open+0x140/0x830 [ 287.913165][ T9904] v4l2_open+0x1d2/0x490 [ 287.913180][ T9904] ? __pfx_v4l2_open+0x10/0x10 [ 287.913194][ T9904] chrdev_open+0x234/0x6a0 [ 287.913209][ T9904] ? __pfx_apparmor_file_open+0x10/0x10 [ 287.913225][ T9904] ? __pfx_chrdev_open+0x10/0x10 [ 287.913242][ T9904] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 287.913263][ T9904] do_dentry_open+0x6d8/0x1660 [ 287.913278][ T9904] ? __pfx_chrdev_open+0x10/0x10 [ 287.913298][ T9904] vfs_open+0x82/0x3f0 [ 287.913319][ T9904] path_openat+0x208c/0x31a0 [ 287.913341][ T9904] ? __pfx_path_openat+0x10/0x10 [ 287.913363][ T9904] do_file_open+0x20e/0x430 [ 287.913380][ T9904] ? __pfx_do_file_open+0x10/0x10 [ 287.913410][ T9904] ? alloc_fd+0x476/0x790 [ 287.913427][ T9904] ? do_getname+0x191/0x390 [ 287.913447][ T9904] do_sys_openat2+0x10d/0x1e0 [ 287.913466][ T9904] ? __pfx_do_sys_openat2+0x10/0x10 [ 287.913492][ T9904] __x64_sys_openat+0x12d/0x210 [ 287.913512][ T9904] ? __pfx___x64_sys_openat+0x10/0x10 [ 287.913539][ T9904] do_syscall_64+0x106/0xf80 [ 287.913561][ T9904] ? clear_bhb_loop+0x40/0x90 [ 287.913578][ T9904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.913593][ T9904] RIP: 0033:0x7fe9c639c799 [ 287.913606][ T9904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 287.913621][ T9904] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 287.913635][ T9904] RAX: ffffffffffffffda RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 287.913645][ T9904] RDX: 000000000002aa01 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 287.913655][ T9904] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 287.913664][ T9904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.913673][ T9904] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 287.913693][ T9904] [ 289.332869][ T9912] FAULT_INJECTION: forcing a failure. [ 289.332869][ T9912] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 289.376677][ T9912] CPU: 0 UID: 0 PID: 9912 Comm: syz.2.1409 Tainted: G L syzkaller #0 PREEMPT(full) [ 289.376703][ T9912] Tainted: [L]=SOFTLOCKUP [ 289.376709][ T9912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 289.376717][ T9912] Call Trace: [ 289.376723][ T9912] [ 289.376729][ T9912] dump_stack_lvl+0x100/0x190 [ 289.376755][ T9912] should_fail_ex.cold+0x5/0xa [ 289.376771][ T9912] ? prepare_alloc_pages+0x16d/0x5f0 [ 289.376799][ T9912] should_fail_alloc_page+0xeb/0x140 [ 289.376818][ T9912] prepare_alloc_pages+0x1f0/0x5f0 [ 289.376839][ T9912] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 289.376862][ T9912] ? mas_next_slot+0x1003/0x18b0 [ 289.376882][ T9912] ? __pfx___up_read+0x10/0x10 [ 289.376902][ T9912] ? validate_mm+0x261/0x4e0 [ 289.376921][ T9912] ? validate_mm+0x261/0x4e0 [ 289.376942][ T9912] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 289.376966][ T9912] ? validate_mm+0x392/0x4e0 [ 289.376987][ T9912] ? __pfx_validate_mm+0x10/0x10 [ 289.377011][ T9912] ? __pfx___vma_start_write+0x10/0x10 [ 289.377031][ T9912] ? vma_iter_store_overwrite+0x392/0x650 [ 289.377050][ T9912] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 289.377066][ T9912] ? policy_nodemask+0xed/0x4f0 [ 289.377084][ T9912] alloc_pages_mpol+0x1fb/0x550 [ 289.377100][ T9912] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 289.377121][ T9912] alloc_pages_noprof+0x131/0x390 [ 289.377138][ T9912] __pmd_alloc+0x3b/0x950 [ 289.377157][ T9912] move_page_tables+0x3224/0x4500 [ 289.377179][ T9912] ? __pfx_copy_vma+0x10/0x10 [ 289.377207][ T9912] ? __pfx_move_page_tables+0x10/0x10 [ 289.377238][ T9912] ? finish_task_switch.isra.0+0x200/0xb80 [ 289.377256][ T9912] copy_vma_and_data+0x25c/0x7c0 [ 289.377279][ T9912] ? __pfx_copy_vma_and_data+0x10/0x10 [ 289.377308][ T9912] ? __vma_start_write+0x17f/0x280 [ 289.377326][ T9912] ? __pfx___vma_start_write+0x10/0x10 [ 289.377351][ T9912] move_vma+0x51b/0x1890 [ 289.377374][ T9912] ? __pfx_move_vma+0x10/0x10 [ 289.377397][ T9912] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 289.377414][ T9912] ? cap_mmap_addr+0x4b/0x120 [ 289.377428][ T9912] ? bpf_lsm_mmap_addr+0x9/0x30 [ 289.377441][ T9912] ? security_mmap_addr+0x71/0x1e0 [ 289.377460][ T9912] ? __get_unmapped_area+0x255/0x3e0 [ 289.377478][ T9912] ? vrm_set_new_addr+0x204/0x290 [ 289.377500][ T9912] mremap_to+0x1b7/0x450 [ 289.377522][ T9912] do_mremap+0xb76/0x2130 [ 289.377551][ T9912] ? __pfx_do_mremap+0x10/0x10 [ 289.377576][ T9912] ? ksys_write+0x190/0x250 [ 289.377596][ T9912] __do_sys_mremap+0x126/0x170 [ 289.377617][ T9912] ? __pfx___do_sys_mremap+0x10/0x10 [ 289.377643][ T9912] ? __x64_sys_futex+0x34f/0x4d0 [ 289.377673][ T9912] do_syscall_64+0x106/0xf80 [ 289.377696][ T9912] ? clear_bhb_loop+0x40/0x90 [ 289.377714][ T9912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.377729][ T9912] RIP: 0033:0x7fc875f9c799 [ 289.377742][ T9912] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 289.377757][ T9912] RSP: 002b:00007fc876d7b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 289.377778][ T9912] RAX: ffffffffffffffda RBX: 00007fc876215fa0 RCX: 00007fc875f9c799 [ 289.377789][ T9912] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 289.377798][ T9912] RBP: 00007fc876032c99 R08: 0000000100000000 R09: 0000000000000000 [ 289.377807][ T9912] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 289.377816][ T9912] R13: 00007fc876216038 R14: 00007fc876215fa0 R15: 00007fffcc1208f8 [ 289.377839][ T9912] [ 290.524072][ T9916] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1410'. [ 291.371600][ T9930] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1417'. [ 291.586461][ T9932] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1418'. [ 296.367859][T10019] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1452'. [ 296.627845][T10026] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1455'. [ 296.859327][T10023] Process accounting resumed [ 298.314275][T10056] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1467'. [ 299.010300][T10072] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1473'. [ 299.931413][T10090] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1479'. [ 300.078259][T10093] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1479'. [ 302.647716][T10128] FAULT_INJECTION: forcing a failure. [ 302.647716][T10128] name failslab, interval 1, probability 0, space 0, times 0 [ 302.869813][T10128] CPU: 0 UID: 0 PID: 10128 Comm: syz.0.1492 Tainted: G L syzkaller #0 PREEMPT(full) [ 302.869839][T10128] Tainted: [L]=SOFTLOCKUP [ 302.869845][T10128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 302.869854][T10128] Call Trace: [ 302.869860][T10128] [ 302.869866][T10128] dump_stack_lvl+0x100/0x190 [ 302.869893][T10128] should_fail_ex.cold+0x5/0xa [ 302.869912][T10128] should_failslab+0xc2/0x120 [ 302.869929][T10128] __kmalloc_cache_noprof+0x7a/0x6f0 [ 302.869949][T10128] ? shrinker_alloc+0xf5/0xbc0 [ 302.869967][T10128] shrinker_alloc+0xf5/0xbc0 [ 302.869983][T10128] ? mark_held_locks+0x40/0x70 [ 302.870002][T10128] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 302.870024][T10128] ? rcu_is_watching+0x12/0xc0 [ 302.870047][T10128] ? __pfx_shrinker_alloc+0x10/0x10 [ 302.870064][T10128] ? lockdep_init_map_type+0x5c/0x250 [ 302.870084][T10128] ? lockdep_init_map_type+0x5c/0x250 [ 302.870105][T10128] ? __raw_spin_lock_init+0x3a/0x110 [ 302.870126][T10128] ? __init_rwsem+0x12d/0x1b0 [ 302.870148][T10128] alloc_super+0x7c7/0xd20 [ 302.870171][T10128] ? __pfx_mqueue_fill_super+0x10/0x10 [ 302.870193][T10128] sget_fc+0x117/0xc70 [ 302.870214][T10128] ? __pfx_set_anon_super_fc+0x10/0x10 [ 302.870236][T10128] ? __pfx_mqueue_fill_super+0x10/0x10 [ 302.870257][T10128] get_tree_nodev+0x28/0x190 [ 302.870281][T10128] mqueue_get_tree+0xf1/0x130 [ 302.870302][T10128] vfs_get_tree+0x92/0x320 [ 302.870323][T10128] fc_mount_longterm+0x1a/0x270 [ 302.870353][T10128] mq_init_ns+0x482/0x820 [ 302.870370][T10128] copy_ipcs+0x3dd/0x7e0 [ 302.870388][T10128] create_new_namespaces+0x20a/0xac0 [ 302.870405][T10128] ? security_capable+0x80/0x260 [ 302.870430][T10128] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 302.870449][T10128] ksys_unshare+0x473/0xad0 [ 302.870468][T10128] ? __pfx_ksys_unshare+0x10/0x10 [ 302.870495][T10128] __x64_sys_unshare+0x31/0x40 [ 302.870513][T10128] do_syscall_64+0x106/0xf80 [ 302.870535][T10128] ? clear_bhb_loop+0x40/0x90 [ 302.870552][T10128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.870567][T10128] RIP: 0033:0x7f2c1db9c799 [ 302.870581][T10128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 302.870596][T10128] RSP: 002b:00007f2c1e9c9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 302.870611][T10128] RAX: ffffffffffffffda RBX: 00007f2c1de15fa0 RCX: 00007f2c1db9c799 [ 302.870621][T10128] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 302.870630][T10128] RBP: 00007f2c1dc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 302.870639][T10128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 302.870648][T10128] R13: 00007f2c1de16038 R14: 00007f2c1de15fa0 R15: 00007fffaae15858 [ 302.870667][T10128] [ 303.477644][T10138] : renamed from bond0 (while UP) [ 306.968532][T10199] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1517'. [ 309.657772][T10231] mkiss: ax0: crc mode is auto. [ 310.100635][T10241] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1529'. [ 310.115549][T10243] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1527'. [ 312.173153][T10283] netlink: 'syz.3.1538': attribute type 4 has an invalid length. [ 312.250055][T10283] netlink: 314 bytes leftover after parsing attributes in process `syz.3.1538'. [ 313.598806][T10304] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1543'. [ 314.129699][T10317] futex_wake_op: syz.2.1547 tries to shift op by -2048; fix this program [ 315.313824][T10342] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1552'. [ 316.654741][T10368] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1558'. [ 317.049643][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.057435][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.398336][ T30] audit: type=1800 audit(1774576843.154:7): pid=10396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1568" name="dbroot" dev="configfs" ino=168105 res=0 errno=0 [ 318.612229][T10393] db_root: cannot open: 0 [ 318.675733][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.682022][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 320.077215][T10436] netlink: 'syz.0.1584': attribute type 33 has an invalid length. [ 320.123752][T10436] netlink: 322 bytes leftover after parsing attributes in process `syz.0.1584'. [ 321.138418][T10458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1593'. [ 321.935109][T10472] netlink: 130 bytes leftover after parsing attributes in process `syz.3.1599'. [ 322.953953][T10479] zswap: compressor not available [ 323.316256][T10498] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1607'. [ 323.997754][T10516] FAULT_INJECTION: forcing a failure. [ 323.997754][T10516] name failslab, interval 1, probability 0, space 0, times 0 [ 324.517017][T10516] CPU: 0 UID: 0 PID: 10516 Comm: syz.2.1614 Tainted: G L syzkaller #0 PREEMPT(full) [ 324.517044][T10516] Tainted: [L]=SOFTLOCKUP [ 324.517052][T10516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 324.517073][T10516] Call Trace: [ 324.517079][T10516] [ 324.517085][T10516] dump_stack_lvl+0x100/0x190 [ 324.517113][T10516] should_fail_ex.cold+0x5/0xa [ 324.517133][T10516] should_failslab+0xc2/0x120 [ 324.517153][T10516] __kmalloc_cache_noprof+0x7a/0x6f0 [ 324.517173][T10516] ? wakeup_source_device_create+0x46/0x2e0 [ 324.517197][T10516] wakeup_source_device_create+0x46/0x2e0 [ 324.517216][T10516] wakeup_source_sysfs_add+0x1c/0x90 [ 324.517234][T10516] wakeup_source_register+0x154/0x3e0 [ 324.517250][T10516] ep_create_wakeup_source+0x1df/0x2e0 [ 324.517267][T10516] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 324.517285][T10516] ? do_epoll_ctl+0x1012/0x36a0 [ 324.517300][T10516] ? do_epoll_ctl+0x1012/0x36a0 [ 324.517320][T10516] do_epoll_ctl+0x1eee/0x36a0 [ 324.517344][T10516] ? __pfx_do_epoll_ctl+0x10/0x10 [ 324.517358][T10516] ? find_held_lock+0x2b/0x80 [ 324.517373][T10516] ? __might_fault+0xc5/0x140 [ 324.517393][T10516] ? __might_fault+0xc5/0x140 [ 324.517420][T10516] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 324.517435][T10516] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 324.517452][T10516] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 324.517474][T10516] do_syscall_64+0x106/0xf80 [ 324.517496][T10516] ? clear_bhb_loop+0x40/0x90 [ 324.517513][T10516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.517528][T10516] RIP: 0033:0x7fc875f9c799 [ 324.517541][T10516] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 324.517555][T10516] RSP: 002b:00007fc8741f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 324.517573][T10516] RAX: ffffffffffffffda RBX: 00007fc876216090 RCX: 00007fc875f9c799 [ 324.517583][T10516] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 324.517592][T10516] RBP: 00007fc876032c99 R08: 0000000000000000 R09: 0000000000000000 [ 324.517600][T10516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 324.517609][T10516] R13: 00007fc876216128 R14: 00007fc876216090 R15: 00007fffcc1208f8 [ 324.517629][T10516] [ 326.153324][T10545] netlink: 'syz.3.1625': attribute type 16 has an invalid length. [ 326.302699][T10545] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1625'. [ 326.365007][T10547] netlink: 302 bytes leftover after parsing attributes in process `syz.2.1626'. [ 327.234947][T10565] Process accounting paused [ 327.708116][T10580] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1638'. [ 331.122776][T10650] FAULT_INJECTION: forcing a failure. [ 331.122776][T10650] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 331.203132][T10650] CPU: 0 UID: 0 PID: 10650 Comm: syz.1.1672 Tainted: G L syzkaller #0 PREEMPT(full) [ 331.203158][T10650] Tainted: [L]=SOFTLOCKUP [ 331.203164][T10650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 331.203174][T10650] Call Trace: [ 331.203179][T10650] [ 