last executing test programs: 8m53.710142831s ago: executing program 0 (id=3813): r0 = socketcall$auto(0xffe, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0xe9f, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0x4008ae6a, r0) 8m53.240164412s ago: executing program 0 (id=3819): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x1, 0x0) pipe$auto(0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback}, 0x55) mincore$auto(0x0, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x35, 0x0, 0x9) 8m52.153136721s ago: executing program 0 (id=3823): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = socket(0x2, 0x1, 0x0) setsockopt$auto(r0, 0x6, 0x13, 0x0, 0x40) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x54) close_range$auto(0x2, 0x8, 0x0) 8m51.817458745s ago: executing program 0 (id=3825): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 8m51.022526379s ago: executing program 0 (id=3834): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004881}, 0x800) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x7fff, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x40007}, 0x3, 0x0) 8m50.473810716s ago: executing program 0 (id=3840): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) msync$auto(0x0, 0xe0, 0x6) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) pkey_free$auto(0xfffffffd) 8m49.919163146s ago: executing program 32 (id=3840): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) msync$auto(0x0, 0xe0, 0x6) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) pkey_free$auto(0xfffffffd) 6m54.176457059s ago: executing program 3 (id=4504): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x400000b7, 0x400, 0x2}]}) 6m53.734993986s ago: executing program 3 (id=4507): close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/vm/nr_overcommit_hugepages\x00', 0x100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000100)={0x2, 0x179, [{0x174, 0x5, 0x80000000}]}) 6m53.270371865s ago: executing program 3 (id=4510): mmap$auto(0x0, 0x2020009, 0x6, 0x800000000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) set_robust_list$auto(0x0, 0x4) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) 6m52.579524519s ago: executing program 3 (id=4514): mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="770e0000", @ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf250300000008000600020000000c0014"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="110b27bd7000ffdbdf250900000800"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x1000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1}, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) 6m52.337275889s ago: executing program 3 (id=4515): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 6m52.195868683s ago: executing program 3 (id=4517): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) ioctl$auto_CEC_S_MODE(0xffffffffffffffff, 0x40046109, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000100)='.\x00', 0x595082, 0x0) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) fsetxattr$auto(r0, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1) mprotect$auto(0x0, 0x8000000000000001, 0x8) 6m36.959927829s ago: executing program 33 (id=4517): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) ioctl$auto_CEC_S_MODE(0xffffffffffffffff, 0x40046109, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000100)='.\x00', 0x595082, 0x0) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) fsetxattr$auto(r0, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1) mprotect$auto(0x0, 0x8000000000000001, 0x8) 8.759737461s ago: executing program 2 (id=6861): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socket(0x2b, 0x1, 0x1) setsockopt$auto(0x3, 0x6, 0xc, 0x0, 0xfb3) 6.733772333s ago: executing program 2 (id=6867): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(r1, 0xae41, r0) ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0xc0000102, 0x400, 0x9}]}) 5.320812003s ago: executing program 2 (id=6870): mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3b) socket(0xa, 0x3, 0x3b) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x8d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) wait4$auto(r0, 0x0, 0x80000001, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) write$auto_tty_fops_tty_io(r1, &(0x7f00000009c0)="8939cc4d36227fdb35e4a7779345a4d999cb1552f41b34b4003355454e96e6647b34e58345a013e46d9380cd77dcd9b5804ab378df5b19fd93b23d547b6a39e0563f1da27d880a0c7a41ada96f5899128a2f138a38855f3a0e5090cfcb022a807fd8d8410e21962aea3354ff7d28917ad17443189afcba863b21eedff9ef8944e15848033f30ec1ce206287db0755992c3d95fa6c7a2ecb44696ce661038bdc304c775605215501e237d8713947274ff5249f4fefe090d0581a07ac675fdc5da272124ae5975977941ead35326b8dd9ef2562c730a1df3116a5e25f19463fb391d3ba275758c4dd50d5bb8ecd6b3b07ebadfc8c978bb7e15a95c5bd06356d6d9d9e89db59312c4f8452f55ba7013b2691ca80c7db06df2026b190ae22bd233128b0459f8e22f77579ee7f7c6054e4eb33480be2d6e034dd96379f65937a7edf67a2d6b9fc5bb4253bb95d4bedd94da5d5cd944ccfa98c65c25dc3ab8fda6e68d77806b21e624aae3a6435c313b15894332942eb58e2bc6a0582aceaeb594578a2908b49a6f2ce66aac2e2ee4cadfc452cb953a51449039dbb5c7e84405d9cb335afbed3384ffc695b954cc51531bb083df05e2af461c2a7a0a697d0d59c565f5cfd3b354f051d5637fd1f72aeb79be3567215c648ae85541c9f3c4856229247b1225d327ed57fa7981424b39ebbb77a0f6ca5778ed0c9713d68aedd19627de8edf485f9155261ede5c803da5ce248f4c93a1b9925ee07d3f42c8f999252655c582ff47da1e6d010449345c4f3a43336547112ef4e8e0bd0829027b6dcb8fb127171eeb7a38470592c8422bc5c9bb784c281d20847eb79fef43fd38aa88f1a8639728267aef7a74fc40cc54cefea2807f598cd25f3c1bd8ab17fc88aac82179057717177355a1103433d8f7468a8f49d7d5dd8093f6882a791ce983aa4e03bf1a91e938b8da4f9cb41d6371579d9feb55636d8626b9e339d5e54a2397537e9b2f5bb846f1d0dd4614ad5f68fa35ea3f366a12eb4d51aad810856db0f11974bda08daf259c9477053847f17074fbbcbce75472cb9acada0b400f4fa85b71a97e7c686b2ba98e3d2bbb905d9e82430a2730d8d3465d9b632ba07fd746b2a394feb76db7501208f559be2a151c205103c4481cae7352f7117e6c626f25f0b3367d50a1ea87a38136b6ca64e1ef51207c0d6c06dfe86336b65caeee24138f1ca0955135c5d2b49743b0e51f98b7a8bd3a5ac50ca3a5d6e8e17cdf154bae7fa031b40b83b285b58eb47277920fc28ef916d5ae8536458577a37b73ae29312fee7885c405417d454e38dbe50ef1a8603e28611bf4d6b63251a1abc190581c6efe832d62d6ce8f6c4a64c7e018427b5fadddc1cec3896ed51c977d9e3f7c0d1e8f8d75693e1ead5a7a3714843fb3517bd0ddc68936c801692cce52ba003036764dc7f016e342a54f99916fc595dba1fc76222c5e814a1b71c6b9b735240e6bf747a900f6048b2836af70c6aa717701312c61c965d8ca1bdafb5d3623b2ee9b7e4a767ed76defd661a9f18bffaeada811ac2ad6731bf96274b019498c5552b38678ff0aedb465713d895595b92e2bc9e1b3acec28f3ee5831951582f2ad1831ddce1300dcc4547ec444eae5c614719be9c3d397fc1db1a76d954cbc9b7a0d7c8d1eab3eeccd70b17dcd7c3543b6d9effbea67c4ade126c6fbfdee281fe3479c3052e68cf8441a50a6adc59dec8de4261a117e0286eea92ecc88230fdfdca1ed438026e238e6dbfdc4772dccb17737c398add9644b47bfb1a3e3a4b1316ec25ea07f90f858736e80dbb9c882701e7188d315391c538469695f33d266550fb873f47a12518717c83bec4e0cce65958d08a0e287df6a08efd979e087814b1822681ba6ea015714fd66af5100967e152262973b065ed349398aa13bb4329b4f56081aba2ba73ede47a2f1b2dbd5daeaf4d4f790a030e3c1fac30da1b5f6149074de6d76b1635adf44016027efd4ac08c93983e0935c1c8b38a675d5c356483539624e1f402439e6a55529a44c17207d6a5f9d0a2b1745ccb5d4e7332a2b2467c9690c9b7fb9fa73b4da5d3eadd347b89bf05a6aacac989ce9f1398729a4b3383c64c64cc68a8638735ebd80fb9ba2ee9e30e65a56d5676f2b607567f2a07adba966b210339d6a8cc404ffdcbf8ac02216239cc9e0abec2e2aa1d27d658913c83ae08657439bf32213d6b3c3fbb37f978a1820d23be11511869e5884ccab0de2a2ac982d58f01e88b54a54b0f50cc0ff699e39f86d74371f1667927ea4ba96af4c98b05e2b1d4115ef892332ab7ac777f1537f3ce78a2889fab969aa6a11f9e855ec1ba09096346fe930737e6760688c91a60bce3f173c24fa1efcbe5d12869ba34883f95e6bc90c61994f6761c305f5de4a0f79f6b3403249190542edd86d7231f0d89d1519ccab3ef35e3dc9e35a5031ab1cb888a8ace8cbe67073c19f8060ea78bf6d6a8970ed1aae35246df0b825d325279ae4c2a838e0e1f40a3c9615b06b2c4e929942a2d820a82ef19d355754caa45119d5e07f9052bf02ed05de6e07bf46758255d8ef077fd04e971b5117f8ef54f20559c98a9c51df5ed7d2db8f2085ce9947b474c7f00f4a1585507e2344a53a597292a338dd39592df962267a835d091dc9f1c5e7a6a0f1215a0015d9083720aee97b7fa1aa7f4fbcf698018980ebe5cd928e6ea1f1c4e6087678cfa687f1f6cea280fb9f24496211fb00b3788bf4ac4cf5d0972c398baa70fc54dc28a9fd3b838a5732b5039602d5049afc135cfef8053a20359287d53bcce117c7c36147288178cef8dac66f4b941333dd74cf2e9e22ce1be287f1ea2c0d5f476ea74a996d5952c98714a9939084f87bb525f287214567bf1da94d8d098640215d14800f09367aaade0f57ad08dc581dc19d21bdd640d1d3cf54336bb0feafc14d9709f719b1212eee75d9f8b958783cce8a535cb6a1b890e002fefa0e60597275ca2d516b28ef1d1ce3f25184b20726cb59ccab574b8d0ffd30fce23936ec84224991a6f9d2fd74def41248726f86e413dd13e9be77f1856fa1b5803312b8a9179914980bb70873a380278f1c6ad42186b14933892427939f83556e9d130607c1b3e1292da5ba6908b642a11d2814b7ea8b7442ae9aaea89948a58cba34807e617404af7e34ecc449be8c403ee536f311af194d63c9120e0268c3f7e2cafc739b6a0575396d61e55707820fe6eb6a71ce094b931d67b8be93937542e3f7e5bb80ab033d979b3c1bff4ff367934c73198fd04571e7a74b9376894d4b0c45a53b7711cecdd98fc87980b82019db23bf4f41ad8182b6861cab9fdb8f882eddc568f5f35e798350857b3818e2e0ef189cf08825355a9ffec231c0f5039b80764f3c7d1f2371fc71216e8f8d83bce4273bcbf22908d81b7c28d664e574e396098ad8fb0bcd68dbc3d1bb0f0bf295df0ae59339381ee231536c7d3b949072a5a2ba5245cb57848dfbb7cbcb7cbdae9b96752c824410eb46f6978051ae5734c278292a90f3c395f098162d4a43c7f449b1cd8208e15fe97c11c25b663a837348b45e059998a10f1c05490dae27b12508decaafec265eb2c22f3df91291922c80e33f479a77078717a7beea74972a7817e791e2cedcaafb43d1bb71ae86242f3375633bdcf0176ef26075446d3cf999df207983af46406defa8aaab0071a24c273a6b2ef78c47efdc0950a3bf486e1f0c26587b8de77a7fbfeb10a22485a6ec662f3afa0508343f9019a8a04118a30c78d89311da9fddfab1cd44f0c2c2f934ba94e88862fb2121893dab164b3edd2d3b0f4658624f6883099353b1bd0e0601f5397c5a5d6689890b207189602ee61524acc886ab1276aecf1a0bb4fbc85ff7e4881a977513ea0abd446b757464f6caa3485c3d08a4dc810ce21d85cfffc4fa07015ae41b1c7a6ba1858566db8ecaa0dd1cd6e5b7e3cc2a344399e89103954e380ee58b62cd508c587c9946b05433af55959a2ad30fb9b521c64f57321a23e4ac9866f356d28b29302f9604303bc66215696874eaf63e7a37056f78ac3034dc63db9315edb5bc7ada518e02b28281893792ac39374220645694c8e437358b5117f1e2d8269125111afc070ff118ec3a38d949c9ca4a7a1ce6dcac1e2a8e63af511d140b23a86cb78a7a47c4a9e2dcd4587ae32a36e47ed7a7a6e84bf1dbc60b0b00773b4bc0c9ebd38f0e8ccaa0eef5199229057f93c12988cd52317e64c9668b74e946a5cf837320f0889a427f84431f20540dc17eeb0587e51bd05ae9478dd42d215849d50cb745dd9d2d90c294a404ec95941d39ffacbe0e02c0fb6b017042986f1bb00e675a26eb0e65654eb130e5ad3b67cf73b89783effdebf50788f5287ebf2b1d96a4a94e37f39a9bfa0e6c95791a6fd5b5bc083af38afd3fb3ae0f17736f020d8b055a8081121d9f5d563cba2d8b803c4c687ea9184aa09445af016c77d946b03fca370c157f3c7b61ada339a9d3b1b5d18d68e3d66db596164720b09b1426bae1b96c7c5c201a5b232742cfcba1c45164165b5f342548354c2e040fc3a9dbb77dd35ae1f84aa89360fbd232637c0522c64088d7e4313311708c5525538c2e0db4d25143306e93492170413f1f85c3e582ca354164e14b5d3bb33fd808a8b608e29f744333fc670f3816829c1a8583a7b158154a988f5b3b97c38add8146f2faa7c30acc309763eee280251c0a1e1b2d26bd377531a00a2dc54696b90045b17bba7e76dcef64714fecd12c3e84bcc7cffa17b18c6bbcc39960f4156ef05e368c4f205e8dc05a668b09548c2ced5927e6dab63a9e196aa42034ac8f4b9fb9ee4d8cd9c0fb435efaf5c7f4059607a2ac5669f5ebfd5c6db2579e465a3ca09c2a8441fabd977ada9ef15d795c891810ff1cf95bf071ecd4cd4b8fff8a1e63e08e790edef1aced37d8cab6d66696bbfce01ed7e22aefa9dc81de1fb212c4153ca29647d85b84def3234bfeaac52f6e1d567987d0b92ef04f9822acd1c25f532ba96c513954af88288b2d3a100bb9bc33df9b86ba471b2c7eed43d64422831455d144709d2ca4582559fb2a8cdc1c0686c686bbd04bd81f6116c7b8480c990651c4eab199dd27fecce28ab10965b60d0d062f66c0055cf7c0bf5b9779a65960dc059cdbb15c8f2a984d852e05f90203847b6f8bfbdf6d908055d28c7a96249b0909354d", 0xe68) 4.039100112s ago: executing program 2 (id=6877): sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010329bf700002dcdf2505000000feabb1471aa987110c00010005000000000000000c0001"], 0x38}, 0x1, 0x0, 0x0, 0x20008810}, 0x880) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082cbd7000fedbdf250300000008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f000000"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x2}, 0x1, 0x0, 0x0, 0x9}, 0xa}, 0x7, 0x0) 3.601971399s ago: executing program 4 (id=6881): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/bdi/31:0/strict_limit\x00', 0xa0666, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0p\x00', 0x80, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0x4, 0x7d48, 0x9488, 0x4, 0x15f4da0c, 0x0, 0x3, 0x0, 0x7, 0x7, 0x4, 0x0, 0x2, 0x1]}, 0x0) 3.324942455s ago: executing program 4 (id=6883): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1d, 0x2, 0x6) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1\x00', 0x0}) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r3, 0xfd}, 0x6a) 3.282208745s ago: executing program 1 (id=6884): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x61, 0x100001000000003, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/ext4/sda1/last_trim_minblks\x00', 0x2400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/7, 0x7) io_uring_setup$auto(0x1, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0x1, 0x0, 0x2, 0xd}, 0xacc}, 0x3, 0x10000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xf15a}, 0x6, 0x8, 0x5) write$auto(0x3, 0x0, 0xffd8) 2.903177768s ago: executing program 4 (id=6886): mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3b) socket(0xa, 0x3, 0x3b) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x8d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) wait4$auto(r0, 0x0, 0x80000001, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) write$auto_tty_fops_tty_io(r1, &(0x7f00000009c0)="8939cc4d36227fdb35e4a7779345a4d999cb1552f41b34b4003355454e96e6647b34e58345a013e46d9380cd77dcd9b5804ab378df5b19fd93b23d547b6a39e0563f1da27d880a0c7a41ada96f5899128a2f138a38855f3a0e5090cfcb022a807fd8d8410e21962aea3354ff7d28917ad17443189afcba863b21eedff9ef8944e15848033f30ec1ce206287db0755992c3d95fa6c7a2ecb44696ce661038bdc304c775605215501e237d8713947274ff5249f4fefe090d0581a07ac675fdc5da272124ae5975977941ead35326b8dd9ef2562c730a1df3116a5e25f19463fb391d3ba275758c4dd50d5bb8ecd6b3b07ebadfc8c978bb7e15a95c5bd06356d6d9d9e89db59312c4f8452f55ba7013b2691ca80c7db06df2026b190ae22bd233128b0459f8e22f77579ee7f7c6054e4eb33480be2d6e034dd96379f65937a7edf67a2d6b9fc5bb4253bb95d4bedd94da5d5cd944ccfa98c65c25dc3ab8fda6e68d77806b21e624aae3a6435c313b15894332942eb58e2bc6a0582aceaeb594578a2908b49a6f2ce66aac2e2ee4cadfc452cb953a51449039dbb5c7e84405d9cb335afbed3384ffc695b954cc51531bb083df05e2af461c2a7a0a697d0d59c565f5cfd3b354f051d5637fd1f72aeb79be3567215c648ae85541c9f3c4856229247b1225d327ed57fa7981424b39ebbb77a0f6ca5778ed0c9713d68aedd19627de8edf485f9155261ede5c803da5ce248f4c93a1b9925ee07d3f42c8f999252655c582ff47da1e6d010449345c4f3a43336547112ef4e8e0bd0829027b6dcb8fb127171eeb7a38470592c8422bc5c9bb784c281d20847eb79fef43fd38aa88f1a8639728267aef7a74fc40cc54cefea2807f598cd25f3c1bd8ab17fc88aac82179057717177355a1103433d8f7468a8f49d7d5dd8093f6882a791ce983aa4e03bf1a91e938b8da4f9cb41d6371579d9feb55636d8626b9e339d5e54a2397537e9b2f5bb846f1d0dd4614ad5f68fa35ea3f366a12eb4d51aad810856db0f11974bda08daf259c9477053847f17074fbbcbce75472cb9acada0b400f4fa85b71a97e7c686b2ba98e3d2bbb905d9e82430a2730d8d3465d9b632ba07fd746b2a394feb76db7501208f559be2a151c205103c4481cae7352f7117e6c626f25f0b3367d50a1ea87a38136b6ca64e1ef51207c0d6c06dfe86336b65caeee24138f1ca0955135c5d2b49743b0e51f98b7a8bd3a5ac50ca3a5d6e8e17cdf154bae7fa031b40b83b285b58eb47277920fc28ef916d5ae8536458577a37b73ae29312fee7885c405417d454e38dbe50ef1a8603e28611bf4d6b63251a1abc190581c6efe832d62d6ce8f6c4a64c7e018427b5fadddc1cec3896ed51c977d9e3f7c0d1e8f8d75693e1ead5a7a3714843fb3517bd0ddc68936c801692cce52ba003036764dc7f016e342a54f99916fc595dba1fc76222c5e814a1b71c6b9b735240e6bf747a900f6048b2836af70c6aa717701312c61c965d8ca1bdafb5d3623b2ee9b7e4a767ed76defd661a9f18bffaeada811ac2ad6731bf96274b019498c5552b38678ff0aedb465713d895595b92e2bc9e1b3acec28f3ee5831951582f2ad1831ddce1300dcc4547ec444eae5c614719be9c3d397fc1db1a76d954cbc9b7a0d7c8d1eab3eeccd70b17dcd7c3543b6d9effbea67c4ade126c6fbfdee281fe3479c3052e68cf8441a50a6adc59dec8de4261a117e0286eea92ecc88230fdfdca1ed438026e238e6dbfdc4772dccb17737c398add9644b47bfb1a3e3a4b1316ec25ea07f90f858736e80dbb9c882701e7188d315391c538469695f33d266550fb873f47a12518717c83bec4e0cce65958d08a0e287df6a08efd979e087814b1822681ba6ea015714fd66af5100967e152262973b065ed349398aa13bb4329b4f56081aba2ba73ede47a2f1b2dbd5daeaf4d4f790a030e3c1fac30da1b5f6149074de6d76b1635adf44016027efd4ac08c93983e0935c1c8b38a675d5c356483539624e1f402439e6a55529a44c17207d6a5f9d0a2b1745ccb5d4e7332a2b2467c9690c9b7fb9fa73b4da5d3eadd347b89bf05a6aacac989ce9f1398729a4b3383c64c64cc68a8638735ebd80fb9ba2ee9e30e65a56d5676f2b607567f2a07adba966b210339d6a8cc404ffdcbf8ac02216239cc9e0abec2e2aa1d27d658913c83ae08657439bf32213d6b3c3fbb37f978a1820d23be11511869e5884ccab0de2a2ac982d58f01e88b54a54b0f50cc0ff699e39f86d74371f1667927ea4ba96af4c98b05e2b1d4115ef892332ab7ac777f1537f3ce78a2889fab969aa6a11f9e855ec1ba09096346fe930737e6760688c91a60bce3f173c24fa1efcbe5d12869ba34883f95e6bc90c61994f6761c305f5de4a0f79f6b3403249190542edd86d7231f0d89d1519ccab3ef35e3dc9e35a5031ab1cb888a8ace8cbe67073c19f8060ea78bf6d6a8970ed1aae35246df0b825d325279ae4c2a838e0e1f40a3c9615b06b2c4e929942a2d820a82ef19d355754caa45119d5e07f9052bf02ed05de6e07bf46758255d8ef077fd04e971b5117f8ef54f20559c98a9c51df5ed7d2db8f2085ce9947b474c7f00f4a1585507e2344a53a597292a338dd39592df962267a835d091dc9f1c5e7a6a0f1215a0015d9083720aee97b7fa1aa7f4fbcf698018980ebe5cd928e6ea1f1c4e6087678cfa687f1f6cea280fb9f24496211fb00b3788bf4ac4cf5d0972c398baa70fc54dc28a9fd3b838a5732b5039602d5049afc135cfef8053a20359287d53bcce117c7c36147288178cef8dac66f4b941333dd74cf2e9e22ce1be287f1ea2c0d5f476ea74a996d5952c98714a9939084f87bb525f287214567bf1da94d8d098640215d14800f09367aaade0f57ad08dc581dc19d21bdd640d1d3cf54336bb0feafc14d9709f719b1212eee75d9f8b958783cce8a535cb6a1b890e002fefa0e60597275ca2d516b28ef1d1ce3f25184b20726cb59ccab574b8d0ffd30fce23936ec84224991a6f9d2fd74def41248726f86e413dd13e9be77f1856fa1b5803312b8a9179914980bb70873a380278f1c6ad42186b14933892427939f83556e9d130607c1b3e1292da5ba6908b642a11d2814b7ea8b7442ae9aaea89948a58cba34807e617404af7e34ecc449be8c403ee536f311af194d63c9120e0268c3f7e2cafc739b6a0575396d61e55707820fe6eb6a71ce094b931d67b8be93937542e3f7e5bb80ab033d979b3c1bff4ff367934c73198fd04571e7a74b9376894d4b0c45a53b7711cecdd98fc87980b82019db23bf4f41ad8182b6861cab9fdb8f882eddc568f5f35e798350857b3818e2e0ef189cf08825355a9ffec231c0f5039b80764f3c7d1f2371fc71216e8f8d83bce4273bcbf22908d81b7c28d664e574e396098ad8fb0bcd68dbc3d1bb0f0bf295df0ae59339381ee231536c7d3b949072a5a2ba5245cb57848dfbb7cbcb7cbdae9b96752c824410eb46f6978051ae5734c278292a90f3c395f098162d4a43c7f449b1cd8208e15fe97c11c25b663a837348b45e059998a10f1c05490dae27b12508decaafec265eb2c22f3df91291922c80e33f479a77078717a7beea74972a7817e791e2cedcaafb43d1bb71ae86242f3375633bdcf0176ef26075446d3cf999df207983af46406defa8aaab0071a24c273a6b2ef78c47efdc0950a3bf486e1f0c26587b8de77a7fbfeb10a22485a6ec662f3afa0508343f9019a8a04118a30c78d89311da9fddfab1cd44f0c2c2f934ba94e88862fb2121893dab164b3edd2d3b0f4658624f6883099353b1bd0e0601f5397c5a5d6689890b207189602ee61524acc886ab1276aecf1a0bb4fbc85ff7e4881a977513ea0abd446b757464f6caa3485c3d08a4dc810ce21d85cfffc4fa07015ae41b1c7a6ba1858566db8ecaa0dd1cd6e5b7e3cc2a344399e89103954e380ee58b62cd508c587c9946b05433af55959a2ad30fb9b521c64f57321a23e4ac9866f356d28b29302f9604303bc66215696874eaf63e7a37056f78ac3034dc63db9315edb5bc7ada518e02b28281893792ac39374220645694c8e437358b5117f1e2d8269125111afc070ff118ec3a38d949c9ca4a7a1ce6dcac1e2a8e63af511d140b23a86cb78a7a47c4a9e2dcd4587ae32a36e47ed7a7a6e84bf1dbc60b0b00773b4bc0c9ebd38f0e8ccaa0eef5199229057f93c12988cd52317e64c9668b74e946a5cf837320f0889a427f84431f20540dc17eeb0587e51bd05ae9478dd42d215849d50cb745dd9d2d90c294a404ec95941d39ffacbe0e02c0fb6b017042986f1bb00e675a26eb0e65654eb130e5ad3b67cf73b89783effdebf50788f5287ebf2b1d96a4a94e37f39a9bfa0e6c95791a6fd5b5bc083af38afd3fb3ae0f17736f020d8b055a8081121d9f5d563cba2d8b803c4c687ea9184aa09445af016c77d946b03fca370c157f3c7b61ada339a9d3b1b5d18d68e3d66db596164720b09b1426bae1b96c7c5c201a5b232742cfcba1c45164165b5f342548354c2e040fc3a9dbb77dd35ae1f84aa89360fbd232637c0522c64088d7e4313311708c5525538c2e0db4d25143306e93492170413f1f85c3e582ca354164e14b5d3bb33fd808a8b608e29f744333fc670f3816829c1a8583a7b158154a988f5b3b97c38add8146f2faa7c30acc309763eee280251c0a1e1b2d26bd377531a00a2dc54696b90045b17bba7e76dcef64714fecd12c3e84bcc7cffa17b18c6bbcc39960f4156ef05e368c4f205e8dc05a668b09548c2ced5927e6dab63a9e196aa42034ac8f4b9fb9ee4d8cd9c0fb435efaf5c7f4059607a2ac5669f5ebfd5c6db2579e465a3ca09c2a8441fabd977ada9ef15d795c891810ff1cf95bf071ecd4cd4b8fff8a1e63e08e790edef1aced37d8cab6d66696bbfce01ed7e22aefa9dc81de1fb212c4153ca29647d85b84def3234bfeaac52f6e1d567987d0b92ef04f9822acd1c25f532ba96c513954af88288b2d3a100bb9bc33df9b86ba471b2c7eed43d64422831455d144709d2ca4582559fb2a8cdc1c0686c686bbd04bd81f6116c7b8480c990651c4eab199dd27fecce28ab10965b60d0d062f66c0055cf7c0bf5b9779a65960dc059cdbb15c8f2a984d852e05f90203847b6f8bfbdf6d908055d28c7a96249b0909354d", 