last executing test programs: 4.134748508s ago: executing program 3 (id=932): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0xc8140, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xa) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x15c, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4, 0x1e}, @HWSIM_ATTR_MULTI_RADIO={0x4}, @HWSIM_ATTR_ADDR_TRANSMITTER={0x1b, 0x2, "d5ee63aea75a9d66346ce6fe2d5358bacb69eb3339afc4"}, @HWSIM_ATTR_PMSR_RESULT={0x124, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x120, 0x5, 0x0, 0x1, [{0x118, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xac, 0x1, "28e38e4c630e07759c5ce434a620566c1bc45cbc1143219f2a5666d7a88181015d76521283bdf4b956c64ade1d6524cdbadf571d3e18f821548f2d97c4916c91acac1f21e130391e465ed29b079802838a4f2276f1ab33acbe7ca5cfdadba6ba07cf47f5dca3fae4a035da2ba3e575d03095a9f5484f3eeffc275464868acfe4dca1984f3cd7d5f1ecbed6ca9861aadfb812993ef7c9014690aaa06a99f07b1d83c1795353c604c6"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x67, 0x1, "5ac908e428d1dbf742f7d5a658c554e6b7095c98c41087f57de389de219d6ad92b8bfbb06d42b633d6780464550a1f04124f42a12f94d4eda4da737666ad3586609b23ea2f4a3d3f6147185bf51d410a98f124d3f056216ec43f338c1867a46e44f868"}]}, {0x4}]}]}]}, 0x15c}, 0x1, 0x0, 0x0, 0x8000}, 0x4880) r2 = socket(0x10, 0x2, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000100)={{0x0, 0x3, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000002, 0x6}, 0x9}, 0x7, 0x6, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = prctl$auto(0x13e, 0x1, 0x0, 0x4, 0x0) r6 = syz_genetlink_get_family_id$auto_seg6(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r6, 0x100, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4004800}, 0x40001) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000280)='/dev/usbmon37\x00', 0x587001, 0x0) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/net/rt6_stats\x00', 0x0, 0x0) pread64$auto(r7, 0x0, 0x8, 0x7fff) sendmsg$auto_SEG6_CMD_GET_TUNSRC(r4, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2040}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x180, r6, 0x2, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @multicast2}}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1}, @SEG6_ATTR_SECRET={0x51, 0x4, "286649af5313757eb69170777623aa08511ebb89668b8e44686206d9ac7ff7c1a90b79d07a3cf28dd10ce7b888fdda0640975a0c015d5768876e66033fe6d9ade661b088eefe5e0ca31772ff0e"}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x3}, @SEG6_ATTR_SECRET={0xec, 0x4, "efe6ee342e23113d9e71821cbb08e5e8cd546d90ebdf8f5dfd0d1ea772e8c9ebcc8bab19895f98d0c5684fa364fba3172fc90b81d8b8bc7cec8ab39e0b58a83fee1cd66225818480b4667afea12be4c8ef58eb12fc12e97e13b17ffc24125a91b11bc258e7b494c6a5ed83ee383fe124fab150f55733aedad6c36ac9654448d6921517dd7851d978ce0461f6326c2b8529e1edaf07dafaa7daa708e73939d74c2abe94a299ebb0330a8ee5028eaf5e3143868c02c7a5571aed6b44458a9a3db75557d48b928a94697c286de601323e964d43aec6462a9cc5f7424c3701ca7a5d41c7d730e83df846"}]}, 0x180}, 0x1, 0x0, 0x0, 0x10}, 0x8040) 3.4691997s ago: executing program 2 (id=936): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000000340)={0xffffffffffffffff, &(0x7f0000000040)="0759d43a22c7d5d9d6f4258d1b5927f8b7a8f4d1d2de61ffec1eaa2965d33b8e84bf146753ddf225915697336f653dcd38fa97403ce595b9be9cd71f3fc5558c8514eddd9374150da7e065fc3db2406a0dd18d488300937196bb477a64189235c960061315c6ce874353f0b2f07fa538a2a334bd54054adb6f5d696c5237f2301535fa54931255161d6f2c89f611", 0xf9a6, &(0x7f0000000100)="0d128c8f30eff699a854b3aae54a81ae305fe3b873e1bf19fac8e9768becf3e926b10979aa0ca308", 0xffff, &(0x7f0000000200)="3350e5ba35367bf13b0a2b2eae5f8e6a005b1680f231b2ae9ae4fcc9cd38decaf8a5b3f5a396055a9494c520e442872b71bfa5d94d20169daa71ccb670ec061874b39d29726a24c918a9dc971094dacdd3abaaf97ebab2b69a788e4c78308db4138fef4d4015391540cba2858ca8edf5027fdfaa709c5d237aeeef6631715667d4304cd0f42b02792b6080720ee172b88239d7133846d868da16", &(0x7f0000000300)=0xfffffff6}) close_range$auto(0x2, r0, 0x0) (async) io_uring_setup$auto(0x6, 0x0) (async) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) io_uring_setup$auto(0xa9, 0x0) timer_create$auto(0x2, 0x0, 0x0) r1 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f00000002c0), 0x20001, 0x0) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x60482, 0x0) ioctl$auto_KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000000)={0xc}) (async) writev$auto(r1, &(0x7f0000001c80)={0x0, 0x7}, 0x6) 3.371244644s ago: executing program 1 (id=937): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) sendfile$auto(0x3, r0, 0x0, 0xfdef) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC0\x00', 0x880, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f00000004c0)={{@raw=0x1, 0x5, 0x3, 0xffffffff, "76f006e37ceb76bfbde3245bee4c6625cb0662ccc64e124db4fedbdd228b9ced12ac206f688d4858a0b558db"}, 0x1, @integer=@value=[0x2, 0x7, 0x9, 0x4, 0xffffffff, 0x2, 0x7, 0xf52d, 0x8, 0x77, 0x4, 0x1c2, 0x1, 0x1, 0x9, 0x3, 0x8, 0xfffbfffffffffffd, 0x6, 0x1, 0x1840, 0x1, 0x40, 0x5, 0x9, 0x3ff, 0x4, 0x2, 0x3ff, 0x9, 0x101, 0x6, 0x3, 0x0, 0x1, 0x5, 0x800000000002, 0x7, 0xe, 0xffffffffffffffff, 0x1000, 0x81, 0x80000000, 0x0, 0x81, 0xfe, 0x100, 0x4000, 0x10000, 0x1, 0x100, 0xec00000, 0x185d, 0xe, 0x10000, 0x2, 0x1, 0x6, 0x0, 0x6, 0xfffffffffffffffa, 0x6, 0x7, 0x7ff, 0x5, 0x7, 0x7, 0x5, 0x27d64140, 0x1ff, 0xffffffffffffffff, 0x4, 0x7, 0x3, 0x1ff, 0x81, 0x5, 0x2, 0xfffffffffffff800, 0x9, 0x2, 0x208, 0x547, 0x7, 0x100000000, 0x2, 0x6, 0x7fffffff, 0x5, 0x400, 0x1fd, 0x8000, 0x80, 0x0, 0xf46, 0x2, 0xfffffffffffffff9, 0x8000000000000000, 0x35, 0x5, 0x8, 0x8, 0x2, 0x9, 0xfffffffffffffff9, 0x0, 0x0, 0x7, 0xe4, 0x8000000000000, 0x5, 0x9, 0x7ffffffffffffffc, 0x4, 0x0, 0xfffffdffffffffff, 0x7, 0xfffffffffffffffd, 0x6, 0x0, 0x5, 0x4, 0x40000000000000c0, 0x1400, 0x2000800, 0x6, 0x571a, 0x3], "6b54dd2e739e95a6f217b84988b4581576aaed11b340e4707992930f9a930325903b0e132daa477100a1107a85f3303896b5ec1e61dfb9c0e2698c93ebcd3e1508428d544319376037341d65bb6fb47a002356928a53d1534d8b947cbfcbfba7c7c74e86dc40dc6bca83c523e1e38c31cabf433dd0e3bc1b1b3128e5cf49b23f"}) recvmmsg$auto(r0, &(0x7f0000000240)={{&(0x7f0000000040)="066e8177daa2bf035744458a3b5761d134bc99c93cf192642f26f6b71c555dd593a748630581d6c34302409c3f6bc73dbbbaa0b7c16a27e77ea33441348ef00271566e1779b1754635061d99ff8f0f9e884128923338619b525cf13f84f31227f83ed9e3fa43d24959f12b344248d2d6d2a269aacb27c800bc76084f844755f59e7657cf2a3fa8a3106ba40975cfb9c06d9e8a955c76d212c9c15d33fb04ebbdeb4951ab4e7bfaa22d27db0d7292fd1c", 0xffff, 0x0, 0x3, &(0x7f0000000200)="579cbb2a16f836ba623daf2247c9de79493c008aa608502769763dbff3865ff8cc168ff1", 0x9, 0x3}, 0xb}, 0x6b, 0x0, &(0x7f0000000280)={0x0, 0x9}) 3.121938439s ago: executing program 3 (id=939): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[], 0x14}}, 0x24004814) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) 3.042407743s ago: executing program 1 (id=940): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[], 0x14}}, 0x24004814) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) 2.962662012s ago: executing program 2 (id=941): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/software/type\x00', 0x8000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000240)=""/157, 0x9d) r1 = socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f80, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x40a0ae49, r1) 2.591194443s ago: executing program 0 (id=942): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/bdi/43:160/strict_limit\x00', 0x103a42, 0x0) sendfile$auto(r1, r1, 0x0, 0x9) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x181881, 0x0) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty48\x00', 0x40000, 0x0) prctl$auto(0x35, 0x0, 0x8, 0x0, 0x0) ioctl$auto_TIOCSWINSZ2(r3, 0x5414, &(0x7f0000000080)) read$auto(r0, 0x0, 0x9a28) ioctl$auto_FIDEDUPERANGE(r0, 0xc0189436, 0x9) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/stack\x00', 0x2400, 0x0) read$auto_proc_single_file_operations_base(r4, &(0x7f0000000200)=""/225, 0xe1) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff) clock_gettime$auto(0x10, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) 2.549953165s ago: executing program 3 (id=943): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRESDEC], 0x14}}, 0x24004814) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.548466919s ago: executing program 2 (id=944): mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x2, 0x1) sendto$auto(0x3, 0x0, 0xffce, 0xe, &(0x7f0000000100)=@nfc={0x27, 0x0, 0x1, 0x4}, 0x19) r0 = io_uring_setup$auto(0x999, 0x0) ustat$auto(0x801, 0x0) close_range$auto(r0, 0x8, 0xfffffffe) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon31\x00', 0x24100, 0x0) open(0x0, 0x223c0, 0x40) r1 = socket(0x2, 0x2, 0x0) socket(0x2, 0x1, 0x0) move_pages$auto(0x0, 0x5, &(0x7f0000000380)=0x0, &(0x7f00000003c0)=0x3, 0x0, 0x2) write$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYBLOB='i\x00Q'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) open(0x0, 0x22240, 0x1a2) r3 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000001040)="5fd156e3b9a18f7848e1bff1429f05b7f2ddc0187cf6242e616f26e995907643b7505f9860a7db5cd0934ca88f1e51b585ffcae1782232d75ff671a36c39c2279c7a3a6c4aa6ea72632622d2cff189031809e3ddea7006d35fb33bf77c9d3b339838bf57151ecfcce949d6a09e33b8a196ee9bfa3211170a0a86c3c2553eff71d5c38aa60d89c5a67b559474e0de8a20b282ac032eccd15f54324ae48f2381", 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x209, 0x20000000) fcntl$auto_F_SETPIPE_SZ(r3, 0x407, 0x8) accept$auto(r0, 0x0, 0x0) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/if_inet6\x00', 0x181800, 0x0) 2.303627599s ago: executing program 1 (id=945): ioctl$auto(0xffffffffffffffff, 0x5521, 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd0\x00', 0x24000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto_SO_REUSEPORT(r0, 0x1, 0xf, &(0x7f0000000780)='\x00', 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r1, 0x5646, r1) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000280)=""/40, 0x28) ioctl$auto(r1, 0x2400000, 0xffffffffffffffff) futex$auto(0x0, 0x4f549, 0xc, 0x0, 0x0, 0x404) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x4, 0x4020009, 0xdf, 0x14, 0xffffffffffffffff, 0x4) mincore$auto(0x1000, 0x4003f00, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_MAC802154_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x6c, r2, 0x200, 0x70bd27, 0x25dfdbff, {}, [@MAC802154_HWSIM_ATTR_RADIO_EDGES={0x56, 0x3, 0x0, 0x1, [@generic="ff0e5910338c0a4428a1bf03de874dc0c6c2995e98b581be527b4ab6f3ead46ab416d0d9ac8ebe88bd2117ea4cc8127b4cad495463cb255cdb886df0ed56a300714e7d83dc75", @typed={0x4, 0xf0}, @typed={0x8, 0xc1, 0x0, 0x0, @u32=0x4}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x6b08101e0167e3e3}, 0x20000000) 2.086600704s ago: executing program 2 (id=946): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty51\x00', 0x80, 0x0) read$auto(r0, 0x0, 0x6) (fail_nth: 1) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 1.974330464s ago: executing program 1 (id=947): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ttyS2\x00', 0x2000, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000300)="dd") r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/clear_refs\x00', 0x0, 0x0) (async) r2 = clone$auto(0x9f2, 0xffffffffffffff55, &(0x7f0000000200)=0x3, &(0x7f0000000240)=0x9, 0x9) fcntl$auto(r1, 0x7, r2) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) select$auto(0x7, &(0x7f0000000080)={[0x400020000008, 0xfffffffffffffffd, 0x7, 0x3, 0xc, 0x6, 0x3, 0x1ffe000, 0xcad, 0x2, 0x9, 0xf, 0xa657, 0x203, 0xd3, 0x1]}, 0x0, 0x0, 0x0) (async) r3 = socket(0x11, 0x3, 0x9) (async) capset$auto(0x0, &(0x7f0000000000)={0x8, 0x7, 0x802}) sendmmsg$auto(r3, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080)='L', 0x49}, 0x2, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x1ef) (async) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={"95ddd307b834d9dfd9fdd450b14a0ce48bdcaab2c3bf125fec7994717cc13bc3", 0x0, 0x5, 0x3, 0x7, 0x8, 0x0}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000080)={{@inferred=r4, 0x6, 0x2, 0x2, "91fd24fa2d03de0faf83d1212b4168b10c0104623d2744a25cc0e163e4a27ea740bc72da58e8e58ebc66a4c8", @raw=0x5642}, 0x5, 0x10, 0x7, @raw=0x10000, @integer64={0x1, 0x8, 0x5}, "12da18681d0b935599ee59a04f6315fb5a76812f54becc615af5d186bff7aff284f3daeaba40e581258a476cc8a98968f30641aaec29068a6c31f80864a60133"}) mmap$auto(0x2, 0x1, 0x100, 0x12, 0xffffffffffffffff, 0x1) 1.200425718s ago: executing program 2 (id=948): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0xc8140, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xa) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x15c, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4, 0x1e}, @HWSIM_ATTR_MULTI_RADIO={0x4}, @HWSIM_ATTR_ADDR_TRANSMITTER={0x1b, 0x2, "d5ee63aea75a9d66346ce6fe2d5358bacb69eb3339afc4"}, @HWSIM_ATTR_PMSR_RESULT={0x124, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x120, 0x5, 0x0, 0x1, [{0x118, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xac, 0x1, "28e38e4c630e07759c5ce434a620566c1bc45cbc1143219f2a5666d7a88181015d76521283bdf4b956c64ade1d6524cdbadf571d3e18f821548f2d97c4916c91acac1f21e130391e465ed29b079802838a4f2276f1ab33acbe7ca5cfdadba6ba07cf47f5dca3fae4a035da2ba3e575d03095a9f5484f3eeffc275464868acfe4dca1984f3cd7d5f1ecbed6ca9861aadfb812993ef7c9014690aaa06a99f07b1d83c1795353c604c6"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x67, 0x1, "5ac908e428d1dbf742f7d5a658c554e6b7095c98c41087f57de389de219d6ad92b8bfbb06d42b633d6780464550a1f04124f42a12f94d4eda4da737666ad3586609b23ea2f4a3d3f6147185bf51d410a98f124d3f056216ec43f338c1867a46e44f868"}]}, {0x4}]}]}]}, 0x15c}, 0x1, 0x0, 0x0, 0x8000}, 0x4880) r2 = socket(0x10, 0x2, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000100)={{0x0, 0x3, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000002, 0x6}, 0x9}, 0x7, 0x6, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = prctl$auto(0x13e, 0x1, 0x0, 0x4, 0x0) r6 = syz_genetlink_get_family_id$auto_seg6(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r6, 0x100, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4004800}, 0x40001) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000280)='/dev/usbmon37\x00', 0x587001, 0x0) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/net/rt6_stats\x00', 0x0, 0x0) pread64$auto(r7, 0x0, 0x8, 0x7fff) sendmsg$auto_SEG6_CMD_GET_TUNSRC(r4, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2040}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x180, r6, 0x2, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @multicast2}}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1}, @SEG6_ATTR_SECRET={0x51, 0x4, "286649af5313757eb69170777623aa08511ebb89668b8e44686206d9ac7ff7c1a90b79d07a3cf28dd10ce7b888fdda0640975a0c015d5768876e66033fe6d9ade661b088eefe5e0ca31772ff0e"}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x3}, @SEG6_ATTR_SECRET={0xec, 0x4, "efe6ee342e23113d9e71821cbb08e5e8cd546d90ebdf8f5dfd0d1ea772e8c9ebcc8bab19895f98d0c5684fa364fba3172fc90b81d8b8bc7cec8ab39e0b58a83fee1cd66225818480b4667afea12be4c8ef58eb12fc12e97e13b17ffc24125a91b11bc258e7b494c6a5ed83ee383fe124fab150f55733aedad6c36ac9654448d6921517dd7851d978ce0461f6326c2b8529e1edaf07dafaa7daa708e73939d74c2abe94a299ebb0330a8ee5028eaf5e3143868c02c7a5571aed6b44458a9a3db75557d48b928a94697c286de601323e964d43aec6462a9cc5f7424c3701ca7a5d41c7d730e83df846"}]}, 0x180}, 0x1, 0x0, 0x0, 0x10}, 0x8040) 1.200160332s ago: executing program 3 (id=949): close_range$auto(0x2, 0x8, 0x0) close_range$auto(0xffffffffffffffff, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) pipe$auto(0x0) r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$auto(r0, 0x11, 0x64, 0x0, 0x7) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty51\x00', 0x80, 0x0) read$auto(r1, 0x0, 0x6) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000380), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000240)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0xa6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0x2c, 0x3, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2048000}, 0x40014) kexec_load$auto(0xffffffff, 0x2, &(0x7f0000000080)={@buf=0x0, 0x0, 0x8000, 0x403000}, 0x4) kexec_load$auto(0xff, 0xd, &(0x7f0000000140)={@buf=&(0x7f00000000c0)="a4fc60c3cde5180ed6dc21253ad62d0090fd882763a3b9ac9585b08c1a24d3eb9af01273e4fe29f02292cb5746481f349463edfdedc2cdf1f84d059f7f446cc6627ac7f6c67aa84f193eeeebf8aacdc67263a7a116e6baef0d082e6234c97f1140955cab635ee98d6de0e180f081d0229975e43a", 0xfffffffffffffff8, 0x8, 0xffffffffffffff01}, 0x2) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, 0x0, 0x40000010) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x20904, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000000)={{0x3, 0x1002, 0xfffffffc, 0x5, 0x2}, "654c6dbc7a4d30983899a7e1325b6a29ba1e18441074052a3fa6c3ccf1bf00"}) readv$auto(r2, &(0x7f0000000a80)={0x0, 0x2}, 0x2) ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) pidfd_open$auto(0x1, 0x0) 1.188503996s ago: executing program 0 (id=950): socket(0x23, 0x80805, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 1.155626636s ago: executing program 1 (id=951): ioctl$auto(0xffffffffffffffff, 0x5521, 