last executing test programs: 2m43.956657387s ago: executing program 1 (id=15570): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="01002bbd7000fedbdf2502000000080005008c01"], 0x1c}, 0x1, 0x0, 0x0, 0x20040cc4}, 0x4004450) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000100)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m43.72143469s ago: executing program 1 (id=15573): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000040)='./file0\x00', 0x2041, 0xfa) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) 2m43.486851528s ago: executing program 1 (id=15576): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, 0xffffffffffffffff, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0xa200, 0x0) r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_LINK(r1, 0x40044160, 0x0) 2m43.27273755s ago: executing program 1 (id=15580): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0x5, 0x0) fanotify_init$auto(0x5, 0x2000000000002) inotify_init1$auto(0x3000000000000) socket(0x15, 0x5, 0x0) getsockopt$auto(0x2, 0x114, 0x271d, 0xfffffffffffffffc, 0x0) 2m43.020976636s ago: executing program 1 (id=15581): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffa, 0x8000000008011, r0, 0x8000) madvise$auto(0x0, 0x400053, 0x9) madvise$auto(0x0, 0xffffffffffff0001, 0x15) futex$auto(&(0x7f00000000c0)=0x1, 0x8c, 0x1, 0x0, 0x0, 0x1) 2m42.210964583s ago: executing program 1 (id=15590): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)={0x34, r2, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x200}, @NFSD_A_SERVER_SCOPE={0x17, 0x4, '/dev/snd/controlC0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0xc840) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)={0x24, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x3}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4000) 2m39.219270618s ago: executing program 0 (id=15621): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x6c, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x2}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x8}, @HSR_A_IF1_AGE={0x8, 0x3, 0x4886177a}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @random="431396a271ac"}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF2_AGE={0x8, 0x4, 0x10}, @HSR_A_IF1_AGE={0x8, 0x3, 0x401}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m39.137166533s ago: executing program 0 (id=15622): mmap$auto(0x0, 0x80004, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop12\x00', 0x14fa02, 0x0) r0 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000040), 0x42001, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) ioctl$auto(r0, 0xc0105303, r0) 2m38.938712169s ago: executing program 0 (id=15624): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0xd, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) fsconfig$auto_FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000000c0)='[\x99}/:H\x00', 0x0, 0x0) 2m38.666312765s ago: executing program 0 (id=15627): socket(0xa, 0x1, 0x100) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) listen$auto(0x3, 0x81) 2m38.565549193s ago: executing program 2 (id=15629): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/statistics/tx_compressed\x00', 0x80000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8900, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x4070aea0, r0) 2m38.506239969s ago: executing program 0 (id=15630): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x34) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x6, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') mmap$auto(0x0, 0x400007, 0xde, 0x9b72, 0xffffffffffffffff, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100) 2m38.334238247s ago: executing program 0 (id=15632): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x3, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 2m38.33371953s ago: executing program 2 (id=15633): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x1d, 0x2, 0x2) socket(0xa, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0xa, 0x0, 0x0) 2m38.254801988s ago: executing program 2 (id=15635): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x2000040080000004, 0xe) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) write$auto(r0, 0x0, 0x10007c) 2m37.79464791s ago: executing program 2 (id=15639): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x0) unshare$auto(0x40000080) name_to_handle_at$auto(r0, 0x0, 0x0, 0x0, 0x7) 2m37.493695481s ago: executing program 2 (id=15642): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x34) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x6, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') mmap$auto(0x0, 0x400007, 0xde, 0x9b72, 0xffffffffffffffff, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100) 2m37.321500908s ago: executing program 2 (id=15644): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket(0xa, 0x3, 0x3a) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) read$auto(0x3, 0x0, 0x8080) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xffd8) 2m27.131769541s ago: executing program 32 (id=15590): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)={0x34, r2, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x200}, @NFSD_A_SERVER_SCOPE={0x17, 0x4, '/dev/snd/controlC0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0xc840) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)={0x24, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x3}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4000) 2m23.354869485s ago: executing program 33 (id=15632): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x3, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 2m22.064111716s ago: executing program 34 (id=15644): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket(0xa, 0x3, 0x3a) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) read$auto(0x3, 0x0, 0x8080) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xffd8) 2m20.661766184s ago: executing program 4 (id=15666): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) select$auto(0xd, 0x0, &(0x7f0000000400)={[0x8, 0x200000000005, 0x7, 0x7, 0x0, 0x80000004, 0xc, 0x6, 0x8fc, 0xb80, 0xe34c, 0x9, 0x3, 0xfffffffffffff954, 0xfffffffffffffff8, 0xfff]}, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 2m19.567675717s ago: executing program 4 (id=15681): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mount$auto(0x0, &(0x7f0000000200)='&&\x00', 0x0, 0x8, 0x0) 2m18.356565574s ago: executing program 4 (id=15686): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) lseek$auto(r0, 0x5, 0x0) getdents$auto(r0, &(0x7f00000004c0)={0x600, 0x7fffffffffffffff, 0x4}, 0x62d4) 2m17.825921056s ago: executing program 4 (id=15687): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x1f53, 0x2000000000002) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x4242, 0x0) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x5, 0x0) fanotify_mark$auto(0x1000000000000, 0x65, 0x9, 0x1, 0x0) fanotify_mark$auto(0x0, 0x1, 0x3a, r0, 0x0) 2m8.81283847s ago: executing program 3 (id=15730): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) socket(0x10, 0x3, 0x6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="e9c8e095", @ANYRES16, @ANYBLOB="040025bd7000199fb180fedbdf25020000000500110030000000ffff27000200000064bfd8a3dbd2f36a209bdf7df8c82bbc"], 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x40000) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r0, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m8.53822301s ago: executing program 3 (id=15731): r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000200), 0x280000, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x20, 0xf3, 0xb0, @inferred=r0}}) 2m8.316205593s ago: executing program 3 (id=15733): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x480, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e000000000100", @raw=0x3}, 0x4, 0x966, 0x3, @raw=0x404, @enumerated={0x8, 0x80000000, "033beddd1805dc0a0f9236c0095295603854aabf973f037f0896b19cbe04c0aa95c57dc0788556977828784abe1a8f695f19b28fd798a2fb818b216638fd3266", 0x48, 0x3}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) poll$auto(&(0x7f0000000080)={0x3, 0x1, 0x83e7}, 0x5, 0xb) 2m8.110248539s ago: executing program 3 (id=15734): mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x801, 0x84) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55) capget$auto(0x0, 0xfffffffffffffffe) setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8) 2m7.951510324s ago: executing program 3 (id=15735): r0 = pidfd_open$auto(0xffffffffffffffff, 0x3) mmap$auto(0x0, 0x40000c, 0x9, 0x9b72, r0, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x3000000, 0x0, 0x5, 0x0, 0x10000000000000, 0x2}, 0x885}, 0x1, 0x7) socket(0x2, 0x80002, 0x73) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(r1, 0x0, 0x800000008) 2m7.558681701s ago: executing program 3 (id=15737): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mkdir$auto(&(0x7f00000000c0)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x7, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') r0 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) getdents64$auto(r0, 0x0, 0xdd) getdents64$auto(r0, 0x0, 0x8) 2m2.75534516s ago: executing program 35 (id=15687): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x1f53, 0x2000000000002) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x4242, 0x0) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x5, 0x0) fanotify_mark$auto(0x1000000000000, 0x65, 0x9, 0x1, 0x0) fanotify_mark$auto(0x0, 0x1, 0x3a, r0, 0x0) 1m51.828176704s ago: executing program 36 (id=15737): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mkdir$auto(&(0x7f00000000c0)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x7, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') r0 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) getdents64$auto(r0, 0x0, 0xdd) getdents64$auto(r0, 0x0, 0x8) 6.271697072s ago: executing program 6 (id=16476): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) lstat$auto(0x0, 0x0) 4.358068976s ago: executing program 7 (id=16486): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="72010000", @ANYBLOB="10000d7d478fb0f83cbb590c68f52d96d8"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.660318371s ago: executing program 7 (id=16492): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) close_range$auto(0x2, 0x8, 0x0) 3.343390139s ago: executing program 7 (id=16495): mmap$auto(0x0, 0x2000c, 0xdf, 0xe31, 0x40000000000a5, 0x8000) bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=@bpf_attr_7={@map_id=0x3ff, 0x2, 0x10000}, 0xac) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 3.038014707s ago: executing program 6 (id=16498): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 2.24197557s ago: executing program 7 (id=16502): syz_genetlink_get_family_id$auto_batadv(&(0x7f00000000c0), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zram0\x00', 0x40102, 0x0) mmap$auto(0x0, 0x6, 0xffe, 0x8000000008011, 0x3, 0x0) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000080)={0x68, 0x4, 0xd, 0x4, 0x80000000009, 0x7fb0, 0x9, 0x5, 0x200000000003, 0x416c7c0c, 0x2c4, 0x7ffffffd, 0x7ff, 0x6, 0x6}) 2.193661095s ago: executing program 8 (id=16503): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB="0c001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x48080) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.978354348s ago: executing program 6 (id=16505): mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x6f) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x2100, 0x0) pipe$auto(&(0x7f00000000c0)) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r0) 1.906477708s ago: executing program 8 (id=16506): mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x2) openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000002840)='/sys/kernel/tracing/trace_clock\x00', 0x8000, 0x0) fchmodat2$auto(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x61ed, 0x4) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000840)={{@raw=0x8, 0x7, 0xba28, 0x0, "708c58271a7985a7704331f78af8d149fc53d81fd4a7553c2ff48b48a8a57689adcc1ca6d2cbfa93b50590c9", @raw=0x6}, 0x0, @bytes=@data_ptr=0x0, "fa491e08108961dd5708680f1134935851612a52d629535f54f3832490fc4e7f79daef312b3df3307044713a4801d409aefe3f932f78fc311771094e769c0095f94ee6d74f2517f34a0bbbf502bf3392ac4d93bde5f733ba936c0890312cf035bc44117db9b683eedc5e02a703fc82750d8d6ebac0c3019ef8e6c1eecea33a59"}) setsockopt$auto(0xffffffffffffffff, 0x11, 0x66, 0x0, 0x8) setrlimit$auto(0x5, &(0x7f0000000000)={0x3, 0x4}) 1.805909267s ago: executing program 5 (id=16507): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0x8, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x1000, 0xb, 0x1, 0xced80000000000, 0x9, 0x6, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0) r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) readv$auto(r0, &(0x7f0000000a80)={0x0, 0x3}, 0x3) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, 0x0, 0x20103, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.707889467s ago: executing program 6 (id=16508): mlockall$auto(0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0xfffffffe, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) madvise$auto(0x0, 0x2003f0, 0x15) 1.660955969s ago: executing program 8 (id=16509): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = signalfd$auto(0xffffffffffffffff, 0x0, 0x8) timer_create$auto(0x2, 0x0, 0x0) setitimer$auto(0x0, &(0x7f0000000140)={{0x40000000002, 0x5}, {0x20000, 0x8}}, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000a40)=""/4096, 0x1000) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x0, 0x400}, {0x0, 0x87}}, 0x0) 1.364889749s ago: executing program 5 (id=16510): mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x1) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) write$auto(r0, &(0x7f00000001c0)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) readv$auto(r0, 0x0, 0xe73) mmap$auto(0x2000000000, 0x2020009, 0x2, 0xfa, 0xfffffffffffffffa, 0x3) prctl$auto(0x4e, 0x1, 0x0, 0x0, 0x0) 1.166696478s ago: executing program 7 (id=16511): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) getsockopt$auto(r0, 0x84, 0x7c, 0x0, &(0x7f0000000000)=0x7ffe) 1.156518031s ago: executing program 6 (id=16512): r0 = socket(0x2b, 0x1, 0x1) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) shmctl$auto(0x3, 0x10000, &(0x7f00000002c0)={{0xdb0, 0x0, 0x0, 0x1, 0xaa5f, 0x80000001, 0x2}, 0x7, 0xc, 0x800, 0x6, @raw, @inferred=0xffffffffffffffff, 0x9, 0x0, &(0x7f0000000140)="9c684535856422f7640acbad89fed8bd6a83179f7900856e930edccb83ba62476794d692a36470f9c0e630c6ce9624448bb9de4f1510d5f64d299a27b8ace75fcabfa7ecb8a5deab3e3cb89db9c35ccd68667919e26791361b9d8ef42ae2ff6ca1b9decc37e3420fc44979dc4f526cc033c19fa99d9d89d11185e59c9c42838a94db253a4b8eb12bd651c4a7bcb9eb2408beb67d902050c5abd22174128665b5368d46e6620127e880403b4f858934c0b9e3da16fb0b303ebf6c2f48e2a4e9aebcbe8fff920ca3f2132b6ab96be580c419272ea953", &(0x7f0000000240)="42196102e1be312c4bcd275fc5d7e6dc8cad43ed26112532086df274f8e2eb11ec9d29930452768db9adff14c2340be643dfcba772f9be203a4aab33262a5774f69544efc9d3ea7ccf9d82de1262e0a5bd0cf29bb97d884cdb7c2d225dc27b6502dba64d2c78e3b2c44c3fa47a0f8e72bd77a5e1b0ef7b28a08f1e4098512f"}) sendmsg$auto_NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f00000014c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001480)={&(0x7f0000001500)=ANY=[@ANYBLOB="28110000", @ANYRES16=r1, @ANYBLOB="100029bd7000fcdbdf25270000000400f4000600b40001010000f8105a8008000300", @ANYRES32=r4, @ANYBLOB="ce10418082d47f5c7d1e27902939c70d104e264fff3121a8ef401a7be272e83073ac7aa4ccabd3990b1122bcc926d63d668a40586864f66f1f4e94b3acd7740a50cfc5a3127c7503755b608daf68c343a52e813ea3fb11619971ab901c5e1a3b826e807e5455604dda78a9c010c906a15e5e7e14d960f7d318357bbad1117bf227306f78b45f3665a001d86f3bcd08006500ac1414bbaddf1871add49f3f82fdd0e373e7ce02f92f73dabf85f1287db5f12998348033f2b8aa8604fce40e856fe4d15e26ddc7c7a80b849f2df1c24ef3cb305efa7c0523da9e406bdd31c974d19967b94452b8ebef8577791478fe266dd2bd7bf68a8250c409d554c5fd74265723fed55061059689ccced4e64f10f0688e3948a1e1f270a15ce3a3f28bc0f8f207d8b60eb1a026fe0100c2c28b79c2f8fd3332c9cfa428f095e45242e63613a33327bd0758107a40da836ab22d34499812926986438d1c097c2172666481b3c05bda75c1fefcdc92dcda2b0c1e082567e6337694ffffffffffffffaa0dc604364998bff235a5f61a3aa9a5c190c8790b098615145ed4f104a83ff5261ec76c0b0041a15bd3a31166c2f288a8dfd07d416aff2b558cb8b0b6ee03d95292951a91e15be3041901f70be0d82f572463509fd0e7b31d580a1394cf6b497714ce4ffc36b8566f20ae0d90cc12394ec842b512fb2d6c0bbae07299ee9a39ae205e4106387a3075b4abbd9a703cfc7e1d726abc9b12c8a83bded4330baae036c6f4cdfc5b2af2c52a2dceedce7e41666df1c2d49855052ff16365733d4589d150fe373a9edee42244f744b80fd67da372d84f47caf98be9e07758317547d2f43402b4a61530b9f9af7d54291acb48c16596a25bb09bf5f1a370e40c058955d0d8c9dcbe72f75533de131bd7c36c08f11371bd7355982d729e0c1a006a0a6f48d30d3d7d8065e7a2c3c69734aad7c133ca1ad8cda472ed317732bd4ce8317307fd3530ca1be3a9ec6555be52154c81ee2bf28deea916d79dd62b7dea331148a80b839ab63fd2bf225926250ca29388eafb9f8e554e0c02c6c0cd8e26027ae7d88d4b4085f56e143a0eb410e674ad202bd69d14b20b2d8bbd0bb3322fd1afb1a8a76467217439e08da3e14f8efa39a5700286dfb7abd8d2f915e7992db9256eca4d086c2e3a5c7230e2c35b3b519958e7dd52ebebb75a01cf766b0af819d56fa495bc4e8e649c7a17982f7246a049edee760024ff492d2205246a43df5dd29bec201eb00cbdbdd4825e88a93366aaa792ca6f861bc74be14a9bc1d9f2a5c025d70704b0bc15aeee282614f09b139f8582194df584d4bd9c7d1da5500feaeb2a30e0d014551c3d25b47ddb34a81a33eb2e54c49a27143d910f229c17fd92f8963000b2a01aaff78eb52f28d68768090c42cc46b794d8d2d970858ea43c54e61ef74a2ace4b98baa6b168aa8e96ef68d669d13451188b23c6a80a8caa8521c4a0f3bf6bfee94d00b2c1f12ff58e12d5c8b2a0b3444050cc5d44de42b237421791b08396564a0122eca048121e518429451dd8ded57f678825b4e5f4be88a75d54385a77418525667a5f117da484288e8a1a612f2c8a8ae3b9ec8255cb850e4884cbc2a90bcedf80f416d221c66ed222fdc8ba0ded2f4d242bc5443221ff39969b0af83eaccca4999bdf82d560b8d6c7051d1cc0138739b920c6786ddfea26fc7ffcdb4ac23c57c9f19f32c3ba81c8e49aa78409eadf9edea3bc57d88bcf9d0cd75c1361c9237de4165aebe10f0e53c5d6a94bd7760c22a10a0072a37e6eb4dba8195dcdb0c20421a5e6ae020f0924f7aae58e7fd5a60dcb84c18a354f008420df08271d1d828c9220fbd9d5a88e2e0d2af5b212804b6b3c2ba44ee0d80c66b0abf4308be65588f9d7e1df948184f76471b7d59039ead3eb1d8b2e9e602b544ae913acfee14f66401570f46bea2d9de26b094940ebefa6503d187343ac7533d937317ec951a1c36b705dced1e3c5beb4b98752a261b7a7b17909fd6b4e809341ed4bd1273c278bc0540d88a06d7299917e795de3296426a668124b8ccd798d456b9ad96a4e7823b4d0b9f6ebb37f3313ebf5fdff490c6a79cf160976a2185363d1bbc63516a89d72600144010cf279449ea1cb997c916e5e2eb11cc5d4b4cf789cdeadfc948cbb10c93115623e910e395ec1665251857fa09ec28cfe11faf44e278ab5a3d5f2e43380029cbede69346f4f34ccc14531c01da24398f0d33b86c43e2aa8522c2f42faf15acd2567401573f3783ae71fbf2761695d6f83d1d66a155cbbe2a4dcd1a47a9d8535bd344f932ab3ba47fd176c732de820fd9ff00bf23dd62b74472a39ef58112e4769d2bf4bfc8cd7e4c309a16d21af4f9f800825dc4f643d1da9ed63d99351c21c1bbdd3a9d95ec629a6a6a4b0b1743a02472915d0edcad8f09e684ecaa1067a8fef11f6081860cdca06f5d95bdca1520ec170c2c8b8dfad9f09ce298c5f8fa238cfe4743b512c8bc8b36564ccc837a53365004689154f96e07865212a0a3db0877c7daa7cd595b99ec183cd45dbd7429ef54c658e8e36390c298ea94f713fd0864780dade8ff6ac94a08373d187efd7da288e7c750bcc629596e4c216d6778e25a8ff27005c6e8a021f5f4ed04cfb63fd4b931b1bbe8c5045ebaa23e1cd48185f7f8cf5cd14fbeb3bb74ae99d293b28bb85beb9707232dbd86580a3ff9329c2f6a52d1f191d33883df59295761afd600f20753870f6f1bc63cb18919b45028fe32104ff8a4e063acd5693c04ff71e80607c47111d93ec0bc40bf60de4c52169a5ec75c6f73cf71318dc8e0f9f07ba79be3c6545cf4049df961ba8b944cc3a6f24f2862e76823f315001c075da05698d0d874f77b5289cfdb305dbf12521d5c046a1d899d7078eac7a0add8cc7931c893d55f60bf0e76f6f23ec3aa7821694cd2d52758078798433385535f9221e874946285fd33eaf4abce2ab4820e5318933d8e71b07c014ad98fc1127532044889453f95ccea09d3b1b8796ab1a5e9a7d11c63cdda255797ff3a2977029c47f90d51771798144f59eb18e10aa2f1c1d2bd8e699eef228c0a6fe9c1e9641c1a1d7c2b2cae1b3e45847dcdb6924d5906775ca8576608bab636f2ba4828b40f304a27212b5e76e15e60ae8deaa28383aec7d543d95ccda3cd14