331.203185][T10650] dump_stack_lvl+0x100/0x190 [ 331.203213][T10650] should_fail_ex.cold+0x5/0xa [ 331.203229][T10650] ? prepare_alloc_pages+0x16d/0x5f0 [ 331.203248][T10650] should_fail_alloc_page+0xeb/0x140 [ 331.203265][T10650] prepare_alloc_pages+0x1f0/0x5f0 [ 331.203282][T10650] ? kernel_text_address+0x8d/0x100 [ 331.203306][T10650] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 331.203334][T10650] ? copy_splice_read+0x1a3/0xb90 [ 331.203348][T10650] ? stack_trace_save+0x8e/0xc0 [ 331.203363][T10650] ? __pfx_stack_trace_save+0x10/0x10 [ 331.203379][T10650] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 331.203404][T10650] ? copy_splice_read+0x1a3/0xb90 [ 331.203417][T10650] ? kasan_save_stack+0x3f/0x50 [ 331.203430][T10650] ? kasan_save_stack+0x30/0x50 [ 331.203443][T10650] ? kasan_save_track+0x14/0x30 [ 331.203455][T10650] ? __kasan_kmalloc+0xaa/0xb0 [ 331.203476][T10650] ? __kmalloc_noprof+0x301/0x850 [ 331.203497][T10650] ? copy_splice_read+0x1a3/0xb90 [ 331.203510][T10650] ? do_splice_read+0x285/0x370 [ 331.203526][T10650] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.203552][T10650] alloc_pages_bulk_noprof+0x782/0x1490 [ 331.203580][T10650] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 331.203608][T10650] ? __kmalloc_noprof+0x320/0x850 [ 331.203632][T10650] copy_splice_read+0x1e1/0xb90 [ 331.203651][T10650] ? __pfx_copy_splice_read+0x10/0x10 [ 331.203667][T10650] ? look_up_lock_class+0x55/0x120 [ 331.203693][T10650] ? lockdep_init_map_type+0x5c/0x250 [ 331.203714][T10650] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 331.203730][T10650] ? __pfx_copy_splice_read+0x10/0x10 [ 331.203745][T10650] do_splice_read+0x285/0x370 [ 331.203763][T10650] splice_direct_to_actor+0x2a1/0xa30 [ 331.203779][T10650] ? __pfx_direct_splice_actor+0x10/0x10 [ 331.203797][T10650] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 331.203818][T10650] do_splice_direct+0x174/0x240 [ 331.203834][T10650] ? __pfx_do_splice_direct+0x10/0x10 [ 331.203850][T10650] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 331.203876][T10650] ? rw_verify_area+0xce/0x6d0 [ 331.203898][T10650] do_sendfile+0xadc/0xe20 [ 331.203923][T10650] ? __pfx_do_sendfile+0x10/0x10 [ 331.203947][T10650] ? __x64_sys_futex+0x34f/0x4d0 [ 331.203965][T10650] ? __x64_sys_futex+0x358/0x4d0 [ 331.203986][T10650] __x64_sys_sendfile64+0x1d8/0x220 [ 331.204004][T10650] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 331.204027][T10650] do_syscall_64+0x106/0xf80 [ 331.204048][T10650] ? clear_bhb_loop+0x40/0x90 [ 331.204065][T10650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.204080][T10650] RIP: 0033:0x7fe9c639c799 [ 331.204093][T10650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 331.204115][T10650] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 331.204131][T10650] RAX: ffffffffffffffda RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 331.204141][T10650] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 331.204150][T10650] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 331.204159][T10650] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000000 [ 331.204171][T10650] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 331.204191][T10650] [ 333.516116][T10684] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1678'. [ 333.629696][T10690] FAULT_INJECTION: forcing a failure. [ 333.629696][T10690] name failslab, interval 1, probability 0, space 0, times 0 [ 333.705926][T10690] CPU: 0 UID: 0 PID: 10690 Comm: syz.1.1679 Tainted: G L syzkaller #0 PREEMPT(full) [ 333.705952][T10690] Tainted: [L]=SOFTLOCKUP [ 333.705958][T10690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 333.705967][T10690] Call Trace: [ 333.705972][T10690] [ 333.705977][T10690] dump_stack_lvl+0x100/0x190 [ 333.706004][T10690] should_fail_ex.cold+0x5/0xa [ 333.706023][T10690] should_failslab+0xc2/0x120 [ 333.706040][T10690] __kmalloc_cache_noprof+0x7a/0x6f0 [ 333.706060][T10690] ? rfkill_fop_open+0x1b6/0x750 [ 333.706077][T10690] ? mark_held_locks+0x40/0x70 [ 333.706099][T10690] rfkill_fop_open+0x1b6/0x750 [ 333.706127][T10690] ? __pfx_rfkill_fop_open+0x10/0x10 [ 333.706147][T10690] misc_open+0x26d/0x450 [ 333.706165][T10690] ? __pfx_misc_open+0x10/0x10 [ 333.706183][T10690] chrdev_open+0x234/0x6a0 [ 333.706199][T10690] ? __pfx_apparmor_file_open+0x10/0x10 [ 333.706215][T10690] ? __pfx_chrdev_open+0x10/0x10 [ 333.706231][T10690] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 333.706252][T10690] do_dentry_open+0x6d8/0x1660 [ 333.706267][T10690] ? __pfx_chrdev_open+0x10/0x10 [ 333.706288][T10690] vfs_open+0x82/0x3f0 [ 333.706309][T10690] path_openat+0x208c/0x31a0 [ 333.706331][T10690] ? __pfx_path_openat+0x10/0x10 [ 333.706355][T10690] do_file_open+0x20e/0x430 [ 333.706372][T10690] ? __pfx_do_file_open+0x10/0x10 [ 333.706401][T10690] ? alloc_fd+0x476/0x790 [ 333.706419][T10690] ? do_getname+0x191/0x390 [ 333.706438][T10690] do_sys_openat2+0x10d/0x1e0 [ 333.706458][T10690] ? __pfx_do_sys_openat2+0x10/0x10 [ 333.706479][T10690] ? __fget_files+0x21f/0x3d0 [ 333.706498][T10690] __x64_sys_openat+0x12d/0x210 [ 333.706517][T10690] ? __pfx___x64_sys_openat+0x10/0x10 [ 333.706544][T10690] do_syscall_64+0x106/0xf80 [ 333.706566][T10690] ? clear_bhb_loop+0x40/0x90 [ 333.706583][T10690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.706599][T10690] RIP: 0033:0x7fe9c639c799 [ 333.706611][T10690] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 333.706627][T10690] RSP: 002b:00007fe9c72e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 333.706641][T10690] RAX: ffffffffffffffda RBX: 00007fe9c6616090 RCX: 00007fe9c639c799 [ 333.706652][T10690] RDX: 0000000000000000 RSI: 0000200000000200 RDI: ffffffffffffff9c [ 333.706661][T10690] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 333.706670][T10690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.706679][T10690] R13: 00007fe9c6616128 R14: 00007fe9c6616090 R15: 00007ffcb8ad04d8 [ 333.706699][T10690] [ 334.102568][T10703] netlink: 'syz.3.1685': attribute type 33 has an invalid length. [ 334.110400][T10703] netlink: 322 bytes leftover after parsing attributes in process `syz.3.1685'. [ 334.119535][T10703] netlink: 'syz.3.1685': attribute type 33 has an invalid length. [ 334.127721][T10703] netlink: 322 bytes leftover after parsing attributes in process `syz.3.1685'. [ 336.474135][T10750] input: jJǸ-9%vJ86 as /devices/virtual/input/input6 [ 336.804017][T10758] FAULT_INJECTION: forcing a failure. [ 336.804017][T10758] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 336.853211][T10758] CPU: 0 UID: 0 PID: 10758 Comm: syz.3.1705 Tainted: G L syzkaller #0 PREEMPT(full) [ 336.853237][T10758] Tainted: [L]=SOFTLOCKUP [ 336.853242][T10758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 336.853251][T10758] Call Trace: [ 336.853257][T10758] [ 336.853263][T10758] dump_stack_lvl+0x100/0x190 [ 336.853290][T10758] should_fail_ex.cold+0x5/0xa [ 336.853305][T10758] ? prepare_alloc_pages+0x16d/0x5f0 [ 336.853324][T10758] should_fail_alloc_page+0xeb/0x140 [ 336.853343][T10758] prepare_alloc_pages+0x1f0/0x5f0 [ 336.853363][T10758] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 336.853385][T10758] ? do_syscall_64+0x81/0xf80 [ 336.853417][T10758] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 336.853448][T10758] ? rcu_is_watching+0x12/0xc0 [ 336.853470][T10758] ? trace_kmalloc+0x101/0x130 [ 336.853485][T10758] ? __kasan_kmalloc+0xaa/0xb0 [ 336.853508][T10758] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 336.853525][T10758] ? policy_nodemask+0xed/0x4f0 [ 336.853542][T10758] alloc_pages_mpol+0x1fb/0x550 [ 336.853559][T10758] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 336.853574][T10758] ? __alloc_skb+0x5b7/0x710 [ 336.853594][T10758] ? __pfx___alloc_skb+0x10/0x10 [ 336.853613][T10758] ? finish_task_switch.isra.0+0x200/0xb80 [ 336.853633][T10758] alloc_pages_noprof+0x131/0x390 [ 336.853650][T10758] alloc_skb_with_frags+0x500/0x810 [ 336.853670][T10758] sock_alloc_send_pskb+0x801/0x980 [ 336.853695][T10758] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 336.853723][T10758] tun_get_user+0x8f7/0x3e10 [ 336.853747][T10758] ? __pfx_tun_get_user+0x10/0x10 [ 336.853765][T10758] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 336.853798][T10758] ? find_held_lock+0x2b/0x80 [ 336.853812][T10758] ? tun_get+0x191/0x370 [ 336.853827][T10758] ? tun_get+0x191/0x370 [ 336.853846][T10758] tun_chr_write_iter+0xdc/0x200 [ 336.853865][T10758] vfs_write+0x6ac/0x1070 [ 336.853881][T10758] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 336.853899][T10758] ? __pfx_vfs_write+0x10/0x10 [ 336.853912][T10758] ? find_held_lock+0x2b/0x80 [ 336.853938][T10758] __x64_sys_pwrite64+0x1eb/0x250 [ 336.853954][T10758] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 336.853975][T10758] do_syscall_64+0x106/0xf80 [ 336.853998][T10758] ? clear_bhb_loop+0x40/0x90 [ 336.854016][T10758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.854031][T10758] RIP: 0033:0x7fa7d639c799 [ 336.854044][T10758] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 336.854059][T10758] RSP: 002b:00007fa7d7237028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 336.854074][T10758] RAX: ffffffffffffffda RBX: 00007fa7d6616090 RCX: 00007fa7d639c799 [ 336.854084][T10758] RDX: 000000000000fdf0 RSI: 0000200000000140 RDI: 00000000000000c8 [ 336.854093][T10758] RBP: 00007fa7d6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 336.854102][T10758] R10: 0000000000000039 R11: 0000000000000246 R12: 0000000000000000 [ 336.854111][T10758] R13: 00007fa7d6616128 R14: 00007fa7d6616090 R15: 00007ffe7bae9ef8 [ 336.854131][T10758] [ 337.837482][T10767] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1709'. [ 338.154702][T10768] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 338.202615][T10768] MDS CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details. [ 338.283876][T10768] TAA CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html for more details. [ 338.349060][T10768] MMIO Stale Data CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html for more details. [ 338.404847][T10769] smpboot: CPU 1 is now offline [ 339.022814][T10790] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 339.944295][T10823] FAULT_INJECTION: forcing a failure. [ 339.944295][T10823] name failslab, interval 1, probability 0, space 0, times 0 [ 339.984540][T10823] CPU: 0 UID: 0 PID: 10823 Comm: syz.2.1732 Tainted: G L syzkaller #0 PREEMPT(full) [ 339.984566][T10823] Tainted: [L]=SOFTLOCKUP [ 339.984572][T10823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 339.984581][T10823] Call Trace: [ 339.984587][T10823] [ 339.984593][T10823] dump_stack_lvl+0x100/0x190 [ 339.984620][T10823] should_fail_ex.cold+0x5/0xa [ 339.984639][T10823] should_failslab+0xc2/0x120 [ 339.984656][T10823] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 339.984679][T10823] ? snd_timer_instance_new+0x65/0x2e0 [ 339.984701][T10823] kstrdup+0x51/0xe0 [ 339.984717][T10823] snd_timer_instance_new+0x65/0x2e0 [ 339.984735][T10823] snd_seq_timer_open+0x1d4/0x600 [ 339.984758][T10823] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 339.984786][T10823] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 339.984807][T10823] ? lockdep_hardirqs_on+0x78/0x100 [ 339.984829][T10823] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 339.984852][T10823] queue_use+0xdc/0x1f0 [ 339.984870][T10823] snd_seq_queue_alloc+0x2e5/0x590 [ 339.984893][T10823] snd_seq_ioctl_create_queue+0xa9/0x370 [ 339.984918][T10823] call_seq_client_ctl+0xa3/0x130 [ 339.984934][T10823] snd_seq_kernel_client_ctl+0x77/0xd0 [ 339.984951][T10823] alloc_seq_queue+0xdb/0x180 [ 339.984967][T10823] ? __pfx_alloc_seq_queue+0x10/0x10 [ 339.984993][T10823] ? mark_held_locks+0x40/0x70 [ 339.985011][T10823] ? _raw_spin_unlock_irq+0x23/0x50 [ 339.985031][T10823] ? lockdep_hardirqs_on+0x78/0x100 [ 339.985054][T10823] snd_seq_oss_open+0x2b2/0xa10 [ 339.985074][T10823] odev_open+0x79/0xc0 [ 339.985087][T10823] ? __pfx_odev_open+0x10/0x10 [ 339.985101][T10823] soundcore_open+0x2e3/0x5a0 [ 339.985118][T10823] ? __pfx_soundcore_open+0x10/0x10 [ 339.985133][T10823] chrdev_open+0x234/0x6a0 [ 339.985149][T10823] ? __pfx_apparmor_file_open+0x10/0x10 [ 339.985165][T10823] ? __pfx_chrdev_open+0x10/0x10 [ 339.985181][T10823] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 339.985201][T10823] do_dentry_open+0x6d8/0x1660 [ 339.985217][T10823] ? __pfx_chrdev_open+0x10/0x10 [ 339.985236][T10823] vfs_open+0x82/0x3f0 [ 339.985257][T10823] path_openat+0x208c/0x31a0 [ 339.985279][T10823] ? __pfx_path_openat+0x10/0x10 [ 339.985302][T10823] do_file_open+0x20e/0x430 [ 339.985318][T10823] ? __pfx_do_file_open+0x10/0x10 [ 339.985348][T10823] ? alloc_fd+0x476/0x790 [ 339.985365][T10823] ? do_getname+0x191/0x390 [ 339.985384][T10823] do_sys_openat2+0x10d/0x1e0 [ 339.985404][T10823] ? __pfx_do_sys_openat2+0x10/0x10 [ 339.985429][T10823] ? __fget_files+0x21f/0x3d0 [ 339.985448][T10823] __x64_sys_openat+0x12d/0x210 [ 339.985475][T10823] ? __pfx___x64_sys_openat+0x10/0x10 [ 339.985503][T10823] do_syscall_64+0x106/0xf80 [ 339.985526][T10823] ? clear_bhb_loop+0x40/0x90 [ 339.985544][T10823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.985559][T10823] RIP: 0033:0x7fc875f9c799 [ 339.985572][T10823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 339.985586][T10823] RSP: 002b:00007fc876d7b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 339.985601][T10823] RAX: ffffffffffffffda RBX: 00007fc876215fa0 RCX: 00007fc875f9c799 [ 339.985611][T10823] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 339.985620][T10823] RBP: 00007fc876032c99 R08: 0000000000000000 R09: 0000000000000000 [ 339.985629][T10823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.985638][T10823] R13: 00007fc876216038 R14: 00007fc876215fa0 R15: 00007fffcc1208f8 [ 339.985657][T10823] [ 340.690056][T10820] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1731'. [ 341.073672][T10831] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1735'. [ 