last executing test programs: 8.234953532s ago: executing program 1 (id=1338): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x565) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, 0x0, 0x10) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103841, 0x0) write$auto(r0, 0x0, 0x100000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x4, 0x0) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x10001, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x89e0, 0x38) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x15, 0x5, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mice\x00', 0x28002, 0x0) readv$auto(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0xc9}, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x70) mknod$auto(0x0, 0xcb, 0x7) mmap$auto(0x1, 0x128009, 0xdf, 0xeb1, r1, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040}, 0x2000c040) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) r2 = socket(0x2, 0x5, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio1/power/wakeup_count\x00', 0x40, 0x0) preadv2$auto(r3, &(0x7f0000000280)={0x0, 0x5}, 0x8, 0x1000000000003, 0x5, 0x3) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) close_range$auto(0x2, 0x8, 0x0) 8.144765835s ago: executing program 1 (id=1339): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:01/status\x00', 0x181840, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)=""/46, 0x2e) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/ipvlan1/retrans_time\x00', 0x2242, 0x0) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x400c2, 0x0) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, r2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x9, 0x69ce, 0x0, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000080)='/proc/meminfo\x00', 0x505e00, 0x0) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) prctl$auto(0x1000000003b, 0xc, 0x0, 0x3, 0x7) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x800000002, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendto$auto(0x4, 0x0, 0xff, 0x6, 0x0, 0xe) connect$auto(0x5, 0x0, 0x9) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x6, 0x15, 0x1000, 0x100000001, 0xb, 0xf, 0xffffffffffffffff, 0x0, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x245c]}, 0x0, 0x0) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) get_mempolicy$auto(0x0, 0x0, 0x7f, 0x8, 0x3) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0x2284, 0xffffffffffffffff) sendfile$auto(r1, r1, 0x0, 0x200) 5.727744734s ago: executing program 1 (id=1348): listmount$auto(&(0x7f0000000080)={0x1f, @raw, 0x80000002, 0xfffffffffffffff3, 0xffffffffffffffb6}, 0x0, 0xf4240, 0x1) 4.495111566s ago: executing program 0 (id=1350): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0481, 0x0) timer_create$auto_CLOCK_TAI(0xb, 0x0, &(0x7f0000000200)=0xfb) signalfd$auto(0xffffffffffffffff, 0x0, 0x8) timer_settime$auto(0x8700, 0x3, &(0x7f00000000c0)={{0x0, 0x400}, {0x0, 0x87}}, 0x0) 4.373239348s ago: executing program 0 (id=1353): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bdi/250:0/read_ahead_kb\x00', 0x5e30523b26a2a748, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty19\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b62, 0x4) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000) ioctl$auto(0x3, 0xc00caee0, r0) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/mem\x00', 0x210802, 0x0) 3.970504666s ago: executing program 0 (id=1354): syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) capset$auto(0x0, 0x0) setsockopt$auto(r0, 0x10000000084, 0x8, 0x0, 0xc) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x85, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x7, 0x9}, 0x7}, 0x803, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r1, 0x0, 0xfff) 3.387284114s ago: executing program 2 (id=1355): openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/inject\x00', 0x54ba80, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/batadv_slave_0/proxy_ndp\x00', 0x382, 0x0) mmap$auto(0xd15, 0x4000d, 0x6, 0x9b72, r0, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) inotify_init1$auto(0x3000000000000) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x1a1942, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x189002, 0x0) openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x280, 0x0) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x2b95a3c239175ffe, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/auth.unix.gid/content\x00', 0x20000, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x20000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x880, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x1c8b40, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x800, 0x0) socketpair$auto(0x1e, 0x9, 0x7, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r1) socket$nl_generic(0x10, 0x3, 0x10) 2.998990394s ago: executing program 2 (id=1356): openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000100), 0x80080, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r1, @ANYBLOB="01002fbd7000fddbdf250c0000000c000380080003800400058018000180140002006e657464657673696d30000000000000"], 0x38}}, 0x24048084) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x2ab01, 0x0) ioctl$auto_USBDEVFS_DROP_PRIVILEGES(r2, 0x4004551e, &(0x7f00000000c0)=0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000400)={{0xc, 0x23, 0xa6, 0x83}, "66ac010005000000000068d190eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eaf240963110d61771552c03de65800", 0x2}) ioctl$auto_UI_DEV_CREATE(r3, 0x5501, 0x0) mmap$auto(0x7f, 0x40004022009, 0x3, 0x6dc4b6fc, 0x401, 0x9) io_uring_setup$auto(0xa, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) pwrite64$auto(r4, &(0x7f0000000040)='+\x00', 0xfdef, 0x1ff) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) socket(0x11, 0x80003, 0x300) getrandom$auto(0x0, 0x6000000, 0x3) ioctl$auto(0x3, 0xc0405626, 0x38) sendmsg$auto(r2, &(0x7f0000000300)={&(0x7f0000000100), 0x20000, &(0x7f0000000200)={&(0x7f0000000080), 0x80000001}, 0x6, &(0x7f0000000240)="9114fb3d0ef3e415b2b9521152f5714bd33c30d3cf87dda5ddff39834af0ec58a3706db391d0948f12d7ed78611445cc9583b7797cf7dfabe0f4f6107cf84c8cf143a015581b", 0xb, 0xfff}, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) mmap$auto(0x57c, 0x5, 0x20000000, 0x13, 0xffffffffffffffff, 0x2) mmap$auto(0x6a, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) 2.556281085s ago: executing program 0 (id=1357): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000004c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_LINK_GET(r2, &(0x7f0000003e80)={0x0, 0x0, &(0x7f0000003e40)={&(0x7f0000003300)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x8, 0x4, 0x0, 0x1, [@nested={0x4, 0x1}]}]}, 0x1c}}, 0x8040) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) socket(0x1d, 0x2, 0x6) r3 = socket(0x2, 0x1, 0x0) memfd_create$auto(0x0, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x6}, 0x1, 0x0, 0x3, 0xa}, 0x8}, 0x5, 0xffb) mmap$auto(0x0, 0x200, 0xdd, 0x13, 0x2, 0x8800) r5 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x80302, 0x0) ioctl$auto_SW_SYNC_IOC_INC(r5, 0x40045701, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x2100, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) r6 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000000), 0x20140, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm0p/oss\x00', 0x101000, 0x0) ioctl$auto_IOCTL_STOP_ACCEL_DEV(r6, 0x40096101, &(0x7f0000000240)={@padding, 0xfe}) socket(0xa, 0x1, 0x100) r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r7, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x2, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc40, 0x0) write$auto(0xca, &(0x7f00000001c0)='\x04>\x01\n\xfb\xff\xf6OL\xe8\xbe\x94\xf2\xa2\x00\x00', 0x2d9) 2.128890472s ago: executing program 3 (id=1358): msgctl$auto_IPC_SET(0x0, 0x1, &(0x7f0000000200)={{0x80000001, 0x0, 0xee00, 0x8, 0x60000000, 0x3, 0x1}, 0x0, 0x0, 0x4, 0x5, 0xd, 0x5, 0x240f, 0x9, 0x5, 0x6}) newfstatat$auto(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x80000001, 0xa82a, 0xfffffffffffffffa, 0x5, r0, r1, 0x0, 0x0, 0x1, 0x7ff, 0x4, 0x8, 0x5457, 0x5d, 0x3009, 0x7ff, 0x1b2}, 0x10) r3 = getpid() r4 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x109402, 0x0) ioctl$auto_UBI_IOCDET(r4, 0x40046f41, 0x0) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfsd.export/channel\x00', 0x8f3b7a51b8162d21, 0x0) write$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f0000000040)="20edd9d1027e0dc0023af10e9bfa1babfa3a3753ca9aee370a", 0x19) process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, 0x0, 0xa, 0x0) msgctl$auto_IPC_RMID(0x5, 0x0, &(0x7f0000000180)={{0x7, r0, r2, 0xfffffff7, 0x80, 0x1000, 0x8}, &(0x7f0000000100)=0x4, &(0x7f0000000140)=0x7, 0x101, 0xa5, 0x5010cc7a, 0x6, 0x3, 0x2, 0x0, 0x401, @raw=0x4, @inferred=r3}) r6 = openat$auto_nsim_udp_tunnels_info_reset_fops_udp_tunnels(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/netdevsim/netdevsim3/ports/0/udp_ports_reset\x00', 0x8100, 0x0) sendmmsg$auto(r6, &(0x7f00000004c0)={{&(0x7f00000002c0)="3e914db00104a84997acecc42d28179c6231a3e1d8f5bc5f8ddd1768865ad6161e65caeba4adb28daa229a8f9aed6d1b6c09179302b820ca65b627e4cc6b870cf63445a950d1f70d8273801d24b1a2efcc9739179a1a34f71ace41e35b46b43c37e735daa7f706db43ba5800b60515934a5299bd135846bb4984a45377b950e467db3fd81417b2c9106aa50a4b37e416e5b19c864ca963a2107444738fbe1af6ec1983afbaa780ef257e1068e25ac485ac1834cb7348ae879e2a38830e39cacec98078be59240849814b6d3a5f42694e316e7c0043888a949efa3763b7218525cdd38ab7444081441ca2029be8743f23fc30bfde5bf6fca220ab", 0x2, &(0x7f0000000400)={&(0x7f00000003c0)="c6acd35f5eab9e95cbf6d2ea1dabfa", 0x8000000000000000}, 0x5, &(0x7f0000000440)="af8504f6bb27b096e5422d72cccf06c5fdca7548e7f21b9d3dd51a17faf0919211a1532b06e0e7926ff94bde9fc5317db4ab4e6a1d83180424a9a40f16d08f108efb0f671536eeae37dedc88861637957dc12170a3b6d0b42f573929f1e193eb1177ee75aff5694f7c9e7a6327349e5ea96898fd5b6c9bbec45247448402a367", 0x29de, 0x7fffffff}, 0x8}, 0x0, 0x8000) 2.088161091s ago: executing program 2 (id=1359): msgctl$auto_IPC_STAT(0xfffffff8, 0x2, 0x0) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f00000098c0)='/dev/sg0\x00', 0x40, 0x0) ioctl$auto_BLKTRACESETUP2(r0, 0xc0481273, &(0x7f0000009900)={"9c79bece76127589a33a968f51b2aaadc76a2d360a5d6917323688f527ff0804", 0x5, 0x2, 0x0, 0xe57, 0x7fff}) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async) r1 = io_uring_setup$auto(0x6, 0x0) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x0, 0x0, 0x1f4, 0x0) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x8000, 0x36ec}, 0x1, 0x0) (async, rerun: 64) mmap$auto(0x7fffffff9000, 0x1, 0x7ffffffffffffffb, 0x3132, r1, 0xfffffffffffffffe) (async, rerun: 64) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000c00)='/proc/sysvipc/msg\x00', 0x2800, 0x0) ioctl$auto_PROCMAP_QUERY(r2, 0xc0686611, 0x0) (async, rerun: 32) mmap$auto(0x7fffffffa000, 0x5, 0x7fffffffffffffff, 0x3132, 0x8d73, 0x0) (async, rerun: 32) close_range$auto(0x2, 0xa, 0x0) r3 = socket(0xa, 0x2, 0x0) (async) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) (rerun: 32) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) (async) ioctl$auto_KVM_CREATE_VM(r4, 0x4048aecb, 0x0) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) r6 = openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000001640), 0x200, 0x0) (async, rerun: 64) ioctl$auto_FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000140)={0x7, 0x26, 0x2, 0xd, 0x3, 0x800, 0x0, 0x6}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/slab/kmalloc-64/cpu_partial\x00', 0x109101, 0x0) (async) mmap$auto(0x3, 0xc, 0xdf, 0x89c, r6, 0x7ffd) (async, rerun: 64) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) (rerun: 64) 1.892315859s ago: executing program 3 (id=1360): close_range$auto(0x2, 0x8, 0x0) read$auto_proc_pid_maps_operations_internal(0xffffffffffffffff, &(0x7f00000010c0)=""/4082, 0xff2) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sg0\x00', 0x1a3902, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) mprotect$auto(0x0, 0x806121, 0x8) ioctl$auto(r0, 0x89f1, r0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0xb8642, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80002, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_l2tp(0x0, r3) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdb, 0x9b72, r2, 0x7ffe) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0xa, 0x801, 0x84) setsockopt$auto(r4, 0x10000000084, 0x9, 0x0, 0x9c) setsockopt$auto_SO_TIMESTAMPNS_NEW(r4, 0x3, 0x40, &(0x7f0000000240)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x4) socket(0x2, 0x80802, 0x0) r5 = socket(0x2b, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/fail_over_mac\x00', 0x103b02, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x8, 0xd}, 0x800009}, 0x7, 0x20000000) 1.460049315s ago: executing program 0 (id=1361): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x400000b7, 0x400, 0x2}]}) mmap$auto(0x1, 0x38, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(0xfffffffffffffffe, r2) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) 1.455181171s ago: executing program 1 (id=1362): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x4, 0x7ff) r1 = waitid$auto_P_ALL(0x0, 0x7f, &(0x7f00000006c0)={@_si_pad}, 0x2, &(0x7f0000000740)={{0x7, 0x2}, {0x1000, 0x7}, 0x1, 0x0, 0x7fffffffffffffff, 0x6, 0x5, 0x3, 0x7, 0x100, 0x8, 0x1, 0x6, 0x5, 0x4, 0x1}) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) msgctl$auto_MSG_INFO(0x0, 0xc, &(0x7f0000000840)={{0x0, 0xee00, 0xee00, 0x5, 0x1, 0x6, 0x7fff}, &(0x7f00000003c0)=0x5, &(0x7f0000000800)=0xcb, 0x1, 0xffffffff, 0x757, 0x16000000000000, 0x258, 0x8, 0xfffa, 0xe6, @inferred, @inferred=0xffffffffffffffff}) rt_tgsigqueueinfo$auto(r0, r1, 0x8, &(0x7f00000008c0)={@siginfo_0_0={0x9, 0xfffffe01, 0x9, @_rt={r2, r3, @sival_int=0x80000001}}}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000b80), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_WOWLAN(r4, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000000)={0x30, r5, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_HE_CAPABILITY={0x19, 0x10d, "9bfcc642fb8222e81879d39dc6fd94f765ecdeabfd"}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x400c004}, 0x844) r8 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r6, 0x9, &(0x7f0000000080)="d5b6d7b988d161bed6bbef5be1b113030000004d98fb686b5f190a70d5bada0dfd3d32dc475f15b4d9be8c35975ccfc90fc2", 0x7) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x101100, 0x0) r9 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x189100, 0x0) sendfile$auto(r9, r6, 0x0, 0x0) ioctl$auto_XFS_IOC_ATTRMULTI_BY_HANDLE(r8, 0x4048587b, &(0x7f0000000640)={{r7, &(0x7f00000000c0)="0728ed5a38165ec7d4", 0x7ff, &(0x7f0000000100)="6bb0e156f31aeb1c973f496ee0e191ae0075e240144465eea3fc14384e0b8934668a0e5e8c7d7f78782eb6b53703aa113b300c03952c44d581dc78ea930c91c0645412ca89efafe125ae8dd27507a8de10f58c69f336c4885f74bec0a7e6d8cd12cd920615724edef0736998047179e7cc11f4a44a695cd84101755994ef42860518e5cae2882f6691e64663a5aebe720118b9f189e362f70c4dd7bbc2e30cb9f99eaad3a3e661c3bfec31faa2c4cc8e07584fac18be0353de40e3d0bb3a16faa9ec350127b541405cf3be38c30e788f197bdda7a557", 0x3, &(0x7f00000002c0)="9f1e42e13b68da1efa65f79c22951cf6a0c9efba8566eaebe5af7ed1e67cfd4f329fedd364df8b411980cb726ae32a310b23de9abcf975dd97ac7cc23b76a3849189bebd2a3a822a872855ab0dcf408b43f647c100ef3e24d75df1485460d775169887b650017674780796f15c33d0864c416e5221f0987e8d584d3b59001584ff0fe24f1ee7b998401862f5a5b0aa7b3d0939d7834a4bc9f8ce47b7edc0cd57d54bf5f126c2dbb2597988aeddc49a9a0ea2ffe828bc477da5f62b921e16b868254e341e7391fb7a7b10126f6976d98f4d92120c926d2ddc", &(0x7f0000000200)=0x200}, 0x4, &(0x7f0000000240)={0x10, 0x7c1, &(0x7f0000000440)="0bab0cbc161122f1701f7ca3ce5c108b81e73dc0b0c72a01b036c3b50b7b65a2f6f04299aa30fc402fbed9bf1f03ddfde7d9684e91e9763c28792352ba8909064834adf611e2908e3d5718b37fd85c1b75211cf2511cd3071f158ff4fbf50646604d150ce8c4e9f2406e6eb51f6b3af859ec1d80d31e7d2f1b3b8ee07c3f85e2ee67603d48300e2962157d3f8522ad1f3477e3b26aaaef8c84c8e1f716ad1058315efcfdfd2ebb5f09ddffb504716fc4e6e1d6c9497046766ea2f8d001e78725fd2a5808f62ffb6526c757", &(0x7f0000000540)="0653faf346372d861cda1ff18bbf11045f2aaadc85323e0370862d291dc0671aa5e09f9983a02bf8f4d64d68d65172c99e30a3289074bb9707cf5ee0b7a8ca18f9b9b1d68e94ec7da30938d3c52b62405e294473702023a8d477d86bf9a6c1c575034dc99328fb6eefe8712a609d8cad0b364c94f12651e5c8b71ff8345e69b432f63c4a5c6237523f834c751a272b0ff2d8f91cc6744797f2fccd98ed2e123ed642af3b6c1072e0610c885d650e7e0e25c05f43d8033051ef63ab188ac0806a12eac179a979be14a3790c8c478863", 0x5, 0x4}}) 1.175669557s ago: executing program 1 (id=1363): close_range$auto(0x2, 0x8, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/miimon\x00', 0x143b42, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) socketpair$auto(0x5b, 0x1, 0x420000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) 1.158433131s ago: executing program 0 (id=1364): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) (fail_nth: 7) 930.037986ms ago: executing program 2 (id=1365): mmap$auto(0x0, 0x20009, 0xdf, 0xeb4, 0x401, 0xd) r0 = gettid() mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x10001a) rt_sigqueueinfo$auto(r0, 0xb, &(0x7f00000001c0)={@siginfo_0_0={0x3, 0x401, 0xfffffffb, @_timer={r0, 0xd, @sival_ptr=0x0, 0x62}}}) r1 = gettid() kill$auto(r1, 0x11) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) gettid() ppoll$auto(&(0x7f0000000000)={r2, 0x3, 0x9}, 0x3ff, &(0x7f0000000040)={0xcd, 0xfffffffffffffffe}, &(0x7f00000000c0)={0x4}, 0x8) 892.221025ms ago: executing program 1 (id=1366): syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) capset$auto(0x0, 0x0) setsockopt$auto(r0, 0x10000000084, 0x8, 0x0, 0xc) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x85, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x7, 0x9}, 0x7}, 0x803, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r1, 0x0, 0xfff) 560.073957ms ago: executing program 3 (id=1367): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x28, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @loopback}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x800) mmap$auto(0x0, 0x4, 0x4000000000de, 0x40eb1, 0x401, 0x300000000000) 399.248463ms ago: executing program 3 (id=1368): mmap$auto(0x600, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) 300.477114ms ago: executing program 2 (id=1369): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x1f, 0x9}, 0x7}, 0x3, 0x0) 285.616879ms ago: executing program 3 (id=1370): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r0 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0x8, 0x8, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x5, 0x5, 0x6, 0x8, 0xae, 0xa, 0x2, 0x7, 0x5, 0x7}, 0x1fe, 0x80) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r1 = io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) setsockopt$auto_SO_RCVBUF(0xffffffffffffffff, 0xfffffffa, 0x8, &(0x7f0000000180)='\xba.