e3408dc78693acde61e0896f86704cd676b5b43157d67b13602e390fcb0425c182ea39fbd15daf41bd9ef2d17637edabf5dda3d6499082cc785a9cb5af95114efc5a459a98ba2995bd8086fb6a887a2df7e4be359a82ecd0dac784e4bff2351b5397619c695842368a38e9d143d395727243d077ec158b2c0c0192b9d9b256a3b1370470f15e81dd6bd99d92da41c10ab8d116133525d5ef50f10d1a4d9a33657d9dd0b64f0f635dd1c0612a16b318cb38b1c3140bf9a0450161c974b58113ba2335112837bb60bf50600741564fdf5223c9580e1ac18382ffc6ab2f1e11052e24afb3ab7f5228bcb731619927c4938b3b4164ea66c0d3c1d02f29fabc58310d245a02993c561751439d9fb4e3d4d6eac279a898077fd648fdcc436b611843856a461eed88b986511452258c96ca733187bfabc3105fa40bb68f5c7f55f2559585bdd83fffaf42ca1b185148db46dfdb39127ac2801f0dd778c3e20b4d19a678e51c30301c47d36aee57eb5f85adaf2f8afe847cbe8de931b3f6d314b551ed20a62be928d9515cc8bbf78897725fd7d59c6c240ce4769a353c4c168ee184c393536bede1c5e717205ababbd2697eeeefbe67ae8326407dc95c013a57ac617b2e6068a030a6f7b931ae5b6c0ece1522b63de224e973e7c6b8a085bf884de9a3268ac3f3fceee1c7cd679aa8d1e4ebdd401f1a0cc83f6c781917f4b6e6ae0a7551690a09c91aff3bce8f6c92c564c87776bec9d1234746b21f0bb22c160554a58afe38d4efbd3c8ee77fdf46d484530ca4118d42642a6a5e99a69cc15310d86c369f30d3097bc83e375cf165ebcfe86fc255dfe4f96b5f2634288bc6df337dca638a00f7ceabdceca1949db7329904904a15b38e20c97bce53b7c4cea103b70575aaae6eb2a5ce58ed677579cd4eb1234acff7e9782baac784a657fd663b4899786868e47e99aa162f468b3870d48c2d8dbce9297e68c151af9a88b290909f0961cc8f4266180b00600e7764d1c938cad36096f2e91a884b9cc720cdafdf3601384159ee267c3dc1890f5436e68cceeb01b8683fcd8a71cc099e725389e80810f3160e6b0dd549aa025c7d6254c7644974b4c6dbda3a4505fed74a95448878c47126f3db42eccc0c4322b5d551373d9c50fbbd9934f70e82deb6c1f3002c926dde37a48d190f59887faed4c16116bc57be6f4be8046b04f002cad83cb750aa4f30a627a01413660b8e6535a010e1dcaa208aeb54856e50b0b1888f6020db211c00105eb15a6424dce6a74d2f04bff14fcefbfbc2b0d832551350990d297901c6a908a837e9276e74e2ad07a0c8ad1b23d28ad3232886758a7af512a9fd2935b64c3c4ff775e8484e3fbe9460410bf0f3f14cc456e18c1a23b65970ff59cfdc3a6750f7945fb83fffa70b9da46566d2ad0662fdc515e3287b50523e6da64a05b4a19216c44a44bd08d6e7cf6ab481915e4312f61386d51eb63282b9ed64f782d1f376a44a33596369bb2ef2535bdd5f3ab374acc8d23e134ada542724ffaa7826bedbfa796f93e7ec09d28cf8447cbc757762906455cb7f7b8c1dc0c8691502f3a6d37f7f5dad917fc8210dfa874af75ad5750730814bb5758757a8695fcb11b1ed383080cf63f473d7d52d9d52b2ebb4b2be838368904fed1c27deffdef53e891669a214b674cd01d8d42c88ed9193385d929d7e63d6d446777eade38291c7417a59162caa5b1f7a1ab51ac6281de2b184afe414c626ebff43b56932cef3b1bf4cdeb449c0aedacb56f12968e8c1fb7701fc075f81b5e388991f640698d4007cb335a988fd86b7a4a8de1f279714b2d716413caf76eae54c0238a45ead2a99ac6eb3216d7868ae577115f350d04e120b1d804dc517e328996ae3605c4182598cfc3c83f10fc8cae225dc1c8f64cd24f9e2b86a7cccf98bf00cfcf89b634242061f89bf1dd6ba82d3c500c28794334f480995aaca14a2361a343957f1d5ca37b3572897bd05e282e301e853560294b21044cbfef283cf8086e1b60cd21a6bc2354d226d5844d9a70c34da972ae7e360437929348a517dc57751097a4428f1b4f943dc07c32e74c8b0f097f98938080028023bd1a58cdb2640961ad569877282078e7b472143cae6ed4f12b155058fdbe414602f4d46ea17dc91f009c190c1f969ebf4990ef05a530ebc7baa47220d61a7fe4238d20f631132a9bb780c40ccdb0f035648b287bf39150aa6a8f56aae1e8af9230a02f9928c54b0f2154d20ac78895c15149d7d57d2cfa50897c5b3142f6feff9f199d438441b346449b2d97a71c69c098cb4b189f252d7cc67ad2cf4a09519159d45f2f560c5667eee278f170532cebdefee13781be149368ca3df24f4fb3803f179fb292d5d47291d42f07abb60fc4f356e867bab8a696ebe514ed6e14997ed96b313b455331a0592f03feae70716e8989227f2ed8da85f03f18f205c9a7e5b1c991ee3ea40089901595449c9ed6032bc9109714f0e15b3b8282c633734c601febfc183b803052e02805a4408f25dc674e5b213fbf0b0be78f763340a470c89630cd5d4a0ca7d5a5f2ce8f95edc01147ee33d1eed2be7b481a02a237e5faef76b0ed973be8cca63e967f91c6d6b69ad6cdab1c45dd355da5afe1f1c238a855364a64360d07bef190f20a9b390d2959972ff209bdcecf9538bd0d79c419817c8a8f3afa6c6048b8c2b04d7c6910f583a8305ae914ce1db59dfce75a12222c30c7307c13c0176c4a992de2638a1e127bbf4f142b60b533953a8821025749e2966bc0258026bb887520a119390ecf0c3570b7d6da6981a33dc9d37338f32e0acc1b2ad446e0d21b0400d18004003b8004008580270015002f7379732f6b65726e656c2f74726163696e672f7570726f62655f70726f66696c65000004004400000014001e00fc020000000000000000000000000000080094006401010204007300040046010800420005000000"], 0x1128}}, 0x24000851) 1.141155246s ago: executing program 5 (id=16513): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) modify_ldt$auto(0x1, 0x0, 0x10) fsopen$auto(0x0, 0x1) r0 = io_uring_setup$auto(0x3ff, 0x0) mmap$auto(0x0, 0x8004008, 0x2000000329, 0x2000000010011, r0, 0x8000) write$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0) modify_ldt$auto(0x0, 0x0, 0xfffffffffffffffb) 848.568585ms ago: executing program 5 (id=16514): mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0xf, 0x0, 0x6) sendmsg$auto_OVS_VPORT_CMD_GET(r0, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x14, 0x0, 0x4, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8804}, 0x800) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x3, 0x4a}) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100) 728.050987ms ago: executing program 6 (id=16515): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0x800000000ffb, 0x8000000008012, r0, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/maps\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0xeda5, 0xc86) 630.872883ms ago: executing program 8 (id=16516): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x80000000) close_range$auto(0x2, 0x8000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) socket(0x2, 0x2, 0x1) 618.993134ms ago: executing program 5 (id=16517): close_range$auto(0x2, 0xa, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x1000}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000080)={0xc1}) 328.25717ms ago: executing program 8 (id=16518): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}, @HSR_A_IF2_AGE={0x8, 0x4, 0x4b3d}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 287.329414ms ago: executing program 5 (id=16519): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) setfsgid$auto(0x9) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) socketpair$auto(0xffffff6c, 0x4, 0x8000000, 0x0) r0 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8955, 0x0) 8.552546ms ago: executing program 8 (id=16520): syz_genetlink_get_family_id$auto_batadv(&(0x7f00000000c0), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zram0\x00', 0x40102, 0x0) mmap$auto(0x0, 0x6, 0xffe, 0x8000000008011, 0x3, 0x0) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000080)={0x68, 0x4, 0xd, 0x4, 0x80000000009, 0x7fb0, 0x9, 0x5, 0x200000000003, 0x416c7c0c, 0x2c4, 0x7ffffffd, 0x7ff, 0x6, 0x6}) 0s ago: executing program 7 (id=16528): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r0 = socket(0x2b, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x0) socket(0x2, 0x1, 0x84) listen$auto(0x3, 0x81) listen$auto(r0, 0xf1) kernel console output (not intermixed with test programs): .519895][ T8013] bridge0: port 2(bridge_slave_1) entered disabled state [ 1190.547479][ T8013] bridge_slave_1: entered allmulticast mode [ 1190.568019][ T8013] bridge_slave_1: entered promiscuous mode [ 1190.699786][ T8013] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1190.771135][ T8013] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1190.928765][ T8013] team0: Port device team_slave_0 added [ 1190.958852][ T8013] team0: Port device team_slave_1 added [ 1191.092775][ T8013] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1191.124138][ T8013] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1191.200459][ T8013] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1191.259807][ T8013] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1191.289773][ T8013] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1191.335997][ T1610] Bluetooth: hci6: command tx timeout [ 1191.391461][ T8066] netlink: 'syz.3.15683': attribute type 19 has an invalid length. [ 1191.400127][ T8013] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1191.420862][ T8066] netlink: 334 bytes leftover after parsing attributes in process `syz.3.15683'. [ 1191.663666][ T8013] hsr_slave_0: entered promiscuous mode [ 1191.678155][ T8013] hsr_slave_1: entered promiscuous mode [ 1191.694467][ T8013] debugfs: 'hsr0' already exists in 'hsr' [ 1191.706058][ T8013] Cannot create hsr debugfs directory [ 1191.869018][ T1610] Bluetooth: hci5: command tx timeout [ 1192.022624][ T1610] Bluetooth: hci4: command tx timeout [ 1192.398387][ T8029] bridge0: port 1(bridge_slave_0) entered blocking state [ 1192.424074][ T8029] bridge0: port 1(bridge_slave_0) entered disabled state [ 1192.452137][ T8029] bridge_slave_0: entered allmulticast mode [ 1192.480956][ T8029] bridge_slave_0: entered promiscuous mode [ 1192.517489][ T8029] bridge0: port 2(bridge_slave_1) entered blocking state [ 1192.543168][ T8029] bridge0: port 2(bridge_slave_1) entered disabled state [ 1192.563854][ T8029] bridge_slave_1: entered allmulticast mode [ 1192.584372][ T8029] bridge_slave_1: entered promiscuous mode [ 1192.743617][ T8029] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1192.933724][ T8029] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1193.187707][ T8029] team0: Port device team_slave_0 added [ 1193.219539][ T8029] team0: Port device team_slave_1 added [ 1193.255530][ T8088] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15690'. [ 1193.282503][ T8088] netlink: 25 bytes leftover after parsing attributes in process `syz.3.15690'. [ 1193.297389][ T8013] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1193.331683][ T8013] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1193.346677][ T8029] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1193.366503][ T8029] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1193.403694][ T1610] Bluetooth: hci6: command tx timeout [ 1193.434811][ T8029] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1193.469566][ T8029] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1193.484167][ T8029] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1193.539397][ T8029] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1193.567618][ T8013] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1193.587326][ T8013] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1193.604419][ T8013] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1193.627349][ T8013] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1193.661519][ T8013] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1193.679269][ T8013] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1193.701111][ T1610] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 1193.701139][ T1610] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15 [ 1193.716119][ T1610] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1193.781157][ T8029] hsr_slave_0: entered promiscuous mode [ 1193.788799][ T8029] hsr_slave_1: entered promiscuous mode [ 1193.796800][ T8029] debugfs: 'hsr0' already exists in 'hsr' [ 1193.802898][ T8029] Cannot create hsr debugfs directory [ 1193.932101][ T1610] Bluetooth: hci5: command tx timeout [ 1194.334282][ T8013] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1194.396010][ T8013] 8021q: adding VLAN 0 to HW filter on device team0 [ 1194.434629][T26463] bridge0: port 1(bridge_slave_0) entered blocking state [ 1194.441812][T26463] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1194.614783][T26463] bridge0: port 2(bridge_slave_1) entered blocking state [ 1194.622070][T26463] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1194.831670][ T8029] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1194.854007][ T8029] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1194.873233][ T8029] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1194.894384][ T8029] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1194.919447][ T8029] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1194.940535][ T8029] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1194.975494][ T8029] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1195.013413][ T8029] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1195.303919][ T8029] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1195.367885][ T8029] 8021q: adding VLAN 0 to HW filter on device team0 [ 1195.412109][T14155] bridge0: port 1(bridge_slave_0) entered blocking state [ 1195.419407][T14155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1195.445169][ T1610] Bluetooth: hci6: command tx timeout [ 1195.507307][T14155] bridge0: port 2(bridge_slave_1) entered blocking state [ 1195.514579][T14155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1196.001286][ T1610] Bluetooth: hci5: command tx timeout [ 1196.183251][ T8013] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1196.670016][ T8029] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1196.892754][ T8013] veth0_vlan: entered promiscuous mode [ 1196.934086][ T8013] veth1_vlan: entered promiscuous mode [ 1197.027842][ T8148] netlink: 342 bytes leftover after parsing attributes in process `syz.3.15697'. [ 1197.043522][ T8013] veth0_macvtap: entered promiscuous mode [ 1197.072240][ T8013] veth1_macvtap: entered promiscuous mode [ 1197.143686][ T8013] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1197.178923][ T8013] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1197.221120][T14154] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1197.262740][T14154] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1197.299693][T14154] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1197.350969][T14154] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1197.410718][ T8155] netlink: 'syz.3.15699': attribute type 14 has an invalid length. [ 1197.513413][ T1610] Bluetooth: hci6: command tx timeout [ 1197.529008][ T8155] netlink: 330 bytes leftover after parsing attributes in process `syz.3.15699'. [ 1197.611341][T14154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1197.643889][T14154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1197.729918][ T8029] veth0_vlan: entered promiscuous mode [ 1197.756516][T14147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1197.773783][ T8029] veth1_vlan: entered promiscuous mode [ 1197.783544][T14147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1197.889272][ T8029] veth0_macvtap: entered promiscuous mode [ 1197.927044][ T8029] veth1_macvtap: entered promiscuous mode [ 1198.020375][ T8029] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1198.092054][ T8029] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1198.157403][T26463] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1198.190577][T26463] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1198.223519][T26463] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1198.260805][T26463] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1198.565500][T14147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1198.612623][T14147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1198.719928][T26463] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1198.753702][T26463] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1199.166195][ T8183] ERROR: Out of memory at tomoyo_memory_ok. [ 1199.624737][ T8201] netlink: 342 bytes leftover after parsing attributes in process `syz.3.15714'. [ 1199.960752][ T8213] netlink: 334 bytes leftover after parsing attributes in process `syz.3.15720'. [ 1200.094894][ T8216] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15721'. [ 1200.126539][ T8216] netlink: 25 bytes leftover after parsing attributes in process `syz.3.15721'. [ 1200.425060][ T8221] batadv_slave_1: entered promiscuous mode [ 1200.446655][ T8221] batadv_slave_1: left promiscuous mode [ 1201.951543][ T8243] netlink: 504 bytes leftover after parsing attributes in process `syz.3.15730'. [ 1204.970125][ T8288] random: crng reseeded on system resumption [ 1205.478419][ T8298] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15748'. [ 1205.517724][ T8298] netlink: 5 bytes leftover after parsing attributes in process `syz.6.15748'. [ 1205.548879][ T8298] netlink: 12 bytes leftover after parsing attributes in process `syz.6.15748'. [ 1207.432633][ T8320] netlink: 322 bytes leftover after parsing attributes in process `syz.6.15756'. [ 1207.701277][ T8324] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15758'. [ 1207.722546][ T8326] netlink: 334 bytes leftover after parsing attributes in process `syz.5.15759'. [ 1207.734893][ T8324] netlink: 17 bytes leftover after parsing attributes in process `syz.6.15758'. [ 1207.951704][ T8331] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15762'. [ 1207.993905][ T8331] netlink: 'syz.5.15762': attribute type 7 has an invalid length. [ 1208.244258][T21618] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1208.270437][T21618] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1208.280622][T21618] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1208.288687][T21618] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1208.296539][T21618] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1208.474089][ T8343] netlink: 334 bytes leftover after parsing attributes in process `syz.6.15765'. [ 1208.517066][ T8343] netlink: 334 bytes leftover after parsing attributes in process `syz.6.15765'. [ 1208.807031][ T8352] misc userio: No port type given on /dev/userio [ 1209.900086][ T8337] bridge0: port 1(bridge_slave_0) entered blocking state [ 1209.910508][ T8337] bridge0: port 1(bridge_slave_0) entered disabled state [ 1209.926192][ T8337] bridge_slave_0: entered allmulticast mode [ 1209.945697][ T8337] bridge_slave_0: entered promiscuous mode [ 1209.965339][ T8337] bridge0: port 2(bridge_slave_1) entered blocking state [ 1209.985324][ T8337] bridge0: port 2(bridge_slave_1) entered disabled state [ 1210.000706][ T8337] bridge_slave_1: entered allmulticast mode [ 1210.017941][ T8337] bridge_slave_1: entered promiscuous mode [ 1210.090797][ T8337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1210.125559][ T8337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1210.202700][ T8337] team0: Port device team_slave_0 added [ 1210.218807][ T8337] team0: Port device team_slave_1 added [ 1210.289814][ T8337] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1210.306362][ T8337] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1210.358278][T21618] Bluetooth: hci7: command tx timeout [ 1210.386166][ T8337] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1210.417851][ T8337] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1210.427535][ T8337] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1210.530568][ T8337] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1210.690838][ T8337] hsr_slave_0: entered promiscuous mode [ 1210.714867][ T8337] hsr_slave_1: entered promiscuous mode [ 1210.738493][ T8337] debugfs: 'hsr0' already exists in 'hsr' [ 1210.758250][ T8337] Cannot create hsr debugfs directory [ 1211.737378][ T8337] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1211.795748][ T8337] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1211.830380][ T8337] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1211.873223][ T8337] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1211.901516][ T8337] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1211.946376][ T8337] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1211.981848][ T8337] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1212.024401][ T8337] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1212.397179][T21618] Bluetooth: hci7: command tx timeout [ 1212.424486][ T8337] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1212.549341][ T8337] 8021q: adding VLAN 0 to HW filter on device team0 [ 1212.644652][T14155] bridge0: port 1(bridge_slave_0) entered blocking state [ 1212.651984][T14155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1212.810028][T14155] bridge0: port 2(bridge_slave_1) entered blocking state [ 1212.817417][T14155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1213.982214][ T8337] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1214.465190][T21618] Bluetooth: hci7: command tx timeout [ 1214.916371][ T8337] veth0_vlan: entered promiscuous mode [ 1215.001648][ T8337] veth1_vlan: entered promiscuous mode [ 1215.097646][ T8337] veth0_macvtap: entered promiscuous mode [ 1215.166938][ T8337] veth1_macvtap: entered promiscuous mode [ 1215.239215][ T8337] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1215.477350][ T8337] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1215.520094][ T8450] FAULT_INJECTION: forcing a failure. [ 1215.520094][ T8450] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1215.588013][T26463] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1215.605185][ T8450] CPU: 0 UID: 0 PID: 8450 Comm: syz.5.15789 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1215.605220][ T8450] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1215.605228][ T8450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1215.605239][ T8450] Call Trace: [ 1215.605245][ T8450] [ 1215.605253][ T8450] dump_stack_lvl+0x100/0x190 [ 1215.605282][ T8450] should_fail_ex.cold+0x5/0xa [ 1215.605303][ T8450] ? prepare_alloc_pages+0x16d/0x5f0 [ 1215.605329][ T8450] should_fail_alloc_page+0xeb/0x140 [ 1215.605354][ T8450] prepare_alloc_pages+0x1f0/0x5f0 [ 1215.605382][ T8450] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1215.605418][ T8450] ? __lock_acquire+0x4a5/0x2630 [ 1215.605450][ T8450] ? __lock_acquire+0x4a5/0x2630 [ 1215.605477][ T8450] ? __css_rstat_updated+0x1ce/0x5a0 [ 1215.605506][ T8450] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1215.605538][ T8450] ? do_raw_spin_lock+0x128/0x260 [ 1215.605558][ T8450] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1215.605578][ T8450] ? find_held_lock+0x2b/0x80 [ 1215.605607][ T8450] ? __lock_acquire+0x4a5/0x2630 [ 1215.605634][ T8450] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1215.605662][ T8450] ? policy_nodemask+0xed/0x4f0 [ 1215.605685][ T8450] alloc_pages_mpol+0x1fb/0x540 [ 1215.605708][ T8450] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1215.605730][ T8450] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 1215.605748][ T8450] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 1215.605770][ T8450] folio_alloc_mpol_noprof+0x36/0x260 [ 1215.605797][ T8450] shmem_alloc_folio+0x135/0x160 [ 1215.605824][ T8450] shmem_alloc_and_add_folio+0x371/0xd40 [ 1215.605860][ T8450] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1215.605892][ T8450] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 1215.605909][ T8450] ? __lock_acquire+0x3c0/0x2630 [ 1215.605941][ T8450] shmem_get_folio_gfp+0x6ab/0x1900 [ 1215.605965][ T8450] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1215.605984][ T8450] ? __pfx___might_resched+0x10/0x10 [ 1215.606003][ T8450] ? noop_dirty_folio+0xfd/0x160 [ 1215.606025][ T8450] shmem_fallocate+0x6d7/0x1060 [ 1215.606060][ T8450] ? __pfx_shmem_fallocate+0x10/0x10 [ 1215.606077][ T8450] ? aa_file_perm+0x7f3/0x14d0 [ 1215.606110][ T8450] ? __lock_acquire+0x4a5/0x2630 [ 1215.606157][ T8450] ? __pfx_shmem_fallocate+0x10/0x10 [ 1215.606177][ T8450] vfs_fallocate+0x576/0x10d0 [ 1215.606202][ T8450] ? __pfx_vfs_fallocate+0x10/0x10 [ 1215.606233][ T8450] __x64_sys_fallocate+0xd5/0x140 [ 1215.606260][ T8450] do_syscall_64+0x115/0x840 [ 1215.606285][ T8450] ? clear_bhb_loop+0x40/0x90 [ 1215.606307][ T8450] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1215.606325][ T8450] RIP: 0033:0x7f812899ce59 [ 1215.606341][ T8450] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1215.606358][ T8450] RSP: 002b:00007f8126bf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 1215.606376][ T8450] RAX: ffffffffffffffda RBX: 00007f8128c15fa0 RCX: 00007f812899ce59 [ 1215.606387][ T8450] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005 [ 1215.606397][ T8450] RBP: 00007f8128a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1215.606408][ T8450] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000 [ 1215.606418][ T8450] R13: 00007f8128c16038 R14: 00007f8128c15fa0 R15: 00007ffdadae1d08 [ 1215.606441][ T8450] [ 1215.956677][T26463] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1215.966201][T26463] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1215.975588][T26463] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1216.534256][T21618] Bluetooth: hci7: command tx timeout [ 1216.567469][T26463] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1216.581010][T26463] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1216.700835][T26463] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1216.742241][T26463] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1217.753714][ T8476] FAULT_INJECTION: forcing a failure. [ 1217.753714][ T8476] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1217.828848][ T8476] CPU: 0 UID: 0 PID: 8476 Comm: syz.5.15796 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1217.828884][ T8476] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1217.828893][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1217.828903][ T8476] Call Trace: [ 1217.828910][ T8476] [ 1217.828917][ T8476] dump_stack_lvl+0x100/0x190 [ 1217.828940][ T8476] should_fail_ex.cold+0x5/0xa [ 1217.828960][ T8476] ? prepare_alloc_pages+0x16d/0x5f0 [ 1217.828986][ T8476] should_fail_alloc_page+0xeb/0x140 [ 1217.829009][ T8476] prepare_alloc_pages+0x1f0/0x5f0 [ 1217.829042][ T8476] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1217.829077][ T8476] ? rcu_is_watching+0x12/0xc0 [ 1217.829098][ T8476] ? trace_mm_page_alloc+0x163/0x1d0 [ 1217.829122][ T8476] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1217.829153][ T8476] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1217.829186][ T8476] ? __pfx_stack_trace_save+0x10/0x10 [ 1217.829211][ T8476] ? stack_depot_save_flags+0x27/0x9d0 [ 1217.829240][ T8476] ? is_bpf_text_address+0x8a/0x1a0 [ 1217.829264][ T8476] ? is_bpf_text_address+0x8a/0x1a0 [ 1217.829289][ T8476] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1217.829318][ T8476] ? kasan_save_stack+0x3f/0x50 [ 1217.829335][ T8476] ? kasan_save_stack+0x30/0x50 [ 1217.829351][ T8476] ? kasan_save_track+0x14/0x30 [ 1217.829368][ T8476] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 1217.829397][ T8476] ? __get_vm_area_node+0x1ca/0x330 [ 1217.829418][ T8476] ? __vmalloc_node_range_noprof+0x228/0x1630 [ 1217.829442][ T8476] ? __vmalloc_node_noprof+0xad/0xf0 [ 1217.829464][ T8476] ? copy_process+0x7fb/0x7ed0 [ 1217.829486][ T8476] ? kernel_clone+0x176/0x9e0 [ 1217.829508][ T8476] ? __do_sys_clone+0xd9/0x120 [ 1217.829530][ T8476] ? do_syscall_64+0x115/0x840 [ 1217.829555][ T8476] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1217.829578][ T8476] alloc_pages_bulk_noprof+0x649/0x1360 [ 1217.829612][ T8476] ? policy_nodemask+0xed/0x4f0 [ 1217.829635][ T8476] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1217.829677][ T8476] __kasan_populate_vmalloc+0xf0/0x210 [ 1217.829712][ T8476] alloc_vmap_area+0x95d/0x2b70 [ 1217.829741][ T8476] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1217.829768][ T8476] __get_vm_area_node+0x1ca/0x330 [ 1217.829794][ T8476] __vmalloc_node_range_noprof+0x228/0x1630 [ 1217.829819][ T8476] ? kernel_clone+0x176/0x9e0 [ 1217.829842][ T8476] ? rcu_is_watching+0x12/0xc0 [ 1217.829867][ T8476] ? kernel_clone+0x176/0x9e0 [ 1217.829902][ T8476] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1217.829932][ T8476] ? rcu_is_watching+0x12/0xc0 [ 1217.829952][ T8476] ? trace_kmem_cache_alloc+0xd5/0x100 [ 1217.829975][ T8476] ? kernel_clone+0x176/0x9e0 [ 1217.829998][ T8476] __vmalloc_node_noprof+0xad/0xf0 [ 1217.830022][ T8476] ? kernel_clone+0x176/0x9e0 [ 1217.830053][ T8476] copy_process+0x7fb/0x7ed0 [ 1217.830078][ T8476] ? preempt_schedule_common+0x42/0xc0 [ 1217.830103][ T8476] ? preempt_schedule_thunk+0x16/0x30 [ 1217.830138][ T8476] ? __pfx_copy_process+0x10/0x10 [ 1217.830161][ T8476] ? find_held_lock+0x2b/0x80 [ 1217.830187][ T8476] ? futex_private_hash_put+0x107/0x1c0 [ 1217.830221][ T8476] kernel_clone+0x176/0x9e0 [ 1217.830248][ T8476] ? __pfx_kernel_clone+0x10/0x10 [ 1217.830284][ T8476] __do_sys_clone+0xd9/0x120 [ 1217.830308][ T8476] ? __pfx___do_sys_clone+0x10/0x10 [ 1217.830342][ T8476] ? ksys_write+0x1ac/0x250 [ 1217.830366][ T8476] ? rcu_is_watching+0x12/0xc0 [ 1217.830389][ T8476] do_syscall_64+0x115/0x840 [ 1217.830413][ T8476] ? clear_bhb_loop+0x40/0x90 [ 1217.830435][ T8476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1217.830453][ T8476] RIP: 0033:0x7f812899ce59 [ 1217.830469][ T8476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1217.830486][ T8476] RSP: 002b:00007f8126bd4fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1217.830504][ T8476] RAX: ffffffffffffffda RBX: 00007f8128c16090 RCX: 00007f812899ce59 [ 1217.830516][ T8476] RDX: 0000200000000140 RSI: 0000000000000000 RDI: 0000000000008000 [ 1217.830526][ T8476] RBP: 00007f8128a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1217.830536][ T8476] R10: 0000200000000180 R11: 0000000000000206 R12: 0000000000000000 [ 1217.830546][ T8476] R13: 00007f8128c16128 R14: 00007f8128c16090 R15: 00007ffdadae1d08 [ 1217.830569][ T8476] [ 1219.179737][ T1610] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1219.203188][ T1610] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1219.220408][ T1610] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1219.257652][ T1610] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1219.266955][ T1610] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1219.383231][ T8476] syz.5.15796: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1219.428982][ T8476] CPU: 0 UID: 0 PID: 8476 Comm: syz.5.15796 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1219.429017][ T8476] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1219.429025][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1219.429035][ T8476] Call Trace: [ 1219.429048][ T8476] [ 1219.429056][ T8476] dump_stack_lvl+0x100/0x190 [ 1219.429084][ T8476] warn_alloc.cold+0x95/0x1c1 [ 1219.429104][ T8476] ? __pfx_warn_alloc+0x10/0x10 [ 1219.429132][ T8476] ? lockdep_hardirqs_on+0x78/0x100 [ 1219.429162][ T8476] ? __get_vm_area_node+0x2cd/0x330 [ 1219.429190][ T8476] ? __get_vm_area_node+0x208/0x330 [ 1219.429217][ T8476] __vmalloc_node_range_noprof+0xccd/0x1630 [ 1219.429244][ T8476] ? rcu_is_watching+0x12/0xc0 [ 1219.429270][ T8476] ? kernel_clone+0x176/0x9e0 [ 1219.429301][ T8476] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1219.429332][ T8476] ? rcu_is_watching+0x12/0xc0 [ 1219.429353][ T8476] ? trace_kmem_cache_alloc+0xd5/0x100 [ 1219.429377][ T8476] ? kernel_clone+0x176/0x9e0 [ 1219.429400][ T8476] __vmalloc_node_noprof+0xad/0xf0 [ 1219.429424][ T8476] ? kernel_clone+0x176/0x9e0 [ 1219.429450][ T8476] copy_process+0x7fb/0x7ed0 [ 1219.429475][ T8476] ? preempt_schedule_common+0x42/0xc0 [ 1219.429499][ T8476] ? preempt_schedule_thunk+0x16/0x30 [ 1219.429534][ T8476] ? __pfx_copy_process+0x10/0x10 [ 1219.429559][ T8476] ? find_held_lock+0x2b/0x80 [ 1219.429584][ T8476] ? futex_private_hash_put+0x107/0x1c0 [ 1219.429617][ T8476] kernel_clone+0x176/0x9e0 [ 1219.429643][ T8476] ? __pfx_kernel_clone+0x10/0x10 [ 1219.429679][ T8476] __do_sys_clone+0xd9/0x120 [ 1219.429704][ T8476] ? __pfx___do_sys_clone+0x10/0x10 [ 1219.429737][ T8476] ? ksys_write+0x1ac/0x250 [ 1219.429761][ T8476] ? rcu_is_watching+0x12/0xc0 [ 1219.429784][ T8476] do_syscall_64+0x115/0x840 [ 1219.429808][ T8476] ? clear_bhb_loop+0x40/0x90 [ 1219.429829][ T8476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1219.429848][ T8476] RIP: 0033:0x7f812899ce59 [ 1219.429865][ T8476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1219.429882][ T8476] RSP: 002b:00007f8126bd4fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1219.429901][ T8476] RAX: ffffffffffffffda RBX: 00007f8128c16090 RCX: 00007f812899ce59 [ 1219.429912][ T8476] RDX: 0000200000000140 RSI: 0000000000000000 RDI: 0000000000008000 [ 1219.429924][ T8476] RBP: 00007f8128a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1219.429935][ T8476] R10: 0000200000000180 R11: 0000000000000206 R12: 0000000000000000 [ 1219.429945][ T8476] R13: 00007f8128c16128 R14: 00007f8128c16090 R15: 00007ffdadae1d08 [ 1219.429968][ T8476] [ 1219.429985][ T8476] Mem-Info: [ 1220.132942][ T8476] active_anon:27640 inactive_anon:2963 isolated_anon:0 [ 1220.132942][ T8476] active_file:13983 inactive_file:43332 isolated_file:0 [ 1220.132942][ T8476] unevictable:768 dirty:4 writeback:0 [ 1220.132942][ T8476] slab_reclaimable:12208 slab_unreclaimable:106952 [ 1220.132942][ T8476] mapped:51618 shmem:9380 pagetables:1650 [ 1220.132942][ T8476] sec_pagetables:0 bounce:0 [ 1220.132942][ T8476] kernel_misc_reclaimable:0 [ 1220.132942][ T8476] free:1213999 free_pcp:21936 free_cma:0 [ 1220.188935][ T8476] Node 0 active_anon:110560kB inactive_anon:11852kB active_file:55932kB inactive_file:173168kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:206444kB dirty:16kB writeback:0kB shmem:35984kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:55296kB kernel_stack:12768kB pagetables:6460kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1220.227429][ T8476] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:160kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1220.263749][ T8476] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1220.421406][ T8476] lowmem_reserve[]: 0 2478 2479 2479 2479 [ 1220.441793][ T8476] Node 0 DMA32 free:911016kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB free_highatomic:0KB active_anon:110612kB inactive_anon:11852kB active_file:55932kB inactive_file:173164kB unevictable:1536kB writepending:16kB zspages:0kB present:3129332kB managed:2537500kB mlocked:0kB bounce:0kB free_pcp:77976kB local_pcp:77976kB free_cma:0kB [ 1220.707542][ T8476] lowmem_reserve[]: 0 0 1 1 1 [ 1220.730945][ T8476] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1108kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 1220.887104][ T8476] lowmem_reserve[]: 0 0 0 0 0 [ 1220.917536][ T8476] Node 1 Normal free:3929608kB boost:0kB min:55580kB low:69472kB high:83364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:160kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:10396kB local_pcp:10396kB free_cma:0kB [ 1221.115039][ T8476] lowmem_reserve[]: 0 0 0 0 0 [ 1221.181416][ T8476] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1221.268275][ T8476] Node 0 DMA32: 308*4kB (UME) 2506*8kB (UM) 2690*16kB (UM) 39*32kB (UME) 637*64kB (UME) 608*128kB (UME) 582*256kB (UME) 332*512kB (UME) 138*1024kB (UM) 17*2048kB (UME) 61*4096kB (M) = 929120kB [ 1221.407268][T21618] Bluetooth: hci8: command tx timeout [ 1221.451567][ T8476] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 1221.518392][ T8476] Node 1 Normal: 9*4kB (UM) 4*8kB (UM) 11*16kB (UM) 10*32kB (UM) 12*64kB (UM) 4*128kB (UM) 1*256kB (M) 3*512kB (UM) 2*1024kB (UM) 2*2048kB (UM) 957*4096kB (UM) = 3929652kB [ 1221.610578][ T8476] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1221.641126][ T8476] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1221.674041][ T8476] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1221.719268][ T8476] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1221.755736][ T8476] 69802 total pagecache pages [ 1221.771658][ T8476] 37 pages in swap cache [ 1221.796293][ T8476] Free swap = 120252kB [ 1221.818378][ T8476] Total swap = 124996kB [ 1221.837173][ T8476] 2097051 pages RAM [ 1221.850831][ T8476] 0 pages HighMem/MovableOnly [ 1221.865269][ T8476] 430784 pages reserved [ 1221.880841][ T8476] 0 pages cma reserved [ 1222.170044][ T8520] __nla_validate_parse: 2 callbacks suppressed [ 1222.170060][ T8520] netlink: 330 bytes leftover after parsing attributes in process `syz.7.15806'. [ 1222.603156][ T8530] FAULT_INJECTION: forcing a failure. [ 1222.603156][ T8530] name failslab, interval 1, probability 0, space 0, times 0 [ 1222.666157][ T8530] CPU: 0 UID: 0 PID: 8530 Comm: syz.7.15808 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1222.666194][ T8530] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1222.666203][ T8530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1222.666214][ T8530] Call Trace: [ 1222.666220][ T8530] [ 1222.666227][ T8530] dump_stack_lvl+0x100/0x190 [ 1222.666251][ T8530] should_fail_ex.cold+0x5/0xa [ 1222.666273][ T8530] should_failslab+0xc2/0x120 [ 1222.666296][ T8530] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1222.666322][ T8530] ? copy_mount_options+0x55/0x190 [ 1222.666355][ T8530] copy_mount_options+0x55/0x190 [ 1222.666386][ T8530] __x64_sys_mount+0x1ab/0x310 [ 1222.666412][ T8530] ? __pfx___x64_sys_mount+0x10/0x10 [ 1222.666440][ T8530] ? rcu_is_watching+0x12/0xc0 [ 1222.666464][ T8530] do_syscall_64+0x115/0x840 [ 1222.666488][ T8530] ? clear_bhb_loop+0x40/0x90 [ 1222.666510][ T8530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1222.666529][ T8530] RIP: 0033:0x7f702b19ce59 [ 1222.666544][ T8530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1222.666561][ T8530] RSP: 002b:00007f702c118028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1222.666580][ T8530] RAX: ffffffffffffffda RBX: 00007f702b416090 RCX: 00007f702b19ce59 [ 1222.666591][ T8530] RDX: 0000200000000140 RSI: 0000000000000000 RDI: 0000200000000080 [ 1222.666602][ T8530] RBP: 00007f702b232d6f R08: 00002000000002c0 R09: 0000000000000000 [ 1222.666613][ T8530] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 1222.666623][ T8530] R13: 00007f702b416128 R14: 00007f702b416090 R15: 00007ffcf4cea348 [ 1222.666645][ T8530] [ 1223.461850][T21618] Bluetooth: hci8: command tx timeout [ 1223.575042][ T8483] bridge0: port 1(bridge_slave_0) entered blocking state [ 1223.629001][ T8483] bridge0: port 1(bridge_slave_0) entered disabled state [ 1223.684229][ T8483] bridge_slave_0: entered allmulticast mode [ 1223.751700][ T8483] bridge_slave_0: entered promiscuous mode [ 1223.800342][ T8483] bridge0: port 2(bridge_slave_1) entered blocking state [ 1223.833456][ T8483] bridge0: port 2(bridge_slave_1) entered disabled state [ 1223.866202][ T8483] bridge_slave_1: entered allmulticast mode [ 1223.903219][ T8483] bridge_slave_1: entered promiscuous mode [ 1224.050574][ T8483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1224.450354][ T8483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1224.739651][ T8483] team0: Port device team_slave_0 added [ 1224.790794][ T8483] team0: Port device team_slave_1 added [ 1224.925290][ T8483] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1224.950324][ T8483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1225.015482][ T8483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1225.028753][ T8483] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1225.028770][ T8483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1225.028793][ T8483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1225.107720][ T8483] hsr_slave_0: entered promiscuous mode [ 1225.108479][ T8483] hsr_slave_1: entered promiscuous mode [ 1225.108957][ T8483] debugfs: 'hsr0' already exists in 'hsr' [ 1225.108976][ T8483] Cannot create hsr debugfs directory [ 1225.530122][T21618] Bluetooth: hci8: command tx timeout [ 1225.773456][T21618] Bluetooth: hci0: command 0x0406 tx timeout [ 1226.144844][ T8569] netlink: 330 bytes leftover after parsing attributes in process `syz.7.15821'. [ 1226.524218][ T8573] netlink: 130 bytes leftover after parsing attributes in process `syz.7.15822'. [ 1226.773165][ T8483] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1226.818995][ T8575] netlink: 342 bytes leftover after parsing attributes in process `syz.7.15823'. [ 1226.856382][ T8483] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1226.898046][ T8575] netlink: 342 bytes leftover after parsing attributes in process `syz.7.15823'. [ 1226.911823][ T8483] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1226.953985][ T8483] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1226.986364][ T8483] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1227.064082][ T8483] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1227.108264][ T8483] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1227.170105][ T8483] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1227.596681][ T1610] Bluetooth: hci8: command tx timeout [ 1227.648234][ T8483] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1227.791478][ T8483] 8021q: adding VLAN 0 to HW filter on device team0 [ 1227.874556][T14155] bridge0: port 1(bridge_slave_0) entered blocking state [ 1227.882196][T14155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1228.038358][T14155] bridge0: port 2(bridge_slave_1) entered blocking state [ 1228.045591][T14155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1228.136299][ T8602] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1228.514207][ T8610] FAULT_INJECTION: forcing a failure. [ 1228.514207][ T8610] name fail_futex, interval 1, probability 0, space 0, times 1 [ 1228.576109][ T8610] CPU: 0 UID: 0 PID: 8610 Comm: syz.5.15838 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1228.576145][ T8610] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1228.576154][ T8610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1228.576164][ T8610] Call Trace: [ 1228.576171][ T8610] [ 1228.576178][ T8610] dump_stack_lvl+0x100/0x190 [ 1228.576202][ T8610] should_fail_ex.cold+0x5/0xa [ 1228.576227][ T8610] get_futex_key+0x1d2/0x1510 [ 1228.576259][ T8610] ? __pfx_get_futex_key+0x10/0x10 [ 1228.576290][ T8610] ? get_futex_key+0x4e8/0x1510 [ 1228.576323][ T8610] futex_wait_setup+0x83/0x510 [ 1228.576352][ T8610] futex_wait_requeue_pi+0x240/0x890 [ 1228.576378][ T8610] ? __pfx_futex_wait_requeue_pi+0x10/0x10 [ 1228.576406][ T8610] ? __futex_wait+0x256/0x300 [ 1228.576431][ T8610] ? __pfx___futex_wait+0x10/0x10 [ 1228.576453][ T8610] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1228.576497][ T8610] ? __pfx_futex_wake_mark+0x10/0x10 [ 1228.576525][ T8610] ? __fget_files+0x21f/0x3d0 [ 1228.576551][ T8610] do_futex+0x24f/0x350 [ 1228.576570][ T8610] ? __pfx_do_futex+0x10/0x10 [ 1228.576594][ T8610] __x64_sys_futex+0x34f/0x4d0 [ 1228.576616][ T8610] ? __pfx___x64_sys_futex+0x10/0x10 [ 1228.576634][ T8610] ? ksys_write+0x1ac/0x250 [ 1228.576657][ T8610] ? rcu_is_watching+0x12/0xc0 [ 1228.576681][ T8610] do_syscall_64+0x115/0x840 [ 1228.576705][ T8610] ? clear_bhb_loop+0x40/0x90 [ 1228.576727][ T8610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1228.576746][ T8610] RIP: 0033:0x7f812899ce59 [ 1228.576761][ T8610] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1228.576779][ T8610] RSP: 002b:00007f8126bf6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1228.576797][ T8610] RAX: ffffffffffffffda RBX: 00007f8128c15fa0 RCX: 00007f812899ce59 [ 1228.576808][ T8610] RDX: 0000000000000001 RSI: 000000000000000b RDI: 0000200000000080 [ 1228.576818][ T8610] RBP: 00007f8128a32d6f R08: 0000000000000000 R09: 00000000fffffffa [ 1228.576829][ T8610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1228.576839][ T8610] R13: 00007f8128c16038 R14: 00007f8128c15fa0 R15: 00007ffdadae1d08 [ 1228.576862][ T8610] [ 1228.957422][ T8616] FAULT_INJECTION: forcing a failure. [ 1228.957422][ T8616] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 1228.971172][ T8616] CPU: 0 UID: 0 PID: 8616 Comm: syz.7.15841 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1228.971209][ T8616] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1228.971217][ T8616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1228.971228][ T8616] Call Trace: [ 1228.971235][ T8616] [ 1228.971241][ T8616] dump_stack_lvl+0x100/0x190 [ 1228.971265][ T8616] should_fail_ex.cold+0x5/0xa [ 1228.971288][ T8616] _copy_from_user+0x2e/0xd0 [ 1228.971315][ T8616] get_itimerspec64+0x16c/0x2f0 [ 1228.971343][ T8616] ? __pfx_get_itimerspec64+0x10/0x10 [ 1228.971371][ T8616] ? __pfx_do_futex+0x10/0x10 [ 1228.971393][ T8616] __x64_sys_timerfd_settime+0x15f/0x280 [ 1228.971414][ T8616] ? __pfx___x64_sys_timerfd_settime+0x10/0x10 [ 1228.971435][ T8616] ? xfd_validate_state+0x129/0x190 [ 1228.971456][ T8616] ? rcu_is_watching+0x12/0xc0 [ 1228.971480][ T8616] do_syscall_64+0x115/0x840 [ 1228.971505][ T8616] ? clear_bhb_loop+0x40/0x90 [ 1228.971527][ T8616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1228.971545][ T8616] RIP: 0033:0x7f702b19ce59 [ 1228.971562][ T8616] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1228.971579][ T8616] RSP: 002b:00007f702c139028 EFLAGS: 00000246 ORIG_RAX: 000000000000011e [ 1228.971598][ T8616] RAX: ffffffffffffffda RBX: 00007f702b415fa0 RCX: 00007f702b19ce59 [ 1228.971610][ T8616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 1228.971621][ T8616] RBP: 00007f702b232d6f R08: 0000000000000000 R09: 0000000000000000 [ 1228.971632][ T8616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1228.971642][ T8616] R13: 00007f702b416038 R14: 00007f702b415fa0 R15: 00007ffcf4cea348 [ 1228.971664][ T8616] [ 1229.179421][ T8618] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1230.094541][ T8483] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1230.114928][ T8638] netlink: 146 bytes leftover after parsing attributes in process `syz.5.15852'. [ 1231.157159][ T8483] veth0_vlan: entered promiscuous mode [ 1231.211744][ T8483] veth1_vlan: entered promiscuous mode [ 1231.369049][ T8483] veth0_macvtap: entered promiscuous mode [ 1231.405931][ T8665] netlink: 21 bytes leftover after parsing attributes in process `syz.6.15854'. [ 1231.417161][ T8483] veth1_macvtap: entered promiscuous mode [ 1231.484053][ T8483] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1231.539538][ T8483] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1231.613016][T26463] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1231.646002][T26463] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1231.659063][ T8667] netlink: 342 bytes leftover after parsing attributes in process `syz.6.15855'. [ 1231.683146][T26463] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1231.739556][T26463] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1232.100460][T14147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1232.152782][T14147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1232.241807][ T8674] netlink: 'syz.5.15858': attribute type 27 has an invalid length. [ 1232.267913][T14147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1232.295010][ T8674] netlink: 334 bytes leftover after parsing attributes in process `syz.5.15858'. [ 1232.315144][T14147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1232.504398][ T8678] netlink: 334 bytes leftover after parsing attributes in process `syz.6.15859'. [ 1232.863374][ T8688] FAULT_INJECTION: forcing a failure. [ 1232.863374][ T8688] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1232.876444][ T8688] CPU: 0 UID: 0 PID: 8688 Comm: syz.8.15799 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1232.876478][ T8688] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1232.876486][ T8688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1232.876496][ T8688] Call Trace: [ 1232.876502][ T8688] [ 1232.876510][ T8688] dump_stack_lvl+0x100/0x190 [ 1232.876532][ T8688] should_fail_ex.cold+0x5/0xa [ 1232.876556][ T8688] should_fail_futex+0x4c/0x60 [ 1232.876585][ T8688] futex_lock_pi_atomic+0x12d/0xaf0 [ 1232.876607][ T8688] ? futex_hash+0x141/0x370 [ 1232.876638][ T8688] futex_lock_pi+0x245/0x7a0 [ 1232.876663][ T8688] ? __pfx_futex_lock_pi+0x10/0x10 [ 1232.876695][ T8688] ? __pfx_try_to_wake_up+0x10/0x10 [ 1232.876723][ T8688] ? futex_private_hash_put+0x107/0x1c0 [ 1232.876755][ T8688] ? __pfx_futex_wake_mark+0x10/0x10 [ 1232.876782][ T8688] ? ksys_write+0x190/0x250 [ 1232.876802][ T8688] ? ksys_write+0x190/0x250 [ 1232.876827][ T8688] do_futex+0x18a/0x350 [ 1232.876845][ T8688] ? __pfx_do_futex+0x10/0x10 [ 1232.876869][ T8688] __x64_sys_futex+0x34f/0x4d0 [ 1232.876890][ T8688] ? __pfx___x64_sys_futex+0x10/0x10 [ 1232.876908][ T8688] ? ksys_write+0x1ac/0x250 [ 1232.876942][ T8688] ? rcu_is_watching+0x12/0xc0 [ 1232.876965][ T8688] do_syscall_64+0x115/0x840 [ 1232.876991][ T8688] ? clear_bhb_loop+0x40/0x90 [ 1232.877013][ T8688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1232.877032][ T8688] RIP: 0033:0x7f4240d9ce59 [ 1232.877048][ T8688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1232.877065][ T8688] RSP: 002b:00007f4241c28028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1232.877083][ T8688] RAX: ffffffffffffffda RBX: 00007f4241016090 RCX: 00007f4240d9ce59 [ 1232.877095][ T8688] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 1232.877106][ T8688] RBP: 00007f4240e32d6f R08: 0000000000000000 R09: 000000008000fff5 [ 1232.877117][ T8688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1232.877127][ T8688] R13: 00007f4241016128 R14: 00007f4241016090 R15: 00007ffefeec0648 [ 1232.877149][ T8688] [ 1233.404071][ T8696] netlink: 342 bytes leftover after parsing attributes in process `syz.8.15864'. [ 1233.438755][ T8694] netlink: 342 bytes leftover after parsing attributes in process `syz.8.15864'. [ 1233.919791][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 1233.927311][ T1319] ieee802154 phy1 wpan1: encryption failed: -22 [ 1234.037053][ T8707] netlink: 342 bytes leftover after parsing attributes in process `syz.7.15868'. [ 1235.767156][ T8749] netlink: 'syz.6.15886': attribute type 19 has an invalid length. [ 1235.797859][ T8749] netlink: 334 bytes leftover after parsing attributes in process `syz.6.15886'. [ 1236.061803][ T8759] netlink: 342 bytes leftover after parsing attributes in process `syz.6.15890'. [ 1236.270086][ T8762] FAULT_INJECTION: forcing a failure. [ 1236.270086][ T8762] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1236.316102][ T8766] netlink: 21 bytes leftover after parsing attributes in process `syz.6.15893'. [ 1236.388331][ T8762] CPU: 0 UID: 0 PID: 8762 Comm: syz.8.15891 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1236.388368][ T8762] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1236.388377][ T8762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1236.388387][ T8762] Call Trace: [ 1236.388394][ T8762] [ 1236.388401][ T8762] dump_stack_lvl+0x100/0x190 [ 1236.388424][ T8762] should_fail_ex.cold+0x5/0xa [ 1236.388444][ T8762] ? prepare_alloc_pages+0x16d/0x5f0 [ 1236.388469][ T8762] should_fail_alloc_page+0xeb/0x140 [ 1236.388492][ T8762] prepare_alloc_pages+0x1f0/0x5f0 [ 1236.388519][ T8762] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1236.388554][ T8762] ? rcu_is_watching+0x12/0xc0 [ 1236.388575][ T8762] ? trace_mm_page_alloc+0x163/0x1d0 [ 1236.388598][ T8762] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1236.388630][ T8762] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1236.388664][ T8762] ? find_held_lock+0x2b/0x80 [ 1236.388686][ T8762] ? is_bpf_text_address+0x8a/0x1a0 [ 1236.388710][ T8762] ? is_bpf_text_address+0x8a/0x1a0 [ 1236.388735][ T8762] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1236.388764][ T8762] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1236.388790][ T8762] ? is_bpf_text_address+0x94/0x1a0 [ 1236.388815][ T8762] ? kernel_text_address+0x8d/0x100 [ 1236.388832][ T8762] ? ima_match_policy+0x8c4/0x2350 [ 1236.388854][ T8762] ? __kernel_text_address+0xd/0x30 [ 1236.388879][ T8762] ? unwind_get_return_address+0x59/0xa0 [ 1236.388908][ T8762] alloc_pages_bulk_noprof+0x649/0x1360 [ 1236.388943][ T8762] ? policy_nodemask+0xed/0x4f0 [ 1236.388967][ T8762] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1236.389000][ T8762] ? kasan_save_stack+0x30/0x50 [ 1236.389032][ T8762] __kasan_populate_vmalloc+0xf0/0x210 [ 1236.389067][ T8762] alloc_vmap_area+0x95d/0x2b70 [ 1236.389098][ T8762] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1236.389125][ T8762] __get_vm_area_node+0x1ca/0x330 [ 1236.389152][ T8762] __vmalloc_node_range_noprof+0x228/0x1630 [ 1236.389177][ T8762] ? kernel_clone+0x176/0x9e0 [ 1236.389201][ T8762] ? lock_acquire+0x1b1/0x370 [ 1236.389233][ T8762] ? kernel_clone+0x176/0x9e0 [ 1236.389263][ T8762] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1236.389294][ T8762] ? rcu_is_watching+0x12/0xc0 [ 1236.389314][ T8762] ? trace_kmem_cache_alloc+0xd5/0x100 [ 1236.389337][ T8762] ? kernel_clone+0x176/0x9e0 [ 1236.389360][ T8762] __vmalloc_node_noprof+0xad/0xf0 [ 1236.389384][ T8762] ? kernel_clone+0x176/0x9e0 [ 1236.389410][ T8762] copy_process+0x7fb/0x7ed0 [ 1236.389432][ T8762] ? __futex_wait+0x256/0x300 [ 1236.389456][ T8762] ? __pfx___futex_wait+0x10/0x10 [ 1236.389478][ T8762] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1236.389509][ T8762] ? __pfx_copy_process+0x10/0x10 [ 1236.389534][ T8762] ? find_held_lock+0x2b/0x80 [ 1236.389564][ T8762] kernel_clone+0x176/0x9e0 [ 1236.389587][ T8762] ? __pfx_futex_wait+0x10/0x10 [ 1236.389610][ T8762] ? __pfx_kernel_clone+0x10/0x10 [ 1236.389647][ T8762] __do_sys_clone+0xd9/0x120 [ 1236.389672][ T8762] ? __pfx___do_sys_clone+0x10/0x10 [ 1236.389705][ T8762] ? ksys_write+0x1ac/0x250 [ 1236.389729][ T8762] ? rcu_is_watching+0x12/0xc0 [ 1236.389752][ T8762] do_syscall_64+0x115/0x840 [ 1236.389776][ T8762] ? clear_bhb_loop+0x40/0x90 [ 1236.389798][ T8762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1236.389815][ T8762] RIP: 0033:0x7f4240d9ce59 [ 1236.389830][ T8762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1236.389847][ T8762] RSP: 002b:00007f4241c27fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1236.389865][ T8762] RAX: ffffffffffffffda RBX: 00007f4241016090 RCX: 00007f4240d9ce59 [ 1236.389883][ T8762] RDX: 0000200000000140 RSI: 0000000000000000 RDI: 0000000000008000 [ 1236.389894][ T8762] RBP: 00007f4240e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1236.389904][ T8762] R10: 0000200000000180 R11: 0000000000000206 R12: 0000000000000000 [ 1236.389915][ T8762] R13: 00007f4241016128 R14: 00007f4241016090 R15: 00007ffefeec0648 [ 1236.389938][ T8762] [ 1236.841081][ T8762] syz.8.15891: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1236.856570][ T8762] CPU: 0 UID: 0 PID: 8762 Comm: syz.8.15891 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1236.856607][ T8762] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1236.856615][ T8762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1236.856626][ T8762] Call Trace: [ 1236.856636][ T8762] [ 1236.856644][ T8762] dump_stack_lvl+0x100/0x190 [ 1236.856669][ T8762] warn_alloc.cold+0x95/0x1c1 [ 1236.856688][ T8762] ? __pfx_warn_alloc+0x10/0x10 [ 1236.856716][ T8762] ? lockdep_hardirqs_on+0x78/0x100 [ 1236.856744][ T8762] ? __get_vm_area_node+0x2cd/0x330 [ 1236.856771][ T8762] ? __get_vm_area_node+0x208/0x330 [ 1236.856798][ T8762] __vmalloc_node_range_noprof+0xccd/0x1630 [ 1236.856824][ T8762] ? lock_acquire+0x1b1/0x370 [ 1236.856867][ T8762] ? kernel_clone+0x176/0x9e0 [ 1236.856897][ T8762] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1236.856928][ T8762] ? rcu_is_watching+0x12/0xc0 [ 1236.856949][ T8762] ? trace_kmem_cache_alloc+0xd5/0x100 [ 1236.856972][ T8762] ? kernel_clone+0x176/0x9e0 [ 1236.856996][ T8762] __vmalloc_node_noprof+0xad/0xf0 [ 1236.857021][ T8762] ? kernel_clone+0x176/0x9e0 [ 1236.857048][ T8762] copy_process+0x7fb/0x7ed0 [ 1236.857070][ T8762] ? __futex_wait+0x256/0x300 [ 1236.857094][ T8762] ? __pfx___futex_wait+0x10/0x10 [ 1236.857119][ T8762] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1236.857150][ T8762] ? __pfx_copy_process+0x10/0x10 [ 1236.857174][ T8762] ? find_held_lock+0x2b/0x80 [ 1236.857204][ T8762] kernel_clone+0x176/0x9e0 [ 1236.857227][ T8762] ? __pfx_futex_wait+0x10/0x10 [ 1236.857250][ T8762] ? __pfx_kernel_clone+0x10/0x10 [ 1236.857285][ T8762] __do_sys_clone+0xd9/0x120 [ 1236.857316][ T8762] ? __pfx___do_sys_clone+0x10/0x10 [ 1236.857348][ T8762] ? ksys_write+0x1ac/0x250 [ 1236.857372][ T8762] ? rcu_is_watching+0x12/0xc0 [ 1236.857395][ T8762] do_syscall_64+0x115/0x840 [ 1236.857419][ T8762] ? clear_bhb_loop+0x40/0x90 [ 1236.857441][ T8762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1236.857461][ T8762] RIP: 0033:0x7f4240d9ce59 [ 1236.857476][ T8762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1236.857493][ T8762] RSP: 002b:00007f4241c27fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1236.857511][ T8762] RAX: ffffffffffffffda RBX: 00007f4241016090 RCX: 00007f4240d9ce59 [ 1236.857522][ T8762] RDX: 0000200000000140 RSI: 0000000000000000 RDI: 0000000000008000 [ 1236.857533][ T8762] RBP: 00007f4240e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1236.857543][ T8762] R10: 0000200000000180 R11: 0000000000000206 R12: 0000000000000000 [ 1236.857554][ T8762] R13: 00007f4241016128 R14: 00007f4241016090 R15: 00007ffefeec0648 [ 1236.857575][ T8762] [ 1236.857582][ T8762] Mem-Info: [ 1237.198179][ T8762] active_anon:26656 inactive_anon:2965 isolated_anon:0 [ 1237.198179][ T8762] active_file:13992 inactive_file:43339 isolated_file:0 [ 1237.198179][ T8762] unevictable:768 dirty:56 writeback:0 [ 1237.198179][ T8762] slab_reclaimable:12154 slab_unreclaimable:110328 [ 1237.198179][ T8762] mapped:51624 shmem:9386 pagetables:1350 [ 1237.198179][ T8762] sec_pagetables:0 bounce:0 [ 1237.198179][ T8762] kernel_misc_reclaimable:0 [ 1237.198179][ T8762] free:1221191 free_pcp:12653 free_cma:0 [ 1237.245802][ T8762] Node 0 active_anon:106624kB inactive_anon:11860kB active_file:55968kB inactive_file:173196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:206468kB dirty:224kB writeback:0kB shmem:36008kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:55296kB kernel_stack:13088kB pagetables:5260kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1237.283035][ T8762] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:160kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1237.391287][ T8762] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1237.505669][ T8771] netlink: 4 bytes leftover after parsing attributes in process `syz.7.15896'. [ 1237.529048][ T8762] lowmem_reserve[]: 0 2478 2479 2479 2479 [ 1237.553237][ T8762] Node 0 DMA32 free:943160kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB free_highatomic:0KB active_anon:110700kB inactive_anon:11860kB active_file:55968kB inactive_file:173192kB unevictable:1536kB writepending:24kB zspages:0kB present:3129332kB managed:2537500kB mlocked:0kB bounce:0kB free_pcp:33076kB local_pcp:33076kB free_cma:0kB [ 1237.666037][ T8762] lowmem_reserve[]: 0 0 1 1 1 [ 1237.686506][ T8762] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1108kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:20kB free_cma:0kB [ 1237.732139][ T8778] FAULT_INJECTION: forcing a failure. [ 1237.732139][ T8778] name failslab, interval 1, probability 0, space 0, times 0 [ 1237.763241][ T8778] CPU: 0 UID: 0 PID: 8778 Comm: syz.7.15897 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1237.763275][ T8778] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1237.763283][ T8778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1237.763294][ T8778] Call Trace: [ 1237.763300][ T8778] [ 1237.763307][ T8778] dump_stack_lvl+0x100/0x190 [ 1237.763330][ T8778] should_fail_ex.cold+0x5/0xa [ 1237.763354][ T8778] ? lsm_blob_alloc+0x68/0x90 [ 1237.763380][ T8778] should_failslab+0xc2/0x120 [ 1237.763402][ T8778] __kmalloc_noprof+0xe0/0x850 [ 1237.763424][ T8778] ? trace_kmem_cache_alloc+0xd5/0x100 [ 1237.763451][ T8778] lsm_blob_alloc+0x68/0x90 [ 1237.763479][ T8778] security_sk_alloc+0x2d/0x290 [ 1237.763500][ T8778] sk_prot_alloc+0x1d1/0x2a0 [ 1237.763526][ T8778] sk_alloc+0x36/0xe80 [ 1237.763544][ T8778] inet_create+0x3a0/0x1060 [ 1237.763573][ T8778] ? inet_create+0x94/0x1060 [ 1237.763605][ T8778] __sock_create+0x339/0x860 [ 1237.763633][ T8778] udp_sock_create4+0xa6/0x450 [ 1237.763656][ T8778] ? __pfx_udp_sock_create4+0x10/0x10 [ 1237.763682][ T8778] ? lockdep_hardirqs_on+0x78/0x100 [ 1237.763708][ T8778] ? crng_make_state+0x2b0/0x6c0 [ 1237.763740][ T8778] rxrpc_open_socket+0x4ef/0x6b0 [ 1237.763762][ T8778] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 1237.763794][ T8778] ? rcu_is_watching+0x12/0xc0 [ 1237.763815][ T8778] ? trace_rxrpc_local+0x80/0x250 [ 1237.763836][ T8778] rxrpc_lookup_local+0xac7/0x1220 [ 1237.763861][ T8778] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 1237.763884][ T8778] ? __local_bh_enable_ip+0x9e/0x120 [ 1237.763910][ T8778] rxrpc_sendmsg+0x34a/0x680 [ 1237.763943][ T8778] sock_write_iter+0x524/0x5a0 [ 1237.763966][ T8778] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 1237.763988][ T8778] ? __pfx_sock_write_iter+0x10/0x10 [ 1237.764010][ T8778] ? futex_hash+0x141/0x370 [ 1237.764045][ T8778] ? bpf_lsm_file_permission+0x9/0x10 [ 1237.764062][ T8778] ? security_file_permission+0x76/0x210 [ 1237.764087][ T8778] ? rw_verify_area+0xce/0x6d0 [ 1237.764109][ T8778] vfs_write+0x6ac/0x1070 [ 1237.764131][ T8778] ? __pfx_sock_write_iter+0x10/0x10 [ 1237.764157][ T8778] ? __pfx_vfs_write+0x10/0x10 [ 1237.764175][ T8778] ? find_held_lock+0x2b/0x80 [ 1237.764214][ T8778] ksys_write+0x1f8/0x250 [ 1237.764235][ T8778] ? __pfx_ksys_write+0x10/0x10 [ 1237.764257][ T8778] ? rcu_is_watching+0x12/0xc0 [ 1237.764281][ T8778] do_syscall_64+0x115/0x840 [ 1237.764305][ T8778] ? clear_bhb_loop+0x40/0x90 [ 1237.764327][ T8778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1237.764346][ T8778] RIP: 0033:0x7f702b19ce59 [ 1237.764362][ T8778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1237.764379][ T8778] RSP: 002b:00007f702c139028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1237.764397][ T8778] RAX: ffffffffffffffda RBX: 00007f702b415fa0 RCX: 00007f702b19ce59 [ 1237.764408][ T8778] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 1237.764419][ T8778] RBP: 00007f702b232d6f R08: 0000000000000000 R09: 0000000000000000 [ 1237.764429][ T8778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1237.764440][ T8778] R13: 00007f702b416038 R14: 00007f702b415fa0 R15: 00007ffcf4cea348 [ 1237.764463][ T8778] [ 1238.102335][ T8762] lowmem_reserve[]: 0 0 0 0 0 [ 1238.107233][ T8762] Node 1 Normal free:3930912kB boost:0kB min:55580kB low:69472kB high:83364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:160kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:9136kB local_pcp:9136kB free_cma:0kB [ 1238.140120][ T8762] lowmem_reserve[]: 0 0 0 0 0 [ 1238.145010][ T8762] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1238.158548][ T8762] Node 0 DMA32: 532*4kB (UM) 3289*8kB (UME) 3366*16kB (UM) 685*32kB (UME) 591*64kB (UME) 521*128kB (UME) 588*256kB (UME) 336*512kB (UME) 144*1024kB (UM) 13*2048kB (UME) 58*4096kB (M) = 942936kB [ 1238.179113][ T8762] Node 0 Normal: 1*4kB (U) 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 1238.193131][ T8762] Node 1 Normal: 8*4kB (UM) 4*8kB (UM) 12*16kB (UM) 11*32kB (UM) 13*64kB (UM) 5*128kB (UM) 3*256kB (M) 4*512kB (UM) 2*1024kB (UM) 2*2048kB (UM) 957*4096kB (UM) = 3930912kB [ 1238.212101][ T8762] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1238.221757][ T8762] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 1238.231272][ T8762] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1238.240849][ T8762] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1238.251021][ T8762] 66746 total pagecache pages [ 1238.255787][ T8762] 39 pages in swap cache [ 1238.260352][ T8762] Free swap = 120244kB [ 1238.264796][ T8762] Total swap = 124996kB [ 1238.268970][ T8762] 2097051 pages RAM [ 1238.272931][ T8762] 0 pages HighMem/MovableOnly [ 1238.277725][ T8762] 430784 pages reserved [ 1238.282162][ T8762] 0 pages cma reserved [ 1238.603117][ T8782] netlink: 142 bytes leftover after parsing attributes in process `syz.6.15899'. [ 1238.811146][ T8790] ERROR: Out of memory at tomoyo_memory_ok. [ 1239.734512][ T8804] netlink: 'syz.7.15908': attribute type 33 has an invalid length. [ 1239.791110][ T8804] netlink: 322 bytes leftover after parsing attributes in process `syz.7.15908'. [ 1240.256924][ T8813] [U]  [ 1240.259842][ T8813] [U] [ 1240.262534][ T8813] [U] [ 1240.265234][ T8813] [U] [ 1240.307131][ T8818] FAULT_INJECTION: forcing a failure. [ 1240.307131][ T8818] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1240.363686][ T8813] [U] [ 1240.366542][ T8813] [U] [ 1240.369333][ T8813] [U] [ 1240.372124][ T8813] [U] [ 1240.443285][ T8813] [U] [ 1240.446113][ T8813] [U] [ 1240.448814][ T8813] [U] [ 1240.451507][ T8813] [U] [ 1240.458369][ T8818] CPU: 0 UID: 0 PID: 8818 Comm: syz.7.15912 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1240.458404][ T8818] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1240.458412][ T8818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1240.458423][ T8818] Call Trace: [ 1240.458429][ T8818] [ 1240.458436][ T8818] dump_stack_lvl+0x100/0x190 [ 1240.458459][ T8818] should_fail_ex.cold+0x5/0xa [ 1240.458479][ T8818] ? prepare_alloc_pages+0x16d/0x5f0 [ 1240.458505][ T8818] should_fail_alloc_page+0xeb/0x140 [ 1240.458529][ T8818] prepare_alloc_pages+0x1f0/0x5f0 [ 1240.458557][ T8818] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1240.458594][ T8818] ? rcu_is_watching+0x12/0xc0 [ 1240.458615][ T8818] ? trace_mm_page_alloc+0x163/0x1d0 [ 1240.458638][ T8818] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1240.458671][ T8818] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1240.458704][ T8818] ? find_held_lock+0x2b/0x80 [ 1240.458726][ T8818] ? is_bpf_text_address+0x8a/0x1a0 [ 1240.458749][ T8818] ? is_bpf_text_address+0x8a/0x1a0 [ 1240.458775][ T8818] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1240.458804][ T8818] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1240.458829][ T8818] ? is_bpf_text_address+0x94/0x1a0 [ 1240.458853][ T8818] ? kernel_text_address+0x8d/0x100 [ 1240.458870][ T8818] ? ima_match_policy+0x8c4/0x2350 [ 1240.458892][ T8818] ? __kernel_text_address+0xd/0x30 [ 1240.458910][ T8818] ? unwind_get_return_address+0x59/0xa0 [ 1240.458938][ T8818] alloc_pages_bulk_noprof+0x649/0x1360 [ 1240.458973][ T8818] ? policy_nodemask+0xed/0x4f0 [ 1240.458996][ T8818] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1240.459028][ T8818] ? kasan_save_stack+0x30/0x50 [ 1240.459054][ T8818] __kasan_populate_vmalloc+0xf0/0x210 [ 1240.459089][ T8818] alloc_vmap_area+0x95d/0x2b70 [ 1240.459120][ T8818] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1240.459178][ T8818] __get_vm_area_node+0x1ca/0x330 [ 1240.459205][ T8818] __vmalloc_node_range_noprof+0x228/0x1630 [ 1240.459232][ T8818] ? kernel_clone+0x176/0x9e0 [ 1240.459257][ T8818] ? lock_acquire+0x1b1/0x370 [ 1240.459293][ T8818] ? kernel_clone+0x176/0x9e0 [ 1240.459325][ T8818] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1240.459356][ T8818] ? rcu_is_watching+0x12/0xc0 [ 1240.459376][ T8818] ? trace_kmem_cache_alloc+0xd5/0x100 [ 1240.459400][ T8818] ? kernel_clone+0x176/0x9e0 [ 1240.459422][ T8818] __vmalloc_node_noprof+0xad/0xf0 [ 1240.459446][ T8818] ? kernel_clone+0x176/0x9e0 [ 1240.459472][ T8818] copy_process+0x7fb/0x7ed0 [ 1240.459495][ T8818] ? __futex_wait+0x256/0x300 [ 1240.459519][ T8818] ? __pfx___futex_wait+0x10/0x10 [ 1240.459541][ T8818] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1240.459573][ T8818] ? __pfx_copy_process+0x10/0x10 [ 1240.459597][ T8818] ? find_held_lock+0x2b/0x80 [ 1240.459628][ T8818] kernel_clone+0x176/0x9e0 [ 1240.459651][ T8818] ? __pfx_futex_wait+0x10/0x10 [ 1240.459674][ T8818] ? __pfx_kernel_clone+0x10/0x10 [ 1240.459711][ T8818] __do_sys_clone+0xd9/0x120 [ 1240.459735][ T8818] ? __pfx___do_sys_clone+0x10/0x10 [ 1240.459769][ T8818] ? ksys_write+0x1ac/0x250 [ 1240.459795][ T8818] ? rcu_is_watching+0x12/0xc0 [ 1240.459819][ T8818] do_syscall_64+0x115/0x840 [ 1240.459882][ T8818] ? clear_bhb_loop+0x40/0x90 [ 1240.459905][ T8818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1240.459924][ T8818] RIP: 0033:0x7f702b19ce59 [ 1240.459941][ T8818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1240.459960][ T8818] RSP: 002b:00007f702c117fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1240.459978][ T8818] RAX: ffffffffffffffda RBX: 00007f702b416090 RCX: 00007f702b19ce59 [ 1240.459990][ T8818] RDX: 0000200000000140 RSI: 0000000000000000 RDI: 0000000000008000 [ 1240.460001][ T8818] RBP: 00007f702b232d6f R08: 0000000000000000 R09: 0000000000000000 [ 1240.460012][ T8818] R10: 0000200000000180 R11: 0000000000000206 R12: 0000000000000000 [ 1240.460032][ T8818] R13: 00007f702b416128 R14: 00007f702b416090 R15: 00007ffcf4cea348 [ 1240.460054][ T8818] [ 1240.893351][ T8813] [U] [ 1240.896350][ T8813] [U] [ 1240.899057][ T8813] [U] [ 1240.901932][ T8813] [U] [ 1240.905472][ T8813] [U] [ 1240.908250][ T8813] [U] [ 1240.911054][ T8813] [U] [ 1240.913757][ T8813] [U] [ 1240.917092][ T8813] [U] [ 1240.919812][ T8813] [U] [ 1240.922592][ T8813] [U] [ 1240.925310][ T8813] [U] [ 1240.928337][ T8813] [U] [ 1240.931141][ T8813] [U] [ 1240.933905][ T8813] [U] [ 1240.936603][ T8813] [U] [ 1240.940920][ T8813] [U] [ 1240.943635][ T8813] [U] [ 1240.946731][ T8813] [U] [ 1240.949459][ T8813] [U] [ 1240.953180][ T8813] [U] [ 1240.956072][ T8813] [U] [ 1240.958774][ T8813] [U] [ 1240.961645][ T8813] [U] [ 1240.964779][ T8813] [U] [ 1240.967504][ T8813] [U] [ 1240.970193][ T8813] [U] [ 1240.972886][ T8813] [U] [ 1240.976263][ T8813] [U] [ 1240.978988][ T8813] [U] [ 1240.981680][ T8813] [U] [ 1240.984369][ T8813] [U] [ 1241.004188][ T8813] [U] [ 1241.206585][ T8829] FAULT_INJECTION: forcing a failure. [ 1241.206585][ T8829] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1241.219679][ T8829] CPU: 0 UID: 0 PID: 8829 Comm: syz.5.15914 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1241.219714][ T8829] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1241.219722][ T8829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1241.219733][ T8829] Call Trace: [ 1241.219741][ T8829] [ 1241.219749][ T8829] dump_stack_lvl+0x100/0x190 [ 1241.219773][ T8829] should_fail_ex.cold+0x5/0xa [ 1241.219797][ T8829] should_fail_futex+0x4c/0x60 [ 1241.219827][ T8829] futex_lock_pi_atomic+0xe7/0xaf0 [ 1241.219849][ T8829] ? futex_hash+0x141/0x370 [ 1241.219880][ T8829] futex_lock_pi+0x245/0x7a0 [ 1241.219915][ T8829] ? __pfx_futex_lock_pi+0x10/0x10 [ 1241.219939][ T8829] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1241.219983][ T8829] ? __pfx_futex_wake_mark+0x10/0x10 [ 1241.220010][ T8829] ? ksys_write+0x190/0x250 [ 1241.220031][ T8829] ? ksys_write+0x190/0x250 [ 1241.220055][ T8829] do_futex+0x18a/0x350 [ 1241.220074][ T8829] ? __pfx_do_futex+0x10/0x10 [ 1241.220099][ T8829] __x64_sys_futex+0x34f/0x4d0 [ 1241.220121][ T8829] ? __pfx___x64_sys_futex+0x10/0x10 [ 1241.220139][ T8829] ? ksys_write+0x1ac/0x250 [ 1241.220170][ T8829] ? rcu_is_watching+0x12/0xc0 [ 1241.220194][ T8829] do_syscall_64+0x115/0x840 [ 1241.220219][ T8829] ? clear_bhb_loop+0x40/0x90 [ 1241.220241][ T8829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1241.220260][ T8829] RIP: 0033:0x7f812899ce59 [ 1241.220277][ T8829] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1241.220294][ T8829] RSP: 002b:00007f8126bd5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1241.220312][ T8829] RAX: ffffffffffffffda RBX: 00007f8128c16090 RCX: 00007f812899ce59 [ 1241.220324][ T8829] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 1241.220334][ T8829] RBP: 00007f8128a32d6f R08: 0000000000000000 R09: 000000008000fff5 [ 1241.220345][ T8829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1241.220355][ T8829] R13: 00007f8128c16128 R14: 00007f8128c16090 R15: 00007ffdadae1d08 [ 1241.220376][ T8829] [ 1241.504864][ T8828] netlink: 346 bytes leftover after parsing attributes in process `syz.8.15915'. [ 1242.432524][ T8845] random: crng reseeded on system resumption [ 1242.475550][ T8845] FAULT_INJECTION: forcing a failure. [ 1242.475550][ T8845] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1242.530108][ T8845] CPU: 0 UID: 0 PID: 8845 Comm: syz.7.15922 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1242.530143][ T8845] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1242.530152][ T8845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1242.530164][ T8845] Call Trace: [ 1242.530170][ T8845] [ 1242.530177][ T8845] dump_stack_lvl+0x100/0x190 [ 1242.530202][ T8845] should_fail_ex.cold+0x5/0xa [ 1242.530222][ T8845] ? prepare_alloc_pages+0x16d/0x5f0 [ 1242.530249][ T8845] should_fail_alloc_page+0xeb/0x140 [ 1242.530273][ T8845] prepare_alloc_pages+0x1f0/0x5f0 [ 1242.530301][ T8845] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1242.530333][ T8845] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1242.530370][ T8845] ? stack_trace_save+0x8e/0xc0 [ 1242.530394][ T8845] ? __pfx_stack_trace_save+0x10/0x10 [ 1242.530416][ T8845] ? arch_stack_walk+0xa6/0xf0 [ 1242.530438][ T8845] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1242.530470][ T8845] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1242.530502][ T8845] ? kasan_save_stack+0x30/0x50 [ 1242.530519][ T8845] ? kasan_save_track+0x14/0x30 [ 1242.530536][ T8845] ? __kasan_kmalloc+0xaa/0xb0 [ 1242.530552][ T8845] ? memory_bm_create+0x14d/0xba0 [ 1242.530577][ T8845] ? do_syscall_64+0x115/0x840 [ 1242.530602][ T8845] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1242.530629][ T8845] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1242.530656][ T8845] ? policy_nodemask+0xed/0x4f0 [ 1242.530679][ T8845] alloc_pages_mpol+0x1fb/0x540 [ 1242.530702][ T8845] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1242.530725][ T8845] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1242.530750][ T8845] alloc_pages_noprof+0x1a/0x160 [ 1242.530775][ T8845] get_zeroed_page_noprof+0x18/0xb0 [ 1242.530798][ T8845] get_image_page+0x18/0x1a0 [ 1242.530820][ T8845] alloc_rtree_node+0x3c/0xb0 [ 1242.530843][ T8845] memory_bm_create+0x65e/0xba0 [ 1242.530875][ T8845] create_basic_memory_bitmaps+0x10b/0x350 [ 1242.530910][ T8845] snapshot_open+0x230/0x2a0 [ 1242.530935][ T8845] ? __pfx_snapshot_open+0x10/0x10 [ 1242.530962][ T8845] misc_open+0x26d/0x450 [ 1242.530981][ T8845] ? __pfx_misc_open+0x10/0x10 [ 1242.530999][ T8845] chrdev_open+0x234/0x6a0 [ 1242.531022][ T8845] ? __pfx_apparmor_file_open+0x10/0x10 [ 1242.531043][ T8845] ? __pfx_chrdev_open+0x10/0x10 [ 1242.531067][ T8845] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1242.531097][ T8845] do_dentry_open+0x6ab/0x14d0 [ 1242.531119][ T8845] ? __pfx_chrdev_open+0x10/0x10 [ 1242.531147][ T8845] vfs_open+0x82/0x3f0 [ 1242.531177][ T8845] path_openat+0x208c/0x31a0 [ 1242.531208][ T8845] ? __pfx_path_openat+0x10/0x10 [ 1242.531241][ T8845] do_file_open+0x20e/0x430 [ 1242.531266][ T8845] ? __pfx_do_file_open+0x10/0x10 [ 1242.531305][ T8845] ? alloc_fd+0x476/0x790 [ 1242.531329][ T8845] ? do_getname+0x191/0x390 [ 1242.531358][ T8845] do_sys_openat2+0x10d/0x1e0 [ 1242.531387][ T8845] ? __pfx_do_sys_openat2+0x10/0x10 [ 1242.531416][ T8845] ? __fget_files+0x21f/0x3d0 [ 1242.531442][ T8845] __x64_sys_openat+0x12d/0x210 [ 1242.531470][ T8845] ? __pfx___x64_sys_openat+0x10/0x10 [ 1242.531504][ T8845] ? rcu_is_watching+0x12/0xc0 [ 1242.531528][ T8845] do_syscall_64+0x115/0x840 [ 1242.531552][ T8845] ? clear_bhb_loop+0x40/0x90 [ 1242.531574][ T8845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1242.531592][ T8845] RIP: 0033:0x7f702b19ce59 [ 1242.531608][ T8845] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1242.531624][ T8845] RSP: 002b:00007f702c139028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1242.531643][ T8845] RAX: ffffffffffffffda RBX: 00007f702b415fa0 RCX: 00007f702b19ce59 [ 1242.531654][ T8845] RDX: 0000000000002401 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1242.531665][ T8845] RBP: 00007f702b232d6f R08: 0000000000000000 R09: 0000000000000000 [ 1242.531676][ T8845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1242.531686][ T8845] R13: 00007f702b416038 R14: 00007f702b415fa0 R15: 00007ffcf4cea348 [ 1242.531709][ T8845] [ 1243.564841][ T8867] netlink: 342 bytes leftover after parsing attributes in process `syz.6.15932'. [ 1243.727140][ T8872] random: crng reseeded on system resumption [ 1243.797544][ T8865] netlink: 318 bytes leftover after parsing attributes in process `syz.5.15929'. [ 1244.107809][ T8872] hub 1-0:1.0: USB hub found [ 1244.171988][ T8872] hub 1-0:1.0: 1 port detected [ 1244.345921][ T8882] FAULT_INJECTION: forcing a failure. [ 1244.345921][ T8882] name failslab, interval 1, probability 0, space 0, times 0 [ 1244.426508][ T8882] CPU: 0 UID: 0 PID: 8882 Comm: syz.6.15937 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1244.426549][ T8882] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1244.426558][ T8882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1244.426568][ T8882] Call Trace: [ 1244.426575][ T8882] [ 1244.426583][ T8882] dump_stack_lvl+0x100/0x190 [ 1244.426607][ T8882] should_fail_ex.cold+0x5/0xa [ 1244.426631][ T8882] should_failslab+0xc2/0x120 [ 1244.426654][ T8882] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1244.426683][ T8882] ? prepare_creds+0x2c/0x950 [ 1244.426707][ T8882] prepare_creds+0x2c/0x950 [ 1244.426726][ T8882] cap_task_prctl+0x449/0xa50 [ 1244.426749][ T8882] security_task_prctl+0xc2/0x160 [ 1244.426781][ T8882] __do_sys_prctl+0x9b/0x2320 [ 1244.426799][ T8882] ? __pfx___do_sys_prctl+0x10/0x10 [ 1244.426827][ T8882] ? rcu_is_watching+0x12/0xc0 [ 1244.426851][ T8882] do_syscall_64+0x115/0x840 [ 1244.426877][ T8882] ? clear_bhb_loop+0x40/0x90 [ 1244.426900][ T8882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1244.426919][ T8882] RIP: 0033:0x7fe7e159ce59 [ 1244.426934][ T8882] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1244.426952][ T8882] RSP: 002b:00007fe7e23a0028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 1244.426970][ T8882] RAX: ffffffffffffffda RBX: 00007fe7e1815fa0 RCX: 00007fe7e159ce59 [ 1244.426982][ T8882] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000008 [ 1244.426992][ T8882] RBP: 00007fe7e1632d6f R08: 000000000000c6c5 R09: 0000000000000000 [ 1244.427003][ T8882] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000000 [ 1244.427014][ T8882] R13: 00007fe7e1816038 R14: 00007fe7e1815fa0 R15: 00007ffe6eccd968 [ 1244.427036][ T8882] [ 1244.811344][ T8884] netlink: 28 bytes leftover after parsing attributes in process `syz.8.15938'. [ 1246.262795][ T8912] netlink: 28 bytes leftover after parsing attributes in process `syz.7.15948'. [ 1246.924689][ T8931] netlink: 342 bytes leftover after parsing attributes in process `syz.6.15955'. [ 1248.264153][ T8957] ucma_write: process 108 (syz.7.15963) changed security contexts after opening file descriptor, this is not allowed. [ 1248.922971][ T8985] netlink: 354 bytes leftover after parsing attributes in process `syz.6.15973'. [ 1249.244714][ T8993] FAULT_INJECTION: forcing a failure. [ 1249.244714][ T8993] name failslab, interval 1, probability 0, space 0, times 0 [ 1249.258193][ T8993] CPU: 0 UID: 0 PID: 8993 Comm: syz.8.15977 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1249.258229][ T8993] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1249.258237][ T8993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1249.258248][ T8993] Call Trace: [ 1249.258257][ T8993] [ 1249.258265][ T8993] dump_stack_lvl+0x100/0x190 [ 1249.258289][ T8993] should_fail_ex.cold+0x5/0xa [ 1249.258312][ T8993] should_failslab+0xc2/0x120 [ 1249.258335][ T8993] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1249.258363][ T8993] ? __send_signal_locked+0x155/0x12d0 [ 1249.258386][ T8993] __send_signal_locked+0x155/0x12d0 [ 1249.258409][ T8993] force_sig_info_to_task+0x450/0x660 [ 1249.258435][ T8993] force_sig+0xbf/0x100 [ 1249.258455][ T8993] ? __pfx_force_sig+0x10/0x10 [ 1249.258480][ T8993] ? fixup_vdso_exception+0x2d1/0x370 [ 1249.258506][ T8993] ? gp_user_force_sig_segv.constprop.0+0xbf/0x150 [ 1249.258542][ T8993] exc_general_protection+0x1c7/0x240 [ 1249.258572][ T8993] asm_exc_general_protection+0x26/0x30 [ 1249.258591][ T8993] RIP: 0033:0x7f4241c50b6d [ 1249.258607][ T8993] Code: f9 48 8d 1d b5 94 ff ff d3 e0 a9 83 08 00 00 0f 84 c1 00 00 00 44 8b 13 41 f6 c2 01 0f 85 a0 00 00 00 8b 43 04 83 f8 01 75 7a <0f> 01 f9 66 90 48 c1 e2 20 48 09 c2 48 0f ba f2 3f 49 63 f9 8b 4b [ 