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd0\x00', 0x24000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto_SO_REUSEPORT(r0, 0x1, 0xf, &(0x7f0000000780)='\x00', 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r1, 0x5646, r1) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000280)=""/40, 0x28) ioctl$auto(r1, 0x2400000, 0xffffffffffffffff) futex$auto(0x0, 0x4f549, 0xc, 0x0, 0x0, 0x404) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x4, 0x4020009, 0xdf, 0x14, 0xffffffffffffffff, 0x4) mincore$auto(0x1000, 0x4003f00, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_MAC802154_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x6c, r2, 0x200, 0x70bd27, 0x25dfdbff, {}, [@MAC802154_HWSIM_ATTR_RADIO_EDGES={0x57, 0x3, 0x0, 0x1, [@generic="ff0e5910338c0a4428a1bf03de874dc0c6c2995e98b581be527b4ab6f3ead46ab416d0d9ac8ebe88bd2117ea4cc8127b4cad495463cb255cdb886df0ed56a300714e7d83dc7581", @typed={0x4, 0xf0}, @typed={0x8, 0xc1, 0x0, 0x0, @u32=0x4}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x6b08101e0167e3e3}, 0x20000000) 1.005882567s ago: executing program 0 (id=952): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[], 0x14}}, 0x24004814) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 552.243211ms ago: executing program 0 (id=953): openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x90080, 0x0) connect$auto(0x3, 0x0, 0x54) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x63, 0x0) close_range$auto(0x2, 0x8, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfdef) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0x0) ioctl$auto(r0, 0x4b4a, 0x9) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), 0xffffffffffffffff) 447.964507ms ago: executing program 0 (id=954): keyctl$auto_KEYCTL_REJECT(0x13, 0x200000000000004, 0x2, 0x0, 0x1) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x20, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/default/disable_ipv6\x00', 0x202, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/binderfs/binder0\x00', 0x4100, 0x0) ioctl$auto_BINDER_GET_EXTENDED_ERROR(r1, 0xc00c6211, &(0x7f0000000000)="a375001036d6b1875e7f31227cca04e32f35e6b47db42d46090000004e0d0d6f034c11c9ba1af69240a75e953af620823b977b1115ddea5ad505b36601d26af021b4600930fc08cfb5d59b3d8576fab71d56bbdf") close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2d, 0x2, 0x0) accept$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto(r2, 0x5608, 0x0) sysfs$auto(0x2, 0x100000000000031, 0x0) fsopen$auto(0x0, 0x1) poll$auto(&(0x7f0000000080)={r0, 0xc7, 0x180}, 0x20000a, 0xadf) 257.901908ms ago: executing program 0 (id=955): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r0, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mlock$auto(0x7c88, 0x7fff) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/maps\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0xeda5, 0xc86) sendmmsg$auto(0x3, 0x0, 0x1, 0x1f00) 243.111791ms ago: executing program 3 (id=956): r0 = socket(0x29, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) lsetxattr$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='\x00', &(0x7f00000001c0)="2623332b50d6f6be6a0c5589f7e975b322242c49e1745538f2dabbdfedf356e15f4134a3ee1e662ab41e2b1fe1585e627a8c8512f9eaa0407e505addf996b87e9f56b60671f28d5648885f363417f13ef57b6e3742ea4318d2c61dbf7c868db59c1afbb30f00dd617814dd5d500c20406505894eb77ec739d8c70e226b740226423456e1aa5015eb0ba7c46fde16e76f4848a3c06b0b0162e27141ea3c7b731e11a28e3dfb5ed7711e426d15f9df6a4d52f47dc686afe430052a17ecacb8d76c009782be2c62bdbcada4c0e7dff8333a23eb442410591d96dfc6ddf8572c678d5f817e80bff4af6b", 0x7, 0x2f) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = io_uring_setup$auto(0x1, 0x0) munmap$auto(0x9, 0x9076) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) write$auto_fops_init_pkru_pkeys(r1, &(0x7f0000000280), 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x5, 0x0, 0x5, 0xc}, 0xffd}, 0x8, 0x311) r2 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000480)='/dev/mixer1\x00', 0x500, 0x0) ioctl$auto_SOUND_OLD_MIXER_INFO(r2, 0x80304d65, &(0x7f00000004c0)) read$auto(0xffffffffffffffff, 0x0, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) bpf$auto(0x6, &(0x7f00000002c0)=@raw_tracepoint={0x4, r3, 0x0, 0x5}, 0xe) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 215.388777ms ago: executing program 2 (id=957): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) lsetxattr$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='\x00', &(0x7f00000001c0)="2623332b50d6f6be6a0c5589f7e975b322242c49e1745538f2dabbdfedf356e15f4134a3ee1e662ab41e2b1fe1585e627a8c8512f9eaa0407e505addf996b87e9f56b60671f28d5648885f363417f13ef57b6e3742ea4318d2c61dbf7c868db59c1afbb30f00dd617814dd5d500c20406505894eb77ec739d8c70e226b740226423456e1aa5015eb0ba7c46fde16e76f4848a3c06b0b0162e27141ea3c7b731e11a28e3dfb5ed7711e426d15f9df6a4d52f47dc686afe430052a17ecacb8d76c009782be2c62bdbcada4c0e7dff8333a23eb442410591d96dfc6ddf8572c678d5f817e80bff4af6b", 0x7, 0x2f) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = io_uring_setup$auto(0x1, 0x0) munmap$auto(0x9, 0x9076) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) write$auto_fops_init_pkru_pkeys(r1, &(0x7f0000000280), 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) read$auto(0xffffffffffffffff, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 186.351121ms ago: executing program 1 (id=958): mmap$auto(0x0, 0x420009, 0xe3, 0x200000000000eb1, 0x401, 0x8000) mmap$auto(0x79, 0x2020005, 0x3, 0xeb1, 0xffffffffffffffff, 0x7fff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x20008, 0x4000400000df, 0xeb1, 0x401, 0x8000) socket(0x28, 0x1, 0x1) io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setresgid$auto(0x81, 0x800000a0, 0x8) setgroups$auto(0xe, 0x0) setresuid$auto(0x8, 0x8, 0x0) setfsuid$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) socket(0x2, 0xa, 0x0) msgsnd$auto(0x8, 0x0, 0x5, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x10, 0x4000000000000002, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x802, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0xa3d0, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x802, 0x1) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)="328017bc", 0x4) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0x10001) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0x2000000}, 0x68) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), r1) 0s ago: executing program 3 (id=959): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/bdi/43:160/strict_limit\x00', 0x103a42, 0x0) sendfile$auto(r1, r1, 0x0, 0x9) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x181881, 0x0) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty48\x00', 0x40000, 0x0) prctl$auto(0x35, 0x0, 0x8, 0x0, 0x0) close_range$auto(0x2, 0xa, 0x0) read$auto(r0, 0x0, 0x9a28) ioctl$auto_FIDEDUPERANGE(r0, 0xc0189436, 0x9) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/stack\x00', 0x2400, 0x0) read$auto_proc_single_file_operations_base(r3, &(0x7f0000000200)=""/225, 0xe1) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff) clock_gettime$auto(0x10, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) kernel console output (not intermixed with test programs): f/0x7c0 [ 238.843167][ T8148] create_new_namespaces+0x3ea/0xac0 [ 238.843193][ T8148] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 238.843216][ T8148] ksys_unshare+0x473/0xad0 [ 238.843241][ T8148] ? __pfx_ksys_unshare+0x10/0x10 [ 238.843272][ T8148] __x64_sys_unshare+0x31/0x40 [ 238.843296][ T8148] do_syscall_64+0x106/0xf80 [ 238.843313][ T8148] ? clear_bhb_loop+0x40/0x90 [ 238.843336][ T8148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.843354][ T8148] RIP: 0033:0x7f961bf9c819 [ 238.843369][ T8148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 238.843385][ T8148] RSP: 002b:00007f961cda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 238.843403][ T8148] RAX: ffffffffffffffda RBX: 00007f961c215fa0 RCX: 00007f961bf9c819 [ 238.843414][ T8148] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 238.843424][ T8148] RBP: 00007f961c032c91 R08: 0000000000000000 R09: 0000000000000000 [ 238.843435][ T8148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.843445][ T8148] R13: 00007f961c216038 R14: 00007f961c215fa0 R15: 00007ffe595daf78 [ 238.843468][ T8148] [ 240.081046][ T8164] FAULT_INJECTION: forcing a failure. [ 240.081046][ T8164] name failslab, interval 1, probability 0, space 0, times 0 [ 240.144222][ T8164] CPU: 0 UID: 0 PID: 8164 Comm: syz.2.537 Tainted: G L syzkaller #0 PREEMPT(full) [ 240.144254][ T8164] Tainted: [L]=SOFTLOCKUP [ 240.144261][ T8164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 240.144271][ T8164] Call Trace: [ 240.144277][ T8164] [ 240.144284][ T8164] dump_stack_lvl+0x100/0x190 [ 240.144322][ T8164] should_fail_ex.cold+0x5/0xa [ 240.144345][ T8164] ? tomoyo_encode2+0xfb/0x3c0 [ 240.144371][ T8164] should_failslab+0xc2/0x120 [ 240.144392][ T8164] __kmalloc_noprof+0xe0/0x850 [ 240.144421][ T8164] ? d_absolute_path+0x136/0x1b0 [ 240.144452][ T8164] tomoyo_encode2+0xfb/0x3c0 [ 240.144482][ T8164] tomoyo_encode+0x29/0x50 [ 240.144508][ T8164] tomoyo_realpath_from_path+0x18c/0x690 [ 240.144541][ T8164] tomoyo_path_number_perm+0x23c/0x580 [ 240.144564][ T8164] ? tomoyo_path_number_perm+0x22e/0x580 [ 240.144589][ T8164] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 240.144634][ T8164] ? find_held_lock+0x2b/0x80 [ 240.144653][ T8164] ? __fget_files+0x215/0x3d0 [ 240.144670][ T8164] ? hook_file_ioctl_common+0x146/0x410 [ 240.144699][ T8164] ? __fget_files+0x21f/0x3d0 [ 240.144721][ T8164] security_file_ioctl+0xd3/0x230 [ 240.144745][ T8164] __x64_sys_ioctl+0xb7/0x210 [ 240.144775][ T8164] do_syscall_64+0x106/0xf80 [ 240.144794][ T8164] ? clear_bhb_loop+0x40/0x90 [ 240.144817][ T8164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.144836][ T8164] RIP: 0033:0x7f961bf9c819 [ 240.144851][ T8164] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 240.144869][ T8164] RSP: 002b:00007f961cda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 240.144888][ T8164] RAX: ffffffffffffffda RBX: 00007f961c215fa0 RCX: 00007f961bf9c819 [ 240.144899][ T8164] RDX: 0000000000000003 RSI: 0000000000004611 RDI: 0000000000000003 [ 240.144910][ T8164] RBP: 00007f961cda3090 R08: 0000000000000000 R09: 0000000000000000 [ 240.144920][ T8164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 240.144976][ T8164] R13: 00007f961c216038 R14: 00007f961c215fa0 R15: 00007ffe595daf78 [ 240.145000][ T8164] [ 240.145036][ T8164] ERROR: Out of memory at tomoyo_realpath_from_path. [ 241.732646][ T8185] netlink: 8 bytes leftover after parsing attributes in process `syz.1.545'. [ 241.787028][ T8185] openvswitch: HfR: Dropping previously announced user features [ 242.494467][ T8202] vivid-007: ================= START STATUS ================= [ 242.541177][ T8204] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string [ 242.555001][ T8202] vivid-007: Generate PTS: true [ 242.560438][ T8202] vivid-007: Generate SCR: true [ 242.590872][ T8204] ep_00: uevent: failed to send synthetic uevent: -22 [ 242.598181][ T8202] tpg source WxH: 320x240 (Y'CbCr) [ 242.606751][ T8206] FAULT_INJECTION: forcing a failure. [ 242.606751][ T8206] name failslab, interval 1, probability 0, space 0, times 0 [ 242.625430][ T8202] tpg field: 1 [ 242.628829][ T8202] tpg crop: (0,0)/320x240 [ 242.633269][ T8202] tpg compose: (0,0)/320x240 [ 242.664168][ T8206] CPU: 0 UID: 0 PID: 8206 Comm: syz.1.551 Tainted: G L syzkaller #0 PREEMPT(full) [ 242.664200][ T8206] Tainted: [L]=SOFTLOCKUP [ 242.664207][ T8206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 242.664217][ T8206] Call Trace: [ 242.664223][ T8206] [ 242.664230][ T8206] dump_stack_lvl+0x100/0x190 [ 242.664263][ T8206] should_fail_ex.cold+0x5/0xa [ 242.664285][ T8206] ? tomoyo_encode2+0xfb/0x3c0 [ 242.664311][ T8206] should_failslab+0xc2/0x120 [ 242.664331][ T8206] __kmalloc_noprof+0xe0/0x850 [ 242.664360][ T8206] ? d_absolute_path+0x136/0x1b0 [ 242.664391][ T8206] tomoyo_encode2+0xfb/0x3c0 [ 242.664421][ T8206] tomoyo_encode+0x29/0x50 [ 242.664447][ T8206] tomoyo_realpath_from_path+0x18c/0x690 [ 242.664480][ T8206] tomoyo_path_number_perm+0x23c/0x580 [ 242.664503][ T8206] ? tomoyo_path_number_perm+0x22e/0x580 [ 242.664528][ T8206] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 242.664573][ T8206] ? find_held_lock+0x2b/0x80 [ 242.664591][ T8206] ? __fget_files+0x215/0x3d0 [ 242.664608][ T8206] ? hook_file_ioctl_common+0x146/0x410 [ 242.664637][ T8206] ? __fget_files+0x21f/0x3d0 [ 242.664659][ T8206] security_file_ioctl+0xd3/0x230 [ 242.664685][ T8206] __x64_sys_ioctl+0xb7/0x210 [ 242.664715][ T8206] do_syscall_64+0x106/0xf80 [ 242.664735][ T8206] ? clear_bhb_loop+0x40/0x90 [ 242.664758][ T8206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.664776][ T8206] RIP: 0033:0x7fe4f9b9c819 [ 242.664792][ T8206] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 242.664810][ T8206] RSP: 002b:00007fe4faa77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 242.664828][ T8206] RAX: ffffffffffffffda RBX: 00007fe4f9e15fa0 RCX: 00007fe4f9b9c819 [ 242.664840][ T8206] RDX: 00000000000001f7 RSI: 0000000000004c80 RDI: 0000000000000003 [ 242.664851][ T8206] RBP: 00007fe4faa77090 R08: 0000000000000000 R09: 0000000000000000 [ 242.664861][ T8206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 242.664872][ T8206] R13: 00007fe4f9e16038 R14: 00007fe4f9e15fa0 R15: 00007fff3829e648 [ 242.664894][ T8206] [ 242.664911][ T8206] ERROR: Out of memory at tomoyo_realpath_from_path. [ 242.901516][ T8202] tpg colorspace: 8 [ 242.917673][ T8202] tpg transfer function: 0/0 [ 242.927783][ T8202] tpg Y'CbCr encoding: 0/0 [ 242.932227][ T8202] tpg quantization: 0/0 [ 242.944099][ T8202] tpg RGB range: 0/2 [ 242.973988][ T8202] vivid-007: ================== END STATUS ================== [ 244.042028][ T8235] vivid-007: ================= START STATUS ================= [ 244.111121][ T8235] vivid-007: Generate PTS: true [ 244.122902][ T8239] netlink: 32 bytes leftover after parsing attributes in process `syz.3.561'. [ 244.164839][ T8235] vivid-007: Generate SCR: true [ 244.246236][ T8235] tpg source WxH: 320x240 (Y'CbCr) [ 244.270265][ T8235] tpg field: 1 [ 244.304721][ T8235] tpg crop: (0,0)/320x240 [ 244.359061][ T8235] tpg compose: (0,0)/320x240 [ 244.405460][ T8235] tpg colorspace: 8 [ 244.453362][ T8235] tpg transfer function: 0/0 [ 244.482737][ T8235] tpg Y'CbCr encoding: 0/0 [ 244.507559][ T8253] FAULT_INJECTION: forcing a failure. [ 244.507559][ T8253] name fail_futex, interval 1, probability 0, space 0, times 0 [ 244.532484][ T8235] tpg quantization: 0/0 [ 244.547695][ T8235] tpg RGB range: 0/2 [ 244.553500][ T8253] CPU: 0 UID: 0 PID: 8253 Comm: syz.0.565 Tainted: G L syzkaller #0 PREEMPT(full) [ 244.553531][ T8253] Tainted: [L]=SOFTLOCKUP [ 244.553537][ T8253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 244.553547][ T8253] Call Trace: [ 244.553554][ T8253] [ 244.553561][ T8253] dump_stack_lvl+0x100/0x190 [ 244.553595][ T8253] should_fail_ex.cold+0x5/0xa [ 244.553617][ T8253] get_futex_key+0x1d2/0x1620 [ 244.553643][ T8253] ? __pfx_get_futex_key+0x10/0x10 [ 244.553675][ T8253] futex_wait_setup+0x83/0x510 [ 244.553709][ T8253] __futex_wait+0x19f/0x300 [ 244.553740][ T8253] ? __pfx___futex_wait+0x10/0x10 [ 244.553772][ T8253] ? __pfx_futex_wake_mark+0x10/0x10 [ 244.553808][ T8253] ? futex_hash+0x2c5/0x380 [ 244.553838][ T8253] futex_wait+0xed/0x380 [ 244.553883][ T8253] ? __pfx_futex_wait+0x10/0x10 [ 244.553924][ T8253] do_futex+0x1ef/0x350 [ 244.553949][ T8253] ? __pfx_do_futex+0x10/0x10 [ 244.553979][ T8253] __x64_sys_futex+0x34f/0x4d0 [ 244.554008][ T8253] ? __pfx___x64_sys_futex+0x10/0x10 [ 244.554041][ T8253] do_syscall_64+0x106/0xf80 [ 244.554060][ T8253] ? clear_bhb_loop+0x40/0x90 [ 244.554083][ T8253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.554102][ T8253] RIP: 0033:0x7fce3979c819 [ 244.554117][ T8253] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 244.554134][ T8253] RSP: 002b:00007fce3a6930e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 244.554152][ T8253] RAX: ffffffffffffffda RBX: 00007fce39a15fa8 RCX: 00007fce3979c819 [ 244.554163][ T8253] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fce39a15fa8 [ 244.554174][ T8253] RBP: 00007fce39a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 244.554192][ T8253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 244.554202][ T8253] R13: 00007fce39a16038 R14: 00007ffe9305d330 R15: 00007ffe9305d418 [ 244.554225][ T8253] [ 245.002557][ T8235] vivid-007: ================== END STATUS ================== [ 246.530411][ T8290] vivid-007: ================= START STATUS ================= [ 246.530430][ T8290] vivid-007: Generate PTS: true [ 246.530454][ T8290] vivid-007: Generate SCR: true [ 246.530474][ T8290] tpg source WxH: 320x240 (Y'CbCr) [ 246.530485][ T8290] tpg field: 1 [ 246.530492][ T8290] tpg crop: (0,0)/320x240 [ 246.530505][ T8290] tpg compose: (0,0)/320x240 [ 246.530517][ T8290] tpg colorspace: 8 [ 246.530524][ T8290] tpg transfer function: 0/0 [ 246.530532][ T8290] tpg Y'CbCr encoding: 0/0 [ 246.530542][ T8290] tpg quantization: 0/0 [ 246.530550][ T8290] tpg RGB range: 0/2 [ 246.530558][ T8290] vivid-007: ================== END STATUS ================== [ 246.567375][ T8286] FAULT_INJECTION: forcing a failure. [ 246.567375][ T8286] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 246.567435][ T8286] CPU: 0 UID: 0 PID: 8286 Comm: syz.3.575 Tainted: G L syzkaller #0 PREEMPT(full) [ 246.567461][ T8286] Tainted: [L]=SOFTLOCKUP [ 246.567468][ T8286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 246.567478][ T8286] Call Trace: [ 246.567484][ T8286] [ 246.567491][ T8286] dump_stack_lvl+0x100/0x190 [ 246.567523][ T8286] should_fail_ex.cold+0x5/0xa [ 246.567546][ T8286] _copy_to_iter+0x1f3/0x1720 [ 246.567572][ T8286] ? find_held_lock+0x2b/0x80 [ 246.567591][ T8286] ? is_bpf_text_address+0x8a/0x1a0 [ 246.567622][ T8286] ? __pfx__copy_to_iter+0x10/0x10 [ 246.567647][ T8286] ? __lock_acquire+0x4a5/0x2630 [ 246.567671][ T8286] ? __lock_acquire+0x4a5/0x2630 [ 246.567695][ T8286] ? kernel_text_address+0x8d/0x100 [ 246.567723][ T8286] ? __kernel_text_address+0xd/0x30 [ 246.567754][ T8286] simple_copy_to_iter+0x46/0x90 [ 246.567780][ T8286] __skb_datagram_iter+0x5c8/0x900 [ 246.567805][ T8286] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 246.567838][ T8286] skb_copy_datagram_iter+0xa1/0x270 [ 246.567866][ T8286] mptcp_recvmsg+0x646/0x1070 [ 246.567902][ T8286] ? __pfx_mptcp_recvmsg+0x10/0x10 [ 246.567940][ T8286] ? __pfx_mptcp_recvmsg+0x10/0x10 [ 246.567974][ T8286] inet_recvmsg+0x625/0x6a0 [ 246.567999][ T8286] ? __pfx_inet_recvmsg+0x10/0x10 [ 246.568024][ T8286] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 246.568045][ T8286] ? __pfx_inet_recvmsg+0x10/0x10 [ 246.568070][ T8286] sock_recvmsg+0x187/0x1f0 [ 246.568094][ T8286] __sys_recvfrom+0x200/0x300 [ 246.568123][ T8286] ? 