\x00', 0x27b602e6) r2 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) r3 = fcntl$auto(0x3, 0x4, 0xa553) write$auto_fuse_dev_operations_fuse_i(r2, &(0x7f0000000440)="1100000007000000000000000000000001", 0x11) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmmsg$auto(0x3, &(0x7f00000003c0)={{0x0, 0x2, 0x0, 0x5, 0x0, 0x1, 0x80000000}, 0x7}, 0x3, 0x3) r4 = syz_genetlink_get_family_id$auto_thermal(&(0x7f00000000c0), r3) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_ADD(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="ef3c6fd43a201af55d1d2421f8691ebce5507e24b614227ee954df8f9df72926264317d6adbc60b80793d4c7d8135dde9cf2d3b7f4f5ffa0bedde30850f951afd5543850b43737531e6b52825cd687de16", @ANYRES16=r4, @ANYBLOB="000126bd7000fedbdf25080000000800020001000080100014800c00500065000000000000000800050000000000080007000100000008001a000c000000080005000500000008000900070000002c000c801a00fb8048fb1aeced3d8e6c368070cb3d1b90d2169bf049adfe00000c00c3000500000000000000"], 0x80}, 0x1, 0x0, 0x0, 0x80}, 0x800) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty32\x00', 0x1, 0x0) mmap$auto(0x0, 0x810004, 0x1, 0x8000000008011, r5, 0x8000) 172.703768ms ago: executing program 2 (id=1371): socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bus/usb/038/001\x00', 0x48201, 0x0) mknod$auto(0x0, 0x7, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x381e) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, &(0x7f0000000240)=0x5) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x0) bpf$auto(0xffffffff, &(0x7f0000000100)=@bpf_attr_11={0xb, 0x1, 0x2, 0x80000000, 0x95, 0x8001, 0xa, r2}, 0x6f5) socket(0x11, 0x3, 0x80000001) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x41081, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyt2\x00', 0x101e81, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/amidi2\x00', 0x880, 0x0) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x3ff, 0x8001, 0x5) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) r4 = socket(0x23, 0x80003, 0x300) setsockopt$auto(r4, 0x107, 0xf, 0x0, 0x6) 0s ago: executing program 3 (id=1372): mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) sendto$auto(0x3, 0x0, 0xfffffffffffffdef, 0x2, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x20) kernel console output (not intermixed with test programs): ? __pfx_get_futex_key+0x10/0x10 [ 317.417673][T10261] ? rcu_is_watching+0x12/0xc0 [ 317.417697][T10261] futex_wake+0xea/0x530 [ 317.417720][T10261] ? __pfx_futex_wake+0x10/0x10 [ 317.417741][T10261] ? load_msg+0x2f4/0x4a0 [ 317.417760][T10261] ? load_msg+0x2fe/0x4a0 [ 317.417782][T10261] do_futex+0x1e3/0x350 [ 317.417799][T10261] ? __pfx_do_futex+0x10/0x10 [ 317.417821][T10261] __x64_sys_futex+0x1e0/0x4c0 [ 317.417840][T10261] ? __pfx___x64_sys_futex+0x10/0x10 [ 317.417857][T10261] ? xfd_validate_state+0x61/0x180 [ 317.417870][T10261] ? __pfx_ksys_write+0x10/0x10 [ 317.417897][T10261] do_syscall_64+0xcd/0xf80 [ 317.417920][T10261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.417935][T10261] RIP: 0033:0x7fecb658f7c9 [ 317.417949][T10261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 317.417963][T10261] RSP: 002b:00007fecb73910e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 317.417977][T10261] RAX: ffffffffffffffda RBX: 00007fecb67e5fa8 RCX: 00007fecb658f7c9 [ 317.417988][T10261] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fecb67e5fac [ 317.417997][T10261] RBP: 00007fecb67e5fa0 R08: 00007fecb7392000 R09: 0000000000000000 [ 317.418006][T10261] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 317.418016][T10261] R13: 00007fecb67e6038 R14: 00007ffff94f22c0 R15: 00007ffff94f23a8 [ 317.418035][T10261] [ 317.769273][T10258] zswap: compressor not available [ 318.274831][T10277] FAULT_INJECTION: forcing a failure. [ 318.274831][T10277] name failslab, interval 1, probability 393216, space 0, times 0 [ 318.304026][T10277] CPU: 0 UID: 0 PID: 10277 Comm: syz.2.1104 Tainted: G L syzkaller #0 PREEMPT(full) [ 318.304054][T10277] Tainted: [L]=SOFTLOCKUP [ 318.304059][T10277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 318.304070][T10277] Call Trace: [ 318.304075][T10277] [ 318.304082][T10277] dump_stack_lvl+0x16c/0x1f0 [ 318.304110][T10277] should_fail_ex+0x512/0x640 [ 318.304128][T10277] ? fs_reclaim_acquire+0xae/0x150 [ 318.304154][T10277] should_failslab+0xc2/0x120 [ 318.304179][T10277] kmem_cache_alloc_noprof+0x83/0x770 [ 318.304197][T10277] ? __pfx_map_id_range_down+0x10/0x10 [ 318.304224][T10277] ? security_inode_alloc+0x3b/0x2b0 [ 318.304245][T10277] ? security_inode_alloc+0x3b/0x2b0 [ 318.304260][T10277] security_inode_alloc+0x3b/0x2b0 [ 318.304277][T10277] inode_init_always_gfp+0xced/0x1040 [ 318.304302][T10277] alloc_inode+0x86/0x240 [ 318.304320][T10277] sock_alloc+0x40/0x280 [ 318.304341][T10277] __sock_create+0xc2/0x8a0 [ 318.304355][T10277] ? find_held_lock+0x2b/0x80 [ 318.304377][T10277] mptcp_subflow_create_socket+0xec/0xa50 [ 318.304396][T10277] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 318.304412][T10277] ? find_held_lock+0x2b/0x80 [ 318.304434][T10277] __mptcp_nmpc_sk+0x182/0x880 [ 318.304451][T10277] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 318.304473][T10277] mptcp_connect+0x7e/0xae0 [ 318.304492][T10277] __inet_stream_connect+0x915/0xf50 [ 318.304514][T10277] ? __pfx___inet_stream_connect+0x10/0x10 [ 318.304531][T10277] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 318.304551][T10277] ? __pfx_inet_stream_connect+0x10/0x10 [ 318.304568][T10277] ? __local_bh_enable_ip+0xa4/0x120 [ 318.304590][T10277] ? __pfx_inet_stream_connect+0x10/0x10 [ 318.304606][T10277] inet_stream_connect+0x57/0xa0 [ 318.304623][T10277] __sys_connect_file+0x141/0x1a0 [ 318.304642][T10277] __sys_connect+0x13b/0x160 [ 318.304657][T10277] ? __pfx___sys_connect+0x10/0x10 [ 318.304679][T10277] ? xfd_validate_state+0x61/0x180 [ 318.304692][T10277] ? __pfx_ksys_write+0x10/0x10 [ 318.304716][T10277] __x64_sys_connect+0x72/0xb0 [ 318.304731][T10277] ? lockdep_hardirqs_on+0x7c/0x110 [ 318.304752][T10277] do_syscall_64+0xcd/0xf80 [ 318.304775][T10277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.304790][T10277] RIP: 0033:0x7f7aabf8f7c9 [ 318.304805][T10277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 318.304820][T10277] RSP: 002b:00007f7aacde5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 318.304836][T10277] RAX: ffffffffffffffda RBX: 00007f7aac1e5fa0 RCX: 00007f7aabf8f7c9 [ 318.304845][T10277] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 318.304854][T10277] RBP: 00007f7aac013f91 R08: 0000000000000000 R09: 0000000000000000 [ 318.304863][T10277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.304872][T10277] R13: 00007f7aac1e6038 R14: 00007f7aac1e5fa0 R15: 00007fffb6797568 [ 318.304892][T10277] [ 318.306912][T10277] socket: no more sockets [ 318.615020][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 318.622069][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 318.628271][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 319.093997][T10283] netlink: 'syz.3.1107': attribute type 1 has an invalid length. [ 319.262741][T10286] FAULT_INJECTION: forcing a failure. [ 319.262741][T10286] name failslab, interval 1, probability 393216, space 0, times 0 [ 319.323741][T10286] CPU: 0 UID: 0 PID: 10286 Comm: syz.2.1104 Tainted: G L syzkaller #0 PREEMPT(full) [ 319.323767][T10286] Tainted: [L]=SOFTLOCKUP [ 319.323774][T10286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 319.323784][T10286] Call Trace: [ 319.323790][T10286] [ 319.323796][T10286] dump_stack_lvl+0x16c/0x1f0 [ 319.323823][T10286] should_fail_ex+0x512/0x640 [ 319.323841][T10286] ? __kmalloc_cache_noprof+0x5f/0x800 [ 319.323862][T10286] should_failslab+0xc2/0x120 [ 319.323885][T10286] __kmalloc_cache_noprof+0x80/0x800 [ 319.323902][T10286] ? key_user_lookup+0x195/0x560 [ 319.323924][T10286] ? key_user_lookup+0x195/0x560 [ 319.323941][T10286] key_user_lookup+0x195/0x560 [ 319.323959][T10286] ? __pfx_key_user_lookup+0x10/0x10 [ 319.323976][T10286] ? keyring_get_key_chunk+0x22d/0x280 [ 319.323995][T10286] ? assoc_array_walk+0x1f1/0x620 [ 319.324017][T10286] key_alloc+0x18b/0x1330 [ 319.324042][T10286] ? __pfx_key_alloc+0x10/0x10 [ 319.324065][T10286] keyring_alloc+0x44/0xc0 [ 319.324086][T10286] keyctl_get_persistent+0x6a8/0x8c0 [ 319.324108][T10286] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 319.324127][T10286] ? __sys_sendmsg+0x18c/0x220 [ 319.324148][T10286] ? __x64_sys_futex+0x1e0/0x4c0 [ 319.324164][T10286] ? __x64_sys_futex+0x1e9/0x4c0 [ 319.324184][T10286] ? xfd_validate_state+0x61/0x180 [ 319.324198][T10286] ? __pfx_ksys_write+0x10/0x10 [ 319.324229][T10286] __do_sys_keyctl+0x1a9/0x590 [ 319.324247][T10286] do_syscall_64+0xcd/0xf80 [ 319.324272][T10286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.324287][T10286] RIP: 0033:0x7f7aabf8f7c9 [ 319.324300][T10286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.324315][T10286] RSP: 002b:00007f7aacdc4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 319.324330][T10286] RAX: ffffffffffffffda RBX: 00007f7aac1e6090 RCX: 00007f7aabf8f7c9 [ 319.324341][T10286] RDX: 7fffffffffffffff RSI: 000000000000ee00 RDI: 0000000000000016 [ 319.324350][T10286] RBP: 00007f7aac013f91 R08: 000000000000000c R09: 0000000000000000 [ 319.324359][T10286] R10: 00000000000099a7 R11: 0000000000000246 R12: 0000000000000000 [ 319.324368][T10286] R13: 00007f7aac1e6128 R14: 00007f7aac1e6090 R15: 00007fffb6797568 [ 319.324388][T10286] [ 320.040278][T10293] netlink: 306 bytes leftover after parsing attributes in process `syz.2.1111'. [ 320.695481][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 321.213371][T10315] netlink: 'syz.0.1114': attribute type 1 has an invalid length. [ 321.508388][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 321.516330][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 321.916132][T10322] FAULT_INJECTION: forcing a failure. [ 321.916132][T10322] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 322.040937][T10322] CPU: 0 UID: 0 PID: 10322 Comm: syz.1.1115 Tainted: G L syzkaller #0 PREEMPT(full) [ 322.040972][T10322] Tainted: [L]=SOFTLOCKUP [ 322.040978][T10322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 322.040988][T10322] Call Trace: [ 322.040993][T10322] [ 322.041001][T10322] dump_stack_lvl+0x16c/0x1f0 [ 322.041029][T10322] should_fail_ex+0x512/0x640 [ 322.041049][T10322] should_fail_alloc_page+0xe7/0x130 [ 322.041073][T10322] prepare_alloc_pages+0x401/0x670 [ 322.041096][T10322] ? kernel_text_address+0x8d/0x100 [ 322.041115][T10322] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 322.041142][T10322] ? stack_trace_save+0x8e/0xc0 [ 322.041164][T10322] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 322.041183][T10322] ? trace_mm_page_alloc+0x11b/0x180 [ 322.041209][T10322] ? kmem_cache_alloc_noprof+0x25e/0x770 [ 322.041230][T10322] ? __pmd_alloc+0xbf/0x9c0 [ 322.041250][T10322] ? __handle_mm_fault+0xbeb/0x2bb0 [ 322.041264][T10322] ? handle_mm_fault+0x3fe/0xad0 [ 322.041277][T10322] ? __get_user_pages+0x54e/0x3590 [ 322.041297][T10322] ? populate_vma_page_range+0x267/0x3f0 [ 322.041319][T10322] ? __mm_populate+0x1d8/0x380 [ 322.041339][T10322] ? vm_mmap_pgoff+0x37f/0x470 [ 322.041357][T10322] ? ksys_mmap_pgoff+0x7d/0x5c0 [ 322.041376][T10322] ? __x64_sys_mmap+0x125/0x190 [ 322.041391][T10322] ? do_syscall_64+0xcd/0xf80 [ 322.041411][T10322] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.041427][T10322] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 322.041449][T10322] ? policy_nodemask+0xea/0x4e0 [ 322.041472][T10322] alloc_pages_mpol+0x1fb/0x550 [ 322.041495][T10322] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 322.041522][T10322] alloc_pages_noprof+0x131/0x390 [ 322.041544][T10322] pte_alloc_one+0x1e/0x3d0 [ 322.041565][T10322] __pte_alloc+0x6d/0x3f0 [ 322.041589][T10322] ? __pfx___pte_alloc+0x10/0x10 [ 322.041610][T10322] ? do_raw_spin_lock+0x12c/0x2b0 [ 322.041628][T10322] ? find_held_lock+0x2b/0x80 [ 322.041648][T10322] do_anonymous_page+0x1092/0x2190 [ 322.041666][T10322] ? do_raw_spin_unlock+0x172/0x230 [ 322.041684][T10322] ? _raw_spin_unlock+0x28/0x50 [ 322.041702][T10322] ? __pmd_alloc+0x6aa/0x9c0 [ 322.041726][T10322] __handle_mm_fault+0x1ecf/0x2bb0 [ 322.041747][T10322] ? __pfx___handle_mm_fault+0x10/0x10 [ 322.041778][T10322] handle_mm_fault+0x3fe/0xad0 [ 322.041797][T10322] __get_user_pages+0x54e/0x3590 [ 322.041826][T10322] ? __pfx___get_user_pages+0x10/0x10 [ 322.041853][T10322] populate_vma_page_range+0x267/0x3f0 [ 322.041877][T10322] ? __pfx_populate_vma_page_range+0x10/0x10 [ 322.041899][T10322] ? __pfx_find_vma_intersection+0x10/0x10 [ 322.041921][T10322] ? do_mmap+0x69c/0x1210 [ 322.041948][T10322] __mm_populate+0x1d8/0x380 [ 322.041972][T10322] ? __pfx___mm_populate+0x10/0x10 [ 322.041997][T10322] ? up_write+0x282/0x4e0 [ 322.042015][T10322] vm_mmap_pgoff+0x37f/0x470 [ 322.042039][T10322] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 322.042064][T10322] ? __x64_sys_futex+0x1e0/0x4c0 [ 322.042080][T10322] ? __x64_sys_futex+0x1e9/0x4c0 [ 322.042099][T10322] ksys_mmap_pgoff+0x7d/0x5c0 [ 322.042119][T10322] ? xfd_validate_state+0x61/0x180 [ 322.042132][T10322] ? __pfx_ksys_write+0x10/0x10 [ 322.042155][T10322] __x64_sys_mmap+0x125/0x190 [ 322.042172][T10322] do_syscall_64+0xcd/0xf80 [ 322.042195][T10322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.042211][T10322] RIP: 0033:0x7f519158f7c9 [ 322.042224][T10322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.042240][T10322] RSP: 002b:00007f51924f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 322.042256][T10322] RAX: ffffffffffffffda RBX: 00007f51917e5fa0 RCX: 00007f519158f7c9 [ 322.042267][T10322] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 322.042277][T10322] RBP: 00007f5191613f91 R08: ffffffffffffffff R09: 0000000000000000 [ 322.042287][T10322] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 322.042296][T10322] R13: 00007f51917e6038 R14: 00007f51917e5fa0 R15: 00007ffff1827978 [ 322.042316][T10322] [ 323.011298][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 324.122536][T10340] FAULT_INJECTION: forcing a failure. [ 324.122536][T10340] name failslab, interval 1, probability 393216, space 0, times 0 [ 324.176200][T10340] CPU: 0 UID: 0 PID: 10340 Comm: syz.1.1121 Tainted: G L syzkaller #0 PREEMPT(full) [ 324.176243][T10340] Tainted: [L]=SOFTLOCKUP [ 324.176248][T10340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 324.176258][T10340] Call Trace: [ 324.176264][T10340] [ 324.176270][T10340] dump_stack_lvl+0x16c/0x1f0 [ 324.176297][T10340] should_fail_ex+0x512/0x640 [ 324.176313][T10340] ? fs_reclaim_acquire+0xae/0x150 [ 324.176338][T10340] should_failslab+0xc2/0x120 [ 324.176360][T10340] __kmalloc_noprof+0xeb/0x910 [ 324.176376][T10340] ? tomoyo_encode2+0x100/0x3e0 [ 324.176404][T10340] ? tomoyo_encode2+0x100/0x3e0 [ 324.176422][T10340] tomoyo_encode2+0x100/0x3e0 [ 324.176443][T10340] tomoyo_encode+0x29/0x50 [ 324.176461][T10340] tomoyo_realpath_from_path+0x18f/0x6e0 [ 324.176486][T10340] tomoyo_check_open_permission+0x2ab/0x3c0 [ 324.176504][T10340] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 324.176540][T10340] ? do_raw_spin_lock+0x12c/0x2b0 [ 324.176563][T10340] tomoyo_file_open+0x6b/0x90 [ 324.176586][T10340] security_file_open+0x84/0x1e0 [ 324.176606][T10340] do_dentry_open+0x597/0x1590 [ 324.176629][T10340] ? security_inode_permission+0xbf/0x260 [ 324.176649][T10340] vfs_open+0x82/0x3f0 [ 324.176667][T10340] path_openat+0x2078/0x3140 [ 324.176695][T10340] ? __pfx_path_openat+0x10/0x10 [ 324.176723][T10340] do_filp_open+0x20b/0x470 [ 324.176744][T10340] ? __pfx_do_filp_open+0x10/0x10 [ 324.176779][T10340] ? alloc_fd+0x471/0x7d0 [ 324.176805][T10340] do_sys_openat2+0x121/0x290 [ 324.176820][T10340] ? __pfx_do_sys_openat2+0x10/0x10 [ 324.176838][T10340] ? __fget_files+0x20e/0x3c0 [ 324.176861][T10340] __x64_sys_openat+0x174/0x210 [ 324.176877][T10340] ? __pfx___x64_sys_openat+0x10/0x10 [ 324.176893][T10340] ? ksys_write+0x1ac/0x250 [ 324.176919][T10340] do_syscall_64+0xcd/0xf80 [ 324.176942][T10340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.176958][T10340] RIP: 0033:0x7f519158f7c9 [ 324.176971][T10340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 324.176986][T10340] RSP: 002b:00007f51924f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 324.177000][T10340] RAX: ffffffffffffffda RBX: 00007f51917e5fa0 RCX: 00007f519158f7c9 [ 324.177010][T10340] RDX: 00000000000c0400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 324.177020][T10340] RBP: 00007f51924f9090 R08: 0000000000000000 R09: 0000000000000000 [ 324.177029][T10340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 324.177037][T10340] R13: 00007f51917e6038 R14: 00007f51917e5fa0 R15: 00007ffff1827978 [ 324.177056][T10340] [ 324.177074][T10340] ERROR: Out of memory at tomoyo_realpath_from_path. [ 325.647327][T10345] FAULT_INJECTION: forcing a failure. [ 325.647327][T10345] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 325.812226][T10345] CPU: 0 UID: 8 PID: 10345 Comm: syz.1.1122 Tainted: G L syzkaller #0 PREEMPT(full) [ 325.812254][T10345] Tainted: [L]=SOFTLOCKUP [ 325.812260][T10345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 