0xe68) 2.901795429s ago: executing program 2 (id=6894): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/workqueue/nvme_tcp_wq/max_active\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) mmap$auto(0x0, 0xf92e, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) statmount$auto(&(0x7f0000000040)={0x6, @inferred=r1, 0x80000002, 0x0, 0x8}, 0x0, 0x401, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x400008, 0xf5d, 0x9b72, 0xffffffffffffffff, 0x8000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r3, 0xc0104d08, r3) socket(0x2b, 0x3, 0x81) 2.218679115s ago: executing program 1 (id=6887): mmap$auto(0x0, 0xe883, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) 2.218414325s ago: executing program 2 (id=6888): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) unshare$auto(0x8) write$auto(r0, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) finit_module$auto(r1, 0x0, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ptrace$auto(0x10, 0x0, 0x9, 0x7ff) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) 2.21799877s ago: executing program 5 (id=6889): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x2, 0x88) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) bpf$auto(0x0, &(0x7f0000000280)=@bpf_attr_5={@target_ifindex=r4, r3, 0x8, 0x1, 0xffffffffffffffff, @relative_fd=r1, 0xe600}, 0xf) capset$auto(0x0, 0x0) bpf$auto(0x2, &(0x7f0000000340)=@raw_tracepoint={0x5, r0, 0x0, 0x2}, 0xc) 2.025457551s ago: executing program 5 (id=6890): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) sysfs$auto(0x2, 0x0, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x6, 0x0, 0x0, 0x0) fsmount$auto(0x4, 0x0, 0x200003) fsconfig$auto_JFFS2_COMPR_MODE_NONE(r0, 0x3, &(0x7f0000000080)='/dev/snd/controlC2\x00', &(0x7f00000000c0)="6ffd", 0x0) 1.78814189s ago: executing program 4 (id=6891): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/slab/kmalloc-64/shrink\x00', 0x2062, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, 0x0) inotify_init1$auto(0x3000000000000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x80062, 0x80000001, 0x7, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0) 1.579849804s ago: executing program 5 (id=6892): mmap$auto(0x0, 0x20009, 0xe, 0xeb1, 0x403, 0x8000) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x4, 0x7ff) ptrace$auto(0x8, r0, 0x400000000, 0x41b) mount$auto(0x0, 0x0, 0x0, 0xf, 0x0) migrate_pages$auto(0x0, 0x99, 0x0, 0x0) socket(0xa, 0x2, 0x88) bpf$auto_BPF_PROG_TEST_RUN(0xa, 0x0, 0x1000) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) 1.338906632s ago: executing program 1 (id=6893): write$auto(0xca, 0x0, 0x7f) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) socket(0x2c, 0x3, 0x8) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) writev$auto(0x3, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x183542, 0x0) sendfile$auto(0xffffffffffffffff, r1, 0x0, 0xc01) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe6e43, 0x0) ioctl$auto_BTRFS_IOC_GET_SUPPORTED_FEATURES(r2, 0x80489439, 0x0) 1.084485561s ago: executing program 1 (id=6895): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0xa, 0x2, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) ioctl$auto_KVM_CREATE_VM(r1, 0x4004ae99, 0x0) 917.521182ms ago: executing program 4 (id=6896): syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="ddffff", @ANYRES16=0x0, @ANYBLOB="01002abd7000fbdbdf2503000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40000d4) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, 0x0, 0x4001090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x8) socket(0xa, 0x801, 0x84) readv$auto(0x3, 0x0, 0x9) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYBLOB='V'], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 580.910929ms ago: executing program 1 (id=6897): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3a) r0 = epoll_create$auto(0x2) epoll_pwait2$auto(r0, 0x0, 0x9, 0x0, 0x0, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r1, 0x0) epoll_ctl$auto_EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)={0x7cc4, 0x7f}) r2 = socket(0x2, 0x2, 0x88) setsockopt$auto(r2, 0x0, 0x20, 0x0, 0x8) 439.09698ms ago: executing program 5 (id=6898): openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x802, 0x0) prctl$auto_PR_SET_MM_END_DATA(0xd, 0x4, 0x0, 0x3, 0x9) write$auto(0xffffffffffffffff, 0x0, 0x100082) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x2000, 0x0) request_key$auto_KEY_SPEC_THREAD_KEYRING(0x0, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff) openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000040), 0x4, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptycc\x00', 0xa0840, 0x0) ioctl$auto(r0, 0x540a, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/pci0000:00/0000:00:00.0/msi_bus\x00', 0x149b01, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) clock_getres$auto(0x3, 0x0) 321.2518ms ago: executing program 4 (id=6899): mmap$auto(0x7ffffffffffffffd, 0xb3b7, 0x4000000000e1, 0x2000000001a, 0x401, 0x7ffe) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) io_uring_setup$auto(0x59, 0x0) bpf$auto(0x1, 0x0, 0xc) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mount$auto(0x0, 0x0, 0x0, 0x5, 0x0) umount2$auto(0x0, 0x4) 256.998898ms ago: executing program 1 (id=6900): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) r1 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x24, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) poll$auto(&(0x7f0000000080)={0x3, 0x1, 0xa}, 0x5, 0x108) 225.194394ms ago: executing program 5 (id=6901): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x10, 0x1, 0xfffffffc, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(0x0, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 0s ago: executing program 5 (id=6902): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(0xffffffffffffffff, &(0x7f0000000080)='MJC802154_HWSIM\x00\xcb\x0fX\xc7\xfdx!\xf7\xb5T\x04\xad\x96\xf4\xbc\xca\xa52UWT1\a\x00\x00\x00\x00\x00\x007\xc9\xa6\x8a', 0x1060) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0) writev$auto(r1, &(0x7f0000000340)={0x0, 0x18}, 0x8) ioctl$auto_UI_SET_FFBIT(r1, 0x4004556b, &(0x7f0000000140)=0xc0000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macvlan0\x00'}) prctl$auto(0xfcd, 0x2, 0xffffffffffffffff, 0x9, 0x3) kernel console output (not intermixed with test programs): 1.509166][T22519] [U] [ 931.511889][T22519] [U] [ 931.514612][T22519] [U] [ 931.542451][T22519] [U] [ 931.545224][T22519] [U] [ 931.547948][T22519] [U] [ 931.550780][T22519] [U] [ 931.596950][T22519] [U] [ 931.599717][T22519] [U] [ 931.602435][T22519] [U] [ 931.605151][T22519] [U] [ 931.641456][T22519] [U] [ 931.644218][T22519] [U] [ 931.646950][T22519] [U] [ 931.649673][T22519] [U] [ 931.701809][T22538] [U] [ 931.706278][T22537] [U] [ 931.765721][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.772289][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.004172][T22557] ima: policy update failed [ 932.031840][ T29] audit: type=1802 audit(1772117334.555:23): pid=22557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.5693" res=0 errno=0 [ 932.040035][T22562] FAULT_INJECTION: forcing a failure. [ 932.040035][T22562] name failslab, interval 1, probability 0, space 0, times 0 [ 932.102268][T22565] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5696'. [ 932.112766][T22562] CPU: 0 UID: 0 PID: 22562 Comm: syz.2.5695 Tainted: G U L syzkaller #0 PREEMPT(full) [ 932.112815][T22562] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 932.112828][T22562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 932.112846][T22562] Call Trace: [ 932.112855][T22562] [ 932.112867][T22562] dump_stack_lvl+0x100/0x190 [ 932.112917][T22562] should_fail_ex.cold+0x5/0xa [ 932.112950][T22562] should_failslab+0xc2/0x120 [ 932.112979][T22562] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 932.113020][T22562] ? __d_alloc+0x34/0xa80 [ 932.113058][T22562] __d_alloc+0x34/0xa80 [ 932.113091][T22562] d_alloc_pseudo+0x1c/0xc0 [ 932.113129][T22562] alloc_file_pseudo+0xcf/0x230 [ 932.113163][T22562] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 932.113209][T22562] __shmem_file_setup+0x221/0x490 [ 932.113254][T22562] ? __pfx___shmem_file_setup+0x10/0x10 [ 932.113297][T22562] ? vm_area_alloc+0x1f/0x160 [ 932.113338][T22562] shmem_zero_setup+0x96/0x1b0 [ 932.113380][T22562] __mmap_region+0x2198/0x29e0 [ 932.113436][T22562] ? __pfx___mmap_region+0x10/0x10 [ 932.113485][T22562] ? __lock_acquire+0x4a5/0x2630 [ 932.113525][T22562] ? set_next_entity+0x11b/0x9c0 [ 932.113573][T22562] ? __lock_acquire+0x4a5/0x2630 [ 932.113606][T22562] ? find_held_lock+0x2b/0x80 [ 932.113655][T22562] ? find_held_lock+0x2b/0x80 [ 932.113680][T22562] ? finish_task_switch.isra.0+0x200/0xb80 [ 932.113710][T22562] ? finish_task_switch.isra.0+0x200/0xb80 [ 932.113755][T22562] ? trace_sched_exit_tp+0x13a/0x180 [ 932.113788][T22562] ? __schedule+0x1000/0x60e0 [ 932.113862][T22562] ? rcu_is_watching+0x12/0xc0 [ 932.113904][T22562] ? cap_capable+0x107/0x460 [ 932.113952][T22562] mmap_region+0x180/0x3e0 [ 932.114001][T22562] do_mmap+0xc63/0x12f0 [ 932.114035][T22562] ? __pfx_do_mmap+0x10/0x10 [ 932.114066][T22562] ? __pfx_down_write_killable+0x10/0x10 [ 932.114111][T22562] vm_mmap_pgoff+0x29e/0x470 [ 932.114148][T22562] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 932.114181][T22562] ? do_futex+0x192/0x350 [ 932.114218][T22562] ? __pfx_do_futex+0x10/0x10 [ 932.114259][T22562] ksys_mmap_pgoff+0xe1/0x650 [ 932.114289][T22562] ? __x64_sys_futex+0x34f/0x4d0 [ 932.114322][T22562] ? __x64_sys_futex+0x358/0x4d0 [ 932.114364][T22562] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 932.114395][T22562] ? xfd_validate_state+0x129/0x190 [ 932.114445][T22562] __x64_sys_mmap+0x125/0x190 [ 932.114490][T22562] do_syscall_64+0x106/0xf80 [ 932.114522][T22562] ? clear_bhb_loop+0x40/0x90 [ 932.114557][T22562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 932.114589][T22562] RIP: 0033:0x7f6f46f9c799 [ 932.114614][T22562] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 932.114654][T22562] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 932.114683][T22562] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 932.114703][T22562] RDX: 00000000000000df RSI: 000000000000e983 RDI: 0000000000000000 [ 932.114722][T22562] RBP: 00007f6f47032bd9 R08: 0000000000000401 R09: 0000000000008000 [ 932.114742][T22562] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 932.114759][T22562] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 932.114799][T22562] [ 932.283084][T22568] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5696'. [ 934.530159][T22621] netlink: 342 bytes leftover after parsing attributes in process `syz.2.5708'. [ 934.575384][T22621] netlink: 214 bytes leftover after parsing attributes in process `syz.2.5708'. [ 935.392729][T22641] netlink: 334 bytes leftover after parsing attributes in process `syz.1.5716'. [ 935.692768][T22653] binder: 22649:22653 ioctl 40046210 0 returned -14 [ 937.065603][T22673] [U] [ 937.094387][T22671] [U] [ 937.564430][T22654] kexec: Could not allocate control_code_buffer [ 937.908224][T22703] ima: policy update failed [ 937.923660][ T29] audit: type=1802 audit(1772117340.443:24): pid=22703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.5728" res=0 errno=0 [ 938.105988][T22706] FAULT_INJECTION: forcing a failure. [ 938.105988][T22706] name failslab, interval 1, probability 0, space 0, times 0 [ 938.159761][T22706] CPU: 1 UID: 0 PID: 22706 Comm: syz.4.5729 Tainted: G U L syzkaller #0 PREEMPT(full) [ 938.159810][T22706] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 938.159821][T22706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 938.159839][T22706] Call Trace: [ 938.159848][T22706] [ 938.159858][T22706] dump_stack_lvl+0x100/0x190 [ 938.159907][T22706] should_fail_ex.cold+0x5/0xa [ 938.159941][T22706] should_failslab+0xc2/0x120 [ 938.159969][T22706] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 938.160018][T22706] ? seq_open+0x55/0x170 [ 938.160060][T22706] ? __pfx_blk_mq_debugfs_show+0x10/0x10 [ 938.160094][T22706] seq_open+0x55/0x170 [ 938.160125][T22706] ? __pfx_blk_mq_debugfs_show+0x10/0x10 [ 938.160157][T22706] single_open+0xfc/0x1d0 [ 938.160194][T22706] blk_mq_debugfs_open+0xde/0x1b0 [ 938.160229][T22706] ? __pfx_blk_mq_debugfs_open+0x10/0x10 [ 938.160259][T22706] full_proxy_open_regular+0x1b6/0x370 [ 938.160300][T22706] do_dentry_open+0x6d8/0x1660 [ 938.160347][T22706] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 938.160395][T22706] vfs_open+0x82/0x3f0 [ 938.160434][T22706] path_openat+0x208c/0x31a0 [ 938.160474][T22706] ? __pfx_path_openat+0x10/0x10 [ 938.160516][T22706] do_file_open+0x20e/0x430 [ 938.160547][T22706] ? __pfx_do_file_open+0x10/0x10 [ 938.160601][T22706] ? alloc_fd+0x476/0x790 [ 938.160649][T22706] ? do_getname+0x191/0x390 [ 938.160686][T22706] do_sys_openat2+0x10d/0x1e0 [ 938.160722][T22706] ? __pfx_do_sys_openat2+0x10/0x10 [ 938.160759][T22706] ? __fget_files+0x21f/0x3d0 [ 938.160811][T22706] __x64_sys_openat+0x12d/0x210 [ 938.160847][T22706] ? __pfx___x64_sys_openat+0x10/0x10 [ 938.160921][T22706] do_syscall_64+0x106/0xf80 [ 938.160955][T22706] ? clear_bhb_loop+0x40/0x90 [ 938.160992][T22706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 938.161028][T22706] RIP: 0033:0x7f5179f9c799 [ 938.161054][T22706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 938.161083][T22706] RSP: 002b:00007f517ad9b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 938.161111][T22706] RAX: ffffffffffffffda RBX: 00007f517a215fa0 RCX: 00007f5179f9c799 [ 938.161131][T22706] RDX: 0000000000060100 RSI: 0000200000000900 RDI: ffffffffffffff9c [ 938.161148][T22706] RBP: 00007f517a032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 938.161164][T22706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 938.161180][T22706] R13: 00007f517a216038 R14: 00007f517a215fa0 R15: 00007fff647e2c28 [ 938.161214][T22706] [ 938.662168][T22716] [U] [ 938.664937][T22716] [U] [ 938.667664][T22716] [U] [ 938.670388][T22716] [U] [ 938.674056][T22716] [U] [ 938.676792][T22716] [U] [ 938.679515][T22716] [U] [ 938.682240][T22716] [U] [ 938.686170][T22716] [U] [ 938.688912][T22716] [U] [ 938.691627][T22716] [U] [ 938.694348][T22716] [U] [ 938.698754][T22716] [U] [ 938.701493][T22716] [U] [ 938.704227][T22716] [U] [ 938.706940][T22716] [U] [ 938.711125][T22716] [U] [ 938.713859][T22716] [U] [ 938.716600][T22716] [U] [ 938.719316][T22716] [U] [ 938.724151][T22716] [U] [ 938.726885][T22716] [U] [ 938.729605][T22716] [U] [ 938.732323][T22716] [U] [ 938.735907][T22716] [U] [ 938.738647][T22716] [U] [ 938.741363][T22716] [U] [ 938.744086][T22716] [U] [ 938.748040][T22716] [U] [ 938.750777][T22716] [U] [ 938.753493][T22716] [U] [ 938.756212][T22716] [U] [ 938.760768][T22716] [U] [ 938.763494][T22716] [U] [ 938.766212][T22716] [U] [ 938.768932][T22716] [U] [ 938.773399][T22716] [U] [ 938.776139][T22716] [U] [ 938.778880][T22716] [U] [ 938.781612][T22716] [U] [ 938.785229][T22716] [U] [ 938.787958][T22716] [U] [ 938.790676][T22716] [U] [ 938.793471][T22716] [U] [ 938.796827][T22716] [U] [ 938.799557][T22716] [U] [ 938.802274][T22716] [U] [ 938.804997][T22716] [U] [ 938.808958][T22716] [U] [ 938.811693][T22716] [U] [ 938.814413][T22716] [U] [ 938.817128][T22716] [U] [ 938.821370][T22716] [U] [ 938.824106][T22716] [U] [ 938.826826][T22716] [U] [ 938.829544][T22716] [U] [ 938.834632][T22716] [U] [ 938.837365][T22716] [U] [ 938.840083][T22716] [U] [ 938.842807][T22716] [U] [ 938.846983][T22716] [U] [ 938.849714][T22716] [U] [ 938.852432][T22716] [U] [ 938.855154][T22716] [U] [ 938.860351][T22716] [U] [ 938.863082][T22716] [U] [ 938.865804][T22716] [U] [ 938.868510][T22716] [U] [ 938.903256][T22716] [U] [ 938.906019][T22716] [U] [ 938.908741][T22716] [U] [ 938.911477][T22716] [U] [ 938.927417][T22716] [U] [ 938.930183][T22716] [U] [ 938.932903][T22716] [U] [ 938.935624][T22716] [U] [ 938.950961][T22716] [U] [ 938.953726][T22716] [U] [ 938.956451][T22716] [U] [ 938.959172][T22716] [U] [ 938.962844][T22716] [U] [ 938.965575][T22716] [U] [ 938.968290][T22716] [U] [ 938.971006][T22716] [U] [ 938.978560][T22716] [U] [ 938.981306][T22716] [U] [ 938.984023][T22716] [U] [ 938.986735][T22716] [U] [ 938.990532][T22716] [U] [ 938.993261][T22716] [U] [ 938.995979][T22716] [U] [ 938.998704][T22716] [U] [ 939.002275][T22716] [U] [ 939.005003][T22716] [U] [ 939.007721][T22716] [U] [ 939.010445][T22716] [U] [ 939.014240][T22716] [U] [ 939.016975][T22716] [U] [ 939.019693][T22716] [U] [ 939.022411][T22716] [U] [ 939.025815][T22716] [U] [ 939.028543][T22716] [U] [ 939.031262][T22716] [U] [ 939.033983][T22716] [U] [ 939.037537][T22716] [U] [ 939.040269][T22716] [U] [ 939.042989][T22716] [U] [ 939.045712][T22716] [U] [ 939.050211][T22716] [U] [ 939.052951][T22716] [U] [ 939.055680][T22716] [U] [ 939.058407][T22716] [U] [ 939.064022][T22716] [U] [ 939.066749][T22716] [U] [ 939.069469][T22716] [U] [ 939.072185][T22716] [U] [ 939.080061][T22716] [U] [ 939.082813][T22716] [U] [ 939.085528][T22716] [U] [ 939.088235][T22716] [U] [ 939.092584][T22716] [U] [ 939.095322][T22716] [U] [ 939.098045][T22716] [U] [ 939.100767][T22716] [U] [ 939.105437][T22716] [U] [ 939.108178][T22716] [U] [ 939.110898][T22716] [U] [ 939.113623][T22716] [U] [ 939.116340][T22716] [U] [ 939.120582][T22716] [U] [ 939.123322][T22716] [U] [ 939.126041][T22716] [U] [ 939.128758][T22716] [U] [ 939.134412][T22716] [U] [ 939.137152][T22716] [U] [ 939.139868][T22716] [U] [ 939.142598][T22716] [U] [ 939.146145][T22716] [U] [ 939.148877][T22716] [U] [ 939.151634][T22716] [U] [ 939.154363][T22716] [U] [ 939.157760][T22716] [U] [ 939.160483][T22716] [U] [ 939.163199][T22716] [U] [ 939.165923][T22716] [U] [ 939.169530][T22716] [U] [ 939.172270][T22716] [U] [ 939.174988][T22716] [U] [ 939.177794][T22716] [U] [ 939.181076][T22716] [U] [ 939.183810][T22716] [U] [ 939.186527][T22716] [U] [ 939.189244][T22716] [U] [ 939.197824][T22716] [U] [ 939.200622][T22716] [U] [ 939.203356][T22716] [U] [ 939.206078][T22716] [U] [ 939.211405][T22716] [U] [ 939.214142][T22716] [U] [ 939.216864][T22716] [U] [ 939.219583][T22716] [U] [ 939.224550][T22716] [U] [ 939.227290][T22716] [U] [ 939.230007][T22716] [U] [ 939.232732][T22716] [U] [ 939.238082][T22716] [U] [ 939.240821][T22716] [U] [ 939.243541][T22716] [U] [ 939.246260][T22716] [U] [ 939.249775][T22716] [U] [ 939.252510][T22716] [U] [ 939.255226][T22716] [U] [ 939.257951][T22716] [U] [ 939.261673][T22716] [U] [ 939.264407][T22716] [U] [ 939.267127][T22716] [U] [ 939.269843][T22716] [U] [ 939.273549][T22716] [U] [ 939.276280][T22716] [U] [ 939.278995][T22716] [U] [ 939.281724][T22716] [U] [ 939.312391][T22716] [U] [ 939.315156][T22716] [U] [ 939.317880][T22716] [U] [ 939.320614][T22716] [U] [ 939.384132][T22716] [U] [ 939.386913][T22716] [U] [ 939.389634][T22716] [U] [ 939.392354][T22716] [U] [ 939.439806][T22716] [U] [ 939.442608][T22716] [U] [ 939.445344][T22716] [U] [ 939.448065][T22716] [U] [ 