341.225436][T10836] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1738'. [ 341.279033][T10836] hsr_slave_0: left promiscuous mode [ 341.288898][T10838] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 341.329204][T10836] hsr_slave_1: left promiscuous mode [ 341.889447][T10861] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1746'. [ 342.379395][T10870] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1751'. [ 343.210565][T10900] FAULT_INJECTION: forcing a failure. [ 343.210565][T10900] name failslab, interval 1, probability 0, space 0, times 0 [ 343.258281][T10900] CPU: 0 UID: 0 PID: 10900 Comm: syz.3.1764 Tainted: G L syzkaller #0 PREEMPT(full) [ 343.258307][T10900] Tainted: [L]=SOFTLOCKUP [ 343.258313][T10900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 343.258323][T10900] Call Trace: [ 343.258328][T10900] [ 343.258334][T10900] dump_stack_lvl+0x100/0x190 [ 343.258361][T10900] should_fail_ex.cold+0x5/0xa [ 343.258380][T10900] should_failslab+0xc2/0x120 [ 343.258397][T10900] __kmalloc_cache_noprof+0x7a/0x6f0 [ 343.258416][T10900] ? loopback_open+0x145/0x1370 [ 343.258442][T10900] loopback_open+0x145/0x1370 [ 343.258469][T10900] snd_pcm_open_substream+0xa76/0x1850 [ 343.258496][T10900] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 343.258518][T10900] ? rcu_is_watching+0x12/0xc0 [ 343.258544][T10900] snd_pcm_open+0x2a3/0x710 [ 343.258566][T10900] ? __pfx_snd_pcm_open+0x10/0x10 [ 343.258589][T10900] ? __pfx_default_wake_function+0x10/0x10 [ 343.258611][T10900] ? __pfx_snd_pcm_playback_open+0x10/0x10 [ 343.258632][T10900] snd_pcm_playback_open+0x86/0xe0 [ 343.258653][T10900] snd_open+0x22d/0x4c0 [ 343.258669][T10900] ? __pfx_snd_open+0x10/0x10 [ 343.258685][T10900] chrdev_open+0x234/0x6a0 [ 343.258701][T10900] ? __pfx_chrdev_open+0x10/0x10 [ 343.258718][T10900] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 343.258738][T10900] do_dentry_open+0x6d8/0x1660 [ 343.258753][T10900] ? __pfx_chrdev_open+0x10/0x10 [ 343.258773][T10900] vfs_open+0x82/0x3f0 [ 343.258794][T10900] path_openat+0x208c/0x31a0 [ 343.258816][T10900] ? __pfx_path_openat+0x10/0x10 [ 343.258839][T10900] do_file_open+0x20e/0x430 [ 343.258856][T10900] ? __pfx_do_file_open+0x10/0x10 [ 343.258886][T10900] ? alloc_fd+0x476/0x790 [ 343.258903][T10900] ? do_getname+0x191/0x390 [ 343.258923][T10900] do_sys_openat2+0x10d/0x1e0 [ 343.258942][T10900] ? __pfx_do_sys_openat2+0x10/0x10 [ 343.258963][T10900] ? __fget_files+0x21f/0x3d0 [ 343.258981][T10900] __x64_sys_openat+0x12d/0x210 [ 343.259001][T10900] ? __pfx___x64_sys_openat+0x10/0x10 [ 343.259028][T10900] do_syscall_64+0x106/0xf80 [ 343.259049][T10900] ? clear_bhb_loop+0x40/0x90 [ 343.259068][T10900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.259083][T10900] RIP: 0033:0x7fa7d639c799 [ 343.259096][T10900] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 343.259111][T10900] RSP: 002b:00007fa7d7258028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 343.259133][T10900] RAX: ffffffffffffffda RBX: 00007fa7d6615fa0 RCX: 00007fa7d639c799 [ 343.259143][T10900] RDX: 0000000000002100 RSI: 0000200000004ec0 RDI: ffffffffffffff9c [ 343.259152][T10900] RBP: 00007fa7d6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 343.259162][T10900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 343.259171][T10900] R13: 00007fa7d6616038 R14: 00007fa7d6615fa0 R15: 00007ffe7bae9ef8 [ 343.259191][T10900] [ 344.307903][T10927] FAULT_INJECTION: forcing a failure. [ 344.307903][T10927] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 344.405178][T10927] CPU: 0 UID: 0 PID: 10927 Comm: syz.1.1774 Tainted: G L syzkaller #0 PREEMPT(full) [ 344.405204][T10927] Tainted: [L]=SOFTLOCKUP [ 344.405209][T10927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 344.405218][T10927] Call Trace: [ 344.405224][T10927] [ 344.405230][T10927] dump_stack_lvl+0x100/0x190 [ 344.405257][T10927] should_fail_ex.cold+0x5/0xa [ 344.405273][T10927] ? prepare_alloc_pages+0x16d/0x5f0 [ 344.405292][T10927] should_fail_alloc_page+0xeb/0x140 [ 344.405309][T10927] prepare_alloc_pages+0x1f0/0x5f0 [ 344.405329][T10927] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 344.405352][T10927] ? do_syscall_64+0x81/0xf80 [ 344.405384][T10927] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 344.405415][T10927] ? rcu_is_watching+0x12/0xc0 [ 344.405439][T10927] ? trace_kmalloc+0x101/0x130 [ 344.405454][T10927] ? __kasan_kmalloc+0xaa/0xb0 [ 344.405476][T10927] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.405493][T10927] ? policy_nodemask+0xed/0x4f0 [ 344.405510][T10927] alloc_pages_mpol+0x1fb/0x550 [ 344.405527][T10927] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 344.405543][T10927] ? __alloc_skb+0x5b7/0x710 [ 344.405562][T10927] ? __pfx___alloc_skb+0x10/0x10 [ 344.405581][T10927] ? finish_task_switch.isra.0+0x200/0xb80 [ 344.405600][T10927] alloc_pages_noprof+0x131/0x390 [ 344.405617][T10927] alloc_skb_with_frags+0x500/0x810 [ 344.405637][T10927] sock_alloc_send_pskb+0x801/0x980 [ 344.405663][T10927] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 344.405691][T10927] tun_get_user+0x8f7/0x3e10 [ 344.405715][T10927] ? __pfx_tun_get_user+0x10/0x10 [ 344.405733][T10927] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 344.405758][T10927] ? find_held_lock+0x2b/0x80 [ 344.405772][T10927] ? tun_get+0x191/0x370 [ 344.405785][T10927] ? tun_get+0x191/0x370 [ 344.405804][T10927] tun_chr_write_iter+0xdc/0x200 [ 344.405822][T10927] vfs_write+0x6ac/0x1070 [ 344.405837][T10927] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 344.405856][T10927] ? __pfx_vfs_write+0x10/0x10 [ 344.405868][T10927] ? find_held_lock+0x2b/0x80 [ 344.405894][T10927] __x64_sys_pwrite64+0x1eb/0x250 [ 344.405909][T10927] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 344.405930][T10927] do_syscall_64+0x106/0xf80 [ 344.405951][T10927] ? clear_bhb_loop+0x40/0x90 [ 344.405969][T10927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.405984][T10927] RIP: 0033:0x7fe9c639c799 [ 344.406004][T10927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 344.406019][T10927] RSP: 002b:00007fe9c72e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 344.406034][T10927] RAX: ffffffffffffffda RBX: 00007fe9c6616090 RCX: 00007fe9c639c799 [ 344.406045][T10927] RDX: 000000000000fdf0 RSI: 0000200000000140 RDI: 00000000000000c8 [ 344.406054][T10927] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 344.406063][T10927] R10: 0000000000000039 R11: 0000000000000246 R12: 0000000000000000 [ 344.406072][T10927] R13: 00007fe9c6616128 R14: 00007fe9c6616090 R15: 00007ffcb8ad04d8 [ 344.406092][T10927] [ 345.027741][T10930] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1777'. [ 345.983411][T10949] random: crng reseeded on system resumption [ 346.017285][T10949] FAULT_INJECTION: forcing a failure. [ 346.017285][T10949] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 346.086139][T10949] CPU: 0 UID: 0 PID: 10949 Comm: syz.1.1784 Tainted: G L syzkaller #0 PREEMPT(full) [ 346.086165][T10949] Tainted: [L]=SOFTLOCKUP [ 346.086170][T10949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 346.086179][T10949] Call Trace: [ 346.086185][T10949] [ 346.086191][T10949] dump_stack_lvl+0x100/0x190 [ 346.086219][T10949] should_fail_ex.cold+0x5/0xa [ 346.086235][T10949] ? prepare_alloc_pages+0x16d/0x5f0 [ 346.086254][T10949] should_fail_alloc_page+0xeb/0x140 [ 346.086273][T10949] prepare_alloc_pages+0x1f0/0x5f0 [ 346.086293][T10949] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 346.086317][T10949] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 346.086345][T10949] ? stack_trace_save+0x8e/0xc0 [ 346.086361][T10949] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 346.086383][T10949] ? stack_depot_save_flags+0x27/0x9d0 [ 346.086403][T10949] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 346.086427][T10949] ? kasan_save_stack+0x3f/0x50 [ 346.086440][T10949] ? kasan_save_stack+0x30/0x50 [ 346.086453][T10949] ? kasan_save_track+0x14/0x30 [ 346.086470][T10949] ? do_sys_openat2+0x10d/0x1e0 [ 346.086489][T10949] ? __x64_sys_openat+0x12d/0x210 [ 346.086508][T10949] ? do_syscall_64+0x106/0xf80 [ 346.086528][T10949] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.086545][T10949] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.086562][T10949] ? policy_nodemask+0xed/0x4f0 [ 346.086580][T10949] alloc_pages_mpol+0x1fb/0x550 [ 346.086597][T10949] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 346.086614][T10949] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 346.086633][T10949] alloc_pages_noprof+0x131/0x390 [ 346.086650][T10949] get_zeroed_page_noprof+0x18/0xb0 [ 346.086667][T10949] get_image_page+0x18/0x1a0 [ 346.086690][T10949] alloc_rtree_node+0x3c/0xb0 [ 346.086704][T10949] memory_bm_create+0x65e/0xba0 [ 346.086727][T10949] create_basic_memory_bitmaps+0xbd/0x350 [ 346.086746][T10949] snapshot_open+0x230/0x2a0 [ 346.086762][T10949] ? __pfx_snapshot_open+0x10/0x10 [ 346.086780][T10949] misc_open+0x26d/0x450 [ 346.086798][T10949] ? __pfx_misc_open+0x10/0x10 [ 346.086815][T10949] chrdev_open+0x234/0x6a0 [ 346.086847][T10949] ? __pfx_apparmor_file_open+0x10/0x10 [ 346.086863][T10949] ? __pfx_chrdev_open+0x10/0x10 [ 346.086880][T10949] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 346.086902][T10949] do_dentry_open+0x6d8/0x1660 [ 346.086917][T10949] ? __pfx_chrdev_open+0x10/0x10 [ 346.086937][T10949] vfs_open+0x82/0x3f0 [ 346.086958][T10949] path_openat+0x208c/0x31a0 [ 346.086980][T10949] ? __pfx_path_openat+0x10/0x10 [ 346.087003][T10949] do_file_open+0x20e/0x430 [ 346.087020][T10949] ? __pfx_do_file_open+0x10/0x10 [ 346.087050][T10949] ? alloc_fd+0x476/0x790 [ 346.087067][T10949] ? do_getname+0x191/0x390 [ 346.087087][T10949] do_sys_openat2+0x10d/0x1e0 [ 346.087106][T10949] ? __pfx_do_sys_openat2+0x10/0x10 [ 346.087133][T10949] __x64_sys_openat+0x12d/0x210 [ 346.087155][T10949] ? __pfx___x64_sys_openat+0x10/0x10 [ 346.087182][T10949] do_syscall_64+0x106/0xf80 [ 346.087203][T10949] ? clear_bhb_loop+0x40/0x90 [ 346.087222][T10949] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.087237][T10949] RIP: 0033:0x7fe9c639c799 [ 346.087250][T10949] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 346.087265][T10949] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 346.087279][T10949] RAX: ffffffffffffffda RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 346.087290][T10949] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 346.087300][T10949] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 346.087309][T10949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 346.087318][T10949] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 346.087338][T10949] [ 347.401100][T10970] FAULT_INJECTION: forcing a failure. [ 347.401100][T10970] name failslab, interval 1, probability 0, space 0, times 0 [ 347.452595][T10970] CPU: 0 UID: 0 PID: 10970 Comm: syz.1.1790 Tainted: G L syzkaller #0 PREEMPT(full) [ 347.452621][T10970] Tainted: [L]=SOFTLOCKUP [ 347.452627][T10970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 347.452636][T10970] Call Trace: [ 347.452642][T10970] [ 347.452647][T10970] dump_stack_lvl+0x100/0x190 [ 347.452680][T10970] should_fail_ex.cold+0x5/0xa [ 347.452698][T10970] should_failslab+0xc2/0x120 [ 347.452716][T10970] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 347.452738][T10970] ? seq_open+0x55/0x170 [ 347.452756][T10970] ? __pfx_apparmor_file_open+0x10/0x10 [ 347.452775][T10970] seq_open+0x55/0x170 [ 347.452794][T10970] profile_open+0x3b/0x50 [ 347.452809][T10970] do_dentry_open+0x6d8/0x1660 [ 347.452823][T10970] ? __pfx_profile_open+0x10/0x10 [ 347.452842][T10970] vfs_open+0x82/0x3f0 [ 347.452862][T10970] path_openat+0x208c/0x31a0 [ 347.452884][T10970] ? __pfx_path_openat+0x10/0x10 [ 347.452906][T10970] do_file_open+0x20e/0x430 [ 347.452923][T10970] ? __pfx_do_file_open+0x10/0x10 [ 347.452951][T10970] ? alloc_fd+0x476/0x790 [ 347.452968][T10970] ? do_getname+0x191/0x390 [ 347.452988][T10970] do_sys_openat2+0x10d/0x1e0 [ 347.453007][T10970] ? __pfx_do_sys_openat2+0x10/0x10 [ 347.453027][T10970] ? __fget_files+0x21f/0x3d0 [ 347.453045][T10970] __x64_sys_openat+0x12d/0x210 [ 347.453064][T10970] ? __pfx___x64_sys_openat+0x10/0x10 [ 347.453091][T10970] do_syscall_64+0x106/0xf80 [ 347.453112][T10970] ? clear_bhb_loop+0x40/0x90 [ 347.453131][T10970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.453147][T10970] RIP: 0033:0x7fe9c639c799 [ 347.453160][T10970] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 347.453175][T10970] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 347.453190][T10970] RAX: ffffffffffffffda RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 347.453200][T10970] RDX: 0000000000040001 RSI: 00002000000014c0 RDI: ffffffffffffff9c [ 347.453209][T10970] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 347.453218][T10970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 347.453226][T10970] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 347.453245][T10970] [ 347.926920][T10959] zswap: compressor not available [ 348.399835][T10973] netlink: 198 bytes leftover after parsing attributes in process `syz.2.1791'. [ 348.651905][T10981] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1795'. [ 349.069514][T10995] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1800'. [ 350.123005][T11011] FAULT_INJECTION: forcing a failure. [ 350.123005][T11011] name failslab, interval 1, probability 0, space 0, times 0 [ 350.190298][T11011] CPU: 0 UID: 0 PID: 11011 Comm: syz.3.1804 Tainted: G L syzkaller #0 PREEMPT(full) [ 350.190323][T11011] Tainted: [L]=SOFTLOCKUP [ 350.190329][T11011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 350.190338][T11011] Call Trace: [ 350.190343][T11011] [ 350.190349][T11011] dump_stack_lvl+0x100/0x190 [ 350.190375][T11011] should_fail_ex.cold+0x5/0xa [ 350.190405][T11011] should_failslab+0xc2/0x120 [ 350.190423][T11011] __kmalloc_cache_noprof+0x7a/0x6f0 [ 350.190443][T11011] ? proc_thread_self_get_link+0x1a6/0x210 [ 350.190469][T11011] proc_thread_self_get_link+0x1a6/0x210 [ 350.190492][T11011] pick_link+0xac2/0x13c0 [ 