325.812269][T10345] Call Trace: [ 325.812275][T10345] [ 325.812282][T10345] dump_stack_lvl+0x16c/0x1f0 [ 325.812311][T10345] should_fail_ex+0x512/0x640 [ 325.812331][T10345] strncpy_from_user+0x3b/0x2e0 [ 325.812348][T10345] getname_flags.part.0+0x8f/0x550 [ 325.812368][T10345] getname_flags+0x93/0xf0 [ 325.812388][T10345] do_sys_openat2+0xb9/0x290 [ 325.812404][T10345] ? __pfx_do_sys_openat2+0x10/0x10 [ 325.812421][T10345] ? find_held_lock+0x2b/0x80 [ 325.812445][T10345] __x64_sys_openat+0x174/0x210 [ 325.812462][T10345] ? __pfx___x64_sys_openat+0x10/0x10 [ 325.812485][T10345] do_syscall_64+0xcd/0xf80 [ 325.812508][T10345] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.812523][T10345] RIP: 0033:0x7f519158f7c9 [ 325.812537][T10345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 325.812552][T10345] RSP: 002b:00007f51924f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 325.812567][T10345] RAX: ffffffffffffffda RBX: 00007f51917e5fa0 RCX: 00007f519158f7c9 [ 325.812577][T10345] RDX: 00000000001c5803 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 325.812586][T10345] RBP: 00007f5191613f91 R08: 0000000000000000 R09: 0000000000000000 [ 325.812595][T10345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 325.812605][T10345] R13: 00007f51917e6038 R14: 00007f51917e5fa0 R15: 00007ffff1827978 [ 325.812625][T10345] [ 326.836317][T10368] FAULT_INJECTION: forcing a failure. [ 326.836317][T10368] name failslab, interval 1, probability 393216, space 0, times 0 [ 326.899873][T10368] CPU: 0 UID: 8 PID: 10368 Comm: syz.2.1129 Tainted: G L syzkaller #0 PREEMPT(full) [ 326.899899][T10368] Tainted: [L]=SOFTLOCKUP [ 326.899904][T10368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 326.899913][T10368] Call Trace: [ 326.899919][T10368] [ 326.899925][T10368] dump_stack_lvl+0x16c/0x1f0 [ 326.899952][T10368] should_fail_ex+0x512/0x640 [ 326.899969][T10368] ? kmem_cache_alloc_noprof+0x62/0x770 [ 326.899989][T10368] should_failslab+0xc2/0x120 [ 326.900011][T10368] kmem_cache_alloc_noprof+0x83/0x770 [ 326.900028][T10368] ? security_file_alloc+0x34/0x2b0 [ 326.900050][T10368] ? security_file_alloc+0x34/0x2b0 [ 326.900066][T10368] security_file_alloc+0x34/0x2b0 [ 326.900084][T10368] init_file+0x93/0x4c0 [ 326.900100][T10368] alloc_empty_file+0x73/0x1e0 [ 326.900115][T10368] path_openat+0xde/0x3140 [ 326.900135][T10368] ? do_syscall_64+0xcd/0xf80 [ 326.900155][T10368] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.900175][T10368] ? __pfx_path_openat+0x10/0x10 [ 326.900203][T10368] do_filp_open+0x20b/0x470 [ 326.900224][T10368] ? __pfx_do_filp_open+0x10/0x10 [ 326.900258][T10368] ? alloc_fd+0x471/0x7d0 [ 326.900284][T10368] do_sys_openat2+0x121/0x290 [ 326.900300][T10368] ? __pfx_do_sys_openat2+0x10/0x10 [ 326.900318][T10368] ? __fget_files+0x20e/0x3c0 [ 326.900340][T10368] __x64_sys_openat+0x174/0x210 [ 326.900357][T10368] ? __pfx___x64_sys_openat+0x10/0x10 [ 326.900373][T10368] ? ksys_write+0x1ac/0x250 [ 326.900398][T10368] do_syscall_64+0xcd/0xf80 [ 326.900420][T10368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.900435][T10368] RIP: 0033:0x7f7aabf8f7c9 [ 326.900448][T10368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.900462][T10368] RSP: 002b:00007f7aacde5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 326.900477][T10368] RAX: ffffffffffffffda RBX: 00007f7aac1e5fa0 RCX: 00007f7aabf8f7c9 [ 326.900487][T10368] RDX: 0000000000000002 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 326.900496][T10368] RBP: 00007f7aacde5090 R08: 0000000000000000 R09: 0000000000000000 [ 326.900505][T10368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 326.900514][T10368] R13: 00007f7aac1e6038 R14: 00007f7aac1e5fa0 R15: 00007fffb6797568 [ 326.900533][T10368] [ 327.570160][T10371] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1130'. [ 328.333360][T10379] FAULT_INJECTION: forcing a failure. [ 328.333360][T10379] name failslab, interval 1, probability 393216, space 0, times 0 [ 328.476058][T10376] zswap: compressor not available [ 328.535988][T10379] CPU: 0 UID: 0 PID: 10379 Comm: syz.2.1131 Tainted: G L syzkaller #0 PREEMPT(full) [ 328.536014][T10379] Tainted: [L]=SOFTLOCKUP [ 328.536020][T10379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 328.536029][T10379] Call Trace: [ 328.536035][T10379] [ 328.536042][T10379] dump_stack_lvl+0x16c/0x1f0 [ 328.536070][T10379] should_fail_ex+0x512/0x640 [ 328.536087][T10379] ? __kmalloc_cache_noprof+0x5f/0x800 [ 328.536108][T10379] should_failslab+0xc2/0x120 [ 328.536131][T10379] __kmalloc_cache_noprof+0x80/0x800 [ 328.536149][T10379] ? snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 328.536168][T10379] ? snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 328.536183][T10379] snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 328.536201][T10379] ? trace_contention_end+0xdd/0x110 [ 328.536218][T10379] ? __mutex_lock+0x27b/0x1ca0 [ 328.536243][T10379] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 328.536269][T10379] ? __pfx___mutex_lock+0x10/0x10 [ 328.536294][T10379] ? __fsnotify_parent+0x24b/0xcc0 [ 328.536322][T10379] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 328.536339][T10379] snd_pcm_oss_sync+0x32e/0x840 [ 328.536352][T10379] ? kmem_cache_free+0x171/0x770 [ 328.536372][T10379] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 328.536387][T10379] snd_pcm_oss_release+0x28b/0x310 [ 328.536403][T10379] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 328.536417][T10379] __fput+0x402/0xb70 [ 328.536436][T10379] task_work_run+0x150/0x240 [ 328.536453][T10379] ? __pfx_task_work_run+0x10/0x10 [ 328.536468][T10379] ? __do_sys_close_range+0x278/0x730 [ 328.536495][T10379] exit_to_user_mode_loop+0xfb/0x540 [ 328.536515][T10379] do_syscall_64+0x4ee/0xf80 [ 328.536544][T10379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.536561][T10379] RIP: 0033:0x7f7aabf8f7c9 [ 328.536574][T10379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.536589][T10379] RSP: 002b:00007f7aacdc4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 328.536604][T10379] RAX: 0000000000000000 RBX: 00007f7aac1e6090 RCX: 00007f7aabf8f7c9 [ 328.536614][T10379] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 328.536623][T10379] RBP: 00007f7aac013f91 R08: 0000000000000000 R09: 0000000000000000 [ 328.536633][T10379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 328.536642][T10379] R13: 00007f7aac1e6128 R14: 00007f7aac1e6090 R15: 00007fffb6797568 [ 328.536661][T10379] [ 329.684137][T10390] FAULT_INJECTION: forcing a failure. [ 329.684137][T10390] name failslab, interval 1, probability 393216, space 0, times 0 [ 329.727334][T10390] CPU: 0 UID: 0 PID: 10390 Comm: syz.2.1135 Tainted: G L syzkaller #0 PREEMPT(full) [ 329.727362][T10390] Tainted: [L]=SOFTLOCKUP [ 329.727367][T10390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 329.727376][T10390] Call Trace: [ 329.727382][T10390] [ 329.727388][T10390] dump_stack_lvl+0x16c/0x1f0 [ 329.727420][T10390] should_fail_ex+0x512/0x640 [ 329.727437][T10390] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 329.727456][T10390] should_failslab+0xc2/0x120 [ 329.727479][T10390] kmem_cache_alloc_noprof+0x83/0x770 [ 329.727497][T10390] ? skb_clone+0x190/0x3f0 [ 329.727519][T10390] ? skb_clone+0x190/0x3f0 [ 329.727536][T10390] skb_clone+0x190/0x3f0 [ 329.727555][T10390] netlink_deliver_tap+0xabd/0xd30 [ 329.727578][T10390] netlink_unicast+0x64c/0x870 [ 329.727601][T10390] ? __pfx_netlink_unicast+0x10/0x10 [ 329.727621][T10390] ? __pfx___might_resched+0x10/0x10 [ 329.727641][T10390] ? __lock_acquire+0x436/0x2890 [ 329.727660][T10390] netlink_sendmsg+0x8c8/0xdd0 [ 329.727683][T10390] ? __pfx_netlink_sendmsg+0x10/0x10 [ 329.727706][T10390] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 329.727733][T10390] ____sys_sendmsg+0xa5d/0xc30 [ 329.727756][T10390] ? copy_msghdr_from_user+0x10a/0x160 [ 329.727774][T10390] ? __pfx_____sys_sendmsg+0x10/0x10 [ 329.727799][T10390] ? __pfx__kstrtoull+0x10/0x10 [ 329.727822][T10390] ___sys_sendmsg+0x134/0x1d0 [ 329.727841][T10390] ? __pfx____sys_sendmsg+0x10/0x10 [ 329.727868][T10390] ? find_held_lock+0x2b/0x80 [ 329.727898][T10390] __sys_sendmmsg+0x200/0x420 [ 329.727919][T10390] ? __pfx___sys_sendmmsg+0x10/0x10 [ 329.727944][T10390] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 329.727974][T10390] ? fput+0x70/0xf0 [ 329.727988][T10390] ? ksys_write+0x1ac/0x250 [ 329.728008][T10390] ? __pfx_ksys_write+0x10/0x10 [ 329.728031][T10390] __x64_sys_sendmmsg+0x9c/0x100 [ 329.728049][T10390] ? lockdep_hardirqs_on+0x7c/0x110 [ 329.728069][T10390] do_syscall_64+0xcd/0xf80 [ 329.728093][T10390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.728107][T10390] RIP: 0033:0x7f7aabf8f7c9 [ 329.728121][T10390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 329.728135][T10390] RSP: 002b:00007f7aacde5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 329.728150][T10390] RAX: ffffffffffffffda RBX: 00007f7aac1e5fa0 RCX: 00007f7aabf8f7c9 [ 329.728160][T10390] RDX: 0000000000000002 RSI: 0000200000000080 RDI: 0000000000000003 [ 329.728169][T10390] RBP: 00007f7aacde5090 R08: 0000000000000000 R09: 0000000000000000 [ 329.728178][T10390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 329.728187][T10390] R13: 00007f7aac1e6038 R14: 00007f7aac1e5fa0 R15: 00007fffb6797568 [ 329.728207][T10390] [ 330.987072][T10390] netlink: 306 bytes leftover after parsing attributes in process `syz.2.1135'. [ 331.941798][T10422] FAULT_INJECTION: forcing a failure. [ 331.941798][T10422] name failslab, interval 1, probability 393216, space 0, times 0 [ 331.974318][T10418] zram0: detected capacity change from 0 to 8 [ 332.096489][T10422] CPU: 0 UID: 0 PID: 10422 Comm: syz.0.1143 Tainted: G L syzkaller #0 PREEMPT(full) [ 332.096521][T10422] Tainted: [L]=SOFTLOCKUP [ 332.096526][T10422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 332.096535][T10422] Call Trace: [ 332.096540][T10422] [ 332.096547][T10422] dump_stack_lvl+0x16c/0x1f0 [ 332.096574][T10422] should_fail_ex+0x512/0x640 [ 332.096590][T10422] ? __kmalloc_noprof+0xca/0x910 [ 332.096608][T10422] should_failslab+0xc2/0x120 [ 332.096630][T10422] __kmalloc_noprof+0xeb/0x910 [ 332.096646][T10422] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 332.096675][T10422] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 332.096699][T10422] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 332.096727][T10422] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 332.096751][T10422] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 332.096774][T10422] ? genl_get_cmd+0x194/0x580 [ 332.096800][T10422] ? __radix_tree_lookup+0x21f/0x2c0 [ 332.096823][T10422] genl_rcv_msg+0x55c/0x800 [ 332.096847][T10422] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.096861][T10422] ? __pfx_ethnl_default_doit+0x10/0x10 [ 332.096887][T10422] netlink_rcv_skb+0x158/0x420 [ 332.096908][T10422] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.096922][T10422] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 332.096950][T10422] ? netlink_deliver_tap+0x1ae/0xd30 [ 332.096972][T10422] genl_rcv+0x28/0x40 [ 332.097001][T10422] netlink_unicast+0x5aa/0x870 [ 332.097028][T10422] ? __pfx_netlink_unicast+0x10/0x10 [ 332.097055][T10422] netlink_sendmsg+0x8c8/0xdd0 [ 332.097079][T10422] ? __pfx_netlink_sendmsg+0x10/0x10 [ 332.097101][T10422] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 332.097128][T10422] ____sys_sendmsg+0xa5d/0xc30 [ 332.097152][T10422] ? copy_msghdr_from_user+0x10a/0x160 [ 332.097170][T10422] ? __pfx_____sys_sendmsg+0x10/0x10 [ 332.097201][T10422] ___sys_sendmsg+0x134/0x1d0 [ 332.097220][T10422] ? __pfx____sys_sendmsg+0x10/0x10 [ 332.097261][T10422] __sys_sendmsg+0x16d/0x220 [ 332.097280][T10422] ? __pfx___sys_sendmsg+0x10/0x10 [ 332.097310][T10422] do_syscall_64+0xcd/0xf80 [ 332.097333][T10422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.097348][T10422] RIP: 0033:0x7fecb658f7c9 [ 332.097361][T10422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.097376][T10422] RSP: 002b:00007fecb7391038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 332.097391][T10422] RAX: ffffffffffffffda RBX: 00007fecb67e5fa0 RCX: 00007fecb658f7c9 [ 332.097401][T10422] RDX: 0000000000020c84 RSI: 0000200000000140 RDI: 0000000000000003 [ 332.097410][T10422] RBP: 00007fecb7391090 R08: 0000000000000000 R09: 0000000000000000 [ 332.097419][T10422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 332.097427][T10422] R13: 00007fecb67e6038 R14: 00007fecb67e5fa0 R15: 00007ffff94f23a8 [ 332.097447][T10422] [ 332.097789][ T5834] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11 [ 333.072994][T10440] FAULT_INJECTION: forcing a failure. [ 333.072994][T10440] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 333.109113][T10434] zswap: compressor not available [ 333.152590][T10440] CPU: 0 UID: 0 PID: 10440 Comm: syz.3.1146 Tainted: G L syzkaller #0 PREEMPT(full) [ 333.152618][T10440] Tainted: [L]=SOFTLOCKUP [ 333.152623][T10440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 333.152633][T10440] Call Trace: [ 333.152638][T10440] [ 333.152644][T10440] dump_stack_lvl+0x16c/0x1f0 [ 333.152671][T10440] should_fail_ex+0x512/0x640 [ 333.152691][T10440] _copy_from_user+0x2e/0xd0 [ 333.152707][T10440] ____sys_sendmsg+0x607/0xc30 [ 333.152732][T10440] ? __pfx_____sys_sendmsg+0x10/0x10 [ 333.152757][T10440] ? __pfx__kstrtoull+0x10/0x10 [ 333.152780][T10440] ___sys_sendmsg+0x134/0x1d0 [ 333.152799][T10440] ? __pfx____sys_sendmsg+0x10/0x10 [ 333.152826][T10440] ? find_held_lock+0x2b/0x80 [ 333.152857][T10440] __sys_sendmmsg+0x200/0x420 [ 333.152877][T10440] ? __pfx___sys_sendmmsg+0x10/0x10 [ 333.152901][T10440] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 333.152932][T10440] ? fput+0x70/0xf0 [ 333.152946][T10440] ? ksys_write+0x1ac/0x250 [ 333.152970][T10440] ? __pfx_ksys_write+0x10/0x10 [ 333.152993][T10440] __x64_sys_sendmmsg+0x9c/0x100 [ 333.153011][T10440] ? lockdep_hardirqs_on+0x7c/0x110 [ 333.153033][T10440] do_syscall_64+0xcd/0xf80 [ 333.153055][T10440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.153071][T10440] RIP: 0033:0x7f6834f8f7c9 [ 333.153084][T10440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.153099][T10440] RSP: 002b:00007f6835d5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 333.153114][T10440] RAX: ffffffffffffffda RBX: 00007f68351e6180 RCX: 00007f6834f8f7c9 [ 333.153124][T10440] RDX: 0000000000000005 RSI: 0000200000000000 RDI: 0000000000000003 [ 333.153140][T10440] RBP: 00007f6835d5f090 R08: 0000000000000000 R09: 0000000000000000 [ 333.153149][T10440] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 333.153157][T10440] R13: 00007f68351e6218 R14: 00007f68351e6180 R15: 00007ffde9d28b68 [ 333.153176][T10440] [ 334.473311][T10452] FAULT_INJECTION: forcing a failure. [ 334.473311][T10452] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 334.531821][T10452] CPU: 0 UID: 0 PID: 10452 Comm: syz.3.1151 Tainted: G L syzkaller #0 PREEMPT(full) [ 334.531846][T10452] Tainted: [L]=SOFTLOCKUP [ 334.531851][T10452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 334.531860][T10452] Call Trace: [ 334.531866][T10452] [ 334.531872][T10452] dump_stack_lvl+0x16c/0x1f0 [ 334.531899][T10452] should_fail_ex+0x512/0x640 [ 334.531919][T10452] _copy_from_user+0x2e/0xd0 [ 334.531935][T10452] csum_and_copy_from_iter_full+0x21a/0x1f90 [ 334.531967][T10452] ? __pfx_csum_and_copy_from_iter_full+0x10/0x10 [ 334.531996][T10452] ? policy_nodemask+0xea/0x4e0 [ 334.532021][T10452] ? alloc_pages_mpol+0x25a/0x550 [ 334.532045][T10452] ip_generic_getfrag+0x170/0x270 [ 334.532068][T10452] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 334.532091][T10452] ? alloc_pages_noprof+0x23c/0x390 [ 334.532114][T10452] raw_getfrag+0x22d/0x2a0 [ 334.532131][T10452] ? sk_page_frag_refill+0x6c/0x340 [ 334.532148][T10452] __ip_append_data+0x2030/0x41a0 [ 334.532174][T10452] ? __pfx_raw_getfrag+0x10/0x10 [ 334.532195][T10452] ? ip_dst_mtu_maybe_forward.constprop.0+0x332/0x750 [ 334.532214][T10452] ? __pfx___ip_append_data+0x10/0x10 [ 334.532240][T10452] ip_append_data+0x10f/0x1a0 [ 334.532256][T10452] ? __pfx_raw_getfrag+0x10/0x10 [ 334.532273][T10452] raw_sendmsg+0xf06/0x34f0 [ 334.532297][T10452] ? __pfx_raw_sendmsg+0x10/0x10 [ 334.532316][T10452] ? __lock_acquire+0x436/0x2890 [ 334.532355][T10452] ? __pfx_raw_sendmsg+0x10/0x10 [ 334.532373][T10452] inet_sendmsg+0x11c/0x140 [ 334.532391][T10452] sock_write_iter+0x509/0x610 [ 334.532414][T10452] ? __pfx_sock_write_iter+0x10/0x10 [ 334.532442][T10452] ? bpf_lsm_file_permission+0x9/0x10 [ 334.532460][T10452] ? security_file_permission+0x71/0x210 [ 334.532479][T10452] ? rw_verify_area+0xcf/0x6c0 [ 334.532500][T10452] vfs_write+0x7d3/0x11d0 [ 334.532520][T10452] ? __pfx_sock_write_iter+0x10/0x10 [ 334.532544][T10452] ? __pfx_vfs_write+0x10/0x10 [ 334.532562][T10452] ? find_held_lock+0x2b/0x80 [ 334.532591][T10452] ksys_write+0x1f8/0x250 [ 334.532611][T10452] ? __pfx_ksys_write+0x10/0x10 [ 334.532637][T10452] do_syscall_64+0xcd/0xf80 [ 334.532659][T10452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.532675][T10452] RIP: 0033:0x7f6834f8f7c9 [ 334.532687][T10452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.532702][T10452] RSP: 002b:00007f6835da1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 334.532716][T10452] RAX: ffffffffffffffda RBX: 00007f68351e5fa0 RCX: 00007f6834f8f7c9 [ 334.532727][T10452] RDX: 000000000000fdf3 RSI: 0000000000000000 RDI: 0000000000000003 [ 334.532735][T10452] RBP: 00007f6835da1090 R08: 0000000000000000 R09: 0000000000000000 [ 334.532744][T10452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 334.532752][T10452] R13: 00007f68351e6038 R14: 00007f68351e5fa0 R15: 00007ffde9d28b68 [ 334.532772][T10452] [ 335.041494][T10089] syz.1.1052 (10089) used greatest stack depth: 18640 bytes left [ 335.317107][T10460] FAULT_INJECTION: forcing a failure. [ 335.317107][T10460] name failslab, interval 1, probability 393216, space 0, times 0 [ 335.379790][T10460] CPU: 0 UID: 0 PID: 10460 Comm: syz.2.1152 Tainted: G L syzkaller #0 PREEMPT(full) [ 335.379818][T10460] Tainted: [L]=SOFTLOCKUP [ 335.379824][T10460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 335.379833][T10460] Call Trace: [ 335.379839][T10460] [ 335.379845][T10460] dump_stack_lvl+0x16c/0x1f0 [ 335.379873][T10460] should_fail_ex+0x512/0x640 [ 335.379890][T10460] ? kmem_cache_alloc_noprof+0x62/0x770 [ 335.379911][T10460] should_failslab+0xc2/0x120 [ 335.379933][T10460] kmem_cache_alloc_noprof+0x83/0x770 [ 335.379950][T10460] ? do_fcntl_add_lease+0x9d/0x550 [ 335.379976][T10460] ? do_fcntl_add_lease+0x9d/0x550 [ 335.380003][T10460] do_fcntl_add_lease+0x9d/0x550 [ 335.380025][T10460] ? __pfx_do_fcntl_add_lease+0x10/0x10 [ 335.380046][T10460] ? __pfx_futex_wait+0x10/0x10 [ 335.380073][T10460] fcntl_setlease+0xfc/0x180 [ 335.380095][T10460] ? __pfx_fcntl_setlease+0x10/0x10 [ 335.380121][T10460] do_fcntl+0x153b/0x1660 [ 335.380138][T10460] ? __pfx_do_fcntl+0x10/0x10 [ 335.380159][T10460] ? tomoyo_file_fcntl+0x6c/0xc0 [ 335.380184][T10460] __x64_sys_fcntl+0x163/0x200 [ 335.380205][T10460] do_syscall_64+0xcd/0xf80 [ 335.380228][T10460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.380244][T10460] RIP: 0033:0x7f7aabf8f7c9 [ 335.380259][T10460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 335.380274][T10460] RSP: 002b:00007f7aacda3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 335.380289][T10460] RAX: ffffffffffffffda RBX: 00007f7aac1e6180 RCX: 00007f7aabf8f7c9 [ 335.380299][T10460] RDX: 9ec0000000000000 RSI: 0000000000000400 RDI: 0000000000000003 [ 335.380309][T10460] RBP: 00007f7aac013f91 R08: 0000000000000000 R09: 0000000000000000 [ 335.380318][T10460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.380327][T10460] R13: 00007f7aac1e6218 R14: 00007f7aac1e6180 R15: 00007fffb6797568 [ 335.380347][T10460] [ 336.003827][T10460] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1152'. [ 336.493937][T10468] FAULT_INJECTION: forcing a failure. [ 336.493937][T10468] name failslab, interval 1, probability 393216, space 0, times 0 [ 336.573173][T10468] CPU: 0 UID: 0 PID: 10468 Comm: syz.2.1155 Tainted: G L syzkaller #0 PREEMPT(full) [ 336.573200][T10468] Tainted: [L]=SOFTLOCKUP [ 336.573205][T10468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 336.573214][T10468] Call Trace: [ 336.573220][T10468] [ 336.573226][T10468] dump_stack_lvl+0x16c/0x1f0 [ 336.573252][T10468] should_fail_ex+0x512/0x640 [ 336.573269][T10468] ? __kmalloc_noprof+0xca/0x910 [ 336.573287][T10468] should_failslab+0xc2/0x120 [ 336.573309][T10468] __kmalloc_noprof+0xeb/0x910 [ 336.573325][T10468] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 336.573354][T10468] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 336.573378][T10468] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 336.573406][T10468] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 336.573430][T10468] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 336.573452][T10468] ? genl_get_cmd+0x194/0x580 [ 336.573477][T10468] ? bpf_lsm_capable+0x9/0x10 [ 336.573497][T10468] ? security_capable+0x7e/0x260 [ 336.573520][T10468] ? ns_capable+0xd7/0x110 [ 336.573540][T10468] genl_rcv_msg+0x55c/0x800 [ 336.573556][T10468] ? __pfx_genl_rcv_msg+0x10/0x10 [ 336.573570][T10468] ? __pfx_batadv_pre_doit+0x10/0x10 [ 336.573587][T10468] ? __pfx_batadv_netlink_set_mesh+0x10/0x10 [ 336.573604][T10468] ? __pfx_batadv_post_doit+0x10/0x10 [ 336.573628][T10468] netlink_rcv_skb+0x158/0x420 [ 336.573648][T10468] ? __pfx_genl_rcv_msg+0x10/0x10 [ 336.573663][T10468] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 336.573691][T10468] ? netlink_deliver_tap+0x1ae/0xd30 [ 336.573713][T10468] genl_rcv+0x28/0x40 [ 336.573734][T10468] netlink_unicast+0x5aa/0x870 [ 336.573757][T10468] ? __pfx_netlink_unicast+0x10/0x10 [ 336.573785][T10468] netlink_sendmsg+0x8c8/0xdd0 [ 336.573809][T10468] ? __pfx_netlink_sendmsg+0x10/0x10 [ 336.573832][T10468] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 336.573859][T10468] ____sys_sendmsg+0xa5d/0xc30 [ 336.573883][T10468] ? copy_msghdr_from_user+0x10a/0x160 [ 336.573902][T10468] ? __pfx_____sys_sendmsg+0x10/0x10 [ 336.573939][T10468] ___sys_sendmsg+0x134/0x1d0 [ 336.573960][T10468] ? __pfx____sys_sendmsg+0x10/0x10 [ 336.574001][T10468] __sys_sendmsg+0x16d/0x220 [ 336.574020][T10468] ? __pfx___sys_sendmsg+0x10/0x10 [ 336.574051][T10468] do_syscall_64+0xcd/0xf80 [ 336.574077][T10468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.574093][T10468] RIP: 0033:0x7f7aabf8f7c9 [ 336.574106][T10468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.574122][T10468] RSP: 002b:00007f7aacdc4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 336.574137][T10468] RAX: ffffffffffffffda RBX: 00007f7aac1e6090 RCX: 00007f7aabf8f7c9 [ 336.574148][T10468] RDX: 00000000140000e4 RSI: 00002000000005c0 RDI: 0000000000000003 [ 336.574158][T10468] RBP: 00007f7aacdc4090 R08: 0000000000000000 R09: 0000000000000000 [ 336.574167][T10468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 336.574177][T10468] R13: 00007f7aac1e6128 R14: 00007f7aac1e6090 R15: 00007fffb6797568 [ 336.574197][T10468] [ 338.234344][T10503] FAULT_INJECTION: forcing a failure. [ 338.234344][T10503] name failslab, interval 1, probability 393216, space 0, times 0 [ 338.297301][T10503] CPU: 0 UID: 0 PID: 10503 Comm: syz.3.1164 Tainted: G L syzkaller #0 PREEMPT(full) [ 338.297329][T10503] Tainted: [L]=SOFTLOCKUP [ 338.297335][T10503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 338.297344][T10503] Call Trace: [ 338.297350][T10503] [ 338.297356][T10503] dump_stack_lvl+0x16c/0x1f0 [ 338.297402][T10503] should_fail_ex+0x512/0x640 [ 338.297419][T10503] ? __kmalloc_cache_noprof+0x5f/0x800 [ 338.297438][T10503] should_failslab+0xc2/0x120 [ 338.297460][T10503] __kmalloc_cache_noprof+0x80/0x800 [ 338.297478][T10503] ? kvm_init_irq_routing+0x43/0xf0 [ 338.297496][T10503] ? kvm_init_irq_routing+0x43/0xf0 [ 338.297510][T10503] kvm_init_irq_routing+0x43/0xf0 [ 338.297525][T10503] kvm_dev_ioctl+0x7ca/0x1a80 [ 338.297547][T10503] ? find_held_lock+0x2b/0x80 [ 338.297565][T10503] ? hook_file_ioctl_common+0x144/0x410 [ 338.297583][T10503] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 338.297604][T10503] ? __fget_files+0x20e/0x3c0 [ 338.297627][T10503] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 338.297646][T10503] __x64_sys_ioctl+0x18e/0x210 [ 338.297666][T10503] do_syscall_64+0xcd/0xf80 [ 338.297689][T10503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.297704][T10503] RIP: 0033:0x7f6834f8f7c9 [ 338.297717][T10503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.297732][T10503] RSP: 002b:00007f6835da1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 338.297747][T10503] RAX: ffffffffffffffda RBX: 00007f68351e5fa0 RCX: 00007f6834f8f7c9 [ 338.297757][T10503] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 338.297765][T10503] RBP: 00007f6835da1090 R08: 0000000000000000 R09: 0000000000000000 [ 338.297774][T10503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 338.297783][T10503] R13: 00007f68351e6038 R14: 00007f68351e5fa0 R15: 00007ffde9d28b68 [ 338.297802][T10503] [ 339.005047][T10506] FAULT_INJECTION: forcing a failure. [ 339.005047][T10506] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 339.044089][T10506] CPU: 0 UID: 0 PID: 10506 Comm: syz.0.1165 Tainted: G L syzkaller #0 PREEMPT(full) [ 339.044116][T10506] Tainted: [L]=SOFTLOCKUP [ 339.044122][T10506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 339.044131][T10506] Call Trace: [ 339.044137][T10506] [ 339.044144][T10506] dump_stack_lvl+0x16c/0x1f0 [ 339.044171][T10506] should_fail_ex+0x512/0x640 [ 339.044191][T10506] should_fail_alloc_page+0xe7/0x130 [ 339.044216][T10506] prepare_alloc_pages+0x401/0x670 [ 339.044240][T10506] ? kernel_text_address+0x8d/0x100 [ 339.044259][T10506] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 339.044286][T10506] ? stack_trace_save+0x8e/0xc0 [ 339.044309][T10506] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 339.044327][T10506] ? trace_mm_page_alloc+0x11b/0x180 [ 339.044353][T10506] ? kmem_cache_alloc_noprof+0x25e/0x770 [ 339.044370][T10506] ? __pmd_alloc+0xbf/0x9c0 [ 339.044391][T10506] ? __handle_mm_fault+0xbeb/0x2bb0 [ 339.044405][T10506] ? handle_mm_fault+0x3fe/0xad0 [ 339.044423][T10506] ? __get_user_pages+0x54e/0x3590 [ 339.044443][T10506] ? populate_vma_page_range+0x267/0x3f0 [ 339.044464][T10506] ? __mm_populate+0x1d8/0x380 [ 339.044484][T10506] ? vm_mmap_pgoff+0x37f/0x470 [ 339.044503][T10506] ? ksys_mmap_pgoff+0x7d/0x5c0 [ 339.044523][T10506] ? __x64_sys_mmap+0x125/0x190 [ 339.044538][T10506] ? do_syscall_64+0xcd/0xf80 [ 339.044558][T10506] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.044573][T10506] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 339.044597][T10506] ? policy_nodemask+0xea/0x4e0 [ 339.044620][T10506] alloc_pages_mpol+0x1fb/0x550 [ 339.044642][T10506] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 339.044669][T10506] alloc_pages_noprof+0x131/0x390 [ 339.044692][T10506] pte_alloc_one+0x1e/0x3d0 [ 339.044712][T10506] __pte_alloc+0x6d/0x3f0 [ 339.044738][T10506] ? __pfx___pte_alloc+0x10/0x10 [ 339.044760][T10506] ? do_raw_spin_lock+0x12c/0x2b0 [ 339.044777][T10506] ? find_held_lock+0x2b/0x80 [ 339.044797][T10506] do_anonymous_page+0x1092/0x2190 [ 339.044814][T10506] ? do_raw_spin_unlock+0x172/0x230 [ 339.044832][T10506] ? _raw_spin_unlock+0x28/0x50 [ 339.044851][T10506] ? __pmd_alloc+0x6aa/0x9c0 [ 339.044874][T10506] __handle_mm_fault+0x1ecf/0x2bb0 [ 339.044895][T10506] ? __pfx___handle_mm_fault+0x10/0x10 [ 339.044926][T10506] handle_mm_fault+0x3fe/0xad0 [ 339.044946][T10506] __get_user_pages+0x54e/0x3590 [ 339.044975][T10506] ? __pfx___get_user_pages+0x10/0x10 [ 339.045001][T10506] populate_vma_page_range+0x267/0x3f0 [ 339.045025][T10506] ? __pfx_populate_vma_page_range+0x10/0x10 [ 339.045047][T10506] ? __pfx_find_vma_intersection+0x10/0x10 [ 339.045069][T10506] ? do_mmap+0x69c/0x1210 [ 339.045091][T10506] __mm_populate+0x1d8/0x380 [ 339.045114][T10506] ? __pfx___mm_populate+0x10/0x10 [ 339.045138][T10506] ? up_write+0x282/0x4e0 [ 339.045155][T10506] vm_mmap_pgoff+0x37f/0x470 [ 339.045178][T10506] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 339.045202][T10506] ? __x64_sys_futex+0x1e0/0x4c0 [ 339.045218][T10506] ? __x64_sys_futex+0x1e9/0x4c0 [ 339.045237][T10506] ksys_mmap_pgoff+0x7d/0x5c0 [ 339.045257][T10506] ? xfd_validate_state+0x61/0x180 [ 339.045270][T10506] ? __pfx_ksys_write+0x10/0x10 [ 339.045293][T10506] __x64_sys_mmap+0x125/0x190 [ 339.045310][T10506] do_syscall_64+0xcd/0xf80 [ 339.045333][T10506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.045348][T10506] RIP: 0033:0x7fecb658f7c9 [ 339.045363][T10506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.045378][T10506] RSP: 002b:00007fecb7391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 339.045393][T10506] RAX: ffffffffffffffda RBX: 00007fecb67e5fa0 RCX: 00007fecb658f7c9 [ 339.045404][T10506] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 339.045414][T10506] RBP: 00007fecb6613f91 R08: ffffffffffffffff R09: 0000000000000000 [ 339.045424][T10506] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 339.045434][T10506] R13: 00007fecb67e6038 R14: 00007fecb67e5fa0 R15: 00007ffff94f23a8 [ 339.045454][T10506] [ 340.485033][ T30] audit: type=1800 audit(4294967401.958:18): pid=10519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1167" name="features" dev="configfs" ino=32529 res=0 errno=0 [ 340.863601][T10517] random: crng reseeded on system resumption [ 341.398050][T10529] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1170'. [ 343.169664][T10577] FAULT_INJECTION: forcing a failure. [ 343.169664][T10577] name failslab, interval 1, probability 393216, space 0, times 0 [ 343.242704][T10577] CPU: 0 UID: 0 PID: 10577 Comm: syz.2.1184 Tainted: G L syzkaller #0 PREEMPT(full) [ 343.242730][T10577] Tainted: [L]=SOFTLOCKUP [ 343.242736][T10577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 343.242745][T10577] Call Trace: [ 343.242750][T10577] [ 343.242757][T10577] dump_stack_lvl+0x16c/0x1f0 [ 343.242784][T10577] should_fail_ex+0x512/0x640 [ 343.242801][T10577] ? __kmalloc_cache_noprof+0x5f/0x800 [ 343.242820][T10577] should_failslab+0xc2/0x120 [ 343.242842][T10577] __kmalloc_cache_noprof+0x80/0x800 [ 343.242859][T10577] ? __trace_eprobe_create+0xe4d/0x1da0 [ 343.242879][T10577] ? __trace_eprobe_create+0xe4d/0x1da0 [ 343.242895][T10577] ? __pfx___trace_eprobe_create+0x10/0x10 [ 343.242910][T10577] __trace_eprobe_create+0xe4d/0x1da0 [ 343.242932][T10577] ? __pfx___trace_eprobe_create+0x10/0x10 [ 343.242948][T10577] ? rcu_is_watching+0x12/0xc0 [ 343.242969][T10577] ? __kmalloc_noprof+0x35d/0x910 [ 343.242984][T10577] ? argv_split+0x188/0x440 [ 343.243005][T10577] ? argv_split+0x188/0x440 [ 343.243021][T10577] ? argv_split+0x36e/0x440 [ 343.243040][T10577] ? __pfx___trace_eprobe_create+0x10/0x10 [ 343.243056][T10577] trace_probe_create+0xef/0x100 [ 343.243076][T10577] ? __pfx_trace_probe_create+0x10/0x10 [ 343.243100][T10577] create_dyn_event+0xee/0x1d0 [ 343.243116][T10577] trace_parse_run_command+0x1a9/0x400 [ 343.243138][T10577] ? __pfx_create_dyn_event+0x10/0x10 [ 343.243155][T10577] ? __pfx_dyn_event_write+0x10/0x10 [ 343.243169][T10577] vfs_write+0x2a0/0x11d0 [ 343.243191][T10577] ? __pfx___mutex_lock+0x10/0x10 [ 343.243215][T10577] ? __pfx_vfs_write+0x10/0x10 [ 343.243240][T10577] ? __fget_files+0x20e/0x3c0 [ 343.243266][T10577] ksys_write+0x12a/0x250 [ 343.243285][T10577] ? __pfx_ksys_write+0x10/0x10 [ 343.243311][T10577] do_syscall_64+0xcd/0xf80 [ 343.243334][T10577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.243349][T10577] RIP: 0033:0x7f7aabf8f7c9 [ 343.243362][T10577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.243377][T10577] RSP: 002b:00007f7aacde5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 343.243392][T10577] RAX: ffffffffffffffda RBX: 00007f7aac1e5fa0 RCX: 00007f7aabf8f7c9 [ 343.243402][T10577] RDX: 0000000000000012 RSI: 00002000000002c0 RDI: 0000000000000003 [ 343.243411][T10577] RBP: 00007f7aacde5090 R08: 0000000000000000 R09: 0000000000000000 [ 343.243420][T10577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 343.243429][T10577] R13: 00007f7aac1e6038 R14: 00007f7aac1e5fa0 R15: 00007fffb6797568 [ 343.243449][T10577] [ 344.403498][T10595] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 344.413152][T10595] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 344.419197][T10595] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 344.497095][T10595] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 344.692729][T10609] FAULT_INJECTION: forcing a failure. [ 344.692729][T10609] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 344.742224][T10609] CPU: 0 UID: 0 PID: 10609 Comm: syz.3.1193 Tainted: G L syzkaller #0 PREEMPT(full) [ 344.742254][T10609] Tainted: [L]=SOFTLOCKUP [ 344.742259][T10609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 344.742268][T10609] Call Trace: [ 344.742274][T10609] [ 344.742281][T10609] dump_stack_lvl+0x16c/0x1f0 [ 344.742314][T10609] should_fail_ex+0x512/0x640 [ 344.742333][T10609] _copy_to_user+0x32/0xd0 [ 344.742351][T10609] simple_read_from_buffer+0xcb/0x170 [ 344.742373][T10609] proc_fail_nth_read+0x197/0x240 [ 344.742397][T10609] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 344.742421][T10609] ? rw_verify_area+0xcf/0x6c0 [ 344.742440][T10609] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 344.742463][T10609] vfs_read+0x1e4/0xcf0 [ 344.742483][T10609] ? __pfx___mutex_lock+0x10/0x10 [ 344.742508][T10609] ? __pfx_vfs_read+0x10/0x10 [ 344.742532][T10609] ? __fget_files+0x20e/0x3c0 [ 344.742558][T10609] ksys_read+0x12a/0x250 [ 344.742578][T10609] ? __pfx_ksys_read+0x10/0x10 [ 344.742603][T10609] do_syscall_64+0xcd/0xf80 [ 344.742626][T10609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.742642][T10609] RIP: 0033:0x7f6834f8e1dc [ 344.742655][T10609] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 344.742670][T10609] RSP: 002b:00007f6835da1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 344.742684][T10609] RAX: ffffffffffffffda RBX: 00007f68351e5fa0 RCX: 00007f6834f8e1dc [ 344.742694][T10609] RDX: 000000000000000f RSI: 00007f6835da10a0 RDI: 0000000000000004 [ 344.742703][T10609] RBP: 00007f6835da1090 R08: 0000000000000000 R09: 0000000000000000 [ 344.742711][T10609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 344.742720][T10609] R13: 00007f68351e6038 R14: 00007f68351e5fa0 R15: 00007ffde9d28b68 [ 344.742739][T10609] [ 346.401847][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 346.481342][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 346.487415][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 346.525152][T10642] FAULT_INJECTION: forcing a failure. [ 346.525152][T10642] name failslab, interval 1, probability 393216, space 0, times 0 [ 346.564902][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 346.586212][T10642] CPU: 0 UID: 0 PID: 10642 Comm: syz.2.1204 Tainted: G L syzkaller #0 PREEMPT(full) [ 346.586237][T10642] Tainted: [L]=SOFTLOCKUP [ 346.586243][T10642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 346.586252][T10642] Call Trace: [ 346.586257][T10642] [ 346.586264][T10642] dump_stack_lvl+0x16c/0x1f0 [ 346.586290][T10642] should_fail_ex+0x512/0x640 [ 346.586307][T10642] ? fs_reclaim_acquire+0xae/0x150 [ 346.586331][T10642] should_failslab+0xc2/0x120 [ 346.586353][T10642] __kmalloc_noprof+0xeb/0x910 [ 346.586369][T10642] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 346.586394][T10642] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 346.586413][T10642] tomoyo_realpath_from_path+0xc2/0x6e0 [ 346.586434][T10642] ? tomoyo_profile+0x47/0x60 [ 346.586457][T10642] tomoyo_path_number_perm+0x245/0x580 [ 346.586474][T10642] ? tomoyo_path_number_perm+0x237/0x580 [ 346.586492][T10642] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 346.586526][T10642] ? d_alloc_parallel+0xb4e/0x1510 [ 346.586545][T10642] ? current_check_access_path+0x33b/0x460 [ 346.586567][T10642] ? __pfx_current_check_access_path+0x10/0x10 [ 346.586592][T10642] tomoyo_path_mknod+0x10c/0x190 [ 346.586613][T10642] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 346.586637][T10642] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.586661][T10642] security_path_mknod+0x161/0x310 [ 346.586679][T10642] lookup_open.isra.0+0xc10/0x1780 [ 346.586703][T10642] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 346.586725][T10642] ? find_held_lock+0x2b/0x80 [ 346.586749][T10642] ? __pfx_down_write+0x10/0x10 [ 346.586769][T10642] path_openat+0xa95/0x3140 [ 346.586796][T10642] ? __pfx_path_openat+0x10/0x10 [ 346.586819][T10642] ? __lock_acquire+0x436/0x2890 [ 346.586835][T10642] do_filp_open+0x20b/0x470 [ 346.586856][T10642] ? __pfx_do_filp_open+0x10/0x10 [ 346.586891][T10642] ? _raw_spin_unlock+0x28/0x50 [ 346.586909][T10642] ? alloc_fd+0x471/0x7d0 [ 346.586936][T10642] do_sys_openat2+0x121/0x290 [ 346.586952][T10642] ? __pfx_do_sys_openat2+0x10/0x10 [ 346.586970][T10642] ? __fget_files+0x20e/0x3c0 [ 346.586993][T10642] __x64_sys_open+0x153/0x1e0 [ 346.587010][T10642] ? __pfx___x64_sys_open+0x10/0x10 [ 346.587030][T10642] ? rcu_is_watching+0x12/0xc0 [ 346.587052][T10642] do_syscall_64+0xcd/0xf80 [ 346.587083][T10642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.587098][T10642] RIP: 0033:0x7f7aabf8f7c9 [ 346.587110][T10642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.587124][T10642] RSP: 002b:00007f7aacde5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 346.587138][T10642] RAX: ffffffffffffffda RBX: 00007f7aac1e5fa0 RCX: 00007f7aabf8f7c9 [ 346.587154][T10642] RDX: 0000000000000130 RSI: 0000000000161342 RDI: 00002000000000c0 [ 346.587163][T10642] RBP: 00007f7aacde5090 R08: 0000000000000000 R09: 0000000000000000 [ 346.587172][T10642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 346.587181][T10642] R13: 00007f7aac1e6038 R14: 00007f7aac1e5fa0 R15: 00007fffb6797568 [ 346.587201][T10642] [ 346.587208][T10642] ERROR: Out of memory at tomoyo_realpath_from_path. [ 346.931238][T10640] bridge0: port 3(dummy0) entered blocking state [ 346.948110][T10640] bridge0: port 3(dummy0) entered disabled state [ 346.962454][T10640] dummy0: entered allmulticast mode [ 346.968470][T10626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1194'. [ 346.990547][T10640] dummy0: entered promiscuous mode [ 346.996147][T10640] bridge0: port 3(dummy0) entered blocking state [ 347.002891][T10640] bridge0: port 3(dummy0) entered forwarding state [ 347.179020][T10649] can: request_module (can-proto-0) failed. [ 347.454573][T10654] hub 1-0:1.0: USB hub found [ 347.478132][T10654] hub 1-0:1.0: 1 port detected [ 347.601366][T10654] ima: policy update failed [ 347.676338][ T30] audit: type=1802 audit(4294967409.185:19): pid=10654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1208" res=0 errno=0 [ 348.692454][T10678] random: crng reseeded on system resumption [ 349.377274][T10689] FAULT_INJECTION: forcing a failure. [ 349.377274][T10689] name failslab, interval 1, probability 393216, space 0, times 0 [ 349.436080][T10689] CPU: 0 UID: 0 PID: 10689 Comm: syz.2.1219 Tainted: G L syzkaller #0 PREEMPT(full) [ 349.436106][T10689] Tainted: [L]=SOFTLOCKUP [ 349.436111][T10689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 349.436120][T10689] Call Trace: [ 349.436126][T10689] [ 349.436132][T10689] dump_stack_lvl+0x16c/0x1f0 [ 349.436159][T10689] should_fail_ex+0x512/0x640 [ 349.436182][T10689] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 349.436203][T10689] should_failslab+0xc2/0x120 [ 349.436225][T10689] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 349.436242][T10689] ? dquot_alloc_inode+0x51b/0xb90 [ 349.436259][T10689] ? __dquot_initialize+0x299/0xd50 [ 349.436274][T10689] ? __d_alloc+0x35/0xa80 [ 349.436290][T10689] ? __d_alloc+0x35/0xa80 [ 349.436303][T10689] __d_alloc+0x35/0xa80 [ 349.436318][T10689] d_alloc_pseudo+0x1c/0xc0 [ 349.436335][T10689] alloc_file_pseudo+0xcf/0x230 [ 349.436353][T10689] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 349.436374][T10689] __shmem_file_setup+0x1a8/0x350 [ 349.436399][T10689] shmem_zero_setup+0x93/0x1b0 [ 349.436418][T10689] __mmap_region+0x2271/0x2a00 [ 349.436438][T10689] ? __lock_acquire+0x436/0x2890 [ 349.436452][T10689] ? __pfx___mmap_region+0x10/0x10 [ 349.436482][T10689] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 349.436505][T10689] ? is_bpf_text_address+0x94/0x1a0 [ 349.436561][T10689] ? rcu_is_watching+0x12/0xc0 [ 349.436586][T10689] mmap_region+0x1ab/0x3f0 [ 349.436603][T10689] ? __get_unmapped_area+0x267/0x3f0 [ 349.436626][T10689] do_mmap+0xa3e/0x1210 [ 349.436651][T10689] ? __pfx_do_mmap+0x10/0x10 [ 349.436671][T10689] ? __pfx_down_write_killable+0x10/0x10 [ 349.436691][T10689] vm_mmap_pgoff+0x29e/0x470 [ 349.436714][T10689] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 349.436736][T10689] ? __fget_files+0x20e/0x3c0 [ 349.436755][T10689] ? __kvm_handle_async_pf+0x20/0xa0 [ 349.436780][T10689] ksys_mmap_pgoff+0x7d/0x5c0 [ 349.436800][T10689] ? __pfx_ksys_write+0x10/0x10 [ 349.436823][T10689] __x64_sys_mmap+0x125/0x190 [ 349.436841][T10689] do_syscall_64+0xcd/0xf80 [ 349.436864][T10689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.436879][T10689] RIP: 0033:0x7f7aabf8f7c9 [ 349.436892][T10689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.436907][T10689] RSP: 002b:00007f7aacde5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 349.436921][T10689] RAX: ffffffffffffffda RBX: 00007f7aac1e5fa0 RCX: 00007f7aabf8f7c9 [ 349.436931][T10689] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 349.436940][T10689] RBP: 00007f7aacde5090 R08: fffffffffffffffa R09: 0000000000008000 [ 349.436950][T10689] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000001 [ 349.436959][T10689] R13: 00007f7aac1e6038 R14: 00007f7aac1e5fa0 R15: 00007fffb6797568 [ 349.436979][T10689] [ 350.243336][T10695] FAULT_INJECTION: forcing a failure. [ 350.243336][T10695] name failslab, interval 1, probability 393216, space 0, times 0 [ 350.282364][T10695] CPU: 0 UID: 0 PID: 10695 Comm: syz.2.1221 Tainted: G L syzkaller #0 PREEMPT(full) [ 350.282390][T10695] Tainted: [L]=SOFTLOCKUP [ 350.282396][T10695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 350.282404][T10695] Call Trace: [ 350.282410][T10695] [ 350.282416][T10695] dump_stack_lvl+0x16c/0x1f0 [ 350.282443][T10695] should_fail_ex+0x512/0x640 [ 350.282460][T10695] ? fs_reclaim_acquire+0xae/0x150 [ 350.282483][T10695] should_failslab+0xc2/0x120 [ 350.282505][T10695] __kmalloc_noprof+0xeb/0x910 [ 350.282522][T10695] ? tomoyo_encode2+0x100/0x3e0 [ 350.282544][T10695] ? tomoyo_encode2+0x100/0x3e0 [ 350.282562][T10695] tomoyo_encode2+0x100/0x3e0 [ 350.282583][T10695] tomoyo_encode+0x29/0x50 [ 350.282601][T10695] tomoyo_realpath_from_path+0x18f/0x6e0 [ 350.282626][T10695] tomoyo_check_open_permission+0x2ab/0x3c0 [ 350.282644][T10695] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 350.282679][T10695] ? do_raw_spin_lock+0x12c/0x2b0 [ 350.282701][T10695] tomoyo_file_open+0x6b/0x90 [ 350.282724][T10695] security_file_open+0x84/0x1e0 [ 350.282743][T10695] do_dentry_open+0x597/0x1590 [ 350.282766][T10695] ? security_inode_permission+0xbf/0x260 [ 350.282785][T10695] vfs_open+0x82/0x3f0 [ 350.282803][T10695] path_openat+0x2078/0x3140 [ 350.282831][T10695] ? __pfx_path_openat+0x10/0x10 [ 350.282864][T10695] do_filp_open+0x20b/0x470 [ 350.282886][T10695] ? __pfx_do_filp_open+0x10/0x10 [ 350.282921][T10695] ? alloc_fd+0x471/0x7d0 [ 350.282947][T10695] do_sys_openat2+0x121/0x290 [ 350.282963][T10695] ? __pfx_do_sys_openat2+0x10/0x10 [ 350.282981][T10695] ? __fget_files+0x20e/0x3c0 [ 350.283004][T10695] __x64_sys_openat+0x174/0x210 [ 350.283021][T10695] ? __pfx___x64_sys_openat+0x10/0x10 [ 350.283037][T10695] ? ksys_write+0x1ac/0x250 [ 350.283063][T10695] do_syscall_64+0xcd/0xf80 [ 350.283086][T10695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.283102][T10695] RIP: 0033:0x7f7aabf8f7c9 [ 350.283114][T10695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 350.283129][T10695] RSP: 002b:00007f7aacde5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 350.283143][T10695] RAX: ffffffffffffffda RBX: 00007f7aac1e5fa0 RCX: 00007f7aabf8f7c9 [ 350.283153][T10695] RDX: 0000000000000000 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 350.283163][T10695] RBP: 00007f7aacde5090 R08: 0000000000000000 R09: 0000000000000000 [ 350.283172][T10695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 350.283180][T10695] R13: 00007f7aac1e6038 R14: 00007f7aac1e5fa0 R15: 00007fffb6797568 [ 350.283199][T10695] [ 350.283216][T10695] ERROR: Out of memory at tomoyo_realpath_from_path. [ 351.558916][T10709] FAULT_INJECTION: forcing a failure. [ 351.558916][T10709] name failslab, interval 1, probability 393216, space 0, times 0 [ 351.684277][T10709] CPU: 0 UID: 0 PID: 10709 Comm: syz.3.1225 Tainted: G L syzkaller #0 PREEMPT(full) [ 351.684303][T10709] Tainted: [L]=SOFTLOCKUP [ 351.684308][T10709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 351.684317][T10709] Call Trace: [ 351.684322][T10709] [ 351.684329][T10709] dump_stack_lvl+0x16c/0x1f0 [ 351.684357][T10709] should_fail_ex+0x512/0x640 [ 351.684373][T10709] ? kmem_cache_alloc_noprof+0x62/0x770 [ 351.684394][T10709] should_failslab+0xc2/0x120 [ 351.684416][T10709] kmem_cache_alloc_noprof+0x83/0x770 [ 351.684433][T10709] ? alloc_empty_file+0x55/0x1e0 [ 351.684452][T10709] ? alloc_empty_file+0x55/0x1e0 [ 351.684466][T10709] alloc_empty_file+0x55/0x1e0 [ 351.684483][T10709] alloc_file_pseudo+0x13a/0x230 [ 351.684499][T10709] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 351.684516][T10709] ? _raw_spin_unlock+0x28/0x50 [ 351.684536][T10709] ? alloc_fd+0x471/0x7d0 [ 351.684571][T10709] __anon_inode_getfile+0xe8/0x280 [ 351.684586][T10709] ? find_held_lock+0x2b/0x80 [ 351.684607][T10709] __anon_inode_getfd+0x5c/0x160 [ 351.684624][T10709] map_create+0x1744/0x2a10 [ 351.684645][T10709] ? find_held_lock+0x2b/0x80 [ 351.684668][T10709] ? __pfx_map_create+0x10/0x10 [ 351.684686][T10709] ? __might_fault+0xe3/0x190 [ 351.684702][T10709] ? __might_fault+0xe3/0x190 [ 351.684717][T10709] ? __might_fault+0x13b/0x190 [ 351.684740][T10709] __sys_bpf+0x3d9d/0x4980 [ 351.684757][T10709] ? __pfx___sys_bpf+0x10/0x10 [ 351.684770][T10709] ? find_held_lock+0x2b/0x80 [ 351.684796][T10709] ? find_held_lock+0x2b/0x80 [ 351.684818][T10709] ? __mutex_unlock_slowpath+0x161/0x790 [ 351.684852][T10709] ? fput+0x70/0xf0 [ 351.684865][T10709] ? ksys_write+0x1ac/0x250 [ 351.684885][T10709] ? __pfx_ksys_write+0x10/0x10 [ 351.684908][T10709] __x64_sys_bpf+0x78/0xc0 [ 351.684922][T10709] ? lockdep_hardirqs_on+0x7c/0x110 [ 351.684943][T10709] do_syscall_64+0xcd/0xf80 [ 351.684965][T10709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.684981][T10709] RIP: 0033:0x7f6834f8f7c9 [ 351.684993][T10709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 351.685008][T10709] RSP: 002b:00007f6835da1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 351.685022][T10709] RAX: ffffffffffffffda RBX: 00007f68351e5fa0 RCX: 00007f6834f8f7c9 [ 351.685032][T10709] RDX: 000000000000000f RSI: 00002000000000c0 RDI: 0000000000000000 [ 351.685041][T10709] RBP: 00007f6835da1090 R08: 0000000000000000 R09: 0000000000000000 [ 351.685051][T10709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 351.685059][T10709] R13: 00007f68351e6038 R14: 00007f68351e5fa0 R15: 00007ffde9d28b68 [ 351.685078][T10709] [ 353.566156][T10728] zswap: compressor not available [ 353.909576][T10740] rtc_cmos 00:00: Alarms can be up to one day in the future [ 354.003356][T10737] bond0: option all_slaves_active: invalid value (15) [ 354.917276][T10752] FAULT_INJECTION: forcing a failure. [ 354.917276][T10752] name failslab, interval 1, probability 393216, space 0, times 0 [ 355.043790][T10752] CPU: 0 UID: 0 PID: 10752 Comm: syz.0.1236 Tainted: G L syzkaller #0 PREEMPT(full) [ 355.043817][T10752] Tainted: [L]=SOFTLOCKUP [ 355.043823][T10752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 355.043832][T10752] Call Trace: [ 355.043837][T10752] [ 355.043845][T10752] dump_stack_lvl+0x16c/0x1f0 [ 355.043872][T10752] should_fail_ex+0x512/0x640 [ 355.043889][T10752] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 355.043910][T10752] should_failslab+0xc2/0x120 [ 355.043936][T10752] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 355.043955][T10752] ? shmem_alloc_inode+0x25/0x50 [ 355.043980][T10752] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 355.044000][T10752] ? shmem_alloc_inode+0x25/0x50 [ 355.044019][T10752] shmem_alloc_inode+0x25/0x50 [ 355.044038][T10752] alloc_inode+0x64/0x240 [ 355.044054][T10752] new_inode+0x22/0x1c0 [ 355.044072][T10752] shmem_get_inode+0x19a/0xfb0 [ 355.044097][T10752] __shmem_file_setup+0x108/0x350 [ 355.044118][T10752] ? vm_area_alloc+0x1f/0x160 [ 355.044135][T10752] shmem_zero_setup+0x93/0x1b0 [ 355.044154][T10752] __mmap_region+0x2271/0x2a00 [ 355.044173][T10752] ? __lock_acquire+0x436/0x2890 [ 355.044188][T10752] ? __pfx___mmap_region+0x10/0x10 [ 355.044211][T10752] ? lock_acquire+0x179/0x330 [ 355.044232][T10752] ? finish_task_switch.isra.0+0x207/0xbd0 [ 355.044302][T10752] ? rcu_is_watching+0x12/0xc0 [ 355.044329][T10752] mmap_region+0x1ab/0x3f0 [ 355.044351][T10752] do_mmap+0xa3e/0x1210 [ 355.044377][T10752] ? __pfx_do_mmap+0x10/0x10 [ 355.044399][T10752] ? __pfx_down_write_killable+0x10/0x10 [ 355.044419][T10752] vm_mmap_pgoff+0x29e/0x470 [ 355.044449][T10752] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 355.044474][T10752] ? __x64_sys_futex+0x1e0/0x4c0 [ 355.044492][T10752] ? __x64_sys_futex+0x1e9/0x4c0 [ 355.044512][T10752] ksys_mmap_pgoff+0x7d/0x5c0 [ 355.044533][T10752] ? xfd_validate_state+0x61/0x180 [ 355.044547][T10752] ? __pfx_ksys_write+0x10/0x10 [ 355.044570][T10752] __x64_sys_mmap+0x125/0x190 [ 355.044587][T10752] do_syscall_64+0xcd/0xf80 [ 355.044610][T10752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.044626][T10752] RIP: 0033:0x7fecb658f7c9 [ 355.044640][T10752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 355.044654][T10752] RSP: 002b:00007fecb7391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 355.044669][T10752] RAX: ffffffffffffffda RBX: 00007fecb67e5fa0 RCX: 00007fecb658f7c9 [ 355.044680][T10752] RDX: 0100001000000004 RSI: 0000000000000061 RDI: 0000000000000000 [ 355.044690][T10752] RBP: 00007fecb6613f91 R08: 0000000000000400 R09: 0000000000008000 [ 355.044699][T10752] R10: 000000000000fa31 R11: 0000000000000246 R12: 0000000000000000 [ 355.044709][T10752] R13: 00007fecb67e6038 R14: 00007fecb67e5fa0 R15: 00007ffff94f23a8 [ 355.044730][T10752] [ 355.965901][T10760] random: crng reseeded on system resumption [ 356.603228][T10769] FAULT_INJECTION: forcing a failure. [ 356.603228][T10769] name failslab, interval 1, probability 393216, space 0, times 0 [ 356.648156][T10769] CPU: 0 UID: 0 PID: 10769 Comm: syz.2.1239 Tainted: G L syzkaller #0 PREEMPT(full) [ 356.648182][T10769] Tainted: [L]=SOFTLOCKUP [ 356.648187][T10769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 356.648196][T10769] Call Trace: [ 356.648202][T10769] [ 356.648208][T10769] dump_stack_lvl+0x16c/0x1f0 [ 356.648233][T10769] should_fail_ex+0x512/0x640 [ 356.648250][T10769] ? kmem_cache_alloc_noprof+0x62/0x770 [ 356.648270][T10769] should_failslab+0xc2/0x120 [ 356.648291][T10769] kmem_cache_alloc_noprof+0x83/0x770 [ 356.648308][T10769] ? security_file_alloc+0x34/0x2b0 [ 356.648341][T10769] ? security_file_alloc+0x34/0x2b0 [ 356.648358][T10769] security_file_alloc+0x34/0x2b0 [ 356.648376][T10769] init_file+0x93/0x4c0 [ 356.648391][T10769] alloc_empty_file+0x73/0x1e0 [ 356.648407][T10769] path_openat+0xde/0x3140 [ 356.648428][T10769] ? do_syscall_64+0xcd/0xf80 [ 356.648448][T10769] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.648468][T10769] ? __pfx_path_openat+0x10/0x10 [ 356.648496][T10769] do_filp_open+0x20b/0x470 [ 356.648517][T10769] ? __pfx_do_filp_open+0x10/0x10 [ 356.648551][T10769] ? alloc_fd+0x471/0x7d0 [ 356.648577][T10769] do_sys_openat2+0x121/0x290 [ 356.648593][T10769] ? __pfx_do_sys_openat2+0x10/0x10 [ 356.648611][T10769] ? __fget_files+0x20e/0x3c0 [ 356.648634][T10769] __x64_sys_openat+0x174/0x210 [ 356.648651][T10769] ? __pfx___x64_sys_openat+0x10/0x10 [ 356.648667][T10769] ? ksys_write+0x1ac/0x250 [ 356.648692][T10769] do_syscall_64+0xcd/0xf80 [ 356.648714][T10769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.648729][T10769] RIP: 0033:0x7f7aabf8f7c9 [ 356.648743][T10769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 356.648757][T10769] RSP: 002b:00007f7aacdc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 356.648771][T10769] RAX: ffffffffffffffda RBX: 00007f7aac1e6090 RCX: 00007f7aabf8f7c9 [ 356.648782][T10769] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 356.648791][T10769] RBP: 00007f7aacdc4090 R08: 0000000000000000 R09: 0000000000000000 [ 356.648800][T10769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 356.648808][T10769] R13: 00007f7aac1e6128 R14: 00007f7aac1e6090 R15: 00007fffb6797568 [ 356.648827][T10769] [ 357.235903][T10771] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 357.354161][T10772] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 357.911072][T10787] FAULT_INJECTION: forcing a failure. [ 357.911072][T10787] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 357.984832][T10787] CPU: 0 UID: 0 PID: 10787 Comm: syz.2.1242 Tainted: G L syzkaller #0 PREEMPT(full) [ 357.984860][T10787] Tainted: [L]=SOFTLOCKUP [ 357.984866][T10787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 357.984876][T10787] Call Trace: [ 357.984882][T10787] [ 357.984888][T10787] dump_stack_lvl+0x16c/0x1f0 [ 357.984916][T10787] should_fail_ex+0x512/0x640 [ 357.984937][T10787] should_fail_alloc_page+0xe7/0x130 [ 357.984962][T10787] prepare_alloc_pages+0x401/0x670 [ 357.984989][T10787] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 357.985012][T10787] ? find_held_lock+0x2b/0x80 [ 357.985033][T10787] ? is_bpf_text_address+0x8a/0x1a0 [ 357.985052][T10787] ? bpf_ksym_find+0x124/0x1c0 [ 357.985067][T10787] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 