0xffffffff81000000 [ 246.568137][ T8286] ? __pfx___sys_recvfrom+0x10/0x10 [ 246.568185][ T8286] ? ksys_write+0x1ac/0x250 [ 246.568203][ T8286] ? __pfx_ksys_write+0x10/0x10 [ 246.568224][ T8286] __x64_sys_recvfrom+0xe0/0x1c0 [ 246.568253][ T8286] ? do_syscall_64+0x95/0xf80 [ 246.568271][ T8286] ? lockdep_hardirqs_on+0x78/0x100 [ 246.568291][ T8286] do_syscall_64+0x106/0xf80 [ 246.568309][ T8286] ? clear_bhb_loop+0x40/0x90 [ 246.568332][ T8286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.568351][ T8286] RIP: 0033:0x7efdd0d9c819 [ 246.568365][ T8286] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 246.568383][ T8286] RSP: 002b:00007efdd1bc6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 246.568400][ T8286] RAX: ffffffffffffffda RBX: 00007efdd1015fa0 RCX: 00007efdd0d9c819 [ 246.568412][ T8286] RDX: 000000800000000e RSI: 0000000000000000 RDI: 0000000000000003 [ 246.568423][ T8286] RBP: 00007efdd1bc6090 R08: 0000000000000000 R09: ffffffff81000000 [ 246.568434][ T8286] R10: 000000000000011f R11: 0000000000000246 R12: 0000000000000001 [ 246.568444][ T8286] R13: 00007efdd1016038 R14: 00007efdd1015fa0 R15: 00007ffc0586e128 [ 246.568459][ T8286] ? 0xffffffff81000000 [ 246.568479][ T8286] [ 246.812938][ T8297] QAT: Invalid ioctl -8 [ 246.856600][ T8299] FAULT_INJECTION: forcing a failure. [ 246.856600][ T8299] name failslab, interval 1, probability 0, space 0, times 0 [ 246.856634][ T8299] CPU: 0 UID: 0 PID: 8299 Comm: syz.1.578 Tainted: G L syzkaller #0 PREEMPT(full) [ 246.856660][ T8299] Tainted: [L]=SOFTLOCKUP [ 246.856667][ T8299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 246.856677][ T8299] Call Trace: [ 246.856683][ T8299] [ 246.856690][ T8299] dump_stack_lvl+0x100/0x190 [ 246.856722][ T8299] should_fail_ex.cold+0x5/0xa [ 246.856744][ T8299] should_failslab+0xc2/0x120 [ 246.856766][ T8299] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 246.856796][ T8299] ? __d_alloc+0x34/0xa80 [ 246.856822][ T8299] __d_alloc+0x34/0xa80 [ 246.856846][ T8299] d_alloc+0x4a/0x1e0 [ 246.856868][ T8299] lookup_one_qstr_excl+0x175/0x250 [ 246.856896][ T8299] start_dirop+0x59/0xb0 [ 246.856915][ T8299] simple_start_creating+0xf9/0x110 [ 246.856934][ T8299] ? __pfx_simple_start_creating+0x10/0x10 [ 246.856962][ T8299] ? mntput+0x70/0xa0 [ 246.856977][ T8299] ? simple_pin_fs+0xa3/0x190 [ 246.857006][ T8299] debugfs_start_creating.part.0+0x82/0x170 [ 246.857031][ T8299] debugfs_create_symlink+0x7f/0x220 [ 246.857055][ T8299] ref_tracker_dir_symlink+0x257/0x3b0 [ 246.857085][ T8299] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 246.857114][ T8299] ? __lock_acquire+0x4a5/0x2630 [ 246.857156][ T8299] ? lockdep_hardirqs_on+0x78/0x100 [ 246.857175][ T8299] ? crng_make_state+0x2b0/0x6c0 [ 246.857203][ T8299] ? __pfx_net_ns_net_init+0x10/0x10 [ 246.857223][ T8299] net_ns_net_init+0x7e/0x120 [ 246.857243][ T8299] ops_init+0x1e2/0x5f0 [ 246.857264][ T8299] setup_net+0x118/0x3a0 [ 246.857283][ T8299] ? __pfx_setup_net+0x10/0x10 [ 246.857301][ T8299] ? lockdep_init_map_type+0x5c/0x250 [ 246.857327][ T8299] ? mutex_init_lockep+0x110/0x150 [ 246.857356][ T8299] copy_net_ns+0x46f/0x7c0 [ 246.857380][ T8299] create_new_namespaces+0x3ea/0xac0 [ 246.857405][ T8299] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 246.857428][ T8299] ksys_unshare+0x473/0xad0 [ 246.857453][ T8299] ? __pfx_ksys_unshare+0x10/0x10 [ 246.857485][ T8299] __x64_sys_unshare+0x31/0x40 [ 246.857508][ T8299] do_syscall_64+0x106/0xf80 [ 246.857526][ T8299] ? clear_bhb_loop+0x40/0x90 [ 246.857548][ T8299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.857566][ T8299] RIP: 0033:0x7fe4f9b9c819 [ 246.857582][ T8299] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 246.857599][ T8299] RSP: 002b:00007fe4faa77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 246.857616][ T8299] RAX: ffffffffffffffda RBX: 00007fe4f9e15fa0 RCX: 00007fe4f9b9c819 [ 246.857628][ T8299] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 246.857638][ T8299] RBP: 00007fe4f9c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 246.857649][ T8299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 246.857659][ T8299] R13: 00007fe4f9e16038 R14: 00007fe4f9e15fa0 R15: 00007fff3829e648 [ 246.857681][ T8299] [ 248.161681][ T8320] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 248.268714][ T5833] Bluetooth: hci2: Malformed Event: 0x02 [ 248.268849][ T5833] Bluetooth: hci2: Malformed Event: 0x02 [ 249.654484][ T8336] netlink: 146 bytes leftover after parsing attributes in process `syz.2.587'. [ 250.446319][ T8353] FAULT_INJECTION: forcing a failure. [ 250.446319][ T8353] name failslab, interval 1, probability 0, space 0, times 0 [ 250.524184][ T8353] CPU: 0 UID: 0 PID: 8353 Comm: syz.0.592 Tainted: G L syzkaller #0 PREEMPT(full) [ 250.524215][ T8353] Tainted: [L]=SOFTLOCKUP [ 250.524222][ T8353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 250.524232][ T8353] Call Trace: [ 250.524239][ T8353] [ 250.524246][ T8353] dump_stack_lvl+0x100/0x190 [ 250.524279][ T8353] should_fail_ex.cold+0x5/0xa [ 250.524303][ T8353] should_failslab+0xc2/0x120 [ 250.524324][ T8353] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 250.524354][ T8353] ? alloc_inode+0x68/0x250 [ 250.524379][ T8353] ? simple_start_creating+0xb0/0x110 [ 250.524398][ T8353] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 250.524420][ T8353] alloc_inode+0x68/0x250 [ 250.524446][ T8353] new_inode+0x22/0x1c0 [ 250.524473][ T8353] debugfs_create_symlink+0xd1/0x220 [ 250.524497][ T8353] ref_tracker_dir_symlink+0x257/0x3b0 [ 250.524526][ T8353] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 250.524554][ T8353] ? __lock_acquire+0x4a5/0x2630 [ 250.524596][ T8353] ? lockdep_hardirqs_on+0x78/0x100 [ 250.524616][ T8353] ? crng_make_state+0x2b0/0x6c0 [ 250.524644][ T8353] ? __pfx_net_ns_net_init+0x10/0x10 [ 250.524664][ T8353] net_ns_net_init+0x7e/0x120 [ 250.524684][ T8353] ops_init+0x1e2/0x5f0 [ 250.524704][ T8353] setup_net+0x118/0x3a0 [ 250.524724][ T8353] ? __pfx_setup_net+0x10/0x10 [ 250.524741][ T8353] ? lockdep_init_map_type+0x5c/0x250 [ 250.524767][ T8353] ? mutex_init_lockep+0x110/0x150 [ 250.524796][ T8353] copy_net_ns+0x46f/0x7c0 [ 250.524825][ T8353] create_new_namespaces+0x3ea/0xac0 [ 250.524851][ T8353] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 250.524874][ T8353] ksys_unshare+0x473/0xad0 [ 250.524900][ T8353] ? __pfx_ksys_unshare+0x10/0x10 [ 250.524944][ T8353] __x64_sys_unshare+0x31/0x40 [ 250.524968][ T8353] do_syscall_64+0x106/0xf80 [ 250.524987][ T8353] ? clear_bhb_loop+0x40/0x90 [ 250.525011][ T8353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.525030][ T8353] RIP: 0033:0x7fce3979c819 [ 250.525046][ T8353] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 250.525064][ T8353] RSP: 002b:00007fce3a693028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 250.525083][ T8353] RAX: ffffffffffffffda RBX: 00007fce39a15fa0 RCX: 00007fce3979c819 [ 250.525095][ T8353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 250.525107][ T8353] RBP: 00007fce39832c91 R08: 0000000000000000 R09: 0000000000000000 [ 250.525118][ T8353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 250.525128][ T8353] R13: 00007fce39a16038 R14: 00007fce39a15fa0 R15: 00007ffe9305d418 [ 250.525151][ T8353] [ 250.525179][ T8353] debugfs: out of free dentries, can not create symlink 'netns-ef-4026533381-refcnt' [ 251.080934][ T8360] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 251.742073][ T8373] vivid-007: ================= START STATUS ================= [ 251.776299][ T8373] vivid-007: Generate PTS: true [ 251.798743][ T8373] vivid-007: Generate SCR: true [ 251.818478][ T8373] tpg source WxH: 320x240 (Y'CbCr) [ 251.843983][ T8373] tpg field: 1 [ 251.847396][ T8373] tpg crop: (0,0)/320x240 [ 251.879251][ T8373] tpg compose: (0,0)/320x240 [ 251.883871][ T8373] tpg colorspace: 8 [ 251.923864][ T8373] tpg transfer function: 0/0 [ 251.944583][ T8373] tpg Y'CbCr encoding: 0/0 [ 251.949162][ T8373] tpg quantization: 0/0 [ 252.006162][ T8373] tpg RGB range: 0/2 [ 252.046410][ T8373] vivid-007: ================== END STATUS ================== [ 252.217579][ T8381] vivid-007: ================= START STATUS ================= [ 252.290046][ T8381] vivid-007: Generate PTS: true [ 252.351306][ T8381] vivid-007: Generate SCR: true [ 252.392631][ T8381] tpg source WxH: 320x240 (Y'CbCr) [ 252.470768][ T8381] tpg field: 1 [ 252.494997][ T8381] tpg crop: (0,0)/320x240 [ 252.579094][ T8381] tpg compose: (0,0)/320x240 [ 252.649808][ T8381] tpg colorspace: 8 [ 252.653670][ T8381] tpg transfer function: 0/0 [ 252.759710][ T8381] tpg Y'CbCr encoding: 0/0 [ 252.774041][ T8381] tpg quantization: 0/0 [ 252.821581][ T8381] tpg RGB range: 0/2 [ 252.848369][ T8381] vivid-007: ================== END STATUS ================== [ 253.196002][ T8405] vivid-007: ================= START STATUS ================= [ 253.224081][ T8405] vivid-007: Generate PTS: true [ 253.249334][ T8405] vivid-007: Generate SCR: true [ 253.269593][ T8405] tpg source WxH: 320x240 (Y'CbCr) [ 253.290662][ T8405] tpg field: 1 [ 253.302925][ T8405] tpg crop: (0,0)/320x240 [ 253.315818][ T8405] tpg compose: (0,0)/320x240 [ 253.334618][ T8405] tpg colorspace: 8 [ 253.350639][ T8405] tpg transfer function: 0/0 [ 253.370988][ T8405] tpg Y'CbCr encoding: 0/0 [ 253.395061][ T8405] tpg quantization: 0/0 [ 253.418554][ T8405] tpg RGB range: 0/2 [ 253.444065][ T8405] vivid-007: ================== END STATUS ================== [ 254.077352][ T8427] vivid-007: ================= START STATUS ================= [ 254.077371][ T8427] vivid-007: Generate PTS: true [ 254.077392][ T8427] vivid-007: Generate SCR: true [ 254.077413][ T8427] tpg source WxH: 320x240 (Y'CbCr) [ 254.077424][ T8427] tpg field: 1 [ 254.077432][ T8427] tpg crop: (0,0)/320x240 [ 254.077444][ T8427] tpg compose: (0,0)/320x240 [ 254.077455][ T8427] tpg colorspace: 8 [ 254.077463][ T8427] tpg transfer function: 0/0 [ 254.077471][ T8427] tpg Y'CbCr encoding: 0/0 [ 254.077480][ T8427] tpg quantization: 0/0 [ 254.077489][ T8427] tpg RGB range: 0/2 [ 254.077498][ T8427] vivid-007: ================== END STATUS ================== [ 254.504935][ T8413] random: crng reseeded on system resumption [ 255.055255][ T8442] FAULT_INJECTION: forcing a failure. [ 255.055255][ T8442] name failslab, interval 1, probability 0, space 0, times 0 [ 255.125425][ T8442] CPU: 0 UID: 0 PID: 8442 Comm: syz.0.610 Tainted: G L syzkaller #0 PREEMPT(full) [ 255.125459][ T8442] Tainted: [L]=SOFTLOCKUP [ 255.125465][ T8442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 255.125476][ T8442] Call Trace: [ 255.125482][ T8442] [ 255.125490][ T8442] dump_stack_lvl+0x100/0x190 [ 255.125523][ T8442] should_fail_ex.cold+0x5/0xa [ 255.125546][ T8442] should_failslab+0xc2/0x120 [ 255.125567][ T8442] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 255.125597][ T8442] ? security_inode_alloc+0x3b/0x2c0 [ 255.125618][ T8442] ? lockdep_init_map_type+0x5c/0x250 [ 255.125647][ T8442] security_inode_alloc+0x3b/0x2c0 [ 255.125669][ T8442] inode_init_always_gfp+0xced/0x1040 [ 255.125693][ T8442] alloc_inode+0x8e/0x250 [ 255.125719][ T8442] new_inode+0x22/0x1c0 [ 255.125747][ T8442] __debugfs_create_file+0x105/0x4f0 [ 255.125772][ T8442] debugfs_create_file_full+0x41/0x60 [ 255.125797][ T8442] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 255.125823][ T8442] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 255.125849][ T8442] ? find_held_lock+0x2b/0x80 [ 255.125885][ T8442] ? lockdep_init_map_type+0x5c/0x250 [ 255.125921][ T8442] preinit_net.part.0+0x437/0x8f0 [ 255.125942][ T8442] copy_net_ns+0x339/0x7c0 [ 255.125966][ T8442] create_new_namespaces+0x3ea/0xac0 [ 255.125997][ T8442] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 255.126020][ T8442] ksys_unshare+0x473/0xad0 [ 255.126044][ T8442] ? __pfx_ksys_unshare+0x10/0x10 [ 255.126076][ T8442] __x64_sys_unshare+0x31/0x40 [ 255.126099][ T8442] do_syscall_64+0x106/0xf80 [ 255.126118][ T8442] ? clear_bhb_loop+0x40/0x90 [ 255.126140][ T8442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.126159][ T8442] RIP: 0033:0x7fce3979c819 [ 255.126176][ T8442] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 255.126193][ T8442] RSP: 002b:00007fce3a693028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 255.126211][ T8442] RAX: ffffffffffffffda RBX: 00007fce39a15fa0 RCX: 00007fce3979c819 [ 255.126223][ T8442] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 255.126233][ T8442] RBP: 00007fce39832c91 R08: 0000000000000000 R09: 0000000000000000 [ 255.126244][ T8442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 255.126255][ T8442] R13: 00007fce39a16038 R14: 00007fce39a15fa0 R15: 00007ffe9305d418 [ 255.126278][ T8442] [ 255.126301][ T8442] debugfs: out of free dentries, can not create file 'net_notrefcnt@ffff88802337a978' [ 255.650582][ T8450] netlink: 32 bytes leftover after parsing attributes in process `syz.1.612'. [ 255.997981][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.005045][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.048622][ T8460] vivid-007: ================= START STATUS ================= [ 256.085343][ T8460] vivid-007: Generate PTS: true [ 256.112591][ T8460] vivid-007: Generate SCR: true [ 256.136561][ T8460] tpg source WxH: 320x240 (Y'CbCr) [ 256.161279][ T8460] tpg field: 1 [ 256.180620][ T8460] tpg crop: (0,0)/320x240 [ 256.205647][ T8460] tpg compose: (0,0)/320x240 [ 256.261855][ T8460] tpg colorspace: 8 [ 256.291498][ T8460] tpg transfer function: 0/0 [ 256.312177][ T8460] tpg Y'CbCr encoding: 0/0 [ 256.420944][ T8460] tpg quantization: 0/0 [ 256.471524][ T8460] tpg RGB range: 0/2 [ 256.534661][ T8460] vivid-007: ================== END STATUS ================== [ 256.575311][ T8470] FAULT_INJECTION: forcing a failure. [ 256.575311][ T8470] name failslab, interval 1, probability 0, space 0, times 0 [ 256.625229][ T8470] CPU: 0 UID: 0 PID: 8470 Comm: syz.1.618 Tainted: G L syzkaller #0 PREEMPT(full) [ 256.625261][ T8470] Tainted: [L]=SOFTLOCKUP [ 256.625268][ T8470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 256.625278][ T8470] Call Trace: [ 256.625285][ T8470] [ 256.625292][ T8470] dump_stack_lvl+0x100/0x190 [ 256.625325][ T8470] should_fail_ex.cold+0x5/0xa [ 256.625347][ T8470] should_failslab+0xc2/0x120 [ 256.625368][ T8470] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 256.625398][ T8470] ? __d_alloc+0x34/0xa80 [ 256.625424][ T8470] __d_alloc+0x34/0xa80 [ 256.625448][ T8470] d_alloc+0x4a/0x1e0 [ 256.625471][ T8470] lookup_one_qstr_excl+0x175/0x250 [ 256.625498][ T8470] start_dirop+0x59/0xb0 [ 256.625518][ T8470] simple_start_creating+0xf9/0x110 [ 256.625537][ T8470] ? __pfx_simple_start_creating+0x10/0x10 [ 256.625556][ T8470] ? mntput+0x70/0xa0 [ 256.625572][ T8470] ? simple_pin_fs+0xa3/0x190 [ 256.625600][ T8470] debugfs_start_creating.part.0+0x82/0x170 [ 256.625624][ T8470] debugfs_create_symlink+0x7f/0x220 [ 256.625648][ T8470] ref_tracker_dir_symlink+0x257/0x3b0 [ 256.625676][ T8470] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 256.625704][ T8470] ? __lock_acquire+0x4a5/0x2630 [ 256.625746][ T8470] ? lockdep_hardirqs_on+0x78/0x100 [ 256.625765][ T8470] ? crng_make_state+0x2b0/0x6c0 [ 256.625794][ T8470] ? __pfx_net_ns_net_init+0x10/0x10 [ 256.625814][ T8470] net_ns_net_init+0x7e/0x120 [ 256.625834][ T8470] ops_init+0x1e2/0x5f0 [ 256.625855][ T8470] setup_net+0x118/0x3a0 [ 256.625874][ T8470] ? __pfx_setup_net+0x10/0x10 [ 256.625891][ T8470] ? lockdep_init_map_type+0x5c/0x250 [ 256.625925][ T8470] ? mutex_init_lockep+0x110/0x150 [ 256.625954][ T8470] copy_net_ns+0x46f/0x7c0 [ 256.625977][ T8470] create_new_namespaces+0x3ea/0xac0 [ 256.626003][ T8470] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 256.626026][ T8470] ksys_unshare+0x473/0xad0 [ 256.626051][ T8470] ? __pfx_ksys_unshare+0x10/0x10 [ 256.626084][ T8470] __x64_sys_unshare+0x31/0x40 [ 256.626108][ T8470] do_syscall_64+0x106/0xf80 [ 256.626127][ T8470] ? clear_bhb_loop+0x40/0x90 [ 256.626149][ T8470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.626168][ T8470] RIP: 0033:0x7fe4f9b9c819 [ 256.626184][ T8470] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 256.626206][ T8470] RSP: 002b:00007fe4faa77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 256.626224][ T8470] RAX: ffffffffffffffda RBX: 00007fe4f9e15fa0 RCX: 00007fe4f9b9c819 [ 256.626235][ T8470] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 256.626246][ T8470] RBP: 00007fe4f9c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 256.626257][ T8470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 256.626267][ T8470] R13: 00007fe4f9e16038 R14: 00007fe4f9e15fa0 R15: 00007fff3829e648 [ 256.626291][ T8470] [ 258.026660][ T8477] netlink: 8 bytes leftover after parsing attributes in process `syz.2.617'. [ 258.250993][ T8477] openvswitch: HfR: Dropping previously announced user features [ 259.222615][ T30] audit: type=1326 audit(1775571050.756:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8490 comm="syz.3.624" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efdd0d9c819 code=0x0 [ 260.105197][ T8509] FAULT_INJECTION: forcing a failure. [ 260.105197][ T8509] name failslab, interval 1, probability 0, space 0, times 0 [ 260.188392][ T8509] CPU: 0 UID: 0 PID: 8509 Comm: syz.0.631 Tainted: G L syzkaller #0 PREEMPT(full) [ 260.188424][ T8509] Tainted: [L]=SOFTLOCKUP [ 260.188430][ T8509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 260.188441][ T8509] Call Trace: [ 260.188448][ T8509] [ 260.188455][ T8509] dump_stack_lvl+0x100/0x190 [ 260.188489][ T8509] should_fail_ex.cold+0x5/0xa [ 260.188512][ T8509] should_failslab+0xc2/0x120 [ 260.188533][ T8509] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 260.188562][ T8509] ? __d_alloc+0x34/0xa80 [ 260.188589][ T8509] __d_alloc+0x34/0xa80 [ 260.188612][ T8509] d_alloc+0x4a/0x1e0 [ 260.188635][ T8509] lookup_one_qstr_excl+0x175/0x250 [ 260.188662][ T8509] start_dirop+0x59/0xb0 [ 260.188681][ T8509] simple_start_creating+0xf9/0x110 [ 260.188699][ T8509] ? __pfx_simple_start_creating+0x10/0x10 [ 260.188718][ T8509] ? mntput+0x70/0xa0 [ 260.188734][ T8509] ? simple_pin_fs+0xa3/0x190 [ 260.188762][ T8509] debugfs_start_creating.part.0+0x82/0x170 [ 260.188785][ T8509] debugfs_create_symlink+0x7f/0x220 [ 260.188809][ T8509] ref_tracker_dir_symlink+0x257/0x3b0 [ 260.188838][ T8509] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 260.188875][ T8509] ? __lock_acquire+0x4a5/0x2630 [ 260.188918][ T8509] ? lockdep_hardirqs_on+0x78/0x100 [ 260.188938][ T8509] ? crng_make_state+0x2b0/0x6c0 [ 260.188966][ T8509] ? __pfx_net_ns_net_init+0x10/0x10 [ 260.188986][ T8509] net_ns_net_init+0x7e/0x120 [ 260.189005][ T8509] ops_init+0x1e2/0x5f0 [ 260.189026][ T8509] setup_net+0x118/0x3a0 [ 260.189046][ T8509] ? __pfx_setup_net+0x10/0x10 [ 260.189063][ T8509] ? lockdep_init_map_type+0x5c/0x250 [ 260.189088][ T8509] ? mutex_init_lockep+0x110/0x150 [ 260.189117][ T8509] copy_net_ns+0x46f/0x7c0 [ 260.189141][ T8509] create_new_namespaces+0x3ea/0xac0 [ 260.189166][ T8509] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 260.189189][ T8509] ksys_unshare+0x473/0xad0 [ 260.189214][ T8509] ? __pfx_ksys_unshare+0x10/0x10 [ 260.189247][ T8509] __x64_sys_unshare+0x31/0x40 [ 260.189270][ T8509] do_syscall_64+0x106/0xf80 [ 260.189287][ T8509] ? clear_bhb_loop+0x40/0x90 [ 260.189309][ T8509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.189328][ T8509] RIP: 0033:0x7fce3979c819 [ 260.189344][ T8509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 260.189361][ T8509] RSP: 002b:00007fce3a693028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 260.189379][ T8509] RAX: ffffffffffffffda RBX: 00007fce39a15fa0 RCX: 00007fce3979c819 [ 260.189390][ T8509] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 260.189400][ T8509] RBP: 00007fce39832c91 R08: 0000000000000000 R09: 0000000000000000 [ 260.189411][ T8509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 260.189421][ T8509] R13: 00007fce39a16038 R14: 00007fce39a15fa0 R15: 00007ffe9305d418 [ 260.189444][ T8509] [ 261.157748][ T8521] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 261.898526][ T8539] openvswitch: netlink: Message has 141 unknown bytes. [ 262.339144][ T8545] netlink: 'syz.1.639': attribute type 1 has an invalid length. [ 262.670687][ T8552] vivid-007: ================= START STATUS ================= [ 262.712625][ T8552] vivid-007: Generate PTS: true [ 262.740644][ T8552] vivid-007: Generate SCR: true [ 262.762761][ T8552] tpg source WxH: 320x240 (Y'CbCr) [ 262.789859][ T8552] tpg field: 1 [ 262.793273][ T8552] tpg crop: (0,0)/320x240 [ 262.834041][ T8552] tpg compose: (0,0)/320x240 [ 262.838669][ T8552] tpg colorspace: 8 [ 262.893711][ T8552] tpg transfer function: 0/0 [ 262.905823][ T8552] tpg Y'CbCr encoding: 0/0 [ 262.924260][ T8552] tpg quantization: 0/0 [ 262.936157][ T8552] tpg RGB range: 0/2 [ 262.985440][ T8552] vivid-007: ================== END STATUS ================== [ 263.032382][ T8555] vivid-007: ================= START STATUS ================= [ 263.071802][ T8555] vivid-007: Generate PTS: true [ 263.150191][ T8555] vivid-007: Generate SCR: true [ 263.199951][ T8555] tpg source WxH: 320x240 (Y'CbCr) [ 263.234763][ T8555] tpg field: 1 [ 263.300448][ T8555] tpg crop: (0,0)/320x240 [ 263.385584][ T8555] tpg compose: (0,0)/320x240 [ 263.420780][ T8555] tpg colorspace: 8 [ 263.479131][ T8555] tpg transfer function: 0/0 [ 263.505655][ T8555] tpg Y'CbCr encoding: 0/0 [ 263.532268][ T8555] tpg quantization: 0/0 [ 263.554050][ T8555] tpg RGB range: 0/2 [ 263.594139][ T8555] vivid-007: ================== END STATUS ================== [ 263.971508][ T8577] FAULT_INJECTION: forcing a failure. [ 263.971508][ T8577] name failslab, interval 1, probability 0, space 0, times 0 [ 264.150243][ T8577] CPU: 0 UID: 0 PID: 8577 Comm: syz.3.647 Tainted: G L syzkaller #0 PREEMPT(full) [ 264.150275][ T8577] Tainted: [L]=SOFTLOCKUP [ 264.150281][ T8577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 264.150292][ T8577] Call Trace: [ 264.150298][ T8577] [ 264.150306][ T8577] dump_stack_lvl+0x100/0x190 [ 264.150338][ T8577] should_fail_ex.cold+0x5/0xa [ 264.150361][ T8577] should_failslab+0xc2/0x120 [ 264.150382][ T8577] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 264.150411][ T8577] ? __d_alloc+0x34/0xa80 [ 264.150438][ T8577] __d_alloc+0x34/0xa80 [ 264.150462][ T8577] d_alloc+0x4a/0x1e0 [ 264.150484][ T8577] lookup_one_qstr_excl+0x175/0x250 [ 264.150512][ T8577] start_dirop+0x59/0xb0 [ 264.150530][ T8577] simple_start_creating+0xf9/0x110 [ 264.150549][ T8577] ? __pfx_simple_start_creating+0x10/0x10 [ 264.150567][ T8577] ? mntput+0x70/0xa0 [ 264.150583][ T8577] ? simple_pin_fs+0xa3/0x190 [ 264.150612][ T8577] debugfs_start_creating.part.0+0x82/0x170 [ 264.150635][ T8577] debugfs_create_symlink+0x7f/0x220 [ 264.150658][ T8577] ref_tracker_dir_symlink+0x257/0x3b0 [ 264.150687][ T8577] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 264.150715][ T8577] ? __lock_acquire+0x4a5/0x2630 [ 264.150755][ T8577] ? lockdep_hardirqs_on+0x78/0x100 [ 264.150775][ T8577] ? crng_make_state+0x2b0/0x6c0 [ 264.150803][ T8577] ? __pfx_net_ns_net_init+0x10/0x10 [ 264.150830][ T8577] net_ns_net_init+0x7e/0x120 [ 264.150850][ T8577] ops_init+0x1e2/0x5f0 [ 264.150871][ T8577] setup_net+0x118/0x3a0 [ 264.150891][ T8577] ? __pfx_setup_net+0x10/0x10 [ 264.150908][ T8577] ? lockdep_init_map_type+0x5c/0x250 [ 264.150934][ T8577] ? mutex_init_lockep+0x110/0x150 [ 264.150964][ T8577] copy_net_ns+0x46f/0x7c0 [ 264.150988][ T8577] create_new_namespaces+0x3ea/0xac0 [ 264.151014][ T8577] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 264.151037][ T8577] ksys_unshare+0x473/0xad0 [ 264.151061][ T8577] ? __pfx_ksys_unshare+0x10/0x10 [ 264.151093][ T8577] __x64_sys_unshare+0x31/0x40 [ 264.151117][ T8577] do_syscall_64+0x106/0xf80 [ 264.151134][ T8577] ? clear_bhb_loop+0x40/0x90 [ 264.151156][ T8577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.151175][ T8577] RIP: 0033:0x7efdd0d9c819 [ 264.151191][ T8577] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 264.151208][ T8577] RSP: 002b:00007efdd1bc6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 264.151226][ T8577] RAX: ffffffffffffffda RBX: 00007efdd1015fa0 RCX: 00007efdd0d9c819 [ 264.151238][ T8577] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 264.151248][ T8577] RBP: 00007efdd0e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 264.151259][ T8577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 264.151269][ T8577] R13: 00007efdd1016038 R14: 00007efdd1015fa0 R15: 00007ffc0586e128 [ 264.151292][ T8577] [ 264.706058][ T8585] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 264.886246][ T8597] vivid-007: ================= START STATUS ================= [ 264.896278][ T8597] vivid-007: Generate PTS: true [ 264.901215][ T8597] vivid-007: Generate SCR: true [ 264.906346][ T8597] tpg source WxH: 320x240 (Y'CbCr) [ 264.911465][ T8597] tpg field: 1 [ 264.915081][ T8597] tpg crop: (0,0)/320x240 [ 264.919991][ T8597] tpg compose: (0,0)/320x240 [ 264.925461][ T8597] tpg colorspace: 8 [ 264.929418][ T8597] tpg transfer function: 0/0 [ 264.934376][ T8597] tpg Y'CbCr encoding: 0/0 [ 264.938892][ T8597] tpg quantization: 0/0 [ 264.943147][ T8597] tpg RGB range: 0/2 [ 264.948047][ T8597] vivid-007: ================== END STATUS ================== [ 266.416264][ T8610] netlink: 8 bytes leftover after parsing attributes in process `syz.1.653'. [ 266.492892][ T8610] openvswitch: HfR: Dropping previously announced user features [ 267.026180][ T8630] vivid-007: ================= START STATUS ================= [ 267.084039][ T8630] vivid-007: Generate PTS: true [ 267.122351][ T8630] vivid-007: Generate SCR: true [ 267.161552][ T8630] tpg source WxH: 320x240 (Y'CbCr) [ 267.220075][ T8630] tpg field: 1 [ 267.223489][ T8630] tpg crop: (0,0)/320x240 [ 267.259655][ T8630] tpg compose: (0,0)/320x240 [ 267.310665][ T8630] tpg colorspace: 8 [ 267.334484][ T8630] tpg transfer function: 0/0 [ 267.390961][ T8630] tpg Y'CbCr encoding: 0/0 [ 267.454019][ T8630] tpg quantization: 0/0 [ 267.494653][ T8630] tpg RGB range: 0/2 [ 267.513252][ T8630] vivid-007: ================== END STATUS ================== [ 267.665377][ T8645] FAULT_INJECTION: forcing a failure. [ 267.665377][ T8645] name failslab, interval 1, probability 0, space 0, times 0 [ 267.714285][ T8645] CPU: 0 UID: 0 PID: 8645 Comm: syz.3.660 Tainted: G L syzkaller #0 PREEMPT(full) [ 267.714318][ T8645] Tainted: [L]=SOFTLOCKUP [ 267.714324][ T8645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 267.714335][ T8645] Call Trace: [ 267.714342][ T8645] [ 267.714349][ T8645] dump_stack_lvl+0x100/0x190 [ 267.714382][ T8645] should_fail_ex.cold+0x5/0xa [ 267.714404][ T8645] ? tomoyo_realpath_from_path+0xb6/0x690 [ 267.714432][ T8645] should_failslab+0xc2/0x120 [ 267.714453][ T8645] __kmalloc_noprof+0xe0/0x850 [ 267.714487][ T8645] tomoyo_realpath_from_path+0xb6/0x690 [ 267.714519][ T8645] tomoyo_check_open_permission+0x2af/0x3c0 [ 267.714544][ T8645] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 267.714589][ T8645] ? do_raw_spin_lock+0x128/0x260 [ 267.714619][ T8645] ? path_get+0x61/0x80 [ 267.714643][ T8645] tomoyo_file_open+0x6b/0x90 [ 267.714661][ T8645] security_file_open+0xb5/0x1e0 [ 267.714687][ T8645] do_dentry_open+0x5aa/0x1660 [ 267.714708][ T8645] ? security_inode_permission+0xbf/0x250 [ 267.714735][ T8645] vfs_open+0x82/0x3f0 [ 267.714761][ T8645] path_openat+0x208c/0x31a0 [ 267.714789][ T8645] ? __pfx_path_openat+0x10/0x10 [ 267.714817][ T8645] do_file_open+0x20e/0x430 [ 267.714840][ T8645] ? __pfx_do_file_open+0x10/0x10 [ 267.714884][ T8645] ? alloc_fd+0x476/0x790 [ 267.714906][ T8645] ? do_getname+0x191/0x390 [ 267.714933][ T8645] do_sys_openat2+0x10d/0x1e0 [ 267.714962][ T8645] ? __pfx_do_sys_openat2+0x10/0x10 [ 267.714996][ T8645] __x64_sys_openat+0x12d/0x210 [ 267.715023][ T8645] ? __pfx___x64_sys_openat+0x10/0x10 [ 267.715056][ T8645] do_syscall_64+0x106/0xf80 [ 267.715076][ T8645] ? clear_bhb_loop+0x40/0x90 [ 267.715099][ T8645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.715117][ T8645] RIP: 0033:0x7efdd0d9c819 [ 267.715133][ T8645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 267.715151][ T8645] RSP: 002b:00007efdd1bc6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 267.715172][ T8645] RAX: ffffffffffffffda RBX: 00007efdd1015fa0 RCX: 00007efdd0d9c819 [ 267.715184][ T8645] RDX: 00000000000a8200 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 267.715194][ T8645] RBP: 00007efdd0e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 267.715205][ T8645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 267.715215][ T8645] R13: 00007efdd1016038 R14: 00007efdd1015fa0 R15: 00007ffc0586e128 [ 267.715238][ T8645] [ 267.715245][ T8645] ERROR: Out of memory at tomoyo_realpath_from_path. [ 271.187585][ T8708] vivid-007: ================= START STATUS ================= [ 271.226259][ T8708] vivid-007: Generate PTS: true [ 271.231181][ T8708] vivid-007: Generate SCR: true [ 271.266914][ T8708] tpg source WxH: 320x240 (Y'CbCr) [ 271.272078][ T8708] tpg field: 1 [ 271.314908][ T8708] tpg crop: (0,0)/320x240 [ 271.319277][ T8708] tpg compose: (0,0)/320x240 [ 271.344494][ T8708] tpg colorspace: 8 [ 271.348336][ T8708] tpg transfer function: 0/0 [ 271.414783][ T8708] tpg Y'CbCr encoding: 0/0 [ 271.419278][ T8708] tpg quantization: 0/0 [ 271.423446][ T8708] tpg RGB range: 0/2 [ 271.520354][ T8708] vivid-007: ================== END STATUS ================== [ 272.382431][ T8717] nbd: illegal input index 37139 [ 272.445361][ T8717] netlink: 28 bytes leftover after parsing attributes in process `syz.1.682'. [ 272.494256][ T8719] netlink: 'syz.2.683': attribute type 9 has an invalid length. [ 273.775649][ T8747] netlink: 40 bytes leftover after parsing attributes in process `syz.1.690'. [ 274.013547][ T8747] zswap: compressor not available [ 274.671868][ T8758] netlink: 12 bytes leftover after parsing attributes in process `syz.1.694'. [ 274.715070][ T8759] openvswitch: netlink: Message has 141 unknown bytes. [ 274.901463][ T8740] kexec: Could not allocate control_code_buffer [ 275.023320][ T8759] netlink: 'syz.0.693': attribute type 1 has an invalid length. [ 276.106968][ T8782] vivid-007: ================= START STATUS ================= [ 276.138079][ T8782] vivid-007: Generate PTS: true [ 276.143011][ T8782] vivid-007: Generate SCR: true [ 276.219011][ T8782] tpg source WxH: 320x240 (Y'CbCr) [ 276.253008][ T8782] tpg field: 1 [ 276.278535][ T8782] tpg crop: (0,0)/320x240 [ 276.304118][ T8782] tpg compose: (0,0)/320x240 [ 276.308793][ T8782] tpg colorspace: 8 [ 276.376363][ T8782] tpg transfer function: 0/0 [ 276.409720][ T8782] tpg Y'CbCr encoding: 0/0 [ 276.457180][ T8782] tpg quantization: 0/0 [ 276.514199][ T8782] tpg RGB range: 0/2 [ 276.538194][ T8782] vivid-007: ================== END STATUS ================== [ 277.516649][ T8815] netlink: 28 bytes leftover after parsing attributes in process `syz.3.704'. [ 278.204448][ T8834] FAULT_INJECTION: forcing a failure. [ 278.204448][ T8834] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 278.262028][ T8834] CPU: 0 UID: 0 PID: 8834 Comm: syz.1.711 Tainted: G L syzkaller #0 PREEMPT(full) [ 278.262061][ T8834] Tainted: [L]=SOFTLOCKUP [ 278.262067][ T8834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 278.262078][ T8834] Call Trace: [ 278.262084][ T8834] [ 278.262091][ T8834] dump_stack_lvl+0x100/0x190 [ 278.262123][ T8834] should_fail_ex.cold+0x5/0xa [ 278.262146][ T8834] __fpu_restore_sig+0x100/0x1360 [ 278.262173][ T8834] ? __lock_acquire+0x4a5/0x2630 [ 278.262198][ T8834] ? __pfx___fpu_restore_sig+0x10/0x10 [ 278.262234][ T8834] ? __might_fault+0xc5/0x140 [ 278.262265][ T8834] fpu__restore_sig+0x151/0x190 [ 278.262292][ T8834] restore_sigcontext+0x4cb/0x6a0 [ 278.262316][ T8834] ? __pfx_restore_sigcontext+0x10/0x10 [ 278.262352][ T8834] ? __pfx_restore_altstack+0x10/0x10 [ 278.262379][ T8834] ? _raw_spin_unlock_irq+0x23/0x50 [ 278.262408][ T8834] ? lockdep_hardirqs_on+0x78/0x100 [ 278.262430][ T8834] __do_sys_rt_sigreturn+0x229/0x2c0 [ 278.262454][ T8834] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 278.262484][ T8834] do_syscall_64+0x106/0xf80 [ 278.262501][ T8834] ? clear_bhb_loop+0x40/0x90 [ 278.262523][ T8834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.262542][ T8834] RIP: 0033:0x7fe4f9b9c819 [ 278.262556][ T8834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 278.262574][ T8834] RSP: 002b:00007fe4faa56028 EFLAGS: 