939.482444][T22716] [U] [ 939.485215][T22716] [U] [ 939.487934][T22716] [U] [ 939.490662][T22716] [U] [ 939.573644][T22716] [U] [ 939.576427][T22716] [U] [ 939.579165][T22716] [U] [ 939.581881][T22716] [U] [ 939.636817][T22716] [U] [ 939.639592][T22716] [U] [ 939.642325][T22716] [U] [ 939.645077][T22716] [U] [ 939.698771][T22716] [U] [ 939.701536][T22716] [U] [ 939.704266][T22716] [U] [ 939.706992][T22716] [U] [ 939.729771][T22716] [U] [ 941.089970][T22760] FAULT_INJECTION: forcing a failure. [ 941.089970][T22760] name failslab, interval 1, probability 0, space 0, times 0 [ 941.131752][T22760] CPU: 1 UID: 0 PID: 22760 Comm: syz.5.5748 Tainted: G U L syzkaller #0 PREEMPT(full) [ 941.131805][T22760] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 941.131817][T22760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 941.131835][T22760] Call Trace: [ 941.131846][T22760] [ 941.131858][T22760] dump_stack_lvl+0x100/0x190 [ 941.131909][T22760] should_fail_ex.cold+0x5/0xa [ 941.131942][T22760] ? ima_alloc_init_template+0x19d/0x6d0 [ 941.131983][T22760] should_failslab+0xc2/0x120 [ 941.132011][T22760] __kmalloc_noprof+0xe0/0x850 [ 941.132053][T22760] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 941.132095][T22760] ima_alloc_init_template+0x19d/0x6d0 [ 941.132137][T22760] ? take_dentry_name_snapshot+0x310/0x7c0 [ 941.132179][T22760] ima_store_measurement+0x1e3/0x5b0 [ 941.132224][T22760] ? __pfx_ima_store_measurement+0x10/0x10 [ 941.132281][T22760] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 941.132324][T22760] process_measurement+0x19cc/0x2350 [ 941.132372][T22760] ? stack_trace_save+0x8e/0xc0 [ 941.132400][T22760] ? __pfx_process_measurement+0x10/0x10 [ 941.132439][T22760] ? __lock_acquire+0x4a5/0x2630 [ 941.132474][T22760] ? __kasan_slab_alloc+0x89/0x90 [ 941.132513][T22760] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 941.132565][T22760] ? init_file+0x95/0x480 [ 941.132594][T22760] ? alloc_empty_file+0x73/0x1c0 [ 941.132623][T22760] ? alloc_file_pseudo+0x13a/0x230 [ 941.132654][T22760] ? ksys_mmap_pgoff+0x232/0x650 [ 941.132679][T22760] ? __x64_sys_mmap+0x125/0x190 [ 941.132716][T22760] ? do_syscall_64+0x106/0xf80 [ 941.132787][T22760] ? __pfx_aa_file_perm+0x10/0x10 [ 941.132832][T22760] ima_file_mmap+0x1c4/0x1f0 [ 941.132870][T22760] ? __pfx_ima_file_mmap+0x10/0x10 [ 941.132915][T22760] security_mmap_file+0x278/0x9b0 [ 941.132963][T22760] vm_mmap_pgoff+0xec/0x470 [ 941.132997][T22760] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 941.133024][T22760] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 941.133059][T22760] ? hugetlbfs_get_inode+0x36e/0x750 [ 941.133116][T22760] ksys_mmap_pgoff+0x273/0x650 [ 941.133146][T22760] ? __x64_sys_futex+0x358/0x4d0 [ 941.133184][T22760] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 941.133214][T22760] ? xfd_validate_state+0x129/0x190 [ 941.133256][T22760] __x64_sys_mmap+0x125/0x190 [ 941.133299][T22760] do_syscall_64+0x106/0xf80 [ 941.133328][T22760] ? clear_bhb_loop+0x40/0x90 [ 941.133362][T22760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 941.133392][T22760] RIP: 0033:0x7faa6199c799 [ 941.133416][T22760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 941.133446][T22760] RSP: 002b:00007faa628a2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 941.133474][T22760] RAX: ffffffffffffffda RBX: 00007faa61c16180 RCX: 00007faa6199c799 [ 941.133494][T22760] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 941.133512][T22760] RBP: 00007faa61a32bd9 R08: ffffffffffffffff R09: 0000300000020000 [ 941.133531][T22760] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 941.133559][T22760] R13: 00007faa61c16218 R14: 00007faa61c16180 R15: 00007ffd65db9278 [ 941.133599][T22760] [ 941.554452][ T29] audit: type=1804 audit(1772117344.011:25): pid=22760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.5.5748" name="anon_hugepage" dev="hugetlbfs" ino=624326 res=0 errno=0 [ 943.444204][T22789] FAULT_INJECTION: forcing a failure. [ 943.444204][T22789] name failslab, interval 1, probability 0, space 0, times 0 [ 943.515551][T22789] CPU: 1 UID: 0 PID: 22789 Comm: syz.2.5757 Tainted: G U L syzkaller #0 PREEMPT(full) [ 943.515603][T22789] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 943.515615][T22789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 943.515634][T22789] Call Trace: [ 943.515644][T22789] [ 943.515656][T22789] dump_stack_lvl+0x100/0x190 [ 943.515705][T22789] should_fail_ex.cold+0x5/0xa [ 943.515740][T22789] should_failslab+0xc2/0x120 [ 943.515769][T22789] __kmalloc_cache_noprof+0x7a/0x6f0 [ 943.515806][T22789] ? madvise_collapse+0x1b5/0xbe0 [ 943.515847][T22789] madvise_collapse+0x1b5/0xbe0 [ 943.515887][T22789] ? find_held_lock+0x2b/0x80 [ 943.515914][T22789] ? finish_task_switch.isra.0+0x200/0xb80 [ 943.515946][T22789] ? __pfx_madvise_collapse+0x10/0x10 [ 943.515981][T22789] ? __pfx_rcu_is_watching+0x1/0x10 [ 943.516036][T22789] madvise_vma_behavior+0x1987/0x3050 [ 943.516095][T22789] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 943.516130][T22789] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 943.516170][T22789] ? mas_prev+0x9b/0xf0 [ 943.516203][T22789] ? __pfx_mas_prev+0x10/0x10 [ 943.516248][T22789] ? find_vma_prev+0xd8/0x150 [ 943.516276][T22789] ? futex_unqueue+0x133/0x2c0 [ 943.516311][T22789] ? __pfx_find_vma_prev+0x10/0x10 [ 943.516358][T22789] ? __futex_wait+0x256/0x300 [ 943.516410][T22789] madvise_walk_vmas+0x2fe/0xa90 [ 943.516451][T22789] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 943.516495][T22789] madvise_do_behavior+0x1ea/0x510 [ 943.516531][T22789] ? __pfx_madvise_do_behavior+0x10/0x10 [ 943.516565][T22789] ? down_read+0x13b/0x460 [ 943.516619][T22789] do_madvise+0x195/0x240 [ 943.516650][T22789] ? __pfx_do_madvise+0x10/0x10 [ 943.516681][T22789] ? do_futex+0x192/0x350 [ 943.516745][T22789] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 943.516789][T22789] __x64_sys_madvise+0xa9/0x110 [ 943.516820][T22789] ? lockdep_hardirqs_on+0x78/0x100 [ 943.516851][T22789] do_syscall_64+0x106/0xf80 [ 943.516882][T22789] ? clear_bhb_loop+0x40/0x90 [ 943.516918][T22789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 943.516948][T22789] RIP: 0033:0x7f6f46f9c799 [ 943.516971][T22789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 943.517001][T22789] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 943.517030][T22789] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 943.517050][T22789] RDX: 0000000000000019 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 943.517068][T22789] RBP: 00007f6f47032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 943.517086][T22789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 943.517104][T22789] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 943.517144][T22789] [ 945.280418][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805be4cc00: rx timeout, send abort [ 945.789700][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805be4cc00: abort rx timeout. Force session deactivation [ 946.054877][T22835] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5774'. [ 951.433950][T22944] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5815'. [ 951.492199][T22944] netlink: 13 bytes leftover after parsing attributes in process `syz.1.5815'. [ 951.535588][T22920] kexec: Could not allocate control_code_buffer [ 954.273027][T22978] kexec: Could not allocate control_code_buffer [ 955.528836][T23024] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5842'. [ 955.569361][T23024] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5842'. [ 955.610890][T23026] FAULT_INJECTION: forcing a failure. [ 955.610890][T23026] name failslab, interval 1, probability 0, space 0, times 0 [ 955.625941][T23026] CPU: 0 UID: 0 PID: 23026 Comm: syz.2.5837 Tainted: G U L syzkaller #0 PREEMPT(full) [ 955.625995][T23026] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 955.626008][T23026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 955.626027][T23026] Call Trace: [ 955.626037][T23026] [ 955.626049][T23026] dump_stack_lvl+0x100/0x190 [ 955.626100][T23026] should_fail_ex.cold+0x5/0xa [ 955.626135][T23026] ? ima_alloc_init_template+0x19d/0x6d0 [ 955.626177][T23026] should_failslab+0xc2/0x120 [ 955.626208][T23026] __kmalloc_noprof+0xe0/0x850 [ 955.626250][T23026] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 955.626304][T23026] ima_alloc_init_template+0x19d/0x6d0 [ 955.626348][T23026] ? take_dentry_name_snapshot+0x310/0x7c0 [ 955.626389][T23026] ima_store_measurement+0x1e3/0x5b0 [ 955.626428][T23026] ? __pfx_ima_store_measurement+0x10/0x10 [ 955.626480][T23026] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 955.626523][T23026] process_measurement+0x19cc/0x2350 [ 955.626571][T23026] ? stack_trace_save+0x8e/0xc0 [ 955.626600][T23026] ? __pfx_process_measurement+0x10/0x10 [ 955.626639][T23026] ? __lock_acquire+0x4a5/0x2630 [ 955.626675][T23026] ? __kasan_slab_alloc+0x89/0x90 [ 955.626717][T23026] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 955.626757][T23026] ? init_file+0x95/0x480 [ 955.626784][T23026] ? alloc_empty_file+0x73/0x1c0 [ 955.626816][T23026] ? alloc_file_pseudo+0x13a/0x230 [ 955.626847][T23026] ? ksys_mmap_pgoff+0x232/0x650 [ 955.626873][T23026] ? __x64_sys_mmap+0x125/0x190 [ 955.626908][T23026] ? do_syscall_64+0x106/0xf80 [ 955.626968][T23026] ? __pfx_aa_file_perm+0x10/0x10 [ 955.627008][T23026] ima_file_mmap+0x1c4/0x1f0 [ 955.627045][T23026] ? __pfx_ima_file_mmap+0x10/0x10 [ 955.627091][T23026] security_mmap_file+0x278/0x9b0 [ 955.627140][T23026] vm_mmap_pgoff+0xec/0x470 [ 955.627177][T23026] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 955.627205][T23026] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 955.627241][T23026] ? hugetlbfs_get_inode+0x36e/0x750 [ 955.627303][T23026] ksys_mmap_pgoff+0x273/0x650 [ 955.627332][T23026] ? __x64_sys_futex+0x358/0x4d0 [ 955.627371][T23026] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 955.627399][T23026] ? xfd_validate_state+0x129/0x190 [ 955.627444][T23026] __x64_sys_mmap+0x125/0x190 [ 955.627486][T23026] do_syscall_64+0x106/0xf80 [ 955.627516][T23026] ? clear_bhb_loop+0x40/0x90 [ 955.627553][T23026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 955.627583][T23026] RIP: 0033:0x7f6f46f9c799 [ 955.627607][T23026] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 955.627636][T23026] RSP: 002b:00007f6f47d83028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 955.627664][T23026] RAX: ffffffffffffffda RBX: 00007f6f47216180 RCX: 00007f6f46f9c799 [ 955.627685][T23026] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 955.627702][T23026] RBP: 00007f6f47032bd9 R08: ffffffffffffffff R09: 0000300000020000 [ 955.627722][T23026] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 955.627740][T23026] R13: 00007f6f47216218 R14: 00007f6f47216180 R15: 00007ffd79a0c218 [ 955.627779][T23026] [ 955.630110][T23024] netlink: 302 bytes leftover after parsing attributes in process `syz.4.5842'. [ 955.708119][T23029] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5843'. [ 955.711291][ T29] audit: type=1804 audit(1772117358.134:26): pid=23026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.5837" name="anon_hugepage" dev="hugetlbfs" ino=636708 res=0 errno=0 [ 956.318941][T23038] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5847'. [ 957.094325][T23052] [U] [ 957.426185][T23064] kvm_intel: kvm [23063]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xfffffffffffffffe [ 957.704230][T23067] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5857'. [ 960.835668][T23122] FAULT_INJECTION: forcing a failure. [ 960.835668][T23122] name failslab, interval 1, probability 0, space 0, times 0 [ 960.928929][T23124] FAULT_INJECTION: forcing a failure. [ 960.928929][T23124] name failslab, interval 1, probability 0, space 0, times 0 [ 960.963573][T23122] CPU: 1 UID: 0 PID: 23122 Comm: syz.4.5871 Tainted: G U L syzkaller #0 PREEMPT(full) [ 960.963624][T23122] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 960.963636][T23122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 960.963655][T23122] Call Trace: [ 960.963665][T23122] [ 960.963678][T23122] dump_stack_lvl+0x100/0x190 [ 960.963728][T23122] should_fail_ex.cold+0x5/0xa [ 960.963762][T23122] ? ima_write_template_field_data+0x59/0x1d0 [ 960.963792][T23122] should_failslab+0xc2/0x120 [ 960.963822][T23122] __kmalloc_noprof+0xe0/0x850 [ 960.963864][T23122] ? do_syscall_64+0x106/0xf80 [ 960.963895][T23122] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.963931][T23122] ima_write_template_field_data+0x59/0x1d0 [ 960.963969][T23122] ima_eventdigest_init_common+0x158/0x460 [ 960.964006][T23122] ? __pfx_ima_eventdigest_init_common+0x10/0x10 [ 960.964053][T23122] ? trace_kmalloc+0xb0/0x130 [ 960.964080][T23122] ? __kasan_kmalloc+0xaa/0xb0 [ 960.964122][T23122] ? __kmalloc_noprof+0x320/0x850 [ 960.964161][T23122] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 960.964209][T23122] ima_alloc_init_template+0x399/0x6d0 [ 960.964261][T23122] ima_store_measurement+0x1e3/0x5b0 [ 960.964307][T23122] ? __pfx_ima_store_measurement+0x10/0x10 [ 960.964365][T23122] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 960.964407][T23122] process_measurement+0x19cc/0x2350 [ 960.964456][T23122] ? stack_trace_save+0x8e/0xc0 [ 960.964485][T23122] ? __pfx_process_measurement+0x10/0x10 [ 960.964523][T23122] ? __lock_acquire+0x4a5/0x2630 [ 960.964566][T23122] ? __kasan_slab_alloc+0x89/0x90 [ 960.964609][T23122] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 960.964648][T23122] ? init_file+0x95/0x480 [ 960.964677][T23122] ? alloc_empty_file+0x73/0x1c0 [ 960.964708][T23122] ? alloc_file_pseudo+0x13a/0x230 [ 960.964741][T23122] ? ksys_mmap_pgoff+0x232/0x650 [ 960.964767][T23122] ? __x64_sys_mmap+0x125/0x190 [ 960.964806][T23122] ? do_syscall_64+0x106/0xf80 [ 960.964874][T23122] ? __pfx_aa_file_perm+0x10/0x10 [ 960.964917][T23122] ima_file_mmap+0x1c4/0x1f0 [ 960.964956][T23122] ? __pfx_ima_file_mmap+0x10/0x10 [ 960.965004][T23122] security_mmap_file+0x278/0x9b0 [ 960.965053][T23122] vm_mmap_pgoff+0xec/0x470 [ 960.965089][T23122] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 960.965117][T23122] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 960.965154][T23122] ? hugetlbfs_get_inode+0x36e/0x750 [ 960.965213][T23122] ksys_mmap_pgoff+0x273/0x650 [ 960.965243][T23122] ? __x64_sys_futex+0x358/0x4d0 [ 960.965282][T23122] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 960.965311][T23122] ? xfd_validate_state+0x129/0x190 [ 960.965359][T23122] __x64_sys_mmap+0x125/0x190 [ 960.965406][T23122] do_syscall_64+0x106/0xf80 [ 960.965436][T23122] ? clear_bhb_loop+0x40/0x90 [ 960.965473][T23122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.965503][T23122] RIP: 0033:0x7f5179f9c799 [ 960.965529][T23122] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 960.965565][T23122] RSP: 002b:00007f51781f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 960.965594][T23122] RAX: ffffffffffffffda RBX: 00007f517a216180 RCX: 00007f5179f9c799 [ 960.965614][T23122] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 960.965631][T23122] RBP: 00007f517a032bd9 R08: ffffffffffffffff R09: 0000300000020000 [ 960.965651][T23122] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 960.965669][T23122] R13: 00007f517a216218 R14: 00007f517a216180 R15: 00007fff647e2c28 [ 960.965717][T23122] [ 961.244353][T23124] CPU: 0 UID: 8 PID: 23124 Comm: syz.5.5874 Tainted: G U L syzkaller #0 PREEMPT(full) [ 961.244402][T23124] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 961.244414][T23124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 961.244432][T23124] Call Trace: [ 961.244441][T23124] [ 961.244453][T23124] dump_stack_lvl+0x100/0x190 [ 961.244502][T23124] should_fail_ex.cold+0x5/0xa [ 961.244535][T23124] should_failslab+0xc2/0x120 [ 961.244562][T23124] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 961.244606][T23124] ? key_alloc+0x423/0x1310 [ 961.244631][T23124] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 961.244676][T23124] kmemdup_noprof+0x29/0x60 [ 961.244718][T23124] key_alloc+0x423/0x1310 [ 961.244763][T23124] ? __pfx_key_alloc+0x10/0x10 [ 961.244789][T23124] ? __pfx_key_default_cmp+0x10/0x10 [ 961.244822][T23124] ? __pfx_keyring_search_iterator+0x10/0x10 [ 961.244858][T23124] keyring_alloc+0x44/0xc0 [ 961.244893][T23124] look_up_user_keyrings+0x465/0x790 [ 961.244943][T23124] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 961.244982][T23124] ? futex_wait+0x125/0x380 [ 961.245024][T23124] ? __pfx_futex_wait+0x10/0x10 [ 961.245074][T23124] lookup_user_key+0xbb1/0x1300 [ 961.245118][T23124] ? __pfx_lookup_user_key+0x10/0x10 [ 961.245170][T23124] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 961.245217][T23124] ? __x64_sys_futex+0x34f/0x4d0 [ 961.245252][T23124] ? __x64_sys_futex+0x358/0x4d0 [ 961.245295][T23124] keyctl_session_to_parent+0x28/0xae0 [ 961.245342][T23124] __do_sys_keyctl+0x2b1/0x5a0 [ 961.245382][T23124] do_syscall_64+0x106/0xf80 [ 961.245412][T23124] ? clear_bhb_loop+0x40/0x90 [ 961.245448][T23124] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 961.245477][T23124] RIP: 0033:0x7faa6199c799 [ 961.245501][T23124] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 961.245529][T23124] RSP: 002b:00007faa628e4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 961.245557][T23124] RAX: ffffffffffffffda RBX: 00007faa61c15fa0 RCX: 00007faa6199c799 [ 961.245577][T23124] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 961.245596][T23124] RBP: 00007faa61a32bd9 R08: 0000000000000001 R09: 0000000000000000 [ 961.245615][T23124] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 961.245634][T23124] R13: 00007faa61c16038 R14: 00007faa61c15fa0 R15: 00007ffd65db9278 [ 961.245673][T23124] [ 961.591681][ T29] audit: type=1804 audit(1772117364.091:27): pid=23122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.4.5871" name="anon_hugepage" dev="hugetlbfs" ino=640536 res=0 errno=0 [ 962.916608][T23152] netlink: 18 bytes leftover after parsing attributes in process `syz.1.5884'. [ 963.399781][T23166] netlink: 'syz.1.5889': attribute type 21 has an invalid length. [ 963.415775][T23166] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5889'. [ 963.512108][T23170] netlink: 338 bytes leftover after parsing attributes in process `syz.2.5890'. [ 968.576257][T23278] netlink: 186 bytes leftover after parsing attributes in process `syz.4.5929'. [ 968.622266][T23278] netlink: 186 bytes leftover after parsing attributes in process `syz.4.5929'. [ 972.388232][T23348] netlink: 244 bytes leftover after parsing attributes in process `syz.5.5950'. [ 972.712157][T23350] FAULT_INJECTION: forcing a failure. [ 972.712157][T23350] name failslab, interval 1, probability 0, space 0, times 0 [ 972.728029][T23350] CPU: 0 UID: 0 PID: 23350 Comm: syz.2.5951 Tainted: G U L syzkaller #0 PREEMPT(full) [ 972.728080][T23350] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 972.728092][T23350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 972.728110][T23350] Call Trace: [ 972.728121][T23350] [ 972.728133][T23350] dump_stack_lvl+0x100/0x190 [ 972.728181][T23350] should_fail_ex.cold+0x5/0xa [ 972.728216][T23350] should_failslab+0xc2/0x120 [ 972.728244][T23350] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 972.728285][T23350] ? mas_alloc_nodes+0x280/0x390 [ 972.728336][T23350] mas_alloc_nodes+0x280/0x390 [ 972.728385][T23350] mas_preallocate+0x39c/0xf10 [ 972.728425][T23350] ? __pfx_mas_preallocate+0x10/0x10 [ 972.728469][T23350] ? __asan_memset+0x23/0x50 [ 972.728504][T23350] ? init_multi_vma_prep+0x33c/0x650 [ 972.728542][T23350] commit_merge+0x3e3/0xbd0 [ 972.728581][T23350] ? __pfx_commit_merge+0x10/0x10 [ 972.728615][T23350] ? __pfx_free_pgtables+0x10/0x10 [ 972.728689][T23350] vma_expand+0x7df/0xcf0 [ 972.728733][T23350] ? __pfx_vma_expand+0x10/0x10 [ 972.728772][T23350] ? can_vma_merge_right+0xa5/0x530 [ 972.728818][T23350] vma_merge_new_range+0x2ce/0xa30 [ 