1249.258625][ T8993] RSP: 002b:00007f4241c49000 EFLAGS: 00010246 [ 1249.258641][ T8993] RAX: 0000000000000001 RBX: 00007f4241c4a000 RCX: 0000000000000001 [ 1249.258652][ T8993] RDX: 00007f4240eb9740 RSI: 00007f4241c490b0 RDI: 0000000000000001 [ 1249.258663][ T8993] RBP: 00007f4241c49030 R08: 0000000000000081 R09: 0000000000000001 [ 1249.258674][ T8993] R10: 000000000003b400 R11: 0000000000000246 R12: 0000000000000000 [ 1249.258684][ T8993] R13: 00007f4241016038 R14: 00007f4241015fa0 R15: 00007ffefeec0648 [ 1249.258706][ T8993] [ 1249.870393][ T9000] netlink: 342 bytes leftover after parsing attributes in process `syz.6.15980'. [ 1249.929787][ T9003] netlink: 330 bytes leftover after parsing attributes in process `syz.7.15981'. [ 1250.045311][ T29] audit: type=1326 audit(4294967554.080:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8992 comm="syz.8.15977" exe="/root/ci-qemu-gce-upstream-auto/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4240d9ce59 code=0x0 [ 1250.116498][ T9008] netlink: 342 bytes leftover after parsing attributes in process `syz.7.15983'. [ 1250.426286][ T9014] FAULT_INJECTION: forcing a failure. [ 1250.426286][ T9014] name failslab, interval 1, probability 0, space 0, times 0 [ 1250.482673][ T9014] CPU: 0 UID: 0 PID: 9014 Comm: syz.8.15986 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1250.482708][ T9014] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1250.482716][ T9014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1250.482728][ T9014] Call Trace: [ 1250.482734][ T9014] [ 1250.482742][ T9014] dump_stack_lvl+0x100/0x190 [ 1250.482765][ T9014] should_fail_ex.cold+0x5/0xa [ 1250.482789][ T9014] ? security_inode_init_security+0x113/0x370 [ 1250.482818][ T9014] should_failslab+0xc2/0x120 [ 1250.482848][ T9014] __kmalloc_noprof+0xe0/0x850 [ 1250.482866][ T9014] ? lockdep_init_map_type+0x5c/0x250 [ 1250.482900][ T9014] security_inode_init_security+0x113/0x370 [ 1250.482930][ T9014] ? __pfx_shmem_initxattrs+0x10/0x10 [ 1250.482956][ T9014] ? __pfx_security_inode_init_security+0x10/0x10 [ 1250.482988][ T9014] ? __pfx_make_vfsuid+0x10/0x10 [ 1250.483009][ T9014] shmem_symlink+0x163/0xa00 [ 1250.483028][ T9014] ? generic_permission+0xae/0x800 [ 1250.483057][ T9014] ? __pfx_shmem_symlink+0x10/0x10 [ 1250.483074][ T9014] ? security_inode_permission+0xbf/0x250 [ 1250.483097][ T9014] ? inode_permission+0x374/0x620 [ 1250.483129][ T9014] ? tomoyo_path_symlink+0x97/0xe0 [ 1250.483166][ T9014] vfs_symlink+0x178/0x4d0 [ 1250.483185][ T9014] filename_symlinkat+0x2a6/0x560 [ 1250.483214][ T9014] ? __pfx_filename_symlinkat+0x10/0x10 [ 1250.483239][ T9014] ? strncpy_from_user+0x19d/0x2d0 [ 1250.483268][ T9014] ? do_getname+0x191/0x390 [ 1250.483297][ T9014] __x64_sys_symlink+0x79/0xb0 [ 1250.483324][ T9014] do_syscall_64+0x115/0x840 [ 1250.483349][ T9014] ? clear_bhb_loop+0x40/0x90 [ 1250.483372][ T9014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1250.483390][ T9014] RIP: 0033:0x7f4240d9ce59 [ 1250.483406][ T9014] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1250.483423][ T9014] RSP: 002b:00007f4241c49028 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 1250.483442][ T9014] RAX: ffffffffffffffda RBX: 00007f4241015fa0 RCX: 00007f4240d9ce59 [ 1250.483454][ T9014] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000140 [ 1250.483469][ T9014] RBP: 00007f4240e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1250.483479][ T9014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1250.483490][ T9014] R13: 00007f4241016038 R14: 00007f4241015fa0 R15: 00007ffefeec0648 [ 1250.483513][ T9014] [ 1250.909956][ T9015] Process accounting resumed [ 1251.429536][ T9037] ERROR: Out of memory at tomoyo_memory_ok. [ 1251.836515][ T9044] netlink: 294 bytes leftover after parsing attributes in process `syz.7.15998'. [ 1254.393570][ T9107] netlink: 334 bytes leftover after parsing attributes in process `syz.5.16023'. [ 1254.739837][ T9117] netlink: 'syz.8.16027': attribute type 64 has an invalid length. [ 1254.779205][ T9117] netlink: 74 bytes leftover after parsing attributes in process `syz.8.16027'. [ 1257.069756][ T9176] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1257.118980][ T9178] netlink: 86 bytes leftover after parsing attributes in process `syz.6.16050'. [ 1257.460767][ T9184] misc userio: The device must be registered before sending interrupts [ 1257.508020][ T9187] netlink: 338 bytes leftover after parsing attributes in process `syz.7.16053'. [ 1258.247361][ T9204] netlink: 'syz.5.16059': attribute type 33 has an invalid length. [ 1258.914401][ T9218] netlink: 334 bytes leftover after parsing attributes in process `syz.7.16066'. [ 1260.316824][ T9256] netlink: 334 bytes leftover after parsing attributes in process `syz.7.16079'. [ 1263.533169][ T9332] overlayfs: missing 'lowerdir' [ 1264.673292][ T9348] netlink: 198 bytes leftover after parsing attributes in process `syz.8.16107'. [ 1264.712291][ T9350] netlink: 146 bytes leftover after parsing attributes in process `syz.7.16108'. [ 1265.744520][ T9368] : renamed from bond0 (while UP) [ 1267.068586][ T9392] netlink: 334 bytes leftover after parsing attributes in process `syz.6.16127'. [ 1268.985768][ T9417] netlink: 342 bytes leftover after parsing attributes in process `syz.5.16137'. [ 1269.311435][ T9422] netlink: 334 bytes leftover after parsing attributes in process `syz.5.16139'. [ 1269.581580][ T9431] netlink: 342 bytes leftover after parsing attributes in process `syz.7.16143'. [ 1270.108823][ T9445] netlink: 334 bytes leftover after parsing attributes in process `syz.5.16149'. [ 1270.448179][ T9451] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1271.571368][ T9474] netlink: 338 bytes leftover after parsing attributes in process `syz.5.16158'. [ 1273.672911][ T9496] netlink: 326 bytes leftover after parsing attributes in process `syz.7.16166'. [ 1274.384930][ T9509] netlink: 'syz.5.16172': attribute type 27 has an invalid length. [ 1274.416075][ T9509] netlink: 334 bytes leftover after parsing attributes in process `syz.5.16172'. [ 1276.022073][ T9539] netlink: 342 bytes leftover after parsing attributes in process `syz.6.16182'. [ 1278.452924][ T9583] netlink: 334 bytes leftover after parsing attributes in process `syz.6.16197'. [ 1279.386752][ T9605] FAULT_INJECTION: forcing a failure. [ 1279.386752][ T9605] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1279.569374][ T9605] CPU: 0 UID: 0 PID: 9605 Comm: syz.8.16202 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1279.569414][ T9605] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1279.569423][ T9605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1279.569434][ T9605] Call Trace: [ 1279.569440][ T9605] [ 1279.569447][ T9605] dump_stack_lvl+0x100/0x190 [ 1279.569471][ T9605] should_fail_ex.cold+0x5/0xa [ 1279.569491][ T9605] ? prepare_alloc_pages+0x16d/0x5f0 [ 1279.569517][ T9605] should_fail_alloc_page+0xeb/0x140 [ 1279.569541][ T9605] prepare_alloc_pages+0x1f0/0x5f0 [ 1279.569568][ T9605] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1279.569602][ T9605] ? rcu_is_watching+0x12/0xc0 [ 1279.569623][ T9605] ? trace_mm_page_alloc+0x163/0x1d0 [ 1279.569646][ T9605] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1279.569683][ T9605] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1279.569716][ T9605] ? __pfx_stack_trace_save+0x10/0x10 [ 1279.569741][ T9605] ? stack_depot_save_flags+0x27/0x9d0 [ 1279.569778][ T9605] ? is_bpf_text_address+0x8a/0x1a0 [ 1279.569802][ T9605] ? is_bpf_text_address+0x8a/0x1a0 [ 1279.569827][ T9605] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1279.569857][ T9605] ? kasan_save_stack+0x3f/0x50 [ 1279.569874][ T9605] ? kasan_save_stack+0x30/0x50 [ 1279.569890][ T9605] ? kasan_save_track+0x14/0x30 [ 1279.569907][ T9605] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 1279.569937][ T9605] ? __get_vm_area_node+0x1ca/0x330 [ 1279.569959][ T9605] ? __vmalloc_node_range_noprof+0x228/0x1630 [ 1279.569984][ T9605] ? __kvmalloc_node_noprof+0x3de/0xa00 [ 1279.570001][ T9605] ? __do_sys_listmount+0x289/0xee0 [ 1279.570020][ T9605] ? do_syscall_64+0x115/0x840 [ 1279.570045][ T9605] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1279.570070][ T9605] alloc_pages_bulk_noprof+0x649/0x1360 [ 1279.570131][ T9605] ? policy_nodemask+0xed/0x4f0 [ 1279.570155][ T9605] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1279.570199][ T9605] __kasan_populate_vmalloc+0xf0/0x210 [ 1279.570234][ T9605] alloc_vmap_area+0x95d/0x2b70 [ 1279.570270][ T9605] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1279.570297][ T9605] __get_vm_area_node+0x1ca/0x330 [ 1279.570324][ T9605] __vmalloc_node_range_noprof+0x228/0x1630 [ 1279.570350][ T9605] ? __do_sys_listmount+0x289/0xee0 [ 1279.570369][ T9605] ? get_pid_task+0xfc/0x250 [ 1279.570400][ T9605] ? __do_sys_listmount+0x289/0xee0 [ 1279.570423][ T9605] ? alloc_pages_mpol+0x25a/0x540 [ 1279.570448][ T9605] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1279.570478][ T9605] ? rcu_is_watching+0x12/0xc0 [ 1279.570504][ T9605] __kvmalloc_node_noprof+0x3de/0xa00 [ 1279.570524][ T9605] ? __do_sys_listmount+0x289/0xee0 [ 1279.570543][ T9605] ? __do_sys_listmount+0x289/0xee0 [ 1279.570564][ T9605] ? _copy_from_user+0x59/0xd0 [ 1279.570589][ T9605] ? copy_mnt_id_req+0x1b1/0x350 [ 1279.570618][ T9605] __do_sys_listmount+0x289/0xee0 [ 1279.570638][ T9605] ? __pfx_do_futex+0x10/0x10 [ 1279.570659][ T9605] ? __fget_files+0x21f/0x3d0 [ 1279.570680][ T9605] ? __pfx___do_sys_listmount+0x10/0x10 [ 1279.570710][ T9605] ? rcu_is_watching+0x12/0xc0 [ 1279.570733][ T9605] do_syscall_64+0x115/0x840 [ 1279.570765][ T9605] ? clear_bhb_loop+0x40/0x90 [ 1279.570787][ T9605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1279.570806][ T9605] RIP: 0033:0x7f4240d9ce59 [ 1279.570822][ T9605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1279.570839][ T9605] RSP: 002b:00007f4241c49028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1279.570859][ T9605] RAX: ffffffffffffffda RBX: 00007f4241015fa0 RCX: 00007f4240d9ce59 [ 1279.570871][ T9605] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 1279.570882][ T9605] RBP: 00007f4240e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1279.570893][ T9605] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1279.570904][ T9605] R13: 00007f4241016038 R14: 00007f4241015fa0 R15: 00007ffefeec0648 [ 1279.570928][ T9605] [ 1280.146737][ T9605] warn_alloc: 1 callbacks suppressed [ 1280.146757][ T9605] syz.8.16202: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1280.168770][ T9605] CPU: 0 UID: 0 PID: 9605 Comm: syz.8.16202 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1280.168805][ T9605] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1280.168814][ T9605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1280.168825][ T9605] Call Trace: [ 1280.168831][ T9605] [ 1280.168838][ T9605] dump_stack_lvl+0x100/0x190 [ 1280.168862][ T9605] warn_alloc.cold+0x95/0x1c1 [ 1280.168882][ T9605] ? __pfx_warn_alloc+0x10/0x10 [ 1280.168910][ T9605] ? lockdep_hardirqs_on+0x78/0x100 [ 1280.168938][ T9605] ? __get_vm_area_node+0x2cd/0x330 [ 1280.168965][ T9605] ? __get_vm_area_node+0x208/0x330 [ 1280.168991][ T9605] __vmalloc_node_range_noprof+0xccd/0x1630 [ 1280.169017][ T9605] ? get_pid_task+0xfc/0x250 [ 1280.169048][ T9605] ? __do_sys_listmount+0x289/0xee0 [ 1280.169071][ T9605] ? alloc_pages_mpol+0x25a/0x540 [ 1280.169093][ T9605] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1280.169123][ T9605] ? rcu_is_watching+0x12/0xc0 [ 1280.169148][ T9605] __kvmalloc_node_noprof+0x3de/0xa00 [ 1280.169167][ T9605] ? __do_sys_listmount+0x289/0xee0 [ 1280.169186][ T9605] ? __do_sys_listmount+0x289/0xee0 [ 1280.169203][ T9605] ? _copy_from_user+0x59/0xd0 [ 1280.169229][ T9605] ? copy_mnt_id_req+0x1b1/0x350 [ 1280.169258][ T9605] __do_sys_listmount+0x289/0xee0 [ 1280.169277][ T9605] ? __pfx_do_futex+0x10/0x10 [ 1280.169297][ T9605] ? __fget_files+0x21f/0x3d0 [ 1280.169319][ T9605] ? __pfx___do_sys_listmount+0x10/0x10 [ 1280.169362][ T9605] ? rcu_is_watching+0x12/0xc0 [ 1280.169385][ T9605] do_syscall_64+0x115/0x840 [ 1280.169410][ T9605] ? clear_bhb_loop+0x40/0x90 [ 1280.169432][ T9605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1280.169451][ T9605] RIP: 0033:0x7f4240d9ce59 [ 1280.169468][ T9605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1280.169485][ T9605] RSP: 002b:00007f4241c49028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1280.169505][ T9605] RAX: ffffffffffffffda RBX: 00007f4241015fa0 RCX: 00007f4240d9ce59 [ 1280.169517][ T9605] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 1280.169527][ T9605] RBP: 00007f4240e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1280.169539][ T9605] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1280.169549][ T9605] R13: 00007f4241016038 R14: 00007f4241015fa0 R15: 00007ffefeec0648 [ 1280.169571][ T9605] [ 1280.169577][ T9605] Mem-Info: [ 1280.425410][ T9605] active_anon:27714 inactive_anon:2965 isolated_anon:0 [ 1280.425410][ T9605] active_file:15650 inactive_file:43348 isolated_file:0 [ 1280.425410][ T9605] unevictable:768 dirty:26 writeback:0 [ 1280.425410][ T9605] slab_reclaimable:12171 slab_unreclaimable:110282 [ 1280.425410][ T9605] mapped:51857 shmem:9837 pagetables:1391 [ 1280.425410][ T9605] sec_pagetables:0 bounce:0 [ 1280.425410][ T9605] kernel_misc_reclaimable:0 [ 1280.425410][ T9605] free:1215882 free_pcp:14770 free_cma:0 [ 1280.473673][ T9605] Node 0 active_anon:110856kB inactive_anon:11860kB active_file:62600kB inactive_file:173232kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:207400kB dirty:104kB writeback:0kB shmem:37812kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:57344kB kernel_stack:12928kB pagetables:5424kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1280.602897][ T9605] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:160kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1280.643021][ T9617] netlink: 'syz.6.16208': attribute type 27 has an invalid length. [ 1280.707845][ T9617] netlink: 334 bytes leftover after parsing attributes in process `syz.6.16208'. [ 1280.750203][ T9605] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1280.809986][ T9605] lowmem_reserve[]: 0 2478 2479 2479 2479 [ 1280.825071][ T9605] Node 0 DMA32 free:918500kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB free_highatomic:0KB active_anon:113052kB inactive_anon:11860kB active_file:62600kB inactive_file:173228kB unevictable:1536kB writepending:20kB zspages:0kB present:3129332kB managed:2537500kB mlocked:0kB bounce:0kB free_pcp:45532kB local_pcp:45532kB free_cma:0kB [ 1280.909260][ T9605] lowmem_reserve[]: 0 0 1 1 1 [ 1280.915747][ T9605] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1108kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 1280.951830][ T9605] lowmem_reserve[]: 0 0 0 0 0 [ 1280.957055][ T9605] Node 1 Normal free:3932424kB boost:0kB min:55580kB low:69472kB high:83364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:160kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:7624kB local_pcp:7624kB free_cma:0kB [ 1280.995881][ T9605] lowmem_reserve[]: 0 0 0 0 0 [ 1281.001410][ T9605] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1281.025220][ T9605] Node 0 DMA32: 1207*4kB (UME) 3542*8kB (UME) 3891*16kB (UM) 457*32kB (UM) 525*64kB (UME) 310*128kB (UME) 587*256kB (UME) 341*512kB (UME) 145*1024kB (UM) 16*2048kB (UME) 54*4096kB (M) = 910620kB [ 1281.066588][ T9605] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 1281.096150][ T9605] Node 1 Normal: 8*4kB (UM) 1*8kB (M) 4*16kB (UM) 7*32kB (UM) 13*64kB (UM) 5*128kB (UM) 2*256kB (M) 4*512kB (UM) 2*1024kB (UM) 3*2048kB (UM) 957*4096kB (UM) = 3932424kB [ 1281.137650][ T9605] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1281.162530][ T9605] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1281.210201][ T9605] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1281.276187][ T9605] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1281.336249][ T9605] 68419 total pagecache pages [ 1281.354018][ T9605] 39 pages in swap cache [ 1281.370647][ T9605] Free swap = 120244kB [ 1281.396347][ T9626] FAULT_INJECTION: forcing a failure. [ 1281.396347][ T9626] name failslab, interval 1, probability 0, space 0, times 0 [ 1281.416880][ T9605] Total swap = 124996kB [ 1281.428784][ T9613] Process accounting paused [ 1281.434981][ T9605] 2097051 pages RAM [ 1281.447488][ T9605] 0 pages HighMem/MovableOnly [ 1281.464042][ T9626] CPU: 0 UID: 0 PID: 9626 Comm: syz.7.16211 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1281.464077][ T9626] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1281.464085][ T9626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1281.464096][ T9626] Call Trace: [ 1281.464104][ T9626] [ 1281.464111][ T9626] dump_stack_lvl+0x100/0x190 [ 1281.464135][ T9626] should_fail_ex.cold+0x5/0xa [ 1281.464159][ T9626] should_failslab+0xc2/0x120 [ 1281.464182][ T9626] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1281.464213][ T9626] ? __d_alloc+0x34/0xa40 [ 1281.464242][ T9626] __d_alloc+0x34/0xa40 [ 1281.464269][ T9626] d_alloc+0x4a/0x1e0 [ 1281.464294][ T9626] lookup_one_qstr_excl+0x171/0x250 [ 1281.464330][ T9626] start_dirop+0x59/0xb0 [ 1281.464351][ T9626] simple_start_creating+0xf9/0x110 [ 1281.464374][ T9626] ? __pfx_simple_start_creating+0x10/0x10 [ 1281.464397][ T9626] ? mntput+0x70/0xa0 [ 1281.464416][ T9626] ? simple_pin_fs+0xa3/0x190 [ 1281.464436][ T9626] debugfs_start_creating.part.0+0x82/0x170 [ 1281.464456][ T9626] __debugfs_create_file+0xb3/0x4f0 [ 1281.464478][ T9626] debugfs_create_file_full+0x41/0x60 [ 1281.464522][ T9626] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 1281.464541][ T9626] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 1281.464587][ T9626] ? lockdep_init_map_type+0x5c/0x250 [ 1281.464622][ T9626] preinit_net.part.0+0x43b/0x920 [ 1281.464645][ T9626] copy_net_ns+0x339/0x7c0 [ 1281.464670][ T9626] create_new_namespaces+0x3ea/0xac0 [ 1281.464705][ T9626] unshare_nsproxy_namespaces+0xf2/0x220 [ 1281.464733][ T9626] ksys_unshare+0x438/0xab0 [ 1281.464760][ T9626] ? __pfx_ksys_unshare+0x10/0x10 [ 1281.464785][ T9626] ? xfd_validate_state+0x129/0x190 [ 1281.464801][ T9626] ? ksys_write+0x1ac/0x250 [ 1281.464829][ T9626] __x64_sys_unshare+0x31/0x40 [ 1281.464855][ T9626] do_syscall_64+0x115/0x840 [ 1281.464880][ T9626] ? clear_bhb_loop+0x40/0x90 [ 1281.464902][ T9626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1281.464920][ T9626] RIP: 0033:0x7f702b19ce59 [ 1281.464936][ T9626] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1281.464953][ T9626] RSP: 002b:00007f702c139028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1281.464970][ T9626] RAX: ffffffffffffffda RBX: 00007f702b415fa0 RCX: 00007f702b19ce59 [ 1281.464982][ T9626] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1281.464992][ T9626] RBP: 00007f702b232d6f R08: 0000000000000000 R09: 0000000000000000 [ 1281.465003][ T9626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1281.465013][ T9626] R13: 00007f702b416038 R14: 00007f702b415fa0 R15: 00007ffcf4cea348 [ 1281.465036][ T9626] [ 1281.747366][ T9605] 430784 pages reserved [ 1281.751599][ T9605] 0 pages cma reserved [ 1283.286991][ T9660] MTRR 2 not used [ 1284.255627][ T9682] netlink: 334 bytes leftover after parsing attributes in process `syz.5.16231'. [ 1284.782000][ T9692] netlink: 'syz.5.16235': attribute type 21 has an invalid length. [ 1284.833773][ T9692] netlink: 334 bytes leftover after parsing attributes in process `syz.5.16235'. [ 1285.134032][ T9701] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16238'. [ 1286.078814][ T9715] FAULT_INJECTION: forcing a failure. [ 1286.078814][ T9715] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1286.145437][ T9718] netlink: 28 bytes leftover after parsing attributes in process `syz.8.16244'. [ 1286.214185][ T9715] CPU: 0 UID: 0 PID: 9715 Comm: syz.6.16243 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1286.214220][ T9715] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1286.214229][ T9715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1286.214240][ T9715] Call Trace: [ 1286.214247][ T9715] [ 1286.214254][ T9715] dump_stack_lvl+0x100/0x190 [ 1286.214279][ T9715] should_fail_ex.cold+0x5/0xa [ 1286.214302][ T9715] _copy_to_user+0x32/0xd0 [ 1286.214329][ T9715] do_timer_create+0x6d9/0x1480 [ 1286.214355][ T9715] ? __pfx_do_timer_create+0x10/0x10 [ 1286.214374][ T9715] ? __pfx_do_futex+0x10/0x10 [ 1286.214396][ T9715] ? __do_sys_capset+0xfb/0x460 [ 1286.214420][ T9715] __x64_sys_timer_create+0x199/0x1d0 [ 1286.214448][ T9715] ? __pfx___x64_sys_timer_create+0x10/0x10 [ 1286.214478][ T9715] ? xfd_validate_state+0x129/0x190 [ 1286.214496][ T9715] ? ksys_write+0x1ac/0x250 [ 1286.214520][ T9715] ? rcu_is_watching+0x12/0xc0 [ 1286.214543][ T9715] do_syscall_64+0x115/0x840 [ 1286.214569][ T9715] ? clear_bhb_loop+0x40/0x90 [ 1286.214590][ T9715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1286.214621][ T9715] RIP: 0033:0x7fe7e159ce59 [ 1286.214637][ T9715] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1286.214656][ T9715] RSP: 002b:00007fe7e237f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000de [ 1286.214675][ T9715] RAX: ffffffffffffffda RBX: 00007fe7e1816090 RCX: 00007fe7e159ce59 [ 1286.214687][ T9715] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 1286.214697][ T9715] RBP: 00007fe7e1632d6f R08: 0000000000000000 R09: 0000000000000000 [ 1286.214708][ T9715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1286.214719][ T9715] R13: 00007fe7e1816128 R14: 00007fe7e1816090 R15: 00007ffe6eccd968 [ 1286.214743][ T9715] [ 1286.537672][ T9718] bond0: (slave bond_slave_0): Releasing backup interface [ 1287.570537][ T9741] netlink: 334 bytes leftover after parsing attributes in process `syz.6.16253'. [ 1287.660857][ T9743] FAULT_INJECTION: forcing a failure. [ 1287.660857][ T9743] name failslab, interval 1, probability 0, space 0, times 0 [ 1287.731443][ T9743] CPU: 0 UID: 0 PID: 9743 Comm: syz.8.16254 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1287.731478][ T9743] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1287.731486][ T9743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1287.731495][ T9743] Call Trace: [ 1287.731502][ T9743] [ 1287.731509][ T9743] dump_stack_lvl+0x100/0x190 [ 1287.731540][ T9743] should_fail_ex.cold+0x5/0xa [ 1287.731565][ T9743] should_failslab+0xc2/0x120 [ 1287.731587][ T9743] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1287.731618][ T9743] ? __d_alloc+0x34/0xa40 [ 1287.731646][ T9743] __d_alloc+0x34/0xa40 [ 1287.731673][ T9743] d_alloc+0x4a/0x1e0 [ 1287.731698][ T9743] lookup_one_qstr_excl+0x171/0x250 [ 1287.731728][ T9743] start_dirop+0x59/0xb0 [ 1287.731749][ T9743] simple_start_creating+0xf9/0x110 [ 1287.731771][ T9743] ? __pfx_simple_start_creating+0x10/0x10 [ 1287.731794][ T9743] ? mntput+0x70/0xa0 [ 1287.731813][ T9743] ? simple_pin_fs+0xa3/0x190 [ 1287.731832][ T9743] debugfs_start_creating.part.0+0x82/0x170 [ 1287.731857][ T9743] __debugfs_create_file+0xb3/0x4f0 [ 1287.731879][ T9743] debugfs_create_file_full+0x41/0x60 [ 1287.731901][ T9743] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 1287.731919][ T9743] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 1287.731936][ T9743] ? ida_alloc_range+0x70d/0x830 [ 1287.731982][ T9743] ? lockdep_init_map_type+0x5c/0x250 [ 1287.732016][ T9743] preinit_net.part.0+0x252/0x920 [ 1287.732039][ T9743] copy_net_ns+0x339/0x7c0 [ 1287.732064][ T9743] create_new_namespaces+0x3ea/0xac0 [ 1287.732093][ T9743] unshare_nsproxy_namespaces+0xf2/0x220 [ 1287.732118][ T9743] ksys_unshare+0x438/0xab0 [ 1287.732145][ T9743] ? __pfx_ksys_unshare+0x10/0x10 [ 1287.732170][ T9743] ? xfd_validate_state+0x129/0x190 [ 1287.732187][ T9743] ? ksys_write+0x1ac/0x250 [ 1287.732215][ T9743] __x64_sys_unshare+0x31/0x40 [ 1287.732240][ T9743] do_syscall_64+0x115/0x840 [ 1287.732265][ T9743] ? clear_bhb_loop+0x40/0x90 [ 1287.732287][ T9743] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1287.732305][ T9743] RIP: 0033:0x7f4240d9ce59 [ 1287.732321][ T9743] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1287.732339][ T9743] RSP: 002b:00007f4241c49028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1287.732357][ T9743] RAX: ffffffffffffffda RBX: 00007f4241015fa0 RCX: 00007f4240d9ce59 [ 1287.732368][ T9743] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1287.732379][ T9743] RBP: 00007f4240e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1287.732389][ T9743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1287.732400][ T9743] R13: 00007f4241016038 R14: 00007f4241015fa0 R15: 00007ffefeec0648 [ 1287.732422][ T9743] [ 1290.369328][ T9791] netlink: 20 bytes leftover after parsing attributes in process `syz.7.16269'. [ 1291.544498][ T9810] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 1291.688101][ T9810] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 1291.802121][ T9818] netlink: 16 bytes leftover after parsing attributes in process `syz.6.16275'. [ 1291.815881][ T9814] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 1291.923325][ T9814] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 1293.143585][ T9841] netlink: 322 bytes leftover after parsing attributes in process `syz.5.16282'. [ 1294.599586][ T9863] netlink: 16 bytes leftover after parsing attributes in process `syz.6.16287'. [ 1295.009231][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 1295.015967][ T1319] ieee802154 phy1 wpan1: encryption failed: -22 [ 1295.198023][ T9871] netlink: 342 bytes leftover after parsing attributes in process `syz.7.16291'. [ 1296.265395][ T9895] netlink: 28 bytes leftover after parsing attributes in process `syz.6.16301'. [ 1296.375319][ T9895] : (slave bond_slave_0): Releasing backup interface [ 1297.097408][ T9909] netlink: 334 bytes leftover after parsing attributes in process `syz.8.16307'. [ 1300.166539][ T9961] netlink: 'syz.6.16323': attribute type 19 has an invalid length. [ 1300.191322][ T9961] netlink: 334 bytes leftover after parsing attributes in process `syz.6.16323'. [ 1301.000633][ T9977] netlink: 334 bytes leftover after parsing attributes in process `syz.8.16328'. [ 1301.123844][ T9977] netlink: 334 bytes leftover after parsing attributes in process `syz.8.16328'. [ 1303.583707][T10003] FAULT_INJECTION: forcing a failure. [ 1303.583707][T10003] name failslab, interval 1, probability 0, space 0, times 0 [ 1303.705789][T10003] CPU: 0 UID: 0 PID: 10003 Comm: syz.6.16339 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1303.705826][T10003] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1303.705834][T10003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1303.705845][T10003] Call Trace: [ 1303.705851][T10003] [ 1303.705859][T10003] dump_stack_lvl+0x100/0x190 [ 1303.705883][T10003] should_fail_ex.cold+0x5/0xa [ 1303.705910][T10003] should_failslab+0xc2/0x120 [ 1303.705933][T10003] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1303.705963][T10003] ? alloc_inode+0x68/0x250 [ 1303.705990][T10003] ? simple_start_creating+0xb0/0x110 [ 1303.706012][T10003] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 1303.706046][T10003] alloc_inode+0x68/0x250 [ 1303.706075][T10003] new_inode+0x22/0x1c0 [ 1303.706105][T10003] __debugfs_create_file+0x105/0x4f0 [ 1303.706128][T10003] debugfs_create_file_full+0x41/0x60 [ 1303.706150][T10003] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 1303.706169][T10003] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 1303.706187][T10003] ? ida_alloc_range+0x70d/0x830 [ 1303.706232][T10003] ? lockdep_init_map_type+0x5c/0x250 [ 1303.706266][T10003] preinit_net.part.0+0x252/0x920 [ 1303.706288][T10003] copy_net_ns+0x339/0x7c0 [ 1303.706312][T10003] create_new_namespaces+0x3ea/0xac0 [ 1303.706341][T10003] unshare_nsproxy_namespaces+0xf2/0x220 [ 1303.706374][T10003] ksys_unshare+0x438/0xab0 [ 1303.706401][T10003] ? __pfx_ksys_unshare+0x10/0x10 [ 1303.706425][T10003] ? xfd_validate_state+0x129/0x190 [ 1303.706443][T10003] ? ksys_write+0x1ac/0x250 [ 1303.706471][T10003] __x64_sys_unshare+0x31/0x40 [ 1303.706497][T10003] do_syscall_64+0x115/0x840 [ 1303.706522][T10003] ? clear_bhb_loop+0x40/0x90 [ 1303.706545][T10003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1303.706564][T10003] RIP: 0033:0x7fe7e159ce59 [ 1303.706580][T10003] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1303.706597][T10003] RSP: 002b:00007fe7e23a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1303.706615][T10003] RAX: ffffffffffffffda RBX: 00007fe7e1815fa0 RCX: 00007fe7e159ce59 [ 1303.706626][T10003] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1303.706636][T10003] RBP: 00007fe7e1632d6f R08: 0000000000000000 R09: 0000000000000000 [ 1303.706647][T10003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1303.706657][T10003] R13: 00007fe7e1816038 R14: 00007fe7e1815fa0 R15: 00007ffe6eccd968 [ 1303.706680][T10003] [ 1303.987905][T10003] debugfs: out of free dentries, can not create file 'net_refcnt@ffff88802a678280' [ 1304.554983][T10020] netlink: 334 bytes leftover after parsing attributes in process `syz.8.16344'. [ 1305.098881][T10027] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1305.328584][T10030] netlink: 222 bytes leftover after parsing attributes in process `syz.6.16347'. [ 1306.230244][T10044] netlink: 20 bytes leftover after parsing attributes in process `syz.8.16353'. [ 1307.252742][T10058] netlink: 334 bytes leftover after parsing attributes in process `syz.7.16359'. [ 1307.268443][T21618] Bluetooth: hci4: command 0x0406 tx timeout [ 1307.347190][T10060] netlink: 342 bytes leftover after parsing attributes in process `syz.6.16360'. [ 1307.392934][T10060] netlink: 342 bytes leftover after parsing attributes in process `syz.6.16360'. [ 1308.185952][T10079] netlink: 342 bytes leftover after parsing attributes in process `syz.6.16368'. [ 1309.732167][T10072] kexec: Could not allocate control_code_buffer [ 1309.886786][T10098] netlink: 330 bytes leftover after parsing attributes in process `syz.8.16376'. [ 1309.965453][T10098] IPv6: NLM_F_CREATE should be specified when creating new route [ 1310.652324][T10113] FAULT_INJECTION: forcing a failure. [ 1310.652324][T10113] name failslab, interval 1, probability 0, space 0, times 0 [ 1310.734558][T10113] CPU: 0 UID: 0 PID: 10113 Comm: syz.6.16380 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1310.734594][T10113] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1310.734603][T10113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1310.734613][T10113] Call Trace: [ 1310.734620][T10113] [ 1310.734627][T10113] dump_stack_lvl+0x100/0x190 [ 1310.734651][T10113] should_fail_ex.cold+0x5/0xa [ 1310.734673][T10113] ? handler_new_ref+0x1ab/0xc60 [ 1310.734701][T10113] should_failslab+0xc2/0x120 [ 1310.734723][T10113] __kmalloc_noprof+0xe0/0x850 [ 1310.734745][T10113] handler_new_ref+0x1ab/0xc60 [ 1310.734778][T10113] v4l2_ctrl_new+0xe67/0x23a0 [ 1310.734814][T10113] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 1310.734845][T10113] ? lock_acquire+0x1b1/0x370 [ 1310.734879][T10113] v4l2_ctrl_new_std+0x1bb/0x290 [ 1310.734914][T10113] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 1310.734943][T10113] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 1310.734974][T10113] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1310.735006][T10113] ? __asan_memcpy+0x3c/0x60 [ 1310.735034][T10113] ? find_ref+0x209/0x420 [ 1310.735064][T10113] handler_new_ref+0x82f/0xc60 [ 1310.735098][T10113] v4l2_ctrl_new+0xe67/0x23a0 [ 1310.735134][T10113] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 1310.735172][T10113] v4l2_ctrl_new_std+0x1bb/0x290 [ 1310.735207][T10113] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 1310.735237][T10113] ? trace_kmalloc+0xe3/0x110 [ 1310.735258][T10113] ? __kasan_kmalloc+0xaa/0xb0 [ 1310.735287][T10113] ? v4l2_ctrl_handler_init_class+0x201/0x350 [ 1310.735316][T10113] ? lockdep_init_map_type+0x10/0x250 [ 1310.735348][T10113] ? media_request_object_init+0x105/0x180 [ 1310.735378][T10113] vicodec_open+0x1b2/0xf70 [ 1310.735396][T10113] ? kobject_get_unless_zero+0x156/0x200 [ 1310.735431][T10113] v4l2_open+0x1d2/0x490 [ 1310.735460][T10113] ? __pfx_v4l2_open+0x10/0x10 [ 1310.735487][T10113] chrdev_open+0x234/0x6a0 [ 1310.735510][T10113] ? __pfx_apparmor_file_open+0x10/0x10 [ 1310.735533][T10113] ? __pfx_chrdev_open+0x10/0x10 [ 1310.735559][T10113] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1310.735589][T10113] do_dentry_open+0x6ab/0x14d0 [ 1310.735612][T10113] ? __pfx_chrdev_open+0x10/0x10 [ 1310.735640][T10113] vfs_open+0x82/0x3f0 [ 1310.735671][T10113] path_openat+0x208c/0x31a0 [ 1310.735706][T10113] ? __pfx_path_openat+0x10/0x10 [ 1310.735738][T10113] do_file_open+0x20e/0x430 [ 1310.735763][T10113] ? __pfx_do_file_open+0x10/0x10 [ 1310.735802][T10113] ? alloc_fd+0x476/0x790 [ 1310.735827][T10113] ? do_getname+0x191/0x390 [ 1310.735856][T10113] do_sys_openat2+0x10d/0x1e0 [ 1310.735885][T10113] ? __pfx_do_sys_openat2+0x10/0x10 [ 1310.735914][T10113] ? __sys_sendmsg+0x18f/0x220 [ 1310.735938][T10113] __x64_sys_openat+0x12d/0x210 [ 1310.735967][T10113] ? __pfx___x64_sys_openat+0x10/0x10 [ 1310.736000][T10113] ? rcu_is_watching+0x12/0xc0 [ 1310.736024][T10113] do_syscall_64+0x115/0x840 [ 1310.736048][T10113] ? clear_bhb_loop+0x40/0x90 [ 1310.736071][T10113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1310.736090][T10113] RIP: 0033:0x7fe7e159ce59 [ 1310.736107][T10113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1310.736124][T10113] RSP: 002b:00007fe7e23a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1310.736143][T10113] RAX: ffffffffffffffda RBX: 00007fe7e1815fa0 RCX: 00007fe7e159ce59 [ 1310.736154][T10113] RDX: 0000000000080000 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 1310.736166][T10113] RBP: 00007fe7e1632d6f R08: 0000000000000000 R09: 0000000000000000 [ 1310.736177][T10113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1310.736187][T10113] R13: 00007fe7e1816038 R14: 00007fe7e1815fa0 R15: 00007ffe6eccd968 [ 1310.736210][T10113] [ 1311.634493][T10125] Process accounting resumed [ 1311.647721][T10131] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1312.362699][T10108] Bluetooth: hci5: command 0x0406 tx timeout [ 1312.369603][T10108] Bluetooth: hci6: command 0x0406 tx timeout [ 1314.405790][T10178] netlink: 350 bytes leftover after parsing attributes in process `syz.5.16401'. [ 1315.117926][T10187] netlink: 346 bytes leftover after parsing attributes in process `syz.5.16405'. [ 1315.461380][T10200] netlink: 330 bytes leftover after parsing attributes in process `syz.6.16410'. [ 1315.500661][ T29] audit: type=1800 audit(4294967619.869:73): pid=10193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.16406" name="file0" dev="tmpfs" ino=800 res=0 errno=0 [ 1315.845681][T10205] netlink: 28 bytes leftover after parsing attributes in process `syz.5.16411'. [ 1315.895575][T10205] bridge0: port 2(bridge_slave_1) entered disabled state [ 1315.905802][T10205] bridge0: port 1(bridge_slave_0) entered disabled state [ 1316.007300][T10205] bridge0: entered promiscuous mode [ 1317.156500][T10233] netlink: 342 bytes leftover after parsing attributes in process `syz.6.16419'. [ 1317.219424][T10233] IPv6: NLM_F_CREATE should be specified when creating new route [ 1317.262495][T10233] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1317.269848][T10233] IPv6: NLM_F_CREATE should be set when creating new route [ 1317.277909][T10233] IPv6: NLM_F_CREATE should be set when creating new route [ 1317.407085][T10238] netlink: 342 bytes leftover after parsing attributes in process `syz.6.16419'. [ 1317.438094][T10239] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1317.467763][T10238] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1317.718163][T10244] netlink: 342 bytes leftover after parsing attributes in process `syz.7.16424'. [ 1317.763048][T10245] FAULT_INJECTION: forcing a failure. [ 1317.763048][T10245] name failslab, interval 1, probability 0, space 0, times 0 [ 1317.829387][T10245] CPU: 0 UID: 0 PID: 10245 Comm: syz.5.16425 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1317.829424][T10245] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1317.829433][T10245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1317.829444][T10245] Call Trace: [ 1317.829450][T10245] [ 1317.829457][T10245] dump_stack_lvl+0x100/0x190 [ 1317.829481][T10245] should_fail_ex.cold+0x5/0xa [ 1317.829507][T10245] ? constrain_params_by_rules+0x175/0xcc0 [ 1317.829542][T10245] should_failslab+0xc2/0x120 [ 1317.829565][T10245] __kmalloc_noprof+0xe0/0x850 [ 1317.829582][T10245] ? kasan_quarantine_put+0x104/0x240 [ 1317.829605][T10245] constrain_params_by_rules+0x175/0xcc0 [ 1317.829634][T10245] ? kfree+0x223/0x6c0 [ 1317.829663][T10245] ? constrain_params_by_rules+0xa22/0xcc0 [ 1317.829694][T10245] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1317.829728][T10245] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1317.829755][T10245] ? __kasan_slab_free+0x5f/0x80 [ 1317.829774][T10245] ? kfree+0x223/0x6c0 [ 1317.829803][T10245] ? snd_pcm_oss_change_params_locked+0x18d9/0x39f0 [ 1317.829829][T10245] ? snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 1317.829857][T10245] ? snd_interval_refine+0x2d0/0x580 [ 1317.829879][T10245] snd_pcm_hw_refine+0x7e7/0xad0 [ 1317.829911][T10245] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1317.829943][T10245] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1317.829979][T10245] snd_pcm_hw_param_first+0x2b0/0x680 [ 1317.830010][T10245] snd_pcm_hw_param_near.constprop.0+0x739/0x850 [ 1317.830039][T10245] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1317.830066][T10245] ? calc_src_frames.isra.0+0x17c/0x1c0 [ 1317.830098][T10245] ? calc_dst_frames.constprop.0.isra.0+0xed/0x120 [ 1317.830130][T10245] snd_pcm_oss_change_params_locked+0x18d9/0x39f0 [ 1317.830168][T10245] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1317.830194][T10245] ? __pfx___mutex_lock+0x10/0x10 [ 1317.830220][T10245] ? find_held_lock+0x2b/0x80 [ 1317.830242][T10245] ? tomoyo_path_number_perm+0x28f/0x580 [ 1317.830317][T10245] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1317.830338][T10245] ? futex_wait+0x11e/0x370 [ 1317.830365][T10245] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 1317.830397][T10245] snd_pcm_oss_get_formats+0x7d/0x350 [ 1317.830424][T10245] ? __pfx_snd_pcm_oss_get_formats+0x10/0x10 [ 1317.830459][T10245] snd_pcm_oss_ioctl+0x1853/0x37c0 [ 1317.830512][T10245] ? find_held_lock+0x2b/0x80 [ 1317.830535][T10245] ? __fget_files+0x215/0x3d0 [ 1317.830556][T10245] ? hook_file_ioctl_common+0x149/0x410 [ 1317.830580][T10245] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1317.830610][T10245] ? __fget_files+0x21f/0x3d0 [ 1317.830635][T10245] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1317.830663][T10245] __x64_sys_ioctl+0x18e/0x210 [ 1317.830683][T10245] do_syscall_64+0x115/0x840 [ 1317.830709][T10245] ? clear_bhb_loop+0x40/0x90 [ 1317.830731][T10245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1317.830750][T10245] RIP: 0033:0x7f812899ce59 [ 1317.830766][T10245] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1317.830783][T10245] RSP: 002b:00007f8126bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1317.830802][T10245] RAX: ffffffffffffffda RBX: 00007f8128c15fa0 RCX: 00007f812899ce59 [ 1317.830813][T10245] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000003 [ 1317.830824][T10245] RBP: 00007f8128a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1317.830834][T10245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1317.830845][T10245] R13: 00007f8128c16038 R14: 00007f8128c15fa0 R15: 00007ffdadae1d08 [ 1317.830869][T10245] [ 1319.636049][T10284] netlink: 'syz.6.16439': attribute type 22 has an invalid length. [ 1319.656221][T10284] netlink: 330 bytes leftover after parsing attributes in process `syz.6.16439'. [ 1319.855759][T10289] FAULT_INJECTION: forcing a failure. [ 1319.855759][T10289] name