last executing test programs: 6m16.546365202s ago: executing program 0 (id=3684): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) io_uring_setup$auto(0xc, 0x0) pipe2$auto(0x0, 0x80) setrlimit$auto(0x7, &(0x7f0000000080)={0x0, 0x6}) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x4) 6m16.242247331s ago: executing program 0 (id=3678): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) 6m15.728603555s ago: executing program 0 (id=3681): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setfsgid$auto(0x9) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) socketpair$auto(0xffffff6c, 0x4, 0x8000000, 0x0) r0 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8955, 0x0) 6m15.40435106s ago: executing program 0 (id=3683): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 6m14.801617054s ago: executing program 0 (id=3685): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf251900000210000000000000de1390000200776c616e"], 0x34}, 0x1, 0x0, 0x0, 0x20040840}, 0x40000) r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) ioctl$auto(r1, 0x3b8f, 0x38) 6m14.437833231s ago: executing program 0 (id=3687): close_range$auto(0x0, 0x5, 0x0) socket(0x23, 0x80805, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/rawdata_compression_level\x00', 0x80, 0x0) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000008c0)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x8080) write$auto(0x3, 0x0, 0x81) 6m13.701212549s ago: executing program 32 (id=3687): close_range$auto(0x0, 0x5, 0x0) socket(0x23, 0x80805, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/rawdata_compression_level\x00', 0x80, 0x0) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000008c0)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x8080) write$auto(0x3, 0x0, 0x81) 5m52.876240064s ago: executing program 4 (id=3788): syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) r0 = set_tid_address$auto(0x0) r1 = syz_open_procfs$namespace(r0, &(0x7f0000000080)) fchdir$auto(r1) socket(0xa, 0x1, 0x84) madvise$auto(0x3, 0xf0e, 0x4) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) sendfile$auto(r2, r2, 0x0, 0x1) 5m52.003922513s ago: executing program 4 (id=3794): r0 = openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, 0x0, 0x220000, 0x0) mmap$auto(0x0, 0xde0, 0xdf, 0x9b72, r0, 0x28000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0xfffffffffffffffe, 0x4000000000000000, 0x9) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x2000, 0xffffffffffff0001, 0x15) 5m51.354284878s ago: executing program 4 (id=3798): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) fstat$auto(r0, 0x0) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptytd\x00', 0x800, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101c40, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x541c, r2) 5m50.733774611s ago: executing program 4 (id=3806): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x2102, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) socket(0x1d, 0x2, 0x6) r1 = socket(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/resend_igmp\x00', 0x1e2142, 0x0) sendfile$auto(r0, r3, 0x0, 0x9) 5m50.403404309s ago: executing program 4 (id=3808): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 5m50.158309129s ago: executing program 4 (id=3810): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r0, 0x0, 0x1ff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) r3 = prctl$auto_PR_SCHED_CORE_SHARE_TO(0xdc9, 0x2, 0x0, 0xfff, 0x6) ioctl$auto_VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000240)=""/122, 0x7a) 5m35.035835048s ago: executing program 33 (id=3810): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r0, 0x0, 0x1ff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) r3 = prctl$auto_PR_SCHED_CORE_SHARE_TO(0xdc9, 0x2, 0x0, 0xfff, 0x6) ioctl$auto_VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000240)=""/122, 0x7a) 4.922650876s ago: executing program 1 (id=5628): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) sysfs$auto(0x2, 0x23, 0x0) open(0x0, 0x22040, 0x75) fallocate$auto(r0, 0x9, 0x2, 0xd) utimes$auto(0x0, 0x0) clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x2) mprotect$auto(0x0, 0x8000000000000001, 0x8) 4.254305337s ago: executing program 3 (id=5630): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x1d, 0x3, 0x1) write$auto(0xffffffffffffffff, 0x0, 0x0) setsockopt$auto(r0, 0x65, 0x5, 0x0, 0x800) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, 0x0, 0x4000804) socket(0xa, 0x5, 0x0) socketpair$auto(0x8001, 0x5, 0x5, 0x0) mmap$auto(0x1, 0x8000, 0x1ff, 0x18, 0xffffffffffffffff, 0x2) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x20000094) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd13/queue/rotational\x00', 0x10b142, 0x0) sendfile$auto(r1, r1, 0x0, 0x2f2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0880, 0x0) 4.15761169s ago: executing program 5 (id=5631): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="1b0026bd7000fddbdf25030000000400081908"], 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x4) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000fbdbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.917042982s ago: executing program 3 (id=5632): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendto$auto(0xffffffffffffffff, 0x0, 0x3804400000000, 0xfffffffe, 0x0, 0x120018) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(r0, 0x1, 0x820, 0x7fff) 3.799322109s ago: executing program 5 (id=5634): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x401, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x100000000, 0x66) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd41, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x341, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x8, 0x400]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000440)={[0x10000000001ff, 0x4, 0xd, 0x1, 0x3, 0x10, 0x15f4da0a, 0x3, 0x5, 0x62, 0x80000023, 0x7, 0x6d3e, 0xd, 0xd, 0x40000000001]}, 0x0) 3.531511468s ago: executing program 1 (id=5636): sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x18, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/input/event0\x00', 0x3496c2, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4140aecd, &(0x7f0000000040)={0x7}) 3.086353533s ago: executing program 1 (id=5637): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) seccomp$auto(0x2, 0x10, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0xa0000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x0, 0x5, 0x0) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) 2.988587218s ago: executing program 3 (id=5638): setsockopt$auto_SO_DETACH_FILTER(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x8) r0 = open(0x0, 0x22240, 0x154) close_range$auto(r0, r0, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, 0x0, 0x4000000) sendmsg$auto_NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x20) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x40000, 0x0) write$auto_tomoyo_operations_securityfs_if(0xffffffffffffffff, 0x0, 0x0) set_mempolicy$auto(0xfffffff, &(0x7f0000000000)=0x7, 0x5) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) mmap$auto(0x5d3, 0x810004, 0x400000000ffb, 0x8000000008011, 0xffffffffffffffff, 0xc) ioctl$auto_USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000100)={0x2, 0x0, 0x5f, 0x4, &(0x7f00000001c0), 0x9, 0xeb8e, 0x0, @number_of_packets=0xfffffff7, 0x7, 0x800476, 0x0}) 2.504008667s ago: executing program 3 (id=5640): openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x4b72, r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) getdents64$auto(r1, 0x0, 0x5f) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r2, 0x5646, r2) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa8000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0) write$auto(r4, &(0x7f0000000340)='%]{\fZ', 0xffffffff) 2.24867712s ago: executing program 5 (id=5641): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) fanotify_init$auto(0x3, 0x2010000000000) sysfs$auto(0x2, 0x1e, 0x0) fsopen$auto(0x0, 0x1) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) socket(0x840000000002, 0x3, 0xff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, 0x0, 0x55) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) read$auto(0xffffffffffffffff, &(0x7f0000000000)=',}`}($\x00', 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.084727912s ago: executing program 5 (id=5643): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0x14, 0xffffffffffffffff, 0x8000) fcntl$auto(0x3, 0x4, 0xa553) swapon$auto(0x0, 0x4) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x24) 1.955377297s ago: executing program 2 (id=5644): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) statx$auto(r0, 0x0, 0x1003, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x0, 0xb, 0x0, 0x17) 1.938107417s ago: executing program 3 (id=5645): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r0) read$auto(r0, &(0x7f0000000040)='nl80211\x00', 0xbe62) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4810}, 0x880) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB='\f\x00'], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.773852731s ago: executing program 1 (id=5646): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x1, 0x0) socketpair$auto(0xffffffff, 0x2, 0x7a3f, 0x0) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) ioctl$auto_I2C_SMBUS(r0, 0x720, 0x0) 1.588385622s ago: executing program 3 (id=5647): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/fs/xfs/stats_clear\x00', 0xc80, 0x0) setregid$auto(0x5, 0x6) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b4a", 0xfdef) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munlock$auto(0xf, 0x6) 1.436588912s ago: executing program 2 (id=5648): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video36\x00', 0x8a603, 0x0) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0x8, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x1000, 0xb, 0x1, 0xced80000000000, 0x749e, 0x6, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0) ioctl$auto(r0, 0x5646, r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/fs/ext4/sda1/last_error_block\x00', 0x20880, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000000c0)=""/17, 0x11) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x40000, 0x0) ioctl$auto_IOC_PR_RESERVE(r3, 0x401070c9, 0x0) r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSC(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x1c, r4, 0x201, 0x70bd2a, 0x25dfdbfe, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x4}, @MACSEC_ATTR_OFFLOAD={0x4}]}, 0x1c}}, 0x48010) 1.399680782s ago: executing program 1 (id=5649): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) setpgid$auto(0x0, 0xffffffffffffffff) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r0, 0x0, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) set_mempolicy$auto(0x2005, &(0x7f0000000080)=0x87e, 0x4) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) write$auto(r1, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(0x3, 0x0, 0x100082) 1.166127707s ago: executing program 2 (id=5650): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r1, 0x0) landlock_restrict_self$auto(r0, 0x0) socket(0x1, 0x2, 0x1) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) 950.96234ms ago: executing program 2 (id=5651): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) getcwd$auto(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) r0 = inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22242, 0x154) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000002c0)=""/54, 0x36) 736.150069ms ago: executing program 2 (id=5652): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) r1 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x24, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) poll$auto(&(0x7f0000000080)={0x3, 0x1, 0xa}, 0x5, 0x108) 579.17937ms ago: executing program 5 (id=5653): r0 = socket(0x28, 0x805, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x1, 0x0, 0x100000000001, 0x0, 0x3, 0x9}, 0x7}, 0x81, 0x400) bind$auto(r0, &(0x7f0000000080)=@in={0x28, 0x0, @rand_addr=0xffffffff}, 0x68) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = ioctl$auto_TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000040)=0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r3, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4044004}, 0x8000) sendmsg$auto_NL80211_CMD_UNEXPECTED_FRAME(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xc00}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x5}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x48d}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x48080) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0) ioctl$auto(r4, 0x5424, r4) 262.188054ms ago: executing program 1 (id=5654): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x2, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) 90.114516ms ago: executing program 2 (id=5655): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D3\x00', 0x20c00, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) wait4$auto(0x80000000, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/loop10/queue/add_random\x00', 0x80302, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) clock_gettime$auto(0xfffffffffffffff0, 0x0) 0s ago: executing program 5 (id=5656): mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) mmap$auto(0x4, 0x7, 0x3, 0x1d, 0xffffffffffffffff, 0x7) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyr5\x00', 0x0, 0x0) ioctl$auto_TIOCSWINSZ2(r0, 0x5414, 0x0) sendmmsg$auto(r0, 0x0, 0x1, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) kernel console output (not intermixed with test programs): tack_depot_save_flags+0x27/0x9d0 [ 926.145085][T19065] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 926.145128][T19065] ? vhost_dev_set_owner+0x190/0xa30 [ 926.145155][T19065] ? kasan_save_stack+0x3f/0x50 [ 926.145188][T19065] ? kasan_save_stack+0x30/0x50 [ 926.145222][T19065] ? kasan_save_track+0x14/0x30 [ 926.145258][T19065] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 926.145292][T19065] ? vhost_dev_ioctl+0x521/0xe20 [ 926.145321][T19065] ? vhost_vsock_dev_ioctl+0x320/0xb60 [ 926.145374][T19065] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 926.145416][T19065] ? policy_nodemask+0xed/0x4f0 [ 926.145448][T19065] alloc_pages_mpol+0x1fb/0x550 [ 926.145473][T19065] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 926.145497][T19065] ? find_held_lock+0x2b/0x80 [ 926.145518][T19065] ? rcu_read_unlock+0x17/0x60 [ 926.145545][T19065] ? vhost_dev_set_owner+0x330/0xa30 [ 926.145572][T19065] ___kmalloc_large_node+0x104/0x150 [ 926.145608][T19065] __kmalloc_large_node_noprof+0x1c/0x70 [ 926.145638][T19065] __kmalloc_noprof+0x5be/0x850 [ 926.145678][T19065] vhost_dev_set_owner+0x330/0xa30 [ 926.145716][T19065] vhost_dev_ioctl+0x521/0xe20 [ 926.145747][T19065] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 926.145790][T19065] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 926.145833][T19065] vhost_vsock_dev_ioctl+0x320/0xb60 [ 926.145863][T19065] ? __fget_files+0x215/0x3d0 [ 926.145899][T19065] ? hook_file_ioctl_common+0x146/0x410 [ 926.145937][T19065] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 926.145973][T19065] ? __fget_files+0x21f/0x3d0 [ 926.146014][T19065] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 926.146049][T19065] __x64_sys_ioctl+0x18e/0x210 [ 926.146083][T19065] do_syscall_64+0x106/0xf80 [ 926.146110][T19065] ? clear_bhb_loop+0x40/0x90 [ 926.146140][T19065] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 926.146166][T19065] RIP: 0033:0x7f9d7039c629 [ 926.146186][T19065] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 926.146210][T19065] RSP: 002b:00007f9d711c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 926.146234][T19065] RAX: ffffffffffffffda RBX: 00007f9d70615fa0 RCX: 00007f9d7039c629 [ 926.146251][T19065] RDX: 0000000000000000 RSI: 000000000000af01 RDI: 0000000000000004 [ 926.146265][T19065] RBP: 00007f9d70432b39 R08: 0000000000000000 R09: 0000000000000000 [ 926.146280][T19065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 926.146295][T19065] R13: 00007f9d70616038 R14: 00007f9d70615fa0 R15: 00007ffd62d58338 [ 926.146326][T19065] [ 927.485151][T19085] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4532'. [ 927.914243][T19089] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4542'. [ 928.245842][T19097] FAULT_INJECTION: forcing a failure. [ 928.245842][T19097] name failslab, interval 1, probability 0, space 0, times 0 [ 928.339723][T19097] CPU: 0 UID: 0 PID: 19097 Comm: syz.3.4536 Tainted: G U L syzkaller #0 PREEMPT(full) [ 928.339766][T19097] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 928.339776][T19097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 928.339790][T19097] Call Trace: [ 928.339798][T19097] [ 928.339807][T19097] dump_stack_lvl+0x100/0x190 [ 928.339848][T19097] should_fail_ex.cold+0x5/0xa [ 928.339876][T19097] ? constrain_params_by_rules+0x175/0xcc0 [ 928.339900][T19097] should_failslab+0xc2/0x120 [ 928.339924][T19097] __kmalloc_noprof+0xe0/0x850 [ 928.339958][T19097] ? unwind_get_return_address+0x59/0xa0 [ 928.339989][T19097] constrain_params_by_rules+0x175/0xcc0 [ 928.340020][T19097] ? stack_trace_save+0x8e/0xc0 [ 928.340046][T19097] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 928.340077][T19097] ? __kasan_kmalloc+0xaa/0xb0 [ 928.340111][T19097] ? snd_pcm_oss_change_params_locked+0x247/0x39f0 [ 928.340149][T19097] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 928.340186][T19097] ? snd_pcm_oss_sync+0x265/0x840 [ 928.340230][T19097] ? rcu_is_watching+0x12/0xc0 [ 928.340266][T19097] ? snd_interval_refine+0x2d0/0x580 [ 928.340306][T19097] snd_pcm_hw_refine+0x7e7/0xad0 [ 928.340335][T19097] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 