00000246 [ 278.262588][ T8834] RAX: 0000000000000000 RBX: 00007fe4f9e16090 RCX: 00007fe4f9b9c819 [ 278.262600][ T8834] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 000000000000029f [ 278.262610][ T8834] RBP: 00007fe4f9c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 278.262621][ T8834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 278.262631][ T8834] R13: 00007fe4f9e16128 R14: 00007fe4f9e16090 R15: 00007fff3829e648 [ 278.262653][ T8834] [ 279.015877][ T8854] vivid-007: ================= START STATUS ================= [ 279.025809][ T8854] vivid-007: Generate PTS: true [ 279.030807][ T8854] vivid-007: Generate SCR: true [ 279.036441][ T8854] tpg source WxH: 320x240 (Y'CbCr) [ 279.041668][ T8854] tpg field: 1 [ 279.045365][ T8854] tpg crop: (0,0)/320x240 [ 279.049883][ T8854] tpg compose: (0,0)/320x240 [ 279.055048][ T8854] tpg colorspace: 8 [ 279.058948][ T8854] tpg transfer function: 0/0 [ 279.063716][ T8854] tpg Y'CbCr encoding: 0/0 [ 279.086044][ T8854] tpg quantization: 0/0 [ 279.098214][ T8854] tpg RGB range: 0/2 [ 279.112002][ T8854] vivid-007: ================== END STATUS ================== [ 279.998554][ T8883] FAULT_INJECTION: forcing a failure. [ 279.998554][ T8883] name failslab, interval 1, probability 0, space 0, times 0 [ 279.998587][ T8883] CPU: 0 UID: 0 PID: 8883 Comm: syz.3.725 Tainted: G L syzkaller #0 PREEMPT(full) [ 279.998613][ T8883] Tainted: [L]=SOFTLOCKUP [ 279.998619][ T8883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 279.998629][ T8883] Call Trace: [ 279.998635][ T8883] [ 279.998642][ T8883] dump_stack_lvl+0x100/0x190 [ 279.998674][ T8883] should_fail_ex.cold+0x5/0xa [ 279.998697][ T8883] should_failslab+0xc2/0x120 [ 279.998718][ T8883] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 279.998749][ T8883] ? __alloc_skb+0x140/0x710 [ 279.998782][ T8883] __alloc_skb+0x140/0x710 [ 279.998809][ T8883] ? __alloc_skb+0x5b7/0x710 [ 279.998837][ T8883] ? __pfx___alloc_skb+0x10/0x10 [ 279.998875][ T8883] ? __lock_acquire+0x4a5/0x2630 [ 279.998901][ T8883] ? __local_bh_enable_ip+0x9e/0x120 [ 279.998925][ T8883] __ip_append_data+0x2e31/0x4690 [ 279.998949][ T8883] ? __pfx_raw_getfrag+0x10/0x10 [ 279.998971][ T8883] ? find_held_lock+0x2b/0x80 [ 279.998988][ T8883] ? ip_dst_mtu_maybe_forward.constprop.0+0x3df/0x750 [ 279.999019][ T8883] ? ip_dst_mtu_maybe_forward.constprop.0+0x3e9/0x750 [ 279.999044][ T8883] ? __pfx___ip_append_data+0x10/0x10 [ 279.999070][ T8883] ip_append_data+0x10f/0x1a0 [ 279.999092][ T8883] ? __pfx_raw_getfrag+0x10/0x10 [ 279.999117][ T8883] raw_sendmsg+0xcb6/0x35f0 [ 279.999150][ T8883] ? __pfx_raw_sendmsg+0x10/0x10 [ 279.999174][ T8883] ? __lock_acquire+0x4a5/0x2630 [ 279.999203][ T8883] ? __lock_acquire+0x4a5/0x2630 [ 279.999248][ T8883] ? __import_iovec+0x1d2/0x640 [ 279.999275][ T8883] ? __pfx_raw_sendmsg+0x10/0x10 [ 279.999301][ T8883] inet_sendmsg+0x11c/0x140 [ 279.999326][ T8883] ____sys_sendmsg+0x98d/0xb70 [ 279.999348][ T8883] ? __pfx_inet_sendmsg+0x10/0x10 [ 279.999374][ T8883] ? __pfx_____sys_sendmsg+0x10/0x10 [ 279.999401][ T8883] ? __pfx__kstrtoull+0x10/0x10 [ 279.999435][ T8883] ___sys_sendmsg+0x190/0x1e0 [ 279.999460][ T8883] ? __pfx____sys_sendmsg+0x10/0x10 [ 279.999496][ T8883] ? find_held_lock+0x2b/0x80 [ 279.999528][ T8883] __sys_sendmmsg+0x205/0x430 [ 279.999548][ T8883] ? __pfx___sys_sendmmsg+0x10/0x10 [ 279.999574][ T8883] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 279.999605][ T8883] ? fput+0x79/0x100 [ 279.999627][ T8883] ? ksys_write+0x1ac/0x250 [ 279.999645][ T8883] ? __pfx_ksys_write+0x10/0x10 [ 279.999666][ T8883] __x64_sys_sendmmsg+0x9c/0x100 [ 279.999684][ T8883] ? lockdep_hardirqs_on+0x78/0x100 [ 279.999703][ T8883] do_syscall_64+0x106/0xf80 [ 279.999722][ T8883] ? clear_bhb_loop+0x40/0x90 [ 279.999744][ T8883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.999763][ T8883] RIP: 0033:0x7efdd0d9c819 [ 279.999778][ T8883] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 279.999796][ T8883] RSP: 002b:00007efdd1bc6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 279.999814][ T8883] RAX: ffffffffffffffda RBX: 00007efdd1015fa0 RCX: 00007efdd0d9c819 [ 279.999825][ T8883] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 279.999836][ T8883] RBP: 00007efdd1bc6090 R08: 0000000000000000 R09: 0000000000000000 [ 279.999847][ T8883] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000001 [ 279.999857][ T8883] R13: 00007efdd1016038 R14: 00007efdd1015fa0 R15: 00007ffc0586e128 [ 279.999885][ T8883] [ 280.985563][ T8900] vivid-007: ================= START STATUS ================= [ 280.985582][ T8900] vivid-007: Generate PTS: true [ 280.985605][ T8900] vivid-007: Generate SCR: true [ 280.985625][ T8900] tpg source WxH: 320x240 (Y'CbCr) [ 280.985638][ T8900] tpg field: 1 [ 280.985645][ T8900] tpg crop: (0,0)/320x240 [ 280.985657][ T8900] tpg compose: (0,0)/320x240 [ 280.985668][ T8900] tpg colorspace: 8 [ 280.985676][ T8900] tpg transfer function: 0/0 [ 280.985685][ T8900] tpg Y'CbCr encoding: 0/0 [ 280.985694][ T8900] tpg quantization: 0/0 [ 280.985703][ T8900] tpg RGB range: 0/2 [ 280.985711][ T8900] vivid-007: ================== END STATUS ================== [ 281.699082][ T8886] kexec: Could not allocate control_code_buffer [ 282.878085][ T8934] netlink: 16 bytes leftover after parsing attributes in process `syz.1.738'. [ 282.921217][ T8938] vivid-007: ================= START STATUS ================= [ 282.931401][ T8934] HfR: entered allmulticast mode [ 282.987874][ T8938] vivid-007: Generate PTS: true [ 282.992791][ T8938] vivid-007: Generate SCR: true [ 283.084616][ T8938] tpg source WxH: 320x240 (Y'CbCr) [ 283.150397][ T8938] tpg field: 1 [ 283.170333][ T8938] tpg crop: (0,0)/320x240 [ 283.226669][ T8938] tpg compose: (0,0)/320x240 [ 283.283079][ T8938] tpg colorspace: 8 [ 283.330814][ T8938] tpg transfer function: 0/0 [ 283.360704][ T8938] tpg Y'CbCr encoding: 0/0 [ 283.389287][ T8938] tpg quantization: 0/0 [ 283.439927][ T8938] tpg RGB range: 0/2 [ 283.495150][ T8938] vivid-007: ================== END STATUS ================== [ 284.317606][ T8968] netlink: 'syz.3.746': attribute type 9 has an invalid length. [ 285.085890][ T8987] nbd: illegal input index -565164269 [ 286.924413][ T8998] netlink: 8 bytes leftover after parsing attributes in process `syz.0.756'. [ 286.933816][ T8998] openvswitch: HfR: Dropping previously announced user features [ 289.095452][ T9017] vivid-007: ================= START STATUS ================= [ 289.134012][ T9017] vivid-007: Generate PTS: true [ 289.139022][ T9017] vivid-007: Generate SCR: true [ 289.323209][ T9017] tpg source WxH: 320x240 (Y'CbCr) [ 289.545736][ T9017] tpg field: 1 [ 289.549163][ T9017] tpg crop: (0,0)/320x240 [ 289.553509][ T9017] tpg compose: (0,0)/320x240 [ 290.054023][ T9017] tpg colorspace: 8 [ 290.057893][ T9017] tpg transfer function: 0/0 [ 290.279895][ T9011] netlink: 8 bytes leftover after parsing attributes in process `syz.3.757'. [ 290.632593][ T9017] tpg Y'CbCr encoding: 0/0 [ 290.783164][ T9017] tpg quantization: 0/0 [ 291.162831][ T9017] tpg RGB range: 0/2 [ 291.301398][ T9017] vivid-007: ================== END STATUS ================== [ 291.316578][ T9011] openvswitch: HfR: Dropping previously announced user features [ 292.322142][ T9041] FAULT_INJECTION: forcing a failure. [ 292.322142][ T9041] name failslab, interval 1, probability 0, space 0, times 0 [ 292.483019][ T9049] FAULT_INJECTION: forcing a failure. [ 292.483019][ T9049] name failslab, interval 1, probability 0, space 0, times 0 [ 292.501768][ T9041] CPU: 0 UID: 0 PID: 9041 Comm: syz.2.763 Tainted: G L syzkaller #0 PREEMPT(full) [ 292.501799][ T9041] Tainted: [L]=SOFTLOCKUP [ 292.501805][ T9041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 292.501816][ T9041] Call Trace: [ 292.501822][ T9041] [ 292.501836][ T9041] dump_stack_lvl+0x100/0x190 [ 292.501871][ T9041] should_fail_ex.cold+0x5/0xa [ 292.501893][ T9041] should_failslab+0xc2/0x120 [ 292.501914][ T9041] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 292.501944][ T9041] ? __pmd_alloc+0xbf/0x950 [ 292.501971][ T9041] __pmd_alloc+0xbf/0x950 [ 292.501996][ T9041] __handle_mm_fault+0xa9e/0x2b60 [ 292.502026][ T9041] ? mt_find+0x45e/0x8e0 [ 292.502048][ T9041] ? __pfx___handle_mm_fault+0x10/0x10 [ 292.502074][ T9041] ? __pfx_mt_find+0x10/0x10 [ 292.502107][ T9041] ? find_vma+0xbf/0x140 [ 292.502125][ T9041] ? __pfx_find_vma+0x10/0x10 [ 292.502146][ T9041] handle_mm_fault+0x36d/0xa20 [ 292.502178][ T9041] do_user_addr_fault+0x74c/0x12f0 [ 292.502204][ T9041] exc_page_fault+0x6f/0xd0 [ 292.502224][ T9041] asm_exc_page_fault+0x26/0x30 [ 292.502242][ T9041] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 292.502269][ T9041] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 [ 292.502287][ T9041] RSP: 0018:ffffc90004ebf9b0 EFLAGS: 00050202 [ 292.502302][ T9041] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000007 [ 292.502313][ T9041] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90004ebfa38 [ 292.502324][ T9041] RBP: 0000000000000007 R08: 0000000000000001 R09: fffff520009d7f47 [ 292.502335][ T9041] R10: ffffc90004ebfa3e R11: 0000000000000000 R12: 0000000000000000 [ 292.502345][ T9041] R13: ffffc90004ebfa38 R14: 1ffff920009d7f41 R15: ffffc90004ebfd6c [ 292.502368][ T9041] _copy_from_user+0x98/0xd0 [ 292.502393][ T9041] ____sys_sendmsg+0x1d1/0xb70 [ 292.502420][ T9041] ? __pfx_____sys_sendmsg+0x10/0x10 [ 292.502447][ T9041] ? __pfx__kstrtoull+0x10/0x10 [ 292.502481][ T9041] ___sys_sendmsg+0x190/0x1e0 [ 292.502507][ T9041] ? __pfx____sys_sendmsg+0x10/0x10 [ 292.502542][ T9041] ? find_held_lock+0x2b/0x80 [ 292.502575][ T9041] __sys_sendmmsg+0x205/0x430 [ 292.502596][ T9041] ? __pfx___sys_sendmmsg+0x10/0x10 [ 292.502621][ T9041] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 292.502652][ T9041] ? fput+0x79/0x100 [ 292.502675][ T9041] ? ksys_write+0x1ac/0x250 [ 292.502692][ T9041] ? __pfx_ksys_write+0x10/0x10 [ 292.502714][ T9041] __x64_sys_sendmmsg+0x9c/0x100 [ 292.502732][ T9041] ? lockdep_hardirqs_on+0x78/0x100 [ 292.502751][ T9041] do_syscall_64+0x106/0xf80 [ 292.502769][ T9041] ? clear_bhb_loop+0x40/0x90 [ 292.502792][ T9041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.502810][ T9041] RIP: 0033:0x7f961bf9c819 [ 292.502831][ T9041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 292.502848][ T9041] RSP: 002b:00007f961cd82028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 292.502864][ T9041] RAX: ffffffffffffffda RBX: 00007f961c216090 RCX: 00007f961bf9c819 [ 292.502875][ T9041] RDX: 0000000000000024 RSI: 0000200000000200 RDI: 0000000000000003 [ 292.502886][ T9041] RBP: 00007f961cd82090 R08: 0000000000000000 R09: 0000000000000000 [ 292.502896][ T9041] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 292.502907][ T9041] R13: 00007f961c216128 R14: 00007f961c216090 R15: 00007ffe595daf78 [ 292.502930][ T9041] [ 293.254432][ T9049] CPU: 0 UID: 0 PID: 9049 Comm: syz.1.767 Tainted: G L syzkaller #0 PREEMPT(full) [ 293.254465][ T9049] Tainted: [L]=SOFTLOCKUP [ 293.254472][ T9049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 293.254482][ T9049] Call Trace: [ 293.254489][ T9049] [ 293.254496][ T9049] dump_stack_lvl+0x100/0x190 [ 293.254528][ T9049] should_fail_ex.cold+0x5/0xa [ 293.254551][ T9049] should_failslab+0xc2/0x120 [ 293.254572][ T9049] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 293.254601][ T9049] ? security_inode_alloc+0x3b/0x2c0 [ 293.254622][ T9049] ? lockdep_init_map_type+0x5c/0x250 [ 293.254651][ T9049] security_inode_alloc+0x3b/0x2c0 [ 293.254673][ T9049] inode_init_always_gfp+0xced/0x1040 [ 293.254698][ T9049] alloc_inode+0x8e/0x250 [ 293.254723][ T9049] new_inode+0x22/0x1c0 [ 293.254750][ T9049] debugfs_create_symlink+0xd1/0x220 [ 293.254776][ T9049] ref_tracker_dir_symlink+0x257/0x3b0 [ 293.254813][ T9049] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 293.254842][ T9049] ? __lock_acquire+0x4a5/0x2630 [ 293.254882][ T9049] ? lockdep_hardirqs_on+0x78/0x100 [ 293.254902][ T9049] ? crng_make_state+0x2b0/0x6c0 [ 293.254931][ T9049] ? __pfx_net_ns_net_init+0x10/0x10 [ 293.254950][ T9049] net_ns_net_init+0xd2/0x120 [ 293.254972][ T9049] ops_init+0x1e2/0x5f0 [ 293.254993][ T9049] setup_net+0x118/0x3a0 [ 293.255012][ T9049] ? __pfx_setup_net+0x10/0x10 [ 293.255029][ T9049] ? lockdep_init_map_type+0x5c/0x250 [ 293.255055][ T9049] ? mutex_init_lockep+0x110/0x150 [ 293.255084][ T9049] copy_net_ns+0x46f/0x7c0 [ 293.255107][ T9049] create_new_namespaces+0x3ea/0xac0 [ 293.255133][ T9049] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 293.255155][ T9049] ksys_unshare+0x473/0xad0 [ 293.255181][ T9049] ? __pfx_ksys_unshare+0x10/0x10 [ 293.255212][ T9049] __x64_sys_unshare+0x31/0x40 [ 293.255235][ T9049] do_syscall_64+0x106/0xf80 [ 293.255254][ T9049] ? clear_bhb_loop+0x40/0x90 [ 293.255276][ T9049] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.255295][ T9049] RIP: 0033:0x7fe4f9b9c819 [ 293.255310][ T9049] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 293.255328][ T9049] RSP: 002b:00007fe4faa77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 293.255347][ T9049] RAX: ffffffffffffffda RBX: 00007fe4f9e15fa0 RCX: 00007fe4f9b9c819 [ 293.255359][ T9049] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 293.255369][ T9049] RBP: 00007fe4f9c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 293.255379][ T9049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.255389][ T9049] R13: 00007fe4f9e16038 R14: 00007fe4f9e15fa0 R15: 00007fff3829e648 [ 293.255412][ T9049] [ 293.255440][ T9049] debugfs: out of free dentries, can not create symlink 'netns-126-4026533455-notrefcnt' [ 293.850077][ T9055] vivid-007: ================= START STATUS ================= [ 293.889210][ T9055] vivid-007: Generate PTS: true [ 293.911939][ T9055] vivid-007: Generate SCR: true [ 293.944016][ T9055] tpg source WxH: 320x240 (Y'CbCr) [ 293.949217][ T9055] tpg field: 1 [ 293.983275][ T9055] tpg crop: (0,0)/320x240 [ 294.001070][ T9055] tpg compose: (0,0)/320x240 [ 294.023961][ T9055] tpg colorspace: 8 [ 294.043443][ T9055] tpg transfer function: 0/0 [ 294.064488][ T9055] tpg Y'CbCr encoding: 0/0 [ 294.068947][ T9055] tpg quantization: 0/0 [ 294.114070][ T9055] tpg RGB range: 0/2 [ 294.150540][ T9055] vivid-007: ================== END STATUS ================== [ 294.502956][ T9068] FAULT_INJECTION: forcing a failure. [ 294.502956][ T9068] name failslab, interval 1, probability 0, space 0, times 0 [ 294.615105][ T9068] CPU: 0 UID: 0 PID: 9068 Comm: syz.3.770 Tainted: G L syzkaller #0 PREEMPT(full) [ 294.615137][ T9068] Tainted: [L]=SOFTLOCKUP [ 294.615143][ T9068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 294.615154][ T9068] Call Trace: [ 294.615160][ T9068] [ 294.615167][ T9068] dump_stack_lvl+0x100/0x190 [ 294.615200][ T9068] should_fail_ex.cold+0x5/0xa [ 294.615223][ T9068] should_failslab+0xc2/0x120 [ 294.615244][ T9068] __kmalloc_cache_noprof+0x7a/0x6f0 [ 294.615270][ T9068] ? alloc_pipe_info+0x10e/0x590 [ 294.615291][ T9068] ? find_held_lock+0x2b/0x80 [ 294.615313][ T9068] alloc_pipe_info+0x10e/0x590 [ 294.615335][ T9068] splice_direct_to_actor+0x78f/0xa30 [ 294.615357][ T9068] ? __lock_acquire+0x4a5/0x2630 [ 294.615380][ T9068] ? __pfx_direct_splice_actor+0x10/0x10 [ 294.615401][ T9068] ? __pfx_aa_file_perm+0x10/0x10 [ 294.615430][ T9068] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 294.615461][ T9068] do_splice_direct+0x174/0x240 [ 294.615481][ T9068] ? __pfx_do_splice_direct+0x10/0x10 [ 294.615502][ T9068] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 294.615524][ T9068] ? rw_verify_area+0xce/0x6d0 [ 294.615555][ T9068] do_sendfile+0xadc/0xe20 [ 294.615589][ T9068] ? __pfx_do_sendfile+0x10/0x10 [ 294.615619][ T9068] ? __fget_files+0x21f/0x3d0 [ 294.615644][ T9068] __x64_sys_sendfile64+0x1d8/0x220 [ 294.615665][ T9068] ? ksys_write+0x1ac/0x250 [ 294.615683][ T9068] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 294.615713][ T9068] do_syscall_64+0x106/0xf80 [ 294.615731][ T9068] ? clear_bhb_loop+0x40/0x90 [ 294.615754][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.615773][ T9068] RIP: 0033:0x7efdd0d9c819 [ 294.615794][ T9068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 294.615812][ T9068] RSP: 002b:00007efdd1ba5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 294.615830][ T9068] RAX: ffffffffffffffda RBX: 00007efdd1016090 RCX: 00007efdd0d9c819 [ 294.615842][ T9068] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008 [ 294.615852][ T9068] RBP: 00007efdd1ba5090 R08: 0000000000000000 R09: 0000000000000000 [ 294.615863][ T9068] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 294.615873][ T9068] R13: 00007efdd1016128 R14: 00007efdd1016090 R15: 00007ffc0586e128 [ 294.615896][ T9068] [ 295.458422][ T9066] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(422427026.1466970603.1344747458), cmd(31) [ 295.590531][ T9069] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 295.615032][ T9069] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 295.654598][ T9069] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 295.734640][ T9069] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 296.147182][ T9082] vivid-007: ================= START STATUS ================= [ 296.190516][ T9082] vivid-007: Generate PTS: true [ 296.237861][ T9082] vivid-007: Generate SCR: true [ 296.256589][ T9082] tpg source WxH: 320x240 (Y'CbCr) [ 296.261743][ T9082] tpg field: 1 [ 296.294038][ T9082] tpg crop: (0,0)/320x240 [ 296.309625][ T9082] tpg compose: (0,0)/320x240 [ 296.352420][ T9082] tpg colorspace: 8 [ 296.395125][ T9082] tpg transfer function: 0/0 [ 296.440643][ T9082] tpg Y'CbCr encoding: 0/0 [ 296.474153][ T9082] tpg quantization: 0/0 [ 296.513023][ T9082] tpg RGB range: 0/2 [ 296.603757][ T9082] vivid-007: ================== END STATUS ================== [ 297.524303][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout [ 297.674030][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout [ 297.680097][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 297.721249][ T9114] FAULT_INJECTION: forcing a failure. [ 297.721249][ T9114] name failslab, interval 1, probability 0, space 0, times 0 [ 297.758589][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout [ 297.829010][ T9114] CPU: 0 UID: 0 PID: 9114 Comm: syz.2.781 Tainted: G L syzkaller #0 PREEMPT(full) [ 297.829044][ T9114] Tainted: [L]=SOFTLOCKUP [ 297.829050][ T9114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 297.829062][ T9114] Call Trace: [ 297.829069][ T9114] [ 297.829076][ T9114] dump_stack_lvl+0x100/0x190 [ 297.829109][ T9114] should_fail_ex.cold+0x5/0xa [ 297.829132][ T9114] should_failslab+0xc2/0x120 [ 297.829154][ T9114] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 297.829195][ T9114] ? __d_alloc+0x34/0xa80 [ 297.829221][ T9114] __d_alloc+0x34/0xa80 [ 297.829245][ T9114] d_alloc+0x4a/0x1e0 [ 297.829268][ T9114] lookup_one_qstr_excl+0x175/0x250 [ 297.829296][ T9114] start_dirop+0x59/0xb0 [ 297.829315][ T9114] simple_start_creating+0xf9/0x110 [ 297.829333][ T9114] ? __pfx_simple_start_creating+0x10/0x10 [ 297.829353][ T9114] ? mntput+0x70/0xa0 [ 297.829369][ T9114] ? simple_pin_fs+0xa3/0x190 [ 297.829398][ T9114] debugfs_start_creating.part.0+0x82/0x170 [ 297.829422][ T9114] debugfs_create_symlink+0x7f/0x220 [ 297.829445][ T9114] ref_tracker_dir_symlink+0x257/0x3b0 [ 297.829474][ T9114] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 297.829503][ T9114] ? __lock_acquire+0x4a5/0x2630 [ 297.829545][ T9114] ? lockdep_hardirqs_on+0x78/0x100 [ 297.829565][ T9114] ? crng_make_state+0x2b0/0x6c0 [ 297.829594][ T9114] ? __pfx_net_ns_net_init+0x10/0x10 [ 297.829613][ T9114] net_ns_net_init+0xd2/0x120 [ 297.829632][ T9114] ops_init+0x1e2/0x5f0 [ 297.829653][ T9114] setup_net+0x118/0x3a0 [ 297.829672][ T9114] ? __pfx_setup_net+0x10/0x10 [ 297.829690][ T9114] ? lockdep_init_map_type+0x5c/0x250 [ 297.829716][ T9114] ? mutex_init_lockep+0x110/0x150 [ 297.829752][ T9114] copy_net_ns+0x46f/0x7c0 [ 297.829775][ T9114] create_new_namespaces+0x3ea/0xac0 [ 297.829800][ T9114] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 297.829823][ T9114] ksys_unshare+0x473/0xad0 [ 297.829849][ T9114] ? __pfx_ksys_unshare+0x10/0x10 [ 297.829882][ T9114] __x64_sys_unshare+0x31/0x40 [ 297.829906][ T9114] do_syscall_64+0x106/0xf80 [ 297.829924][ T9114] ? clear_bhb_loop+0x40/0x90 [ 297.829947][ T9114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.829965][ T9114] RIP: 0033:0x7f961bf9c819 [ 297.829982][ T9114] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 297.829999][ T9114] RSP: 002b:00007f961cda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 297.830018][ T9114] RAX: ffffffffffffffda RBX: 00007f961c215fa0 RCX: 00007f961bf9c819 [ 297.830029][ T9114] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 297.830040][ T9114] RBP: 00007f961c032c91 R08: 0000000000000000 R09: 0000000000000000 [ 297.830050][ T9114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 297.830060][ T9114] R13: 00007f961c216038 R14: 00007f961c215fa0 R15: 00007ffe595daf78 [ 297.830083][ T9114] [ 298.520338][ T5833] Bluetooth: hci1: unexpected event 0x32 length: 727 > 9 [ 299.074872][ T9125] vivid-007: ================= START STATUS ================= [ 299.130274][ T9125] vivid-007: Generate PTS: true [ 299.140404][ T9125] vivid-007: Generate SCR: true [ 299.160310][ T9125] tpg source WxH: 320x240 (Y'CbCr) [ 299.175958][ T9125] tpg field: 1 [ 299.186932][ T9125] tpg crop: (0,0)/320x240 [ 299.207528][ T9125] tpg compose: (0,0)/320x240 [ 299.212155][ T9125] tpg colorspace: 8 [ 299.234396][ T9125] tpg transfer function: 0/0 [ 299.246650][ T9125] tpg Y'CbCr encoding: 0/0 [ 299.264064][ T9125] tpg quantization: 0/0 [ 299.277391][ T9125] tpg RGB range: 0/2 [ 299.287486][ T9125] vivid-007: ================== END STATUS ================== [ 299.719015][ T9137] FAULT_INJECTION: forcing a failure. [ 299.719015][ T9137] name failslab, interval 1, probability 0, space 0, times 0 [ 299.784919][ T9137] CPU: 0 UID: 0 PID: 9137 Comm: syz.0.794 Tainted: G L syzkaller #0 PREEMPT(full) [ 299.784951][ T9137] Tainted: [L]=SOFTLOCKUP [ 299.784963][ T9137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 299.784974][ T9137] Call Trace: [ 299.784980][ T9137] [ 299.784988][ T9137] dump_stack_lvl+0x100/0x190 [ 299.785020][ T9137] should_fail_ex.cold+0x5/0xa [ 299.785044][ T9137] should_failslab+0xc2/0x120 [ 299.785065][ T9137] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 299.785094][ T9137] ? security_inode_alloc+0x3b/0x2c0 [ 299.785116][ T9137] ? lockdep_init_map_type+0x5c/0x250 [ 299.785146][ T9137] security_inode_alloc+0x3b/0x2c0 [ 299.785168][ T9137] inode_init_always_gfp+0xced/0x1040 [ 299.785191][ T9137] alloc_inode+0x8e/0x250 [ 299.785217][ T9137] new_inode+0x22/0x1c0 [ 299.785244][ T9137] debugfs_create_symlink+0xd1/0x220 [ 299.785268][ T9137] ref_tracker_dir_symlink+0x257/0x3b0 [ 299.785296][ T9137] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 299.785325][ T9137] ? __lock_acquire+0x4a5/0x2630 [ 299.785365][ T9137] ? lockdep_hardirqs_on+0x78/0x100 [ 299.785385][ T9137] ? crng_make_state+0x2b0/0x6c0 [ 299.785413][ T9137] ? __pfx_net_ns_net_init+0x10/0x10 [ 299.785432][ T9137] net_ns_net_init+0x7e/0x120 [ 299.785452][ T9137] ops_init+0x1e2/0x5f0 [ 299.785473][ T9137] setup_net+0x118/0x3a0 [ 299.785493][ T9137] ? __pfx_setup_net+0x10/0x10 [ 299.785511][ T9137] ? lockdep_init_map_type+0x5c/0x250 [ 299.785537][ T9137] ? mutex_init_lockep+0x110/0x150 [ 299.785567][ T9137] copy_net_ns+0x46f/0x7c0 [ 299.785589][ T9137] create_new_namespaces+0x3ea/0xac0 [ 299.785615][ T9137] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 299.785638][ T9137] ksys_unshare+0x473/0xad0 [ 299.785665][ T9137] ? __pfx_ksys_unshare+0x10/0x10 [ 299.785696][ T9137] __x64_sys_unshare+0x31/0x40 [ 299.785723][ T9137] do_syscall_64+0x106/0xf80 [ 299.785742][ T9137] ? clear_bhb_loop+0x40/0x90 [ 299.785764][ T9137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.785782][ T9137] RIP: 0033:0x7fce3979c819 [ 299.785798][ T9137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 299.785822][ T9137] RSP: 002b:00007fce3a693028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 299.785841][ T9137] RAX: ffffffffffffffda RBX: 00007fce39a15fa0 RCX: 00007fce3979c819 [ 299.785852][ T9137] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 299.785863][ T9137] RBP: 00007fce39832c91 R08: 0000000000000000 R09: 0000000000000000 [ 299.785873][ T9137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 299.785884][ T9137] R13: 00007fce39a16038 R14: 00007fce39a15fa0 R15: 00007ffe9305d418 [ 299.785907][ T9137] [ 299.792522][ T9137] debugfs: out of free dentries, can not create symlink 'netns-130-4026533841-refcnt' [ 303.104932][ T9178] binder: 9168:9178 ioctl 40086602 e20 returned -22 [ 303.526449][ T9161] kexec: Could not allocate control_code_buffer [ 303.752188][ T9187] FAULT_INJECTION: forcing a failure. [ 303.752188][ T9187] name failslab, interval 1, probability 0, space 0, times 0 [ 303.830432][ T9187] CPU: 0 UID: 0 PID: 9187 Comm: syz.1.795 Tainted: G L syzkaller #0 PREEMPT(full) [ 303.830464][ T9187] Tainted: [L]=SOFTLOCKUP [ 303.830471][ T9187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 303.830481][ T9187] Call Trace: [ 303.830488][ T9187] [ 303.830495][ T9187] dump_stack_lvl+0x100/0x190 [ 303.830529][ T9187] should_fail_ex.cold+0x5/0xa [ 303.830552][ T9187] should_failslab+0xc2/0x120 [ 303.830573][ T9187] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 303.830603][ T9187] ? __d_alloc+0x34/0xa80 [ 303.830628][ T9187] __d_alloc+0x34/0xa80 [ 303.830652][ T9187] d_alloc+0x4a/0x1e0 [ 303.830675][ T9187] lookup_one_qstr_excl+0x175/0x250 [ 303.830705][ T9187] start_dirop+0x59/0xb0 [ 303.830723][ T9187] simple_start_creating+0xf9/0x110 [ 303.830742][ T9187] ? __pfx_simple_start_creating+0x10/0x10 [ 303.830761][ T9187] ? mntput+0x70/0xa0 [ 303.830777][ T9187] ? simple_pin_fs+0xa3/0x190 [ 303.830805][ T9187] debugfs_start_creating.part.0+0x82/0x170 [ 303.830828][ T9187] debugfs_create_symlink+0x7f/0x220 [ 303.830852][ T9187] ref_tracker_dir_symlink+0x257/0x3b0 [ 303.830880][ T9187] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 303.830908][ T9187] ? __lock_acquire+0x4a5/0x2630 [ 303.830957][ T9187] ? lockdep_hardirqs_on+0x78/0x100 [ 303.830977][ T9187] ? crng_make_state+0x2b0/0x6c0 [ 303.831005][ T9187] ? __pfx_net_ns_net_init+0x10/0x10 [ 303.831026][ T9187] net_ns_net_init+0x7e/0x120 [ 303.831046][ T9187] ops_init+0x1e2/0x5f0 [ 303.831067][ T9187] setup_net+0x118/0x3a0 [ 303.831087][ T9187] ? __pfx_setup_net+0x10/0x10 [ 303.831104][ T9187] ? lockdep_init_map_type+0x5c/0x250 [ 303.831130][ T9187] ? mutex_init_lockep+0x110/0x150 [ 303.831159][ T9187] copy_net_ns+0x46f/0x7c0 [ 303.831183][ T9187] create_new_namespaces+0x3ea/0xac0 [ 303.831208][ T9187] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 303.831231][ T9187] ksys_unshare+0x473/0xad0 [ 303.831256][ T9187] ? __pfx_ksys_unshare+0x10/0x10 [ 303.831288][ T9187] __x64_sys_unshare+0x31/0x40 [ 303.831312][ T9187] do_syscall_64+0x106/0xf80 [ 303.831330][ T9187] ? clear_bhb_loop+0x40/0x90 [ 303.831353][ T9187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.831371][ T9187] RIP: 0033:0x7fe4f9b9c819 [ 303.831387][ T9187] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 303.831404][ T9187] RSP: 002b:00007fe4faa77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 303.831422][ T9187] RAX: ffffffffffffffda RBX: 00007fe4f9e15fa0 RCX: 00007fe4f9b9c819 [ 303.831434][ T9187] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 303.831444][ T9187] RBP: 00007fe4f9c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 303.831455][ T9187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.831465][ T9187] R13: 00007fe4f9e16038 R14: 00007fe4f9e15fa0 R15: 00007fff3829e648 [ 303.831487][ T9187] [ 304.152089][ T9189] netlink: 25 bytes leftover after parsing attributes in process `syz.3.796'. [ 304.677234][ T9198] FAULT_INJECTION: forcing a failure. [ 304.677234][ T9198] name failslab, interval 1, probability 0, space 0, times 0 [ 304.721245][ T9198] CPU: 0 UID: 0 PID: 9198 Comm: syz.0.799 Tainted: G L syzkaller #0 PREEMPT(full) [ 304.721277][ T9198] Tainted: [L]=SOFTLOCKUP [ 304.721283][ T9198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 304.721295][ T9198] Call Trace: [ 304.721301][ T9198] [ 304.721308][ T9198] dump_stack_lvl+0x100/0x190 [ 304.721341][ T9198] should_fail_ex.cold+0x5/0xa [ 304.721363][ T9198] should_failslab+0xc2/0x120 [ 304.721385][ T9198] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 304.721415][ T9198] ? __d_alloc+0x34/0xa80 [ 304.721441][ T9198] __d_alloc+0x34/0xa80 [ 304.721465][ T9198] d_alloc+0x4a/0x1e0 [ 304.721488][ T9198] lookup_one_qstr_excl+0x175/0x250 [ 304.721516][ T9198] start_dirop+0x59/0xb0 [ 304.721535][ T9198] simple_start_creating+0xf9/0x110 [ 304.721553][ T9198] ? __pfx_simple_start_creating+0x10/0x10 [ 304.721572][ T9198] ? mntput+0x70/0xa0 [ 304.721588][ T9198] ? simple_pin_fs+0xa3/0x190 [ 304.721617][ T9198] debugfs_start_creating.part.0+0x82/0x170 [ 304.721640][ T9198] debugfs_create_symlink+0x7f/0x220 [ 304.721664][ T9198] ref_tracker_dir_symlink+0x257/0x3b0 [ 304.721693][ T9198] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 304.721732][ T9198] ? __lock_acquire+0x4a5/0x2630 [ 304.721775][ T9198] ? lockdep_hardirqs_on+0x78/0x100 [ 304.721801][ T9198] ? crng_make_state+0x2b0/0x6c0 [ 304.721829][ T9198] ? __pfx_net_ns_net_init+0x10/0x10 [ 304.721848][ T9198] net_ns_net_init+0x7e/0x120 [ 304.721867][ T9198] ops_init+0x1e2/0x5f0 [ 304.721888][ T9198] setup_net+0x118/0x3a0 [ 304.721907][ T9198] ? __pfx_setup_net+0x10/0x10 [ 304.721925][ T9198] ? lockdep_init_map_type+0x5c/0x250 [ 304.721951][ T9198] ? mutex_init_lockep+0x110/0x150 [ 304.721981][ T9198] copy_net_ns+0x46f/0x7c0 [ 304.722005][ T9198] create_new_namespaces+0x3ea/0xac0 [ 304.722031][ T9198] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 304.722054][ T9198] ksys_unshare+0x473/0xad0 [ 304.722079][ T9198] ? __pfx_ksys_unshare+0x10/0x10 [ 304.722111][ T9198] __x64_sys_unshare+0x31/0x40 [ 304.722135][ T9198] do_syscall_64+0x106/0xf80 [ 304.722153][ T9198] ? clear_bhb_loop+0x40/0x90 [ 304.722175][ T9198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.722193][ T9198] RIP: 0033:0x7fce3979c819 [ 304.722209][ T9198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 304.722226][ T9198] RSP: 002b:00007fce3a693028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 304.722244][ T9198] RAX: ffffffffffffffda RBX: 00007fce39a15fa0 RCX: 00007fce3979c819 [ 304.722256][ T9198] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 304.722266][ T9198] RBP: 00007fce39832c91 R08: 0000000000000000 R09: 0000000000000000 [ 304.722277][ T9198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 304.722287][ T9198] R13: 00007fce39a16038 R14: 00007fce39a15fa0 R15: 00007ffe9305d418 [ 304.722310][ T9198] [ 306.175429][ T9221] netlink: 8 bytes leftover after parsing attributes in process `syz.2.803'. [ 306.221517][ T9221] openvswitch: HfR: Dropping previously announced user features [ 307.303151][ T9251] FAULT_INJECTION: forcing a failure. [ 307.303151][ T9251] name failslab, interval 1, probability 0, space 0, times 0 [ 307.344675][ T9251] CPU: 0 UID: 0 PID: 9251 Comm: syz.2.814 Tainted: G L syzkaller #0 PREEMPT(full) [ 307.344708][ T9251] Tainted: [L]=SOFTLOCKUP [ 307.344714][ T9251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 307.344725][ T9251] Call Trace: [ 307.344731][ T9251] [ 307.344738][ T9251] dump_stack_lvl+0x100/0x190 [ 307.344796][ T9251] should_fail_ex.cold+0x5/0xa [ 307.344819][ T9251] should_failslab+0xc2/0x120 [ 307.344840][ T9251] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 307.344870][ T9251] ? alloc_inode+0x68/0x250 [ 307.344896][ T9251] ? simple_start_creating+0xb0/0x110 [ 307.344915][ T9251] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 307.344938][ T9251] alloc_inode+0x68/0x250 [ 307.344969][ T9251] new_inode+0x22/0x1c0 [ 307.344996][ T9251] debugfs_create_symlink+0xd1/0x220 [ 307.345019][ T9251] ref_tracker_dir_symlink+0x257/0x3b0 [ 307.345049][ T9251] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 307.345077][ T9251] ? __lock_acquire+0x4a5/0x2630 [ 307.345119][ T9251] ? lockdep_hardirqs_on+0x78/0x100 [ 307.345138][ T9251] ? crng_make_state+0x2b0/0x6c0 [ 307.345166][ T9251] ? __pfx_net_ns_net_init+0x10/0x10 [ 307.345186][ T9251] net_ns_net_init+0x7e/0x120 [ 307.345206][ T9251] ops_init+0x1e2/0x5f0 [ 307.345227][ T9251] setup_net+0x118/0x3a0 [ 307.345246][ T9251] ? __pfx_setup_net+0x10/0x10 [ 307.345263][ T9251] ? lockdep_init_map_type+0x5c/0x250 [ 307.345289][ T9251] ? mutex_init_lockep+0x110/0x150 [ 307.345320][ T9251] copy_net_ns+0x46f/0x7c0 [ 307.345344][ T9251] create_new_namespaces+0x3ea/0xac0 [ 307.345370][ T9251] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 307.345393][ T9251] ksys_unshare+0x473/0xad0 [ 307.345419][ T9251] ? __pfx_ksys_unshare+0x10/0x10 [ 307.345451][ T9251] __x64_sys_unshare+0x31/0x40 [ 307.345474][ T9251] do_syscall_64+0x106/0xf80 [ 307.345492][ T9251] ? clear_bhb_loop+0x40/0x90 [ 307.345514][ T9251] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.345532][ T9251] RIP: 0033:0x7f961bf9c819 [ 307.345549][ T9251] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 307.345566][ T9251] RSP: 002b:00007f961cda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 307.345584][ T9251] RAX: ffffffffffffffda RBX: 00007f961c215fa0 RCX: 00007f961bf9c819 [ 307.345595][ T9251] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 307.345606][ T9251] RBP: 00007f961c032c91 R08: 0000000000000000 R09: 0000000000000000 [ 307.345616][ T9251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 307.345627][ T9251] R13: 00007f961c216038 R14: 00007f961c215fa0 R15: 00007ffe595daf78 [ 307.345649][ T9251] [ 307.345657][ T9251] debugfs: out of free dentries, can not create symlink 'netns-13a-4026533585-refcnt' [ 310.042700][ T9288] FAULT_INJECTION: forcing a failure. [ 310.042700][ T9288] name failslab, interval 1, probability 0, space 0, times 0 [ 310.116110][ T9288] CPU: 0 UID: 0 PID: 9288 Comm: syz.0.823 Tainted: G L syzkaller #0 PREEMPT(full) [ 310.116142][ T9288] Tainted: [L]=SOFTLOCKUP [ 310.116149][ T9288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 310.116159][ T9288] Call Trace: [ 