350.190513][T11011] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 350.190537][T11011] step_into_slowpath+0x9ba/0xf90 [ 350.190562][T11011] ? __pfx_step_into_slowpath+0x10/0x10 [ 350.190588][T11011] ? lookup_fast+0x2da/0x600 [ 350.190606][T11011] ? inode_permission+0x374/0x620 [ 350.190633][T11011] link_path_walk+0xf28/0x1cc0 [ 350.190663][T11011] path_openat+0x1be/0x31a0 [ 350.190677][T11011] ? kasan_save_stack+0x3f/0x50 [ 350.190690][T11011] ? kasan_save_stack+0x30/0x50 [ 350.190703][T11011] ? kasan_save_track+0x14/0x30 [ 350.190716][T11011] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 350.190743][T11011] ? __pfx_path_openat+0x10/0x10 [ 350.190766][T11011] do_file_open+0x20e/0x430 [ 350.190783][T11011] ? __pfx_do_file_open+0x10/0x10 [ 350.190812][T11011] ? alloc_fd+0x476/0x790 [ 350.190829][T11011] ? do_getname+0x191/0x390 [ 350.190849][T11011] do_sys_openat2+0x10d/0x1e0 [ 350.190869][T11011] ? __pfx_do_sys_openat2+0x10/0x10 [ 350.190895][T11011] __x64_sys_openat+0x12d/0x210 [ 350.190915][T11011] ? __pfx___x64_sys_openat+0x10/0x10 [ 350.190942][T11011] do_syscall_64+0x106/0xf80 [ 350.190963][T11011] ? clear_bhb_loop+0x40/0x90 [ 350.190982][T11011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.190998][T11011] RIP: 0033:0x7fa7d639c799 [ 350.191011][T11011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 350.191025][T11011] RSP: 002b:00007fa7d7258028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 350.191040][T11011] RAX: ffffffffffffffda RBX: 00007fa7d6615fa0 RCX: 00007fa7d639c799 [ 350.191050][T11011] RDX: 0000000000000802 RSI: 0000200000000200 RDI: ffffffffffffff9c [ 350.191060][T11011] RBP: 00007fa7d6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 350.191069][T11011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 350.191078][T11011] R13: 00007fa7d6616038 R14: 00007fa7d6615fa0 R15: 00007ffe7bae9ef8 [ 350.191099][T11011] [ 352.523818][T11080] netlink: 'syz.1.1823': attribute type 4 has an invalid length. [ 352.737759][T11076] FAULT_INJECTION: forcing a failure. [ 352.737759][T11076] name fail_futex, interval 1, probability 0, space 0, times 0 [ 352.819068][T11076] CPU: 0 UID: 0 PID: 11076 Comm: syz.0.1829 Tainted: G L syzkaller #0 PREEMPT(full) [ 352.819093][T11076] Tainted: [L]=SOFTLOCKUP [ 352.819098][T11076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 352.819117][T11076] Call Trace: [ 352.819155][T11076] [ 352.819160][T11076] dump_stack_lvl+0x100/0x190 [ 352.819244][T11076] should_fail_ex.cold+0x5/0xa [ 352.819275][T11076] get_futex_key+0x295/0x1620 [ 352.819312][T11076] ? __pfx_get_futex_key+0x10/0x10 [ 352.819327][T11076] ? lock_acquire+0x1cf/0x380 [ 352.819360][T11076] futex_wake+0xea/0x530 [ 352.819382][T11076] ? __pfx_futex_wake+0x10/0x10 [ 352.819403][T11076] ? exit_mm_release+0x19/0x30 [ 352.819432][T11076] do_futex+0x32b/0x350 [ 352.819451][T11076] ? __pfx_do_futex+0x10/0x10 [ 352.819467][T11076] ? __might_fault+0xc5/0x140 [ 352.819503][T11076] mm_release+0x24a/0x2f0 [ 352.819519][T11076] do_exit+0x704/0x2b60 [ 352.819540][T11076] ? __pfx_do_exit+0x10/0x10 [ 352.819557][T11076] ? do_raw_spin_lock+0x128/0x260 [ 352.819576][T11076] ? find_held_lock+0x2b/0x80 [ 352.819590][T11076] ? get_signal+0x7e0/0x21e0 [ 352.819613][T11076] do_group_exit+0xd5/0x2a0 [ 352.819633][T11076] get_signal+0x1ec7/0x21e0 [ 352.819655][T11076] ? __pfx_get_signal+0x10/0x10 [ 352.819670][T11076] ? do_futex+0x192/0x350 [ 352.819690][T11076] arch_do_signal_or_restart+0x91/0x770 [ 352.819717][T11076] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 352.819739][T11076] ? __pfx___x64_sys_futex+0x10/0x10 [ 352.819761][T11076] exit_to_user_mode_loop+0x86/0x4a0 [ 352.819785][T11076] do_syscall_64+0x668/0xf80 [ 352.819885][T11076] ? clear_bhb_loop+0x40/0x90 [ 352.819909][T11076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.819924][T11076] RIP: 0033:0x7f2c1db9c799 [ 352.819936][T11076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 352.819950][T11076] RSP: 002b:00007f2c1e9a80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 352.819996][T11076] RAX: fffffffffffffe00 RBX: 00007f2c1de16098 RCX: 00007f2c1db9c799 [ 352.820006][T11076] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2c1de16098 [ 352.820014][T11076] RBP: 00007f2c1de16090 R08: 0000000000000000 R09: 0000000000000000 [ 352.820023][T11076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 352.820031][T11076] R13: 00007f2c1de16128 R14: 00007fffaae15770 R15: 00007fffaae15858 [ 352.820049][T11076] [ 353.788090][T11102] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1830'. [ 354.829366][T11122] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1838'. [ 354.881574][T11122] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1838'. [ 355.341540][T11135] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1844'. [ 355.533407][T11141] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1847'. [ 356.103450][T11163] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1857'. [ 356.142858][T11163] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1857'. [ 356.310717][T11168] FAULT_INJECTION: forcing a failure. [ 356.310717][T11168] name failslab, interval 1, probability 0, space 0, times 0 [ 356.401530][T11168] CPU: 0 UID: 0 PID: 11168 Comm: syz.1.1859 Tainted: G L syzkaller #0 PREEMPT(full) [ 356.401556][T11168] Tainted: [L]=SOFTLOCKUP [ 356.401561][T11168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 356.401570][T11168] Call Trace: [ 356.401576][T11168] [ 356.401582][T11168] dump_stack_lvl+0x100/0x190 [ 356.401609][T11168] should_fail_ex.cold+0x5/0xa [ 356.401628][T11168] should_failslab+0xc2/0x120 [ 356.401668][T11168] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 356.401693][T11168] ? snd_pcm_hw_rule_add+0x3b3/0x510 [ 356.401792][T11168] krealloc_node_align_noprof+0x30a/0x3e0 [ 356.401815][T11168] ? __split_page_owner+0x1f9/0x350 [ 356.401842][T11168] snd_pcm_hw_rule_add+0x3b3/0x510 [ 356.401859][T11168] ? __pfx_snd_pcm_hw_rule_format+0x10/0x10 [ 356.401903][T11168] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 356.401922][T11168] ? mutex_init_lockep+0x110/0x150 [ 356.401950][T11168] ? snd_pcm_attach_substream+0x29b/0xd60 [ 356.402000][T11168] snd_pcm_open_substream+0x54a/0x1850 [ 356.402024][T11168] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 356.402047][T11168] ? rcu_is_watching+0x12/0xc0 [ 356.402073][T11168] snd_pcm_open+0x2a3/0x710 [ 356.402096][T11168] ? __pfx_snd_pcm_open+0x10/0x10 [ 356.402119][T11168] ? __pfx_default_wake_function+0x10/0x10 [ 356.402141][T11168] ? __pfx_snd_pcm_playback_open+0x10/0x10 [ 356.402162][T11168] snd_pcm_playback_open+0x86/0xe0 [ 356.402183][T11168] snd_open+0x22d/0x4c0 [ 356.402242][T11168] ? __pfx_snd_open+0x10/0x10 [ 356.402259][T11168] chrdev_open+0x234/0x6a0 [ 356.402275][T11168] ? __pfx_apparmor_file_open+0x10/0x10 [ 356.402340][T11168] ? __pfx_chrdev_open+0x10/0x10 [ 356.402357][T11168] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 356.402387][T11168] do_dentry_open+0x6d8/0x1660 [ 356.402402][T11168] ? __pfx_chrdev_open+0x10/0x10 [ 356.402422][T11168] vfs_open+0x82/0x3f0 [ 356.402448][T11168] path_openat+0x208c/0x31a0 [ 356.402471][T11168] ? __pfx_path_openat+0x10/0x10 [ 356.402494][T11168] do_file_open+0x20e/0x430 [ 356.402511][T11168] ? __pfx_do_file_open+0x10/0x10 [ 356.402540][T11168] ? alloc_fd+0x476/0x790 [ 356.402562][T11168] ? do_getname+0x191/0x390 [ 356.402583][T11168] do_sys_openat2+0x10d/0x1e0 [ 356.402602][T11168] ? __pfx_do_sys_openat2+0x10/0x10 [ 356.402628][T11168] __x64_sys_openat+0x12d/0x210 [ 356.402648][T11168] ? __pfx___x64_sys_openat+0x10/0x10 [ 356.402675][T11168] do_syscall_64+0x106/0xf80 [ 356.402696][T11168] ? clear_bhb_loop+0x40/0x90 [ 356.402716][T11168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.402731][T11168] RIP: 0033:0x7fe9c639c799 [ 356.402744][T11168] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 356.402760][T11168] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 356.402775][T11168] RAX: ffffffffffffffda RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 356.402785][T11168] RDX: 0000000000002100 RSI: 0000200000004ec0 RDI: ffffffffffffff9c [ 356.402794][T11168] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 356.402803][T11168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.402812][T11168] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 356.402832][T11168] [ 356.975477][T11185] netlink: 'syz.3.1868': attribute type 21 has an invalid length. [ 356.983334][T11185] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1868'. [ 357.439160][T11193] Process accounting resumed [ 357.955571][T11215] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1880'. [ 358.317235][T11224] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1884'. [ 358.873751][T11239] netlink: 'syz.1.1890': attribute type 4 has an invalid length. [ 358.980693][T11244] __nla_validate_parse: 1 callbacks suppressed [ 358.980706][T11244] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1892'. [ 359.263326][T11251] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 360.199245][T11279] netlink: 'syz.0.1905': attribute type 19 has an invalid length. [ 360.226866][T11279] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1905'. [ 361.993687][T11314] zswap: compressor not available [ 362.054901][T11322] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1921'. [ 362.145294][T11325] mmap: syz.1.1922 (11325) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 362.158899][T11310] ptrace attach of "./syz-executor exec"[5822] was attempted by ""[11310] [ 362.372895][T11330] futex_wake_op: syz.3.1925 tries to shift op by -2048; fix this program [ 362.409742][T11330] futex_wake_op: syz.3.1925 tries to shift op by -2048; fix this program [ 362.807478][T11341] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1929'. [ 363.831083][T11358] futex_wake_op: syz.3.1935 tries to shift op by -2048; fix this program [ 363.879678][T11358] 0x000000000001-0x000000020000 : "" [ 363.927392][T11358] ftl_cs: FTL header corrupt! [ 364.454758][T11369] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 366.087664][T11421] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1960'. [ 366.724292][T11435] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1966'. [ 367.029342][T11441] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1969'. [ 367.249448][T11445] bond0: option all_slaves_active: invalid value (7) [ 370.545513][T11517] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1994'. [ 371.152994][T11537] netlink: 322 bytes leftover after parsing attributes in process `syz.3.2002'. [ 371.657591][T11550] FAULT_INJECTION: forcing a failure. [ 371.657591][T11550] name failslab, interval 1, probability 0, space 0, times 0 [ 371.718969][T11550] CPU: 0 UID: 0 PID: 11550 Comm: syz.1.2007 Tainted: G L syzkaller #0 PREEMPT(full) [ 371.718996][T11550] Tainted: [L]=SOFTLOCKUP [ 371.719001][T11550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 371.719011][T11550] Call Trace: [ 371.719016][T11550] [ 371.719023][T11550] dump_stack_lvl+0x100/0x190 [ 371.719051][T11550] should_fail_ex.cold+0x5/0xa [ 371.719069][T11550] should_failslab+0xc2/0x120 [ 371.719086][T11550] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 371.719108][T11550] ? ptlock_alloc+0x1f/0x70 [ 371.719138][T11550] ptlock_alloc+0x1f/0x70 [ 371.719157][T11550] pte_alloc_one+0x82/0x3d0 [ 371.719175][T11550] do_fault+0x88e/0x1990 [ 371.719192][T11550] ? __pmd_alloc+0x3fb/0x950 [ 371.719210][T11550] __handle_mm_fault+0x180f/0x2b60 [ 371.719233][T11550] ? mt_find+0x45e/0x8e0 [ 371.719325][T11550] ? __pfx___handle_mm_fault+0x10/0x10 [ 371.719344][T11550] ? __pfx_mt_find+0x10/0x10 [ 371.719370][T11550] ? find_vma+0xbf/0x140 [ 371.719385][T11550] ? __pfx_find_vma+0x10/0x10 [ 371.719402][T11550] handle_mm_fault+0x36d/0xa20 [ 371.719427][T11550] do_user_addr_fault+0x74c/0x12f0 [ 371.719448][T11550] exc_page_fault+0x6f/0xd0 [ 371.719495][T11550] asm_exc_page_fault+0x26/0x30 [ 371.719510][T11550] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 371.719530][T11550] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 371.719544][T11550] RSP: 0018:ffffc90004bb7e38 EFLAGS: 00050202 [ 371.719557][T11550] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000c [ 371.719566][T11550] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90004bb7e90 [ 371.719576][T11550] RBP: 000000000000000c R08: 0000000000000001 R09: fffff52000976fd3 [ 371.719584][T11550] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 371.719593][T11550] R13: ffffc90004bb7e90 R14: 0000000000000001 R15: 0000000000000004 [ 371.719612][T11550] _copy_from_user+0x98/0xd0 [ 371.719671][T11550] __x64_sys_epoll_ctl+0x131/0x1e0 [ 371.719691][T11550] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 371.719714][T11550] do_syscall_64+0x106/0xf80 [ 371.719735][T11550] ? clear_bhb_loop+0x40/0x90 [ 371.719752][T11550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.719768][T11550] RIP: 0033:0x7fe9c639c799 [ 371.719780][T11550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 371.719794][T11550] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 371.719807][T11550] RAX: ffffffffffffffda RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 371.719817][T11550] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 371.719825][T11550] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 371.719834][T11550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 371.719843][T11550] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 371.719863][T11550] [ 372.679117][T11572] sg_write: data in/out 81/90 bytes for SCSI command 0x0-- guessing data in; [ 372.679117][T11572] program syz.3.2017 not setting count and/or reply_len properly [ 372.762099][T11574] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2019'. [ 372.976937][T11583] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2022'. [ 373.268853][T11587] zswap: compressor not available [ 373.788274][T11613] FAULT_INJECTION: forcing a failure. [ 373.788274][T11613] name failslab, interval 1, probability 0, space 