972.728857][T23350] ? __sanitizer_cov_trace_const_cmp2+0x1/0x20 [ 972.728912][T23350] __mmap_region+0x900/0x29e0 [ 972.728954][T23350] ? update_cfs_rq_load_avg+0x51/0x550 [ 972.728987][T23350] ? __pfx___mmap_region+0x10/0x10 [ 972.729035][T23350] ? set_next_entity+0x11b/0x9c0 [ 972.729083][T23350] ? __lock_acquire+0x4a5/0x2630 [ 972.729118][T23350] ? find_held_lock+0x2b/0x80 [ 972.729160][T23350] ? find_held_lock+0x2b/0x80 [ 972.729185][T23350] ? finish_task_switch.isra.0+0x200/0xb80 [ 972.729216][T23350] ? finish_task_switch.isra.0+0x200/0xb80 [ 972.729261][T23350] ? trace_sched_exit_tp+0x13a/0x180 [ 972.729295][T23350] ? __schedule+0x1000/0x60e0 [ 972.729371][T23350] ? rcu_is_watching+0x12/0xc0 [ 972.729414][T23350] ? cap_capable+0x107/0x460 [ 972.729458][T23350] mmap_region+0x180/0x3e0 [ 972.729505][T23350] do_mmap+0xc63/0x12f0 [ 972.729543][T23350] ? __pfx_do_mmap+0x10/0x10 [ 972.729572][T23350] ? __pfx_down_write_killable+0x10/0x10 [ 972.729616][T23350] vm_mmap_pgoff+0x29e/0x470 [ 972.729650][T23350] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 972.729688][T23350] ? do_futex+0x192/0x350 [ 972.729727][T23350] ? __pfx_do_futex+0x10/0x10 [ 972.729770][T23350] ksys_mmap_pgoff+0xe1/0x650 [ 972.729799][T23350] ? __x64_sys_futex+0x34f/0x4d0 [ 972.729833][T23350] ? __x64_sys_futex+0x358/0x4d0 [ 972.729868][T23350] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 972.729900][T23350] ? xfd_validate_state+0x129/0x190 [ 972.729948][T23350] __x64_sys_mmap+0x125/0x190 [ 972.729995][T23350] do_syscall_64+0x106/0xf80 [ 972.730025][T23350] ? clear_bhb_loop+0x40/0x90 [ 972.730060][T23350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 972.730089][T23350] RIP: 0033:0x7f6f46f9c799 [ 972.730113][T23350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 972.730141][T23350] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 972.730170][T23350] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 972.730190][T23350] RDX: 00000000000000df RSI: 0000000000000005 RDI: 0000000000000000 [ 972.730207][T23350] RBP: 00007f6f47032bd9 R08: 0000000000000002 R09: 0000000000008000 [ 972.730225][T23350] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 972.730242][T23350] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 972.730278][T23350] [ 976.941541][T23410] mkiss: ax0: crc mode is auto. [ 977.583213][T23421] sp0: Synchronizing with TNC [ 979.256312][T23455] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5989'. [ 979.331034][T23455] netlink: 354 bytes leftover after parsing attributes in process `syz.1.5989'. [ 979.934728][T23472] netlink: 'syz.2.5995': attribute type 1 has an invalid length. [ 979.942788][T23472] netlink: 'syz.2.5995': attribute type 6 has an invalid length. [ 981.244792][T23495] FAULT_INJECTION: forcing a failure. [ 981.244792][T23495] name failslab, interval 1, probability 0, space 0, times 0 [ 981.294502][T23495] CPU: 0 UID: 0 PID: 23495 Comm: syz.4.6004 Tainted: G U L syzkaller #0 PREEMPT(full) [ 981.294556][T23495] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 981.294568][T23495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 981.294586][T23495] Call Trace: [ 981.294597][T23495] [ 981.294609][T23495] dump_stack_lvl+0x100/0x190 [ 981.294661][T23495] should_fail_ex.cold+0x5/0xa [ 981.294701][T23495] should_failslab+0xc2/0x120 [ 981.294731][T23495] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 981.294774][T23495] ? anon_vma_clone+0x2bd/0xc70 [ 981.294823][T23495] anon_vma_clone+0x2bd/0xc70 [ 981.294870][T23495] __split_vma+0x51f/0xd90 [ 981.294913][T23495] ? __pfx___split_vma+0x10/0x10 [ 981.294960][T23495] ? __pfx_mas_prev+0x10/0x10 [ 981.294994][T23495] ? __mm_populate+0x107/0x3a0 [ 981.295034][T23495] vms_gather_munmap_vmas+0x39f/0x1500 [ 981.295084][T23495] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 981.295127][T23495] ? mas_walk+0x6ef/0x9b0 [ 981.295166][T23495] __mmap_region+0x492/0x29e0 [ 981.295208][T23495] ? update_cfs_rq_load_avg+0x51/0x550 [ 981.295243][T23495] ? __pfx___mmap_region+0x10/0x10 [ 981.295286][T23495] ? __lock_acquire+0x4a5/0x2630 [ 981.295326][T23495] ? set_next_entity+0x11b/0x9c0 [ 981.295374][T23495] ? __lock_acquire+0x4a5/0x2630 [ 981.295410][T23495] ? find_held_lock+0x2b/0x80 [ 981.295436][T23495] ? trace_ignore_this_task+0xbc/0x100 [ 981.295477][T23495] ? trace_ignore_this_task+0xbc/0x100 [ 981.295527][T23495] ? lock_acquire+0x1cf/0x380 [ 981.295562][T23495] ? find_held_lock+0x2b/0x80 [ 981.295588][T23495] ? finish_task_switch.isra.0+0x200/0xb80 [ 981.295619][T23495] ? finish_task_switch.isra.0+0x200/0xb80 [ 981.295665][T23495] ? trace_sched_exit_tp+0x13a/0x180 [ 981.295700][T23495] ? __schedule+0x1000/0x60e0 [ 981.295778][T23495] ? rcu_is_watching+0x12/0xc0 [ 981.295829][T23495] ? cap_capable+0x107/0x460 [ 981.295874][T23495] mmap_region+0x180/0x3e0 [ 981.295924][T23495] do_mmap+0xc63/0x12f0 [ 981.295962][T23495] ? __pfx_do_mmap+0x10/0x10 [ 981.295993][T23495] ? __pfx_down_write_killable+0x10/0x10 [ 981.296039][T23495] vm_mmap_pgoff+0x29e/0x470 [ 981.296077][T23495] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 981.296111][T23495] ? do_futex+0x192/0x350 [ 981.296149][T23495] ? __pfx_do_futex+0x10/0x10 [ 981.296193][T23495] ksys_mmap_pgoff+0xe1/0x650 [ 981.296221][T23495] ? __x64_sys_futex+0x34f/0x4d0 [ 981.296260][T23495] ? __x64_sys_futex+0x358/0x4d0 [ 981.296299][T23495] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 981.296329][T23495] ? xfd_validate_state+0x129/0x190 [ 981.296377][T23495] __x64_sys_mmap+0x125/0x190 [ 981.296424][T23495] do_syscall_64+0x106/0xf80 [ 981.296455][T23495] ? clear_bhb_loop+0x40/0x90 [ 981.296491][T23495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.296522][T23495] RIP: 0033:0x7f5179f9c799 [ 981.296550][T23495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 981.296580][T23495] RSP: 002b:00007f517ad9b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 981.296609][T23495] RAX: ffffffffffffffda RBX: 00007f517a215fa0 RCX: 00007f5179f9c799 [ 981.296630][T23495] RDX: 00000000000000df RSI: 0000000000000005 RDI: 0000000000000000 [ 981.296648][T23495] RBP: 00007f517a032bd9 R08: 0000000000000002 R09: 0000000000008000 [ 981.296667][T23495] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 981.296685][T23495] R13: 00007f517a216038 R14: 00007f517a215fa0 R15: 00007fff647e2c28 [ 981.296724][T23495] [ 983.710794][T23528] mkiss: ax0: crc mode is auto. [ 984.233150][T23541] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6018'. [ 984.272155][T23541] team0 (unregistering): Port device team_slave_0 removed [ 984.294651][T23541] team0 (unregistering): Port device team_slave_1 removed [ 984.298141][T23537] netlink: 266 bytes leftover after parsing attributes in process `syz.5.6016'. [ 984.314831][T23537] IPv6: NLM_F_CREATE should be specified when creating new route [ 984.520861][T23548] netlink: 146 bytes leftover after parsing attributes in process `syz.5.6021'. [ 986.043693][T23583] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6029'. [ 986.509226][T23590] netlink: 146 bytes leftover after parsing attributes in process `syz.4.6032'. [ 988.812514][T23620] netlink: 266 bytes leftover after parsing attributes in process `syz.2.6044'. [ 988.837545][T23620] IPv6: NLM_F_CREATE should be specified when creating new route [ 991.334142][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802a4bd400: rx timeout, send abort [ 991.342628][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802a4bdc00: rx timeout, send abort [ 991.351366][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802a4bd400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 991.365875][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802a4bdc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 993.234505][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.242262][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.815248][T23702] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6068'. [ 994.388446][T23713] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6072'. [ 994.798658][T23727] netlink: 202 bytes leftover after parsing attributes in process `syz.2.6077'. [ 995.485838][T23744] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6083'. [ 998.429399][T23765] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 999.069793][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805b4d7800: rx timeout, send abort [ 999.078232][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805b4d7c00: rx timeout, send abort [ 999.086903][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805b4d7800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 999.101371][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805b4d7c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 999.351871][T23786] netlink: 202 bytes leftover after parsing attributes in process `syz.1.6097'. [ 1000.461648][T23803] netlink: 266 bytes leftover after parsing attributes in process `syz.5.6103'. [ 1001.808319][T23822] netlink: 338 bytes leftover after parsing attributes in process `syz.4.6109'. [ 1001.858900][T23822] netlink: 338 bytes leftover after parsing attributes in process `syz.4.6109'. [ 1001.893366][T23822] netlink: 170 bytes leftover after parsing attributes in process `syz.4.6109'. [ 1002.176405][T23827] netlink: 326 bytes leftover after parsing attributes in process `syz.4.6111'. [ 1002.582189][T23831] netlink: 'syz.5.6113': attribute type 27 has an invalid length. [ 1002.590419][T23831] netlink: 'syz.5.6113': attribute type 28 has an invalid length. [ 1002.600153][T23831] netlink: 'syz.5.6113': attribute type 29 has an invalid length. [ 1002.610262][T23831] netlink: 'syz.5.6113': attribute type 30 has an invalid length. [ 1002.620147][T23831] netlink: 'syz.5.6113': attribute type 31 has an invalid length. [ 1002.628431][T23831] netlink: 'syz.5.6113': attribute type 32 has an invalid length. [ 1002.660598][T23831] netlink: 'syz.5.6113': attribute type 33 has an invalid length. [ 1002.686716][T23831] netlink: 'syz.5.6113': attribute type 35 has an invalid length. [ 1002.723980][T23831] netlink: 'syz.5.6113': attribute type 37 has an invalid length. [ 1002.748621][T23831] netlink: 18 bytes leftover after parsing attributes in process `syz.5.6113'. [ 1002.973274][T23834] FAULT_INJECTION: forcing a failure. [ 1002.973274][T23834] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1003.020337][T23834] CPU: 1 UID: 0 PID: 23834 Comm: syz.4.6122 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1003.020397][T23834] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1003.020410][T23834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1003.020427][T23834] Call Trace: [ 1003.020437][T23834] [ 1003.020450][T23834] dump_stack_lvl+0x100/0x190 [ 1003.020500][T23834] should_fail_ex.cold+0x5/0xa [ 1003.020533][T23834] ? prepare_alloc_pages+0x16d/0x5f0 [ 1003.020568][T23834] should_fail_alloc_page+0xeb/0x140 [ 1003.020599][T23834] prepare_alloc_pages+0x1f0/0x5f0 [ 1003.020636][T23834] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1003.020677][T23834] ? rcu_is_watching+0x12/0xc0 [ 1003.020724][T23834] ? trace_mm_page_alloc+0x17a/0x1d0 [ 1003.020757][T23834] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 1003.020799][T23834] ? vhost_dev_set_owner+0x190/0xa30 [ 1003.020830][T23834] ? stack_trace_save+0x8e/0xc0 [ 1003.020858][T23834] ? __pfx_stack_trace_save+0x10/0x10 [ 1003.020887][T23834] ? stack_depot_save_flags+0x27/0x9d0 [ 1003.020933][T23834] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1003.020981][T23834] ? vhost_dev_set_owner+0x190/0xa30 [ 1003.021013][T23834] ? kasan_save_stack+0x3f/0x50 [ 1003.021054][T23834] ? kasan_save_stack+0x30/0x50 [ 1003.021092][T23834] ? kasan_save_track+0x14/0x30 [ 1003.021133][T23834] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1003.021174][T23834] ? vhost_dev_ioctl+0x521/0xe20 [ 1003.021206][T23834] ? vhost_vsock_dev_ioctl+0x320/0xb60 [ 1003.021255][T23834] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1003.021305][T23834] ? policy_nodemask+0xed/0x4f0 [ 1003.021335][T23834] alloc_pages_mpol+0x1fb/0x550 [ 1003.021366][T23834] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1003.021404][T23834] ? find_held_lock+0x2b/0x80 [ 1003.021431][T23834] ? rcu_read_unlock+0x17/0x60 [ 1003.021463][T23834] ? vhost_dev_set_owner+0x330/0xa30 [ 1003.021494][T23834] ___kmalloc_large_node+0x104/0x150 [ 1003.021530][T23834] __kmalloc_large_node_noprof+0x1c/0x70 [ 1003.021564][T23834] __kmalloc_noprof+0x5be/0x850 [ 1003.021611][T23834] vhost_dev_set_owner+0x330/0xa30 [ 1003.021656][T23834] vhost_dev_ioctl+0x521/0xe20 [ 1003.021692][T23834] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1003.021742][T23834] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 1003.021794][T23834] vhost_vsock_dev_ioctl+0x320/0xb60 [ 1003.021828][T23834] ? __fget_files+0x215/0x3d0 [ 1003.021865][T23834] ? hook_file_ioctl_common+0x146/0x410 [ 1003.021909][T23834] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 1003.021948][T23834] ? __fget_files+0x21f/0x3d0 [ 1003.021992][T23834] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 1003.022032][T23834] __x64_sys_ioctl+0x18e/0x210 [ 1003.022075][T23834] do_syscall_64+0x106/0xf80 [ 1003.022106][T23834] ? clear_bhb_loop+0x40/0x90 [ 1003.022143][T23834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1003.022173][T23834] RIP: 0033:0x7f5179f9c799 [ 1003.022197][T23834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1003.022232][T23834] RSP: 002b:00007f517ad9b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1003.022260][T23834] RAX: ffffffffffffffda RBX: 00007f517a215fa0 RCX: 00007f5179f9c799 [ 1003.022281][T23834] RDX: 0000000000000000 RSI: 000000000000af01 RDI: 0000000000000003 [ 1003.022300][T23834] RBP: 00007f517a032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1003.022318][T23834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1003.022336][T23834] R13: 00007f517a216038 R14: 00007f517a215fa0 R15: 00007fff647e2c28 [ 1003.022375][T23834] [ 1003.609075][ C1] vcan0: j1939_tp_rxtimer: 0xffff88806948bc00: rx timeout, send abort [ 1003.617469][ C1] vcan0: j1939_tp_rxtimer: 0xffff888032cf7000: rx timeout, send abort [ 1003.630467][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88806948bc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1003.644974][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888032cf7000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1004.127643][T23853] netlink: 266 bytes leftover after parsing attributes in process `syz.2.6120'. [ 1004.370023][T23859] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6123'. [ 1006.418106][T23885] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6131'. [ 1007.108192][T23893] netlink: 17 bytes leftover after parsing attributes in process `syz.2.6133'. [ 1008.502666][T23901] FAULT_INJECTION: forcing a failure. [ 1008.502666][T23901] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1008.549072][T23901] CPU: 1 UID: 0 PID: 23901 Comm: syz.2.6138 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1008.549123][T23901] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1008.549136][T23901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1008.549154][T23901] Call Trace: [ 1008.549164][T23901] [ 1008.549176][T23901] dump_stack_lvl+0x100/0x190 [ 1008.549227][T23901] should_fail_ex.cold+0x5/0xa [ 1008.549254][T23901] ? prepare_alloc_pages+0x16d/0x5f0 [ 1008.549291][T23901] should_fail_alloc_page+0xeb/0x140 [ 1008.549323][T23901] prepare_alloc_pages+0x1f0/0x5f0 [ 1008.549359][T23901] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1008.549403][T23901] ? rcu_is_watching+0x12/0xc0 [ 1008.549445][T23901] ? trace_mm_page_alloc+0x17a/0x1d0 [ 1008.549478][T23901] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 1008.549520][T23901] ? vhost_dev_set_owner+0x190/0xa30 [ 1008.549554][T23901] ? stack_trace_save+0x8e/0xc0 [ 1008.549581][T23901] ? __pfx_stack_trace_save+0x10/0x10 [ 1008.549611][T23901] ? stack_depot_save_flags+0x27/0x9d0 [ 1008.549659][T23901] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1008.549707][T23901] ? vhost_dev_set_owner+0x190/0xa30 [ 1008.549765][T23901] ? kasan_save_stack+0x3f/0x50 [ 1008.549805][T23901] ? kasan_save_stack+0x30/0x50 [ 1008.549843][T23901] ? kasan_save_track+0x14/0x30 [ 1008.549897][T23901] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1008.549939][T23901] ? vhost_dev_ioctl+0x521/0xe20 [ 1008.549973][T23901] ? vhost_vsock_dev_ioctl+0x320/0xb60 [ 1008.550024][T23901] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1008.550074][T23901] ? policy_nodemask+0xed/0x4f0 [ 1008.550104][T23901] alloc_pages_mpol+0x1fb/0x550 [ 1008.550134][T23901] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1008.550163][T23901] ? find_held_lock+0x2b/0x80 [ 1008.550190][T23901] ? rcu_read_unlock+0x17/0x60 [ 1008.550223][T23901] ? vhost_dev_set_owner+0x330/0xa30 [ 1008.550254][T23901] ___kmalloc_large_node+0x104/0x150 [ 1008.550290][T23901] __kmalloc_large_node_noprof+0x1c/0x70 [ 1008.550326][T23901] __kmalloc_noprof+0x5be/0x850 [ 1008.550372][T23901] vhost_dev_set_owner+0x330/0xa30 [ 1008.550417][T23901] vhost_dev_ioctl+0x521/0xe20 [ 1008.550453][T23901] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1008.550503][T23901] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 1008.550555][T23901] vhost_vsock_dev_ioctl+0x320/0xb60 [ 1008.550591][T23901] ? __fget_files+0x215/0x3d0 [ 1008.550631][T23901] ? hook_file_ioctl_common+0x146/0x410 [ 1008.550676][T23901] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 1008.550718][T23901] ? __fget_files+0x21f/0x3d0 [ 1008.550765][T23901] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 1008.550806][T23901] __x64_sys_ioctl+0x18e/0x210 [ 1008.550849][T23901] do_syscall_64+0x106/0xf80 [ 1008.550892][T23901] ? clear_bhb_loop+0x40/0x90 [ 1008.550930][T23901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1008.550961][T23901] RIP: 0033:0x7f6f46f9c799 [ 1008.550986][T23901] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1008.551016][T23901] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1008.551044][T23901] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 1008.551063][T23901] RDX: 0000000000000000 RSI: 000000000000af01 RDI: 0000000000000003 [ 1008.551081][T23901] RBP: 00007f6f47032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1008.551098][T23901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1008.551114][T23901] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 1008.551154][T23901] [ 1009.214488][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807aa0a000: rx timeout, send abort [ 1009.222955][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807aa09800: rx timeout, send abort [ 1009.231463][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88807aa0a000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1009.245890][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88807aa09800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1009.926454][T23920] zswap: compressor not available [ 1012.105582][T23976] random: crng reseeded on system resumption [ 1012.145475][T23976] Restarting kernel threads ... [ 1012.158068][T23976] Done restarting kernel threads. [ 1012.197354][T23976] sp0: Synchronizing with TNC [ 1012.493663][ T29] audit: type=1800 audit(1772117414.975:28): pid=23981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6166" name="members" dev="configfs" ino=681905 res=0 errno=0 [ 1014.190993][T24011] random: crng reseeded on system resumption [ 1014.323225][T24011] sp0: Synchronizing with TNC [ 1014.376960][T24016] netlink: 25 bytes leftover after parsing attributes in process `syz.1.6185'. [ 1016.094975][T24040] FAULT_INJECTION: forcing a failure. [ 1016.094975][T24040] name failslab, interval 1, probability 0, space 0, times 0 [ 1016.114484][T24040] CPU: 1 UID: 0 PID: 24040 Comm: syz.2.6183 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1016.114542][T24040] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1016.114555][T24040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1016.114577][T24040] Call