928.340369][T19097] ? __asan_memset+0x23/0x50 [ 928.340400][T19097] ? _snd_pcm_hw_param_min+0x1ea/0x670 [ 928.340440][T19097] snd_pcm_oss_change_params_locked+0x2594/0x39f0 [ 928.340490][T19097] ? snd_pcm_oss_sync+0x243/0x840 [ 928.340527][T19097] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 928.340569][T19097] ? __pfx___mutex_lock+0x10/0x10 [ 928.340614][T19097] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 928.340654][T19097] snd_pcm_oss_sync+0x265/0x840 [ 928.340696][T19097] snd_pcm_oss_release+0x238/0x300 [ 928.340733][T19097] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 928.340771][T19097] __fput+0x3ff/0xb40 [ 928.340803][T19097] task_work_run+0x150/0x240 [ 928.340839][T19097] ? __pfx_task_work_run+0x10/0x10 [ 928.340882][T19097] exit_to_user_mode_loop+0x100/0x4a0 [ 928.340915][T19097] do_syscall_64+0x668/0xf80 [ 928.340941][T19097] ? clear_bhb_loop+0x40/0x90 [ 928.340970][T19097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 928.340995][T19097] RIP: 0033:0x7fe99f79c629 [ 928.341014][T19097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 928.341038][T19097] RSP: 002b:00007fe9a0633028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 928.341062][T19097] RAX: 0000000000000000 RBX: 00007fe99fa15fa0 RCX: 00007fe99f79c629 [ 928.341078][T19097] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 928.341093][T19097] RBP: 00007fe99f832b39 R08: 0000000000000000 R09: 0000000000000000 [ 928.341108][T19097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 928.341122][T19097] R13: 00007fe99fa16038 R14: 00007fe99fa15fa0 R15: 00007ffc36059978 [ 928.341153][T19097] [ 928.913298][T19104] FAULT_INJECTION: forcing a failure. [ 928.913298][T19104] name failslab, interval 1, probability 0, space 0, times 0 [ 928.927165][T19104] CPU: 0 UID: 0 PID: 19104 Comm: syz.1.4539 Tainted: G U L syzkaller #0 PREEMPT(full) [ 928.927207][T19104] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 928.927216][T19104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 928.927231][T19104] Call Trace: [ 928.927238][T19104] [ 928.927247][T19104] dump_stack_lvl+0x100/0x190 [ 928.927295][T19104] should_fail_ex.cold+0x5/0xa [ 928.927324][T19104] should_failslab+0xc2/0x120 [ 928.927347][T19104] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 928.927382][T19104] ? __kernfs_new_node+0xd2/0x960 [ 928.927421][T19104] __kernfs_new_node+0xd2/0x960 [ 928.927456][T19104] ? __pfx___kernfs_new_node+0x10/0x10 [ 928.927495][T19104] ? find_held_lock+0x2b/0x80 [ 928.927517][T19104] ? kernfs_root+0xee/0x2a0 [ 928.927547][T19104] ? kernfs_root+0xee/0x2a0 [ 928.927585][T19104] kernfs_new_node+0x11b/0x1a0 [ 928.927626][T19104] __kernfs_create_file+0x53/0x350 [ 928.927655][T19104] sysfs_add_file_mode_ns+0x207/0x3c0 [ 928.927692][T19104] internal_create_group+0x593/0xf40 [ 928.927732][T19104] ? __pfx_internal_create_group+0x10/0x10 [ 928.927770][T19104] ? kernfs_create_link+0x1bd/0x240 [ 928.927800][T19104] internal_create_groups+0x9d/0x150 [ 928.927836][T19104] device_add+0x77a/0x1950 [ 928.927876][T19104] ? __pfx_device_add+0x10/0x10 [ 928.927940][T19104] ? __pfx___might_resched+0x10/0x10 [ 928.927974][T19104] ? lockdep_hardirqs_on+0x78/0x100 [ 928.928011][T19104] __add_disk+0x518/0xe40 [ 928.928050][T19104] add_disk_fwnode+0x118/0x5c0 [ 928.928086][T19104] loop_add+0x90b/0xb60 [ 928.928111][T19104] ? __pfx_loop_add+0x10/0x10 [ 928.928153][T19104] ? find_held_lock+0x2b/0x80 [ 928.928174][T19104] ? __fget_files+0x215/0x3d0 [ 928.928214][T19104] loop_control_ioctl+0xae/0x620 [ 928.928241][T19104] ? __pfx_loop_control_ioctl+0x10/0x10 [ 928.928277][T19104] ? __pfx_loop_control_ioctl+0x10/0x10 [ 928.928306][T19104] __x64_sys_ioctl+0x18e/0x210 [ 928.928341][T19104] do_syscall_64+0x106/0xf80 [ 928.928366][T19104] ? clear_bhb_loop+0x40/0x90 [ 928.928395][T19104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 928.928420][T19104] RIP: 0033:0x7ff354f9c629 [ 928.928440][T19104] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 928.928464][T19104] RSP: 002b:00007ff355f21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 928.928487][T19104] RAX: ffffffffffffffda RBX: 00007ff355215fa0 RCX: 00007ff354f9c629 [ 928.928503][T19104] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006 [ 928.928518][T19104] RBP: 00007ff355032b39 R08: 0000000000000000 R09: 0000000000000000 [ 928.928534][T19104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 928.928548][T19104] R13: 00007ff355216038 R14: 00007ff355215fa0 R15: 00007ffffb7eff58 [ 928.928579][T19104] [ 930.305713][T19116] zswap: compressor not available [ 932.178112][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.185474][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.863251][T19167] netlink: 146 bytes leftover after parsing attributes in process `syz.1.4561'. [ 934.175420][T19196] netlink: 25 bytes leftover after parsing attributes in process `syz.2.4571'. [ 934.637393][T19201] netlink: 'syz.5.4572': attribute type 33 has an invalid length. [ 935.870595][T19237] netlink: 326 bytes leftover after parsing attributes in process `syz.2.4583'. [ 936.860182][T19251] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 937.130152][T19251] File: /dev/ram5 PID: 19251 Comm: syz.3.4586 [ 938.059799][T19279] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4595'. [ 938.105857][T19279] netlink: 25 bytes leftover after parsing attributes in process `syz.1.4595'. [ 938.322620][T19283] netlink: 330 bytes leftover after parsing attributes in process `syz.5.4597'. [ 938.349645][T19283] \: renamed from lo (while UP) [ 938.368792][T19285] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4598'. [ 939.150813][T19305] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4605'. [ 939.194880][T19305] bridge0: port 2(bridge_slave_1) entered disabled state [ 939.203017][T19305] bridge0: port 1(bridge_slave_0) entered disabled state [ 939.766703][T19318] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4611'. [ 939.843062][T19318] netlink: 25 bytes leftover after parsing attributes in process `syz.3.4611'. [ 940.143398][T19325] FAULT_INJECTION: forcing a failure. [ 940.143398][T19325] name failslab, interval 1, probability 0, space 0, times 0 [ 940.217214][T19325] CPU: 0 UID: 0 PID: 19325 Comm: syz.3.4614 Tainted: G U L syzkaller #0 PREEMPT(full) [ 940.217257][T19325] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 940.217266][T19325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 940.217281][T19325] Call Trace: [ 940.217289][T19325] [ 940.217298][T19325] dump_stack_lvl+0x100/0x190 [ 940.217339][T19325] should_fail_ex.cold+0x5/0xa [ 940.217367][T19325] should_failslab+0xc2/0x120 [ 940.217390][T19325] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 940.217433][T19325] ? __kernfs_new_node+0xd2/0x960 [ 940.217473][T19325] __kernfs_new_node+0xd2/0x960 [ 940.217508][T19325] ? __pfx___kernfs_new_node+0x10/0x10 [ 940.217548][T19325] ? find_held_lock+0x2b/0x80 [ 940.217569][T19325] ? kernfs_root+0xee/0x2a0 [ 940.217599][T19325] ? kernfs_root+0xee/0x2a0 [ 940.217636][T19325] kernfs_new_node+0x11b/0x1a0 [ 940.217677][T19325] __kernfs_create_file+0x53/0x350 [ 940.217706][T19325] sysfs_add_file_mode_ns+0x207/0x3c0 [ 940.217753][T19325] internal_create_group+0x593/0xf40 [ 940.217794][T19325] ? __pfx_internal_create_group+0x10/0x10 [ 940.217834][T19325] ? kernfs_create_link+0x1bd/0x240 [ 940.217863][T19325] internal_create_groups+0x9d/0x150 [ 940.217900][T19325] device_add+0x77a/0x1950 [ 940.217941][T19325] ? __pfx_device_add+0x10/0x10 [ 940.217976][T19325] ? __pfx___might_resched+0x10/0x10 [ 940.218010][T19325] ? lockdep_hardirqs_on+0x78/0x100 [ 940.218047][T19325] __add_disk+0x518/0xe40 [ 940.218086][T19325] add_disk_fwnode+0x118/0x5c0 [ 940.218123][T19325] loop_add+0x90b/0xb60 [ 940.218147][T19325] ? __pfx_loop_add+0x10/0x10 [ 940.218190][T19325] ? find_held_lock+0x2b/0x80 [ 940.218211][T19325] ? __fget_files+0x215/0x3d0 [ 940.218252][T19325] loop_control_ioctl+0xae/0x620 [ 940.218279][T19325] ? __pfx_loop_control_ioctl+0x10/0x10 [ 940.218310][T19325] ? __pfx_loop_control_ioctl+0x10/0x10 [ 940.218338][T19325] __x64_sys_ioctl+0x18e/0x210 [ 940.218373][T19325] do_syscall_64+0x106/0xf80 [ 940.218399][T19325] ? clear_bhb_loop+0x40/0x90 [ 940.218437][T19325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 940.218462][T19325] RIP: 0033:0x7fe99f79c629 [ 940.218482][T19325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 940.218505][T19325] RSP: 002b:00007fe9a0633028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 940.218529][T19325] RAX: ffffffffffffffda RBX: 00007fe99fa15fa0 RCX: 00007fe99f79c629 [ 940.218545][T19325] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006 [ 940.218560][T19325] RBP: 00007fe99f832b39 R08: 0000000000000000 R09: 0000000000000000 [ 940.218575][T19325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 940.218589][T19325] R13: 00007fe99fa16038 R14: 00007fe99fa15fa0 R15: 00007ffc36059978 [ 940.218620][T19325] [ 940.593812][T19327] netlink: 346 bytes leftover after parsing attributes in process `syz.2.4616'. [ 941.114541][T19338] FAULT_INJECTION: forcing a failure. [ 941.114541][T19338] name failslab, interval 1, probability 0, space 0, times 0 [ 941.182442][T19338] CPU: 0 UID: 0 PID: 19338 Comm: syz.1.4615 Tainted: G U L syzkaller #0 PREEMPT(full) [ 941.182485][T19338] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 941.182494][T19338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 941.182508][T19338] Call Trace: [ 941.182516][T19338] [ 941.182525][T19338] dump_stack_lvl+0x100/0x190 [ 941.182566][T19338] should_fail_ex.cold+0x5/0xa [ 941.182594][T19338] should_failslab+0xc2/0x120 [ 941.182618][T19338] __kmalloc_cache_noprof+0x7a/0x6f0 [ 941.182648][T19338] ? vt_do_diacrit+0x63d/0xb90 [ 941.182686][T19338] vt_do_diacrit+0x63d/0xb90 [ 941.182721][T19338] vt_ioctl+0xbab/0x31a0 [ 941.182760][T19338] ? __pfx_vt_ioctl+0x10/0x10 [ 941.182794][T19338] ? find_held_lock+0x2b/0x80 [ 941.182815][T19338] ? tomoyo_path_number_perm+0x28f/0x580 [ 941.182852][T19338] ? tomoyo_path_number_perm+0x28f/0x580 [ 941.182894][T19338] ? tomoyo_path_number_perm+0x188/0x580 [ 941.182942][T19338] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 941.182989][T19338] ? futex_wait+0x125/0x380 [ 941.183028][T19338] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 941.183073][T19338] ? __pfx_vt_ioctl+0x10/0x10 [ 941.183116][T19338] tty_ioctl+0x26a/0x1690 [ 941.183145][T19338] ? __pfx_tty_ioctl+0x10/0x10 [ 941.183181][T19338] ? find_held_lock+0x2b/0x80 [ 941.183202][T19338] ? __fget_files+0x215/0x3d0 [ 941.183238][T19338] ? hook_file_ioctl_common+0x146/0x410 [ 941.183282][T19338] ? __fget_files+0x21f/0x3d0 [ 941.183323][T19338] ? __pfx_tty_ioctl+0x10/0x10 [ 941.183352][T19338] __x64_sys_ioctl+0x18e/0x210 [ 941.183387][T19338] do_syscall_64+0x106/0xf80 [ 941.183418][T19338] ? clear_bhb_loop+0x40/0x90 [ 941.183448][T19338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 941.183473][T19338] RIP: 0033:0x7ff354f9c629 [ 941.183493][T19338] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 941.183519][T19338] RSP: 002b:00007ff355f21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 941.183546][T19338] RAX: ffffffffffffffda RBX: 00007ff355215fa0 RCX: 00007ff354f9c629 [ 941.183563][T19338] RDX: 0000000000000009 RSI: 0000000000004b4a RDI: 0000000000000004 [ 941.183578][T19338] RBP: 00007ff355032b39 R08: 0000000000000000 R09: 0000000000000000 [ 941.183592][T19338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 941.183606][T19338] R13: 00007ff355216038 R14: 00007ff355215fa0 R15: 00007ffffb7eff58 [ 941.183637][T19338] [ 947.679582][T19446] netlink: 346 bytes leftover after parsing attributes in process `syz.2.4656'. [ 948.258466][T19453] netlink: 25 bytes leftover after parsing attributes in process `syz.3.4660'. [ 948.775691][T19466] syz.1.4663(19466): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 950.299148][T19491] zswap: compressor not available [ 950.365855][ T30] audit: type=1800 audit(1772069954.178:10): pid=19499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4673" name="dbroot" dev="configfs" ino=300191 res=0 errno=0 [ 951.125421][T19511] netlink: 330 bytes leftover after parsing attributes in process `syz.5.4677'. [ 953.833285][T19553] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4691'. [ 953.921963][T19553] netlink: 306 bytes leftover after parsing attributes in process `syz.1.4691'. [ 956.010710][T19593] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4706'. [ 956.467135][T19586] [U] [ 957.342497][T19612] FAULT_INJECTION: forcing a failure. [ 957.342497][T19612] name failslab, interval 1, probability 0, space 0, times 0 [ 957.485179][T19612] CPU: 0 UID: 0 PID: 19612 Comm: syz.2.4712 Tainted: G U L syzkaller #0 PREEMPT(full) [ 957.485220][T19612] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 957.485229][T19612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 957.485244][T19612] Call Trace: [ 957.485251][T19612] [ 957.485260][T19612] dump_stack_lvl+0x100/0x190 [ 957.485301][T19612] should_fail_ex.cold+0x5/0xa [ 957.485329][T19612] should_failslab+0xc2/0x120 [ 957.485353][T19612] __kmalloc_cache_noprof+0x7a/0x6f0 [ 957.485383][T19612] ? trace_pid_list_alloc+0x2fe/0x480 [ 957.485426][T19612] trace_pid_list_alloc+0x2fe/0x480 [ 957.485466][T19612] trace_pid_write+0x110/0x460 [ 957.485504][T19612] ? __pfx_trace_pid_write+0x10/0x10 [ 957.485558][T19612] event_pid_write.isra.0+0x1e4/0x800 [ 957.485607][T19612] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 957.485657][T19612] vfs_write+0x2aa/0x1070 [ 957.485696][T19612] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 957.485739][T19612] ? __pfx_vfs_write+0x10/0x10 [ 957.485776][T19612] ? __fget_files+0x215/0x3d0 [ 957.485819][T19612] ? __fget_files+0x21f/0x3d0 [ 957.485864][T19612] ksys_write+0x12a/0x250 [ 957.485900][T19612] ? __pfx_ksys_write+0x10/0x10 [ 957.485946][T19612] do_syscall_64+0x106/0xf80 [ 957.485972][T19612] ? clear_bhb_loop+0x40/0x90 [ 957.486001][T19612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 957.486026][T19612] RIP: 0033:0x7f96b319c629 [ 957.486046][T19612] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 957.486069][T19612] RSP: 002b:00007f96b404a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 957.486092][T19612] RAX: ffffffffffffffda RBX: 00007f96b3415fa0 RCX: 00007f96b319c629 [ 957.486108][T19612] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 957.486122][T19612] RBP: 00007f96b3232b39 R08: 0000000000000000 R09: 0000000000000000 [ 957.486137][T19612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 957.486151][T19612] R13: 00007f96b3416038 R14: 00007f96b3415fa0 R15: 00007ffd9b5a6638 [ 957.486186][T19612] [ 957.991473][ T51] Bluetooth: hci0: unexpected event 0x20 length: 123 > 7 [ 958.503837][T19629] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4719'. [ 958.615777][T19629] netlink: 306 bytes leftover after parsing attributes in process `syz.1.4719'. [ 958.806428][T19630] netlink: 266 bytes leftover after parsing attributes in process `syz.3.4720'. [ 958.837315][T19630] IPv6: NLM_F_CREATE should be specified when creating new route [ 960.525136][T19665] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4732'. [ 960.983155][T19673] FAULT_INJECTION: forcing a failure. [ 960.983155][T19673] name failslab, interval 1, probability 0, space 0, times 0 [ 961.062309][T19673] CPU: 0 UID: 0 PID: 19673 Comm: syz.3.4735 Tainted: G U L syzkaller #0 PREEMPT(full) [ 961.062351][T19673] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 961.062359][T19673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 961.062374][T19673] Call Trace: [ 961.062382][T19673] [ 961.062391][T19673] dump_stack_lvl+0x100/0x190 [ 961.062431][T19673] should_fail_ex.cold+0x5/0xa [ 961.062459][T19673] should_failslab+0xc2/0x120 [ 961.062481][T19673] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 961.062519][T19673] ? __alloc_skb+0x140/0x710 [ 961.062549][T19673] __alloc_skb+0x140/0x710 [ 961.062570][T19673] ? __alloc_skb+0x5b7/0x710 [ 961.062594][T19673] ? __pfx___alloc_skb+0x10/0x10 [ 961.062626][T19673] netlink_alloc_large_skb+0x69/0x150 [ 961.062658][T19673] netlink_sendmsg+0x680/0xda0 [ 961.062692][T19673] ? __pfx_netlink_sendmsg+0x10/0x10 [ 961.062726][T19673] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 961.062762][T19673] __sys_sendto+0x4aa/0x520 [ 961.062787][T19673] ? __pfx___sys_sendto+0x10/0x10 [ 961.062819][T19673] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 961.062858][T19673] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 961.062917][T19673] __x64_sys_sendto+0xe0/0x1c0 [ 961.062940][T19673] ? do_syscall_64+0x95/0xf80 [ 961.062966][T19673] ? lockdep_hardirqs_on+0x78/0x100 [ 961.062993][T19673] do_syscall_64+0x106/0xf80 [ 961.063017][T19673] ? clear_bhb_loop+0x40/0x90 [ 961.063046][T19673] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 961.063071][T19673] RIP: 0033:0x7fe99f75cece [ 961.063090][T19673] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 961.063113][T19673] RSP: 002b:00007fe9a0631e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 961.063136][T19673] RAX: ffffffffffffffda RBX: 00007fe9a06336c0 RCX: 00007fe99f75cece [ 961.063151][T19673] RDX: 000000000000001c RSI: 00007fe9a0632000 RDI: 0000000000000003 [ 961.063166][T19673] RBP: 0000000000000000 R08: 00007fe9a0631f04 R09: 000000000000000c [ 961.063181][T19673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 961.063195][T19673] R13: 00007fe9a0631f58 R14: 00007fe9a0632000 R15: 0000000000000000 [ 961.063229][T19673] [ 962.473622][T19687] random: crng reseeded on system resumption [ 962.694175][T19691] sp0: Synchronizing with TNC [ 964.176043][T19717] zswap: compressor 1Ў not available [ 964.550230][T19723] zswap: compressor not available [ 964.846669][ T51] Bluetooth: hci3: unexpected event 0x20 length: 123 > 7 [ 965.143141][T19744] netlink: 266 bytes