0, times 0 [ 373.845236][T11615] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2031'. [ 373.902538][T11613] CPU: 0 UID: 0 PID: 11613 Comm: syz.2.2029 Tainted: G L syzkaller #0 PREEMPT(full) [ 373.902565][T11613] Tainted: [L]=SOFTLOCKUP [ 373.902571][T11613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 373.902580][T11613] Call Trace: [ 373.902585][T11613] [ 373.902591][T11613] dump_stack_lvl+0x100/0x190 [ 373.902619][T11613] should_fail_ex.cold+0x5/0xa [ 373.902638][T11613] should_failslab+0xc2/0x120 [ 373.902655][T11613] __kvmalloc_node_noprof+0xfa/0xa00 [ 373.902683][T11613] ? alloc_fdtable+0x110/0x2d0 [ 373.902704][T11613] alloc_fdtable+0x110/0x2d0 [ 373.902719][T11613] dup_fd+0x995/0xd10 [ 373.902736][T11613] ? fd_statfs+0xdd/0x120 [ 373.902761][T11613] ksys_unshare+0x7ad/0xad0 [ 373.902781][T11613] ? __pfx_ksys_unshare+0x10/0x10 [ 373.902806][T11613] __x64_sys_unshare+0x31/0x40 [ 373.902825][T11613] do_syscall_64+0x106/0xf80 [ 373.902847][T11613] ? clear_bhb_loop+0x40/0x90 [ 373.902865][T11613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.902880][T11613] RIP: 0033:0x7fc875f9c799 [ 373.902894][T11613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 373.902908][T11613] RSP: 002b:00007fc8741f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 373.902930][T11613] RAX: ffffffffffffffda RBX: 00007fc876216090 RCX: 00007fc875f9c799 [ 373.902941][T11613] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 373.902949][T11613] RBP: 00007fc876032c99 R08: 0000000000000000 R09: 0000000000000000 [ 373.902958][T11613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 373.902967][T11613] R13: 00007fc876216128 R14: 00007fc876216090 R15: 00007fffcc1208f8 [ 373.902987][T11613] [ 374.369186][T11622] zswap: compressor not available [ 375.734353][T11660] futex_wake_op: syz.0.2044 tries to shift op by -2048; fix this program [ 375.831265][T11660] futex_wake_op: syz.0.2044 tries to shift op by -2048; fix this program [ 376.685865][T11687] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2056'. [ 376.993710][T11694] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2059'. [ 377.268912][T11702] FAULT_INJECTION: forcing a failure. [ 377.268912][T11702] name failslab, interval 1, probability 0, space 0, times 0 [ 377.333434][T11702] CPU: 0 UID: 0 PID: 11702 Comm: syz.2.2063 Tainted: G L syzkaller #0 PREEMPT(full) [ 377.333460][T11702] Tainted: [L]=SOFTLOCKUP [ 377.333466][T11702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 377.333475][T11702] Call Trace: [ 377.333481][T11702] [ 377.333487][T11702] dump_stack_lvl+0x100/0x190 [ 377.333515][T11702] should_fail_ex.cold+0x5/0xa [ 377.333534][T11702] should_failslab+0xc2/0x120 [ 377.333551][T11702] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 377.333573][T11702] ? security_inode_alloc+0x3b/0x2c0 [ 377.333661][T11702] ? lockdep_init_map_type+0x5c/0x250 [ 377.333685][T11702] security_inode_alloc+0x3b/0x2c0 [ 377.333701][T11702] inode_init_always_gfp+0xced/0x1040 [ 377.333720][T11702] alloc_inode+0x8e/0x250 [ 377.333739][T11702] path_from_stashed+0x25b/0x750 [ 377.333760][T11702] ns_get_path+0x60/0x80 [ 377.333776][T11702] proc_ns_get_link+0x121/0x230 [ 377.333818][T11702] ? __pfx_proc_ns_get_link+0x10/0x10 [ 377.333841][T11702] ? atime_needs_update+0x8b/0x6b0 [ 377.333864][T11702] pick_link+0xd17/0x13c0 [ 377.333885][T11702] ? __pfx_proc_ns_get_link+0x10/0x10 [ 377.333907][T11702] step_into_slowpath+0x9ba/0xf90 [ 377.333932][T11702] ? __pfx_step_into_slowpath+0x10/0x10 [ 377.333954][T11702] ? find_held_lock+0x2b/0x80 [ 377.333974][T11702] path_openat+0xf95/0x31a0 [ 377.334001][T11702] ? __pfx_path_openat+0x10/0x10 [ 377.334023][T11702] do_file_open+0x20e/0x430 [ 377.334040][T11702] ? __pfx_do_file_open+0x10/0x10 [ 377.334070][T11702] ? alloc_fd+0x476/0x790 [ 377.334087][T11702] ? do_getname+0x191/0x390 [ 377.334107][T11702] do_sys_openat2+0x10d/0x1e0 [ 377.334127][T11702] ? __pfx_do_sys_openat2+0x10/0x10 [ 377.334149][T11702] ? __fget_files+0x21f/0x3d0 [ 377.334167][T11702] __x64_sys_openat+0x12d/0x210 [ 377.334187][T11702] ? __pfx___x64_sys_openat+0x10/0x10 [ 377.334213][T11702] do_syscall_64+0x106/0xf80 [ 377.334235][T11702] ? clear_bhb_loop+0x40/0x90 [ 377.334253][T11702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.334269][T11702] RIP: 0033:0x7fc875f5cfce [ 377.334283][T11702] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 377.334297][T11702] RSP: 002b:00007fc876d7aec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 377.334313][T11702] RAX: ffffffffffffffda RBX: 00007fc876d7b6c0 RCX: 00007fc875f5cfce [ 377.334323][T11702] RDX: 0000000000000002 RSI: 00007fc876d7af90 RDI: ffffffffffffff9c [ 377.334332][T11702] RBP: 00007fc876032c99 R08: 0000000000000000 R09: 0000000000000000 [ 377.334342][T11702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 377.334350][T11702] R13: 00007fc876216038 R14: 00007fc876215fa0 R15: 00007fffcc1208f8 [ 377.334370][T11702] [ 378.514537][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.520814][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.541317][T11713] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 378.584449][T11713] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 379.235200][T11727] phram: parameter too long [ 379.457275][T11745] aoe: skb alloc failure [ 379.494097][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.500364][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.629432][T11750] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2083'. [ 379.721520][T11756] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2083'. [ 379.735534][T11754] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2086'. [ 382.989711][T11842] FAULT_INJECTION: forcing a failure. [ 382.989711][T11842] name failslab, interval 1, probability 0, space 0, times 0 [ 383.112693][T11842] CPU: 0 UID: 0 PID: 11842 Comm: syz.2.2121 Tainted: G L syzkaller #0 PREEMPT(full) [ 383.112719][T11842] Tainted: [L]=SOFTLOCKUP [ 383.112724][T11842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 383.112733][T11842] Call Trace: [ 383.112740][T11842] [ 383.112748][T11842] dump_stack_lvl+0x100/0x190 [ 383.112776][T11842] should_fail_ex.cold+0x5/0xa [ 383.112795][T11842] should_failslab+0xc2/0x120 [ 383.112812][T11842] __kmalloc_cache_noprof+0x7a/0x6f0 [ 383.112831][T11842] ? __request_module+0x2b7/0x6c0 [ 383.112851][T11842] ? lockdep_hardirqs_on+0x78/0x100 [ 383.112876][T11842] __request_module+0x2b7/0x6c0 [ 383.112897][T11842] ? __pfx___request_module+0x10/0x10 [ 383.112922][T11842] ? __get_fs_type+0x12c/0x170 [ 383.112940][T11842] ? __get_fs_type+0x12c/0x170 [ 383.112971][T11842] get_fs_type+0xd7/0x190 [ 383.112989][T11842] __x64_sys_fsopen+0xca/0x220 [ 383.113010][T11842] do_syscall_64+0x106/0xf80 [ 383.113032][T11842] ? clear_bhb_loop+0x40/0x90 [ 383.113049][T11842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.113064][T11842] RIP: 0033:0x7fc875f9c799 [ 383.113077][T11842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 383.113091][T11842] RSP: 002b:00007fc8741f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 383.113106][T11842] RAX: ffffffffffffffda RBX: 00007fc876216090 RCX: 00007fc875f9c799 [ 383.113116][T11842] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 383.113124][T11842] RBP: 00007fc876032c99 R08: 0000000000000000 R09: 0000000000000000 [ 383.113133][T11842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 383.113141][T11842] R13: 00007fc876216128 R14: 00007fc876216090 R15: 00007fffcc1208f8 [ 383.113160][T11842] [ 383.532855][T11847] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2123'. [ 383.949997][T11841] kexec: Could not allocate control_code_buffer [ 384.137047][T11852] zswap: compressor not available [ 384.690098][T11871] netlink: 'syz.3.2129': attribute type 4 has an invalid length. [ 384.765075][T11879] device-mapper: ioctl: name not supplied when creating device [ 384.928590][T11883] netlink: 'syz.3.2136': attribute type 28 has an invalid length. [ 384.945973][T11883] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2136'. [ 385.351663][T11892] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2140'. [ 385.861904][T11908] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2144'. [ 386.431920][T11929] kvm: kvm [11926]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000004) [ 387.600061][T11972] UHID_CREATE from different security context by process 1371 (syz.3.2162), this is not allowed. [ 387.622881][T11964] Process accounting paused [ 388.063556][T11992] netlink: 142 bytes leftover after parsing attributes in process `syz.2.2169'. [ 388.631680][T12006] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2175'. [ 389.613997][T12025] netlink: 21 bytes leftover after parsing attributes in process `syz.0.2183'. [ 389.943043][T12038] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2189'. [ 390.379053][T12050] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2195'. [ 390.412038][T12050] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2195'. [ 390.628669][T12060] netlink: 198 bytes leftover after parsing attributes in process `syz.0.2199'. [ 390.736048][T12064] phram: not enough arguments [ 391.777916][T12106] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2217'. [ 392.589604][T12136] FAULT_INJECTION: forcing a failure. [ 392.589604][T12136] name failslab, interval 1, probability 0, space 0, times 0 [ 392.665775][T12136] CPU: 0 UID: 0 PID: 12136 Comm: syz.1.2227 Tainted: G L syzkaller #0 PREEMPT(full) [ 392.665801][T12136] Tainted: [L]=SOFTLOCKUP [ 392.665806][T12136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 392.665816][T12136] Call Trace: [ 392.665821][T12136] [ 392.665828][T12136] dump_stack_lvl+0x100/0x190 [ 392.665858][T12136] should_fail_ex.cold+0x5/0xa [ 392.665878][T12136] should_failslab+0xc2/0x120 [ 392.665897][T12136] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 392.665919][T12136] ? __kernfs_new_node+0xd2/0x960 [ 392.665946][T12136] __kernfs_new_node+0xd2/0x960 [ 392.665977][T12136] ? __pfx___kernfs_new_node+0x10/0x10 [ 392.666004][T12136] ? find_held_lock+0x2b/0x80 [ 392.666019][T12136] ? kernfs_root+0xee/0x2a0 [ 392.666046][T12136] ? kernfs_root+0xee/0x2a0 [ 392.666070][T12136] kernfs_new_node+0x11b/0x1a0 [ 392.666088][T12136] __kernfs_create_file+0x53/0x350 [ 392.666108][T12136] sysfs_add_file_mode_ns+0x207/0x3c0 [ 392.666134][T12136] sysfs_merge_group+0x194/0x340 [ 392.666156][T12136] ? __pfx_sysfs_merge_group+0x10/0x10 [ 392.666177][T12136] ? bus_add_device+0x368/0x6b0 [ 392.666287][T12136] ? __pfx_bus_add_device+0x10/0x10 [ 392.666308][T12136] ? __pfx_dev_add_physical_location+0x10/0x10 [ 392.666360][T12136] dpm_sysfs_add+0x237/0x280 [ 392.666400][T12136] device_add+0x9ef/0x1950 [ 392.666420][T12136] ? __pfx_device_add+0x10/0x10 [ 392.666438][T12136] ? lockdep_init_map_type+0x5c/0x250 [ 392.666459][T12136] ? __init_waitqueue_head+0xca/0x150 [ 392.666486][T12136] rfkill_register+0x1ad/0xb30 [ 392.666566][T12136] nfc_register_device+0x11f/0x3e0 [ 392.666659][T12136] nci_register_device+0x7f1/0xb80 [ 392.666726][T12136] ? __pfx_nci_register_device+0x10/0x10 [ 392.666748][T12136] ? lockdep_init_map_type+0x5c/0x250 [ 392.666772][T12136] virtual_ncidev_open+0x141/0x220 [ 392.666841][T12136] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 392.666862][T12136] misc_open+0x26d/0x450 [ 392.666938][T12136] ? __pfx_misc_open+0x10/0x10 [ 392.666963][T12136] chrdev_open+0x234/0x6a0 [ 392.666979][T12136] ? __pfx_apparmor_file_open+0x10/0x10 [ 392.666997][T12136] ? __pfx_chrdev_open+0x10/0x10 [ 392.667013][T12136] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 392.667035][T12136] do_dentry_open+0x6d8/0x1660 [ 392.667051][T12136] ? __pfx_chrdev_open+0x10/0x10 [ 392.667071][T12136] vfs_open+0x82/0x3f0 [ 392.667092][T12136] path_openat+0x208c/0x31a0 [ 392.667115][T12136] ? __pfx_path_openat+0x10/0x10 [ 392.667138][T12136] do_file_open+0x20e/0x430 [ 392.667155][T12136] ? __pfx_do_file_open+0x10/0x10 [ 392.667185][T12136] ? alloc_fd+0x476/0x790 [ 392.667202][T12136] ? do_getname+0x191/0x390 [ 392.667222][T12136] do_sys_openat2+0x10d/0x1e0 [ 392.667241][T12136] ? __pfx_do_sys_openat2+0x10/0x10 [ 392.667262][T12136] ? __fget_files+0x21f/0x3d0 [ 392.667281][T12136] __x64_sys_openat+0x12d/0x210 [ 392.667301][T12136] ? __pfx___x64_sys_openat+0x10/0x10 [ 392.667328][T12136] do_syscall_64+0x106/0xf80 [ 392.667350][T12136] ? clear_bhb_loop+0x40/0x90 [ 392.667369][T12136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.667384][T12136] RIP: 0033:0x7fe9c639c799 [ 392.667397][T12136] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 392.667411][T12136] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 392.667427][T12136] RAX: ffffffffffffffda RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 392.667437][T12136] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 392.667447][T12136] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 392.667456][T12136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 392.667465][T12136] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 392.667485][T12136] [ 393.166722][ T30] audit: type=1804 audit(1774576917.834:8): pid=12144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2229" name="/newroot/558/file0" dev="tmpfs" ino=2857 res=1 errno=0 [ 393.187970][ T30] audit: type=1804 audit(1774576917.854:9): pid=12144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2229" name="/newroot/558/file0" dev="tmpfs" ino=2857 res=1 errno=0 [ 394.188549][T12167] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2233'. [ 394.398081][T12174] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2235'. [ 394.465257][T12174] netlink: 13 bytes leftover after parsing attributes in process `syz.1.2235'. [ 394.532368][T12174] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2235'. [ 395.533102][T12210] netlink: 146 bytes leftover after parsing attributes in process `syz.0.2247'. [ 397.977528][T12296] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2279'. [ 398.525725][ T30] audit: type=1800 