Trace: [ 1016.114587][T24040] [ 1016.114599][T24040] dump_stack_lvl+0x100/0x190 [ 1016.114651][T24040] should_fail_ex.cold+0x5/0xa [ 1016.114688][T24040] should_failslab+0xc2/0x120 [ 1016.114718][T24040] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1016.114760][T24040] ? dst_alloc+0x99/0x1a0 [ 1016.114809][T24040] ? __pfx_ip6_dst_gc+0x10/0x10 [ 1016.114857][T24040] dst_alloc+0x99/0x1a0 [ 1016.114907][T24040] ip6_rt_cache_alloc+0x1ea/0x8e0 [ 1016.114948][T24040] ? __pfx_ip6_rt_cache_alloc+0x10/0x10 [ 1016.114996][T24040] ip6_pol_route+0xd59/0x1230 [ 1016.115039][T24040] ? __pfx_ip6_pol_route+0x10/0x10 [ 1016.115081][T24040] ? __lock_acquire+0x4a5/0x2630 [ 1016.115133][T24040] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 1016.115183][T24040] fib6_rule_action+0x2e9/0x910 [ 1016.115222][T24040] ? __pfx_fib6_rule_action+0x10/0x10 [ 1016.115260][T24040] fib_rules_lookup+0x418/0x1080 [ 1016.115301][T24040] ? __pfx_fib_rules_lookup+0x10/0x10 [ 1016.115340][T24040] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 1016.115385][T24040] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 1016.115423][T24040] fib6_rule_lookup+0x18b/0x720 [ 1016.115464][T24040] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 1016.115508][T24040] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 1016.115554][T24040] ? __pfx_fib6_node_lookup+0x10/0x10 [ 1016.115601][T24040] ip6_route_output_flags+0x1d0/0x650 [ 1016.115641][T24040] ip6_dst_lookup_tail.constprop.0+0x116/0x2110 [ 1016.115689][T24040] ? __rt6_find_exception_rcu+0x2cb/0x3c0 [ 1016.115724][T24040] ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10 [ 1016.115772][T24040] ? __lock_acquire+0x4a5/0x2630 [ 1016.115808][T24040] ? find_held_lock+0x2b/0x80 [ 1016.115834][T24040] ? ip6_pol_route+0x28f/0x1230 [ 1016.115872][T24040] ? ip6_pol_route+0x28f/0x1230 [ 1016.115911][T24040] ? __local_bh_enable_ip+0x9e/0x120 [ 1016.115949][T24040] ip6_dst_lookup_flow+0x99/0x1d0 [ 1016.115990][T24040] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 1016.116028][T24040] ? find_held_lock+0x2b/0x80 [ 1016.116053][T24040] ? rawv6_sendmsg+0xb3c/0x4750 [ 1016.116086][T24040] ? rawv6_sendmsg+0xb3c/0x4750 [ 1016.116125][T24040] rawv6_sendmsg+0xe61/0x4750 [ 1016.116171][T24040] ? aa_profile_af_perm+0x331/0x3a0 [ 1016.116224][T24040] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1016.116267][T24040] ? trace_ignore_this_task+0xbc/0x100 [ 1016.116301][T24040] ? trace_ignore_this_task+0xbc/0x100 [ 1016.116341][T24040] ? __import_iovec+0x1d2/0x640 [ 1016.116365][T24040] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1016.116384][T24040] ? inet_sendmsg+0x11c/0x140 [ 1016.116405][T24040] inet_sendmsg+0x11c/0x140 [ 1016.116429][T24040] ____sys_sendmsg+0x9ad/0xc30 [ 1016.116452][T24040] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1016.116476][T24040] ? futex_unqueue+0x133/0x2c0 [ 1016.116498][T24040] ___sys_sendmsg+0x190/0x1e0 [ 1016.116521][T24040] ? __pfx____sys_sendmsg+0x10/0x10 [ 1016.116542][T24040] ? __pfx___futex_wait+0x10/0x10 [ 1016.116572][T24040] ? find_held_lock+0x2b/0x80 [ 1016.116598][T24040] __sys_sendmmsg+0x205/0x430 [ 1016.116617][T24040] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1016.116640][T24040] ? __pfx_do_futex+0x10/0x10 [ 1016.116668][T24040] ? xfd_validate_state+0x129/0x190 [ 1016.116694][T24040] __x64_sys_sendmmsg+0x9c/0x100 [ 1016.116711][T24040] ? lockdep_hardirqs_on+0x78/0x100 [ 1016.116728][T24040] do_syscall_64+0x106/0xf80 [ 1016.116744][T24040] ? clear_bhb_loop+0x40/0x90 [ 1016.116763][T24040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1016.116779][T24040] RIP: 0033:0x7f6f46f9c799 [ 1016.116793][T24040] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1016.116808][T24040] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1016.116824][T24040] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 1016.116835][T24040] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1016.116844][T24040] RBP: 00007f6f47032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1016.116854][T24040] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000000 [ 1016.116864][T24040] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 1016.116885][T24040] [ 1018.126549][T24057] zswap: compressor not available [ 1018.332201][T24063] FAULT_INJECTION: forcing a failure. [ 1018.332201][T24063] name failslab, interval 1, probability 0, space 0, times 0 [ 1018.398761][T24063] CPU: 0 UID: 0 PID: 24063 Comm: syz.2.6197 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1018.398813][T24063] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1018.398834][T24063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1018.398851][T24063] Call Trace: [ 1018.398861][T24063] [ 1018.398873][T24063] dump_stack_lvl+0x100/0x190 [ 1018.398924][T24063] should_fail_ex.cold+0x5/0xa [ 1018.398966][T24063] ? sk_prot_alloc+0x10b/0x2a0 [ 1018.399003][T24063] should_failslab+0xc2/0x120 [ 1018.399031][T24063] __kmalloc_noprof+0xe0/0x850 [ 1018.399071][T24063] ? lockdep_init_map_type+0x5c/0x250 [ 1018.399115][T24063] sk_prot_alloc+0x10b/0x2a0 [ 1018.399154][T24063] sk_alloc+0x36/0xe80 [ 1018.399183][T24063] pppoe_create+0x32/0x360 [ 1018.399226][T24063] pppox_create+0x15c/0x2c0 [ 1018.399270][T24063] __sock_create+0x339/0x860 [ 1018.399316][T24063] __sys_socket+0x14d/0x260 [ 1018.399358][T24063] ? __pfx___sys_socket+0x10/0x10 [ 1018.399411][T24063] __x64_sys_socket+0x72/0xb0 [ 1018.399452][T24063] ? lockdep_hardirqs_on+0x78/0x100 [ 1018.399484][T24063] do_syscall_64+0x106/0xf80 [ 1018.399515][T24063] ? clear_bhb_loop+0x40/0x90 [ 1018.399550][T24063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.399580][T24063] RIP: 0033:0x7f6f46f9c799 [ 1018.399603][T24063] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1018.399630][T24063] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1018.399658][T24063] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 1018.399679][T24063] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000018 [ 1018.399696][T24063] RBP: 00007f6f47032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1018.399714][T24063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1018.399730][T24063] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 1018.399768][T24063] [ 1019.239114][T24075] random: crng reseeded on system resumption [ 1019.303940][T24075] Restarting kernel threads ... [ 1019.319891][T24075] Done restarting kernel threads. [ 1019.468614][T24075] sp0: Synchronizing with TNC [ 1019.890474][T24084] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6203'. [ 1020.603424][T24102] FAULT_INJECTION: forcing a failure. [ 1020.603424][T24102] name failslab, interval 1, probability 0, space 0, times 0 [ 1020.645412][T24102] CPU: 1 UID: 0 PID: 24102 Comm: syz.4.6200 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1020.645462][T24102] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1020.645473][T24102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1020.645492][T24102] Call Trace: [ 1020.645501][T24102] [ 1020.645513][T24102] dump_stack_lvl+0x100/0x190 [ 1020.645562][T24102] should_fail_ex.cold+0x5/0xa [ 1020.645596][T24102] ? sk_prot_alloc+0x10b/0x2a0 [ 1020.645633][T24102] should_failslab+0xc2/0x120 [ 1020.645662][T24102] __kmalloc_noprof+0xe0/0x850 [ 1020.645702][T24102] ? lockdep_init_map_type+0x5c/0x250 [ 1020.645744][T24102] sk_prot_alloc+0x10b/0x2a0 [ 1020.645785][T24102] sk_alloc+0x36/0xe80 [ 1020.645816][T24102] pppoe_create+0x32/0x360 [ 1020.645862][T24102] pppox_create+0x15c/0x2c0 [ 1020.645907][T24102] __sock_create+0x339/0x860 [ 1020.645963][T24102] __sys_socket+0x14d/0x260 [ 1020.646004][T24102] ? __pfx___sys_socket+0x10/0x10 [ 1020.646057][T24102] __x64_sys_socket+0x72/0xb0 [ 1020.646097][T24102] ? lockdep_hardirqs_on+0x78/0x100 [ 1020.646131][T24102] do_syscall_64+0x106/0xf80 [ 1020.646161][T24102] ? clear_bhb_loop+0x40/0x90 [ 1020.646197][T24102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1020.646227][T24102] RIP: 0033:0x7f5179f9c799 [ 1020.646251][T24102] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1020.646279][T24102] RSP: 002b:00007f517ad9b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1020.646307][T24102] RAX: ffffffffffffffda RBX: 00007f517a215fa0 RCX: 00007f5179f9c799 [ 1020.646326][T24102] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000018 [ 1020.646342][T24102] RBP: 00007f517a032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1020.646359][T24102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1020.646377][T24102] R13: 00007f517a216038 R14: 00007f517a215fa0 R15: 00007fff647e2c28 [ 1020.646415][T24102] [ 1023.340049][T24151] netlink: 266 bytes leftover after parsing attributes in process `syz.2.6218'. [ 1023.677156][T24157] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 1024.059465][ T51] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 1024.557070][T24177] zswap: compressor not available [ 1025.876912][T24199] FAULT_INJECTION: forcing a failure. [ 1025.876912][T24199] name failslab, interval 1, probability 0, space 0, times 0 [ 1025.926591][ T29] audit: type=1800 audit(1772117428.379:29): pid=24191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6238" name="trace_marker" dev="tracefs" ino=3203 res=0 errno=0 [ 1025.956705][T24199] CPU: 1 UID: 0 PID: 24199 Comm: syz.5.6231 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1025.956756][T24199] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1025.956767][T24199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1025.956783][T24199] Call Trace: [ 1025.956792][T24199] [ 1025.956802][T24199] dump_stack_lvl+0x100/0x190 [ 1025.956848][T24199] should_fail_ex.cold+0x5/0xa [ 1025.956879][T24199] ? tomoyo_encode2+0xfb/0x3c0 [ 1025.956903][T24199] should_failslab+0xc2/0x120 [ 1025.956929][T24199] __kmalloc_noprof+0xe0/0x850 [ 1025.956973][T24199] tomoyo_encode2+0xfb/0x3c0 [ 1025.957003][T24199] tomoyo_encode+0x29/0x50 [ 1025.957027][T24199] tomoyo_mount_acl+0x388/0x8b0 [ 1025.957067][T24199] ? is_bpf_text_address+0x8a/0x1a0 [ 1025.957104][T24199] ? bpf_ksym_find+0x124/0x1c0 [ 1025.957138][T24199] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 1025.957186][T24199] ? kernel_text_address+0x8d/0x100 [ 1025.957227][T24199] ? unwind_get_return_address+0x59/0xa0 [ 1025.957287][T24199] ? tomoyo_domain+0xb2/0x150 [ 1025.957317][T24199] ? tomoyo_profile+0x47/0x60 [ 1025.957349][T24199] tomoyo_mount_permission+0x214/0x460 [ 1025.957389][T24199] ? tomoyo_mount_permission+0x1f6/0x460 [ 1025.957431][T24199] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 1025.957491][T24199] security_sb_mount+0xdd/0x270 [ 1025.957527][T24199] path_mount+0x158/0x23d0 [ 1025.957560][T24199] ? __pfx_path_mount+0x10/0x10 [ 1025.957584][T24199] ? lockdep_hardirqs_on+0x78/0x100 [ 1025.957616][T24199] ? putname+0xb1/0x110 [ 1025.957639][T24199] ? kmem_cache_free+0x124/0x6a0 [ 1025.957681][T24199] ? __x64_sys_mount+0x293/0x310 [ 1025.957707][T24199] __x64_sys_mount+0x293/0x310 [ 1025.957739][T24199] ? __pfx___x64_sys_mount+0x10/0x10 [ 1025.957776][T24199] do_syscall_64+0x106/0xf80 [ 1025.957803][T24199] ? clear_bhb_loop+0x40/0x90 [ 1025.957836][T24199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1025.957863][T24199] RIP: 0033:0x7faa6199c799 [ 1025.957885][T24199] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1025.957911][T24199] RSP: 002b:00007faa628e4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1025.957936][T24199] RAX: ffffffffffffffda RBX: 00007faa61c15fa0 RCX: 00007faa6199c799 [ 1025.957954][T24199] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 0000000000000000 [ 1025.957971][T24199] RBP: 00007faa61a32bd9 R08: 0000200000001580 R09: 0000000000000000 [ 1025.957989][T24199] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000 [ 1025.958003][T24199] R13: 00007faa61c16038 R14: 00007faa61c15fa0 R15: 00007ffd65db9278 [ 1025.958038][T24199] [ 1027.677021][T24225] zswap: compressor not available [ 1031.347308][T24306] zswap: compressor not available [ 1032.220482][T24331] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 1032.324164][T24331] CIFS mount error: No usable UNC path provided in device string! [ 1032.324164][T24331] [ 1032.337791][T24331] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1033.251765][ T5827] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18 [ 1035.871750][T24422] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6293'. [ 1036.005448][T24422] netlink: 302 bytes leftover after parsing attributes in process `syz.2.6293'. [ 1036.648533][ T51] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1037.660698][T24459] netlink: 'syz.2.6300': attribute type 21 has an invalid length. [ 1037.669942][T24459] netlink: 326 bytes leftover after parsing attributes in process `syz.2.6300'. [ 1037.939035][T24465] vivid-007: ================= START STATUS ================= [ 1037.989125][T24465] vivid-007: Generate PTS: true [ 1038.032637][T24465] vivid-007: Generate SCR: true [ 1038.037573][T24465] tpg source WxH: 320x240 (Y'CbCr) [ 1038.075632][T24465] tpg field: 1 [ 1038.112739][T24465] tpg crop: (0,0)/320x240 [ 1038.117138][T24465] tpg compose: (0,0)/320x240 [ 1038.121744][T24465] tpg colorspace: 8 [ 1038.233221][T24465] tpg transfer function: 0/0 [ 1038.243273][T24465] tpg Y'CbCr encoding: 0/0 [ 1038.252919][T24465] tpg quantization: 0/0 [ 1038.289118][T24465] tpg RGB range: 0/2 [ 1038.293664][T24465] vivid-007: ================== END STATUS ================== [ 1038.684734][T24488] usb usb15: usbfs: process 24488 (syz.1.6308) did not claim interface 0 before use [ 1040.112784][T24520] vivid-007: ================= START STATUS ================= [ 1040.143299][T24520] vivid-007: Generate PTS: true [ 1040.176462][T24520] vivid-007: Generate SCR: true [ 1040.181398][T24520] tpg source WxH: 320x240 (Y'CbCr) [ 1040.223290][T24520] tpg field: 1 [ 1040.227066][T24520] tpg crop: (0,0)/320x240 [ 1040.238336][T24520] tpg compose: (0,0)/320x240 [ 1040.242977][T24520] tpg colorspace: 8 [ 1040.247334][T24520] tpg transfer function: 0/0 [ 1040.273846][T24520] tpg Y'CbCr encoding: 0/0 [ 1040.300948][T24520] tpg quantization: 0/0 [ 1040.326180][T24520] tpg RGB range: 0/2 [ 1040.334698][ T51] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 1040.341120][T24520] vivid-007: ================== END STATUS ================== [ 1040.501154][T24526] FAULT_INJECTION: forcing a failure. [ 1040.501154][T24526] name failslab, interval 1, probability 0, space 0, times 0 [ 1040.518048][T24526] CPU: 1 UID: 0 PID: 24526 Comm: syz.4.6319 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1040.518100][T24526] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1040.518111][T24526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1040.518129][T24526] Call Trace: [ 1040.518138][T24526] [ 1040.518149][T24526] dump_stack_lvl+0x100/0x190 [ 1040.518198][T24526] should_fail_ex.cold+0x5/0xa [ 1040.518231][T24526] should_failslab+0xc2/0x120 [ 1040.518260][T24526] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1040.518299][T24526] ? vm_area_alloc+0x1f/0x160 [ 1040.518333][T24526] ? vma_merge_new_range+0x38b/0xa30 [ 1040.518369][T24526] ? __pfx___sanitizer_cov_trace_const_cmp2+0x10/0x10 [ 1040.518423][T24526] vm_area_alloc+0x1f/0x160 [ 1040.518458][T24526] __mmap_region+0x10cc/0x29e0 [ 1040.518501][T24526] ? __pfx___mmap_region+0x10/0x10 [ 1040.518546][T24526] ? set_next_entity+0x11b/0x9c0 [ 1040.518595][T24526] ? __lock_acquire+0x4a5/0x2630 [ 1040.518630][T24526] ? find_held_lock+0x2b/0x80 [ 1040.518669][T24526] ? find_held_lock+0x2b/0x80 [ 1040.518707][T24526] ? finish_task_switch.isra.0+0x200/0xb80 [ 1040.518739][T24526] ? finish_task_switch.isra.0+0x200/0xb80 [ 1040.518791][T24526] ? trace_sched_exit_tp+0x13a/0x180 [ 1040.518831][T24526] ? __schedule+0x1000/0x60e0 [ 1040.518905][T24526] ? rcu_is_watching+0x12/0xc0 [ 1040.518948][T24526] ? cap_capable+0x107/0x460 [ 1040.518990][T24526] mmap_region+0x180/0x3e0 [ 1040.519037][T24526] do_mmap+0xc63/0x12f0 [ 1040.519072][T24526] ? __pfx_do_mmap+0x10/0x10 [ 1040.519102][T24526] ? __pfx_down_write_killable+0x10/0x10 [ 1040.519146][T24526] vm_mmap_pgoff+0x29e/0x470 [ 1040.519185][T24526] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1040.519218][T24526] ? do_futex+0x192/0x350 [ 1040.519254][T24526] ? __pfx_do_futex+0x10/0x10 [ 1040.519287][T24526] ? do_sock_setsockopt+0x101/0x1d0 [ 1040.519324][T24526] ? rcu_is_watching+0x12/0xc0 [ 1040.519372][T24526] ksys_mmap_pgoff+0xe1/0x650 [ 1040.519401][T24526] ? __x64_sys_futex+0x34f/0x4d0 [ 1040.519434][T24526] ? __x64_sys_futex+0x358/0x4d0 [ 1040.519471][T24526] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1040.519499][T24526] ? xfd_validate_state+0x129/0x190 [ 1040.519547][T24526] __x64_sys_mmap+0x125/0x190 [ 1040.519594][T24526] do_syscall_64+0x106/0xf80 [ 1040.519624][T24526] ? clear_bhb_loop+0x40/0x90 [ 1040.519660][T24526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.519691][T24526] RIP: 0033:0x7f5179f9c799 [ 1040.519716][T24526] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1040.519745][T24526] RSP: 002b:00007f517ad9b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1040.519782][T24526] RAX: ffffffffffffffda RBX: 00007f517a215fa0 RCX: 00007f5179f9c799 [ 1040.519801][T24526] RDX: 0000000000000007 RSI: 0000000002020009 RDI: 0000000000000000 [ 1040.519819][T24526] RBP: 00007f517a032bd9 R08: fffffffffffffffa R09: 0000000000008000 [ 1040.519839][T24526] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1040.519857][T24526] R13: 00007f517a216038 R14: 00007f517a215fa0 R15: 00007fff647e2c28 [ 1040.519896][T24526] [ 1041.308012][T24546] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6324'. [ 1041.362618][T24546] netlink: 302 bytes leftover after parsing attributes in process `syz.1.6324'. [ 1042.555162][ T51] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 1042.562701][ T51] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 1042.815483][T24572] mkiss: ax0: crc mode is auto. [ 1043.007612][T24583] openvswitch: netlink: IP tunnel dst address not specified [ 1043.319896][T24589] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6339'. [ 1043.380996][T24590] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6339'. [ 1043.403005][T24589] netlink: 302 bytes leftover after parsing attributes in process `syz.5.6339'. [ 1044.717052][T24615] FAULT_INJECTION: forcing a failure. [ 1044.717052][T24615] name failslab, interval 1, probability 0, space 0, times 0 [ 1044.760117][T24615] CPU: 1 UID: 0 PID: 24615 Comm: syz.4.6345 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1044.760168][T24615] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1044.760180][T24615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1044.760197][T24615] Call Trace: [ 1044.760207][T24615] [ 1044.760218][T24615] dump_stack_lvl+0x100/0x190 [ 1044.760268][T24615] should_fail_ex.cold+0x5/0xa [ 1044.760303][T24615] should_failslab+0xc2/0x120 [ 1044.760332][T24615] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1044.760377][T24615] ? sctp_add_bind_addr+0xae/0x3e0 [ 1044.760422][T24615] ? __sctp_v6_cmp_addr+0x206/0x530 [ 1044.760460][T24615] sctp_add_bind_addr+0xae/0x3e0 [ 1044.760509][T24615] sctp_copy_local_addr_list+0x349/0x550 [ 1044.760546][T24615] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 1044.760582][T24615] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 1044.760616][T24615] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1044.760663][T24615] sctp_bind_addr_copy+0xe0/0x530 [ 1044.760701][T24615] sctp_connect_new_asoc+0x1c9/0x770 [ 1044.760741][T24615] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1044.760785][T24615] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1044.760835][T24615] __sctp_connect+0x3e7/0xc70 [ 1044.760881][T24615] ? __pfx___sctp_connect+0x10/0x10 [ 1044.760923][T24615] ? __pfx_sctp_inet_connect+0x10/0x10 [ 1044.760964][T24615] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1044.761013][T24615] ? __pfx_sctp_inet_connect+0x10/0x10 [ 1044.761051][T24615] sctp_inet_connect+0x15f/0x220 [ 1044.761092][T24615] __sys_connect_file+0x141/0x1a0 [ 1044.761125][T24615] __sys_connect+0x141/0x170 [ 1044.761152][T24615] ? __pfx___sys_connect+0x10/0x10 [ 1044.761202][T24615] __x64_sys_connect+0x72/0xb0 [ 1044.761226][T24615] ? lockdep_hardirqs_on+0x78/0x100 [ 1044.761257][T24615] do_syscall_64+0x106/0xf80 [ 1044.761288][T24615] ? clear_bhb_loop+0x40/0x90 [ 1044.761324][T24615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1044.761361][T24615] RIP: 0033:0x7f5179f9c799 [ 1044.761386][T24615] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1044.761415][T24615] RSP: 002b:00007f517ad9b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1044.761442][T24615] RAX: ffffffffffffffda RBX: 00007f517a215fa0 RCX: 00007f5179f9c799 [ 1044.761462][T24615] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 1044.761481][T24615] RBP: 00007f517a032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1044.761500][T24615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1044.761518][T24615] R13: 00007f517a216038 R14: 00007f517a215fa0 R15: 00007fff647e2c28 [ 1044.761560][T24615] [ 1045.228410][T24605] netlink: 326 bytes leftover after parsing attributes in process `syz.1.6352'. [ 1045.456871][T24627] netlink: 'syz.4.6349': attribute type 7 has an invalid length. [ 1045.464619][T24627] netlink: 17 bytes leftover after parsing attributes in process `syz.4.6349'. [ 1045.844177][T24637] FAULT_INJECTION: forcing a failure. [ 1045.844177][T24637] name failslab, interval 1, probability 0, space 0, times 0 [ 1045.877232][T24637] CPU: 0 UID: 0 PID: 24637 Comm: syz.2.6356 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1045.877290][T24637] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1045.877303][T24637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1045.877321][T24637] Call Trace: [ 1045.877331][T24637] [ 1045.877343][T24637] dump_stack_lvl+0x100/0x190 [ 1045.877393][T24637] should_fail_ex.cold+0x5/0xa [ 1045.877427][T24637] should_failslab+0xc2/0x120 [ 1045.877457][T24637] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1045.877493][T24637] ? trace_pid_list_alloc+0x2fe/0x480 [ 1045.877542][T24637] trace_pid_list_alloc+0x2fe/0x480 [ 1045.877590][T24637] trace_pid_write+0x110/0x460 [ 1045.877635][T24637] ? __pfx_trace_pid_write+0x10/0x10 [ 1045.877703][T24637] event_pid_write.isra.0+0x1e4/0x800 [ 1045.877752][T24637] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 1045.877811][T24637] vfs_write+0x2aa/0x1070 [ 1045.877855][T24637] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 1045.877906][T24637] ? __pfx_vfs_write+0x10/0x10 [ 1045.877948][T24637] ? __fget_files+0x215/0x3d0 [ 1045.878000][T24637] ? __fget_files+0x21f/0x3d0 [ 1045.878054][T24637] ksys_write+0x12a/0x250 [ 1045.878097][T24637] ? __pfx_ksys_write+0x10/0x10 [ 1045.878152][T24637] do_syscall_64+0x106/0xf80 [ 1045.878183][T24637] ? clear_bhb_loop+0x40/0x90 [ 1045.878219][T24637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1045.878249][T24637] RIP: 0033:0x7f6f46f9c799 [ 1045.878274][T24637] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1045.878310][T24637] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1045.878338][T24637] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 1045.878359][T24637] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1045.878377][T24637] RBP: 00007f6f47032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1045.878396][T24637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1045.878415][T24637] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 1045.878456][T24637] [ 1046.818643][T24649] netlink: 138 bytes leftover after parsing attributes in process `syz.2.6360'. [ 1047.430637][T24655] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6363'. [ 1047.601624][T24655] gretap0: refused to change device tx_queue_len [ 1048.279901][T24678] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6369'. [ 1048.314489][T24678] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6369'. [ 1050.707877][T24720] Invalid ELF header magic: != ELF [ 1051.324846][ T51] Bluetooth: hci1: unexpected event 0x20 length: 123 > 7 [ 1052.338006][T24751] nvme_fabrics: missing parameter 'transport=%s' [ 1052.361690][T24756] vivid-001: ================= START STATUS ================= [ 1052.391820][T24756] vivid-001: Radio HW Seek Mode: Bounded [ 1052.399819][T24751] nvme_fabrics: missing parameter 'nqn=%s' [ 1052.429791][T24756] vivid-001: Radio Programmable HW Seek: false [ 1052.436122][T24756] vivid-001: RDS Rx I/O Mode: Block I/O [ 1052.481114][T24756] vivid-001: Generate RBDS Instead of RDS: false [ 1052.487522][T24756] vivid-001: RDS Reception: true [ 1052.529846][T24756] vivid-001: RDS Program Type: 0 inactive [ 1052.553549][T24756] vivid-001: RDS PS Name: inactive [ 1052.558843][T24756] vivid-001: RDS Radio Text: inactive [ 1052.601472][T24756] vivid-001: RDS Traffic Announcement: false inactive [ 1052.672633][T24756] vivid-001: RDS Traffic Program: false inactive [ 1052.689648][T24756] vivid-001: RDS Music: false inactive [ 1052.715323][T24756] vivid-001: ================== END STATUS ================== [ 1053.225515][T24771] netlink: 93 bytes leftover after parsing attributes in process `syz.1.6400'. [ 1053.469837][ T51] Bluetooth: hci4: unexpected event 0x08 length: 435 > 4 [ 1054.705650][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.730976][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.279364][T24807] zswap: compressor 1Ў not available [ 1057.464826][T24841] zswap: compressor 1Ў not available [ 1057.745280][T24852] netlink: 118 bytes leftover after parsing attributes in process `syz.1.6423'. [ 1058.278569][T24864] FAULT_INJECTION: forcing a failure. [ 1058.278569][T24864] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.293108][T24864] CPU: 0 UID: 0 PID: 24864 Comm: syz.4.6428 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1058.293159][T24864] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1058.293172][T24864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1058.293192][T24864] Call Trace: [ 1058.293201][T24864] [ 1058.293213][T24864] dump_stack_lvl+0x100/0x190 [ 1058.293264][T24864] should_fail_ex.cold+0x5/0xa [ 1058.293299][T24864] should_failslab+0xc2/0x120 [ 1058.293328][T24864] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1058.293364][T24864] ? trace_pid_list_alloc+0x2fe/0x480 [ 1058.293413][T24864] trace_pid_list_alloc+0x2fe/0x480 [ 1058.293460][T24864] trace_pid_write+0x110/0x460 [ 1058.293504][T24864] ? __pfx_trace_pid_write+0x10/0x10 [ 1058.293576][T24864] event_pid_write.isra.0+0x1e4/0x800 [ 1058.293624][T24864] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 1058.293681][T24864] vfs_write+0x2aa/0x1070 [ 1058.293723][T24864] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 1058.293772][T24864] ? __pfx_vfs_write+0x10/0x10 [ 1058.293814][T24864] ? __fget_files+0x215/0x3d0 [ 1058.293864][T24864] ? __fget_files+0x21f/0x3d0 [ 1058.293917][T24864] ksys_write+0x12a/0x250 [ 1058.293958][T24864] ? __pfx_ksys_write+0x10/0x10 [ 1058.294019][T24864] do_syscall_64+0x106/0xf80 [ 1058.294053][T24864] ? clear_bhb_loop+0x40/0x90 [ 1058.294090][T24864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1058.294120][T24864] RIP: 0033:0x7f5179f9c799 [ 1058.294145][T24864] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1058.294174][T24864] RSP: 002b:00007f517ad9b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1058.294202][T24864] RAX: ffffffffffffffda RBX: 00007f517a215fa0 RCX: 00007f5179f9c799 [ 1058.294222][T24864] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1058.294239][T24864] RBP: 00007f517a032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1058.294256][T24864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1058.294273][T24864] R13: 00007f517a216038 R14: 00007f517a215fa0 R15: 00007fff647e2c28 [ 1058.294313][T24864] [ 1059.535324][T24877] openvswitch: netlink: IP tunnel dst address not specified [ 1059.574535][T24874] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6431'. [ 1059.633121][T24874] gretap0: refused to change device tx_queue_len [ 1060.305772][T24884] netlink: 326 bytes leftover after parsing attributes in process `syz.5.6435'. [ 1061.497558][T24903] sp0: Synchronizing with TNC [ 1063.016286][T24914] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6444'. [ 1063.236057][T24914] gretap0: refused to change device tx_queue_len [ 1063.353907][T24920] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6453'. [ 1063.877346][T24930] FAULT_INJECTION: forcing a failure. [ 1063.877346][T24930] name failslab, interval 1, probability 0, space 0, times 0 [ 1063.934297][T24930] CPU: 0 UID: 0 PID: 24930 Comm: syz.2.6457 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1063.934351][T24930] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1063.934363][T24930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1063.934383][T24930] Call Trace: [ 1063.934393][T24930] [ 1063.934406][T24930] dump_stack_lvl+0x100/0x190 [ 1063.934455][T24930] should_fail_ex.cold+0x5/0xa [ 1063.934492][T24930] should_failslab+0xc2/0x120 [ 1063.934532][T24930] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1063.934575][T24930] ? dup_fd+0x4d/0xd10 [ 1063.934620][T24930] ? do_futex+0x192/0x350 [ 1063.934661][T24930] dup_fd+0x4d/0xd10 [ 1063.934705][T24930] ? bpf_lsm_capable+0x9/0x10 [ 1063.934734][T24930] ? security_capable+0x80/0x260 [ 1063.934781][T24930] __x64_sys_close_range+0x405/0x5d0 [ 1063.934816][T24930] ? __pfx___x64_sys_close_range+0x10/0x10 [ 1063.934857][T24930] do_syscall_64+0x106/0xf80 [ 1063.934890][T24930] ? clear_bhb_loop+0x40/0x90 [ 1063.934932][T24930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1063.934963][T24930] RIP: 0033:0x7f6f46f9c799 [ 1063.934989][T24930] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1063.935019][T24930] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1063.935049][T24930] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 1063.935069][T24930] RDX: 0000000000000002 RSI: fffffffffffff001 RDI: 0000000000000000 [ 1063.935088][T24930] RBP: 00007f6f47032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1063.935107][T24930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1063.935126][T24930] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 1063.935166][T24930] [ 1064.369757][T24932] vivid-001: ================= START STATUS ================= [ 1064.426754][T24932] vivid-001: Radio HW Seek Mode: Bounded [ 1064.433683][T24932] vivid-001: Radio Programmable HW Seek: false [ 1064.481560][T24932] vivid-001: RDS Rx I/O Mode: Block I/O [ 1064.510469][T24932] vivid-001: Generate RBDS Instead of RDS: false [ 1064.569981][T24932] vivid-001: RDS Reception: true [ 1064.583388][T24927] netlink: 93 bytes leftover after parsing attributes in process `syz.5.6445'. [ 1064.584475][T24932] vivid-001: RDS Program Type: [ 1064.616316][T24922] netlink: 93 bytes leftover after parsing attributes in process `syz.5.6445'. [ 1064.647217][T24932] 0 inactive [ 1064.650498][T24932] vivid-001: RDS PS Name: inactive [ 1064.655764][T24932] vivid-001: RDS Radio Text: inactive [ 1064.782060][T24932] vivid-001: RDS Traffic Announcement: false inactive [ 1064.826266][T24932] vivid-001: RDS Traffic Program: false inactive [ 1064.832689][T24932] vivid-001: RDS Music: false inactive [ 1064.980584][T24932] vivid-001: ================== END STATUS ================== [ 1065.277693][T24942] zero sized request [ 1065.729609][T24957] FAULT_INJECTION: forcing a failure. [ 1065.729609][T24957] name failslab, interval 1, probability 0, space 0, times 0 [ 1065.767698][T24957] CPU: 1 UID: 0 PID: 24957 Comm: syz.2.6456 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1065.767747][T24957] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1065.767759][T24957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1065.767776][T24957] Call Trace: [ 1065.767785][T24957] [ 1065.767796][T24957] dump_stack_lvl+0x100/0x190 [ 1065.767845][T24957] should_fail_ex.cold+0x5/0xa [ 1065.767878][T24957] ? lsm_blob_alloc+0x68/0x90 [ 1065.767909][T24957] should_failslab+0xc2/0x120 [ 1065.767938][T24957] __kmalloc_noprof+0xe0/0x850 [ 1065.767979][T24957] ? trace_kmalloc+0x101/0x130 [ 1065.768012][T24957] lsm_blob_alloc+0x68/0x90 [ 1065.768046][T24957] security_sk_alloc+0x2d/0x290 [ 1065.768087][T24957] sk_prot_alloc+0x12a/0x2a0 [ 1065.768129][T24957] sk_alloc+0x36/0xe80 [ 1065.768159][T24957] __netlink_create+0x5e/0x2c0 [ 1065.768192][T24957] __netlink_kernel_create+0xed/0x750 [ 1065.768229][T24957] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1065.768286][T24957] fib_net_init+0x26d/0x3f0 [ 1065.768319][T24957] ? is_module_address+0x69/0xf0 [ 1065.768356][T24957] ? __pfx_fib_net_init+0x10/0x10 [ 1065.768390][T24957] ? timer_init_key+0x150/0x340 [ 1065.768421][T24957] ? __pfx_nl_fib_input+0x10/0x10 [ 1065.768458][T24957] ? devinet_init_net+0x56c/0x8d0 [ 1065.768497][T24957] ? __pfx_fib_net_init+0x10/0x10 [ 1065.768529][T24957] ops_init+0x1e2/0x5f0 [ 1065.768566][T24957] setup_net+0x118/0x3a0 [ 1065.768601][T24957] ? __pfx_setup_net+0x10/0x10 [ 1065.768632][T24957] ? lockdep_init_map_type+0x5c/0x250 [ 1065.768671][T24957] ? mutex_init_lockep+0x110/0x150 [ 1065.768715][T24957] copy_net_ns+0x46f/0x7c0 [ 1065.768755][T24957] create_new_namespaces+0x3ea/0xac0 [ 1065.768794][T24957] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1065.768834][T24957] ksys_unshare+0x473/0xad0 [ 1065.768873][T24957] ? __pfx_ksys_unshare+0x10/0x10 [ 1065.768921][T24957] __x64_sys_unshare+0x31/0x40 [ 1065.768957][T24957] do_syscall_64+0x106/0xf80 [ 1065.768987][T24957] ? clear_bhb_loop+0x40/0x90 [ 1065.769023][T24957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1065.769053][T24957] RIP: 0033:0x7f6f46f9c799 [ 1065.769078][T24957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1065.769106][T24957] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1065.769135][T24957] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 1065.769155][T24957] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1065.769173][T24957] RBP: 00007f6f47032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1065.769192][T24957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1065.769209][T24957] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 1065.769255][T24957] [ 1068.480672][T25002] netlink: 186 bytes leftover after parsing attributes in process `syz.4.6474'. [ 1068.979102][T25017] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6481'. [ 1069.210065][T25019] FAULT_INJECTION: forcing a failure. [ 1069.210065][T25019] name failslab, interval 1, probability 0, space 0, times 0 [ 1069.258240][T25019] CPU: 0 UID: 0 PID: 25019 Comm: syz.5.6483 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1069.258291][T25019] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1069.258304][T25019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1069.258320][T25019] Call Trace: [ 1069.258330][T25019] [ 1069.258341][T25019] dump_stack_lvl+0x100/0x190 [ 1069.258390][T25019] should_fail_ex.cold+0x5/0xa [ 1069.258426][T25019] should_failslab+0xc2/0x120 [ 1069.258455][T25019] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1069.258491][T25019] ? tty_open+0x139/0xfa0 [ 1069.258531][T25019] ? __pfx_tty_open+0x10/0x10 [ 1069.258566][T25019] tty_open+0x139/0xfa0 [ 1069.258608][T25019] ? __pfx_tty_open+0x10/0x10 [ 1069.258638][T25019] ? chrdev_open+0x10b/0x6a0 [ 1069.258664][T25019] ? chrdev_open+0x10b/0x6a0 [ 1069.258696][T25019] ? __pfx_tty_open+0x10/0x10 [ 1069.258732][T25019] chrdev_open+0x234/0x6a0 [ 1069.258758][T25019] ? __pfx_apparmor_file_open+0x10/0x10 [ 1069.258798][T25019] ? __pfx_chrdev_open+0x10/0x10 [ 1069.258836][T25019] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1069.258891][T25019] do_dentry_open+0x6d8/0x1660 [ 1069.258936][T25019] ? __pfx_chrdev_open+0x10/0x10 [ 1069.258980][T25019] vfs_open+0x82/0x3f0 [ 1069.259019][T25019] path_openat+0x208c/0x31a0 [ 1069.259059][T25019] ? __pfx_path_openat+0x10/0x10 [ 1069.259101][T25019] do_file_open+0x20e/0x430 [ 1069.259131][T25019] ? __pfx_do_file_open+0x10/0x10 [ 1069.259185][T25019] ? alloc_fd+0x476/0x790 [ 1069.259232][T25019] ? do_getname+0x191/0x390 [ 1069.259268][T25019] do_sys_openat2+0x10d/0x1e0 [ 1069.259301][T25019] ? __pfx_do_sys_openat2+0x10/0x10 [ 1069.259337][T25019] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 1069.259382][T25019] __x64_sys_openat+0x12d/0x210 [ 1069.259419][T25019] ? __pfx___x64_sys_openat+0x10/0x10 [ 1069.259468][T25019] do_syscall_64+0x106/0xf80 [ 1069.259499][T25019] ? clear_bhb_loop+0x40/0x90 [ 1069.259537][T25019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1069.259566][T25019] RIP: 0033:0x7faa6199c799 [ 1069.259589][T25019] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1069.259617][T25019] RSP: 002b:00007faa628e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1069.259646][T25019] RAX: ffffffffffffffda RBX: 00007faa61c15fa0 RCX: 00007faa6199c799 [ 1069.259666][T25019] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 1069.259686][T25019] RBP: 00007faa61a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1069.259704][T25019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1069.259721][T25019] R13: 00007faa61c16038 R14: 00007faa61c15fa0 R15: 00007ffd65db9278 [ 1069.259757][T25019] [ 1070.099747][T25034] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6489'. [ 1070.554487][T25043] netlink: 338 bytes leftover after parsing attributes in process `syz.5.6493'. [ 1070.610740][T25043] bond_slave_0: entered allmulticast mode [ 1070.890593][T25053] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6496'. [ 1071.402072][T25064] binder: 25063:25064 ioctl 4018620d 9 returned -22 [ 1072.015156][T25074] FAULT_INJECTION: forcing a failure. [ 1072.015156][T25074] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1072.097814][T25074] CPU: 0 UID: 0 PID: 25074 Comm: syz.2.6504 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1072.097843][T25074] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1072.097850][T25074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1072.097860][T25074] Call Trace: [ 1072.097866][T25074] [ 1072.097874][T25074] dump_stack_lvl+0x100/0x190 [ 1072.097904][T25074] should_fail_ex.cold+0x5/0xa [ 1072.097921][T25074] ? prepare_alloc_pages+0x16d/0x5f0 [ 1072.097940][T25074] should_fail_alloc_page+0xeb/0x140 [ 1072.097957][T25074] prepare_alloc_pages+0x1f0/0x5f0 [ 1072.097973][T25074] ? workingset_test_recent+0x42d/0xe90 [ 1072.097997][T25074] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1072.098019][T25074] ? workingset_test_recent+0x143/0xe90 [ 1072.098041][T25074] ? local_lock_release+0x99/0x130 [ 1072.098059][T25074] ? __lock_acquire+0x4a5/0x2630 [ 1072.098078][T25074] ? mod_memcg_lruvec_state+0x1a6/0x630 [ 1072.098100][T25074] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1072.098126][T25074] ? __lock_acquire+0x4a5/0x2630 [ 1072.098150][T25074] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1072.098175][T25074] ? policy_nodemask+0xed/0x4f0 [ 1072.098192][T25074] alloc_pages_mpol+0x1fb/0x550 [ 1072.098207][T25074] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1072.098222][T25074] ? swap_entry_swapped+0x1ff/0x2b0 [ 1072.098245][T25074] ? __pfx_swap_entry_swapped+0x10/0x10 [ 1072.098270][T25074] folio_alloc_mpol_noprof+0x36/0x340 [ 1072.098289][T25074] swap_cache_alloc_folio+0x1a8/0x300 [ 1072.098310][T25074] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 1072.098329][T25074] ? __pfx_get_swap_device+0x10/0x10 [ 1072.098351][T25074] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1072.098376][T25074] read_swap_cache_async+0xd9/0x480 [ 1072.098396][T25074] ? __pfx_read_swap_cache_async+0x10/0x10 [ 1072.098417][T25074] ? find_held_lock+0x2b/0x80 [ 1072.098430][T25074] ? find_held_lock+0x2b/0x80 [ 