357.985087][T10787] ? kernel_text_address+0x8d/0x100 [ 357.985104][T10787] ? __kernel_text_address+0xd/0x40 [ 357.985120][T10787] ? unwind_get_return_address+0x59/0xa0 [ 357.985147][T10787] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 357.985170][T10787] ? policy_nodemask+0xea/0x4e0 [ 357.985193][T10787] alloc_pages_mpol+0x1fb/0x550 [ 357.985216][T10787] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 357.985236][T10787] ? kasan_save_stack+0x42/0x60 [ 357.985255][T10787] ? kasan_save_track+0x14/0x30 [ 357.985273][T10787] ? __kasan_kmalloc+0xaa/0xb0 [ 357.985290][T10787] ? __get_vm_area_node+0x101/0x330 [ 357.985323][T10787] alloc_pages_noprof+0x131/0x390 [ 357.985346][T10787] get_free_pages_noprof+0x10/0xb0 [ 357.985368][T10787] __kasan_populate_vmalloc+0xa0/0x220 [ 357.985392][T10787] alloc_vmap_area+0x98d/0x2a50 [ 357.985421][T10787] ? __pfx_alloc_vmap_area+0x10/0x10 [ 357.985448][T10787] __get_vm_area_node+0x1ca/0x330 [ 357.985474][T10787] __vmalloc_node_range_noprof+0x247/0x16b0 [ 357.985490][T10787] ? n_tty_open+0x1a/0x170 [ 357.985503][T10787] ? do_raw_spin_lock+0x12c/0x2b0 [ 357.985525][T10787] ? n_tty_open+0x1a/0x170 [ 357.985543][T10787] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 357.985557][T10787] ? __ldsem_down_write_nested+0xfd/0x850 [ 357.985571][T10787] ? __ldsem_down_write_nested+0x10e/0x850 [ 357.985584][T10787] ? lockdep_init_map_type+0x5c/0x270 [ 357.985602][T10787] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 357.985619][T10787] ? n_tty_open+0x1a/0x170 [ 357.985632][T10787] __vmalloc_node_noprof+0xad/0xf0 [ 357.985646][T10787] ? n_tty_open+0x1a/0x170 [ 357.985659][T10787] ? __pfx_n_tty_open+0x10/0x10 [ 357.985673][T10787] n_tty_open+0x1a/0x170 [ 357.985686][T10787] ? __pfx_n_tty_open+0x10/0x10 [ 357.985699][T10787] tty_ldisc_open+0x9f/0x120 [ 357.985718][T10787] tty_ldisc_setup+0x40/0x100 [ 357.985737][T10787] tty_init_dev.part.0+0x1ec/0x500 [ 357.985761][T10787] tty_init_dev+0x60/0x80 [ 357.985782][T10787] ptmx_open+0x15e/0x3c0 [ 357.985799][T10787] ? __pfx_ptmx_open+0x10/0x10 [ 357.985815][T10787] chrdev_open+0x234/0x6a0 [ 357.985837][T10787] ? __pfx_apparmor_file_open+0x10/0x10 [ 357.985853][T10787] ? __pfx_chrdev_open+0x10/0x10 [ 357.985880][T10787] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 357.985907][T10787] do_dentry_open+0x748/0x1590 [ 357.985928][T10787] ? __pfx_chrdev_open+0x10/0x10 [ 357.985955][T10787] vfs_open+0x82/0x3f0 [ 357.985973][T10787] path_openat+0x2078/0x3140 [ 357.986001][T10787] ? __pfx_path_openat+0x10/0x10 [ 357.986029][T10787] do_filp_open+0x20b/0x470 [ 357.986051][T10787] ? __pfx_do_filp_open+0x10/0x10 [ 357.986087][T10787] ? alloc_fd+0x471/0x7d0 [ 357.986114][T10787] do_sys_openat2+0x121/0x290 [ 357.986129][T10787] ? __pfx_do_sys_openat2+0x10/0x10 [ 357.986153][T10787] __x64_sys_openat+0x174/0x210 [ 357.986170][T10787] ? __pfx___x64_sys_openat+0x10/0x10 [ 357.986195][T10787] do_syscall_64+0xcd/0xf80 [ 357.986219][T10787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.986235][T10787] RIP: 0033:0x7f7aabf8f7c9 [ 357.986249][T10787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.986264][T10787] RSP: 002b:00007f7aacdc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 357.986280][T10787] RAX: ffffffffffffffda RBX: 00007f7aac1e6090 RCX: 00007f7aabf8f7c9 [ 357.986291][T10787] RDX: 000000000000003e RSI: 0000200000000080 RDI: ffffffffffffff9c [ 357.986301][T10787] RBP: 00007f7aac013f91 R08: 0000000000000000 R09: 0000000000000000 [ 357.986316][T10787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 357.986326][T10787] R13: 00007f7aac1e6128 R14: 00007f7aac1e6090 R15: 00007fffb6797568 [ 357.986347][T10787] [ 357.986447][T10787] syz.2.1242: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 359.484642][T10787] ,cpuset=/,mems_allowed=0-1 [ 359.489391][T10787] CPU: 0 UID: 0 PID: 10787 Comm: syz.2.1242 Tainted: G L syzkaller #0 PREEMPT(full) [ 359.489415][T10787] Tainted: [L]=SOFTLOCKUP [ 359.489420][T10787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 359.489429][T10787] Call Trace: [ 359.489435][T10787] [ 359.489441][T10787] dump_stack_lvl+0x16c/0x1f0 [ 359.489468][T10787] warn_alloc+0x248/0x3a0 [ 359.489488][T10787] ? __pfx_warn_alloc+0x10/0x10 [ 359.489508][T10787] ? __get_vm_area_node+0x2cd/0x330 [ 359.489535][T10787] ? __get_vm_area_node+0x2cd/0x330 [ 359.489557][T10787] ? __get_vm_area_node+0x208/0x330 [ 359.489583][T10787] __vmalloc_node_range_noprof+0xbe0/0x16b0 [ 359.489606][T10787] ? n_tty_open+0x1a/0x170 [ 359.489626][T10787] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 359.489644][T10787] ? __ldsem_down_write_nested+0xfd/0x850 [ 359.489659][T10787] ? __ldsem_down_write_nested+0x10e/0x850 [ 359.489673][T10787] ? lockdep_init_map_type+0x5c/0x270 [ 359.489692][T10787] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 359.489710][T10787] ? n_tty_open+0x1a/0x170 [ 359.489723][T10787] __vmalloc_node_noprof+0xad/0xf0 [ 359.489738][T10787] ? n_tty_open+0x1a/0x170 [ 359.489751][T10787] ? __pfx_n_tty_open+0x10/0x10 [ 359.489766][T10787] n_tty_open+0x1a/0x170 [ 359.489779][T10787] ? __pfx_n_tty_open+0x10/0x10 [ 359.489793][T10787] tty_ldisc_open+0x9f/0x120 [ 359.489812][T10787] tty_ldisc_setup+0x40/0x100 [ 359.489832][T10787] tty_init_dev.part.0+0x1ec/0x500 [ 359.489856][T10787] tty_init_dev+0x60/0x80 [ 359.489879][T10787] ptmx_open+0x15e/0x3c0 [ 359.489897][T10787] ? __pfx_ptmx_open+0x10/0x10 [ 359.489914][T10787] chrdev_open+0x234/0x6a0 [ 359.489937][T10787] ? __pfx_apparmor_file_open+0x10/0x10 [ 359.489954][T10787] ? __pfx_chrdev_open+0x10/0x10 [ 359.489977][T10787] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 359.490005][T10787] do_dentry_open+0x748/0x1590 [ 359.490027][T10787] ? __pfx_chrdev_open+0x10/0x10 [ 359.490055][T10787] vfs_open+0x82/0x3f0 [ 359.490074][T10787] path_openat+0x2078/0x3140 [ 359.490102][T10787] ? __pfx_path_openat+0x10/0x10 [ 359.490132][T10787] do_filp_open+0x20b/0x470 [ 359.490159][T10787] ? __pfx_do_filp_open+0x10/0x10 [ 359.490196][T10787] ? alloc_fd+0x471/0x7d0 [ 359.490223][T10787] do_sys_openat2+0x121/0x290 [ 359.490239][T10787] ? __pfx_do_sys_openat2+0x10/0x10 [ 359.490263][T10787] __x64_sys_openat+0x174/0x210 [ 359.490281][T10787] ? __pfx___x64_sys_openat+0x10/0x10 [ 359.490306][T10787] do_syscall_64+0xcd/0xf80 [ 359.490331][T10787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.490347][T10787] RIP: 0033:0x7f7aabf8f7c9 [ 359.490360][T10787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.490375][T10787] RSP: 002b:00007f7aacdc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 359.490390][T10787] RAX: ffffffffffffffda RBX: 00007f7aac1e6090 RCX: 00007f7aabf8f7c9 [ 359.490400][T10787] RDX: 000000000000003e RSI: 0000200000000080 RDI: ffffffffffffff9c [ 359.490410][T10787] RBP: 00007f7aac013f91 R08: 0000000000000000 R09: 0000000000000000 [ 359.490420][T10787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 359.490429][T10787] R13: 00007f7aac1e6128 R14: 00007f7aac1e6090 R15: 00007fffb6797568 [ 359.490449][T10787] [ 359.490455][T10787] Mem-Info: [ 360.489289][T10787] active_anon:18659 inactive_anon:95 isolated_anon:0 [ 360.489289][T10787] active_file:3152 inactive_file:52535 isolated_file:0 [ 360.489289][T10787] unevictable:768 dirty:4 writeback:0 [ 360.489289][T10787] slab_reclaimable:11614 slab_unreclaimable:93895 [ 360.489289][T10787] mapped:42263 shmem:9866 pagetables:1370 [ 360.489289][T10787] sec_pagetables:0 bounce:0 [ 360.489289][T10787] kernel_misc_reclaimable:0 [ 360.489289][T10787] free:1306284 free_pcp:16760 free_cma:0 [ 360.611507][T10787] Node 0 active_anon:73600kB inactive_anon:1500kB active_file:12168kB inactive_file:210112kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:168800kB dirty:116kB writeback:0kB shmem:37824kB shmem_thp:32768kB shmem_pmdmapped:32768kB anon_thp:0kB kernel_stack:12256kB pagetables:5492kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 360.757635][T10787] Node 1 active_anon:0kB inactive_anon:0kB active_file:316kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:316kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 360.846609][T10787] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 360.967601][T10787] lowmem_reserve[]: 0 2481 2483 2483 2483 [ 360.973403][T10787] Node 0 DMA32 free:1314688kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB free_highatomic:0KB active_anon:74560kB inactive_anon:444kB active_file:12372kB inactive_file:210020kB unevictable:1536kB writepending:144kB zspages:7056kB present:3129332kB managed:2541024kB mlocked:0kB bounce:0kB free_pcp:56736kB local_pcp:56736kB free_cma:0kB [ 361.066702][T10801] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 361.095067][T10787] lowmem_reserve[]: 0 0 1 1 1 [ 361.113595][T10787] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 361.209057][T10787] lowmem_reserve[]: 0 0 0 0 0 [ 361.213825][T10787] Node 1 Normal free:3895220kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:316kB inactive_file:132kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:7836kB local_pcp:7836kB free_cma:0kB [ 361.324186][T10787] lowmem_reserve[]: 0 0 0 0 0 [ 361.328954][T10787] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 361.366588][T10787] Node 0 DMA32: 6636*4kB (UM) 4228*8kB (UME) 2192*16kB (UME) 942*32kB (UME) 767*64kB (UME) 553*128kB (UME) 248*256kB (UM) 160*512kB (UM) 139*1024kB (UME) 16*2048kB (UME) 183*4096kB (UM) = 1315536kB [ 361.413721][T10787] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 361.438478][T10787] Node 1 Normal: 205*4kB (UME) 44*8kB (UE) 38*16kB (UE) 228*32kB (UME) 101*64kB (UME) 30*128kB (UE) 14*256kB (UE) 7*512kB (UE) 2*1024kB (ME) 2*2048kB (UE) 943*4096kB (ME) = 3895220kB [ 361.507282][T10787] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 361.545018][T10787] Node 0 hugepages_total=4 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 361.569593][T10787] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 361.602320][T10787] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 361.633937][T10787] 65669 total pagecache pages [ 361.653065][T10787] 118 pages in swap cache [ 361.662944][T10787] Free swap = 58144kB [ 361.674066][T10787] Total swap = 124996kB [ 361.678751][T10787] 2097051 pages RAM [ 361.689103][T10787] 0 pages HighMem/MovableOnly [ 361.705797][T10787] 429769 pages reserved [ 361.716901][T10787] 0 pages cma reserved [ 361.731695][T10787] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 364.681112][T10864] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1260'. [ 366.538253][ C0] vcan0: j1939_tp_rxtimer: 0xffff88801eb99000: rx timeout, send abort [ 366.566295][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88801eb99000: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 368.597646][T10911] random: crng reseeded on system resumption [ 368.628671][T10908] ICMPv6: process `syz.0.1270' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 369.196821][T10925] FAULT_INJECTION: forcing a failure. [ 369.196821][T10925] name failslab, interval 1, probability 393216, space 0, times 0 [ 369.284182][T10925] CPU: 0 UID: 0 PID: 10925 Comm: syz.3.1275 Tainted: G L syzkaller #0 PREEMPT(full) [ 369.284207][T10925] Tainted: [L]=SOFTLOCKUP [ 369.284213][T10925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 369.284222][T10925] Call Trace: [ 369.284228][T10925] [ 369.284234][T10925] dump_stack_lvl+0x16c/0x1f0 [ 369.284261][T10925] should_fail_ex+0x512/0x640 [ 369.284277][T10925] ? kmem_cache_alloc_noprof+0x62/0x770 [ 369.284297][T10925] should_failslab+0xc2/0x120 [ 369.284319][T10925] kmem_cache_alloc_noprof+0x83/0x770 [ 369.284336][T10925] ? security_file_alloc+0x34/0x2b0 [ 369.284358][T10925] ? security_file_alloc+0x34/0x2b0 [ 369.284375][T10925] security_file_alloc+0x34/0x2b0 [ 369.284393][T10925] init_file+0x93/0x4c0 [ 369.284410][T10925] alloc_empty_file+0x73/0x1e0 [ 369.284425][T10925] alloc_file_pseudo+0x13a/0x230 [ 369.284449][T10925] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 369.284470][T10925] __shmem_file_setup+0x1a8/0x350 [ 369.284495][T10925] shmem_zero_setup+0x93/0x1b0 [ 369.284514][T10925] __mmap_region+0x2271/0x2a00 [ 369.284533][T10925] ? __lock_acquire+0x436/0x2890 [ 369.284546][T10925] ? __pfx___mmap_region+0x10/0x10 [ 369.284577][T10925] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 369.284600][T10925] ? is_bpf_text_address+0x94/0x1a0 [ 369.284655][T10925] ? rcu_is_watching+0x12/0xc0 [ 369.284680][T10925] mmap_region+0x1ab/0x3f0 [ 369.284697][T10925] ? __get_unmapped_area+0x267/0x3f0 [ 369.284720][T10925] do_mmap+0xa3e/0x1210 [ 369.284744][T10925] ? __pfx_do_mmap+0x10/0x10 [ 369.284764][T10925] ? __pfx_down_write_killable+0x10/0x10 [ 369.284783][T10925] vm_mmap_pgoff+0x29e/0x470 [ 369.284807][T10925] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 369.284829][T10925] ? __fget_files+0x20e/0x3c0 [ 369.284854][T10925] ksys_mmap_pgoff+0x7d/0x5c0 [ 369.284874][T10925] ? __pfx_ksys_write+0x10/0x10 [ 369.284897][T10925] __x64_sys_mmap+0x125/0x190 [ 369.284914][T10925] do_syscall_64+0xcd/0xf80 [ 369.284938][T10925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.284954][T10925] RIP: 0033:0x7f6834f8f7c9 [ 369.284967][T10925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 369.284981][T10925] RSP: 002b:00007f6835da1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 369.284996][T10925] RAX: ffffffffffffffda RBX: 00007f68351e5fa0 RCX: 00007f6834f8f7c9 [ 369.285005][T10925] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 369.285015][T10925] RBP: 00007f6835da1090 R08: fffffffffffffffa R09: 0000000000008000 [ 369.285025][T10925] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000001 [ 369.285033][T10925] R13: 00007f68351e6038 R14: 00007f68351e5fa0 R15: 00007ffde9d28b68 [ 369.285053][T10925] [ 370.064368][T10936] kvm: kvm [10935]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x2 [ 370.088597][T10936] FAULT_INJECTION: forcing a failure. [ 370.088597][T10936] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 370.113857][T10936] CPU: 0 UID: 0 PID: 10936 Comm: syz.0.1278 Tainted: G L syzkaller #0 PREEMPT(full) [ 370.113889][T10936] Tainted: [L]=SOFTLOCKUP [ 370.113894][T10936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 370.113903][T10936] Call Trace: [ 370.113909][T10936] [ 370.113915][T10936] dump_stack_lvl+0x16c/0x1f0 [ 370.113941][T10936] should_fail_ex+0x512/0x640 [ 370.113961][T10936] _copy_to_user+0x32/0xd0 [ 370.113979][T10936] simple_read_from_buffer+0xcb/0x170 [ 370.114001][T10936] proc_fail_nth_read+0x197/0x240 [ 370.114025][T10936] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 370.114049][T10936] ? rw_verify_area+0xcf/0x6c0 [ 370.114067][T10936] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 370.114090][T10936] vfs_read+0x1e4/0xcf0 [ 370.114111][T10936] ? __pfx___mutex_lock+0x10/0x10 [ 370.114135][T10936] ? __pfx_vfs_read+0x10/0x10 [ 370.114160][T10936] ? __fget_files+0x20e/0x3c0 [ 370.114186][T10936] ksys_read+0x12a/0x250 [ 370.114205][T10936] ? __pfx_ksys_read+0x10/0x10 [ 370.114230][T10936] do_syscall_64+0xcd/0xf80 [ 370.114252][T10936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.114268][T10936] RIP: 0033:0x7fecb658e1dc [ 370.114280][T10936] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 370.114295][T10936] RSP: 002b:00007fecb7391030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 370.114309][T10936] RAX: ffffffffffffffda RBX: 00007fecb67e5fa0 RCX: 00007fecb658e1dc [ 370.114319][T10936] RDX: 000000000000000f RSI: 00007fecb73910a0 RDI: 0000000000000005 [ 370.114328][T10936] RBP: 00007fecb7391090 R08: 0000000000000000 R09: 0000000000000000 [ 370.114337][T10936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 370.114345][T10936] R13: 00007fecb67e6038 R14: 00007fecb67e5fa0 R15: 00007ffff94f23a8 [ 370.114365][T10936] [ 370.542352][T10939] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1279'. [ 370.594590][ T30] audit: type=1800 audit(4294967432.184:20): pid=10939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1279" name="dbroot" dev="configfs" ino=35167 res=0 errno=0 [ 370.687051][T10941] ovs_ÿþÿþ?: entered promiscuous mode [ 370.890138][ T30] audit: type=1800 audit(4294967432.516:21): pid=10947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1282" name="dbroot" dev="configfs" ino=35196 res=0 errno=0 [ 371.329114][T10960] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1285'. [ 371.360780][T10960] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1285'. [ 371.404844][T10967] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1286'. [ 371.421329][T10968] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1287'. [ 372.249959][ T30] audit: type=1800 audit(4294967433.883:22): pid=10978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1291" name="dbroot" dev="configfs" ino=35355 res=0 errno=0 [ 372.404053][T10979] sd 0:0:1:0: PR command failed: 1026 [ 372.404090][T10979] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 372.404119][T10979] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 372.666757][T10983] vhci_hcd vhci_hcd.0: invalid port number 16 [ 372.914341][T10989] openvswitch: HSR: Dropping previously announced user features [ 373.684964][T11009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1301'. [ 375.069419][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880349cd800: rx timeout, send abort [ 375.088368][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880349cd800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 376.331083][T11029] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 377.008164][T11047] FAULT_INJECTION: forcing a failure. [ 377.008164][T11047] name failslab, interval 1, probability 393216, space 0, times 0 [ 377.068515][T11047] CPU: 0 UID: 0 PID: 11047 Comm: syz.0.1311 Tainted: G L syzkaller #0 PREEMPT(full) [ 377.068541][T11047] Tainted: [L]=SOFTLOCKUP [ 377.068546][T11047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 377.068555][T11047] Call Trace: [ 377.068560][T11047] [ 377.068566][T11047] dump_stack_lvl+0x16c/0x1f0 [ 377.068592][T11047] should_fail_ex+0x512/0x640 [ 377.068609][T11047] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 377.068629][T11047] should_failslab+0xc2/0x120 [ 377.068651][T11047] kmem_cache_alloc_node_noprof+0x86/0x800 [ 377.068668][T11047] ? ovs_flow_alloc+0x10e/0x210 [ 377.068684][T11047] ? ovs_flow_alloc+0x1e/0x210 [ 377.068703][T11047] ? ovs_flow_alloc+0x10e/0x210 [ 377.068718][T11047] ovs_flow_alloc+0x10e/0x210 [ 377.068735][T11047] ovs_packet_cmd_execute+0x5cc/0x1660 [ 377.068758][T11047] ? __pfx_ovs_packet_cmd_execute+0x10/0x10 [ 377.068779][T11047] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 377.068805][T11047] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 377.068837][T11047] genl_family_rcv_msg_doit+0x209/0x2f0 [ 377.068862][T11047] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 377.068885][T11047] ? genl_get_cmd+0x194/0x580 [ 377.068910][T11047] ? bpf_lsm_capable+0x9/0x10 [ 377.068929][T11047] ? security_capable+0x7e/0x260 [ 377.068953][T11047] ? ns_capable+0xd7/0x110 [ 377.068973][T11047] genl_rcv_msg+0x55c/0x800 [ 377.068989][T11047] ? __pfx_genl_rcv_msg+0x10/0x10 [ 377.069003][T11047] ? __pfx_ovs_packet_cmd_execute+0x10/0x10 [ 377.069029][T11047] netlink_rcv_skb+0x158/0x420 [ 377.069050][T11047] ? __pfx_genl_rcv_msg+0x10/0x10 [ 377.069065][T11047] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 377.069093][T11047] ? netlink_deliver_tap+0x1ae/0xd30 [ 377.069115][T11047] genl_rcv+0x28/0x40 [ 377.069135][T11047] netlink_unicast+0x5aa/0x870 [ 377.069158][T11047] ? __pfx_netlink_unicast+0x10/0x10 [ 377.069185][T11047] netlink_sendmsg+0x8c8/0xdd0 [ 377.069209][T11047] ? __pfx_netlink_sendmsg+0x10/0x10 [ 377.069232][T11047] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 377.069258][T11047] ____sys_sendmsg+0xa5d/0xc30 [ 377.069282][T11047] ? copy_msghdr_from_user+0x10a/0x160 [ 377.069301][T11047] ? __pfx_____sys_sendmsg+0x10/0x10 [ 377.069335][T11047] ___sys_sendmsg+0x134/0x1d0 [ 377.069354][T11047] ? __pfx____sys_sendmsg+0x10/0x10 [ 377.069395][T11047] __sys_sendmsg+0x16d/0x220 [ 377.069414][T11047] ? __pfx___sys_sendmsg+0x10/0x10 [ 377.069444][T11047] do_syscall_64+0xcd/0xf80 [ 377.069467][T11047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.069483][T11047] RIP: 0033:0x7fecb658f7c9 [ 377.069495][T11047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 377.069509][T11047] RSP: 002b:00007fecb7391038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 377.069523][T11047] RAX: ffffffffffffffda RBX: 00007fecb67e5fa0 RCX: 00007fecb658f7c9 [ 377.069533][T11047] RDX: 000000000000c800 RSI: 0000200000000000 RDI: 0000000000000003 [ 377.069542][T11047] RBP: 00007fecb7391090 R08: 0000000000000000 R09: 0000000000000000 [ 377.069551][T11047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 377.069560][T11047] R13: 00007fecb67e6038 R14: 00007fecb67e5fa0 R15: 00007ffff94f23a8 [ 377.069579][T11047] [ 377.749899][T11050] openvswitch: HSR: Dropping previously announced user features [ 378.107680][T11061] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 379.360757][T11083] FAULT_INJECTION: forcing a failure. [ 379.360757][T11083] name failslab, interval 1, probability 393216, space 0, times 0 [ 379.420141][T11083] CPU: 0 UID: 0 PID: 11083 Comm: syz.0.1320 Tainted: G L syzkaller #0 PREEMPT(full) [ 379.420168][T11083] Tainted: [L]=SOFTLOCKUP [ 379.420174][T11083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 379.420183][T11083] Call Trace: [ 379.420189][T11083] [ 379.420195][T11083] dump_stack_lvl+0x16c/0x1f0 [ 379.420224][T11083] should_fail_ex+0x512/0x640 [ 379.420244][T11083] should_failslab+0xc2/0x120 [ 379.420268][T11083] __kmalloc_noprof+0xeb/0x910 [ 379.420285][T11083] ? ___neigh_create+0x14ec/0x2920 [ 379.420304][T11083] ? ___neigh_create+0x14ec/0x2920 [ 379.420316][T11083] ___neigh_create+0x14ec/0x2920 [ 379.420340][T11083] ? __pfx____neigh_create+0x10/0x10 [ 379.420358][T11083] ip_finish_output2+0x1bb9/0x21a0 [ 379.420387][T11083] ? __pfx_ip_finish_output2+0x10/0x10 [ 379.420410][T11083] ? __pfx_ip_skb_dst_mtu+0x10/0x10 [ 379.420432][T11083] ? __pfx_ip_finish_output+0x10/0x10 [ 379.420458][T11083] __ip_finish_output.part.0+0x1b4/0x350 [ 379.420483][T11083] ip_output+0x35f/0xa90 [ 379.420511][T11083] __ip_queue_xmit+0x1bee/0x2330 [ 379.420530][T11083] ? __pfx_ip_queue_xmit+0x10/0x10 [ 379.420544][T11083] __tcp_transmit_skb+0x2cae/0x48b0 [ 379.420572][T11083] ? __pfx___tcp_transmit_skb+0x10/0x10 [ 379.420602][T11083] ? ktime_get+0x200/0x310 [ 379.420617][T11083] ? lockdep_hardirqs_on+0x7c/0x110 [ 379.420650][T11083] tcp_write_xmit+0x12aa/0x8710 [ 379.420688][T11083] __tcp_push_pending_frames+0xaf/0x3c0 [ 379.420710][T11083] tcp_send_fin+0x11f/0x10e0 [ 379.420733][T11083] __tcp_close+0xa46/0x1120 [ 379.420756][T11083] tcp_close+0x28/0x120 [ 379.420774][T11083] inet_release+0xed/0x200 [ 379.420792][T11083] __sock_release+0xb3/0x270 [ 379.420813][T11083] ? __pfx_sock_close+0x10/0x10 [ 379.420831][T11083] sock_close+0x1c/0x30 [ 379.420849][T11083] __fput+0x402/0xb70 [ 379.420868][T11083] task_work_run+0x150/0x240 [ 379.420885][T11083] ? __pfx_task_work_run+0x10/0x10 [ 379.420900][T11083] ? __pfx_task_work_add+0x10/0x10 [ 379.420917][T11083] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 379.420943][T11083] get_signal+0x1d0/0x26d0 [ 379.420964][T11083] ? __pfx___fput_deferred+0x10/0x10 [ 379.420978][T11083] ? __pfx___file_ref_put+0x10/0x10 [ 379.421002][T11083] ? __pfx_get_signal+0x10/0x10 [ 379.421020][T11083] ? fput+0xcf/0xf0 [ 379.421034][T11083] ? do_sendfile+0x4ea/0xe50 [ 379.421056][T11083] arch_do_signal_or_restart+0x8f/0x7a0 [ 379.421077][T11083] ? __pfx_do_sendfile+0x10/0x10 [ 379.421096][T11083] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 379.421123][T11083] ? __x64_sys_sendfile64+0x189/0x220 [ 379.421141][T11083] exit_to_user_mode_loop+0x8c/0x540 [ 379.421162][T11083] do_syscall_64+0x4ee/0xf80 [ 379.421185][T11083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 379.421201][T11083] RIP: 0033:0x7fecb658f7c9 [ 379.421214][T11083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 379.421229][T11083] RSP: 002b:00007fecb7391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 379.421245][T11083] RAX: fffffffffffffe00 RBX: 00007fecb67e5fa0 RCX: 00007fecb658f7c9 [ 379.421255][T11083] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001 [ 379.421265][T11083] RBP: 00007fecb6613f91 R08: 0000000000000000 R09: 0000000000000000 [ 379.421274][T11083] R10: 00000000000000a1 R11: 0000000000000246 R12: 0000000000000000 [ 379.421284][T11083] R13: 00007fecb67e6038 R14: 00007fecb67e5fa0 R15: 00007ffff94f23a8 [ 379.421305][T11083] [ 380.068289][T11091] FAULT_INJECTION: forcing a failure. [ 380.068289][T11091] name failslab, interval 1, probability 393216, space 0, times 0 [ 380.081663][T11091] CPU: 0 UID: 0 PID: 11091 Comm: syz.2.1322 Tainted: G L syzkaller #0 PREEMPT(full) [ 380.081687][T11091] Tainted: [L]=SOFTLOCKUP [ 380.081693][T11091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 380.081702][T11091] Call Trace: [ 380.081708][T11091] [ 380.081714][T11091] dump_stack_lvl+0x16c/0x1f0 [ 380.081741][T11091] should_fail_ex+0x512/0x640 [ 380.081758][T11091] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 380.081778][T11091] should_failslab+0xc2/0x120 [ 380.081800][T11091] kmem_cache_alloc_node_noprof+0x86/0x800 [ 380.081817][T11091] ? __alloc_skb+0x156/0x410 [ 380.081837][T11091] ? __alloc_skb+0x156/0x410 [ 380.081851][T11091] __alloc_skb+0x156/0x410 [ 380.081866][T11091] ? __pfx___alloc_skb+0x10/0x10 [ 380.081884][T11091] ? tcp_chrono_stop+0x95/0x420 [ 380.081906][T11091] tcp_stream_alloc_skb+0x34/0x670 [ 380.081924][T11091] tcp_connect+0xe35/0x5240 [ 380.081948][T11091] ? find_held_lock+0x2b/0x80 [ 380.081969][T11091] ? __pfx_tcp_connect+0x10/0x10 [ 380.081987][T11091] ? __pfx_tcp_fastopen_defer_connect+0x10/0x10 [ 380.082019][T11091] tcp_v4_connect+0x1588/0x1c10 [ 380.082042][T11091] ? __pfx_tcp_v4_connect+0x10/0x10 [ 380.082063][T11091] __inet_stream_connect+0x915/0xf50 [ 380.082085][T11091] ? __pfx___inet_stream_connect+0x10/0x10 [ 380.082111][T11091] tcp_sendmsg_fastopen+0x3ed/0x750 [ 380.082131][T11091] tcp_sendmsg_locked+0x2410/0x42a0 [ 380.082152][T11091] ? __lock_acquire+0x436/0x2890 [ 380.082168][T11091] ? smc_switch_to_fallback+0x5a2/0x9c0 [ 380.082187][T11091] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 380.082205][T11091] ? do_raw_spin_lock+0x12c/0x2b0 [ 380.082222][T11091] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 380.082243][T11091] ? __local_bh_enable_ip+0xa4/0x120 [ 380.082266][T11091] tcp_sendmsg+0x2e/0x50 [ 380.082280][T11091] ? __pfx_tcp_sendmsg+0x10/0x10 [ 380.082295][T11091] inet_sendmsg+0xb9/0x140 [ 380.082312][T11091] smc_sendmsg+0x224/0x520 [ 380.082329][T11091] ____sys_sendmsg+0xa5d/0xc30 [ 380.082353][T11091] ? __pfx_____sys_sendmsg+0x10/0x10 [ 380.082392][T11091] ? __pfx__kstrtoull+0x10/0x10 [ 380.082416][T11091] ___sys_sendmsg+0x134/0x1d0 [ 380.082436][T11091] ? __pfx____sys_sendmsg+0x10/0x10 [ 380.082463][T11091] ? find_held_lock+0x2b/0x80 [ 380.082492][T11091] __sys_sendmmsg+0x200/0x420 [ 380.082513][T11091] ? __pfx___sys_sendmmsg+0x10/0x10 [ 380.082538][T11091] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 380.082568][T11091] ? fput+0x70/0xf0 [ 380.082582][T11091] ? ksys_write+0x1ac/0x250 [ 380.082606][T11091] ? __pfx_ksys_write+0x10/0x10 [ 380.082629][T11091] __x64_sys_sendmmsg+0x9c/0x100 [ 380.082647][T11091] ? lockdep_hardirqs_on+0x7c/0x110 [ 380.082668][T11091] do_syscall_64+0xcd/0xf80 [ 380.082690][T11091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.082705][T11091] RIP: 0033:0x7f7aabf8f7c9 [ 380.082717][T11091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 380.082732][T11091] RSP: 002b:00007f7aacdc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 380.082746][T11091] RAX: ffffffffffffffda RBX: 00007f7aac1e6090 RCX: 00007f7aabf8f7c9 [ 380.082756][T11091] RDX: 0000000000000007 RSI: 0000200000000140 RDI: 0000000000000003 [ 380.082765][T11091] RBP: 00007f7aacdc4090 R08: 0000000000000000 R09: 0000000000000000 [ 380.082774][T11091] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 380.082783][T11091] R13: 00007f7aac1e6128 R14: 00007f7aac1e6090 R15: 00007fffb6797568 [ 380.082802][T11091] [ 380.977308][T11102] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1326'. [ 382.255833][T11121] FAULT_INJECTION: forcing a failure. [ 382.255833][T11121] name failslab, interval 1, probability 393216, space 0, times 0 [ 382.319967][T11121] CPU: 0 UID: 0 PID: 11121 Comm: syz.1.1332 Tainted: G L syzkaller #0 PREEMPT(full) [ 382.319992][T11121] Tainted: [L]=SOFTLOCKUP [ 382.319997][T11121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 382.320006][T11121] Call Trace: [ 382.320012][T11121] [ 382.320018][T11121] dump_stack_lvl+0x16c/0x1f0 [ 382.320044][T11121] should_fail_ex+0x512/0x640 [ 382.320062][T11121] ? kmem_cache_alloc_noprof+0x62/0x770 [ 382.320082][T11121] should_failslab+0xc2/0x120 [ 382.320104][T11121] kmem_cache_alloc_noprof+0x83/0x770 [ 382.320122][T11121] ? ptlock_alloc+0x1f/0x70 [ 382.320140][T11121] ? ptlock_alloc+0x1f/0x70 [ 382.320154][T11121] ptlock_alloc+0x1f/0x70 [ 382.320168][T11121] pte_alloc_one+0x84/0x3d0 [ 382.320189][T11121] do_fault+0x8b8/0x1ad0 [ 382.320209][T11121] ? __pfx_filemap_map_pages+0x10/0x10 [ 382.320227][T11121] ? __pmd_alloc+0x6aa/0x9c0 [ 382.320249][T11121] __handle_mm_fault+0x1919/0x2bb0 [ 382.320270][T11121] ? __pfx___handle_mm_fault+0x10/0x10 [ 382.320296][T11121] ? find_vma+0xbf/0x140 [ 382.320315][T11121] ? __pfx_find_vma+0x10/0x10 [ 382.320342][T11121] handle_mm_fault+0x3fe/0xad0 [ 382.320362][T11121] do_user_addr_fault+0x7a6/0x1370 [ 382.320381][T11121] ? rcu_is_watching+0x12/0xc0 [ 382.320404][T11121] exc_page_fault+0x64/0xc0 [ 382.320425][T11121] asm_exc_page_fault+0x26/0x30 [ 382.320440][T11121] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 382.320458][T11121] Code: 81 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 382.320473][T11121] RSP: 0018:ffffc900025bfbf8 EFLAGS: 00050206 [ 382.320485][T11121] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000bb8 [ 382.320495][T11121] RDX: ffffed100f862577 RSI: 0000000000000000 RDI: ffff88807c312000 [ 382.320504][T11121] RBP: 0000000000000bb8 R08: 0000000000000001 R09: ffffed100f862576 [ 382.320513][T11121] R10: ffff88807c312bb7 R11: 0000000000000000 R12: 0000000000000000 [ 382.320522][T11121] R13: ffff88807c312000 R14: ffffc900025bfc60 R15: ffff888033afa000 [ 382.320541][T11121] _copy_from_user+0x98/0xd0 [ 382.320559][T11121] do_semtimedop+0x182/0x2e0 [ 382.320577][T11121] ? __pfx_do_semtimedop+0x10/0x10 [ 382.320615][T11121] ? __fget_files+0x20e/0x3c0 [ 382.320640][T11121] __x64_sys_semtimedop+0x1b4/0x1f0 [ 382.320657][T11121] ? __pfx___x64_sys_semtimedop+0x10/0x10 [ 382.320680][T11121] do_syscall_64+0xcd/0xf80 [ 382.320702][T11121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.320716][T11121] RIP: 0033:0x7f519158f7c9 [ 382.320728][T11121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 382.320742][T11121] RSP: 002b:00007f51924f9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dc [ 382.320755][T11121] RAX: ffffffffffffffda RBX: 00007f51917e5fa0 RCX: 00007f519158f7c9 [ 382.320764][T11121] RDX: 00000000000001f4 RSI: 0000000000000000 RDI: 0000000000000000 [ 382.320773][T11121] RBP: 00007f51924f9090 R08: 0000000000000000 R09: 0000000000000000 [ 382.320782][T11121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 382.320791][T11121] R13: 00007f51917e6038 R14: 00007f51917e5fa0 R15: 00007ffff1827978 [ 382.320811][T11121] [ 382.705500][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 382.711803][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.497648][T11111] netlink: 'syz.0.1329': attribute type 1 has an invalid length. [ 384.524300][T11166] FAULT_INJECTION: forcing a failure. [ 384.524300][T11166] name failslab, interval 1, probability 393216, space 0, times 0 [ 384.602258][T11166] CPU: 0 UID: 0 PID: 11166 Comm: syz.0.1342 Tainted: G L syzkaller #0 PREEMPT(full) [ 384.602285][T11166] Tainted: [L]=SOFTLOCKUP [ 384.602290][T11166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 384.602299][T11166] Call Trace: [ 384.602304][T11166] [ 384.602310][T11166] dump_stack_lvl+0x16c/0x1f0 [ 384.602336][T11166] should_fail_ex+0x512/0x640 [ 384.602353][T11166] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 384.602373][T11166] should_failslab+0xc2/0x120 [ 384.602395][T11166] kmem_cache_alloc_noprof+0x83/0x770 [ 384.602414][T11166] ? skb_clone+0x190/0x3f0 [ 384.602435][T11166] ? skb_clone+0x190/0x3f0 [ 384.602452][T11166] skb_clone+0x190/0x3f0 [ 384.602471][T11166] netlink_deliver_tap+0xabd/0xd30 [ 384.602495][T11166] netlink_unicast+0x64c/0x870 [ 384.602518][T11166] ? __pfx_netlink_unicast+0x10/0x10 [ 384.602545][T11166] netlink_sendmsg+0x8c8/0xdd0 [ 384.602569][T11166] ? __pfx_netlink_sendmsg+0x10/0x10 [ 384.602591][T11166] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 384.602618][T11166] ____sys_sendmsg+0xa5d/0xc30 [ 384.602640][T11166] ? copy_msghdr_from_user+0x10a/0x160 [ 384.602659][T11166] ? __pfx_____sys_sendmsg+0x10/0x10 [ 384.602690][T11166] ___sys_sendmsg+0x134/0x1d0 [ 384.602709][T11166] ? __pfx____sys_sendmsg+0x10/0x10 [ 384.602749][T11166] __sys_sendmsg+0x16d/0x220 [ 384.602767][T11166] ? __pfx___sys_sendmsg+0x10/0x10 [ 384.602797][T11166] do_syscall_64+0xcd/0xf80 [ 384.602821][T11166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.602836][T11166] RIP: 0033:0x7fecb658f7c9 [ 384.602849][T11166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 384.602864][T11166] RSP: 002b:00007fecb7391038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 384.602879][T11166] RAX: ffffffffffffffda RBX: 00007fecb67e5fa0 RCX: 00007fecb658f7c9 [ 384.602889][T11166] RDX: 0000000000004000 RSI: 0000200000001640 RDI: 0000000000000003 [ 384.602898][T11166] RBP: 00007fecb7391090 R08: 0000000000000000 R09: 0000000000000000 [ 384.602907][T11166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 384.602915][T11166] R13: 00007fecb67e6038 R14: 00007fecb67e5fa0 R15: 00007ffff94f23a8 [ 384.602935][T11166] [ 384.844785][T11170] FAULT_INJECTION: forcing a failure. [ 384.844785][T11170] name failslab, interval 1, probability 393216, space 0, times 0 [ 384.858057][T11170] CPU: 0 UID: 0 PID: 11170 Comm: syz.3.1343 Tainted: G L syzkaller #0 PREEMPT(full) [ 384.858081][T11170] Tainted: [L]=SOFTLOCKUP [ 384.858086][T11170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 384.858094][T11170] Call Trace: [ 384.858100][T11170] [ 384.858106][T11170] dump_stack_lvl+0x16c/0x1f0 [ 384.858133][T11170] should_fail_ex+0x512/0x640 [ 384.858149][T11170] ? kmem_cache_alloc_noprof+0x62/0x770 [ 384.858170][T11170] should_failslab+0xc2/0x120 [ 384.858191][T11170] kmem_cache_alloc_noprof+0x83/0x770 [ 384.858209][T11170] ? __anon_vma_prepare+0xae/0x5e0 [ 384.858228][T11170] ? __anon_vma_prepare+0xae/0x5e0 [ 384.858249][T11170] __anon_vma_prepare+0xae/0x5e0 [ 384.858265][T11170] ? __pfx___pte_alloc+0x10/0x10 [ 384.858286][T11170] __vmf_anon_prepare+0x11c/0x240 [ 384.858309][T11170] do_anonymous_page+0x59b/0x2190 [ 384.858325][T11170] ? do_raw_spin_unlock+0x172/0x230 [ 384.858344][T11170] ? __pmd_alloc+0x6aa/0x9c0 [ 384.858366][T11170] __handle_mm_fault+0x1ecf/0x2bb0 [ 384.858387][T11170] ? __pfx___handle_mm_fault+0x10/0x10 [ 384.858418][T11170] handle_mm_fault+0x3fe/0xad0 [ 384.858437][T11170] __get_user_pages+0x54e/0x3590 [ 384.858466][T11170] ? __pfx___get_user_pages+0x10/0x10 [ 384.858493][T11170] populate_vma_page_range+0x267/0x3f0 [ 384.858516][T11170] ? __pfx_populate_vma_page_range+0x10/0x10 [ 384.858537][T11170] ? __pfx_find_vma_intersection+0x10/0x10 [ 384.858559][T11170] ? do_mmap+0x69c/0x1210 [ 384.858581][T11170] __mm_populate+0x1d8/0x380 [ 384.858604][T11170] ? __pfx___mm_populate+0x10/0x10 [ 384.858627][T11170] ? up_write+0x282/0x4e0 [ 384.858645][T11170] vm_mmap_pgoff+0x37f/0x470 [ 384.858667][T11170] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 384.858689][T11170] ? __fget_files+0x20e/0x3c0 [ 384.858715][T11170] ksys_mmap_pgoff+0x7d/0x5c0 [ 