audit(1774576923.284:10): pid=12315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2284" name="members" dev="configfs" ino=183654 res=0 errno=0 [ 398.990758][T12328] random: crng reseeded on system resumption [ 399.740856][T12351] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2291'. [ 400.367112][T12365] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2294'. [ 400.428133][T12372] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2298'. [ 400.486524][T12372] IPv6: NLM_F_CREATE should be specified when creating new route [ 400.527175][T12372] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 400.534586][T12372] IPv6: NLM_F_CREATE should be set when creating new route [ 400.541798][T12372] IPv6: NLM_F_CREATE should be set when creating new route [ 400.645934][T12378] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2298'. [ 400.693787][T12378] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 405.304337][T12512] netlink: 'syz.0.2337': attribute type 27 has an invalid length. [ 405.350164][T12512] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2337'. [ 406.633656][T12543] FAULT_INJECTION: forcing a failure. [ 406.633656][T12543] name failslab, interval 1, probability 0, space 0, times 0 [ 406.646520][T12543] CPU: 0 UID: 0 PID: 12543 Comm: syz.3.2349 Tainted: G L syzkaller #0 PREEMPT(full) [ 406.646546][T12543] Tainted: [L]=SOFTLOCKUP [ 406.646551][T12543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 406.646560][T12543] Call Trace: [ 406.646566][T12543] [ 406.646572][T12543] dump_stack_lvl+0x100/0x190 [ 406.646600][T12543] should_fail_ex.cold+0x5/0xa [ 406.646619][T12543] should_failslab+0xc2/0x120 [ 406.646636][T12543] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 406.646658][T12543] ? __send_signal_locked+0x155/0x12d0 [ 406.646686][T12543] __send_signal_locked+0x155/0x12d0 [ 406.646711][T12543] group_send_sig_info+0x2a4/0x300 [ 406.646729][T12543] ? __pfx_group_send_sig_info+0x10/0x10 [ 406.646752][T12543] ? kill_pid_info_type+0x1a/0x290 [ 406.646767][T12543] kill_pid_info_type+0x92/0x290 [ 406.646786][T12543] kill_proc_info+0x6f/0x1b0 [ 406.646803][T12543] kill_something_info+0x2a0/0x310 [ 406.646823][T12543] __x64_sys_kill+0x1c4/0x250 [ 406.646841][T12543] ? __pfx___x64_sys_kill+0x10/0x10 [ 406.646868][T12543] do_syscall_64+0x106/0xf80 [ 406.646890][T12543] ? clear_bhb_loop+0x40/0x90 [ 406.646907][T12543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.646922][T12543] RIP: 0033:0x7fa7d639c799 [ 406.646935][T12543] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 406.646950][T12543] RSP: 002b:00007fa7d7258028 EFLAGS: 00000246 ORIG_RAX: 000000000000003e [ 406.646964][T12543] RAX: ffffffffffffffda RBX: 00007fa7d6615fa0 RCX: 00007fa7d639c799 [ 406.646974][T12543] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00000000000005bc [ 406.646993][T12543] RBP: 00007fa7d6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 406.647002][T12543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 406.647011][T12543] R13: 00007fa7d6616038 R14: 00007fa7d6615fa0 R15: 00007ffe7bae9ef8 [ 406.647030][T12543] [ 408.324486][T12585] FAULT_INJECTION: forcing a failure. [ 408.324486][T12585] name failslab, interval 1, probability 0, space 0, times 0 [ 408.372558][T12585] CPU: 0 UID: 0 PID: 12585 Comm: syz.2.2364 Tainted: G L syzkaller #0 PREEMPT(full) [ 408.372584][T12585] Tainted: [L]=SOFTLOCKUP [ 408.372590][T12585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 408.372599][T12585] Call Trace: [ 408.372604][T12585] [ 408.372610][T12585] dump_stack_lvl+0x100/0x190 [ 408.372638][T12585] should_fail_ex.cold+0x5/0xa [ 408.372657][T12585] should_failslab+0xc2/0x120 [ 408.372674][T12585] __kmalloc_cache_noprof+0x7a/0x6f0 [ 408.372694][T12585] ? wakeup_source_device_create+0x46/0x2e0 [ 408.372791][T12585] wakeup_source_device_create+0x46/0x2e0 [ 408.372811][T12585] wakeup_source_sysfs_add+0x1c/0x90 [ 408.372829][T12585] wakeup_source_register+0x154/0x3e0 [ 408.372846][T12585] ep_create_wakeup_source+0x1df/0x2e0 [ 408.372863][T12585] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 408.372881][T12585] ? do_epoll_ctl+0x1012/0x36a0 [ 408.372896][T12585] ? do_epoll_ctl+0x1012/0x36a0 [ 408.372916][T12585] do_epoll_ctl+0x1eee/0x36a0 [ 408.372939][T12585] ? __pfx_do_epoll_ctl+0x10/0x10 [ 408.372954][T12585] ? find_held_lock+0x2b/0x80 [ 408.372968][T12585] ? __might_fault+0xc5/0x140 [ 408.372988][T12585] ? __might_fault+0xc5/0x140 [ 408.373015][T12585] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 408.373031][T12585] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 408.373048][T12585] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 408.373070][T12585] do_syscall_64+0x106/0xf80 [ 408.373092][T12585] ? clear_bhb_loop+0x40/0x90 [ 408.373110][T12585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.373125][T12585] RIP: 0033:0x7fc875f9c799 [ 408.373138][T12585] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 408.373153][T12585] RSP: 002b:00007fc876d7b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 408.373167][T12585] RAX: ffffffffffffffda RBX: 00007fc876215fa0 RCX: 00007fc875f9c799 [ 408.373177][T12585] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 408.373186][T12585] RBP: 00007fc876032c99 R08: 0000000000000000 R09: 0000000000000000 [ 408.373195][T12585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 408.373203][T12585] R13: 00007fc876216038 R14: 00007fc876215fa0 R15: 00007fffcc1208f8 [ 408.373224][T12585] [ 408.982740][T12587] netlink: 'syz.2.2365': attribute type 14 has an invalid length. [ 409.004000][T12587] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2365'. [ 409.373416][T12593] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2367'. [ 410.039281][T12611] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2375'. [ 410.098973][T12611] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2375'. [ 410.433303][T12622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2379'. [ 410.493329][T12622] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2379'. [ 411.923718][T12652] netlink: 110 bytes leftover after parsing attributes in process `syz.2.2390'. [ 412.538999][T12664] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 412.574073][T12665] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 413.121564][T12673] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2397'. [ 413.716126][T12690] netlink: 'syz.1.2404': attribute type 27 has an invalid length. [ 413.753784][T12690] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2404'. [ 414.426991][T12716] netlink: 'syz.0.2414': attribute type 19 has an invalid length. [ 414.465011][T12716] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2414'. [ 414.834746][T12729] netlink: 21 bytes leftover after parsing attributes in process `syz.0.2420'. [ 415.761511][T12762] FAULT_INJECTION: forcing a failure. [ 415.761511][T12762] name failslab, interval 1, probability 0, space 0, times 0 [ 415.823301][T12762] CPU: 0 UID: 0 PID: 12762 Comm: syz.1.2430 Tainted: G L syzkaller #0 PREEMPT(full) [ 415.823328][T12762] Tainted: [L]=SOFTLOCKUP [ 415.823334][T12762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 415.823343][T12762] Call Trace: [ 415.823348][T12762] [ 415.823354][T12762] dump_stack_lvl+0x100/0x190 [ 415.823382][T12762] should_fail_ex.cold+0x5/0xa [ 415.823401][T12762] should_failslab+0xc2/0x120 [ 415.823418][T12762] __kmalloc_cache_noprof+0x7a/0x6f0 [ 415.823438][T12762] ? wakeup_source_device_create+0x46/0x2e0 [ 415.823461][T12762] wakeup_source_device_create+0x46/0x2e0 [ 415.823480][T12762] wakeup_source_sysfs_add+0x1c/0x90 [ 415.823498][T12762] wakeup_source_register+0x154/0x3e0 [ 415.823515][T12762] ep_create_wakeup_source+0x1df/0x2e0 [ 415.823538][T12762] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 415.823557][T12762] ? do_epoll_ctl+0x1012/0x36a0 [ 415.823572][T12762] ? do_epoll_ctl+0x1012/0x36a0 [ 415.823593][T12762] do_epoll_ctl+0x1eee/0x36a0 [ 415.823618][T12762] ? __pfx_do_epoll_ctl+0x10/0x10 [ 415.823633][T12762] ? find_held_lock+0x2b/0x80 [ 415.823648][T12762] ? __might_fault+0xc5/0x140 [ 415.823668][T12762] ? __might_fault+0xc5/0x140 [ 415.823695][T12762] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 415.823710][T12762] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 415.823727][T12762] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 415.823750][T12762] do_syscall_64+0x106/0xf80 [ 415.823771][T12762] ? clear_bhb_loop+0x40/0x90 [ 415.823790][T12762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 415.823805][T12762] RIP: 0033:0x7fe9c639c799 [ 415.823818][T12762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 415.823832][T12762] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 415.823847][T12762] RAX: ffffffffffffffda RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 415.823856][T12762] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 415.823865][T12762] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 415.823874][T12762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 415.823883][T12762] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 415.823902][T12762] [ 416.803231][T12788] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2439'. [ 417.262070][T12807] ubi0: attaching mtd0 [ 417.294391][T12807] ubi0: scanning is finished [ 417.323161][T12807] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 417.463998][T12807] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 417.929743][T12814] Process accounting resumed [ 418.273528][T12844] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2455'. [ 418.581656][T12859] FAULT_INJECTION: forcing a failure. [ 418.581656][T12859] name failslab, interval 1, probability 0, space 0, times 0 [ 418.627402][T12859] CPU: 0 UID: 0 PID: 12859 Comm: syz.1.2458 Tainted: G L syzkaller #0 PREEMPT(full) [ 418.627427][T12859] Tainted: [L]=SOFTLOCKUP [ 418.627433][T12859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 418.627441][T12859] Call Trace: [ 418.627447][T12859] [ 418.627453][T12859] dump_stack_lvl+0x100/0x190 [ 418.627480][T12859] should_fail_ex.cold+0x5/0xa [ 418.627498][T12859] should_failslab+0xc2/0x120 [ 418.627515][T12859] __kvmalloc_node_noprof+0xfa/0xa00 [ 418.627538][T12859] ? alloc_fdtable+0x110/0x2d0 [ 418.627556][T12859] alloc_fdtable+0x110/0x2d0 [ 418.627571][T12859] dup_fd+0x995/0xd10 [ 418.627586][T12859] ? fd_statfs+0xdd/0x120 [ 418.627610][T12859] ksys_unshare+0x7ad/0xad0 [ 418.627630][T12859] ? __pfx_ksys_unshare+0x10/0x10 [ 418.627655][T12859] __x64_sys_unshare+0x31/0x40 [ 418.627673][T12859] do_syscall_64+0x106/0xf80 [ 418.627695][T12859] ? clear_bhb_loop+0x40/0x90 [ 418.627712][T12859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.627727][T12859] RIP: 0033:0x7fe9c639c799 [ 418.627740][T12859] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 418.627755][T12859] RSP: 002b:00007fe9c72e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 418.627769][T12859] RAX: ffffffffffffffda RBX: 00007fe9c6616090 RCX: 00007fe9c639c799 [ 418.627779][T12859] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 418.627788][T12859] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 418.627796][T12859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 418.627805][T12859] R13: 00007fe9c6616128 R14: 00007fe9c6616090 R15: 00007ffcb8ad04d8 [ 418.627824][T12859] [ 419.991201][T12900] FAULT_INJECTION: forcing a failure. [ 419.991201][T12900] name failslab, interval 1, probability 0, space 0, times 0 [ 420.072955][T12900] CPU: 0 UID: 0 PID: 12900 Comm: syz.3.2473 Tainted: G L syzkaller #0 PREEMPT(full) [ 420.072980][T12900] Tainted: [L]=SOFTLOCKUP [ 420.072985][T12900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 420.072994][T12900] Call Trace: [ 420.073000][T12900] [ 420.073006][T12900] dump_stack_lvl+0x100/0x190 [ 420.073033][T12900] should_fail_ex.cold+0x5/0xa [ 420.073051][T12900] should_failslab+0xc2/0x120 [ 420.073068][T12900] __kvmalloc_node_noprof+0xfa/0xa00 [ 420.073096][T12900] ? alloc_fdtable+0x110/0x2d0 [ 420.073115][T12900] alloc_fdtable+0x110/0x2d0 [ 420.073130][T12900] dup_fd+0x995/0xd10 [ 420.073147][T12900] ? fd_statfs+0xdd/0x120 [ 420.073170][T12900] ksys_unshare+0x7ad/0xad0 [ 420.073190][T12900] ? __pfx_ksys_unshare+0x10/0x10 [ 420.073215][T12900] __x64_sys_unshare+0x31/0x40 [ 420.073233][T12900] do_syscall_64+0x106/0xf80 [ 420.073255][T12900] ? clear_bhb_loop+0x40/0x90 [ 420.073272][T12900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.073288][T12900] RIP: 0033:0x7fa7d639c799 [ 420.073301][T12900] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 420.073315][T12900] RSP: 002b:00007fa7d7237028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 420.073329][T12900] RAX: ffffffffffffffda RBX: 00007fa7d6616090 RCX: 00007fa7d639c799 [ 420.073339][T12900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 420.073348][T12900] RBP: 00007fa7d6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 420.073356][T12900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 420.073365][T12900] R13: 00007fa7d6616128 R14: 00007fa7d6616090 R15: 00007ffe7bae9ef8 [ 420.073384][T12900] [ 420.361101][T12906] aoe: skb alloc failure [ 420.455318][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 420.471803][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 420.856850][T12920] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2484'. [ 421.043075][T12924] netlink: 'syz.0.2486': attribute type 4 has an invalid length. [ 421.066225][T12924] netlink: 'syz.0.2486': attribute type 4 has an invalid length. [ 422.230639][T12965] netlink: 142 bytes leftover after parsing attributes in process `syz.0.2498'. [ 424.064065][T13011] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2520'. [ 426.097189][T13055] tc_dump_action: action bad kind [ 426.114429][T13057] syz.2.2537 (13057): /proc/13056/oom_adj is deprecated, please use /proc/13056/oom_score_adj instead. [ 426.720400][T13075] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2546'. [ 427.022921][T13084] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2550'. [ 