1072.098443][T25074] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1072.098458][T25074] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1072.098477][T25074] swapin_walk_pmd_entry+0x2fd/0x640 [ 1072.098496][T25074] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1072.098516][T25074] ? walk_pgd_range+0x143c/0x1eb0 [ 1072.098538][T25074] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1072.098555][T25074] walk_pgd_range+0xc04/0x1eb0 [ 1072.098588][T25074] ? __pfx_walk_pgd_range+0x10/0x10 [ 1072.098611][T25074] ? __lock_acquire+0x4a5/0x2630 [ 1072.098630][T25074] __walk_page_range+0x163/0x820 [ 1072.098680][T25074] walk_page_range_vma_unsafe+0x209/0x8f0 [ 1072.098706][T25074] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 1072.098733][T25074] ? lock_acquire+0x1cf/0x380 [ 1072.098752][T25074] ? finish_task_switch.isra.0+0x200/0xb80 [ 1072.098770][T25074] ? rcu_is_watching+0x12/0xc0 [ 1072.098795][T25074] walk_page_range_vma+0x63/0x90 [ 1072.098823][T25074] madvise_vma_behavior+0x1e14/0x3050 [ 1072.098842][T25074] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1072.098859][T25074] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 1072.098879][T25074] ? mas_prev+0x9b/0xf0 [ 1072.098900][T25074] ? __pfx_mas_prev+0x10/0x10 [ 1072.098922][T25074] ? find_vma_prev+0xd8/0x150 [ 1072.098936][T25074] ? futex_unqueue+0x133/0x2c0 [ 1072.098954][T25074] ? __pfx_find_vma_prev+0x10/0x10 [ 1072.098974][T25074] ? __futex_wait+0x256/0x300 [ 1072.099000][T25074] madvise_walk_vmas+0x2fe/0xa90 [ 1072.099019][T25074] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1072.099041][T25074] madvise_do_behavior+0x1ea/0x510 [ 1072.099059][T25074] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1072.099076][T25074] ? down_read+0x13b/0x460 [ 1072.099104][T25074] do_madvise+0x195/0x240 [ 1072.099119][T25074] ? __pfx_do_madvise+0x10/0x10 [ 1072.099135][T25074] ? do_futex+0x192/0x350 [ 1072.099157][T25074] ? __fget_files+0x21f/0x3d0 [ 1072.099192][T25074] __x64_sys_madvise+0xa9/0x110 [ 1072.099208][T25074] ? lockdep_hardirqs_on+0x78/0x100 [ 1072.099224][T25074] do_syscall_64+0x106/0xf80 [ 1072.099240][T25074] ? clear_bhb_loop+0x40/0x90 [ 1072.099259][T25074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1072.099274][T25074] RIP: 0033:0x7f6f46f9c799 [ 1072.099289][T25074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1072.099304][T25074] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1072.099319][T25074] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 1072.099330][T25074] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 1072.099340][T25074] RBP: 00007f6f47032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1072.099350][T25074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1072.099360][T25074] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 1072.099380][T25074] [ 1074.880213][T25090] [U]  [ 1074.883051][T25090] [U] [ 1074.885756][T25090] [U] [ 1074.888478][T25090] [U] [ 1074.921395][T25090] [U] [ 1074.924202][T25090] [U] [ 1074.926892][T25090] [U] [ 1074.929563][T25090] [U] [ 1074.953000][T25090] [U] [ 1074.955772][T25090] [U] [ 1074.958499][T25090] [U] [ 1074.961227][T25090] [U] [ 1075.003339][T25090] [U] [ 1075.006102][T25090] [U] [ 1075.008832][T25090] [U] [ 1075.011557][T25090] [U] [ 1075.016734][T25090] [U] [ 1075.019477][T25090] [U] [ 1075.022239][T25090] [U] [ 1075.024963][T25090] [U] [ 1075.062285][T25090] [U] [ 1075.065025][T25090] [U] [ 1075.067750][T25090] [U] [ 1075.070477][T25090] [U] [ 1075.081709][T25090] [U] [ 1075.084471][T25090] [U] [ 1075.087187][T25090] [U] [ 1075.089908][T25090] [U] [ 1075.105253][T25090] [U] [ 1075.108020][T25090] [U] [ 1075.110748][T25090] [U] [ 1075.113469][T25090] [U] [ 1075.146784][T25090] [U] [ 1075.149560][T25090] [U] [ 1075.152288][T25090] [U] [ 1075.155009][T25090] [U] [ 1075.181327][T25090] [U] [ 1075.184066][T25090] [U] [ 1075.186745][T25090] [U] [ 1075.189420][T25090] [U] [ 1075.196160][T25090] [U] [ 1075.198899][T25090] [U] [ 1075.201625][T25090] [U] [ 1075.204341][T25090] [U] [ 1075.362963][T25090] [U] [ 1077.262193][T25150] vivid-007: ================= START STATUS ================= [ 1077.285624][T25146] Invalid ELF header magic: != ELF [ 1077.318041][T25150] vivid-007: Enable Output Cropping: true [ 1077.414026][T25150] vivid-007: Enable Output Composing: true [ 1077.446673][T25150] vivid-007: Enable Output Scaler: true [ 1077.511847][T25150] vivid-007: Tx RGB Quantization Range: Automatic [ 1077.595811][T25150] vivid-007: Transmit Mode: HDMI [ 1077.687414][T25150] vivid-007: Hotplug Present: 0x00000000 [ 1077.716452][T25150] vivid-007: RxSense Present: 0x00000000 [ 1077.722251][T25150] vivid-007: EDID Present: 0x00000000 [ 1077.732450][T25150] vivid-007: ================== END STATUS ================== [ 1082.236585][T25253] FAULT_INJECTION: forcing a failure. [ 1082.236585][T25253] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1082.273497][T25253] CPU: 0 UID: 0 PID: 25253 Comm: syz.5.6550 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1082.273552][T25253] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1082.273564][T25253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1082.273583][T25253] Call Trace: [ 1082.273594][T25253] [ 1082.273606][T25253] dump_stack_lvl+0x100/0x190 [ 1082.273662][T25253] should_fail_ex.cold+0x5/0xa [ 1082.273692][T25253] ? prepare_alloc_pages+0x16d/0x5f0 [ 1082.273726][T25253] should_fail_alloc_page+0xeb/0x140 [ 1082.273757][T25253] prepare_alloc_pages+0x1f0/0x5f0 [ 1082.273789][T25253] ? workingset_test_recent+0x42d/0xe90 [ 1082.273839][T25253] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1082.273884][T25253] ? workingset_test_recent+0x143/0xe90 [ 1082.273929][T25253] ? local_lock_release+0x99/0x130 [ 1082.273965][T25253] ? __lock_acquire+0x4a5/0x2630 [ 1082.274002][T25253] ? mod_memcg_lruvec_state+0x1a6/0x630 [ 1082.274046][T25253] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1082.274100][T25253] ? __lock_acquire+0x4a5/0x2630 [ 1082.274150][T25253] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1082.274201][T25253] ? policy_nodemask+0xed/0x4f0 [ 1082.274233][T25253] alloc_pages_mpol+0x1fb/0x550 [ 1082.274265][T25253] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1082.274294][T25253] ? swap_entry_swapped+0x1ff/0x2b0 [ 1082.274340][T25253] ? __pfx_swap_entry_swapped+0x10/0x10 [ 1082.274397][T25253] folio_alloc_mpol_noprof+0x36/0x340 [ 1082.274435][T25253] swap_cache_alloc_folio+0x1a8/0x300 [ 1082.274478][T25253] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 1082.274518][T25253] ? __pfx_get_swap_device+0x10/0x10 [ 1082.274565][T25253] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1082.274614][T25253] read_swap_cache_async+0xd9/0x480 [ 1082.274660][T25253] ? __pfx_read_swap_cache_async+0x10/0x10 [ 1082.274700][T25253] ? find_held_lock+0x2b/0x80 [ 1082.274726][T25253] ? find_held_lock+0x2b/0x80 [ 1082.274752][T25253] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1082.274783][T25253] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1082.274821][T25253] swapin_walk_pmd_entry+0x2fd/0x640 [ 1082.274859][T25253] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1082.274891][T25253] ? __lock_acquire+0x4a5/0x2630 [ 1082.274926][T25253] ? tomoyo_path_perm+0x29c/0x460 [ 1082.274964][T25253] ? kasan_save_stack+0x3f/0x50 [ 1082.275002][T25253] ? kasan_save_stack+0x30/0x50 [ 1082.275042][T25253] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1082.275073][T25253] walk_pgd_range+0xc04/0x1eb0 [ 1082.275139][T25253] ? __pfx_walk_pgd_range+0x10/0x10 [ 1082.275184][T25253] ? __lock_acquire+0x4a5/0x2630 [ 1082.275223][T25253] __walk_page_range+0x163/0x820 [ 1082.275282][T25253] walk_page_range_vma_unsafe+0x209/0x8f0 [ 1082.275330][T25253] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 1082.275377][T25253] ? lock_acquire+0x1cf/0x380 [ 1082.275413][T25253] ? finish_task_switch.isra.0+0x200/0xb80 [ 1082.275447][T25253] ? rcu_is_watching+0x12/0xc0 [ 1082.275494][T25253] walk_page_range_vma+0x63/0x90 [ 1082.275539][T25253] madvise_vma_behavior+0x1e14/0x3050 [ 1082.275578][T25253] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1082.275609][T25253] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 1082.275653][T25253] ? mas_prev+0x9b/0xf0 [ 1082.275686][T25253] ? __pfx_mas_prev+0x10/0x10 [ 1082.275728][T25253] ? find_vma_prev+0xd8/0x150 [ 1082.275753][T25253] ? futex_unqueue+0x133/0x2c0 [ 1082.275783][T25253] ? __pfx_find_vma_prev+0x10/0x10 [ 1082.275821][T25253] ? __futex_wait+0x256/0x300 [ 1082.275866][T25253] madvise_walk_vmas+0x2fe/0xa90 [ 1082.275899][T25253] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1082.275937][T25253] madvise_do_behavior+0x1ea/0x510 [ 1082.275968][T25253] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1082.276000][T25253] ? down_read+0x13b/0x460 [ 1082.276051][T25253] do_madvise+0x195/0x240 [ 1082.276081][T25253] ? __pfx_do_madvise+0x10/0x10 [ 1082.276112][T25253] ? do_futex+0x192/0x350 [ 1082.276154][T25253] ? __fget_files+0x21f/0x3d0 [ 1082.276216][T25253] __x64_sys_madvise+0xa9/0x110 [ 1082.276247][T25253] ? lockdep_hardirqs_on+0x78/0x100 [ 1082.276279][T25253] do_syscall_64+0x106/0xf80 [ 1082.276309][T25253] ? clear_bhb_loop+0x40/0x90 [ 1082.276345][T25253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1082.276376][T25253] RIP: 0033:0x7faa6199c799 [ 1082.276400][T25253] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1082.276428][T25253] RSP: 002b:00007faa628e4028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1082.276456][T25253] RAX: ffffffffffffffda RBX: 00007faa61c15fa0 RCX: 00007faa6199c799 [ 1082.276476][T25253] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 1082.276494][T25253] RBP: 00007faa61a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1082.276512][T25253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1082.276529][T25253] R13: 00007faa61c16038 R14: 00007faa61c15fa0 R15: 00007ffd65db9278 [ 1082.276566][T25253] [ 1083.232626][T25259] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6561'. [ 1083.392591][T25259] team0 (unregistering): Port device team_slave_0 removed [ 1083.408360][T25262] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6553'. [ 1083.444044][T25259] team0 (unregistering): Port device team_slave_1 removed [ 1085.886651][T25312] vivid-007: ================= START STATUS ================= [ 1085.932161][T25310] Invalid ELF header magic: != ELF [ 1085.990083][T25312] vivid-007: Enable Output Cropping: true [ 1085.995896][T25312] vivid-007: Enable Output Composing: true [ 1086.183030][T25312] vivid-007: Enable Output Scaler: true [ 1086.222347][T25312] vivid-007: Tx RGB Quantization Range: Automatic [ 1086.286778][T25325] openvswitch: : Dropping previously announced user features [ 1086.295368][T25312] vivid-007: Transmit Mode: HDMI [ 1086.310211][T25312] vivid-007: Hotplug Present: 0x00000000 [ 1086.348146][T25312] vivid-007: RxSense Present: 0x00000000 [ 1086.355073][T25312] vivid-007: EDID Present: 0x00000000 [ 1086.383579][T25312] vivid-007: ================== END STATUS ================== [ 1087.140094][T25352] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6579'. [ 1087.309272][T25355] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6581'. [ 1087.628702][T25364] ubi0: attaching mtd0 [ 1087.653477][T25364] ubi0: scanning is finished [ 1087.664731][T25364] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1087.778574][T25353] [U]  [ 1087.781383][T25353] [U] [ 1087.784061][T25353] [U] [ 1087.786762][T25353] [U] [ 1087.821917][T25353] [U] [ 1087.824702][T25353] [U] [ 1087.827430][T25353] [U] [ 1087.830173][T25353] [U] [ 1087.850673][T25353] [U] [ 1087.853440][T25353] [U] [ 1087.856182][T25353] [U] [ 1087.858903][T25353] [U] [ 1087.869554][T25353] [U] [ 1087.872301][T25353] [U] [ 1087.875029][T25353] [U] [ 1087.877761][T25353] [U] [ 1087.894322][T25362] netlink: 18 bytes leftover after parsing attributes in process `syz.4.6583'. [ 1087.934268][T25353] [U] [ 1087.936980][T25353] [U] [ 1087.939685][T25353] [U] [ 1087.942399][T25353] [U] [ 1087.961981][T25353] [U] [ 1087.964743][T25353] [U] [ 1087.967471][T25353] [U] [ 1087.970195][T25353] [U] [ 1088.009179][T25353] [U] [ 1088.011918][T25353] [U] [ 1088.014603][T25353] [U] [ 1088.017285][T25353] [U] [ 1088.030690][T25353] [U] [ 1088.033496][T25353] [U] [ 1088.036174][T25353] [U] [ 1088.038861][T25353] [U] [ 1088.052474][T25353] [U] [ 1088.055226][T25353] [U] [ 1088.057950][T25353] [U] [ 1088.060669][T25353] [U] [ 1088.080419][T25353] [U] [ 1088.083155][T25353] [U] [ 1088.085839][T25353] [U] [ 1088.088516][T25353] [U] [ 1088.105300][T25353] [U] [ 1088.108053][T25353] [U] [ 1088.110782][T25353] [U] [ 1088.113489][T25353] [U] [ 1088.126681][T25353] [U] [ 1088.129416][T25353] [U] [ 1088.132182][T25353] [U] [ 1088.134858][T25353] [U] [ 1088.153762][T25353] [U] [ 1088.156520][T25353] [U] [ 1088.159233][T25353] [U] [ 1088.161912][T25353] [U] [ 1088.175667][T25353] [U] [ 1088.178427][T25353] [U] [ 1088.181139][T25353] [U] [ 1088.183855][T25353] [U] [ 1088.191484][T25353] [U] [ 1088.194236][T25353] [U] [ 1088.196956][T25353] [U] [ 1088.199675][T25353] [U] [ 1088.206441][T25364] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1088.214932][T25353] [U] [ 1088.217662][T25353] [U] [ 1088.220357][T25353] [U] [ 1088.223033][T25353] [U] [ 1088.264636][T25353] [U] [ 1088.267400][T25353] [U] [ 1088.270136][T25353] [U] [ 1088.272850][T25353] [U] [ 1088.292287][T25353] [U] [ 1088.295052][T25353] [U] [ 1088.297783][T25353] [U] [ 1088.300513][T25353] [U] [ 1088.319084][T25353] [U] [ 1088.321810][T25353] [U] [ 1088.324514][T25353] [U] [ 1088.327231][T25353] [U] [ 1088.404569][T25353] [U] [ 1088.407314][T25353] [U] [ 1088.410037][T25353] [U] [ 1088.412758][T25353] [U] [ 1088.416008][T25353] [U] [ 1088.418752][T25353] [U] [ 1088.421486][T25353] [U] [ 1088.424216][T25353] [U] [ 1088.458480][T25353] [U] [ 1088.461257][T25353] [U] [ 1088.463996][T25353] [U] [ 1088.466721][T25353] [U] [ 1088.505351][T25353] [U] [ 1088.508119][T25353] [U] [ 1088.510808][T25353] [U] [ 1088.513560][T25353] [U] [ 1088.562758][T25353] [U] [ 1088.565526][T25353] [U] [ 1088.568248][T25353] [U] [ 1088.570945][T25353] [U] [ 1088.574065][T25353] [U] [ 1088.576812][T25353] [U] [ 1088.579518][T25353] [U] [ 1088.582194][T25353] [U] [ 1088.637897][T25353] [U] [ 1088.640662][T25353] [U] [ 1088.643394][T25353] [U] [ 1088.646131][T25353] [U] [ 1088.701462][T25353] [U] [ 1088.704238][T25353] [U] [ 1088.706990][T25353] [U] [ 1088.709714][T25353] [U] [ 1088.738455][T25353] [U] [ 1088.741233][T25353] [U] [ 1088.743959][T25353] [U] [ 1088.746683][T25353] [U] [ 1088.767991][T25353] [U] [ 1090.495731][T25420] netlink: 62 bytes leftover after parsing attributes in process `syz.1.6597'. [ 1091.226228][T25433] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1091.255780][T25433] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1092.410123][T25460] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6614'. [ 1092.450656][T25460] netlink: 274 bytes leftover after parsing attributes in process `syz.5.6614'. [ 1092.858643][T25471] ubi0: attaching mtd0 [ 1092.872127][T25471] ubi0: scanning is finished [ 1092.890067][T25471] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1093.131722][T25471] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1093.972339][T25491] netlink: 338 bytes leftover after parsing attributes in process `syz.4.6633'. [ 1094.041959][T25491] team_slave_0: entered allmulticast mode [ 1094.369101][T25495] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input19 [ 1095.437119][T25520] netlink: 'syz.1.6637': attribute type 1 has an invalid length. [ 1095.461983][T25520] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6637'. [ 1097.293343][T25556] netlink: 'syz.1.6649': attribute type 27 has an invalid length. [ 1097.311577][T25556] netlink: 146 bytes leftover after parsing attributes in process `syz.1.6649'. [ 1097.743648][T25573] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6656'. [ 1097.930679][T25577] FAULT_INJECTION: forcing a failure. [ 1097.930679][T25577] name failslab, interval 1, probability 0, space 0, times 0 [ 1098.014667][T25577] CPU: 0 UID: 0 PID: 25577 Comm: syz.2.6657 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1098.014719][T25577] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1098.014731][T25577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1098.014749][T25577] Call Trace: [ 1098.014759][T25577] [ 1098.014769][T25577] dump_stack_lvl+0x100/0x190 [ 1098.014817][T25577] should_fail_ex.cold+0x5/0xa [ 1098.014850][T25577] should_failslab+0xc2/0x120 [ 1098.014879][T25577] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1098.014919][T25577] ? security_file_alloc+0x34/0x2c0 [ 1098.014965][T25577] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1098.015000][T25577] security_file_alloc+0x34/0x2c0 [ 1098.015045][T25577] init_file+0x95/0x480 [ 1098.015078][T25577] alloc_empty_file+0x73/0x1c0 [ 1098.015111][T25577] dentry_open+0x46/0xd0 [ 1098.015144][T25577] ima_calc_file_hash+0x2ad/0x480 [ 1098.015187][T25577] ima_collect_measurement+0x887/0xa40 [ 1098.015240][T25577] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1098.015282][T25577] ? lock_acquire+0x1cf/0x380 [ 1098.015336][T25577] ? process_measurement+0x5ab/0x2350 [ 1098.015372][T25577] ? is_bad_inode+0xd/0x40 [ 1098.015422][T25577] ? xattr_resolve_name+0x27d/0x3f0 [ 1098.015473][T25577] ? vfs_getxattr_alloc+0xec/0x350 [ 1098.015526][T25577] ? ima_get_hash_algo+0x22d/0x400 [ 1098.015560][T25577] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1098.015602][T25577] ? process_measurement+0xdfe/0x2350 [ 1098.015637][T25577] process_measurement+0xdfe/0x2350 [ 1098.015687][T25577] ? __pfx_process_measurement+0x10/0x10 [ 1098.015772][T25577] ? mutex_init_lockep+0x110/0x150 [ 1098.015812][T25577] ? seq_open+0x116/0x170 [ 1098.015845][T25577] ? inode_to_bdi+0x9e/0x160 [ 1098.015893][T25577] ima_file_check+0xcc/0x120 [ 1098.015931][T25577] ? __pfx_ima_file_check+0x10/0x10 [ 1098.015979][T25577] security_file_post_open+0xc4/0x210 [ 1098.016025][T25577] path_openat+0x1418/0x31a0 [ 1098.016066][T25577] ? __pfx_path_openat+0x10/0x10 [ 1098.016107][T25577] do_file_open+0x20e/0x430 [ 1098.016136][T25577] ? __pfx_do_file_open+0x10/0x10 [ 1098.016187][T25577] ? alloc_fd+0x476/0x790 [ 1098.016243][T25577] ? do_getname+0x191/0x390 [ 1098.016280][T25577] do_sys_openat2+0x10d/0x1e0 [ 1098.016320][T25577] ? __pfx_do_sys_openat2+0x10/0x10 [ 1098.016369][T25577] __x64_sys_openat+0x12d/0x210 [ 1098.016406][T25577] ? __pfx___x64_sys_openat+0x10/0x10 [ 1098.016464][T25577] do_syscall_64+0x106/0xf80 [ 1098.016496][T25577] ? clear_bhb_loop+0x40/0x90 [ 1098.016533][T25577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1098.016564][T25577] RIP: 0033:0x7f6f46f9c799 [ 1098.016590][T25577] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1098.016619][T25577] RSP: 002b:00007f6f47dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1098.016647][T25577] RAX: ffffffffffffffda RBX: 00007f6f47215fa0 RCX: 00007f6f46f9c799 [ 1098.016667][T25577] RDX: 0000000000020803 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1098.016686][T25577] RBP: 00007f6f47032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1098.016703][T25577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1098.016721][T25577] R13: 00007f6f47216038 R14: 00007f6f47215fa0 R15: 00007ffd79a0c218 [ 1098.016760][T25577] [ 1098.017008][ T29] audit: type=1800 audit(1772154188.447:30): pid=25577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6657" name="set_event_notrace_pid" dev="tracefs" ino=1062 res=0 errno=0 [ 1099.294264][T25584] [U]  [ 1099.297076][T25584] [U] [ 1099.299776][T25584] [U] [ 1099.302493][T25584] [U] [ 1099.309651][T25584] [U] [ 1099.312352][T25584] [U] [ 1099.315049][T25584] [U] [ 1099.317763][T25584] [U] [ 1099.322034][T25584] [U] [ 1099.324767][T25584] [U] [ 1099.327482][T25584] [U] [ 1099.330185][T25584] [U] [ 1099.333866][T25584] [U] [ 1099.336552][T25584] [U] [ 1099.339237][T25584] [U] [ 1099.341905][T25584] [U] [ 1099.354809][T25584] [U] [ 