leftover after parsing attributes in process `syz.5.4756'. [ 967.804592][T19778] zswap: compressor not available [ 971.007002][T19817] netlink: 334 bytes leftover after parsing attributes in process `syz.5.4782'. [ 974.754554][T19843] netlink: 'syz.3.4790': attribute type 21 has an invalid length. [ 974.816205][T19843] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4790'. [ 975.167988][T19848] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4794'. [ 975.448929][T19860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4797'. [ 975.486230][T19857] netlink: 93 bytes leftover after parsing attributes in process `syz.2.4792'. [ 975.592234][T19852] netlink: 93 bytes leftover after parsing attributes in process `syz.2.4792'. [ 976.598206][ T30] audit: type=1800 audit(1772069980.395:11): pid=19885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4806" name="trace_marker" dev="tracefs" ino=3279 res=0 errno=0 [ 976.993634][T19891] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4809'. [ 977.156338][T19888] FAULT_INJECTION: forcing a failure. [ 977.156338][T19888] name failslab, interval 1, probability 0, space 0, times 0 [ 977.244406][T19888] CPU: 0 UID: 0 PID: 19888 Comm: syz.5.4808 Tainted: G U L syzkaller #0 PREEMPT(full) [ 977.244456][T19888] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 977.244466][T19888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 977.244483][T19888] Call Trace: [ 977.244492][T19888] [ 977.244502][T19888] dump_stack_lvl+0x100/0x190 [ 977.244549][T19888] should_fail_ex.cold+0x5/0xa [ 977.244581][T19888] should_failslab+0xc2/0x120 [ 977.244607][T19888] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 977.244646][T19888] ? anon_vma_clone+0x2bd/0xc70 [ 977.244862][T19888] anon_vma_clone+0x2bd/0xc70 [ 977.244911][T19888] __split_vma+0x51f/0xd90 [ 977.244948][T19888] ? __pfx___split_vma+0x10/0x10 [ 977.244988][T19888] ? __pfx_mas_prev+0x10/0x10 [ 977.245019][T19888] ? __mm_populate+0x107/0x3a0 [ 977.245052][T19888] vms_gather_munmap_vmas+0x39f/0x1500 [ 977.245092][T19888] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 977.245129][T19888] ? mas_walk+0x6ef/0x9b0 [ 977.245162][T19888] __mmap_region+0x492/0x29e0 [ 977.245196][T19888] ? update_cfs_rq_load_avg+0x51/0x550 [ 977.245224][T19888] ? __pfx___mmap_region+0x10/0x10 [ 977.245259][T19888] ? __lock_acquire+0x4a5/0x2630 [ 977.245292][T19888] ? set_next_entity+0x11b/0x9c0 [ 977.245332][T19888] ? __lock_acquire+0x4a5/0x2630 [ 977.245361][T19888] ? find_held_lock+0x2b/0x80 [ 977.245382][T19888] ? trace_ignore_this_task+0x56/0x100 [ 977.245416][T19888] ? trace_ignore_this_task+0x56/0x100 [ 977.245458][T19888] ? lock_acquire+0x1cf/0x380 [ 977.245487][T19888] ? find_held_lock+0x2b/0x80 [ 977.245508][T19888] ? finish_task_switch.isra.0+0x200/0xb80 [ 977.245533][T19888] ? finish_task_switch.isra.0+0x200/0xb80 [ 977.245570][T19888] ? trace_sched_exit_tp+0x13a/0x180 [ 977.245600][T19888] ? __schedule+0x1000/0x60e0 [ 977.245660][T19888] ? rcu_is_watching+0x12/0xc0 [ 977.245705][T19888] ? cap_capable+0x107/0x460 [ 977.245752][T19888] mmap_region+0x180/0x3e0 [ 977.245793][T19888] do_mmap+0xc63/0x12f0 [ 977.245823][T19888] ? __pfx_do_mmap+0x10/0x10 [ 977.245848][T19888] ? __pfx_down_write_killable+0x10/0x10 [ 977.245886][T19888] vm_mmap_pgoff+0x29e/0x470 [ 977.245917][T19888] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 977.245944][T19888] ? do_futex+0x192/0x350 [ 977.245976][T19888] ? __pfx_do_futex+0x10/0x10 [ 977.246015][T19888] ksys_mmap_pgoff+0xe1/0x650 [ 977.246039][T19888] ? __x64_sys_futex+0x34f/0x4d0 [ 977.246070][T19888] ? __x64_sys_futex+0x358/0x4d0 [ 977.246102][T19888] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 977.246126][T19888] ? xfd_validate_state+0x129/0x190 [ 977.246167][T19888] __x64_sys_mmap+0x125/0x190 [ 977.246206][T19888] do_syscall_64+0x106/0xf80 [ 977.246233][T19888] ? clear_bhb_loop+0x40/0x90 [ 977.246263][T19888] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 977.246289][T19888] RIP: 0033:0x7f9d7039c629 [ 977.246312][T19888] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 977.246336][T19888] RSP: 002b:00007f9d711c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 977.246360][T19888] RAX: ffffffffffffffda RBX: 00007f9d70615fa0 RCX: 00007f9d7039c629 [ 977.246377][T19888] RDX: 00000000000000df RSI: 0000000000000005 RDI: 0000000000000000 [ 977.246392][T19888] RBP: 00007f9d70432b39 R08: 0000000000000002 R09: 0000000000008000 [ 977.246408][T19888] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 977.246423][T19888] R13: 00007f9d70616038 R14: 00007f9d70615fa0 R15: 00007ffd62d58338 [ 977.246455][T19888] [ 978.427322][T19907] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4815'. [ 978.622698][T19906] Invalid ELF header magic: != ELF [ 980.097206][T19936] netlink: 266 bytes leftover after parsing attributes in process `syz.3.4825'. [ 980.848725][T19948] zswap: compressor not available [ 981.190060][T19956] netlink: 326 bytes leftover after parsing attributes in process `syz.2.4831'. [ 985.395570][T20036] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4857'. [ 986.191756][T20048] sp0: Synchronizing with TNC [ 986.936923][T20060] nvme_fabrics: missing parameter 'transport=%s' [ 986.954284][T20060] nvme_fabrics: missing parameter 'nqn=%s' [ 987.060680][T20065] netlink: 146 bytes leftover after parsing attributes in process `syz.5.4867'. [ 988.903718][T20108] FAULT_INJECTION: forcing a failure. [ 988.903718][T20108] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 988.942088][T20108] CPU: 0 UID: 0 PID: 20108 Comm: syz.2.4882 Tainted: G U L syzkaller #0 PREEMPT(full) [ 988.942130][T20108] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 988.942140][T20108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 988.942155][T20108] Call Trace: [ 988.942163][T20108] [ 988.942173][T20108] dump_stack_lvl+0x100/0x190 [ 988.942215][T20108] should_fail_ex.cold+0x5/0xa [ 988.942240][T20108] ? prepare_alloc_pages+0x16d/0x5f0 [ 988.942269][T20108] should_fail_alloc_page+0xeb/0x140 [ 988.942295][T20108] prepare_alloc_pages+0x1f0/0x5f0 [ 988.942326][T20108] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 988.942370][T20108] ? rcu_is_watching+0x12/0xc0 [ 988.942413][T20108] ? trace_mm_page_alloc+0x17a/0x1d0 [ 988.942440][T20108] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 988.942476][T20108] ? vhost_dev_set_owner+0x190/0xa30 [ 988.942505][T20108] ? stack_trace_save+0x8e/0xc0 [ 988.942528][T20108] ? __pfx_stack_trace_save+0x10/0x10 [ 988.942553][T20108] ? stack_depot_save_flags+0x27/0x9d0 [ 988.942594][T20108] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 988.942634][T20108] ? vhost_dev_set_owner+0x190/0xa30 [ 988.942660][T20108] ? kasan_save_stack+0x3f/0x50 [ 988.942704][T20108] ? kasan_save_stack+0x30/0x50 [ 988.942738][T20108] ? kasan_save_track+0x14/0x30 [ 988.942774][T20108] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 988.942810][T20108] ? vhost_dev_ioctl+0x521/0xe20 [ 988.942841][T20108] ? vhost_vsock_dev_ioctl+0x320/0xb60 [ 988.942884][T20108] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 988.942927][T20108] ? policy_nodemask+0xed/0x4f0 [ 988.942953][T20108] alloc_pages_mpol+0x1fb/0x550 [ 988.942978][T20108] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 988.943002][T20108] ? find_held_lock+0x2b/0x80 [ 988.943024][T20108] ? rcu_read_unlock+0x17/0x60 [ 988.943057][T20108] ? vhost_dev_set_owner+0x330/0xa30 [ 988.943084][T20108] ___kmalloc_large_node+0x104/0x150 [ 988.943114][T20108] __kmalloc_large_node_noprof+0x1c/0x70 [ 988.943144][T20108] __kmalloc_noprof+0x5be/0x850 [ 988.943185][T20108] vhost_dev_set_owner+0x330/0xa30 [ 988.943223][T20108] vhost_dev_ioctl+0x521/0xe20 [ 988.943255][T20108] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 988.943300][T20108] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 988.943343][T20108] vhost_vsock_dev_ioctl+0x320/0xb60 [ 988.943376][T20108] ? __fget_files+0x215/0x3d0 [ 988.943412][T20108] ? hook_file_ioctl_common+0x146/0x410 [ 988.943451][T20108] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 988.943488][T20108] ? __fget_files+0x21f/0x3d0 [ 988.943529][T20108] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 988.943565][T20108] __x64_sys_ioctl+0x18e/0x210 [ 988.943601][T20108] do_syscall_64+0x106/0xf80 [ 988.943628][T20108] ? clear_bhb_loop+0x40/0x90 [ 988.943659][T20108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 988.943764][T20108] RIP: 0033:0x7f96b319c629 [ 988.943798][T20108] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 988.943824][T20108] RSP: 002b:00007f96b404a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 988.943858][T20108] RAX: ffffffffffffffda RBX: 00007f96b3415fa0 RCX: 00007f96b319c629 [ 988.943878][T20108] RDX: 0000000000000000 RSI: 000000000000af01 RDI: 0000000000000003 [ 988.943893][T20108] RBP: 00007f96b3232b39 R08: 0000000000000000 R09: 0000000000000000 [ 988.943908][T20108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 988.943923][T20108] R13: 00007f96b3416038 R14: 00007f96b3415fa0 R15: 00007ffd9b5a6638 [ 988.943957][T20108] [ 989.506135][T20114] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4883'. [ 989.519074][T20114] gretap0: refused to change device tx_queue_len [ 989.596552][T20116] netlink: 18 bytes leftover after parsing attributes in process `syz.1.4884'. [ 990.126812][T20130] netlink: 'syz.3.4890': attribute type 7 has an invalid length. [ 990.170629][T20130] netlink: 17 bytes leftover after parsing attributes in process `syz.3.4890'. [ 990.306470][T20125] sp0: Synchronizing with TNC [ 991.818999][T20159] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4900'. [ 991.875782][T20159] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4900'. [ 991.926211][T20159] netlink: 170 bytes leftover after parsing attributes in process `syz.1.4900'. [ 992.687819][T20174] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4906'. [ 993.654449][T20197] FAULT_INJECTION: forcing a failure. [ 993.654449][T20197] name failslab, interval 1, probability 0, space 0, times 0 [ 993.670867][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.679695][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.749631][T20197] CPU: 0 UID: 0 PID: 20197 Comm: syz.1.4915 Tainted: G U L syzkaller #0 PREEMPT(full) [ 993.749673][T20197] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 993.749683][T20197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 993.749699][T20197] Call Trace: [ 993.749708][T20197] [ 993.749718][T20197] dump_stack_lvl+0x100/0x190 [ 993.749761][T20197] should_fail_ex.cold+0x5/0xa [ 993.749796][T20197] ? lsm_blob_alloc+0x68/0x90 [ 993.749828][T20197] should_failslab+0xc2/0x120 [ 993.749853][T20197] __kmalloc_noprof+0xe0/0x850 [ 993.749893][T20197] ? trace_kmem_cache_alloc+0xf3/0x120 [ 993.749923][T20197] lsm_blob_alloc+0x68/0x90 [ 993.749963][T20197] security_prepare_creds+0x2d/0x290 [ 993.749991][T20197] prepare_creds+0x5d6/0x950 [ 993.750036][T20197] __sys_setresgid+0x4a7/0x12f0 [ 993.750066][T20197] do_syscall_64+0x106/0xf80 [ 993.750093][T20197] ? clear_bhb_loop+0x40/0x90 [ 993.750122][T20197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 993.750148][T20197] RIP: 0033:0x7ff354f9c629 [ 993.750169][T20197] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 993.750194][T20197] RSP: 002b:00007ff355f21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000077 [ 993.750218][T20197] RAX: ffffffffffffffda RBX: 00007ff355215fa0 RCX: 00007ff354f9c629 [ 993.750235][T20197] RDX: 0000000000000008 RSI: 00000000800000a0 RDI: 0000000000000081 [ 993.750250][T20197] RBP: 00007ff355032b39 R08: 0000000000000000 R09: 0000000000000000 [ 993.750266][T20197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 993.750281][T20197] R13: 00007ff355216038 R14: 00007ff355215fa0 R15: 00007ffffb7eff58 [ 993.750318][T20197] [ 994.015763][T20204] usb usb15: usbfs: process 20204 (syz.5.4916) did not claim interface 0 before use [ 994.968501][T20223] FAULT_INJECTION: forcing a failure. [ 994.968501][T20223] name failslab, interval 1, probability 0, space 0, times 0 [ 995.024012][T20223] CPU: 0 UID: 0 PID: 20223 Comm: syz.5.4923 Tainted: G U L syzkaller #0 PREEMPT(full) [ 995.024055][T20223] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 995.024065][T20223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 995.024081][T20223] Call Trace: [ 995.024089][T20223] [ 995.024099][T20223] dump_stack_lvl+0x100/0x190 [ 995.024149][T20223] should_fail_ex.cold+0x5/0xa [ 995.024178][T20223] should_failslab+0xc2/0x120 [ 995.024207][T20223] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 995.024245][T20223] ? alloc_vmap_area+0x640/0x2bd0 [ 995.024299][T20223] alloc_vmap_area+0x640/0x2bd0 [ 995.024351][T20223] ? __pfx_alloc_vmap_area+0x10/0x10 [ 995.024400][T20223] __get_vm_area_node+0x1ca/0x330 [ 995.024432][T20223] __vmalloc_node_range_noprof+0x213/0x1530 [ 995.024462][T20223] ? n_tty_open+0x1a/0x170 [ 995.024497][T20223] ? look_up_lock_class+0x64/0x120 [ 995.024528][T20223] ? n_tty_open+0x1a/0x170 [ 995.024570][T20223] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 995.024600][T20223] ? __ldsem_down_write_nested+0xfd/0x830 [ 995.024634][T20223] ? __ldsem_down_write_nested+0x10e/0x830 [ 995.024675][T20223] ? __pfx_class_find_device+0x10/0x10 [ 995.024703][T20223] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 995.024741][T20223] ? n_tty_open+0x1a/0x170 [ 995.024773][T20223] __vmalloc_node_noprof+0xad/0xf0 [ 995.024801][T20223] ? n_tty_open+0x1a/0x170 [ 995.024835][T20223] ? __pfx_n_tty_open+0x10/0x10 [ 995.024868][T20223] n_tty_open+0x1a/0x170 [ 995.024902][T20223] tty_ldisc_open+0xa2/0x120 [ 995.024927][T20223] tty_ldisc_setup+0x40/0xf0 [ 995.024954][T20223] tty_init_dev.part.0+0x1b5/0x470 [ 995.024992][T20223] tty_open+0xa63/0xfa0 [ 995.025033][T20223] ? __pfx_tty_open+0x10/0x10 [ 995.025062][T20223] ? chrdev_open+0x10b/0x6a0 [ 995.025084][T20223] ? chrdev_open+0x10b/0x6a0 [ 995.025111][T20223] ? __pfx_tty_open+0x10/0x10 [ 995.025147][T20223] chrdev_open+0x234/0x6a0 [ 995.025170][T20223] ? __pfx_apparmor_file_open+0x10/0x10 [ 995.025205][T20223] ? __pfx_chrdev_open+0x10/0x10 [ 995.025230][T20223] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 995.025277][T20223] do_dentry_open+0x6d8/0x1660 [ 995.025317][T20223] ? __pfx_chrdev_open+0x10/0x10 [ 995.025348][T20223] vfs_open+0x82/0x3f0 [ 995.025457][T20223] path_openat+0x208c/0x31a0 [ 995.025501][T20223] ? __pfx_path_openat+0x10/0x10 [ 995.025537][T20223] do_file_open+0x20e/0x430 [ 995.025564][T20223] ? __pfx_do_file_open+0x10/0x10 [ 995.025611][T20223] ? alloc_fd+0x476/0x790 [ 995.025655][T20223] ? do_getname+0x191/0x390 [ 995.025687][T20223] do_sys_openat2+0x10d/0x1e0 [ 995.025719][T20223] ? __pfx_do_sys_openat2+0x10/0x10 [ 995.025751][T20223] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 995.025790][T20223] __x64_sys_openat+0x12d/0x210 [ 995.025825][T20223] ? __pfx___x64_sys_openat+0x10/0x10 [ 995.025869][T20223] do_syscall_64+0x106/0xf80 [ 995.025898][T20223] ? clear_bhb_loop+0x40/0x90 [ 995.025936][T20223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 995.025965][T20223] RIP: 0033:0x7f9d7039c629 [ 995.025990][T20223] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 995.026017][T20223] RSP: 002b:00007f9d711c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 995.026041][T20223] RAX: ffffffffffffffda RBX: 00007f9d70615fa0 RCX: 00007f9d7039c629 [ 995.026060][T20223] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 995.026076][T20223] RBP: 00007f9d70432b39 R08: 0000000000000000 R09: 0000000000000000 [ 995.026093][T20223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 995.026118][T20223] R13: 00007f9d70616038 R14: 00007f9d70615fa0 R15: 00007ffd62d58338 [ 995.026152][T20223] [ 995.032739][T20223] syz.5.4923: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 995.510612][T20226] openvswitch: netlink: IP tunnel dst address not specified [ 996.494228][T20223] ,cpuset=/,mems_allowed=0-1 [ 996.534974][T20223] CPU: 0 UID: 0 PID: 20223 Comm: syz.5.4923 Tainted: G U L syzkaller #0 PREEMPT(full) [ 996.535274][T20223] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 996.535284][T20223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 996.535299][T20223] Call Trace: [ 996.535310][T20223] [ 996.535320][T20223] dump_stack_lvl+0x100/0x190 [ 996.535362][T20223] warn_alloc.cold+0x95/0x1c1 [ 996.535404][T20223] ? __pfx_warn_alloc+0x10/0x10 [ 996.535436][T20223] ? lockdep_hardirqs_on+0x78/0x100 [ 996.535467][T20223] ? __get_vm_area_node+0x2c5/0x330 [ 996.535498][T20223] ? __get_vm_area_node+0x208/0x330 [ 996.535529][T20223] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 996.535561][T20223] ? look_up_lock_class+0x64/0x120 [ 996.535590][T20223] ? n_tty_open+0x1a/0x170 [ 996.535632][T20223] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 996.535662][T20223] ? __ldsem_down_write_nested+0xfd/0x830 [ 996.535695][T20223] ? __ldsem_down_write_nested+0x10e/0x830 [ 996.535730][T20223] ? __pfx_class_find_device+0x10/0x10 [ 996.535757][T20223] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 996.535795][T20223] ? n_tty_open+0x1a/0x170 [ 996.535825][T20223] __vmalloc_node_noprof+0xad/0xf0 [ 996.535853][T20223] ? n_tty_open+0x1a/0x170 [ 996.535893][T20223] ? __pfx_n_tty_open+0x10/0x10 [ 996.535925][T20223] n_tty_open+0x1a/0x170 [ 996.535967][T20223] tty_ldisc_open+0xa2/0x120 [ 996.535992][T20223] tty_ldisc_setup+0x40/0xf0 [ 996.536019][T20223] tty_init_dev.part.0+0x1b5/0x470 [ 996.536053][T20223] tty_open+0xa63/0xfa0 [ 996.536088][T20223] ? __pfx_tty_open+0x10/0x10 [ 996.536117][T20223] ? chrdev_open+0x10b/0x6a0 [ 996.536139][T20223] ? chrdev_open+0x10b/0x6a0 [ 996.536171][T20223] ? __pfx_tty_open+0x10/0x10 [ 996.536201][T20223] chrdev_open+0x234/0x6a0 [ 996.536223][T20223] ? __pfx_apparmor_file_open+0x10/0x10 [ 996.536258][T20223] ? __pfx_chrdev_open+0x10/0x10 [ 996.536282][T20223] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 996.536330][T20223] do_dentry_open+0x6d8/0x1660 [ 996.536369][T20223] ? __pfx_chrdev_open+0x10/0x10 [ 996.536399][T20223] vfs_open+0x82/0x3f0 [ 996.536430][T20223] path_openat+0x208c/0x31a0 [ 996.536464][T20223] ? __pfx_path_openat+0x10/0x10 [ 996.536498][T20223] do_file_open+0x20e/0x430 [ 996.536523][T20223] ? __pfx_do_file_open+0x10/0x10 [ 996.536567][T20223] ? alloc_fd+0x476/0x790 [ 996.536609][T20223] ? do_getname+0x191/0x390 [ 996.536640][T20223] do_sys_openat2+0x10d/0x1e0 [ 996.536670][T20223] ? __pfx_do_sys_openat2+0x10/0x10 [ 996.536701][T20223] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 996.536738][T20223] __x64_sys_openat+0x12d/0x210 [ 996.536769][T20223] ? __pfx___x64_sys_openat+0x10/0x10 [ 996.536812][T20223] do_syscall_64+0x106/0xf80 [ 996.536837][T20223] ? clear_bhb_loop+0x40/0x90 [ 996.536867][T20223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 996.536892][T20223] RIP: 0033:0x7f9d7039c629 [ 996.536920][T20223] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 996.536960][T20223] RSP: 002b:00007f9d711c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 996.536984][T20223] RAX: ffffffffffffffda RBX: 00007f9d70615fa0 RCX: 00007f9d7039c629 [ 996.537000][T20223] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 996.537016][T20223] RBP: 00007f9d70432b39 R08: 0000000000000000 R09: 0000000000000000 [ 996.537030][T20223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 996.537045][T20223] R13: 00007f9d70616038 R14: 00007f9d70615fa0 R15: 00007ffd62d58338 [ 996.537076][T20223] [ 996.540632][T20223] Mem-Info: [ 997.079851][T20245] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 997.636313][T20223] active_anon:8708 inactive_anon:4515 isolated_anon:0 [ 997.636313][T20223] active_file:21262 inactive_file:37486 isolated_file:0 [ 997.636313][T20223] unevictable:768 dirty:594 writeback:0 [ 997.636313][T20223] slab_reclaimable:11915 slab_unreclaimable:92516 [ 997.636313][T20223] mapped:24652 shmem:2098 pagetables:1509 [ 997.636313][T20223] sec_pagetables:0 bounce:0 [ 997.636313][T20223] kernel_misc_reclaimable:0 [ 997.636313][T20223] free:1315434 free_pcp:10382 free_cma:0 [ 997.912286][T20223] Node 0 active_anon:34832kB inactive_anon:18008kB active_file:85980kB inactive_file:148876kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98608kB dirty:2376kB writeback:0kB shmem:6856kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11616kB pagetables:5712kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 998.112883][T20223] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:168kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 998.238396][T20223] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 998.321636][T20223] lowmem_reserve[]: 0 2477 2479 2479 2479 [ 998.337185][T20223] Node 0 DMA32 free:1296916kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:34832kB inactive_anon:23000kB active_file:85980kB inactive_file:148876kB unevictable:1536kB writepending:2376kB zspages:940kB present:3129332kB managed:2537456kB mlocked:0kB bounce:0kB free_pcp:36252kB local_pcp:36252kB free_cma:0kB [ 998.434021][T20223] lowmem_reserve[]: 0 0 1 1 1 [ 998.447271][T20223] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 998.534048][T20223] lowmem_reserve[]: 0 0 0 0 0 [ 998.546159][T20223] Node 1 Normal free:3949448kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:132kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:504kB local_pcp:504kB free_cma:0kB [ 998.630074][T20223] lowmem_reserve[]: 0 0 0 0 0 [ 998.642232][T20223] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 998.675757][T20223] Node 0 DMA32: 3381*4kB (UM) 4856*8kB (UME) 2446*16kB (UME) 1189*32kB (UME) 666*64kB (UME) 325*128kB (UME) 175*256kB (UME) 160*512kB (UME) 90*1024kB (UM) 20*2048kB (ME) 201*4096kB (M) = 1296916kB [ 998.729166][T20223] Node 0 Normal: 1*4kB (U) 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 998.761539][T20223] Node 1 Normal: 6*4kB (UM) 10*8kB (U) 6*16kB (U) 4*32kB (U) 7*64kB (U) 5*128kB (U) 6*256kB (UME) 4*512kB (UM) 4*1024kB (UME) 2*2048kB (ME) 961*4096kB (M) = 3949448kB [ 998.830583][T20223] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 998.879341][T20223] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 998.981167][T20223] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 999.034121][T20223] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 999.083012][T20223] 60874 total pagecache pages [ 999.103287][T20223] 29 pages in swap cache [ 999.125147][T20223] Free swap = 124416kB [ 999.138798][T20223] Total swap = 124996kB [ 999.149866][T20223] 2097051 pages RAM [ 999.163270][T20223] 0 pages HighMem/MovableOnly [ 999.183052][T20223] 430807 pages reserved [ 999.205368][T20223] 0 pages cma reserved [ 999.220255][T20223] ttyS ttyS2: ldisc open failed (-12), clearing slot 2 [ 1001.036511][T20309] FAULT_INJECTION: forcing a failure. [ 1001.036511][T20309] name failslab, interval 1, probability 0, space 0, times 0 [ 1001.127782][T20309] CPU: 0 UID: 0 PID: 20309 Comm: syz.3.4954 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1001.127833][T20309] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1001.127843][T20309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1001.127858][T20309] Call Trace: [ 1001.127868][T20309] [ 1001.127878][T20309] dump_stack_lvl+0x100/0x190 [ 1001.127921][T20309] should_fail_ex.cold+0x5/0xa [ 1001.127949][T20309] ? lsm_blob_alloc+0x68/0x90 [ 1001.127976][T20309] should_failslab+0xc2/0x120 [ 1001.128000][T20309] __kmalloc_noprof+0xe0/0x850 [ 1001.128035][T20309] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1001.128065][T20309] lsm_blob_alloc+0x68/0x90 [ 1001.128093][T20309] security_prepare_creds+0x2d/0x290 [ 1001.128121][T20309] prepare_creds+0x5d6/0x950 [ 1001.128161][T20309] __sys_setresgid+0x4a7/0x12f0 [ 1001.128191][T20309] do_syscall_64+0x106/0xf80 [ 1001.128218][T20309] ? clear_bhb_loop+0x40/0x90 [ 1001.128249][T20309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1001.128275][T20309] RIP: 0033:0x7fe99f79c629 [ 1001.128295][T20309] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1001.128319][T20309] RSP: 002b:00007fe9a0633028 EFLAGS: 00000246 ORIG_RAX: 0000000000000077 [ 1001.128343][T20309] RAX: ffffffffffffffda RBX: 00007fe99fa15fa0 RCX: 00007fe99f79c629 [ 1001.128374][T20309] RDX: 0000000000000008 RSI: 00000000800000a0 RDI: 0000000000000081 [ 1001.128390][T20309] RBP: 00007fe99f832b39 R08: 0000000000000000 R09: 0000000000000000 [ 1001.128405][T20309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1001.128421][T20309] R13: 00007fe99fa16038 R14: 00007fe99fa15fa0 R15: 00007ffc36059978 [ 1001.128453][T20309] [ 1002.776692][T20339] Invalid ELF header magic: != ELF [ 1005.600637][T20384] FAULT_INJECTION: forcing a failure. [ 1005.600637][T20384] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1005.749178][T20384] CPU: 0 UID: 0 PID: 20384 Comm: syz.2.4982 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1005.749220][T20384] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1005.749231][T20384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1005.749246][T20384] Call Trace: [ 1005.749254][T20384] [ 1005.749264][T20384] dump_stack_lvl+0x100/0x190 [ 1005.749307][T20384] should_fail_ex.cold+0x5/0xa [ 1005.749331][T20384] ? prepare_alloc_pages+0x16d/0x5f0 [ 1005.749360][T20384] should_fail_alloc_page+0xeb/0x140 [ 1005.749392][T20384] prepare_alloc_pages+0x1f0/0x5f0 [ 1005.749418][T20384] ? workingset_test_recent+0x42d/0xe90 [ 1005.749459][T20384] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1005.749497][T20384] ? workingset_test_recent+0x143/0xe90 [ 1005.749536][T20384] ? local_lock_release+0x99/0x130 [ 1005.749567][T20384] ? __lock_acquire+0x4a5/0x2630 [ 1005.749597][T20384] ? mod_memcg_lruvec_state+0x1a6/0x630 [ 1005.749634][T20384] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1005.749678][T20384] ? __lock_acquire+0x4a5/0x2630 [ 1005.749718][T20384] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1005.749761][T20384] ? policy_nodemask+0xed/0x4f0 [ 1005.749787][T20384] alloc_pages_mpol+0x1fb/0x550 [ 1005.749812][T20384] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1005.749836][T20384] ? swap_entry_swapped+0x1ff/0x2b0 [ 1005.749875][T20384] ? __pfx_swap_entry_swapped+0x10/0x10 [ 1005.749919][T20384] folio_alloc_mpol_noprof+0x36/0x340 [ 1005.749949][T20384] swap_cache_alloc_folio+0x1a8/0x300 [ 1005.749984][T20384] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 1005.750017][T20384] ? __pfx_get_swap_device+0x10/0x10 [ 1005.750059][T20384] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1005.750101][T20384] read_swap_cache_async+0xd9/0x480 [ 1005.750142][T20384] ? __pfx_read_swap_cache_async+0x10/0x10 [ 1005.750177][T20384] ? find_held_lock+0x2b/0x80 [ 1005.750203][T20384] ? find_held_lock+0x2b/0x80 [ 1005.750225][T20384] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1005.750251][T20384] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1005.750283][T20384] swapin_walk_pmd_entry+0x2fd/0x640 [ 1005.750314][T20384] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1005.750341][T20384] ? __lock_acquire+0x4a5/0x2630 [ 1005.750373][T20384] ? tomoyo_path_perm+0x29c/0x460 [ 1005.750410][T20384] ? kasan_save_stack+0x3f/0x50 [ 1005.750445][T20384] ? kasan_save_stack+0x30/0x50 [ 1005.750481][T20384] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1005.750510][T20384] walk_pgd_range+0xc04/0x1eb0 [ 1005.750566][T20384] ? __pfx_walk_pgd_range+0x10/0x10 [ 1005.750603][T20384] ? update_cfs_rq_load_avg+0x51/0x550 [ 1005.750635][T20384] __walk_page_range+0x163/0x820 [ 1005.750676][T20384] ? set_next_entity+0x11b/0x9c0 [ 1005.750716][T20384] walk_page_range_vma_unsafe+0x209/0x8f0 [ 1005.750757][T20384] ? trace_ignore_this_task+0x56/0x100 [ 1005.750793][T20384] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 1005.750839][T20384] ? lock_acquire+0x1cf/0x380 [ 1005.750869][T20384] ? find_held_lock+0x2b/0x80 [ 1005.750894][T20384] walk_page_range_vma+0x63/0x90 [ 1005.750934][T20384] madvise_vma_behavior+0x1e14/0x3050 [ 1005.750965][T20384] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1005.750993][T20384] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 1005.751025][T20384] ? mas_prev+0x9b/0xf0 [ 1005.751054][T20384] ? __pfx_mas_prev+0x10/0x10 [ 1005.751091][T20384] ? find_vma_prev+0xd8/0x150 [ 1005.751121][T20384] ? __pfx_find_vma_prev+0x10/0x10 [ 1005.751145][T20384] ? __pfx___schedule+0x10/0x10 [ 1005.751184][T20384] madvise_walk_vmas+0x2fe/0xa90 [ 1005.751217][T20384] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1005.751253][T20384] madvise_do_behavior+0x1ea/0x510 [ 1005.751279][T20384] ? futex_private_hash_put+0x107/0x1c0 [ 1005.751310][T20384] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1005.751338][T20384] ? down_read+0x13b/0x460 [ 1005.751382][T20384] do_madvise+0x195/0x240 [ 1005.751408][T20384] ? __pfx_do_madvise+0x10/0x10 [ 1005.751434][T20384] ? do_futex+0x192/0x350 [ 1005.751471][T20384] ? __fget_files+0x21f/0x3d0 [ 1005.751528][T20384] __x64_sys_madvise+0xa9/0x110 [ 1005.751554][T20384] ? lockdep_hardirqs_on+0x78/0x100 [ 1005.751582][T20384] do_syscall_64+0x106/0xf80 [ 1005.751608][T20384] ? clear_bhb_loop+0x40/0x90 [ 1005.751639][T20384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.751664][T20384] RIP: 0033:0x7f96b319c629 [ 1005.751686][T20384] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1005.751710][T20384] RSP: 002b:00007f96b404a028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1005.751734][T20384] RAX: ffffffffffffffda RBX: 00007f96b3415fa0 RCX: 00007f96b319c629 [ 1005.751751][T20384] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 1005.751766][T20384] RBP: 00007f96b3232b39 R08: 0000000000000000 R09: 0000000000000000 [ 1005.751782][T20384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1005.751797][T20384] R13: 00007f96b3416038 R14: 00007f96b3415fa0 R15: 00007ffd9b5a6638 [ 1005.751829][T20384] [ 1007.475323][T20400] FAULT_INJECTION: forcing a failure. [ 1007.475323][T20400] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.542224][T20400] CPU: 0 UID: 0 PID: 20400 Comm: syz.3.4988 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1007.542268][T20400] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1007.542278][T20400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1007.542293][T20400] Call Trace: [ 1007.542301][T20400] [ 1007.542311][T20400] dump_stack_lvl+0x100/0x190 [ 1007.542353][T20400] should_fail_ex.cold+0x5/0xa [ 1007.542381][T20400] ? ima_alloc_init_template+0x19d/0x6d0 [ 1007.542417][T20400] should_failslab+0xc2/0x120 [ 1007.542441][T20400] __kmalloc_noprof+0xe0/0x850 [ 1007.542487][T20400] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 1007.542525][T20400] ima_alloc_init_template+0x19d/0x6d0 [ 1007.542562][T20400] ? take_dentry_name_snapshot+0x310/0x7c0 [ 1007.542598][T20400] ima_store_measurement+0x1e3/0x5b0 [ 1007.542637][T20400] ? __pfx_ima_store_measurement+0x10/0x10 [ 1007.542685][T20400] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1007.542720][T20400] process_measurement+0x19cc/0x2350 [ 1007.542760][T20400] ? stack_trace_save+0x8e/0xc0 [ 1007.542784][T20400] ? __pfx_process_measurement+0x10/0x10 [ 1007.542817][T20400] ? __lock_acquire+0x4a5/0x2630 [ 1007.542847][T20400] ? __kasan_slab_alloc+0x89/0x90 [ 1007.542885][T20400] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1007.542921][T20400] ? init_file+0x95/0x480 [ 1007.542947][T20400] ? alloc_empty_file+0x73/0x1c0 [ 1007.542974][T20400] ? alloc_file_pseudo+0x13a/0x230 [ 1007.543002][T20400] ? ksys_mmap_pgoff+0x232/0x650 [ 1007.543024][T20400] ? __x64_sys_mmap+0x125/0x190 [ 1007.543059][T20400] ? do_syscall_64+0x106/0xf80 [ 1007.543113][T20400] ? __pfx_aa_file_perm+0x10/0x10 [ 1007.543153][T20400] ima_file_mmap+0x1c4/0x1f0 [ 1007.543186][T20400] ? __pfx_ima_file_mmap+0x10/0x10 [ 1007.543237][T20400] security_mmap_file+0x278/0x9b0 [ 1007.543280][T20400] vm_mmap_pgoff+0xec/0x470 [ 1007.543309][T20400] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1007.543333][T20400] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1007.543364][T20400] ? hugetlbfs_get_inode+0x36e/0x750 [ 1007.543413][T20400] ksys_mmap_pgoff+0x273/0x650 [ 1007.543437][T20400] ? __x64_sys_futex+0x358/0x4d0 [ 1007.543470][T20400] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1007.543495][T20400] ? xfd_validate_state+0x129/0x190 [ 1007.543535][T20400] __x64_sys_mmap+0x125/0x190 [ 1007.543575][T20400] do_syscall_64+0x106/0xf80 [ 1007.543600][T20400] ? clear_bhb_loop+0x40/0x90 [ 1007.543631][T20400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.543656][T20400] RIP: 0033:0x7fe99f79c629 [ 1007.543677][T20400] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1007.543702][T20400] RSP: 002b:00007fe9a05f1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1007.543727][T20400] RAX: ffffffffffffffda RBX: 00007fe99fa16180 RCX: 00007fe99f79c629 [ 1007.543743][T20400] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 1007.543757][T20400] RBP: 00007fe99f832b39 R08: ffffffffffffffff R09: 0000300000020000 [ 1007.543774][T20400] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1007.543789][T20400] R13: 00007fe99fa16218 R14: 00007fe99fa16180 R15: 00007ffc36059978 [ 1007.543821][T20400] [ 1007.543901][T20402] netlink: 'syz.5.4989': attribute type 27 has an invalid length. [ 1007.908305][ T30] audit: type=1804 audit(1772070011.679:12): pid=20400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.4988" name="anon_hugepage" dev="hugetlbfs" ino=306403 res=0 errno=0 [ 1008.047909][T20402] netlink: 'syz.5.4989': attribute type 28 has an invalid length. [ 1008.065134][T20402] netlink: 'syz.5.4989': attribute type 29 has an invalid length. [ 1008.084387][T20402] netlink: 'syz.5.4989': attribute type 30 has an invalid length. [ 1008.103674][T20402] netlink: 'syz.5.4989': attribute type 31 has an invalid length. [ 1008.144518][T20402] netlink: 'syz.5.4989': attribute type 32 has an invalid length. [ 1008.186971][T20402] netlink: 'syz.5.4989': attribute type 33 has an invalid length. [ 1008.217453][T20402] netlink: 'syz.5.4989': attribute type 35 has an invalid length. [ 1008.252435][T20402] netlink: 'syz.5.4989': attribute type 37 has an invalid length. [ 1008.323339][T20402] netlink: 18 bytes leftover after parsing attributes in process `syz.5.4989'. [ 1009.791838][T20435] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5002'. [ 1009.840936][T20435] netlink: 13 bytes leftover after parsing attributes in process `syz.1.5002'. [ 1010.088060][T20440] FAULT_INJECTION: forcing a failure. [ 1010.088060][T20440] name failslab, interval 1, probability 0, space 0, times 0 [ 1010.129459][ T51] Bluetooth: hci2: unexpected event 0x08 length: 435 > 4 [ 1010.327990][T20440] CPU: 0 UID: 0 PID: 20440 Comm: syz.2.5003 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1010.328036][T20440] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1010.328046][T20440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1010.328061][T20440] Call Trace: [ 1010.328069][T20440] [ 1010.328079][T20440] dump_stack_lvl+0x100/0x190 [ 1010.328121][T20440] should_fail_ex.cold+0x5/0xa [ 1010.328149][T20440] ? ima_alloc_init_template+0x19d/0x6d0 [ 1010.328185][T20440] should_failslab+0xc2/0x120 [ 1010.328208][T20440] __kmalloc_noprof+0xe0/0x850 [ 1010.328244][T20440] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 1010.328280][T20440] ima_alloc_init_template+0x19d/0x6d0 [ 1010.328317][T20440] ? take_dentry_name_snapshot+0x310/0x7c0 [ 1010.328352][T20440] ima_store_measurement+0x1e3/0x5b0 [ 1010.328391][T20440] ? __pfx_ima_store_measurement+0x10/0x10 [ 1010.328439][T20440] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1010.328474][T20440] process_measurement+0x19cc/0x2350 [ 1010.328515][T20440] ? stack_trace_save+0x8e/0xc0 [ 1010.328539][T20440] ? __pfx_process_measurement+0x10/0x10 [ 1010.328572][T20440] ? __lock_acquire+0x4a5/0x2630 [ 1010.328602][T20440] ? __kasan_slab_alloc+0x89/0x90 [ 1010.328639][T20440] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1010.328674][T20440] ? init_file+0x95/0x480 [ 1010.328698][T20440] ? alloc_empty_file+0x73/0x1c0 [ 1010.328724][T20440] ? alloc_file_pseudo+0x13a/0x230 [ 1010.328752][T20440] ? ksys_mmap_pgoff+0x232/0x650 [ 1010.328773][T20440] ? __x64_sys_mmap+0x125/0x190 [ 1010.328808][T20440] ? do_syscall_64+0x106/0xf80 [ 1010.328862][T20440] ? __pfx_aa_file_perm+0x10/0x10 [ 1010.328897][T20440] ima_file_mmap+0x1c4/0x1f0 [ 1010.328929][T20440] ? __pfx_ima_file_mmap+0x10/0x10 [ 1010.328978][T20440] security_mmap_file+0x278/0x9b0 [ 1010.329024][T20440] vm_mmap_pgoff+0xec/0x470 [ 1010.329053][T20440] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1010.329077][T20440] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1010.329108][T20440] ? hugetlbfs_get_inode+0x36e/0x750 [ 1010.329157][T20440] ksys_mmap_pgoff+0x273/0x650 [ 1010.329182][T20440] ? __x64_sys_futex+0x358/0x4d0 [ 1010.329215][T20440] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1010.329240][T20440] ? xfd_validate_state+0x129/0x190 [ 1010.329280][T20440] __x64_sys_mmap+0x125/0x190 [ 1010.329320][T20440] do_syscall_64+0x106/0xf80 [ 1010.329346][T20440] ? clear_bhb_loop+0x40/0x90 [ 1010.329376][T20440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1010.329402][T20440] RIP: 0033:0x7f96b319c629 [ 1010.329423][T20440] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1010.329448][T20440] RSP: 002b:00007f96b4008028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1010.329472][T20440] RAX: ffffffffffffffda RBX: 00007f96b3416180 RCX: 00007f96b319c629 [ 1010.329489][T20440] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 1010.329504][T20440] RBP: 00007f96b3232b39 R08: ffffffffffffffff R09: 0000300000020000 [ 1010.329520][T20440] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1010.329536][T20440] R13: 00007f96b3416218 R14: 00007f96b3416180 R15: 00007ffd9b5a6638 [ 1010.329568][T20440] [ 1010.967768][ T30] audit: type=1804 audit(1772070014.627:13): pid=20440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.5003" name="anon_hugepage" dev="hugetlbfs" ino=306714 res=0 errno=0 [ 1011.097792][T20456] netlink: 'syz.3.5009': attribute type 21 has an invalid length. [ 1011.106549][T20456] netlink: 326 bytes leftover after parsing attributes in process `syz.3.5009'. [ 1013.385382][T20497] netlink: 17 bytes leftover after parsing attributes in process `syz.3.5022'. [ 1013.496168][T20502] netlink: 'syz.5.5025': attribute type 1 has an invalid length. [ 1013.547184][T20502] netlink: 'syz.5.5025': attribute type 6 has an invalid length. [ 1014.321299][T20518] netlink: 206 bytes leftover after parsing attributes in process `syz.1.5032'. [ 1014.408487][T20521] netlink: 266 bytes leftover after parsing attributes in process `syz.1.5032'. [ 1014.846849][T20528] vivid-001: ================= START STATUS ================= [ 1014.899037][T20528] vivid-001: Radio HW Seek Mode: Bounded [ 1014.940893][T20528] vivid-001: Radio Programmable HW Seek: false [ 1014.993056][T20528] vivid-001: RDS Rx I/O Mode: Block I/O [ 1014.998886][T20528] vivid-001: Generate RBDS Instead of RDS: false [ 1015.057271][T20528] vivid-001: RDS Reception: true [ 1015.094762][T20528] vivid-001: RDS Program Type: 0 inactive [ 1015.203078][T20528] vivid-001: RDS PS Name: inactive [ 1015.286352][T20528] vivid-001: RDS Radio Text: inactive [ 1015.323299][T20528] vivid-001: RDS Traffic Announcement: false inactive [ 1015.381423][T20528] vivid-001: RDS Traffic Program: false inactive [ 1015.416147][T20528] vivid-001: RDS Music: false inactive [ 1015.441822][T20528] vivid-001: ================== END STATUS ================== [ 1016.925894][T20565] FAULT_INJECTION: forcing a failure. [ 1016.925894][T20565] name failslab, interval 1, probability 0, space 0, times 0 [ 1017.023704][T20565] CPU: 0 UID: 0 PID: 20565 Comm: syz.5.5045 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1017.023747][T20565] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1017.023756][T20565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1017.023771][T20565] Call Trace: [ 1017.023780][T20565] [ 1017.023790][T20565] dump_stack_lvl+0x100/0x190 [ 1017.023837][T20565] should_fail_ex.cold+0x5/0xa [ 1017.023865][T20565] ? tracepoint_add_func+0x2c5/0xf30 [ 1017.023889][T20565] should_failslab+0xc2/0x120 [ 1017.023913][T20565] __kmalloc_noprof+0xe0/0x850 [ 1017.023953][T20565] ? __pfx_trace_event_raw_event_nfs4_lookup_event+0x10/0x10 [ 1017.023995][T20565] tracepoint_add_func+0x2c5/0xf30 [ 1017.024018][T20565] ? __pfx_trace_event_raw_event_nfs4_lookup_event+0x10/0x10 [ 1017.024064][T20565] ? __pfx_trace_event_raw_event_nfs4_lookup_event+0x10/0x10 [ 1017.024112][T20565] tracepoint_probe_register+0xc4/0x110 [ 1017.024138][T20565] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 1017.024162][T20565] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1017.024192][T20565] ? __pfx_trace_event_raw_event_nfs4_lookup_event+0x10/0x10 [ 1017.024236][T20565] ? __pfx_probe_sched_switch+0x10/0x10 [ 1017.024285][T20565] trace_event_reg+0x209/0x350 [ 1017.024323][T20565] __ftrace_event_enable_disable+0x211/0x6f0 [ 1017.024369][T20565] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 1017.024407][T20565] ftrace_set_clr_event+0x16e/0x330 [ 1017.024440][T20565] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 1017.024471][T20565] ? trace_get_user+0x3ae/0xa70 [ 1017.024504][T20565] ftrace_event_write+0x259/0x2c0 [ 1017.024536][T20565] ? __pfx_ftrace_event_write+0x10/0x10 [ 1017.024580][T20565] vfs_write+0x2aa/0x1070 [ 1017.024618][T20565] ? __pfx_ftrace_event_write+0x10/0x10 [ 1017.024653][T20565] ? __pfx_vfs_write+0x10/0x10 [ 1017.024690][T20565] ? __fget_files+0x215/0x3d0 [ 1017.024734][T20565] ? __fget_files+0x21f/0x3d0 [ 1017.024781][T20565] ksys_write+0x12a/0x250 [ 1017.024818][T20565] ? __pfx_ksys_write+0x10/0x10 [ 1017.024864][T20565] do_syscall_64+0x106/0xf80 [ 1017.024891][T20565] ? clear_bhb_loop+0x40/0x90 [ 1017.024921][T20565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1017.024947][T20565] RIP: 0033:0x7f9d7039c629 [ 1017.024968][T20565] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1017.024993][T20565] RSP: 002b:00007f9d711c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1017.025016][T20565] RAX: ffffffffffffffda RBX: 00007f9d70615fa0 RCX: 00007f9d7039c629 [ 1017.025033][T20565] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 1017.025048][T20565] RBP: 00007f9d70432b39 R08: 0000000000000000 R09: 0000000000000000 [ 1017.025064][T20565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1017.025085][T20565] R13: 00007f9d70616038 R14: 00007f9d70615fa0 R15: 00007ffd62d58338 [ 1017.025117][T20565] [ 1018.357243][T20565] event trace: Could not enable event nfs4_mkdir [ 1019.259583][T20589] FAULT_INJECTION: forcing a failure. [ 1019.259583][T20589] name failslab, interval 1, probability 0, space 0, times 0 [ 1019.343316][T20589] CPU: 0 UID: 8 PID: 20589 Comm: syz.5.5053 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1019.343359][T20589] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1019.343368][T20589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1019.343383][T20589] Call Trace: [ 1019.343393][T20589] [ 1019.343402][T20589] dump_stack_lvl+0x100/0x190 [ 1019.343444][T20589] should_fail_ex.cold+0x5/0xa [ 1019.343472][T20589] should_failslab+0xc2/0x120 [ 1019.343497][T20589] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1019.343536][T20589] ? key_alloc+0x423/0x1310 [ 1019.343559][T20589] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 1019.343599][T20589] kmemdup_noprof+0x29/0x60 [ 1019.343637][T20589] key_alloc+0x423/0x1310 [ 1019.343670][T20589] ? __pfx_key_alloc+0x10/0x10 [ 1019.343692][T20589] ? __pfx_key_default_cmp+0x10/0x10 [ 1019.343719][T20589] ? __pfx_keyring_search_iterator+0x10/0x10 [ 1019.343750][T20589] keyring_alloc+0x44/0xc0 [ 1019.343779][T20589] look_up_user_keyrings+0x465/0x790 [ 1019.343821][T20589] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 1019.343864][T20589] ? futex_wait+0x125/0x380 [ 1019.343903][T20589] ? __pfx_futex_wait+0x10/0x10 [ 1019.343948][T20589] lookup_user_key+0xbb1/0x1300 [ 1019.343988][T20589] ? __pfx_lookup_user_key+0x10/0x10 [ 1019.344033][T20589] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1019.344075][T20589] ? __x64_sys_futex+0x34f/0x4d0 [ 1019.344106][T20589] ? __x64_sys_futex+0x358/0x4d0 [ 1019.344143][T20589] keyctl_session_to_parent+0x28/0xae0 [ 1019.344184][T20589] __do_sys_keyctl+0x2b1/0x5a0 [ 1019.344224][T20589] do_syscall_64+0x106/0xf80 [ 1019.344251][T20589] ? clear_bhb_loop+0x40/0x90 [ 1019.344281][T20589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1019.344307][T20589] RIP: 0033:0x7f9d7039c629 [ 1019.344327][T20589] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1019.344351][T20589] RSP: 002b:00007f9d711c0028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1019.344376][T20589] RAX: ffffffffffffffda RBX: 00007f9d70615fa0 RCX: 00007f9d7039c629 [ 1019.344392][T20589] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 1019.344409][T20589] RBP: 00007f9d70432b39 R08: 0000000000000001 R09: 0000000000000000 [ 1019.344424][T20589] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 1019.344440][T20589] R13: 00007f9d70616038 R14: 00007f9d70615fa0 R15: 00007ffd62d58338 [ 1019.344471][T20589] [ 1020.577196][T20603] netlink: 338 bytes leftover after parsing attributes in process `syz.2.5058'. [ 1020.965273][T20610] vivid-007: ================= START STATUS ================= [ 1021.025365][T20610] vivid-007: Generate PTS: true [ 1021.055790][T20610] vivid-007: Generate SCR: true [ 1021.112631][T20610] tpg source WxH: 320x240 (Y'CbCr) [ 1021.145752][T20610] tpg field: 1 [ 1021.191442][T20610] tpg crop: (0,0)/320x240 [ 1021.216250][T20610] tpg compose: (0,0)/320x240 [ 1021.241674][T20610] tpg colorspace: 8 [ 1021.310119][T20610] tpg transfer function: 0/0 [ 1021.392400][T20610] tpg Y'CbCr encoding: 0/0 [ 1021.424627][T20610] tpg quantization: 0/0 [ 1021.455473][T20610] tpg RGB range: 0/2 [ 1021.489485][T20610] vivid-007: ================== END STATUS ================== [ 1025.556558][T20673] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5078'. [ 1025.609501][T20673] veth1_vlan: entered allmulticast mode [ 1025.652114][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807d08f000: rx timeout, send abort [ 1026.161477][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807d08f000: abort rx timeout. Force session deactivation [ 1028.661725][T20720] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5093'. [ 1028.744858][T20720] macvtap0: entered promiscuous mode [ 1028.794228][T20720] macvtap0: entered allmulticast mode [ 1028.859540][T20720] veth0_macvtap: entered allmulticast mode [ 1029.008228][T20728] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5096'. [ 1029.070315][T20728] netlink: 25 bytes leftover after parsing attributes in process `syz.1.5096'. [ 1029.868132][T20732] mkiss: ax0: crc mode is auto. [ 1031.244325][T20770] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5112'. [ 1032.890341][T20790] zswap: compressor not available [ 1036.802289][T20849] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 1037.019258][T20853] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5138'. [ 1037.122125][T20857] FAULT_INJECTION: forcing a failure. [ 1037.122125][T20857] name failslab, interval 1, probability 0, space 0, times 0 [ 1037.189050][T20857] CPU: 0 UID: 0 PID: 20857 Comm: syz.3.5140 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1037.189093][T20857] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1037.189103][T20857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1037.189118][T20857] Call Trace: [ 1037.189127][T20857] [ 1037.189137][T20857] dump_stack_lvl+0x100/0x190 [ 1037.189218][T20857] should_fail_ex.cold+0x5/0xa [ 1037.189248][T20857] should_failslab+0xc2/0x120 [ 1037.189272][T20857] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1037.189303][T20857] ? vhost_vsock_dev_open+0x79/0x670 [ 1037.189339][T20857] ? __pfx_vhost_vsock_dev_open+0x10/0x10 [ 1037.189372][T20857] vhost_vsock_dev_open+0x79/0x670 [ 1037.189405][T20857] ? __pfx_vhost_vsock_dev_open+0x10/0x10 [ 1037.189439][T20857] misc_open+0x26d/0x450 [ 1037.189478][T20857] ? __pfx_misc_open+0x10/0x10 [ 1037.189515][T20857] chrdev_open+0x234/0x6a0 [ 1037.189538][T20857] ? __pfx_apparmor_file_open+0x10/0x10 [ 1037.189573][T20857] ? __pfx_chrdev_open+0x10/0x10 [ 1037.189597][T20857] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1037.189645][T20857] do_dentry_open+0x6d8/0x1660 [ 1037.189684][T20857] ? __pfx_chrdev_open+0x10/0x10 [ 1037.189714][T20857] vfs_open+0x82/0x3f0 [ 1037.189746][T20857] path_openat+0x208c/0x31a0 [ 1037.189779][T20857] ? __pfx_path_openat+0x10/0x10 [ 1037.189813][T20857] do_file_open+0x20e/0x430 [ 1037.189839][T20857] ? __pfx_do_file_open+0x10/0x10 [ 1037.189883][T20857] ? alloc_fd+0x476/0x790 [ 1037.189925][T20857] ? do_getname+0x191/0x390 [ 1037.189956][T20857] do_sys_openat2+0x10d/0x1e0 [ 1037.189986][T20857] ? __pfx_do_sys_openat2+0x10/0x10 [ 1037.190019][T20857] ? __fget_files+0x21f/0x3d0 [ 1037.190063][T20857] __x64_sys_openat+0x12d/0x210 [ 1037.190095][T20857] ? __pfx___x64_sys_openat+0x10/0x10 [ 1037.190138][T20857] do_syscall_64+0x106/0xf80 [ 1037.190168][T20857] ? clear_bhb_loop+0x40/0x90 [ 1037.190206][T20857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1037.190232][T20857] RIP: 0033:0x7fe99f79c629 [ 1037.190253][T20857] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1037.190278][T20857] RSP: 002b:00007fe9a0633028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1037.190302][T20857] RAX: ffffffffffffffda RBX: 00007fe99fa15fa0 RCX: 00007fe99f79c629 [ 1037.190319][T20857] RDX: 0000000000141000 RSI: 0000200000000300 RDI: ffffffffffffff9c [ 1037.190336][T20857] RBP: 00007fe99f832b39 R08: 0000000000000000 R09: 0000000000000000 [ 1037.190352][T20857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1037.190367][T20857] R13: 00007fe99fa16038 R14: 00007fe99fa15fa0 R15: 00007ffc36059978 [ 1037.190399][T20857] [ 1038.094888][T20869] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5145'. [ 1038.318907][T20869] team0 (unregistering): Port device team_slave_0 removed [ 1038.331977][T20869] team0 (unregistering): Port device team_slave_1 removed [ 1038.679243][T20877] netlink: zone id is out of range [ 1038.840199][T20877] netlink: set zone limit has 8 unknown bytes [ 1038.984433][T20885] FAULT_INJECTION: forcing a failure. [ 1038.984433][T20885] name failslab, interval 1, probability 0, space 0, times 0 [ 1039.060846][T20885] CPU: 0 UID: 0 PID: 20885 Comm: syz.3.5149 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1039.060889][T20885] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1039.060899][T20885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1039.060913][T20885] Call Trace: [ 1039.060921][T20885] [ 1039.060931][T20885] dump_stack_lvl+0x100/0x190 [ 1039.060972][T20885] should_fail_ex.cold+0x5/0xa [ 1039.061001][T20885] should_failslab+0xc2/0x120 [ 1039.061025][T20885] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1039.061055][T20885] ? sctp_add_bind_addr+0xae/0x3e0 [ 1039.061095][T20885] ? __sctp_v6_cmp_addr+0x206/0x530 [ 1039.061128][T20885] sctp_add_bind_addr+0xae/0x3e0 [ 1039.061172][T20885] sctp_copy_local_addr_list+0x349/0x550 [ 1039.061205][T20885] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 1039.061237][T20885] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 1039.061268][T20885] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1039.061321][T20885] sctp_bind_addr_copy+0xe0/0x530 [ 1039.061351][T20885] sctp_connect_new_asoc+0x1c9/0x770 [ 1039.061389][T20885] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1039.061427][T20885] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1039.061475][T20885] __sctp_connect+0x3e7/0xc70 [ 1039.061515][T20885] ? __pfx___sctp_connect+0x10/0x10 [ 1039.061552][T20885] ? __pfx_sctp_inet_connect+0x10/0x10 [ 1039.061587][T20885] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1039.061630][T20885] ? __pfx_sctp_inet_connect+0x10/0x10 [ 1039.061664][T20885] sctp_inet_connect+0x15f/0x220 [ 1039.061699][T20885] __sys_connect_file+0x141/0x1a0 [ 1039.061727][T20885] __sys_connect+0x141/0x170 [ 1039.061749][T20885] ? __pfx___sys_connect+0x10/0x10 [ 1039.061791][T20885] __x64_sys_connect+0x72/0xb0 [ 1039.061813][T20885] ? lockdep_hardirqs_on+0x78/0x100 [ 1039.061841][T20885] do_syscall_64+0x106/0xf80 [ 1039.061873][T20885] ? clear_bhb_loop+0x40/0x90 [ 1039.061903][T20885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1039.061929][T20885] RIP: 0033:0x7fe99f79c629 [ 1039.061949][T20885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1039.061975][T20885] RSP: 002b:00007fe9a0633028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1039.061998][T20885] RAX: ffffffffffffffda RBX: 00007fe99fa15fa0 RCX: 00007fe99f79c629 [ 1039.062015][T20885] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 1039.062030][T20885] RBP: 00007fe99f832b39 R08: 0000000000000000 R09: 0000000000000000 [ 1039.062046][T20885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1039.062060][T20885] R13: 00007fe99fa16038 R14: 00007fe99fa15fa0 R15: 00007ffc36059978 [ 1039.062092][T20885] [ 1041.803930][T20919] netlink: 326 bytes leftover after parsing attributes in process `syz.3.5162'. [ 1042.117067][T20931] FAULT_INJECTION: forcing a failure. [ 1042.117067][T20931] name failslab, interval 1, probability 0, space 0, times 0 [ 1042.240061][T20931] CPU: 0 UID: 0 PID: 20931 Comm: syz.2.5164 