427.519203][T13094] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2553'. [ 428.231237][T13113] futex_wake_op: syz.3.2559 tries to shift op by -2048; fix this program [ 428.283326][T13099] phram: parameter too long [ 428.314500][T13113] 0x000000000001-0x000000020000 : "" [ 428.383774][T13113] ftl_cs: FTL header corrupt! [ 430.574295][T13159] MTRR 2 not used [ 430.590862][T13165] process 'syz.1.2576' launched '/dev/fd/6' with NULL argv: empty string added [ 432.950276][T13205] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 434.776209][T13240] FAULT_INJECTION: forcing a failure. [ 434.776209][T13240] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 434.892550][T13240] CPU: 0 UID: 0 PID: 13240 Comm: syz.3.2605 Tainted: G L syzkaller #0 PREEMPT(full) [ 434.892577][T13240] Tainted: [L]=SOFTLOCKUP [ 434.892583][T13240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 434.892593][T13240] Call Trace: [ 434.892599][T13240] [ 434.892605][T13240] dump_stack_lvl+0x100/0x190 [ 434.892633][T13240] should_fail_ex.cold+0x5/0xa [ 434.892652][T13240] _copy_to_iter+0x5a4/0x1720 [ 434.892737][T13240] ? igmp_mc_seq_stop+0xab/0x150 [ 434.892803][T13240] ? __pfx__copy_to_iter+0x10/0x10 [ 434.892822][T13240] ? traverse.part.0.constprop.0+0x2c5/0x650 [ 434.892854][T13240] seq_read_iter+0x691/0x1270 [ 434.892878][T13240] ? aa_file_perm+0x7f3/0x14d0 [ 434.892960][T13240] seq_read+0x33b/0x4c0 [ 434.892984][T13240] ? __pfx_seq_read+0x10/0x10 [ 434.893019][T13240] ? __pfx_seq_read+0x10/0x10 [ 434.893041][T13240] proc_reg_read+0x240/0x330 [ 434.893063][T13240] ? __pfx_proc_reg_read+0x10/0x10 [ 434.893085][T13240] vfs_read+0x1e4/0xb30 [ 434.893101][T13240] ? __pfx_vfs_read+0x10/0x10 [ 434.893114][T13240] ? find_held_lock+0x2b/0x80 [ 434.893128][T13240] ? __fget_files+0x215/0x3d0 [ 434.893142][T13240] ? __fget_files+0x215/0x3d0 [ 434.893159][T13240] ? __fget_files+0x21f/0x3d0 [ 434.893179][T13240] __x64_sys_pread64+0x1eb/0x250 [ 434.893194][T13240] ? __pfx___x64_sys_pread64+0x10/0x10 [ 434.893215][T13240] do_syscall_64+0x106/0xf80 [ 434.893237][T13240] ? clear_bhb_loop+0x40/0x90 [ 434.893255][T13240] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.893270][T13240] RIP: 0033:0x7fa7d639c799 [ 434.893283][T13240] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 434.893297][T13240] RSP: 002b:00007fa7d7258028 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 434.893313][T13240] RAX: ffffffffffffffda RBX: 00007fa7d6615fa0 RCX: 00007fa7d639c799 [ 434.893323][T13240] RDX: 0000000001000007 RSI: 0000000000000000 RDI: 0000000000000003 [ 434.893332][T13240] RBP: 00007fa7d6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 434.893342][T13240] R10: 0000000000000586 R11: 0000000000000246 R12: 0000000000000000 [ 434.893351][T13240] R13: 00007fa7d6616038 R14: 00007fa7d6615fa0 R15: 00007ffe7bae9ef8 [ 434.893371][T13240] [ 437.293463][T13279] FAULT_INJECTION: forcing a failure. [ 437.293463][T13279] name failslab, interval 1, probability 0, space 0, times 0 [ 437.440874][T13279] CPU: 0 UID: 0 PID: 13279 Comm: syz.0.2619 Tainted: G L syzkaller #0 PREEMPT(full) [ 437.440904][T13279] Tainted: [L]=SOFTLOCKUP [ 437.440910][T13279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 437.440919][T13279] Call Trace: [ 437.440925][T13279] [ 437.440931][T13279] dump_stack_lvl+0x100/0x190 [ 437.440959][T13279] should_fail_ex.cold+0x5/0xa [ 437.440978][T13279] should_failslab+0xc2/0x120 [ 437.440994][T13279] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 437.441016][T13279] ? __kernfs_new_node+0xd2/0x960 [ 437.441042][T13279] __kernfs_new_node+0xd2/0x960 [ 437.441065][T13279] ? __pfx___kernfs_new_node+0x10/0x10 [ 437.441090][T13279] ? find_held_lock+0x2b/0x80 [ 437.441105][T13279] ? kernfs_root+0xee/0x2a0 [ 437.441124][T13279] ? kernfs_root+0xee/0x2a0 [ 437.441148][T13279] kernfs_new_node+0x11b/0x1a0 [ 437.441166][T13279] __kernfs_create_file+0x53/0x350 [ 437.441186][T13279] sysfs_add_file_mode_ns+0x207/0x3c0 [ 437.441210][T13279] sysfs_merge_group+0x194/0x340 [ 437.441232][T13279] ? __pfx_sysfs_merge_group+0x10/0x10 [ 437.441253][T13279] ? bus_add_device+0x368/0x6b0 [ 437.441283][T13279] ? __pfx_bus_add_device+0x10/0x10 [ 437.441304][T13279] ? __pfx_dev_add_physical_location+0x10/0x10 [ 437.441328][T13279] dpm_sysfs_add+0x237/0x280 [ 437.441347][T13279] device_add+0x9ef/0x1950 [ 437.441367][T13279] ? __pfx_device_add+0x10/0x10 [ 437.441384][T13279] ? lockdep_init_map_type+0x5c/0x250 [ 437.441404][T13279] ? __init_waitqueue_head+0xca/0x150 [ 437.441431][T13279] rfkill_register+0x1ad/0xb30 [ 437.441452][T13279] nfc_register_device+0x11f/0x3e0 [ 437.441477][T13279] nci_register_device+0x7f1/0xb80 [ 437.441497][T13279] ? __pfx_nci_register_device+0x10/0x10 [ 437.441518][T13279] ? lockdep_init_map_type+0x5c/0x250 [ 437.441541][T13279] virtual_ncidev_open+0x141/0x220 [ 437.441562][T13279] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 437.441582][T13279] misc_open+0x26d/0x450 [ 437.441600][T13279] ? __pfx_misc_open+0x10/0x10 [ 437.441616][T13279] chrdev_open+0x234/0x6a0 [ 437.441632][T13279] ? __pfx_apparmor_file_open+0x10/0x10 [ 437.441648][T13279] ? __pfx_chrdev_open+0x10/0x10 [ 437.441665][T13279] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 437.441685][T13279] do_dentry_open+0x6d8/0x1660 [ 437.441700][T13279] ? __pfx_chrdev_open+0x10/0x10 [ 437.441721][T13279] vfs_open+0x82/0x3f0 [ 437.441741][T13279] path_openat+0x208c/0x31a0 [ 437.441764][T13279] ? __pfx_path_openat+0x10/0x10 [ 437.441787][T13279] do_file_open+0x20e/0x430 [ 437.441804][T13279] ? __pfx_do_file_open+0x10/0x10 [ 437.441833][T13279] ? alloc_fd+0x476/0x790 [ 437.441851][T13279] ? do_getname+0x191/0x390 [ 437.441871][T13279] do_sys_openat2+0x10d/0x1e0 [ 437.441890][T13279] ? __pfx_do_sys_openat2+0x10/0x10 [ 437.441911][T13279] ? __fget_files+0x21f/0x3d0 [ 437.441930][T13279] __x64_sys_openat+0x12d/0x210 [ 437.441950][T13279] ? __pfx___x64_sys_openat+0x10/0x10 [ 437.441977][T13279] do_syscall_64+0x106/0xf80 [ 437.441998][T13279] ? clear_bhb_loop+0x40/0x90 [ 437.442017][T13279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.442032][T13279] RIP: 0033:0x7f2c1db9c799 [ 437.442045][T13279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 437.442059][T13279] RSP: 002b:00007f2c1e9c9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 437.442075][T13279] RAX: ffffffffffffffda RBX: 00007f2c1de15fa0 RCX: 00007f2c1db9c799 [ 437.442085][T13279] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 437.442095][T13279] RBP: 00007f2c1dc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 437.442104][T13279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 437.442114][T13279] R13: 00007f2c1de16038 R14: 00007f2c1de15fa0 R15: 00007fffaae15858 [ 437.442134][T13279] [ 439.330400][ T30] audit: type=1800 audit(1774576964.084:11): pid=13312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2627" name="members" dev="configfs" ino=188376 res=0 errno=0 [ 439.676438][T13320] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2633'. [ 439.925996][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.932281][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.450528][T13350] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2643'. [ 440.769015][T13356] netlink: 146 bytes leftover after parsing attributes in process `syz.1.2646'. [ 441.013311][T13358] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2647'. [ 441.493314][T13373] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2653'. [ 441.684380][T13349] kexec: Could not allocate control_code_buffer [ 442.246088][T13395] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2662'. [ 443.272812][T13409] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2667'. [ 444.607206][T13450] FAULT_INJECTION: forcing a failure. [ 444.607206][T13450] name failslab, interval 1, probability 0, space 0, times 0 [ 444.619808][T13450] CPU: 0 UID: 0 PID: 13450 Comm: syz.0.2684 Tainted: G L syzkaller #0 PREEMPT(full) [ 444.619831][T13450] Tainted: [L]=SOFTLOCKUP [ 444.619836][T13450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 444.619846][T13450] Call Trace: [ 444.619851][T13450] [ 444.619857][T13450] dump_stack_lvl+0x100/0x190 [ 444.619886][T13450] should_fail_ex.cold+0x5/0xa [ 444.619904][T13450] should_failslab+0xc2/0x120 [ 444.619921][T13450] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 444.619943][T13450] ? __send_signal_locked+0x155/0x12d0 [ 444.619970][T13450] __send_signal_locked+0x155/0x12d0 [ 444.619996][T13450] group_send_sig_info+0x2a4/0x300 [ 444.620013][T13450] ? __pfx_group_send_sig_info+0x10/0x10 [ 444.620036][T13450] ? kill_pid_info_type+0x1a/0x290 [ 444.620051][T13450] kill_pid_info_type+0x92/0x290 [ 444.620070][T13450] kill_proc_info+0x6f/0x1b0 [ 444.620087][T13450] kill_something_info+0x2a0/0x310 [ 444.620107][T13450] __x64_sys_kill+0x1c4/0x250 [ 444.620125][T13450] ? __pfx___x64_sys_kill+0x10/0x10 [ 444.620152][T13450] do_syscall_64+0x106/0xf80 [ 444.620174][T13450] ? clear_bhb_loop+0x40/0x90 [ 444.620191][T13450] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.620207][T13450] RIP: 0033:0x7f2c1db9c799 [ 444.620220][T13450] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 444.620235][T13450] RSP: 002b:00007f2c1e9c9028 EFLAGS: 00000246 ORIG_RAX: 000000000000003e [ 444.620249][T13450] RAX: ffffffffffffffda RBX: 00007f2c1de15fa0 RCX: 00007f2c1db9c799 [ 444.620260][T13450] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00000000000006c5 [ 444.620269][T13450] RBP: 00007f2c1dc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 444.620278][T13450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 444.620287][T13450] R13: 00007f2c1de16038 R14: 00007f2c1de15fa0 R15: 00007fffaae15858 [ 444.620307][T13450] [ 446.046934][T13481] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2706'. [ 447.250476][T13516] netlink: 110 bytes leftover after parsing attributes in process `syz.1.2710'. [ 451.137656][T13523] Process accounting paused [ 452.974711][T13605] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2744'. [ 453.019773][T13605] IPv6: NLM_F_CREATE should be specified when creating new route [ 453.465590][T13623] mkiss: ax0: crc mode is auto. [ 453.716651][T13630] netlink: 322 bytes leftover after parsing attributes in process `syz.0.2752'. [ 453.777803][T13632] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2753'. [ 455.446947][T13674] FAULT_INJECTION: forcing a failure. [ 455.446947][T13674] name failslab, interval 1, probability 0, space 0, times 0 [ 455.517619][T13674] CPU: 0 UID: 0 PID: 13674 Comm: syz.1.2769 Tainted: G L syzkaller #0 PREEMPT(full) [ 455.517644][T13674] Tainted: [L]=SOFTLOCKUP [ 455.517650][T13674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 455.517660][T13674] Call Trace: [ 455.517665][T13674] [ 455.517671][T13674] dump_stack_lvl+0x100/0x190 [ 455.517699][T13674] should_fail_ex.cold+0x5/0xa [ 455.517717][T13674] ? iovec_from_user+0x8d/0x140 [ 455.517735][T13674] should_failslab+0xc2/0x120 [ 455.517751][T13674] __kmalloc_noprof+0xe0/0x850 [ 455.517775][T13674] ? futex_hash+0x2c5/0x380 [ 455.517795][T13674] iovec_from_user+0x8d/0x140 [ 455.517814][T13674] process_vm_rw+0x1e5/0x2d0 [ 455.517830][T13674] ? __pfx_process_vm_rw+0x10/0x10 [ 455.517850][T13674] ? ksys_write+0x190/0x250 [ 455.517880][T13674] ? xfd_validate_state+0x129/0x190 [ 455.517905][T13674] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 455.517920][T13674] ? do_syscall_64+0x95/0xf80 [ 455.517942][T13674] ? lockdep_hardirqs_on+0x78/0x100 [ 455.517964][T13674] do_syscall_64+0x106/0xf80 [ 455.517984][T13674] ? clear_bhb_loop+0x40/0x90 [ 455.518002][T13674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.518017][T13674] RIP: 0033:0x7fe9c639c799 [ 455.518030][T13674] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 455.518044][T13674] RSP: 002b:00007fe9c7301028 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 455.518060][T13674] RAX: ffffffffffffffda RBX: 00007fe9c6615fa0 RCX: 00007fe9c639c799 [ 455.518070][T13674] RDX: 0000040000000001 RSI: 0000200000000080 RDI: 0000000000000538 [ 455.518079][T13674] RBP: 00007fe9c6432c99 R08: 000000000000000a R09: 0000000000000000 [ 455.518088][T13674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 455.518096][T13674] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 455.518115][T13674] [ 455.835716][T13666] kexec: Could not allocate control_code_buffer [ 456.146829][T13684] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2773'. [ 459.004573][T13727] netlink: 86 bytes leftover after parsing attributes in process `syz.2.2787'. [ 459.268934][T13707] kexec: Could not allocate control_code_buffer [ 459.443175][T13746] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2796'. [ 459.493245][T13746] IPv6: NLM_F_CREATE should be specified when creating new route [ 460.357595][T13780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2808'. [ 460.397143][T13780] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2808'. [ 460.434654][T13762] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 460.444778][T13762] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 460.516945][T13762] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 460.572670][T13762] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 460.610155][T13762] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 460.629161][T13789] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2810'. [ 460.656699][T13762] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 460.687251][T13789] IPv6: NLM_F_CREATE should be specified when creating new route [ 460.768079][T13762] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 460.778365][T13762] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 461.108906][T13801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x781c0 [ 461.159159][T13801] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 461.206338][T13801] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 461.256701][T13801] page_type: f5(slab) [ 461.275969][T13801] raw: 00fff00000000040 ffff88813fe3a140 dead000000000100 dead000000000122 [ 