failslab, interval 1, probability 0, space 0, times 0 [ 1319.885594][T10289] CPU: 0 UID: 0 PID: 10289 Comm: syz.6.16442 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1319.885629][T10289] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1319.885637][T10289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1319.885648][T10289] Call Trace: [ 1319.885654][T10289] [ 1319.885661][T10289] dump_stack_lvl+0x100/0x190 [ 1319.885684][T10289] should_fail_ex.cold+0x5/0xa [ 1319.885708][T10289] should_failslab+0xc2/0x120 [ 1319.885730][T10289] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1319.885750][T10289] ? snd_pcm_hw_rule_add+0x3b3/0x510 [ 1319.885773][T10289] ? krealloc_node_align_noprof+0x27e/0x3e0 [ 1319.885791][T10289] ? kfree+0x1dd/0x6c0 [ 1319.885819][T10289] krealloc_node_align_noprof+0x1f9/0x3e0 [ 1319.885842][T10289] snd_pcm_hw_rule_add+0x3b3/0x510 [ 1319.885865][T10289] ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10 [ 1319.885889][T10289] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 1319.885911][T10289] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 1319.885936][T10289] ? mutex_init_lockdep+0xf1/0x120 [ 1319.885955][T10289] ? snd_pcm_attach_substream+0x287/0xd20 [ 1319.885978][T10289] snd_pcm_open_substream+0x942/0x1850 [ 1319.886012][T10289] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 1319.886043][T10289] ? rcu_is_watching+0x12/0xc0 [ 1319.886068][T10289] snd_pcm_open+0x2a3/0x710 [ 1319.886087][T10289] ? __pfx_snd_pcm_open+0x10/0x10 [ 1319.886119][T10289] ? __pfx_default_wake_function+0x10/0x10 [ 1319.886153][T10289] ? __pfx_snd_pcm_playback_open+0x10/0x10 [ 1319.886171][T10289] snd_pcm_playback_open+0x86/0xe0 [ 1319.886189][T10289] snd_open+0x201/0x450 [ 1319.886213][T10289] ? __pfx_snd_open+0x10/0x10 [ 1319.886235][T10289] chrdev_open+0x234/0x6a0 [ 1319.886258][T10289] ? __pfx_apparmor_file_open+0x10/0x10 [ 1319.886279][T10289] ? __pfx_chrdev_open+0x10/0x10 [ 1319.886303][T10289] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1319.886332][T10289] do_dentry_open+0x6ab/0x14d0 [ 1319.886353][T10289] ? __pfx_chrdev_open+0x10/0x10 [ 1319.886381][T10289] vfs_open+0x82/0x3f0 [ 1319.886411][T10289] path_openat+0x208c/0x31a0 [ 1319.886442][T10289] ? __pfx_path_openat+0x10/0x10 [ 1319.886474][T10289] do_file_open+0x20e/0x430 [ 1319.886498][T10289] ? __pfx_do_file_open+0x10/0x10 [ 1319.886544][T10289] ? alloc_fd+0x476/0x790 [ 1319.886568][T10289] ? do_getname+0x191/0x390 [ 1319.886598][T10289] do_sys_openat2+0x10d/0x1e0 [ 1319.886627][T10289] ? __pfx_do_sys_openat2+0x10/0x10 [ 1319.886657][T10289] ? __fget_files+0x21f/0x3d0 [ 1319.886684][T10289] __x64_sys_openat+0x12d/0x210 [ 1319.886713][T10289] ? __pfx___x64_sys_openat+0x10/0x10 [ 1319.886747][T10289] ? rcu_is_watching+0x12/0xc0 [ 1319.886771][T10289] do_syscall_64+0x115/0x840 [ 1319.886796][T10289] ? clear_bhb_loop+0x40/0x90 [ 1319.886818][T10289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1319.886836][T10289] RIP: 0033:0x7fe7e159ce59 [ 1319.886852][T10289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1319.886870][T10289] RSP: 002b:00007fe7e23a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1319.886888][T10289] RAX: ffffffffffffffda RBX: 00007fe7e1815fa0 RCX: 00007fe7e159ce59 [ 1319.886900][T10289] RDX: 0000000000002100 RSI: 0000200000004ec0 RDI: ffffffffffffff9c [ 1319.886911][T10289] RBP: 00007fe7e1632d6f R08: 0000000000000000 R09: 0000000000000000 [ 1319.886922][T10289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1319.886932][T10289] R13: 00007fe7e1816038 R14: 00007fe7e1815fa0 R15: 00007ffe6eccd968 [ 1319.886956][T10289] [ 1320.850255][T10307] netlink: 334 bytes leftover after parsing attributes in process `syz.8.16449'. [ 1321.966429][T10326] netlink: 'syz.6.16456': attribute type 11 has an invalid length. [ 1323.188320][T10353] netlink: 4 bytes leftover after parsing attributes in process `syz.7.16467'. [ 1323.258704][T10353] netlink: 13 bytes leftover after parsing attributes in process `syz.7.16467'. [ 1323.317198][T10353] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16467'. [ 1326.455313][T10404] netlink: 146 bytes leftover after parsing attributes in process `syz.7.16486'. [ 1328.128645][T10437] netlink: zone id is out of range [ 1328.161502][T10437] netlink: zone id is out of range [ 1328.208332][T10437] netlink: zone id is out of range [ 1328.299124][T10437] netlink: set zone limit has 8 unknown bytes [ 1329.593582][T10469] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16512'. [ 1330.422674][T10490] netlink: 330 bytes leftover after parsing attributes in process `syz.8.16518'. [ 1330.668226][ T30] INFO: task syz-executor:4186 blocked for more than 143 seconds. [ 1330.697292][ T30] Tainted: G U I L syzkaller #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1330.758090][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1330.812474][ T30] task:syz-executor state:D stack:23640 pid:4186 tgid:4186 ppid:1 task_flags:0x400140 flags:0x00080002 [ 1330.883103][ T30] Call Trace: [ 1330.910845][ T30] [ 1330.928245][ T30] __schedule+0x1295/0x67a0 [ 1330.996678][ T30] ? __pfx___schedule+0x10/0x10 [ 1331.053634][ T30] ? find_held_lock+0x2b/0x80 [ 1331.103217][ T30] ? schedule+0x2bf/0x390 [ 1331.155299][ T30] schedule+0xdd/0x390 [ 1331.181094][ T30] schedule_preempt_disabled+0x13/0x30 [ 1331.201693][ T30] __mutex_lock+0xced/0x1b10 [ 1331.217087][ T30] ? nfsd_shutdown_threads+0x5b/0xf0 [ 1331.241878][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1331.260691][ T30] ? net_generic+0xea/0x2a0 [ 1331.275808][ T30] ? net_generic+0xea/0x2a0 [ 1331.293072][ T30] ? nfsd_shutdown_threads+0x5b/0xf0 [ 1331.326973][ T30] nfsd_shutdown_threads+0x5b/0xf0 [ 1331.341470][ T30] nfsd_umount+0x3b/0x60 [ 1331.356853][ T30] deactivate_locked_super+0xc1/0x1b0 [ 1331.363467][ T30] deactivate_super+0xe7/0x110 [ 1331.378207][ T30] cleanup_mnt+0x21f/0x450 [ 1331.384136][ T30] task_work_run+0x150/0x240 [ 1331.397744][ T30] ? __pfx_task_work_run+0x10/0x10 [ 1331.416553][ T30] ? rcu_is_watching+0x12/0xc0 [ 1331.423152][ T30] exit_to_user_mode_loop+0x157/0x670 [ 1331.436411][ T30] ? rcu_is_watching+0x12/0xc0 [ 1331.448001][ T30] do_syscall_64+0x652/0x840 [ 1331.456473][ T30] ? clear_bhb_loop+0x40/0x90 [ 1331.466430][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1331.484985][ T30] RIP: 0033:0x7f462599e097 [ 1331.491226][ T30] RSP: 002b:00007ffca7d6fab8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1331.504617][ T30] RAX: 0000000000000000 RBX: 00007f4625a321ca RCX: 00007f462599e097 [ 1331.514096][ T30] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca7d6fb70 [ 1331.522725][ T30] RBP: 00007ffca7d6fb70 R08: 00007ffca7d70b70 R09: 00000000ffffffff [ 1331.531284][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffca7d70c00 [ 1331.540299][ T30] R13: 00007f4625a321ca R14: 000000000011faf4 R15: 00007ffca7d70c40 [ 1331.548942][ T30] [ 1331.618389][ T30] INFO: task syz-executor:6367 blocked for more than 144 seconds. [ 1331.641688][ T30] Tainted: G U I L syzkaller #0 [ 1331.663743][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1331.682056][ T30] task:syz-executor state:D stack:23576 pid:6367 tgid:6367 ppid:1 task_flags:0x400140 flags:0x00080002 [ 1331.694377][ T30] Call Trace: [ 1331.698936][ T30] [ 1331.702023][ T30] __schedule+0x1295/0x67a0 [ 1331.711276][ T30] ? __pfx___schedule+0x10/0x10 [ 1331.717522][ T30] ? find_held_lock+0x2b/0x80 [ 1331.722935][ T30] ? schedule+0x2bf/0x390 [ 1331.730246][ T30] schedule+0xdd/0x390 [ 1331.734460][ T30] schedule_preempt_disabled+0x13/0x30 [ 1331.740817][ T30] __mutex_lock+0xced/0x1b10 [ 1331.745918][ T30] ? nfsd_shutdown_threads+0x5b/0xf0 [ 1331.751590][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1331.756945][ T30] ? net_generic+0xea/0x2a0 [ 1331.761612][ T30] ? net_generic+0xea/0x2a0 [ 1331.767770][ T30] ? nfsd_shutdown_threads+0x5b/0xf0 [ 1331.773221][ T30] nfsd_shutdown_threads+0x5b/0xf0 [ 1331.779830][ T30] nfsd_umount+0x3b/0x60 [ 1331.784361][ T30] deactivate_locked_super+0xc1/0x1b0 [ 1331.791903][ T30] deactivate_super+0xe7/0x110 [ 1331.797331][ T30] cleanup_mnt+0x21f/0x450 [ 1331.801911][ T30] task_work_run+0x150/0x240 [ 1331.809963][ T30] ? __pfx_task_work_run+0x10/0x10 [ 1331.816961][ T30] ? rcu_is_watching+0x12/0xc0 [ 1331.821904][ T30] exit_to_user_mode_loop+0x157/0x670 [ 1331.829188][ T30] ? rcu_is_watching+0x12/0xc0 [ 1331.837544][ T30] do_syscall_64+0x652/0x840 [ 1331.842468][ T30] ? clear_bhb_loop+0x40/0x90 [ 1331.848277][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1331.855252][ T30] RIP: 0033:0x7f94a419e097 [ 1331.859882][ T30] RSP: 002b:00007ffe52d45b88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1331.869949][ T30] RAX: 0000000000000000 RBX: 00007f94a42321ca RCX: 00007f94a419e097 [ 1331.878519][ T30] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe52d45c40 [ 1331.886890][ T30] RBP: 00007ffe52d45c40 R08: 00007ffe52d46c40 R09: 00000000ffffffff [ 1331.895359][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe52d46cd0 [ 1331.903400][ T30] R13: 00007f94a42321ca R14: 000000000011f6ec R15: 00007ffe52d46d10 [ 1331.914559][ T30] [ 1331.963442][ T30] INFO: task syz.1.15590:7762 blocked for more than 144 seconds. [ 1331.983519][ T30] Tainted: G U I L syzkaller #0 [ 1331.996796][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1332.026151][ T30] task:syz.1.15590 state:D stack:28120 pid:7762 tgid:7758 ppid:4292 task_flags:0x400140 flags:0x00080002 [ 1332.069923][ T30] Call Trace: [ 1332.077976][ T30] [ 1332.084284][ T30] __schedule+0x1295/0x67a0 [ 1332.094754][ T30] ? __pfx___schedule+0x10/0x10 [ 1332.104612][ T30] ? find_held_lock+0x2b/0x80 [ 1332.115981][ T30] ? schedule+0x2bf/0x390 [ 1332.126023][ T30] schedule+0xdd/0x390 [ 1332.142765][ T30] schedule_preempt_disabled+0x13/0x30 [ 1332.148492][ T30] __mutex_lock+0xced/0x1b10 [ 1332.162692][ T30] ? nfsd_nl_threads_set_doit+0x8c8/0x1100 [ 1332.169736][ T30] ? __nla_validate_parse+0x1e7/0x28b0 [ 1332.193906][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1332.202551][ T30] ? net_generic+0xea/0x2a0 [ 1332.212622][ T30] ? net_generic+0xea/0x2a0 [ 1332.231072][ T30] ? nfsd_nl_threads_set_doit+0x8c8/0x1100 [ 1332.242406][ T30] nfsd_nl_threads_set_doit+0x8c8/0x1100 [ 1332.248259][ T30] genl_family_rcv_msg_doit+0x214/0x300 [ 1332.261208][ T30] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1332.267793][ T30] ? genl_get_cmd+0x3e7/0x760 [ 1332.273504][ T30] ? bpf_lsm_capable+0x9/0x10 [ 1332.279606][ T30] ? security_capable+0x80/0x260 [ 1332.289908][ T30] genl_rcv_msg+0x560/0x800 [ 1332.294876][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1332.300029][ T30] ? __pfx_nfsd_nl_threads_set_doit+0x10/0x10 [ 1332.306541][ T30] ? __lock_acquire+0x4a5/0x2630 [ 1332.311559][ T30] netlink_rcv_skb+0x159/0x420 [ 1332.319258][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1332.324659][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1332.330087][ T30] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1332.339002][ T30] genl_rcv+0x28/0x40 [ 1332.343278][ T30] netlink_unicast+0x585/0x850 [ 1332.348187][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1332.353880][ T30] netlink_sendmsg+0x8b0/0xda0 [ 1332.358877][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1332.364510][ T30] ? __import_iovec+0x1d2/0x640 [ 1332.369488][ T30] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1332.376922][ T30] ____sys_sendmsg+0x9e1/0xb70 [ 1332.382663][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1332.387994][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1332.398608][ T30] ? preempt_schedule_thunk+0x16/0x30 [ 1332.404581][ T30] ? try_to_wake_up+0x5f6/0x1900 [ 1332.409562][ T30] ___sys_sendmsg+0x190/0x1e0 [ 1332.414557][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 1332.422368][ T30] ? futex_private_hash_put+0x107/0x1c0 [ 1332.428094][ T30] __sys_sendmsg+0x170/0x220 [ 1332.433179][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 1332.438607][ T30] ? __x64_sys_futex+0x34f/0x4d0 [ 1332.443855][ T30] ? rcu_is_watching+0x12/0xc0 [ 1332.448663][ T30] do_syscall_64+0x115/0x840 [ 1332.453525][ T30] ? clear_bhb_loop+0x40/0x90 [ 1332.458337][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1332.464886][ T30] RIP: 0033:0x7f374c19ce59 [ 1332.469513][ T30] RSP: 002b:00007f374d02c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1332.479333][ T30] RAX: ffffffffffffffda RBX: 00007f374c416090 RCX: 00007f374c19ce59 [ 1332.487966][ T30] RDX: 0000000000004000 RSI: 0000200000000480 RDI: 0000000000000003 [ 1332.497079][ T30] RBP: 00007f374c232d6f R08: 0000000000000000 R09: 0000000000000000 [ 1332.510584][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1332.521257][ T30] R13: 00007f374c416128 R14: 00007f374c416090 R15: 00007fff3e4d78e8 [ 1332.529388][ T30] [ 1332.539028][ T30] [ 1332.539028][ T30] Showing all locks held in the system: [ 1332.578719][ T30] 1 lock held by khungtaskd/30: [ 1332.590393][ T30] #0: ffffffff8e7e5360 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 1332.601201][ T30] 4 locks held by kworker/u11:4/15005: [ 1332.606726][ T30] #0: ffff88801c6a6140 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980 [ 1332.625137][ T30] #1: ffffc900052afd08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x973/0x1980 [ 1332.635553][ T30] #2: ffffffff905ed8c8 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920 [ 1332.645475][ T30] #3: ffffffff8e7f0d78 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6d0 [ 1332.657961][ T30] 3 locks held by kworker/u12:3/21618: [ 1332.663977][ T30] #0: ffff8880725ab940 ((wq_completion)hci7){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980 [ 1332.674617][ T30] #1: ffffc900035cfd08 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x973/0x1980 [ 1332.688285][ T30] #2: ffff88807cb08ea0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x18a/0x470 [ 1332.698739][ T30] 2 locks held by getty/1266: [ 1332.703706][ T30] #0: ffff888032a5c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1332.714584][ T30] #1: ffffc9000208c2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x14f0 [ 1332.729960][ T1610] Bluetooth: hci7: command 0x0406 tx timeout [ 1332.745714][ T30] 2 locks held by syz-executor/4186: [ 1332.751498][ T30] #0: ffff88805a8d20d8 (&type->s_umount_key#55){++++}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1332.762525][ T30] #1: ffffffff8ec623e0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1332.773056][ T30] 2 locks held by syz-executor/6367: [ 1332.778387][ T30] #0: ffff8880223e00d8 (&type->s_umount_key#55){++++}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1332.790567][ T30] #1: ffffffff8ec623e0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1332.800607][ T30] 2 locks held by syz.1.15590/7759: [ 1332.806001][ T30] #0: ffffffff906b4a88 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1332.815240][ T30] #1: ffffffff8ec623e0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x8c8/0x1100 [ 1332.828724][ T30] 2 locks held by syz.1.15590/7762: [ 1332.836140][ T30] #0: ffffffff906b4a88 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1332.845110][ T30] #1: ffffffff8ec623e0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x8c8/0x1100 [ 1332.859416][ T30] 2 locks held by syz-executor/7952: [ 1332.865578][ T30] #0: ffff88805a9520d8 (&type->s_umount_key#55){++++}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1332.876533][ T30] #1: ffffffff8ec623e0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1332.887644][ T30] 2 locks held by syz.3.15737/8263: [ 1332.893686][ T30] #0: ffff88807a1ae0d8 (&type->s_umount_key#55){++++}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1332.904436][ T30] #1: ffffffff8ec623e0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1332.914537][ T30] 2 locks held by syz-executor/8337: [ 1332.920042][ T30] #0: ffff8880570b80d8 (&type->s_umount_key#55){++++}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1332.933633][ T30] #1: ffffffff8ec623e0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1332.945594][ T30] 2 locks held by syz-executor/8483: [ 1332.951400][ T30] #0: ffff88802b42e0d8 (&type->s_umount_key#55){++++}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1332.964277][ T30] #1: ffffffff8ec623e0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1332.974834][ T30] 2 locks held by syz.6.16515/10479: [ 1332.980312][ T30] #0: ffffffff905ed8c8 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 [ 1332.991252][ T30] #1: ffffffff8e7f0ea8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x27f/0x3c0 [ 1333.001832][ T30] 2 locks held by syz.5.16519/10492: [ 1333.007226][ T30] #0: ffffffff90606620 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220 [ 1333.016762][ T30] #1: ffffffff8e7f0ea8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 1333.090034][ T30] [ 1333.092816][ T30] ============================================= [ 1333.092816][ T30] [ 1333.119625][ T30] NMI backtrace for cpu 0 [ 1333.119647][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1333.119677][ T30] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1333.119685][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1333.119696][ T30] Call Trace: [ 1333.119702][ T30] [ 1333.119709][ T30] dump_stack_lvl+0x100/0x190 [ 1333.119733][ T30] nmi_cpu_backtrace.cold+0x12d/0x151 [ 1333.119755][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1333.119774][ T30] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 1333.119797][ T30] sys_info+0x141/0x190 [ 1333.119813][ T30] watchdog+0xcb1/0x1030 [ 1333.119842][ T30] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1333.119867][ T30] ? __pfx_watchdog+0x10/0x10 [ 1333.119893][ T30] ? __kthread_parkme+0x18c/0x230 [ 1333.119919][ T30] ? kthread+0x13a/0x450 [ 1333.119946][ T30] ? __pfx_watchdog+0x10/0x10 [ 1333.119970][ T30] kthread+0x370/0x450 [ 1333.119997][ T30] ? __pfx_kthread+0x10/0x10 [ 1333.120025][ T30] ret_from_fork+0x72b/0xd50 [ 1333.120045][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1333.120065][ T30] ? __switch_to+0x800/0x1100 [ 1333.120100][ T30] ? __switch_to_asm+0x39/0x70 [ 1333.120123][ T30] ? __pfx_kthread+0x10/0x10 [ 1333.120152][ T30] ret_from_fork_asm+0x1a/0x30 [ 1333.120184][ T30] [ 1333.284418][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 1333.291394][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1333.302276][ T30] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1333.309743][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1333.319919][ T30] Call Trace: [ 1333.323242][ T30] [ 1333.326266][ T30] dump_stack_lvl+0x100/0x190 [ 1333.331056][ T30] vpanic+0x552/0x970 [ 1333.335057][ T30] ? __pfx_vpanic+0x10/0x10 [ 1333.339676][ T30] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 1333.346034][ T30] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 1333.352863][ T30] panic+0xd1/0xe0 [ 1333.356605][ T30] ? __pfx_panic+0x10/0x10 [ 1333.361030][ T30] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 1333.367379][ T30] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 1333.373739][ T30] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 1333.380269][ T30] ? watchdog.cold+0x1ec/0x234 [ 1333.385073][ T30] ? watchdog+0xcc1/0x1030 [ 1333.389553][ T30] watchdog.cold+0x1fd/0x234 [ 1333.394199][ T30] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1333.400294][ T30] ? __pfx_watchdog+0x10/0x10 [ 1333.405102][ T30] ? __kthread_parkme+0x18c/0x230 [ 1333.410229][ T30] ? kthread+0x13a/0x450 [ 1333.414847][ T30] ? __pfx_watchdog+0x10/0x10 [ 1333.419620][ T30] kthread+0x370/0x450 [ 1333.423703][ T30] ? __pfx_kthread+0x10/0x10 [ 1333.428305][ T30] ret_from_fork+0x72b/0xd50 [ 1333.432900][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1333.438099][ T30] ? __switch_to+0x800/0x1100 [ 1333.442787][ T30] ? __switch_to_asm+0x39/0x70 [ 1333.447644][ T30] ? __pfx_kthread+0x10/0x10 [ 1333.452334][ T30] ret_from_fork_asm+0x1a/0x30 [ 1333.457130][ T30] [ 1333.460308][ T30] Kernel Offset: disabled [ 1333.464633][ T30] Rebooting in 86400 seconds..