384.858735][T11170] ? __pfx_ksys_write+0x10/0x10 [ 384.858757][T11170] __x64_sys_mmap+0x125/0x190 [ 384.858775][T11170] do_syscall_64+0xcd/0xf80 [ 384.858798][T11170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.858813][T11170] RIP: 0033:0x7f6834f8f7c9 [ 384.858826][T11170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 384.858841][T11170] RSP: 002b:00007f6835da1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 384.858855][T11170] RAX: ffffffffffffffda RBX: 00007f68351e5fa0 RCX: 00007f6834f8f7c9 [ 384.858866][T11170] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 384.858874][T11170] RBP: 00007f6835da1090 R08: 0000000000000002 R09: 0000000000008000 [ 384.858884][T11170] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000001 [ 384.858893][T11170] R13: 00007f68351e6038 R14: 00007f68351e5fa0 R15: 00007ffde9d28b68 [ 384.858913][T11170] [ 385.527051][T11145] ICMPv6: process `syz.1.1339' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 385.857016][T11186] FAULT_INJECTION: forcing a failure. [ 385.857016][T11186] name failslab, interval 1, probability 393216, space 0, times 0 [ 385.901764][T11186] CPU: 0 UID: 0 PID: 11186 Comm: syz.0.1347 Tainted: G L syzkaller #0 PREEMPT(full) [ 385.901793][T11186] Tainted: [L]=SOFTLOCKUP [ 385.901798][T11186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 385.901807][T11186] Call Trace: [ 385.901812][T11186] [ 385.901818][T11186] dump_stack_lvl+0x16c/0x1f0 [ 385.901844][T11186] should_fail_ex+0x512/0x640 [ 385.901860][T11186] ? fs_reclaim_acquire+0xae/0x150 [ 385.901885][T11186] should_failslab+0xc2/0x120 [ 385.901907][T11186] __kmalloc_noprof+0xeb/0x910 [ 385.901924][T11186] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 385.901963][T11186] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 385.901981][T11186] tomoyo_realpath_from_path+0xc2/0x6e0 [ 385.902006][T11186] tomoyo_check_open_permission+0x2ab/0x3c0 [ 385.902024][T11186] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 385.902069][T11186] ? do_raw_spin_lock+0x12c/0x2b0 [ 385.902092][T11186] tomoyo_file_open+0x6b/0x90 [ 385.902115][T11186] security_file_open+0x84/0x1e0 [ 385.902134][T11186] do_dentry_open+0x597/0x1590 [ 385.902157][T11186] ? security_inode_permission+0xbf/0x260 [ 385.902176][T11186] vfs_open+0x82/0x3f0 [ 385.902194][T11186] path_openat+0x2078/0x3140 [ 385.902222][T11186] ? __pfx_path_openat+0x10/0x10 [ 385.902249][T11186] do_filp_open+0x20b/0x470 [ 385.902271][T11186] ? __pfx_do_filp_open+0x10/0x10 [ 385.902305][T11186] ? alloc_fd+0x471/0x7d0 [ 385.902331][T11186] do_sys_openat2+0x121/0x290 [ 385.902348][T11186] ? __pfx_do_sys_openat2+0x10/0x10 [ 385.902366][T11186] ? __fget_files+0x20e/0x3c0 [ 385.902389][T11186] __x64_sys_openat+0x174/0x210 [ 385.902406][T11186] ? __pfx___x64_sys_openat+0x10/0x10 [ 385.902422][T11186] ? ksys_write+0x1ac/0x250 [ 385.902448][T11186] do_syscall_64+0xcd/0xf80 [ 385.902471][T11186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 385.902486][T11186] RIP: 0033:0x7fecb658f7c9 [ 385.902500][T11186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 385.902514][T11186] RSP: 002b:00007fecb7391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 385.902529][T11186] RAX: ffffffffffffffda RBX: 00007fecb67e5fa0 RCX: 00007fecb658f7c9 [ 385.902539][T11186] RDX: 0000000000000040 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 385.902548][T11186] RBP: 00007fecb7391090 R08: 0000000000000000 R09: 0000000000000000 [ 385.902558][T11186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 385.902566][T11186] R13: 00007fecb67e6038 R14: 00007fecb67e5fa0 R15: 00007ffff94f23a8 [ 385.902586][T11186] [ 385.902639][T11186] ERROR: Out of memory at tomoyo_realpath_from_path. [ 386.330873][ T5829] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 386.373981][ T5829] CPU: 0 UID: 0 PID: 5829 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 386.374008][ T5829] Tainted: [L]=SOFTLOCKUP [ 386.374014][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 386.374023][ T5829] Call Trace: [ 386.374029][ T5829] [ 386.374035][ T5829] dump_stack_lvl+0x16c/0x1f0 [ 386.374062][ T5829] dump_header+0x101/0x960 [ 386.374081][ T5829] oom_kill_process+0x176/0x910 [ 386.374099][ T5829] out_of_memory+0x350/0x1700 [ 386.374115][ T5829] ? __lock_acquire+0x436/0x2890 [ 386.374131][ T5829] ? __pfx_out_of_memory+0x10/0x10 [ 386.374153][ T5829] mem_cgroup_out_of_memory+0x118/0x130 [ 386.374171][ T5829] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 386.374193][ T5829] ? do_raw_spin_unlock+0x172/0x230 [ 386.374213][ T5829] try_charge_memcg+0x695/0xd30 [ 386.374239][ T5829] ? __pfx_try_charge_memcg+0x10/0x10 [ 386.374264][ T5829] ? find_held_lock+0x2b/0x80 [ 386.374286][ T5829] charge_memcg+0x8a/0x230 [ 386.374308][ T5829] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 386.374325][ T5829] __read_swap_cache_async+0x397/0x500 [ 386.374346][ T5829] ? __pfx___read_swap_cache_async+0x10/0x10 [ 386.374376][ T5829] swap_cluster_readahead+0x432/0x770 [ 386.374399][ T5829] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 386.374420][ T5829] ? trace_pelt_se_tp+0xed/0x130 [ 386.374434][ T5829] ? __update_load_avg_se+0x3fb/0x940 [ 386.374459][ T5829] ? update_load_avg+0x233/0x2220 [ 386.374474][ T5829] ? get_vma_policy+0x242/0x3c0 [ 386.374489][ T5829] swapin_readahead+0x160/0x1220 [ 386.374514][ T5829] ? __pfx_swapin_readahead+0x10/0x10 [ 386.374532][ T5829] ? find_held_lock+0x2b/0x80 [ 386.374549][ T5829] ? swap_cache_get_folio+0x267/0x8e0 [ 386.374565][ T5829] ? swap_cache_get_folio+0x267/0x8e0 [ 386.374580][ T5829] ? swap_cache_get_folio+0x267/0x8e0 [ 386.374598][ T5829] ? swap_cache_get_folio+0x267/0x8e0 [ 386.374615][ T5829] ? swap_cache_get_folio+0x293/0x8e0 [ 386.374633][ T5829] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 386.374649][ T5829] ? __pfx_get_swap_device+0x10/0x10 [ 386.374669][ T5829] ? rcu_read_unlock+0x2d/0xb0 [ 386.374688][ T5829] ? do_swap_page+0x962/0x64a0 [ 386.374702][ T5829] do_swap_page+0x962/0x64a0 [ 386.374720][ T5829] ? __lock_acquire+0x436/0x2890 [ 386.374738][ T5829] ? __pfx_do_swap_page+0x10/0x10 [ 386.374755][ T5829] ? __pfx_default_wake_function+0x10/0x10 [ 386.374776][ T5829] ? rcu_is_watching+0x12/0xc0 [ 386.374795][ T5829] ? __free_object+0x286/0x410 [ 386.374818][ T5829] ? rcu_is_watching+0x12/0xc0 [ 386.374837][ T5829] ? ___pte_offset_map+0x175/0x380 [ 386.374860][ T5829] __handle_mm_fault+0x19cb/0x2bb0 [ 386.374879][ T5829] ? reacquire_held_locks+0xcd/0x1f0 [ 386.374893][ T5829] ? __pfx___handle_mm_fault+0x10/0x10 [ 386.374911][ T5829] ? lock_vma_under_rcu+0x176/0x580 [ 386.374933][ T5829] ? get_timespec64+0x136/0x1b0 [ 386.374952][ T5829] handle_mm_fault+0x3fe/0xad0 [ 386.374971][ T5829] do_user_addr_fault+0x60c/0x1370 [ 386.374991][ T5829] ? rcu_is_watching+0x12/0xc0 [ 386.375015][ T5829] exc_page_fault+0x64/0xc0 [ 386.375037][ T5829] asm_exc_page_fault+0x26/0x30 [ 386.375051][ T5829] RIP: 0033:0x7f51915c2088 [ 386.375065][ T5829] Code: 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f [ 386.375079][ T5829] RSP: 002b:00007ffff1827c90 EFLAGS: 00010293 [ 386.375092][ T5829] RAX: 0000000000000000 RBX: 000000000000036c RCX: 00007f51915c2085 [ 386.375101][ T5829] RDX: 00007ffff1827cd0 RSI: 0000000000000000 RDI: 0000000000000000 [ 386.375110][ T5829] RBP: 00007ffff1827d3c R08: 0000000000000000 R09: 0000000000000000 [ 386.375119][ T5829] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388 [ 386.375128][ T5829] R13: 00000000000927c0 R14: 000000000005e78c R15: 00007ffff1827d90 [ 386.375147][ T5829] [ 386.375384][ T5829] memory: usage 3072kB, limit 3072kB, failcnt 79503 [ 388.606768][ T5829] memory+swap: usage 928kB, limit 9007199254740988kB, failcnt 0 [ 388.640197][ T5829] kmem: usage 660kB, limit 9007199254740988kB, failcnt 0 [ 388.693235][ T5829] Memory cgroup stats for /syz1: [ 388.693345][ T5829] cache 0 [ 388.739183][T11235] input: f¬ as /devices/virtual/input/input16 [ 388.756672][ T5829] rss 0 [ 388.777861][ T5829] rss_huge 0 [ 388.781086][ T5829] shmem 0 [ 388.822629][ T5829] mapped_file 0 [ 388.836410][ T5829] dirty 0 [ 388.839367][ T5829] writeback 0 [ 388.874888][ T5829] workingset_refault_anon 8730 [ 388.879685][ T5829] workingset_refault_file 21142 [ 388.937804][ T5829] swap 53248 [ 388.969569][ T5829] swapcached 16384 [ 389.007234][ T5829] pgpgin 355544 [ 389.024639][ T5829] pgpgout 356051 [ 389.049584][ T5829] pgfault 214735 [ 389.070299][ T5829] pgmajfault 3229 [ 389.073954][ T5829] inactive_anon 4096 [ 389.093334][ T5829] active_anon 12288 [ 389.124069][ T5829] inactive_file 0 [ 389.131940][T11245] QAT: Stopping all acceleration devices. [ 389.155109][ T5829] active_file 0 [ 389.158584][ T5829] unevictable 0 [ 389.185448][ T5829] hierarchical_memory_limit 3145728 [ 389.200895][ T5829] hierarchical_memsw_limit 9223372036854771712 [ 389.242897][ T5829] total_cache 0 [ 389.264076][ T5829] total_rss 0 [ 389.267379][ T5829] total_rss_huge 0 [ 389.294356][ T5834] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 389.294383][ T5834] Bluetooth: hci1: unexpected subevent 0x0a length: 725 > 30 [ 389.319964][ T5829] total_shmem 0 [ 389.338902][ T5829] total_mapped_file 0 [ 389.362134][ T5829] total_dirty 0 [ 389.404036][ T5829] total_writeback 0 [ 389.432913][ T5829] total_workingset_refault_anon 8730 [ 389.473777][ T5829] total_workingset_refault_file 21142 [ 389.513903][ T5829] total_swap 53248 [ 389.546119][ T5829] total_swapcached 16384 [ 389.583538][ T5829] total_pgpgin 355544 [ 389.602051][ T5829] total_pgpgout 356051 [ 389.637967][ T5829] total_pgfault 214735 [ 389.642058][ T5829] total_pgmajfault 3229 [ 389.710757][ T5829] total_inactive_anon 4096 [ 389.738416][ T5829] total_active_anon 12288 [ 389.762734][ T5829] total_inactive_file 0 [ 389.793612][ T5829] total_active_file 0 [ 389.826109][ T5829] total_unevictable 0 [ 389.844546][ T5829] anon_cost 0 [ 389.864367][ T5829] file_cost 0 [ 389.892200][ T5829] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1348,pid=11182,uid=0 [ 389.975127][ T5829] Memory cgroup out of memory: OOM victim 11182 (syz.1.1348) is already exiting. Skip killing the task [ 390.566301][T11278] FAULT_INJECTION: forcing a failure. [ 390.566301][T11278] name failslab, interval 1, probability 393216, space 0, times 0 [ 390.625160][T11278] CPU: 0 UID: 0 PID: 11278 Comm: syz.0.1364 Tainted: G L syzkaller #0 PREEMPT(full) [ 390.625186][T11278] Tainted: [L]=SOFTLOCKUP [ 390.625192][T11278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 390.625201][T11278] Call Trace: [ 390.625207][T11278] [ 390.625213][T11278] dump_stack_lvl+0x16c/0x1f0 [ 390.625240][T11278] should_fail_ex+0x512/0x640 [ 390.625257][T11278] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 390.625282][T11278] should_failslab+0xc2/0x120 [ 390.625303][T11278] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 390.625325][T11278] ? __request_module+0x2cb/0x660 [ 390.625347][T11278] ? kstrdup+0x53/0x100 [ 390.625363][T11278] kstrdup+0x53/0x100 [ 390.625380][T11278] __request_module+0x2cb/0x660 [ 390.625399][T11278] ? __pfx___request_module+0x10/0x10 [ 390.625424][T11278] ? crypto_alg_lookup+0x113/0x1e0 [ 390.625445][T11278] ? crypto_alg_mod_lookup+0x379/0x520 [ 390.625467][T11278] crypto_alg_mod_lookup+0x402/0x520 [ 390.625487][T11278] crypto_has_alg+0x22/0x80 [ 390.625505][T11278] zswap_compressor_param_set+0x10c/0xa80 [ 390.625526][T11278] param_attr_store+0x199/0x300 [ 390.625548][T11278] ? __pfx_param_attr_store+0x10/0x10 [ 390.625566][T11278] module_attr_store+0x58/0x80 [ 390.625582][T11278] ? __pfx_module_attr_store+0x10/0x10 [ 390.625599][T11278] sysfs_kf_write+0xf2/0x150 [ 390.625616][T11278] kernfs_fop_write_iter+0x3af/0x570 [ 390.625637][T11278] ? __pfx_sysfs_kf_write+0x10/0x10 [ 390.625654][T11278] vfs_write+0x7d3/0x11d0 [ 390.625675][T11278] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 390.625699][T11278] ? __pfx_vfs_write+0x10/0x10 [ 390.625731][T11278] ksys_write+0x12a/0x250 [ 390.625751][T11278] ? __pfx_ksys_write+0x10/0x10 [ 390.625777][T11278] do_syscall_64+0xcd/0xf80 [ 390.625800][T11278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.625816][T11278] RIP: 0033:0x7fecb658f7c9 [ 390.625829][T11278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 390.625843][T11278] RSP: 002b:00007fecb7391038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 390.625858][T11278] RAX: ffffffffffffffda RBX: 00007fecb67e5fa0 RCX: 00007fecb658f7c9 [ 390.625868][T11278] RDX: 0000000000000001 RSI: 0000200000003900 RDI: 0000000000000003 [ 390.625877][T11278] RBP: 00007fecb7391090 R08: 0000000000000000 R09: 0000000000000000 [ 390.625886][T11278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 390.625895][T11278] R13: 00007fecb67e6038 R14: 00007fecb67e5fa0 R15: 00007ffff94f23a8 [ 390.625915][T11278] [ 390.626012][T11278] zswap: compressor not available [ 391.294053][T11298] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1370'. [ 391.547063][ T8066] ================================================================== [ 391.547077][ T8066] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60 [ 391.547105][ T8066] Write of size 8 at addr ffffc90003be94a0 by task kworker/0:9/8066 [ 391.547119][ T8066] [ 391.547128][ T8066] CPU: 0 UID: 0 PID: 8066 Comm: kworker/0:9 Tainted: G L syzkaller #0 PREEMPT(full) [ 391.547150][ T8066] Tainted: [L]=SOFTLOCKUP [ 391.547155][ T8066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 391.547165][ T8066] Workqueue: events_power_efficient fb_flashcursor [ 391.547181][ T8066] Call Trace: [ 391.547186][ T8066] [ 391.547192][ T8066] dump_stack_lvl+0x116/0x1f0 [ 391.547214][ T8066] print_report+0xcd/0x630 [ 391.547235][ T8066] ? __virt_addr_valid+0x81/0x610 [ 391.547258][ T8066] ? sys_imageblit+0x1a6f/0x1e60 [ 391.547277][ T8066] kasan_report+0xe0/0x110 [ 391.547298][ T8066] ? sys_imageblit+0x1a6f/0x1e60 [ 391.547319][ T8066] sys_imageblit+0x1a6f/0x1e60 [ 391.547342][ T8066] ? __pfx_sys_imageblit+0x10/0x10 [ 391.547368][ T8066] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 391.547392][ T8066] soft_cursor+0x524/0xa10 [ 391.547411][ T8066] bit_cursor+0xe8c/0x17e0 [ 391.547429][ T8066] ? __pfx_bit_cursor+0x10/0x10 [ 391.547448][ T8066] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 391.547470][ T8066] ? get_color+0x1da/0x450 [ 391.547484][ T8066] ? __pfx_bit_cursor+0x10/0x10 [ 391.547500][ T8066] fb_flashcursor+0x333/0x420 [ 391.547514][ T8066] process_one_work+0x9ba/0x1b20 [ 391.547533][ T8066] ? __pfx_process_one_work+0x10/0x10 [ 391.547551][ T8066] ? assign_work+0x1a0/0x250 [ 391.547566][ T8066] worker_thread+0x6c8/0xf10 [ 391.547583][ T8066] ? __kthread_parkme+0x19e/0x250 [ 391.547604][ T8066] ? __pfx_worker_thread+0x10/0x10 [ 391.547619][ T8066] kthread+0x3c5/0x780 [ 391.547633][ T8066] ? __pfx_kthread+0x10/0x10 [ 391.547647][ T8066] ? rcu_is_watching+0x12/0xc0 [ 391.547666][ T8066] ? __pfx_kthread+0x10/0x10 [ 391.547680][ T8066] ret_from_fork+0x983/0xb10 [ 391.547695][ T8066] ? __pfx_ret_from_fork+0x10/0x10 [ 391.547710][ T8066] ? __switch_to+0x7af/0x10d0 [ 391.547733][ T8066] ? __pfx_kthread+0x10/0x10 [ 391.547747][ T8066] ret_from_fork_asm+0x1a/0x30 [ 391.547773][ T8066] [ 391.547778][ T8066] [ 391.547782][ T8066] The buggy address belongs to a vmalloc virtual mapping [ 391.547797][ T8066] Memory state around the buggy address: [ 391.547806][ T8066] ffffc90003be9380: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 391.547817][ T8066] ffffc90003be9400: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 391.547827][ T8066] >ffffc90003be9480: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 391.547835][ T8066] ^ [ 391.547843][ T8066] ffffc90003be9500: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 391.547853][ T8066] ffffc90003be9580: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 391.547861][ T8066] ================================================================== [ 391.547869][ T8066] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 391.547880][ T8066] CPU: 0 UID: 0 PID: 8066 Comm: kworker/0:9 Tainted: G L syzkaller #0 PREEMPT(full) [ 391.547900][ T8066] Tainted: [L]=SOFTLOCKUP [ 391.547906][ T8066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 391.547915][ T8066] Workqueue: events_power_efficient fb_flashcursor [ 391.547930][ T8066] Call Trace: [ 391.547935][ T8066] [ 391.547940][ T8066] dump_stack_lvl+0x3d/0x1f0 [ 391.547961][ T8066] vpanic+0x640/0x6f0 [ 391.547976][ T8066] panic+0xca/0xd0 [ 391.547989][ T8066] ? __pfx_panic+0x10/0x10 [ 391.548006][ T8066] ? check_panic_on_warn+0x1f/0xb0 [ 391.548021][ T8066] check_panic_on_warn+0xab/0xb0 [ 391.548036][ T8066] end_report+0x107/0x160 [ 391.548057][ T8066] kasan_report+0xee/0x110 [ 391.548077][ T8066] ? sys_imageblit+0x1a6f/0x1e60 [ 391.548099][ T8066] sys_imageblit+0x1a6f/0x1e60 [ 391.548121][ T8066] ? __pfx_sys_imageblit+0x10/0x10 [ 391.548148][ T8066] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 391.548170][ T8066] soft_cursor+0x524/0xa10 [ 391.548190][ T8066] bit_cursor+0xe8c/0x17e0 [ 391.548208][ T8066] ? __pfx_bit_cursor+0x10/0x10 [ 391.548227][ T8066] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 391.548248][ T8066] ? get_color+0x1da/0x450 [ 391.548262][ T8066] ? __pfx_bit_cursor+0x10/0x10 [ 391.548278][ T8066] fb_flashcursor+0x333/0x420 [ 391.548293][ T8066] process_one_work+0x9ba/0x1b20 [ 391.548311][ T8066] ? __pfx_process_one_work+0x10/0x10 [ 391.548329][ T8066] ? assign_work+0x1a0/0x250 [ 391.548344][ T8066] worker_thread+0x6c8/0xf10 [ 391.548362][ T8066] ? __kthread_parkme+0x19e/0x250 [ 391.548381][ T8066] ? __pfx_worker_thread+0x10/0x10 [ 391.548397][ T8066] kthread+0x3c5/0x780 [ 391.548411][ T8066] ? __pfx_kthread+0x10/0x10 [ 391.548425][ T8066] ? rcu_is_watching+0x12/0xc0 [ 391.548444][ T8066] ? __pfx_kthread+0x10/0x10 [ 391.548458][ T8066] ret_from_fork+0x983/0xb10 [ 391.548473][ T8066] ? __pfx_ret_from_fork+0x10/0x10 [ 391.548488][ T8066] ? __switch_to+0x7af/0x10d0 [ 391.548505][ T8066] ? __pfx_kthread+0x10/0x10 [ 391.548520][ T8066] ret_from_fork_asm+0x1a/0x30 [ 391.548543][ T8066] [ 391.548600][ T8066] Kernel Offset: disabled