461.324633][T13801] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 461.383189][T13801] head: 00fff00000000040 ffff88813fe3a140 dead000000000100 dead000000000122 [ 461.446723][T13801] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 461.490976][T13801] head: 00fff00000000003 ffffea0001e07001 00000000ffffffff 00000000ffffffff [ 461.530526][T13801] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 461.575904][T13801] page dumped because: unmovable page [ 461.605654][T13801] page_owner tracks the page as allocated [ 461.627585][T13801] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 155, tgid 155 (kworker/u8:7), ts 448884526480, free_ts 448874810401 [ 461.681498][T13801] post_alloc_hook+0x153/0x170 [ 461.695911][T13801] get_page_from_freelist+0x111d/0x3140 [ 461.707895][T13801] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 461.733464][T13801] new_slab+0xa6/0x6b0 [ 461.751451][T13801] refill_objects+0x26b/0x400 [ 461.776038][T13801] __pcs_replace_empty_main+0x1ab/0x660 [ 461.802020][T13801] __kmalloc_node_track_caller_noprof+0x694/0x850 [ 461.835542][T13801] kmalloc_reserve+0xe8/0x350 [ 461.866265][T13801] __alloc_skb+0x185/0x710 [ 461.888875][T13801] nsim_dev_trap_report_work+0x2af/0xd10 [ 461.914916][T13801] process_one_work+0xa23/0x19a0 [ 461.922675][ T5825] Bluetooth: hci1: command 0x0406 tx timeout [ 461.938113][T13801] worker_thread+0x5ef/0xe50 [ 461.956583][T13801] kthread+0x370/0x450 [ 461.962887][T13823] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 461.980186][T13801] ret_from_fork+0x754/0xd80 [ 461.992553][T13801] ret_from_fork_asm+0x1a/0x30 [ 462.009396][T13801] page last free pid 7469 tgid 7469 stack trace: [ 462.022834][T13801] __free_frozen_pages+0x7e1/0x10d0 [ 462.035192][T13801] qlist_free_all+0x47/0xe0 [ 462.044155][T13801] kasan_quarantine_reduce+0x1a0/0x1f0 [ 462.057276][T13801] __kasan_slab_alloc+0x69/0x90 [ 462.074358][T13801] kmem_cache_alloc_noprof+0x241/0x6e0 [ 462.086423][T13801] do_getname+0x35/0x390 [ 462.097597][T13801] __x64_sys_mkdirat+0x78/0xc0 [ 462.107698][T13801] do_syscall_64+0x106/0xf80 [ 462.117817][T13801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 462.562526][ T5825] Bluetooth: hci3: command 0x0406 tx timeout [ 462.605001][T13838] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2822'. [ 462.644818][ T5825] Bluetooth: hci2: command 0x0406 tx timeout [ 462.660312][T13838] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2822'. [ 462.802614][ T5825] Bluetooth: hci0: command 0x0406 tx timeout [ 462.904446][T13848] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2828'. [ 463.540008][T13865] FAULT_INJECTION: forcing a failure. [ 463.540008][T13865] name failslab, interval 1, probability 0, space 0, times 0 [ 463.686357][T13865] CPU: 0 UID: 0 PID: 13865 Comm: syz.0.2832 Tainted: G L syzkaller #0 PREEMPT(full) [ 463.686383][T13865] Tainted: [L]=SOFTLOCKUP [ 463.686388][T13865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 463.686397][T13865] Call Trace: [ 463.686403][T13865] [ 463.686409][T13865] dump_stack_lvl+0x100/0x190 [ 463.686437][T13865] should_fail_ex.cold+0x5/0xa [ 463.686456][T13865] should_failslab+0xc2/0x120 [ 463.686472][T13865] __kmalloc_cache_noprof+0x7a/0x6f0 [ 463.686492][T13865] ? __request_module+0x2b7/0x6c0 [ 463.686512][T13865] ? lockdep_hardirqs_on+0x78/0x100 [ 463.686539][T13865] __request_module+0x2b7/0x6c0 [ 463.686559][T13865] ? __pfx___request_module+0x10/0x10 [ 463.686585][T13865] ? __get_fs_type+0x12c/0x170 [ 463.686602][T13865] ? __get_fs_type+0x12c/0x170 [ 463.686627][T13865] get_fs_type+0xd7/0x190 [ 463.686645][T13865] __x64_sys_fsopen+0xca/0x220 [ 463.686665][T13865] do_syscall_64+0x106/0xf80 [ 463.686687][T13865] ? clear_bhb_loop+0x40/0x90 [ 463.686704][T13865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.686720][T13865] RIP: 0033:0x7f2c1db9c799 [ 463.686732][T13865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 463.686746][T13865] RSP: 002b:00007f2c1e9a8028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 463.686761][T13865] RAX: ffffffffffffffda RBX: 00007f2c1de16090 RCX: 00007f2c1db9c799 [ 463.686771][T13865] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 463.686779][T13865] RBP: 00007f2c1dc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 463.686788][T13865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 463.686796][T13865] R13: 00007f2c1de16128 R14: 00007f2c1de16090 R15: 00007fffaae15858 [ 463.686815][T13865] [ 464.100902][ T5825] Bluetooth: hci1: command 0x0406 tx timeout [ 464.632134][T11040] ------------[ cut here ]------------ [ 464.637824][T11040] ODEBUG: free active (active state 0) object: ffff8880348d5460 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 464.650836][T11040] WARNING: lib/debugobjects.c:629 at debug_print_object+0x18e/0x2a0, CPU#0: syz.1.1813/11040 [ 464.661307][T11040] Modules linked in: [ 464.666072][T11040] CPU: 0 UID: 0 PID: 11040 Comm: syz.1.1813 Tainted: G L syzkaller #0 PREEMPT(full) [ 464.677048][T11040] Tainted: [L]=SOFTLOCKUP [ 464.681357][T11040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 464.691452][T11040] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 464.697895][T11040] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 92 ee e7 0b 41 56 48 8b 14 dd e0 25 1b 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 8c 89 dd 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 464.717635][T11040] RSP: 0018:ffffc90003a77708 EFLAGS: 00010246 [ 464.724657][T11040] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 464.733245][T11040] RDX: ffffffff8c1b2520 RSI: ffffffff8c1b2140 RDI: ffffffff90e47be0 [ 464.741218][T11040] RBP: 0000000000000001 R08: ffff8880348d5460 R09: ffffffff8bb2bb40 [ 464.749393][T11040] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1b2140 [ 464.757392][T11040] R13: ffffffff8bb2bb80 R14: ffffffff8a96f5c0 R15: ffffc90003a77808 [ 464.765363][T11040] FS: 0000000000000000(0000) GS:ffff888124343000(0000) knlGS:0000000000000000 [ 464.774313][T11040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 464.780876][T11040] CR2: 0000001b30c0bff8 CR3: 000000007857c000 CR4: 00000000003526f0 [ 464.788852][T11040] Call Trace: [ 464.792113][T11040] [ 464.795053][T11040] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 464.800500][T11040] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 464.806393][T11040] debug_check_no_obj_freed+0x4da/0x630 [ 464.811933][T11040] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 464.818002][T11040] ? __page_table_check_zero+0x333/0x410 [ 464.823643][T11040] ? __page_table_check_zero+0x338/0x410 [ 464.830151][T11040] __free_frozen_pages+0x392/0x10d0 [ 464.835960][T11040] hci_release_dev+0x4ef/0x630 [ 464.840784][T11040] ? __pfx_hci_release_dev+0x10/0x10 [ 464.846082][T11040] ? device_release+0x97/0x270 [ 464.850863][T11040] ? rcu_is_watching+0x12/0xc0 [ 464.855661][T11040] ? device_release+0x97/0x270 [ 464.860415][T11040] ? kfree+0x2ec/0x6b0 [ 464.864505][T11040] bt_host_release+0x6a/0xb0 [ 464.869149][T11040] ? __pfx_bt_host_release+0x10/0x10 [ 464.874451][T11040] device_release+0xd2/0x270 [ 464.879027][T11040] kobject_put+0x1f7/0x640 [ 464.883520][T11040] put_device+0x1f/0x30 [ 464.887675][T11040] vhci_release+0x185/0x230 [ 464.892218][T11040] ? __pfx_vhci_release+0x10/0x10 [ 464.897262][T11040] __fput+0x3ff/0xb40 [ 464.901232][T11040] task_work_run+0x150/0x240 [ 464.905843][T11040] ? __pfx_task_work_run+0x10/0x10 [ 464.910947][T11040] do_exit+0x8b8/0x2b60 [ 464.915122][T11040] ? __pfx_do_exit+0x10/0x10 [ 464.919709][T11040] ? cgroup_update_frozen_flag+0x107/0x210 [ 464.925547][T11040] ? find_held_lock+0x2b/0x80 [ 464.931110][T11040] ? get_signal+0x184f/0x21e0 [ 464.936374][T11040] do_group_exit+0xd5/0x2a0 [ 464.940874][T11040] get_signal+0x1ec7/0x21e0 [ 464.945385][T11040] ? __asan_memset+0x23/0x50 [ 464.949974][T11040] ? __pfx_get_signal+0x10/0x10 [ 464.954851][T11040] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 464.960038][T11040] arch_do_signal_or_restart+0x91/0x770 [ 464.965603][T11040] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 464.971760][T11040] ? __x64_sys_clock_nanosleep+0x347/0x480 [ 464.977583][T11040] exit_to_user_mode_loop+0x86/0x4a0 [ 464.982872][T11040] do_syscall_64+0x668/0xf80 [ 464.987463][T11040] ? clear_bhb_loop+0x40/0x90 [ 464.992123][T11040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 464.998023][T11040] RIP: 0033:0x7fe9c635cfce [ 465.002430][T11040] Code: Unable to access opcode bytes at 0x7fe9c635cfa4. [ 465.009453][T11040] RSP: 002b:00007fe9c7300f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 [ 465.017873][T11040] RAX: fffffffffffffdfc RBX: 00007fe9c73016c0 RCX: 00007fe9c635cfce [ 465.025853][T11040] RDX: 00007fe9c7300fb0 RSI: 0000000000000000 RDI: 0000000000000000 [ 465.034738][T11040] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 465.043674][T11040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 465.051629][T11040] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 465.059693][T11040] [ 465.062727][T11040] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 465.069990][T11040] CPU: 0 UID: 0 PID: 11040 Comm: syz.1.1813 Tainted: G L syzkaller #0 PREEMPT(full) [ 465.080899][T11040] Tainted: [L]=SOFTLOCKUP [ 465.085201][T11040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 465.095230][T11040] Call Trace: [ 465.098486][T11040] [ 465.101396][T11040] dump_stack_lvl+0x100/0x190 [ 465.106060][T11040] vpanic+0x552/0x970 [ 465.110034][T11040] ? __pfx_vpanic+0x10/0x10 [ 465.114521][T11040] panic+0xd1/0xe0 [ 465.118220][T11040] ? __pfx_panic+0x10/0x10 [ 465.122619][T11040] ? check_panic_on_warn+0x1f/0x90 [ 465.127718][T11040] check_panic_on_warn.cold+0x19/0x34 [ 465.133068][T11040] ? debug_print_object+0x18e/0x2a0 [ 465.138252][T11040] __warn.cold+0x191/0x348 [ 465.142649][T11040] __report_bug+0x296/0x3d0 [ 465.147240][T11040] ? debug_print_object+0x18e/0x2a0 [ 465.152424][T11040] ? __pfx___report_bug+0x10/0x10 [ 465.157435][T11040] ? __lock_acquire+0x4a5/0x2630 [ 465.162364][T11040] ? unwind_next_frame+0x3c8/0x1ea0 [ 465.167556][T11040] report_bug_entry+0xe1/0x290 [ 465.172304][T11040] ? debug_print_object+0x19b/0x2a0 [ 465.177485][T11040] handle_bug+0x1cd/0x2a0 [ 465.181793][T11040] exc_invalid_op+0x17/0x50 [ 465.186278][T11040] asm_exc_invalid_op+0x1a/0x20 [ 465.191107][T11040] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 465.196918][T11040] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 92 ee e7 0b 41 56 48 8b 14 dd e0 25 1b 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 8c 89 dd 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 465.216515][T11040] RSP: 0018:ffffc90003a77708 EFLAGS: 00010246 [ 465.222566][T11040] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 465.230530][T11040] RDX: ffffffff8c1b2520 RSI: ffffffff8c1b2140 RDI: ffffffff90e47be0 [ 465.238482][T11040] RBP: 0000000000000001 R08: ffff8880348d5460 R09: ffffffff8bb2bb40 [ 465.246431][T11040] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1b2140 [ 465.254384][T11040] R13: ffffffff8bb2bb80 R14: ffffffff8a96f5c0 R15: ffffc90003a77808 [ 465.262336][T11040] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 465.267802][T11040] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 465.273241][T11040] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 465.279036][T11040] debug_check_no_obj_freed+0x4da/0x630 [ 465.284569][T11040] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 465.290619][T11040] ? __page_table_check_zero+0x333/0x410 [ 465.296241][T11040] ? __page_table_check_zero+0x338/0x410 [ 465.301856][T11040] __free_frozen_pages+0x392/0x10d0 [ 465.307044][T11040] hci_release_dev+0x4ef/0x630 [ 465.311791][T11040] ? __pfx_hci_release_dev+0x10/0x10 [ 465.317056][T11040] ? device_release+0x97/0x270 [ 465.321804][T11040] ? rcu_is_watching+0x12/0xc0 [ 465.326551][T11040] ? device_release+0x97/0x270 [ 465.331297][T11040] ? kfree+0x2ec/0x6b0 [ 465.335350][T11040] bt_host_release+0x6a/0xb0 [ 465.339930][T11040] ? __pfx_bt_host_release+0x10/0x10 [ 465.345198][T11040] device_release+0xd2/0x270 [ 465.349771][T11040] kobject_put+0x1f7/0x640 [ 465.354170][T11040] put_device+0x1f/0x30 [ 465.358311][T11040] vhci_release+0x185/0x230 [ 465.362795][T11040] ? __pfx_vhci_release+0x10/0x10 [ 465.367801][T11040] __fput+0x3ff/0xb40 [ 465.371768][T11040] task_work_run+0x150/0x240 [ 465.376345][T11040] ? __pfx_task_work_run+0x10/0x10 [ 465.381451][T11040] do_exit+0x8b8/0x2b60 [ 465.385594][T11040] ? __pfx_do_exit+0x10/0x10 [ 465.390167][T11040] ? cgroup_update_frozen_flag+0x107/0x210 [ 465.395958][T11040] ? find_held_lock+0x2b/0x80 [ 465.400612][T11040] ? get_signal+0x184f/0x21e0 [ 465.405272][T11040] do_group_exit+0xd5/0x2a0 [ 465.409761][T11040] get_signal+0x1ec7/0x21e0 [ 465.414255][T11040] ? __asan_memset+0x23/0x50 [ 465.418836][T11040] ? __pfx_get_signal+0x10/0x10 [ 465.423669][T11040] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 465.428852][T11040] arch_do_signal_or_restart+0x91/0x770 [ 465.434386][T11040] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 465.440524][T11040] ? __x64_sys_clock_nanosleep+0x347/0x480 [ 465.446315][T11040] exit_to_user_mode_loop+0x86/0x4a0 [ 465.451586][T11040] do_syscall_64+0x668/0xf80 [ 465.456162][T11040] ? clear_bhb_loop+0x40/0x90 [ 465.460818][T11040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.466692][T11040] RIP: 0033:0x7fe9c635cfce [ 465.471084][T11040] Code: Unable to access opcode bytes at 0x7fe9c635cfa4. [ 465.478072][T11040] RSP: 002b:00007fe9c7300f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 [ 465.486461][T11040] RAX: fffffffffffffdfc RBX: 00007fe9c73016c0 RCX: 00007fe9c635cfce [ 465.494408][T11040] RDX: 00007fe9c7300fb0 RSI: 0000000000000000 RDI: 0000000000000000 [ 465.502360][T11040] RBP: 00007fe9c6432c99 R08: 0000000000000000 R09: 0000000000000000 [ 465.510307][T11040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 465.518254][T11040] R13: 00007fe9c6616038 R14: 00007fe9c6615fa0 R15: 00007ffcb8ad04d8 [ 465.526211][T11040] [ 465.529275][T11040] Kernel Offset: disabled [ 465.533583][T11040] Rebooting in 86400 seconds..