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1042.240104][T20931] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1042.240114][T20931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1042.240129][T20931] Call Trace: [ 1042.240138][T20931] [ 1042.240147][T20931] dump_stack_lvl+0x100/0x190 [ 1042.240189][T20931] should_fail_ex.cold+0x5/0xa [ 1042.240218][T20931] should_failslab+0xc2/0x120 [ 1042.240242][T20931] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1042.240277][T20931] ? dst_alloc+0x99/0x1a0 [ 1042.240319][T20931] ? __pfx_ip6_dst_gc+0x10/0x10 [ 1042.240360][T20931] dst_alloc+0x99/0x1a0 [ 1042.240401][T20931] ip6_rt_cache_alloc+0x1ea/0x8e0 [ 1042.240435][T20931] ? __pfx_ip6_rt_cache_alloc+0x10/0x10 [ 1042.240474][T20931] ip6_pol_route+0xd59/0x1230 [ 1042.240512][T20931] ? __pfx_ip6_pol_route+0x10/0x10 [ 1042.240550][T20931] ? find_held_lock+0x2b/0x80 [ 1042.240576][T20931] ? bpf_ksym_find+0x124/0x1c0 [ 1042.240610][T20931] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 1042.240645][T20931] fib6_rule_lookup+0x24c/0x720 [ 1042.240676][T20931] ? __kernel_text_address+0xd/0x30 [ 1042.240712][T20931] ? unwind_get_return_address+0x59/0xa0 [ 1042.240738][T20931] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 1042.240780][T20931] ? __pfx_rt6_probe+0x10/0x10 [ 1042.240815][T20931] ? stack_trace_save+0x8e/0xc0 [ 1042.240838][T20931] ? rt6_score_route+0x14a/0xa60 [ 1042.240873][T20931] ip6_route_output_flags+0x1d0/0x650 [ 1042.240906][T20931] ip6_dst_lookup_tail.constprop.0+0x116/0x2110 [ 1042.240946][T20931] ? __pfx___find_rr_leaf+0x10/0x10 [ 1042.240979][T20931] ? __pfx___find_rr_leaf+0x10/0x10 [ 1042.241144][T20931] ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10 [ 1042.241181][T20931] ? __pfx_ip6_compressed_string+0x10/0x10 [ 1042.241224][T20931] ? __lock_acquire+0x4a5/0x2630 [ 1042.241257][T20931] ? rcu_is_watching+0x12/0xc0 [ 1042.241303][T20931] ip6_dst_lookup_flow+0x99/0x1d0 [ 1042.241340][T20931] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 1042.241374][T20931] ? find_held_lock+0x2b/0x80 [ 1042.241396][T20931] ? rawv6_sendmsg+0xb3c/0x4750 [ 1042.241425][T20931] ? rawv6_sendmsg+0xb3c/0x4750 [ 1042.241458][T20931] rawv6_sendmsg+0xe61/0x4750 [ 1042.241492][T20931] ? aa_profile_af_perm+0x381/0x3a0 [ 1042.241538][T20931] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1042.241574][T20931] ? trace_ignore_this_task+0x56/0x100 [ 1042.241610][T20931] ? trace_ignore_this_task+0x56/0x100 [ 1042.241678][T20931] ? __import_iovec+0x1d2/0x640 [ 1042.241722][T20931] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1042.241764][T20931] ? inet_sendmsg+0x11c/0x140 [ 1042.241799][T20931] inet_sendmsg+0x11c/0x140 [ 1042.241838][T20931] ____sys_sendmsg+0x9ad/0xc30 [ 1042.241879][T20931] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1042.241920][T20931] ? futex_unqueue+0x133/0x2c0 [ 1042.241959][T20931] ___sys_sendmsg+0x190/0x1e0 [ 1042.242001][T20931] ? __pfx____sys_sendmsg+0x10/0x10 [ 1042.242039][T20931] ? __pfx___futex_wait+0x10/0x10 [ 1042.242076][T20931] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1042.242115][T20931] ? find_held_lock+0x2b/0x80 [ 1042.242157][T20931] __sys_sendmmsg+0x205/0x430 [ 1042.242191][T20931] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1042.242228][T20931] ? __pfx_do_futex+0x10/0x10 [ 1042.242276][T20931] ? xfd_validate_state+0x129/0x190 [ 1042.242322][T20931] __x64_sys_sendmmsg+0x9c/0x100 [ 1042.242350][T20931] ? lockdep_hardirqs_on+0x78/0x100 [ 1042.242378][T20931] do_syscall_64+0x106/0xf80 [ 1042.242406][T20931] ? clear_bhb_loop+0x40/0x90 [ 1042.242438][T20931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1042.242464][T20931] RIP: 0033:0x7f96b319c629 [ 1042.242487][T20931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1042.242512][T20931] RSP: 002b:00007f96b4029028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1042.242536][T20931] RAX: ffffffffffffffda RBX: 00007f96b3416090 RCX: 00007f96b319c629 [ 1042.242554][T20931] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1042.242570][T20931] RBP: 00007f96b3232b39 R08: 0000000000000000 R09: 0000000000000000 [ 1042.242586][T20931] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000000 [ 1042.242601][T20931] R13: 00007f96b3416128 R14: 00007f96b3416090 R15: 00007ffd9b5a6638 [ 1042.242635][T20931] [ 1043.513644][T20942] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5171'. [ 1043.628162][T20942] smc: removing net device dummy0 with user defined pnetid DUMMY0 [ 1043.849919][T20947] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5173'. [ 1045.969396][T20995] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5190'. [ 1046.024000][T20995] team0 (unregistering): Port device team_slave_0 removed [ 1046.057319][T20995] team0 (unregistering): Port device team_slave_1 removed [ 1047.207752][T21020] netlink: 244 bytes leftover after parsing attributes in process `syz.1.5202'. [ 1047.595437][T21023] zswap: compressor not available [ 1048.095906][T21041] FAULT_INJECTION: forcing a failure. [ 1048.095906][T21041] name failslab, interval 1, probability 0, space 0, times 0 [ 1048.140286][T21041] CPU: 0 UID: 0 PID: 21041 Comm: syz.2.5207 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1048.140329][T21041] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1048.140339][T21041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1048.140353][T21041] Call Trace: [ 1048.140362][T21041] [ 1048.140372][T21041] dump_stack_lvl+0x100/0x190 [ 1048.140413][T21041] should_fail_ex.cold+0x5/0xa [ 1048.140442][T21041] ? sk_prot_alloc+0x10b/0x2a0 [ 1048.140473][T21041] should_failslab+0xc2/0x120 [ 1048.140497][T21041] __kmalloc_noprof+0xe0/0x850 [ 1048.140533][T21041] ? lockdep_init_map_type+0x5c/0x250 [ 1048.140570][T21041] sk_prot_alloc+0x10b/0x2a0 [ 1048.140605][T21041] sk_alloc+0x36/0xe80 [ 1048.140630][T21041] pppoe_create+0x32/0x360 [ 1048.140668][T21041] pppox_create+0x15c/0x2c0 [ 1048.140707][T21041] __sock_create+0x339/0x860 [ 1048.140747][T21041] __sys_socket+0x14d/0x260 [ 1048.140784][T21041] ? __pfx___sys_socket+0x10/0x10 [ 1048.140829][T21041] __x64_sys_socket+0x72/0xb0 [ 1048.140864][T21041] ? lockdep_hardirqs_on+0x78/0x100 [ 1048.140893][T21041] do_syscall_64+0x106/0xf80 [ 1048.140918][T21041] ? clear_bhb_loop+0x40/0x90 [ 1048.140948][T21041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1048.140974][T21041] RIP: 0033:0x7f96b319c629 [ 1048.140995][T21041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1048.141019][T21041] RSP: 002b:00007f96b404a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1048.141042][T21041] RAX: ffffffffffffffda RBX: 00007f96b3415fa0 RCX: 00007f96b319c629 [ 1048.141059][T21041] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000018 [ 1048.141074][T21041] RBP: 00007f96b3232b39 R08: 0000000000000000 R09: 0000000000000000 [ 1048.141089][T21041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1048.141104][T21041] R13: 00007f96b3416038 R14: 00007f96b3415fa0 R15: 00007ffd9b5a6638 [ 1048.141135][T21041] [ 1049.204865][T21060] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5212'. [ 1050.026306][ T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1050.251786][ T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1050.437267][ T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1050.674317][ T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1050.860583][T16178] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1050.873123][T16178] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1050.888348][T16178] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1050.906519][T16178] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1050.917618][T16178] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1051.401315][ T13] bridge_slave_1: left allmulticast mode [ 1051.417656][ T13] bridge_slave_1: left promiscuous mode [ 1051.461989][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 1051.612584][ T13] bridge_slave_0: left allmulticast mode [ 1051.640799][ T13] bridge_slave_0: left promiscuous mode [ 1051.691627][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 1052.437593][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1052.487565][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1052.507656][ T13] bond0 (unregistering): Released all slaves [ 1052.608555][T16178] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 1052.701836][T21119] FAULT_INJECTION: forcing a failure. [ 1052.701836][T21119] name failslab, interval 1, probability 0, space 0, times 0 [ 1052.795525][T21119] CPU: 0 UID: 0 PID: 21119 Comm: syz.3.5234 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1052.795569][T21119] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1052.795579][T21119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1052.795594][T21119] Call Trace: [ 1052.795602][T21119] [ 1052.795614][T21119] dump_stack_lvl+0x100/0x190 [ 1052.795656][T21119] should_fail_ex.cold+0x5/0xa [ 1052.795685][T21119] should_failslab+0xc2/0x120 [ 1052.795709][T21119] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1052.795754][T21119] ? fib_rules_register+0x30/0x500 [ 1052.795907][T21119] kmemdup_noprof+0x29/0x60 [ 1052.795948][T21119] fib_rules_register+0x30/0x500 [ 1052.795982][T21119] fib4_rules_init+0x1f/0x1c0 [ 1052.796024][T21119] fib_net_init+0x1dc/0x3f0 [ 1052.796052][T21119] ? is_module_address+0x69/0xf0 [ 1052.796088][T21119] ? __pfx_fib_net_init+0x10/0x10 [ 1052.796117][T21119] ? timer_init_key+0x150/0x340 [ 1052.796148][T21119] ? devinet_init_net+0x56c/0x8d0 [ 1052.796208][T21119] ? __pfx_fib_net_init+0x10/0x10 [ 1052.796237][T21119] ops_init+0x1e2/0x5f0 [ 1052.796274][T21119] setup_net+0x118/0x3a0 [ 1052.796305][T21119] ? __pfx_setup_net+0x10/0x10 [ 1052.796334][T21119] ? lockdep_init_map_type+0x5c/0x250 [ 1052.796401][T21119] ? mutex_init_lockep+0x110/0x150 [ 1052.796441][T21119] copy_net_ns+0x46f/0x7c0 [ 1052.796477][T21119] create_new_namespaces+0x3ea/0xac0 [ 1052.796522][T21119] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1052.796781][T21119] ksys_unshare+0x473/0xad0 [ 1052.796819][T21119] ? __pfx_ksys_unshare+0x10/0x10 [ 1052.796861][T21119] __x64_sys_unshare+0x31/0x40 [ 1052.796892][T21119] do_syscall_64+0x106/0xf80 [ 1052.796919][T21119] ? clear_bhb_loop+0x40/0x90 [ 1052.796950][T21119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1052.796979][T21119] RIP: 0033:0x7fe99f79c629 [ 1052.797002][T21119] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1052.797025][T21119] RSP: 002b:00007fe9a0633028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1052.797049][T21119] RAX: ffffffffffffffda RBX: 00007fe99fa15fa0 RCX: 00007fe99f79c629 [ 1052.797065][T21119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1052.797081][T21119] RBP: 00007fe99f832b39 R08: 0000000000000000 R09: 0000000000000000 [ 1052.797097][T21119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1052.797112][T21119] R13: 00007fe99fa16038 R14: 00007fe99fa15fa0 R15: 00007ffc36059978 [ 1052.797144][T21119] [ 1053.091233][T21121] Bluetooth: hci1: command tx timeout [ 1053.437916][T21130] netlink: 25 bytes leftover after parsing attributes in process `syz.2.5235'. [ 1053.707700][T21083] chnl_net:caif_netlink_parms(): no params data found [ 1053.936052][ T13] hsr_slave_0: left promiscuous mode [ 1053.987204][ T13] hsr_slave_1: left promiscuous mode [ 1054.003112][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1054.051321][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1054.100059][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1054.146787][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1054.276061][ T13] veth1_macvtap: left promiscuous mode [ 1054.292558][ T13] veth0_macvtap: left allmulticast mode [ 1054.298387][ T13] veth0_macvtap: left promiscuous mode [ 1054.348244][ T13] veth1_vlan: left promiscuous mode [ 1054.377045][ T13] veth0_vlan: left promiscuous mode [ 1055.119305][T21121] Bluetooth: hci1: command tx timeout [ 1055.127779][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.134713][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.832492][T21083] bridge0: port 1(bridge_slave_0) entered blocking state [ 1055.903468][T21083] bridge0: port 1(bridge_slave_0) entered disabled state [ 1055.941333][T21083] bridge_slave_0: entered allmulticast mode [ 1055.979499][T21083] bridge_slave_0: entered promiscuous mode [ 1056.057429][T21083] bridge0: port 2(bridge_slave_1) entered blocking state [ 1056.108064][T21083] bridge0: port 2(bridge_slave_1) entered disabled state [ 1056.147225][T21083] bridge_slave_1: entered allmulticast mode [ 1056.182386][T21083] bridge_slave_1: entered promiscuous mode [ 1056.413387][T21083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1056.518104][T21083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1056.549268][T21170] netlink: 186 bytes leftover after parsing attributes in process `syz.3.5245'. [ 1056.626576][T21170] netlink: 186 bytes leftover after parsing attributes in process `syz.3.5245'. [ 1056.678387][T21083] team0: Port device team_slave_0 added [ 1056.727678][T21083] team0: Port device team_slave_1 added [ 1057.129278][T21083] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1057.162024][T21083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1057.217943][ T51] Bluetooth: hci1: command tx timeout [ 1057.392462][T21083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1057.547439][T21083] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1057.592795][T21083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1057.734522][T21083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1058.125304][T21083] hsr_slave_0: entered promiscuous mode [ 1058.154050][T21083] hsr_slave_1: entered promiscuous mode [ 1058.177742][T21083] debugfs: 'hsr0' already exists in 'hsr' [ 1058.200813][T21083] Cannot create hsr debugfs directory [ 1059.276540][ T51] Bluetooth: hci1: command tx timeout [ 1059.636533][T21231] netlink: 186 bytes leftover after parsing attributes in process `syz.1.5259'. [ 1060.284209][T21243] netlink: 202 bytes leftover after parsing attributes in process `syz.2.5263'. [ 1060.817366][T21083] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1060.890964][T21083] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1060.952520][T21083] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1061.027527][T21083] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1061.104390][T21258] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5267'. [ 1061.634709][T21083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1061.804818][T21083] 8021q: adding VLAN 0 to HW filter on device team0 [ 1061.889143][ T27] bridge0: port 1(bridge_slave_0) entered blocking state [ 1061.896648][ T27] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1061.937838][T21283] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5271'. [ 1062.020290][T10144] bridge0: port 2(bridge_slave_1) entered blocking state [ 1062.027725][T10144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1062.227492][T21083] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1063.046105][T21309] netlink: 138 bytes leftover after parsing attributes in process `syz.2.5278'. [ 1064.672166][T21083] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1066.073824][T21083] veth0_vlan: entered promiscuous mode [ 1066.142847][T21083] veth1_vlan: entered promiscuous mode [ 1066.294189][T21083] veth0_macvtap: entered promiscuous mode [ 1066.363068][T21083] veth1_macvtap: entered promiscuous mode [ 1066.477689][T21083] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1066.550781][T21083] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1066.657471][T10144] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1066.778173][T10144] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1066.823376][T10144] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1066.930339][T10144] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1067.216402][ T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1067.269160][ T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1067.400490][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1067.448358][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1069.087401][T21402] [U]  [ 1069.090274][T21402] [U] [ 1069.092992][T21402] [U] [ 1069.095705][T21402] [U] [ 1069.165891][T21402] [U] [ 1069.168770][T21402] [U] [ 1069.171630][T21402] [U] [ 1069.174370][T21402] [U] [ 1069.213212][T21402] [U] [ 1069.216027][T21402] [U] [ 1069.218993][T21402] [U] [ 1069.221808][T21402] [U] [ 1069.291184][T21402] [U] [ 1069.293979][T21402] [U] [ 1069.296727][T21402] [U] [ 1069.299563][T21402] [U] [ 1069.348904][T21402] [U] [ 1069.351658][T21402] [U] [ 1069.354399][T21402] [U] [ 1069.357242][T21402] [U] [ 1069.436369][T21402] [U] [ 1069.957090][T21429] netlink: 62 bytes leftover after parsing attributes in process `syz.1.5303'. [ 1070.591243][T21435] FAULT_INJECTION: forcing a failure. [ 1070.591243][T21435] name failslab, interval 1, probability 0, space 0, times 0 [ 1070.757919][T21435] CPU: 0 UID: 0 PID: 21435 Comm: syz.2.5305 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1070.757963][T21435] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1070.757973][T21435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1070.757989][T21435] Call Trace: [ 1070.757997][T21435] [ 1070.758007][T21435] dump_stack_lvl+0x100/0x190 [ 1070.758049][T21435] should_fail_ex.cold+0x5/0xa [ 1070.758077][T21435] ? __register_sysctl_table+0xbe4/0x1650 [ 1070.758116][T21435] should_failslab+0xc2/0x120 [ 1070.758139][T21435] __kmalloc_noprof+0xe0/0x850 [ 1070.758182][T21435] __register_sysctl_table+0xbe4/0x1650 [ 1070.758237][T21435] ? __pfx___register_sysctl_table+0x10/0x10 [ 1070.758275][T21435] ? is_module_address+0x69/0xf0 [ 1070.758306][T21435] ? register_net_sysctl_sz+0x222/0x430 [ 1070.758340][T21435] ? __asan_memcpy+0x3c/0x60 [ 1070.758479][T21435] sctp_sysctl_net_register+0x15e/0x200 [ 1070.758513][T21435] ? __pfx_sctp_defaults_init+0x10/0x10 [ 1070.758542][T21435] sctp_defaults_init+0x6d2/0xd90 [ 1070.758572][T21435] ? __pfx_sctp_defaults_init+0x10/0x10 [ 1070.758600][T21435] ops_init+0x1e2/0x5f0 [ 1070.758632][T21435] setup_net+0x118/0x3a0 [ 1070.758663][T21435] ? __pfx_setup_net+0x10/0x10 [ 1070.758690][T21435] ? lockdep_init_map_type+0x5c/0x250 [ 1070.758729][T21435] ? mutex_init_lockep+0x110/0x150 [ 1070.758768][T21435] copy_net_ns+0x46f/0x7c0 [ 1070.758804][T21435] create_new_namespaces+0x3ea/0xac0 [ 1070.758837][T21435] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1070.758872][T21435] ksys_unshare+0x473/0xad0 [ 1070.758910][T21435] ? __pfx_ksys_unshare+0x10/0x10 [ 1070.758953][T21435] __x64_sys_unshare+0x31/0x40 [ 1070.758985][T21435] do_syscall_64+0x106/0xf80 [ 1070.759013][T21435] ? clear_bhb_loop+0x40/0x90 [ 1070.759054][T21435] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.759089][T21435] RIP: 0033:0x7f96b319c629 [ 1070.759111][T21435] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1070.759137][T21435] RSP: 002b:00007f96b404a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1070.759161][T21435] RAX: ffffffffffffffda RBX: 00007f96b3415fa0 RCX: 00007f96b319c629 [ 1070.759184][T21435] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1070.759200][T21435] RBP: 00007f96b3232b39 R08: 0000000000000000 R09: 0000000000000000 [ 1070.759215][T21435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1070.759231][T21435] R13: 00007f96b3416038 R14: 00007f96b3415fa0 R15: 00007ffd9b5a6638 [ 1070.759269][T21435] [ 1070.759412][T21435] sysctl could not get directory: /net/sctp -12 [ 1074.471229][T21510] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5328'. [ 1074.483948][ T51] Bluetooth: hci2: unexpected event 0x09 length: 435 > 3 [ 1075.238142][T21517] zswap: compressor not available [ 1076.324298][T21520] [U]  [ 1076.328149][T21520] [U] [ 1076.330922][T21520] [U] [ 1076.334256][T21520] [U] [ 1076.484479][T21520] [U] [ 1076.488387][T21520] [U] [ 1076.491739][T21520] [U] [ 1076.496723][T21520] [U] [ 1076.684495][T21520] [U] [ 1078.403820][T21563] ubi0: attaching mtd0 [ 1078.430702][T21563] ubi0: scanning is finished [ 1078.455483][T21563] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1078.727853][T21563] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1080.762614][T21594] netlink: 'syz.2.5351': attribute type 1 has an invalid length. [ 1080.791111][T21593] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5350'. [ 1080.806024][T21594] netlink: 'syz.2.5351': attribute type 6 has an invalid length. [ 1081.283132][T21602] FAULT_INJECTION: forcing a failure. [ 1081.283132][T21602] name failslab, interval 1, probability 0, space 0, times 0 [ 1081.454864][T21602] CPU: 0 UID: 0 PID: 21602 Comm: syz.5.5353 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1081.454906][T21602] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1081.454916][T21602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1081.454935][T21602] Call Trace: [ 1081.454943][T21602] [ 1081.454952][T21602] dump_stack_lvl+0x100/0x190 [ 1081.454993][T21602] should_fail_ex.cold+0x5/0xa [ 1081.455022][T21602] should_failslab+0xc2/0x120 [ 1081.455046][T21602] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1081.455089][T21602] ? __kernfs_new_node+0xd2/0x960 [ 1081.455129][T21602] __kernfs_new_node+0xd2/0x960 [ 1081.455165][T21602] ? __pfx___kernfs_new_node+0x10/0x10 [ 1081.455205][T21602] ? find_held_lock+0x2b/0x80 [ 1081.455227][T21602] ? kernfs_root+0xee/0x2a0 [ 1081.455258][T21602] ? kernfs_root+0xee/0x2a0 [ 1081.455296][T21602] kernfs_new_node+0x11b/0x1a0 [ 1081.455338][T21602] __kernfs_create_file+0x53/0x350 [ 1081.455368][T21602] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1081.455405][T21602] internal_create_group+0x593/0xf40 [ 1081.455447][T21602] ? __pfx_internal_create_group+0x10/0x10 [ 1081.455486][T21602] ? kernfs_create_link+0x1bd/0x240 [ 1081.455517][T21602] internal_create_groups+0x9d/0x150 [ 1081.455554][T21602] device_add+0x71a/0x1950 [ 1081.455593][T21602] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1081.455634][T21602] ? __pfx_device_add+0x10/0x10 [ 1081.455673][T21602] ? lockdep_init_map_type+0x5c/0x250 [ 1081.455706][T21602] ? __init_waitqueue_head+0xca/0x150 [ 1081.455756][T21602] netdev_register_kobject+0x1a9/0x3d0 [ 1081.455794][T21602] register_netdevice+0x12e0/0x2210 [ 1081.455830][T21602] ? __pfx_register_netdevice+0x10/0x10 [ 1081.455867][T21602] ? __pfx_loopback_net_init+0x10/0x10 [ 1081.455903][T21602] register_netdev+0x34/0x50 [ 1081.455932][T21602] loopback_net_init+0x7a/0x170 [ 1081.455966][T21602] ? __pfx_loopback_net_init+0x10/0x10 [ 1081.456000][T21602] ops_init+0x1e2/0x5f0 [ 1081.456031][T21602] setup_net+0x118/0x3a0 [ 1081.456065][T21602] ? __pfx_setup_net+0x10/0x10 [ 1081.456093][T21602] ? lockdep_init_map_type+0x5c/0x250 [ 1081.456127][T21602] ? mutex_init_lockep+0x110/0x150 [ 1081.456164][T21602] copy_net_ns+0x46f/0x7c0 [ 1081.456199][T21602] create_new_namespaces+0x3ea/0xac0 [ 1081.456232][T21602] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1081.456261][T21602] ksys_unshare+0x473/0xad0 [ 1081.456293][T21602] ? __pfx_ksys_unshare+0x10/0x10 [ 1081.456334][T21602] __x64_sys_unshare+0x31/0x40 [ 1081.456364][T21602] do_syscall_64+0x106/0xf80 [ 1081.456392][T21602] ? clear_bhb_loop+0x40/0x90 [ 1081.456422][T21602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1081.456447][T21602] RIP: 0033:0x7f853a59c629 [ 1081.456468][T21602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1081.456492][T21602] RSP: 002b:00007f853b501028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1081.456517][T21602] RAX: ffffffffffffffda RBX: 00007f853a815fa0 RCX: 00007f853a59c629 [ 1081.456534][T21602] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1081.456550][T21602] RBP: 00007f853a632b39 R08: 0000000000000000 R09: 0000000000000000 [ 1081.456565][T21602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1081.456580][T21602] R13: 00007f853a816038 R14: 00007f853a815fa0 R15: 00007ffdb0c2ad68 [ 1081.456613][T21602] [ 1082.095658][T21609] netlink: 338 bytes leftover after parsing attributes in process `syz.2.5357'. [ 1082.750537][T21618] netlink: 'syz.3.5361': attribute type 1 has an invalid length. [ 1082.780958][T21618] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5361'. [ 1082.954462][T21609] team_slave_0: entered allmulticast mode [ 1083.522017][T21631] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5365'. [ 1083.644762][T21634] usb usb2: usbfs: process 21634 (syz.2.5365) did not claim interface 4 before use [ 1084.708312][T21658] : entered promiscuous mode [ 1086.998712][T21689] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5383'. [ 1087.117525][T21689] team0 (unregistering): Port device team_slave_0 removed [ 1087.166257][T21689] team0 (unregistering): Port device team_slave_1 removed [ 1087.473344][T21694] netlink: 18 bytes leftover after parsing attributes in process `syz.2.5385'. [ 1087.519002][T21698] ubi0: attaching mtd0 [ 1087.544430][T21698] ubi0: scanning is finished [ 1087.565332][T21698] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1087.582534][T21700] netlink: 266 bytes leftover after parsing attributes in process `syz.1.5387'. [ 1087.832923][T21698] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1089.390897][T21735] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5396'. [ 1089.457030][T21735] netlink: 13 bytes leftover after parsing attributes in process `syz.5.5396'. [ 1091.086335][T21755] netlink: 194 bytes leftover after parsing attributes in process `syz.5.5404'. [ 1091.281377][T21756] FAULT_INJECTION: forcing a failure. [ 1091.281377][T21756] name failslab, interval 1, probability 0, space 0, times 0 [ 1091.373655][T21756] CPU: 0 UID: 0 PID: 21756 Comm: syz.3.5403 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1091.373697][T21756] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1091.373707][T21756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1091.373723][T21756] Call Trace: [ 1091.373731][T21756] [ 1091.373741][T21756] dump_stack_lvl+0x100/0x190 [ 1091.373782][T21756] should_fail_ex.cold+0x5/0xa [ 1091.373811][T21756] should_failslab+0xc2/0x120 [ 1091.373835][T21756] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1091.373870][T21756] ? __kernfs_new_node+0xd2/0x960 [ 1091.373910][T21756] __kernfs_new_node+0xd2/0x960 [ 1091.373947][T21756] ? __pfx___kernfs_new_node+0x10/0x10 [ 1091.373987][T21756] ? find_held_lock+0x2b/0x80 [ 1091.374010][T21756] ? kernfs_root+0xee/0x2a0 [ 1091.374041][T21756] ? kernfs_root+0xee/0x2a0 [ 1091.374080][T21756] kernfs_new_node+0x11b/0x1a0 [ 1091.374121][T21756] __kernfs_create_file+0x53/0x350 [ 1091.374151][T21756] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1091.374190][T21756] internal_create_group+0x593/0xf40 [ 1091.374231][T21756] ? __pfx_internal_create_group+0x10/0x10 [ 1091.374282][T21756] ? kernfs_create_link+0x1bd/0x240 [ 1091.374313][T21756] internal_create_groups+0x9d/0x150 [ 1091.374350][T21756] device_add+0xf5b/0x1950 [ 1091.374392][T21756] ? __pfx_device_add+0x10/0x10 [ 1091.374431][T21756] ? lockdep_init_map_type+0x5c/0x250 [ 1091.374464][T21756] ? __init_waitqueue_head+0xca/0x150 [ 1091.374508][T21756] netdev_register_kobject+0x1a9/0x3d0 [ 1091.374545][T21756] register_netdevice+0x12e0/0x2210 [ 1091.374581][T21756] ? __pfx_register_netdevice+0x10/0x10 [ 1091.374618][T21756] ? __pfx_loopback_net_init+0x10/0x10 [ 1091.374654][T21756] register_netdev+0x34/0x50 [ 1091.374687][T21756] loopback_net_init+0x7a/0x170 [ 1091.374722][T21756] ? __pfx_loopback_net_init+0x10/0x10 [ 1091.374755][T21756] ops_init+0x1e2/0x5f0 [ 1091.374787][T21756] setup_net+0x118/0x3a0 [ 1091.374816][T21756] ? __pfx_setup_net+0x10/0x10 [ 1091.374843][T21756] ? lockdep_init_map_type+0x5c/0x250 [ 1091.374876][T21756] ? mutex_init_lockep+0x110/0x150 [ 1091.374913][T21756] copy_net_ns+0x46f/0x7c0 [ 1091.374948][T21756] create_new_namespaces+0x3ea/0xac0 [ 1091.374980][T21756] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1091.375009][T21756] ksys_unshare+0x473/0xad0 [ 1091.375042][T21756] ? __pfx_ksys_unshare+0x10/0x10 [ 1091.375083][T21756] __x64_sys_unshare+0x31/0x40 [ 1091.375113][T21756] do_syscall_64+0x106/0xf80 [ 1091.375139][T21756] ? clear_bhb_loop+0x40/0x90 [ 1091.375170][T21756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1091.375196][T21756] RIP: 0033:0x7fe99f79c629 [ 1091.375216][T21756] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1091.375241][T21756] RSP: 002b:00007fe9a0633028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1091.375269][T21756] RAX: ffffffffffffffda RBX: 00007fe99fa15fa0 RCX: 00007fe99f79c629 [ 1091.375286][T21756] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1091.375301][T21756] RBP: 00007fe99f832b39 R08: 0000000000000000 R09: 0000000000000000 [ 1091.375317][T21756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1091.375331][T21756] R13: 00007fe99fa16038 R14: 00007fe99fa15fa0 R15: 00007ffc36059978 [ 1091.375363][T21756] [ 1094.619777][T21798] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5418'. [ 1095.743482][T21815] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5424'. [ 1096.207106][T21826] raw_sendmsg: syz.5.5426 forgot to set AF_INET. Fix it! [ 1096.707424][T21831] : entered promiscuous mode [ 1097.388952][T21847] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5435'. [ 1098.794452][T21869] futex_wake_op: syz.2.5444 tries to shift op by -2048; fix this program [ 1098.828248][T21869] futex_wake_op: syz.2.5444 tries to shift op by -2048; fix this program [ 1098.883493][T21869] 0x000000000001-0x000000020000 : "" [ 1098.936052][T21869] ftl_cs: FTL header corrupt! [ 1099.955501][T21889] FAULT_INJECTION: forcing a failure. [ 1099.955501][T21889] name failslab, interval 1, probability 0, space 0, times 0 [ 1100.000688][T21889] CPU: 0 UID: 0 PID: 21889 Comm: syz.5.5452 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1100.000731][T21889] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1100.000742][T21889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1100.000757][T21889] Call Trace: [ 1100.000765][T21889] [ 1100.000775][T21889] dump_stack_lvl+0x100/0x190 [ 1100.000817][T21889] should_fail_ex.cold+0x5/0xa [ 1100.000845][T21889] should_failslab+0xc2/0x120 [ 1100.000870][T21889] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 1100.000907][T21889] ? __alloc_skb+0x140/0x710 [ 1100.000937][T21889] __alloc_skb+0x140/0x710 [ 1100.000960][T21889] ? __alloc_skb+0x5b7/0x710 [ 1100.000984][T21889] ? __pfx___alloc_skb+0x10/0x10 [ 1100.001017][T21889] alloc_skb_with_frags+0xe0/0x810 [ 1100.001056][T21889] sock_alloc_send_pskb+0x801/0x980 [ 1100.001099][T21889] ? find_held_lock+0x2b/0x80 [ 1100.001127][T21889] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1100.001168][T21889] ? ip6_output+0x2eb/0xa60 [ 1100.001204][T21889] ? __pfx_ip6_output+0x10/0x10 [ 1100.001244][T21889] __ip6_append_data+0x2c4c/0x4de0 [ 1100.001284][T21889] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 1100.001316][T21889] ? find_held_lock+0x2b/0x80 [ 1100.001351][T21889] ? __pfx___ip6_append_data+0x10/0x10 [ 1100.001385][T21889] ? __pfx_ip6_mtu+0x10/0x10 [ 1100.001411][T21889] ? ip6_setup_cork+0x5be/0x14c0 [ 1100.001447][T21889] ip6_make_skb+0x2a3/0x3b0 [ 1100.001485][T21889] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 1100.001515][T21889] ? __pfx_ip6_make_skb+0x10/0x10 [ 1100.001558][T21889] ? sk_dst_check+0x1de/0x550 [ 1100.001587][T21889] ? udpv6_sendmsg+0x2499/0x2f60 [ 1100.001609][T21889] udpv6_sendmsg+0x2499/0x2f60 [ 1100.001636][T21889] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 1100.001677][T21889] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 1100.001706][T21889] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 1100.001759][T21889] ? __pfx___might_resched+0x10/0x10 [ 1100.001813][T21889] ? __import_iovec+0x1d2/0x640 [ 1100.001854][T21889] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 1100.001880][T21889] ? inet6_sendmsg+0x105/0x140 [ 1100.001904][T21889] inet6_sendmsg+0x105/0x140 [ 1100.001931][T21889] ____sys_sendmsg+0x704/0xc30 [ 1100.001968][T21889] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1100.002007][T21889] ? rcu_is_watching+0x12/0xc0 [ 1100.002043][T21889] ? ___sys_sendmsg+0x19d/0x1e0 [ 1100.002077][T21889] ? kfree+0x2ec/0x6b0 [ 1100.002111][T21889] ___sys_sendmsg+0x190/0x1e0 [ 1100.002149][T21889] ? __pfx____sys_sendmsg+0x10/0x10 [ 1100.002211][T21889] ? __pfx___might_resched+0x10/0x10 [ 1100.002252][T21889] __sys_sendmmsg+0x205/0x430 [ 1100.002283][T21889] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1100.002310][T21889] ? __local_bh_enable_ip+0x9e/0x120 [ 1100.002349][T21889] ? __pfx_do_futex+0x10/0x10 [ 1100.002395][T21889] ? xfd_validate_state+0x129/0x190 [ 1100.002438][T21889] __x64_sys_sendmmsg+0x9c/0x100 [ 1100.002465][T21889] ? lockdep_hardirqs_on+0x78/0x100 [ 1100.002492][T21889] do_syscall_64+0x106/0xf80 [ 1100.002519][T21889] ? clear_bhb_loop+0x40/0x90 [ 1100.002548][T21889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1100.002574][T21889] RIP: 0033:0x7f853a59c629 [ 1100.002594][T21889] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1100.002619][T21889] RSP: 002b:00007f853b501028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1100.002642][T21889] RAX: ffffffffffffffda RBX: 00007f853a815fa0 RCX: 00007f853a59c629 [ 1100.002659][T21889] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1100.002675][T21889] RBP: 00007f853a632b39 R08: 0000000000000000 R09: 0000000000000000 [ 1100.002691][T21889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1100.002706][T21889] R13: 00007f853a816038 R14: 00007f853a815fa0 R15: 00007ffdb0c2ad68 [ 1100.002737][T21889] [ 1101.307792][T21900] FAULT_INJECTION: forcing a failure. [ 1101.307792][T21900] name failslab, interval 1, probability 0, space 0, times 0 [ 1101.352710][T21900] CPU: 0 UID: 0 PID: 21900 Comm: syz.5.5457 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1101.352752][T21900] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1101.352762][T21900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1101.352777][T21900] Call Trace: [ 1101.352797][T21900] [ 1101.352807][T21900] dump_stack_lvl+0x100/0x190 [ 1101.352848][T21900] should_fail_ex.cold+0x5/0xa [ 1101.352876][T21900] should_failslab+0xc2/0x120 [ 1101.352899][T21900] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1101.352928][T21900] ? netdev_init+0x151/0x3c0 [ 1101.352966][T21900] netdev_init+0x151/0x3c0 [ 1101.353000][T21900] ? __pfx_netdev_init+0x10/0x10 [ 1101.353032][T21900] ops_init+0x1e2/0x5f0 [ 1101.353063][T21900] setup_net+0x118/0x3a0 [ 1101.353091][T21900] ? __pfx_setup_net+0x10/0x10 [ 1101.353118][T21900] ? lockdep_init_map_type+0x5c/0x250 [ 1101.353150][T21900] ? mutex_init_lockep+0x110/0x150 [ 1101.353186][T21900] copy_net_ns+0x46f/0x7c0 [ 1101.353219][T21900] create_new_namespaces+0x3ea/0xac0 [ 1101.353259][T21900] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1101.353287][T21900] ksys_unshare+0x473/0xad0 [ 1101.353317][T21900] ? __pfx_ksys_unshare+0x10/0x10 [ 1101.353358][T21900] __x64_sys_unshare+0x31/0x40 [ 1101.353387][T21900] do_syscall_64+0x106/0xf80 [ 1101.353413][T21900] ? clear_bhb_loop+0x40/0x90 [ 1101.353442][T21900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1101.353465][T21900] RIP: 0033:0x7f853a59c629 [ 1101.353485][T21900] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1101.353508][T21900] RSP: 002b:00007f853b501028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1101.353531][T21900] RAX: ffffffffffffffda RBX: 00007f853a815fa0 RCX: 00007f853a59c629 [ 1101.353547][T21900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1101.353561][T21900] RBP: 00007f853a632b39 R08: 0000000000000000 R09: 0000000000000000 [ 