1099.357539][T25584] [U] [ 1099.360215][T25584] [U] [ 1099.362888][T25584] [U] [ 1099.387882][T25584] [U] [ 1099.390606][T25584] [U] [ 1099.393315][T25584] [U] [ 1099.396044][T25584] [U] [ 1099.416037][T25584] [U] [ 1099.418760][T25584] [U] [ 1099.421432][T25584] [U] [ 1099.424128][T25584] [U] [ 1099.467144][T25584] [U] [ 1099.469891][T25584] [U] [ 1099.472637][T25584] [U] [ 1099.475319][T25584] [U] [ 1099.513155][T25584] [U] [ 1099.515879][T25584] [U] [ 1099.518552][T25584] [U] [ 1099.521226][T25584] [U] [ 1099.538901][T25584] [U] [ 1099.541663][T25584] [U] [ 1099.544380][T25584] [U] [ 1099.547104][T25584] [U] [ 1099.575471][T25584] [U] [ 1099.578234][T25584] [U] [ 1099.580963][T25584] [U] [ 1099.583675][T25584] [U] [ 1099.618494][T25584] [U] [ 1099.621241][T25584] [U] [ 1099.623927][T25584] [U] [ 1099.626608][T25584] [U] [ 1099.693815][T25584] [U] [ 1100.290194][T25609] sp0: Synchronizing with TNC [ 1100.473862][T25617] sp0: Found TNC [ 1100.776255][ T29] audit: type=1804 audit(1772154191.206:31): pid=25621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.6670" name="file0" dev="tmpfs" ino=3533 res=1 errno=0 [ 1100.824624][ T29] audit: type=1804 audit(1772154191.256:32): pid=25622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.6670" name="file0" dev="tmpfs" ino=3533 res=1 errno=0 [ 1103.141373][T25660] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input20 [ 1104.637497][T25681] mkiss: ax0: crc mode is auto. [ 1105.487959][T25695] netlink: 50 bytes leftover after parsing attributes in process `syz.5.6695'. [ 1112.650073][T25763] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6717'. [ 1112.687267][T25763] netlink: 'syz.5.6717': attribute type 1 has an invalid length. [ 1112.717825][T25763] netlink: 13 bytes leftover after parsing attributes in process `syz.5.6717'. [ 1113.180156][T25772] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6720'. [ 1113.261456][T25779] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6722'. [ 1113.312340][T25779] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6722'. [ 1113.503826][T25784] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6725'. [ 1113.626563][T25786] netlink: 'syz.5.6726': attribute type 1 has an invalid length. [ 1113.666235][T25786] netlink: 'syz.5.6726': attribute type 6 has an invalid length. [ 1113.933459][T25796] netlink: 194 bytes leftover after parsing attributes in process `syz.4.6730'. [ 1114.586246][T25810] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6735'. [ 1114.681055][T25812] usb usb2: usbfs: process 25812 (syz.5.6735) did not claim interface 4 before use [ 1116.175135][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.184428][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.587613][T25843] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6746'. [ 1116.610719][T25843] netlink: 13 bytes leftover after parsing attributes in process `syz.2.6746'. [ 1116.705850][T25847] FAULT_INJECTION: forcing a failure. [ 1116.705850][T25847] name failslab, interval 1, probability 0, space 0, times 0 [ 1116.742294][T25847] CPU: 1 UID: 0 PID: 25847 Comm: syz.5.6748 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1116.742344][T25847] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1116.742356][T25847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1116.742374][T25847] Call Trace: [ 1116.742383][T25847] [ 1116.742395][T25847] dump_stack_lvl+0x100/0x190 [ 1116.742443][T25847] should_fail_ex.cold+0x5/0xa [ 1116.742477][T25847] should_failslab+0xc2/0x120 [ 1116.742507][T25847] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 1116.742558][T25847] ? __alloc_skb+0x140/0x710 [ 1116.742595][T25847] __alloc_skb+0x140/0x710 [ 1116.742624][T25847] ? __alloc_skb+0x5b7/0x710 [ 1116.742651][T25847] ? __pfx___alloc_skb+0x10/0x10 [ 1116.742691][T25847] alloc_skb_with_frags+0xe0/0x810 [ 1116.742735][T25847] sock_alloc_send_pskb+0x801/0x980 [ 1116.742785][T25847] ? find_held_lock+0x2b/0x80 [ 1116.742818][T25847] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1116.742866][T25847] ? ip6_output+0x2eb/0xa60 [ 1116.742907][T25847] ? __pfx_ip6_output+0x10/0x10 [ 1116.742955][T25847] __ip6_append_data+0x2c4c/0x4de0 [ 1116.743002][T25847] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 1116.743039][T25847] ? find_held_lock+0x2b/0x80 [ 1116.743074][T25847] ? __pfx___ip6_append_data+0x10/0x10 [ 1116.743113][T25847] ? __pfx_ip6_mtu+0x10/0x10 [ 1116.743142][T25847] ? ip6_setup_cork+0x5be/0x14c0 [ 1116.743184][T25847] ip6_make_skb+0x2a3/0x3b0 [ 1116.743229][T25847] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 1116.743264][T25847] ? __pfx_ip6_make_skb+0x10/0x10 [ 1116.743311][T25847] ? sk_dst_check+0x1de/0x550 [ 1116.743343][T25847] ? udpv6_sendmsg+0x2499/0x2f60 [ 1116.743367][T25847] udpv6_sendmsg+0x2499/0x2f60 [ 1116.743398][T25847] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 1116.743441][T25847] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 1116.743478][T25847] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 1116.743548][T25847] ? __pfx___might_resched+0x10/0x10 [ 1116.743614][T25847] ? __import_iovec+0x1d2/0x640 [ 1116.743662][T25847] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 1116.743694][T25847] ? inet6_sendmsg+0x105/0x140 [ 1116.743723][T25847] inet6_sendmsg+0x105/0x140 [ 1116.743756][T25847] ____sys_sendmsg+0x704/0xc30 [ 1116.743800][T25847] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1116.743842][T25847] ? rcu_is_watching+0x12/0xc0 [ 1116.743882][T25847] ? ___sys_sendmsg+0x19d/0x1e0 [ 1116.743919][T25847] ? kfree+0x2ec/0x6b0 [ 1116.743957][T25847] ___sys_sendmsg+0x190/0x1e0 [ 1116.744001][T25847] ? __pfx____sys_sendmsg+0x10/0x10 [ 1116.744070][T25847] ? __pfx___might_resched+0x10/0x10 [ 1116.744118][T25847] __sys_sendmmsg+0x205/0x430 [ 1116.744153][T25847] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1116.744184][T25847] ? __local_bh_enable_ip+0x9e/0x120 [ 1116.744225][T25847] ? __pfx_do_futex+0x10/0x10 [ 1116.744277][T25847] ? xfd_validate_state+0x129/0x190 [ 1116.744323][T25847] __x64_sys_sendmmsg+0x9c/0x100 [ 1116.744354][T25847] ? lockdep_hardirqs_on+0x78/0x100 [ 1116.744385][T25847] do_syscall_64+0x106/0xf80 [ 1116.744417][T25847] ? clear_bhb_loop+0x40/0x90 [ 1116.744453][T25847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1116.744483][T25847] RIP: 0033:0x7faa6199c799 [ 1116.744508][T25847] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1116.744548][T25847] RSP: 002b:00007faa628e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1116.744577][T25847] RAX: ffffffffffffffda RBX: 00007faa61c15fa0 RCX: 00007faa6199c799 [ 1116.744597][T25847] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1116.744616][T25847] RBP: 00007faa61a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1116.744636][T25847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1116.744653][T25847] R13: 00007faa61c16038 R14: 00007faa61c15fa0 R15: 00007ffd65db9278 [ 1116.744692][T25847] [ 1120.373098][T25915] __nla_validate_parse: 2 callbacks suppressed [ 1120.373116][T25915] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6768'. [ 1120.452918][T25915] netlink: 294 bytes leftover after parsing attributes in process `syz.4.6768'. [ 1120.722479][T25921] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6771'. [ 1125.429066][T26002] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6798'. [ 1125.508991][T26004] usb usb2: usbfs: process 26004 (syz.1.6798) did not claim interface 4 before use [ 1126.056809][T26009] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6799'. [ 1126.757951][T26021] bond0: up delay (1) is not a multiple of miimon (110), value rounded to 0 ms [ 1130.990958][T26085] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1130.997680][T26085] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1131.050369][T26085] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1131.059421][T26085] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1131.112389][T26085] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1131.139261][T26085] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1131.234965][T26085] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1131.257740][T26085] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 1133.061957][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 1133.062014][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout [ 1133.141138][ T5827] Bluetooth: hci4: command 0x0406 tx timeout [ 1133.330165][ T5827] Bluetooth: hci5: command 0x0c1a tx timeout [ 1134.061467][T26122] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6832'. [ 1134.162788][T26122] netlink: 294 bytes leftover after parsing attributes in process `syz.5.6832'. [ 1135.141578][ T5827] Bluetooth: hci2: command 0x0c1a tx timeout [ 1135.144387][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 1135.221381][ T51] Bluetooth: hci4: command 0x0406 tx timeout [ 1135.391618][ T51] Bluetooth: hci5: command 0x0c1a tx timeout [ 1135.483849][ T51] Bluetooth: hci4: unexpected event 0x07 length: 435 > 255 [ 1136.604257][T26167] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6850'. [ 1137.969993][T26196] netlink: 338 bytes leftover after parsing attributes in process `syz.1.6862'. [ 1142.261489][T26240] netlink: 186 bytes leftover after parsing attributes in process `syz.5.6876'. [ 1144.865453][T26289] ubi0: attaching mtd0 [ 1144.897826][T26289] ubi0: scanning is finished [ 1144.923325][T26289] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1145.481118][T26289] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1146.161699][T26317] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input21 [ 1146.438042][T26309] [ 1146.440419][T26309] ====================================================== [ 1146.447441][T26309] WARNING: possible circular locking dependency detected [ 1146.454467][T26309] syzkaller #0 Tainted: G U L [ 1146.460451][T26309] ------------------------------------------------------ [ 1146.467472][T26309] syz.1.6900/26309 is trying to acquire lock: [ 1146.473544][T26309] ffff88802bf748e8 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0 [ 1146.485085][T26309] [ 1146.485085][T26309] but task is already holding lock: [ 1146.492453][T26309] ffff88802bf74d60 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 1146.501458][T26309] [ 1146.501458][T26309] which lock already depends on the new lock. [ 1146.501458][T26309] [ 1146.511854][T26309] [ 1146.511854][T26309] the existing dependency chain (in reverse order) is: [ 1146.520861][T26309] [ 1146.520861][T26309] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}: [ 1146.528611][T26309] lock_sock_nested+0x41/0xf0 [ 1146.533814][T26309] smc_listen_out+0x1f5/0x4b0 [ 1146.539026][T26309] smc_listen_work+0x4c2/0x50e0 [ 1146.544396][T26309] process_one_work+0x9d7/0x1920 [ 1146.549867][T26309] worker_thread+0x5da/0xe40 [ 1146.554986][T26309] kthread+0x370/0x450 [ 1146.559581][T26309] ret_from_fork+0x754/0xd80 [ 1146.564707][T26309] ret_from_fork_asm+0x1a/0x30 [ 1146.569995][T26309] [ 1146.569995][T26309] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}: [ 1146.580167][T26309] __lock_acquire+0x14b8/0x2630 [ 1146.585548][T26309] lock_acquire+0x1cf/0x380 [ 1146.590581][T26309] __flush_work+0x4de/0xcb0 [ 1146.595622][T26309] cancel_work_sync+0xd1/0xf0 [ 1146.600833][T26309] smc_clcsock_release+0x5f/0xe0 [ 1146.606318][T26309] __smc_release+0x5c2/0x880 [ 1146.611441][T26309] smc_close_non_accepted+0xda/0x200 [ 1146.617265][T26309] smc_close_active+0x4ff/0x1070 [ 1146.622726][T26309] __smc_release+0x634/0x880 [ 1146.627933][T26309] smc_release+0x1fc/0x620 [ 1146.632884][T26309] __sock_release+0xb3/0x260 [ 1146.637998][T26309] sock_close+0x1c/0x30 [ 1146.642679][T26309] __fput+0x3ff/0xb40 [ 1146.647179][T26309] task_work_run+0x150/0x240 [ 1146.652301][T26309] exit_to_user_mode_loop+0x100/0x4a0 [ 1146.658197][T26309] do_syscall_64+0x668/0xf80 [ 1146.663310][T26309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1146.669726][T26309] [ 1146.669726][T26309] other info that might help us debug this: [ 1146.669726][T26309] [ 1146.679941][T26309] Possible unsafe locking scenario: [ 1146.679941][T26309] [ 1146.687413][T26309] CPU0 CPU1 [ 1146.692768][T26309] ---- ---- [ 1146.698123][T26309] lock(sk_lock-AF_SMC/1); [ 1146.702635][T26309] lock((work_completion)(&new_smc->smc_listen_work)); [ 1146.712087][T26309] lock(sk_lock-AF_SMC/1); [ 1146.719114][T26309] lock((work_completion)(&new_smc->smc_listen_work)); [ 1146.726048][T26309] [ 1146.726048][T26309] *** DEADLOCK *** [ 1146.726048][T26309] [ 1146.734178][T26309] 3 locks held by syz.1.6900/26309: [ 1146.739368][T26309] #0: ffff88805171f508 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 1146.749923][T26309] #1: ffff88802bf74d60 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 1146.759363][T26309] #2: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0 [ 1146.768530][T26309] [ 1146.768530][T26309] stack backtrace: [ 1146.774416][T26309] CPU: 1 UID: 0 PID: 26309 Comm: syz.1.6900 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1146.774455][T26309] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1146.774465][T26309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1146.774480][T26309] Call Trace: [ 1146.774489][T26309] [ 1146.774499][T26309] dump_stack_lvl+0x100/0x190 [ 1146.774535][T26309] print_circular_bug.cold+0x178/0x1c7 [ 1146.774574][T26309] check_noncircular+0x146/0x160 [ 1146.774611][T26309] __lock_acquire+0x14b8/0x2630 [ 1146.774646][T26309] lock_acquire+0x1cf/0x380 [ 1146.774674][T26309] ? __flush_work+0x4ca/0xcb0 [ 1146.774710][T26309] ? mark_held_locks+0x40/0x70 [ 1146.774739][T26309] ? __flush_work+0x4ca/0xcb0 [ 1146.774773][T26309] __flush_work+0x4de/0xcb0 [ 1146.774807][T26309] ? __flush_work+0x4ca/0xcb0 [ 1146.774842][T26309] ? __pfx___flush_work+0x10/0x10 [ 1146.774878][T26309] ? __pfx_wq_barrier_func+0x10/0x10 [ 1146.774910][T26309] ? __pfx___might_resched+0x10/0x10 [ 1146.774947][T26309] cancel_work_sync+0xd1/0xf0 [ 1146.774972][T26309] smc_clcsock_release+0x5f/0xe0 [ 1146.775010][T26309] __smc_release+0x5c2/0x880 [ 1146.775047][T26309] ? __pfx_sock_def_readable+0x10/0x10 [ 1146.775070][T26309] smc_close_non_accepted+0xda/0x200 [ 1146.775109][T26309] smc_close_active+0x4ff/0x1070 [ 1146.775134][T26309] __smc_release+0x634/0x880 [ 1146.775169][T26309] smc_release+0x1fc/0x620 [ 1146.775205][T26309] __sock_release+0xb3/0x260 [ 1146.775233][T26309] ? __pfx_sock_close+0x10/0x10 [ 1146.775264][T26309] sock_close+0x1c/0x30 [ 1146.775294][T26309] __fput+0x3ff/0xb40 [ 1146.775327][T26309] task_work_run+0x150/0x240 [ 1146.775361][T26309] ? __pfx_task_work_run+0x10/0x10 [ 1146.775398][T26309] exit_to_user_mode_loop+0x100/0x4a0 [ 1146.775431][T26309] do_syscall_64+0x668/0xf80 [ 1146.775458][T26309] ? clear_bhb_loop+0x40/0x90 [ 1146.775486][T26309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1146.775512][T26309] RIP: 0033:0x7fec0359c799 [ 1146.775532][T26309] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1146.775558][T26309] RSP: 002b:00007fff2ef2c228 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1146.775582][T26309] RAX: 0000000000000000 RBX: 00007fec03817da0 RCX: 00007fec0359c799 [ 1146.775603][T26309] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 1146.775619][T26309] RBP: 00007fec03817da0 R08: 00007fec03816038 R09: 0000000000000000 [ 1146.775640][T26309] R10: 00000000005d837c R11: 0000000000000246 R12: 0000000000117e1c [ 1146.775657][T26309] R13: 00007fec03815fac R14: 0000000000117c74 R15: 00007fff2ef2c330 [ 1146.775681][T26309] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1148.745276][ T69] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1148.802653][ T69] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1148.842631][ T69] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1148.913204][ T69] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1149.001891][ T69] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1149.063731][ T69] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1149.115502][ T69] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1149.167284][ T69] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1149.257684][ T69] bridge_slave_1: left allmulticast mode [ 1149.265588][ T69] bridge_slave_1: left promiscuous mode [ 1149.274810][ T69] bridge0: port 2(bridge_slave_1) entered disabled state [ 1149.283552][ T69] bridge_slave_0: left allmulticast mode [ 1149.289277][ T69] bridge_slave_0: left promiscuous mode [ 1149.294984][ T69] bridge0: port 1(bridge_slave_0) entered disabled state [ 1149.304845][ T69] bridge_slave_1: left allmulticast mode [ 1149.311294][ T69] bridge_slave_1: left promiscuous mode [ 1149.316991][ T69] bridge0: port 2(bridge_slave_1) entered disabled state [ 1149.325917][ T69] bridge_slave_0: left allmulticast mode [ 1149.332974][ T69] bridge_slave_0: left promiscuous mode [ 1149.339044][ T69] bridge0: port 1(bridge_slave_0) entered disabled state [ 1149.471848][ T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1149.481829][ T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1149.491123][ T69] bond0 (unregistering): Released all slaves [ 1149.571504][ T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1149.581230][ T69] bond0 (unregistering): Released all slaves [ 1149.654887][ T69] ovs_: left promiscuous mode [ 1149.689949][ T69] : left promiscuous mode [ 1150.038084][ T69] hsr_slave_0: left promiscuous mode [ 1150.045722][ T69] hsr_slave_1: left promiscuous mode [ 1150.053227][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1150.062930][ T69] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1150.071742][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1150.081530][ T69] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1150.093226][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1150.101616][ T69] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1150.109699][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1150.117088][ T69] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1150.130830][ T69] veth1_vlan: left promiscuous mode [ 1150.136105][ T69] veth0_vlan: left promiscuous mode [ 1150.253865][ T69] team0 (unregistering): Port device team_slave_1 removed [ 1150.272939][ T69] team0 (unregistering): Port device team_slave_0 removed [ 1150.348770][ T69] team0 (unregistering): Port device team_slave_1 removed [ 1150.367938][ T69] team0 (unregistering): Port device team_slave_0 removed [ 1150.978277][ T69] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1151.041440][ T69] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1151.095713][ T69] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1151.196196][ T69] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1151.309945][ T69] bridge_slave_1: left allmulticast mode [ 1151.315647][ T69] bridge_slave_1: left promiscuous mode [ 1151.323448][ T69] bridge0: port 2(bridge_slave_1) entered disabled state [ 1151.334065][ T69] bridge_slave_0: left allmulticast mode [ 1151.339819][ T69] bridge_slave_0: left promiscuous mode [ 1151.345539][ T69] bridge0: port 1(bridge_slave_0) entered disabled state [ 1151.499028][ T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1151.511076][ T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1151.522474][ T69] bond0 (unregistering): Released all slaves [ 1151.569510][ T69] : left promiscuous mode [ 1151.929941][ T69] hsr_slave_0: left promiscuous mode [ 1151.936059][ T69] hsr_slave_1: left promiscuous mode [ 1151.943053][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1151.952300][ T69] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1151.960211][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1151.967601][ T69] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1151.978631][ T69] veth1_macvtap: left promiscuous mode [ 1151.984384][ T69] veth0_macvtap: left promiscuous mode [ 1151.990016][ T69] veth1_vlan: left promiscuous mode [ 1151.995246][ T69] veth0_vlan: left promiscuous mode