1101.353576][T21900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1101.353591][T21900] R13: 00007f853a816038 R14: 00007f853a815fa0 R15: 00007ffdb0c2ad68 [ 1101.353621][T21900] [ 1105.829406][T21955] FAULT_INJECTION: forcing a failure. [ 1105.829406][T21955] name failslab, interval 1, probability 0, space 0, times 0 [ 1105.889709][T21955] CPU: 0 UID: 0 PID: 21955 Comm: syz.2.5471 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1105.889750][T21955] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1105.889759][T21955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1105.889773][T21955] Call Trace: [ 1105.889781][T21955] [ 1105.889791][T21955] dump_stack_lvl+0x100/0x190 [ 1105.889843][T21955] should_fail_ex.cold+0x5/0xa [ 1105.889871][T21955] should_failslab+0xc2/0x120 [ 1105.889895][T21955] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1105.889929][T21955] ? security_file_alloc+0x34/0x2c0 [ 1105.889968][T21955] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1105.889996][T21955] security_file_alloc+0x34/0x2c0 [ 1105.890035][T21955] init_file+0x95/0x480 [ 1105.890062][T21955] alloc_empty_file+0x73/0x1c0 [ 1105.890090][T21955] dentry_open+0x46/0xd0 [ 1105.890118][T21955] ima_calc_file_hash+0x2ad/0x480 [ 1105.890154][T21955] ima_collect_measurement+0x887/0xa40 [ 1105.890197][T21955] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1105.890233][T21955] ? lock_acquire+0x1cf/0x380 [ 1105.890296][T21955] ? process_measurement+0x5ab/0x2350 [ 1105.890328][T21955] ? is_bad_inode+0xd/0x40 [ 1105.890362][T21955] ? xattr_resolve_name+0x27d/0x3f0 [ 1105.890404][T21955] ? vfs_getxattr_alloc+0xec/0x350 [ 1105.890450][T21955] ? ima_get_hash_algo+0x22d/0x400 [ 1105.890478][T21955] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1105.890513][T21955] ? process_measurement+0xdfe/0x2350 [ 1105.890543][T21955] process_measurement+0xdfe/0x2350 [ 1105.890584][T21955] ? __pfx_process_measurement+0x10/0x10 [ 1105.890652][T21955] ? mutex_init_lockep+0x110/0x150 [ 1105.890686][T21955] ? seq_open+0x116/0x170 [ 1105.890716][T21955] ? inode_to_bdi+0x9e/0x160 [ 1105.890757][T21955] ima_file_check+0xcc/0x120 [ 1105.890789][T21955] ? __pfx_ima_file_check+0x10/0x10 [ 1105.890949][T21955] security_file_post_open+0xc4/0x210 [ 1105.890999][T21955] path_openat+0x1418/0x31a0 [ 1105.891034][T21955] ? __pfx_path_openat+0x10/0x10 [ 1105.891085][T21955] do_file_open+0x20e/0x430 [ 1105.891111][T21955] ? __pfx_do_file_open+0x10/0x10 [ 1105.891156][T21955] ? alloc_fd+0x476/0x790 [ 1105.891199][T21955] ? do_getname+0x191/0x390 [ 1105.891231][T21955] do_sys_openat2+0x10d/0x1e0 [ 1105.891262][T21955] ? __pfx_do_sys_openat2+0x10/0x10 [ 1105.891303][T21955] __x64_sys_openat+0x12d/0x210 [ 1105.891335][T21955] ? __pfx___x64_sys_openat+0x10/0x10 [ 1105.891377][T21955] do_syscall_64+0x106/0xf80 [ 1105.891404][T21955] ? clear_bhb_loop+0x40/0x90 [ 1105.891436][T21955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1105.891462][T21955] RIP: 0033:0x7f96b319c629 [ 1105.891483][T21955] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1105.891508][T21955] RSP: 002b:00007f96b404a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1105.891532][T21955] RAX: ffffffffffffffda RBX: 00007f96b3415fa0 RCX: 00007f96b319c629 [ 1105.891549][T21955] RDX: 0000000000020803 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1105.891566][T21955] RBP: 00007f96b3232b39 R08: 0000000000000000 R09: 0000000000000000 [ 1105.891582][T21955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1105.891597][T21955] R13: 00007f96b3416038 R14: 00007f96b3415fa0 R15: 00007ffd9b5a6638 [ 1105.891629][T21955] [ 1105.891868][ T30] audit: type=1800 audit(1772070109.620:14): pid=21955 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5471" name="set_event_notrace_pid" dev="tracefs" ino=16 res=0 errno=0 [ 1107.923837][T21977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1107.965505][T21977] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1112.873822][T22049] mkiss: ax0: crc mode is auto. [ 1114.358623][T22052] netlink: 186 bytes leftover after parsing attributes in process `syz.5.5504'. [ 1116.136352][T22092] netlink: 86 bytes leftover after parsing attributes in process `syz.3.5517'. [ 1116.588845][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.595585][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1117.248578][ T30] audit: type=1804 audit(1772070120.974:15): pid=22099 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5518" name="file0" dev="tmpfs" ino=6612 res=1 errno=0 [ 1117.376721][ T30] audit: type=1804 audit(1772070121.084:16): pid=22105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.5518" name="file0" dev="tmpfs" ino=6612 res=1 errno=0 [ 1125.235507][T22228] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5554'. [ 1126.152317][T22236] netlink: 50 bytes leftover after parsing attributes in process `syz.3.5557'. [ 1128.219077][ T30] audit: type=1804 audit(1772070131.929:17): pid=22268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.5568" name="/newroot/1336/file0" dev="tmpfs" ino=6861 res=1 errno=0 [ 1128.329535][ T30] audit: type=1804 audit(1772070131.999:18): pid=22275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.5568" name="/newroot/1336/file0" dev="tmpfs" ino=6861 res=1 errno=0 [ 1129.130846][T22292] sp0: Synchronizing with TNC [ 1129.228121][T22294] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5572'. [ 1129.346320][T22298] netlink: 294 bytes leftover after parsing attributes in process `syz.3.5572'. [ 1130.084292][T22311] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5580'. [ 1130.958605][ T30] audit: type=1804 audit(1772070134.677:19): pid=22318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.5582" name="/newroot/77/file0" dev="tmpfs" ino=426 res=1 errno=0 [ 1130.981516][T22324] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5584'. [ 1131.060444][T22324] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5584'. [ 1131.091467][ T30] audit: type=1804 audit(1772070134.757:20): pid=22322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.5582" name="/newroot/77/file0" dev="tmpfs" ino=426 res=1 errno=0 [ 1131.183089][T22330] mkiss: ax0: crc mode is auto. [ 1131.883849][T22348] netlink: 50 bytes leftover after parsing attributes in process `syz.1.5593'. [ 1132.905331][T22373] lo: entered allmulticast mode [ 1132.926145][T22373] lo: left allmulticast mode [ 1133.303319][T22374] zswap: compressor not available [ 1133.334231][T22373] Setting dangerous option i915.mitigations - tainting kernel [ 1133.383944][T22378] Setting dangerous option i915.mitigations - tainting kernel [ 1133.981972][T22397] netlink: 'syz.3.5609': attribute type 27 has an invalid length. [ 1134.010087][T22397] netlink: 146 bytes leftover after parsing attributes in process `syz.3.5609'. [ 1134.639975][T22413] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5616'. [ 1134.688271][T22413] netlink: 25 bytes leftover after parsing attributes in process `syz.5.5616'. [ 1137.721493][T22459] sp0: Synchronizing with TNC [ 1137.774465][T22462] sp0: Found TNC [ 1137.985218][T22468] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5631'. [ 1139.198595][T22488] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0 [ 1139.551894][T22491] vivid-007: ================= START STATUS ================= [ 1139.595235][T22491] vivid-007: Generate PTS: true [ 1139.622233][T22491] vivid-007: Generate SCR: true [ 1139.642886][T22491] tpg source WxH: 320x240 (Y'CbCr) [ 1139.674682][T22491] tpg field: 1 [ 1139.692381][T22491] tpg crop: (0,0)/320x240 [ 1139.720402][T22491] tpg compose: (0,0)/320x240 [ 1139.754163][T22491] tpg colorspace: 8 [ 1139.784945][T22491] tpg transfer function: 0/0 [ 1139.805323][T22491] tpg Y'CbCr encoding: 0/0 [ 1139.829137][T22491] tpg quantization: 0/0 [ 1139.843566][T22491] tpg RGB range: 0/2 [ 1139.858484][T22491] vivid-007: ================== END STATUS ================== [ 1140.176891][T22506] netlink: 'syz.3.5645': attribute type 15 has an invalid length. [ 1140.225566][T22506] netlink: 'syz.3.5645': attribute type 16 has an invalid length. [ 1140.233442][T22506] netlink: 194 bytes leftover after parsing attributes in process `syz.3.5645'. [ 1140.656478][T22516] vivid-007: ================= START STATUS ================= [ 1140.656516][T22516] vivid-007: Enable Output Cropping: true grabbed [ 1140.656575][T22516] vivid-007: Enable Output Composing: true grabbed [ 1140.656604][T22516] vivid-007: Enable Output Scaler: true grabbed [ 1140.656633][T22516] vivid-007: Tx RGB Quantization Range: Automatic grabbed [ 1140.656684][T22516] vivid-007: Transmit Mode: HDMI grabbed [ 1140.656728][T22516] vivid-007: Hotplug Present: 0x00000000 [ 1140.656753][T22516] vivid-007: RxSense Present: 0x00000000 [ 1140.656777][T22516] vivid-007: EDID Present: 0x00000000 [ 1140.656801][T22516] vivid-007: ================== END STATUS ================== [ 1141.754711][T22530] [ 1141.754724][T22530] ====================================================== [ 1141.754733][T22530] WARNING: possible circular locking dependency detected SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1141.754747][T22530] syzkaller #0 Tainted: G U L [ 1141.754761][T22530] ------------------------------------------------------ [ 1141.754770][T22530] syz.2.5652/22530 is trying to acquire lock: [ 1141.754783][T22530] ffff888026c96e68 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0 [ 1141.754854][T22530] [ 1141.754854][T22530] but task is already holding lock: [ 1141.754861][T22530] ffff888036c68260 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 1141.754928][T22530] [ 1141.754928][T22530] which lock already depends on the new lock. [ 1141.754928][T22530] [ 1141.754936][T22530] [ 1141.754936][T22530] the existing dependency chain (in reverse order) is: [ 1141.754945][T22530] [ 1141.754945][T22530] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}: [ 1141.754981][T22530] lock_sock_nested+0x41/0xf0 [ 1141.755005][T22530] smc_listen_out+0x1f5/0x4b0 [ 1141.755040][T22530] smc_listen_work+0x4c2/0x50e0 [ 1141.755058][T22530] process_one_work+0x9d7/0x1920 [ 1141.755088][T22530] worker_thread+0x5da/0xe40 [ 1141.755118][T22530] kthread+0x370/0x450 [ 1141.755145][T22530] ret_from_fork+0x754/0xd80 [ 1141.755177][T22530] ret_from_fork_asm+0x1a/0x30 [ 1141.755200][T22530] [ 1141.755200][T22530] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}: [ 1141.755233][T22530] __lock_acquire+0x14b8/0x2630 [ 1141.755260][T22530] lock_acquire+0x1cf/0x380 [ 1141.755285][T22530] __flush_work+0x4de/0xcb0 [ 1141.755316][T22530] cancel_work_sync+0xd1/0xf0 [ 1141.755340][T22530] smc_clcsock_release+0x5f/0xe0 [ 1141.755391][T22530] __smc_release+0x5c2/0x880 [ 1141.755424][T22530] smc_close_non_accepted+0xda/0x200 [ 1141.755460][T22530] smc_close_active+0x4ff/0x1070 [ 1141.755480][T22530] __smc_release+0x634/0x880 [ 1141.755524][T22530] smc_release+0x1fc/0x620 [ 1141.755572][T22530] __sock_release+0xb3/0x260 [ 1141.755595][T22530] sock_close+0x1c/0x30 [ 1141.755617][T22530] __fput+0x3ff/0xb40 [ 1141.755639][T22530] task_work_run+0x150/0x240 [ 1141.755666][T22530] exit_to_user_mode_loop+0x100/0x4a0 [ 1141.755693][T22530] do_syscall_64+0x668/0xf80 [ 1141.755715][T22530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1141.755736][T22530] [ 1141.755736][T22530] other info that might help us debug this: [ 1141.755736][T22530] [ 1141.755743][T22530] Possible unsafe locking scenario: [ 1141.755743][T22530] [ 1141.755750][T22530] CPU0 CPU1 [ 1141.755756][T22530] ---- ---- [ 1141.755763][T22530] lock(sk_lock-AF_SMC/1); [ 1141.755783][T22530] lock((work_completion)(&new_smc->smc_listen_work)); [ 1141.755801][T22530] lock(sk_lock-AF_SMC/1); [ 1141.755822][T22530] lock((work_completion)(&new_smc->smc_listen_work)); [ 1141.755838][T22530] [ 1141.755838][T22530] *** DEADLOCK *** [ 1141.755838][T22530] [ 1141.755844][T22530] 3 locks held by syz.2.5652/22530: [ 1141.755857][T22530] #0: ffff888049734708 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 1141.755915][T22530] #1: ffff888036c68260 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 1141.755979][T22530] #2: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0 [ 1141.756037][T22530] [ 1141.756037][T22530] stack backtrace: [ 1141.756050][T22530] CPU: 0 UID: 0 PID: 22530 Comm: syz.2.5652 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1141.756081][T22530] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1141.756089][T22530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1141.756102][T22530] Call Trace: [ 1141.756109][T22530] [ 1141.756117][T22530] dump_stack_lvl+0x100/0x190 [ 1141.756147][T22530] print_circular_bug.cold+0x178/0x1c7 [ 1141.756181][T22530] check_noncircular+0x146/0x160 [ 1141.756208][T22530] __lock_acquire+0x14b8/0x2630 [ 1141.756238][T22530] lock_acquire+0x1cf/0x380 [ 1141.756262][T22530] ? __flush_work+0x4ca/0xcb0 [ 1141.756293][T22530] ? mark_held_locks+0x40/0x70 [ 1141.756317][T22530] ? __flush_work+0x4ca/0xcb0 [ 1141.756347][T22530] __flush_work+0x4de/0xcb0 [ 1141.756375][T22530] ? __flush_work+0x4ca/0xcb0 [ 1141.756407][T22530] ? __pfx___flush_work+0x10/0x10 [ 1141.756437][T22530] ? __pfx_wq_barrier_func+0x10/0x10 [ 1141.756464][T22530] ? __pfx___might_resched+0x10/0x10 [ 1141.756495][T22530] cancel_work_sync+0xd1/0xf0 [ 1141.756515][T22530] smc_clcsock_release+0x5f/0xe0 [ 1141.756548][T22530] __smc_release+0x5c2/0x880 [ 1141.756584][T22530] ? __pfx_sock_def_readable+0x10/0x10 [ 1141.756604][T22530] smc_close_non_accepted+0xda/0x200 [ 1141.756638][T22530] smc_close_active+0x4ff/0x1070 [ 1141.756658][T22530] __smc_release+0x634/0x880 [ 1141.756690][T22530] smc_release+0x1fc/0x620 [ 1141.756721][T22530] __sock_release+0xb3/0x260 [ 1141.756744][T22530] ? __pfx_sock_close+0x10/0x10 [ 1141.756767][T22530] sock_close+0x1c/0x30 [ 1141.756789][T22530] __fput+0x3ff/0xb40 [ 1141.756813][T22530] task_work_run+0x150/0x240 [ 1141.756842][T22530] ? __pfx_task_work_run+0x10/0x10 [ 1141.756874][T22530] exit_to_user_mode_loop+0x100/0x4a0 [ 1141.756901][T22530] do_syscall_64+0x668/0xf80 [ 1141.756922][T22530] ? clear_bhb_loop+0x40/0x90 [ 1141.756945][T22530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1141.756966][T22530] RIP: 0033:0x7f96b319c629 [ 1141.756982][T22530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1141.757002][T22530] RSP: 002b:00007ffd9b5a6798 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1141.757022][T22530] RAX: 0000000000000000 RBX: 00007f96b3417da0 RCX: 00007f96b319c629 [ 1141.757037][T22530] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 1141.757051][T22530] RBP: 00007f96b3417da0 R08: 00007f96b3416128 R09: 0000000000000000 [ 1141.757065][T22530] R10: 00000000003eb818 R11: 0000000000000246 R12: 0000000000116c55 [ 1141.757079][T22530] R13: 00007f96b341609c R14: 0000000000116a2c R15: 00007ffd9b5a68a0 [ 1141.757100][T22530] [ 1142.571166][ T7520] caif:caif_disconnect_client(): nothing to disconnect [ 1143.722497][ T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1143.772405][ T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1143.822471][ T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1143.865941][ T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1143.984557][ T12] bridge_slave_1: left allmulticast mode [ 1143.984581][ T12] bridge_slave_1: left promiscuous mode [ 1143.984700][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1143.985834][ T12] bridge_slave_0: left allmulticast mode [ 1143.985853][ T12] bridge_slave_0: left promiscuous mode [ 1143.985951][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1144.153908][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1144.155154][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1144.155954][ T12] bond0 (unregistering): Released all slaves [ 1144.184282][ T12] : left promiscuous mode [ 1144.311152][ T12] hsr_slave_0: left promiscuous mode [ 1144.311507][ T12] hsr_slave_1: left promiscuous mode [ 1144.311850][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1144.311869][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1144.318449][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1144.318468][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1144.338800][ T12] veth1_macvtap: left promiscuous mode [ 1144.338828][ T12] veth0_macvtap: left promiscuous mode [ 1144.338878][ T12] veth1_vlan: left promiscuous mode [ 1144.338917][ T12] veth0_vlan: left promiscuous mode [ 1144.631500][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1144.649746][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1145.365618][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1145.428565][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1145.492928][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1145.582515][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1145.738341][ T12] bridge_slave_1: left allmulticast mode [ 1145.744029][ T12] bridge_slave_1: left promiscuous mode [ 1145.778380][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1145.800908][ T12] bridge_slave_0: left allmulticast mode [ 1145.806577][ T12] bridge_slave_0: left promiscuous mode [ 1145.838395][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1146.062080][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1146.096393][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1146.125911][ T12] bond0 (unregistering): Released all slaves [ 1146.280908][ T12] hsr_slave_0: left promiscuous mode [ 1146.299246][ T12] hsr_slave_1: left promiscuous mode [ 1146.304929][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1146.322933][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1146.341817][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1146.359165][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1146.380973][ T12] veth0_vlan: left promiscuous mode [ 1146.425756][ T12] pim6reg (unregistering): left allmulticast mode