310.116166][ T9288] [ 310.116173][ T9288] dump_stack_lvl+0x100/0x190 [ 310.116206][ T9288] should_fail_ex.cold+0x5/0xa [ 310.116228][ T9288] should_failslab+0xc2/0x120 [ 310.116250][ T9288] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 310.116280][ T9288] ? shmem_alloc_inode+0x25/0x50 [ 310.116304][ T9288] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 310.116327][ T9288] shmem_alloc_inode+0x25/0x50 [ 310.116347][ T9288] alloc_inode+0x68/0x250 [ 310.116374][ T9288] new_inode+0x22/0x1c0 [ 310.116401][ T9288] shmem_get_inode+0x212/0x1040 [ 310.116429][ T9288] ? __pfx_shmem_get_inode+0x10/0x10 [ 310.116453][ T9288] ? rcu_is_watching+0x12/0xc0 [ 310.116481][ T9288] ? percpu_counter_add_batch+0xb9/0x230 [ 310.116512][ T9288] __shmem_file_setup+0x3ac/0x490 [ 310.116540][ T9288] ? __pfx___shmem_file_setup+0x10/0x10 [ 310.116571][ T9288] ? vm_area_alloc+0x1f/0x160 [ 310.116599][ T9288] shmem_zero_setup+0x96/0x1b0 [ 310.116618][ T9288] __mmap_region+0x2198/0x29e0 [ 310.116649][ T9288] ? __pfx___mmap_region+0x10/0x10 [ 310.116682][ T9288] ? set_next_entity+0x11e/0x9c0 [ 310.116721][ T9288] ? __lock_acquire+0x4a5/0x2630 [ 310.116755][ T9288] ? find_held_lock+0x2b/0x80 [ 310.116772][ T9288] ? finish_task_switch.isra.0+0x200/0xb80 [ 310.116793][ T9288] ? finish_task_switch.isra.0+0x200/0xb80 [ 310.116822][ T9288] ? trace_sched_exit_tp+0x13a/0x180 [ 310.116845][ T9288] ? __schedule+0x1000/0x6120 [ 310.116900][ T9288] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 310.116930][ T9288] mmap_region+0x180/0x3e0 [ 310.116963][ T9288] do_mmap+0xc63/0x12f0 [ 310.116988][ T9288] ? __pfx_do_mmap+0x10/0x10 [ 310.117009][ T9288] ? __pfx_down_write_killable+0x10/0x10 [ 310.117037][ T9288] vm_mmap_pgoff+0x29e/0x470 [ 310.117062][ T9288] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 310.117086][ T9288] ? do_futex+0x192/0x350 [ 310.117111][ T9288] ? __pfx_do_futex+0x10/0x10 [ 310.117139][ T9288] ksys_mmap_pgoff+0xe1/0x650 [ 310.117159][ T9288] ? __x64_sys_futex+0x34f/0x4d0 [ 310.117183][ T9288] ? __x64_sys_futex+0x358/0x4d0 [ 310.117207][ T9288] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 310.117228][ T9288] ? xfd_validate_state+0x129/0x190 [ 310.117259][ T9288] __x64_sys_mmap+0x125/0x190 [ 310.117288][ T9288] do_syscall_64+0x106/0xf80 [ 310.117307][ T9288] ? clear_bhb_loop+0x40/0x90 [ 310.117329][ T9288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.117348][ T9288] RIP: 0033:0x7fce3979c819 [ 310.117363][ T9288] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 310.117381][ T9288] RSP: 002b:00007fce3a693028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 310.117398][ T9288] RAX: ffffffffffffffda RBX: 00007fce39a15fa0 RCX: 00007fce3979c819 [ 310.117410][ T9288] RDX: 0000000000000001 RSI: 000000000000007f RDI: 0000000002000000 [ 310.117420][ T9288] RBP: 00007fce39832c91 R08: 0000000000000401 R09: 0000000000008000 [ 310.117431][ T9288] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 310.117441][ T9288] R13: 00007fce39a16038 R14: 00007fce39a15fa0 R15: 00007ffe9305d418 [ 310.117465][ T9288] [ 312.009056][ T9298] netlink: 4 bytes leftover after parsing attributes in process `syz.0.826'. [ 313.566422][ T9331] netlink: 8 bytes leftover after parsing attributes in process `syz.2.835'. [ 313.644629][ T9331] openvswitch: HfR: Dropping previously announced user features [ 313.993456][ T9342] FAULT_INJECTION: forcing a failure. [ 313.993456][ T9342] name failslab, interval 1, probability 0, space 0, times 0 [ 314.164969][ T9342] CPU: 0 UID: 0 PID: 9342 Comm: syz.1.837 Tainted: G L syzkaller #0 PREEMPT(full) [ 314.165002][ T9342] Tainted: [L]=SOFTLOCKUP [ 314.165009][ T9342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 314.165019][ T9342] Call Trace: [ 314.165026][ T9342] [ 314.165033][ T9342] dump_stack_lvl+0x100/0x190 [ 314.165065][ T9342] should_fail_ex.cold+0x5/0xa [ 314.165088][ T9342] should_failslab+0xc2/0x120 [ 314.165110][ T9342] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 314.165139][ T9342] ? __d_alloc+0x34/0xa80 [ 314.165165][ T9342] __d_alloc+0x34/0xa80 [ 314.165188][ T9342] d_alloc+0x4a/0x1e0 [ 314.165211][ T9342] lookup_one_qstr_excl+0x175/0x250 [ 314.165238][ T9342] start_dirop+0x59/0xb0 [ 314.165258][ T9342] simple_start_creating+0xf9/0x110 [ 314.165278][ T9342] ? __pfx_simple_start_creating+0x10/0x10 [ 314.165297][ T9342] ? mntput+0x70/0xa0 [ 314.165313][ T9342] ? simple_pin_fs+0xa3/0x190 [ 314.165342][ T9342] debugfs_start_creating.part.0+0x82/0x170 [ 314.165365][ T9342] debugfs_create_symlink+0x7f/0x220 [ 314.165389][ T9342] ref_tracker_dir_symlink+0x257/0x3b0 [ 314.165418][ T9342] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 314.165445][ T9342] ? __lock_acquire+0x4a5/0x2630 [ 314.165487][ T9342] ? lockdep_hardirqs_on+0x78/0x100 [ 314.165506][ T9342] ? crng_make_state+0x2b0/0x6c0 [ 314.165533][ T9342] ? __pfx_net_ns_net_init+0x10/0x10 [ 314.165552][ T9342] net_ns_net_init+0x7e/0x120 [ 314.165571][ T9342] ops_init+0x1e2/0x5f0 [ 314.165592][ T9342] setup_net+0x118/0x3a0 [ 314.165611][ T9342] ? __pfx_setup_net+0x10/0x10 [ 314.165628][ T9342] ? lockdep_init_map_type+0x5c/0x250 [ 314.165654][ T9342] ? mutex_init_lockep+0x110/0x150 [ 314.165690][ T9342] copy_net_ns+0x46f/0x7c0 [ 314.165713][ T9342] create_new_namespaces+0x3ea/0xac0 [ 314.165739][ T9342] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 314.165761][ T9342] ksys_unshare+0x473/0xad0 [ 314.165786][ T9342] ? __pfx_ksys_unshare+0x10/0x10 [ 314.165818][ T9342] __x64_sys_unshare+0x31/0x40 [ 314.165841][ T9342] do_syscall_64+0x106/0xf80 [ 314.165859][ T9342] ? clear_bhb_loop+0x40/0x90 [ 314.165882][ T9342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.165901][ T9342] RIP: 0033:0x7fe4f9b9c819 [ 314.165917][ T9342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 314.165935][ T9342] RSP: 002b:00007fe4faa77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 314.165953][ T9342] RAX: ffffffffffffffda RBX: 00007fe4f9e15fa0 RCX: 00007fe4f9b9c819 [ 314.165964][ T9342] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 314.165974][ T9342] RBP: 00007fe4f9c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 314.165985][ T9342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 314.165995][ T9342] R13: 00007fe4f9e16038 R14: 00007fe4f9e15fa0 R15: 00007fff3829e648 [ 314.166017][ T9342] [ 315.035815][ T9351] FAULT_INJECTION: forcing a failure. [ 315.035815][ T9351] name failslab, interval 1, probability 0, space 0, times 0 [ 315.064436][ T9351] CPU: 0 UID: 0 PID: 9351 Comm: syz.2.838 Tainted: G L syzkaller #0 PREEMPT(full) [ 315.064468][ T9351] Tainted: [L]=SOFTLOCKUP [ 315.064474][ T9351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 315.064485][ T9351] Call Trace: [ 315.064491][ T9351] [ 315.064499][ T9351] dump_stack_lvl+0x100/0x190 [ 315.064532][ T9351] should_fail_ex.cold+0x5/0xa [ 315.064555][ T9351] should_failslab+0xc2/0x120 [ 315.064577][ T9351] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 315.064607][ T9351] ? __d_alloc+0x34/0xa80 [ 315.064633][ T9351] __d_alloc+0x34/0xa80 [ 315.064657][ T9351] d_alloc+0x4a/0x1e0 [ 315.064680][ T9351] lookup_one_qstr_excl+0x175/0x250 [ 315.064707][ T9351] start_dirop+0x59/0xb0 [ 315.064726][ T9351] simple_start_creating+0xf9/0x110 [ 315.064752][ T9351] ? __pfx_simple_start_creating+0x10/0x10 [ 315.064771][ T9351] ? mntput+0x70/0xa0 [ 315.064787][ T9351] ? simple_pin_fs+0xa3/0x190 [ 315.064815][ T9351] debugfs_start_creating.part.0+0x82/0x170 [ 315.064838][ T9351] debugfs_create_symlink+0x7f/0x220 [ 315.064863][ T9351] ref_tracker_dir_symlink+0x257/0x3b0 [ 315.064892][ T9351] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 315.064925][ T9351] ? __lock_acquire+0x4a5/0x2630 [ 315.064970][ T9351] ? lockdep_hardirqs_on+0x78/0x100 [ 315.064990][ T9351] ? crng_make_state+0x2b0/0x6c0 [ 315.065018][ T9351] ? __pfx_net_ns_net_init+0x10/0x10 [ 315.065038][ T9351] net_ns_net_init+0x7e/0x120 [ 315.065058][ T9351] ops_init+0x1e2/0x5f0 [ 315.065079][ T9351] setup_net+0x118/0x3a0 [ 315.065098][ T9351] ? __pfx_setup_net+0x10/0x10 [ 315.065116][ T9351] ? lockdep_init_map_type+0x5c/0x250 [ 315.065142][ T9351] ? mutex_init_lockep+0x110/0x150 [ 315.065172][ T9351] copy_net_ns+0x46f/0x7c0 [ 315.065195][ T9351] create_new_namespaces+0x3ea/0xac0 [ 315.065221][ T9351] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 315.065244][ T9351] ksys_unshare+0x473/0xad0 [ 315.065271][ T9351] ? __pfx_ksys_unshare+0x10/0x10 [ 315.065303][ T9351] __x64_sys_unshare+0x31/0x40 [ 315.065326][ T9351] do_syscall_64+0x106/0xf80 [ 315.065344][ T9351] ? clear_bhb_loop+0x40/0x90 [ 315.065367][ T9351] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.065386][ T9351] RIP: 0033:0x7f961bf9c819 [ 315.065402][ T9351] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 315.065419][ T9351] RSP: 002b:00007f961cda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 315.065437][ T9351] RAX: ffffffffffffffda RBX: 00007f961c215fa0 RCX: 00007f961bf9c819 [ 315.065448][ T9351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 315.065459][ T9351] RBP: 00007f961c032c91 R08: 0000000000000000 R09: 0000000000000000 [ 315.065469][ T9351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 315.065479][ T9351] R13: 00007f961c216038 R14: 00007f961c215fa0 R15: 00007ffe595daf78 [ 315.065503][ T9351] [ 316.362156][ T9367] netlink: 8 bytes leftover after parsing attributes in process `syz.0.843'. [ 316.796179][ T9381] vivid-007: ================= START STATUS ================= [ 316.815912][ T9381] vivid-007: Generate PTS: true [ 316.820816][ T9381] vivid-007: Generate SCR: true [ 316.837846][ T9381] tpg source WxH: 320x240 (Y'CbCr) [ 316.843027][ T9381] tpg field: 1 [ 316.855476][ T9381] tpg crop: (0,0)/320x240 [ 316.868514][ T9381] tpg compose: (0,0)/320x240 [ 316.887728][ T9381] tpg colorspace: 8 [ 316.891561][ T9381] tpg transfer function: 0/0 [ 316.928591][ T9381] tpg Y'CbCr encoding: 0/0 [ 316.933054][ T9381] tpg quantization: 0/0 [ 317.009267][ T9381] tpg RGB range: 0/2 [ 317.030336][ T9381] vivid-007: ================== END STATUS ================== [ 317.444345][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.454239][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.591085][ T9405] netlink: 8 bytes leftover after parsing attributes in process `syz.3.852'. [ 318.605129][ T9422] FAULT_INJECTION: forcing a failure. [ 318.605129][ T9422] name failslab, interval 1, probability 0, space 0, times 0 [ 318.663779][ T9422] CPU: 0 UID: 0 PID: 9422 Comm: syz.2.855 Tainted: G L syzkaller #0 PREEMPT(full) [ 318.663813][ T9422] Tainted: [L]=SOFTLOCKUP [ 318.663819][ T9422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 318.663829][ T9422] Call Trace: [ 318.663836][ T9422] [ 318.663843][ T9422] dump_stack_lvl+0x100/0x190 [ 318.663875][ T9422] should_fail_ex.cold+0x5/0xa [ 318.663903][ T9422] should_failslab+0xc2/0x120 [ 318.663924][ T9422] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 318.663954][ T9422] ? __d_alloc+0x34/0xa80 [ 318.663980][ T9422] __d_alloc+0x34/0xa80 [ 318.664004][ T9422] d_alloc+0x4a/0x1e0 [ 318.664027][ T9422] lookup_one_qstr_excl+0x175/0x250 [ 318.664054][ T9422] start_dirop+0x59/0xb0 [ 318.664073][ T9422] simple_start_creating+0xf9/0x110 [ 318.664092][ T9422] ? __pfx_simple_start_creating+0x10/0x10 [ 318.664111][ T9422] ? mntput+0x70/0xa0 [ 318.664127][ T9422] ? simple_pin_fs+0xa3/0x190 [ 318.664156][ T9422] debugfs_start_creating.part.0+0x82/0x170 [ 318.664179][ T9422] debugfs_create_symlink+0x7f/0x220 [ 318.664203][ T9422] ref_tracker_dir_symlink+0x257/0x3b0 [ 318.664231][ T9422] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 318.664260][ T9422] ? __lock_acquire+0x4a5/0x2630 [ 318.664303][ T9422] ? lockdep_hardirqs_on+0x78/0x100 [ 318.664323][ T9422] ? crng_make_state+0x2b0/0x6c0 [ 318.664351][ T9422] ? __pfx_net_ns_net_init+0x10/0x10 [ 318.664370][ T9422] net_ns_net_init+0x7e/0x120 [ 318.664389][ T9422] ops_init+0x1e2/0x5f0 [ 318.664411][ T9422] setup_net+0x118/0x3a0 [ 318.664430][ T9422] ? __pfx_setup_net+0x10/0x10 [ 318.664448][ T9422] ? lockdep_init_map_type+0x5c/0x250 [ 318.664474][ T9422] ? mutex_init_lockep+0x110/0x150 [ 318.664504][ T9422] copy_net_ns+0x46f/0x7c0 [ 318.664527][ T9422] create_new_namespaces+0x3ea/0xac0 [ 318.664553][ T9422] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 318.664576][ T9422] ksys_unshare+0x473/0xad0 [ 318.664602][ T9422] ? __pfx_ksys_unshare+0x10/0x10 [ 318.664635][ T9422] __x64_sys_unshare+0x31/0x40 [ 318.664658][ T9422] do_syscall_64+0x106/0xf80 [ 318.664684][ T9422] ? clear_bhb_loop+0x40/0x90 [ 318.664706][ T9422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.664725][ T9422] RIP: 0033:0x7f961bf9c819 [ 318.664740][ T9422] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 318.664758][ T9422] RSP: 002b:00007f961cda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 318.664776][ T9422] RAX: ffffffffffffffda RBX: 00007f961c215fa0 RCX: 00007f961bf9c819 [ 318.664788][ T9422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 318.664799][ T9422] RBP: 00007f961c032c91 R08: 0000000000000000 R09: 0000000000000000 [ 318.664810][ T9422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.664820][ T9422] R13: 00007f961c216038 R14: 00007f961c215fa0 R15: 00007ffe595daf78 [ 318.664843][ T9422] [ 319.494621][ T9427] vivid-007: ================= START STATUS ================= [ 319.502324][ T9427] vivid-007: Generate PTS: true [ 319.529835][ T9427] vivid-007: Generate SCR: true [ 319.539654][ T9427] tpg source WxH: 320x240 (Y'CbCr) [ 319.554021][ T9427] tpg field: 1 [ 319.557414][ T9427] tpg crop: (0,0)/320x240 [ 319.561742][ T9427] tpg compose: (0,0)/320x240 [ 319.585978][ T9427] tpg colorspace: 8 [ 319.589840][ T9427] tpg transfer function: 0/0 [ 319.622115][ T9427] tpg Y'CbCr encoding: 0/0 [ 319.638211][ T9427] tpg quantization: 0/0 [ 319.648792][ T9427] tpg RGB range: 0/2 [ 319.652711][ T9427] vivid-007: ================== END STATUS ================== [ 319.795962][ T9435] FAULT_INJECTION: forcing a failure. [ 319.795962][ T9435] name failslab, interval 1, probability 0, space 0, times 0 [ 319.838879][ T9405] openvswitch: HfR: Dropping previously announced user features [ 319.907663][ T9435] CPU: 0 UID: 0 PID: 9435 Comm: syz.0.858 Tainted: G L syzkaller #0 PREEMPT(full) [ 319.907701][ T9435] Tainted: [L]=SOFTLOCKUP [ 319.907708][ T9435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 319.907719][ T9435] Call Trace: [ 319.907725][ T9435] [ 319.907732][ T9435] dump_stack_lvl+0x100/0x190 [ 319.907766][ T9435] should_fail_ex.cold+0x5/0xa [ 319.907788][ T9435] should_failslab+0xc2/0x120 [ 319.907810][ T9435] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 319.907840][ T9435] ? __kernfs_new_node+0xd2/0x960 [ 319.907868][ T9435] ? kstrdup+0xb3/0xe0 [ 319.907889][ T9435] __kernfs_new_node+0xd2/0x960 [ 319.907920][ T9435] ? __pfx___kernfs_new_node+0x10/0x10 [ 319.907953][ T9435] ? find_held_lock+0x2b/0x80 [ 319.907972][ T9435] ? kernfs_root+0xee/0x2a0 [ 319.907997][ T9435] ? kernfs_root+0xee/0x2a0 [ 319.908030][ T9435] kernfs_new_node+0x11b/0x1a0 [ 319.908051][ T9435] kernfs_create_dir_ns+0x4c/0x1a0 [ 319.908073][ T9435] cgroup_mkdir+0x3be/0x1330 [ 319.908095][ T9435] ? __pfx_cgroup_mkdir+0x10/0x10 [ 319.908114][ T9435] kernfs_iop_mkdir+0x111/0x190 [ 319.908130][ T9435] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 319.908159][ T9435] vfs_mkdir+0x361/0x850 [ 319.908189][ T9435] filename_mkdirat+0x48b/0x5e0 [ 319.908213][ T9435] ? __pfx_filename_mkdirat+0x10/0x10 [ 319.908235][ T9435] ? strncpy_from_user+0x19d/0x2d0 [ 319.908260][ T9435] ? do_getname+0x191/0x390 [ 319.908286][ T9435] __x64_sys_mkdir+0x6b/0x90 [ 319.908308][ T9435] do_syscall_64+0x106/0xf80 [ 319.908326][ T9435] ? clear_bhb_loop+0x40/0x90 [ 319.908348][ T9435] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.908367][ T9435] RIP: 0033:0x7fce3979c819 [ 319.908382][ T9435] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 319.908400][ T9435] RSP: 002b:00007fce3a693028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 319.908418][ T9435] RAX: ffffffffffffffda RBX: 00007fce39a15fa0 RCX: 00007fce3979c819 [ 319.908430][ T9435] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000040 [ 319.908442][ T9435] RBP: 00007fce39832c91 R08: 0000000000000000 R09: 0000000000000000 [ 319.908452][ T9435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.908463][ T9435] R13: 00007fce39a16038 R14: 00007fce39a15fa0 R15: 00007ffe9305d418 [ 319.908487][ T9435] [ 321.115385][ T9448] FAULT_INJECTION: forcing a failure. [ 321.115385][ T9448] name failslab, interval 1, probability 0, space 0, times 0 [ 321.162587][ T9448] CPU: 0 UID: 0 PID: 9448 Comm: syz.1.860 Tainted: G L syzkaller #0 PREEMPT(full) [ 321.162620][ T9448] Tainted: [L]=SOFTLOCKUP [ 321.162626][ T9448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 321.162637][ T9448] Call Trace: [ 321.162643][ T9448] [ 321.162650][ T9448] dump_stack_lvl+0x100/0x190 [ 321.162683][ T9448] should_fail_ex.cold+0x5/0xa [ 321.162714][ T9448] ? copy_splice_read+0x1a3/0xb90 [ 321.162732][ T9448] should_failslab+0xc2/0x120 [ 321.162754][ T9448] __kmalloc_noprof+0xe0/0x850 [ 321.162788][ T9448] copy_splice_read+0x1a3/0xb90 [ 321.162808][ T9448] ? pipe_lock+0x69/0x80 [ 321.162829][ T9448] ? __pfx_copy_splice_read+0x10/0x10 [ 321.162856][ T9448] ? __fget_files+0x215/0x3d0 [ 321.162877][ T9448] ? __pfx_copy_splice_read+0x10/0x10 [ 321.162896][ T9448] do_splice_read+0x285/0x370 [ 321.162917][ T9448] splice_file_to_pipe+0x82/0x120 [ 321.162940][ T9448] do_sendfile+0x366/0xe20 [ 321.162975][ T9448] ? __pfx_do_sendfile+0x10/0x10 [ 321.163006][ T9448] ? __fget_files+0x21f/0x3d0 [ 321.163030][ T9448] __x64_sys_sendfile64+0x1d8/0x220 [ 321.163052][ T9448] ? ksys_write+0x1ac/0x250 [ 321.163070][ T9448] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 321.163100][ T9448] do_syscall_64+0x106/0xf80 [ 321.163118][ T9448] ? clear_bhb_loop+0x40/0x90 [ 321.163141][ T9448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.163160][ T9448] RIP: 0033:0x7fe4f9b9c819 [ 321.163175][ T9448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 321.163193][ T9448] RSP: 002b:00007fe4faa77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 321.163211][ T9448] RAX: ffffffffffffffda RBX: 00007fe4f9e15fa0 RCX: 00007fe4f9b9c819 [ 321.163223][ T9448] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001 [ 321.163233][ T9448] RBP: 00007fe4faa77090 R08: 0000000000000000 R09: 0000000000000000 [ 321.163244][ T9448] R10: 0000000000000bff R11: 0000000000000246 R12: 0000000000000001 [ 321.163254][ T9448] R13: 00007fe4f9e16038 R14: 00007fe4f9e15fa0 R15: 00007fff3829e648 [ 321.163277][ T9448] [ 321.893664][ T9445] zswap: compressor not available [ 322.241986][ T9475] binder: 9473:9475 ioctl 400c620e 2000000008c0 returned -22 [ 322.281818][ T9478] FAULT_INJECTION: forcing a failure. [ 322.281818][ T9478] name failslab, interval 1, probability 0, space 0, times 0 [ 322.342637][ T9478] CPU: 0 UID: 0 PID: 9478 Comm: syz.2.869 Tainted: G L syzkaller #0 PREEMPT(full) [ 322.342670][ T9478] Tainted: [L]=SOFTLOCKUP [ 322.342676][ T9478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 322.342695][ T9478] Call Trace: [ 322.342702][ T9478] [ 322.342709][ T9478] dump_stack_lvl+0x100/0x190 [ 322.342744][ T9478] should_fail_ex.cold+0x5/0xa [ 322.342766][ T9478] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 322.342787][ T9478] should_failslab+0xc2/0x120 [ 322.342808][ T9478] __kmalloc_noprof+0xe0/0x850 [ 322.342843][ T9478] kernfs_fop_write_iter+0x26a/0x5f0 [ 322.342868][ T9478] vfs_write+0x6ac/0x1070 [ 322.342887][ T9478] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 322.342911][ T9478] ? __pfx_vfs_write+0x10/0x10 [ 322.342943][ T9478] ksys_write+0x12a/0x250 [ 322.342960][ T9478] ? __pfx_ksys_write+0x10/0x10 [ 322.342985][ T9478] do_syscall_64+0x106/0xf80 [ 322.343004][ T9478] ? clear_bhb_loop+0x40/0x90 [ 322.343026][ T9478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.343046][ T9478] RIP: 0033:0x7f961bf9c819 [ 322.343061][ T9478] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 322.343079][ T9478] RSP: 002b:00007f961cda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 322.343096][ T9478] RAX: ffffffffffffffda RBX: 00007f961c215fa0 RCX: 00007f961bf9c819 [ 322.343108][ T9478] RDX: 0000000000000009 RSI: 0000200000000000 RDI: 0000000000000003 [ 322.343119][ T9478] RBP: 00007f961cda3090 R08: 0000000000000000 R09: 0000000000000000 [ 322.343129][ T9478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 322.343140][ T9478] R13: 00007f961c216038 R14: 00007f961c215fa0 R15: 00007ffe595daf78 [ 322.343162][ T9478] [ 323.139287][ T9492] vivid-007: ================= START STATUS ================= [ 323.158100][ T9492] vivid-007: Generate PTS: true [ 323.178248][ T9492] vivid-007: Generate SCR: true [ 323.183156][ T9492] tpg source WxH: 320x240 (Y'CbCr) [ 323.214845][ T9492] tpg field: 1 [ 323.224137][ T9492] tpg crop: (0,0)/320x240 [ 323.279325][ T9492] tpg compose: (0,0)/320x240 [ 323.361434][ T9492] tpg colorspace: 8 [ 323.431394][ T9492] tpg transfer function: 0/0 [ 323.499230][ T9492] tpg Y'CbCr encoding: 0/0 [ 323.551756][ T9492] tpg quantization: 0/0 [ 323.630433][ T9492] tpg RGB range: 0/2 [ 323.656583][ T9492] vivid-007: ================== END STATUS ================== [ 323.748027][ T9499] vivid-007: ================= START STATUS ================= [ 323.842520][ T9499] vivid-007: Generate PTS: true [ 323.883984][ T9499] vivid-007: Generate SCR: true [ 323.897830][ T9514] FAULT_INJECTION: forcing a failure. [ 323.897830][ T9514] name failslab, interval 1, probability 0, space 0, times 0 [ 323.947586][ T9499] tpg source WxH: 320x240 (Y'CbCr) [ 323.956246][ T9514] CPU: 0 UID: 0 PID: 9514 Comm: syz.2.880 Tainted: G L syzkaller #0 PREEMPT(full) [ 323.956275][ T9514] Tainted: [L]=SOFTLOCKUP [ 323.956281][ T9514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 323.956292][ T9514] Call Trace: [ 323.956298][ T9514] [ 323.956305][ T9514] dump_stack_lvl+0x100/0x190 [ 323.956339][ T9514] should_fail_ex.cold+0x5/0xa [ 323.956360][ T9514] ? tomoyo_encode2+0xfb/0x3c0 [ 323.956386][ T9514] should_failslab+0xc2/0x120 [ 323.956407][ T9514] __kmalloc_noprof+0xe0/0x850 [ 323.956436][ T9514] ? rcu_is_watching+0x12/0xc0 [ 323.956470][ T9514] tomoyo_encode2+0xfb/0x3c0 [ 323.956500][ T9514] tomoyo_encode+0x29/0x50 [ 323.956525][ T9514] tomoyo_realpath_from_path+0x18c/0x690 [ 323.956558][ T9514] tomoyo_path_number_perm+0x23c/0x580 [ 323.956581][ T9514] ? tomoyo_path_number_perm+0x22e/0x580 [ 323.956605][ T9514] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 323.956653][ T9514] ? find_held_lock+0x2b/0x80 [ 323.956671][ T9514] ? __fget_files+0x215/0x3d0 [ 323.956689][ T9514] ? hook_file_ioctl_common+0x146/0x410 [ 323.956717][ T9514] ? __fget_files+0x21f/0x3d0 [ 323.956739][ T9514] security_file_ioctl+0xd3/0x230 [ 323.956764][ T9514] __x64_sys_ioctl+0xb7/0x210 [ 323.956794][ T9514] do_syscall_64+0x106/0xf80 [ 323.956813][ T9514] ? clear_bhb_loop+0x40/0x90 [ 323.956836][ T9514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.956855][ T9514] RIP: 0033:0x7f961bf9c819 [ 323.956870][ T9514] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 323.956888][ T9514] RSP: 002b:00007f961cda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 323.956906][ T9514] RAX: ffffffffffffffda RBX: 00007f961c215fa0 RCX: 00007f961bf9c819 [ 323.956924][ T9514] RDX: 0000000000000000 RSI: 00000000c0285700 RDI: 0000000000000005 [ 323.956935][ T9514] RBP: 00007f961cda3090 R08: 0000000000000000 R09: 0000000000000000 [ 323.956945][ T9514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 323.956956][ T9514] R13: 00007f961c216038 R14: 00007f961c215fa0 R15: 00007ffe595daf78 [ 323.956978][ T9514] [ 323.956994][ T9514] ERROR: Out of memory at tomoyo_realpath_from_path. [ 324.193716][ T9499] tpg field: 1 [ 324.207360][ T9499] tpg crop: (0,0)/320x240 [ 324.221905][ T9499] tpg compose: (0,0)/320x240 [ 324.234284][ T9499] tpg colorspace: 8 [ 324.257742][ T9499] tpg transfer function: 0/0 [ 324.262373][ T9499] tpg Y'CbCr encoding: 0/0 [ 324.313737][ T9499] tpg quantization: 0/0 [ 324.325085][ T9499] tpg RGB range: 0/2 [ 324.329015][ T9499] vivid-007: ================== END STATUS ================== [ 324.585287][ T9527] FAULT_INJECTION: forcing a failure. [ 324.585287][ T9527] name failslab, interval 1, probability 0, space 0, times 0 [ 324.617757][ T9527] CPU: 0 UID: 0 PID: 9527 Comm: syz.0.885 Tainted: G L syzkaller #0 PREEMPT(full) [ 324.617788][ T9527] Tainted: [L]=SOFTLOCKUP [ 324.617795][ T9527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 324.617806][ T9527] Call Trace: [ 324.617812][ T9527] [ 324.617819][ T9527] dump_stack_lvl+0x100/0x190 [ 324.617853][ T9527] should_fail_ex.cold+0x5/0xa [ 324.617875][ T9527] should_failslab+0xc2/0x120 [ 324.617897][ T9527] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 324.617926][ T9527] ? __proc_create+0x2cb/0x8c0 [ 324.617949][ T9527] __proc_create+0x2cb/0x8c0 [ 324.617967][ T9527] ? __pfx___proc_create+0x10/0x10 [ 324.617994][ T9527] _proc_mkdir+0xb9/0x210 [ 324.618013][ T9527] ? __pfx__proc_mkdir+0x10/0x10 [ 324.618031][ T9527] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 324.618060][ T9527] ? proc_net_ns_init+0x42/0x420 [ 324.618083][ T9527] proc_net_ns_init+0x273/0x420 [ 324.618103][ T9527] ? __pfx_proc_net_ns_init+0x10/0x10 [ 324.618120][ T9527] ops_init+0x1e2/0x5f0 [ 324.618142][ T9527] setup_net+0x118/0x3a0 [ 324.618161][ T9527] ? __pfx_setup_net+0x10/0x10 [ 324.618178][ T9527] ? lockdep_init_map_type+0x5c/0x250 [ 324.618203][ T9527] ? mutex_init_lockep+0x110/0x150 [ 324.618232][ T9527] copy_net_ns+0x46f/0x7c0 [ 324.618255][ T9527] create_new_namespaces+0x3ea/0xac0 [ 324.618281][ T9527] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 324.618304][ T9527] ksys_unshare+0x473/0xad0 [ 324.618330][ T9527] ? __pfx_ksys_unshare+0x10/0x10 [ 324.618362][ T9527] __x64_sys_unshare+0x31/0x40 [ 324.618385][ T9527] do_syscall_64+0x106/0xf80 [ 324.618404][ T9527] ? clear_bhb_loop+0x40/0x90 [ 324.618426][ T9527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.618444][ T9527] RIP: 0033:0x7fce3979c819 [ 324.618460][ T9527] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 324.618477][ T9527] RSP: 002b:00007fce3a693028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 324.618495][ T9527] RAX: ffffffffffffffda RBX: 00007fce39a15fa0 RCX: 00007fce3979c819 [ 324.618507][ T9527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 324.618517][ T9527] RBP: 00007fce39832c91 R08: 0000000000000000 R09: 0000000000000000 [ 324.618527][ T9527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 324.618537][ T9527] R13: 00007fce39a16038 R14: 00007fce39a15fa0 R15: 00007ffe9305d418 [ 324.618560][ T9527] [ 326.435227][ T9565] vivid-007: ================= START STATUS ================= [ 326.442998][ T9565] vivid-007: Generate PTS: true [ 326.499069][ T9565] vivid-007: Generate SCR: true [ 326.519307][ T9565] tpg source WxH: 320x240 (Y'CbCr) [ 326.547642][ T9565] tpg field: 1 [ 326.574386][ T9565] tpg crop: (0,0)/320x240 [ 326.588220][ T9565] tpg compose: (0,0)/320x240 [ 326.601659][ T9565] tpg colorspace: 8 [ 326.613853][ T9567] bridge0: port 3(veth1_macvtap) entered blocking state [ 326.621407][ T9565] tpg transfer function: 0/0 [ 326.632586][ T9565] tpg Y'CbCr encoding: 0/0 [ 326.642059][ T9567] bridge0: port 3(veth1_macvtap) entered disabled state [ 326.652126][ T9565] tpg quantization: 0/0 [ 326.660449][ T9567] veth1_macvtap: entered allmulticast mode [ 326.668021][ T9565] tpg RGB range: 0/2 [ 326.675858][ T9565] vivid-007: ================== END STATUS ================== [ 326.713792][ T9567] veth1_macvtap: left allmulticast mode [ 326.762297][ T9567] FAULT_INJECTION: forcing a failure. [ 326.762297][ T9567] name fail_futex, interval 1, probability 0, space 0, times 0 [ 326.812362][ T9567] CPU: 0 UID: 0 PID: 9567 Comm: syz.2.893 Tainted: G L syzkaller #0 PREEMPT(full) [ 326.812393][ T9567] Tainted: [L]=SOFTLOCKUP [ 326.812399][ T9567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 326.812410][ T9567] Call Trace: [ 326.812416][ T9567] [ 326.812423][ T9567] dump_stack_lvl+0x100/0x190 [ 326.812456][ T9567] should_fail_ex.cold+0x5/0xa [ 326.812478][ T9567] get_futex_key+0x1d2/0x1620 [ 326.812504][ T9567] ? __pfx_get_futex_key+0x10/0x10 [ 326.812527][ T9567] ? __pfx_search_extable+0x10/0x10 [ 326.812548][ T9567] ? rep_movs_alternative+0xf/0x90 [ 326.812572][ T9567] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 326.812594][ T9567] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 326.812615][ T9567] futex_wake+0xea/0x530 [ 326.812653][ T9567] ? __pfx_futex_wake+0x10/0x10 [ 326.812679][ T9567] ? kernelmode_fixup_or_oops.isra.0+0x80/0xf0 [ 326.812703][ T9567] ? irqentry_exit+0x180/0x670 [ 326.812726][ T9567] ? lockdep_hardirqs_on+0x78/0x100 [ 326.812747][ T9567] do_futex+0x32b/0x350 [ 326.812771][ T9567] ? __pfx_do_futex+0x10/0x10 [ 326.812801][ T9567] __x64_sys_futex+0x34f/0x4d0 [ 326.812829][ T9567] ? __pfx___x64_sys_futex+0x10/0x10 [ 326.812855][ T9567] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 326.812887][ T9567] do_syscall_64+0x106/0xf80 [ 326.812905][ T9567] ? clear_bhb_loop+0x40/0x90 [ 326.812927][ T9567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.812946][ T9567] RIP: 0033:0x7f961bf9c819 [ 326.812961][ T9567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 326.812978][ T9567] RSP: 002b:00007f961cda30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 326.812997][ T9567] RAX: ffffffffffffffda RBX: 00007f961c215fa8 RCX: 00007f961bf9c819 [ 326.813008][ T9567] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f961c215fac [ 326.813019][ T9567] RBP: 00007f961c215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 326.813029][ T9567] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 326.813039][ T9567] R13: 00007f961c216038 R14: 00007ffe595dae90 R15: 00007ffe595daf78 [ 326.813061][ T9567] [ 327.994690][ T9586] vivid-007: ================= START STATUS ================= [ 328.002380][ T9586] vivid-007: Generate PTS: true [ 328.029464][ T9586] vivid-007: Generate SCR: true [ 328.047733][ T9586] tpg source WxH: 320x240 (Y'CbCr) [ 328.061252][ T9588] openvswitch: netlink: Key type 261 is out of range max 32 [ 328.074771][ T9586] tpg field: 1 [ 328.078169][ T9586] tpg crop: (0,0)/320x240 [ 328.095303][ T9586] tpg compose: (0,0)/320x240 [ 328.113760][ T9586] tpg colorspace: 8 [ 328.129212][ T9586] tpg transfer function: 0/0 [ 328.184956][ T9586] tpg Y'CbCr encoding: 0/0 [ 328.189420][ T9586] tpg quantization: 0/0 [ 328.193586][ T9586] tpg RGB range: 0/2 [ 328.262559][ T9586] vivid-007: ================== END STATUS ================== [ 328.308442][ T9585] vivid-007: ================= START STATUS ================= [ 328.346540][ T9585] vivid-007: Generate PTS: true [ 328.425846][ T9585] vivid-007: Generate SCR: true [ 328.461311][ T9585] tpg source WxH: 320x240 (Y'CbCr) [ 328.497431][ T9585] tpg field: 1 [ 328.536188][ T9585] tpg crop: (0,0)/320x240 [ 328.560959][ T9585] tpg compose: (0,0)/320x240 [ 328.596623][ T9585] tpg colorspace: 8 [ 328.602038][ T9601] netlink: 8 bytes leftover after parsing attributes in process `syz.0.902'. [ 328.633701][ T9585] tpg transfer function: 0/0 [ 328.652011][ T9585] tpg Y'CbCr encoding: 0/0 [ 328.661157][ T9601] openvswitch: HfR: Dropping previously announced user features [ 328.683984][ T9585] tpg quantization: 0/0 [ 328.728932][ T9585] tpg RGB range: 0/2 [ 328.756140][ T9585] vivid-007: ================== END STATUS ================== [ 328.823961][ T9604] vivid-007: ================= START STATUS ================= [ 328.874382][ T9604] vivid-007: Generate PTS: true [ 328.897604][ T9604] vivid-007: Generate SCR: true [ 328.915560][ T9604] tpg source WxH: 320x240 (Y'CbCr) [ 328.935455][ T9604] tpg field: 1 [ 328.958491][ T9604] tpg crop: (0,0)/320x240 [ 328.978800][ T9604] tpg compose: (0,0)/320x240 [ 328.997062][ T9604] tpg colorspace: 8 [ 329.009801][ T9604] tpg transfer function: 0/0 [ 329.029756][ T9604] tpg Y'CbCr encoding: 0/0 [ 329.046723][ T9604] tpg quantization: 0/0 [ 329.061777][ T9604] tpg RGB range: 0/2 [ 329.075573][ T9604] vivid-007: ================== END STATUS ================== [ 329.365381][ T9619] vivid-007: ================= START STATUS ================= [ 329.373075][ T9619] vivid-007: Generate PTS: true [ 329.482725][ T9619] vivid-007: Generate SCR: true [ 329.518933][ T9619] tpg source WxH: 320x240 (Y'CbCr) [ 329.518952][ T9619] tpg field: 1 [ 329.518960][ T9619] tpg crop: (0,0)/320x240 [ 329.518972][ T9619] tpg compose: (0,0)/320x240 [ 329.518984][ T9619] tpg colorspace: 8 [ 329.518991][ T9619] tpg transfer function: 0/0 [ 329.519000][ T9619] tpg Y'CbCr encoding: 0/0 [ 329.519009][ T9619] tpg quantization: 0/0 [ 329.519018][ T9619] tpg RGB range: 0/2 [ 329.519027][ T9619] vivid-007: ================== END STATUS ================== [ 329.605137][ T9628] vivid-007: ================= START STATUS ================= [ 329.605156][ T9628] vivid-007: Generate PTS: true [ 329.605178][ T9628] vivid-007: Generate SCR: true [ 329.605198][ T9628] tpg source WxH: 320x240 (Y'CbCr) [ 329.605211][ T9628] tpg field: 1 [ 329.605218][ T9628] tpg crop: (0,0)/320x240 [ 329.605229][ T9628] tpg compose: (0,0)/320x240 [ 329.605241][ T9628] tpg colorspace: 8 [ 329.605248][ T9628] tpg transfer function: 0/0 [ 329.605258][ T9628] tpg Y'CbCr encoding: 0/0 [ 329.605266][ T9628] tpg quantization: 0/0 [ 329.605275][ T9628] tpg RGB range: 0/2 [ 329.605283][ T9628] vivid-007: ================== END STATUS ================== [ 329.666101][ T9630] futex_wake_op: syz.1.906 tries to shift op by -1; fix this program [ 329.950272][ T9630] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.665208][ T9647] binder: 9646:9647 ioctl 400c620e 2000000008c0 returned -22 [ 330.748441][ T9650] vivid-007: ================= START STATUS ================= [ 330.804017][ T9650] vivid-007: Generate PTS: true [ 330.834160][ T9650] vivid-007: Generate SCR: true [ 330.848395][ T9650] tpg source WxH: 320x240 (Y'CbCr) [ 330.881213][ T9650] tpg field: 1 [ 330.905447][ T9650] tpg crop: (0,0)/320x240 [ 330.920358][ T9650] tpg compose: (0,0)/320x240 [ 330.934735][ T9650] tpg colorspace: 8 [ 330.953991][ T9650] tpg transfer function: 0/0 [ 330.969116][ T9650] tpg Y'CbCr encoding: 0/0 [ 330.983578][ T9650] tpg quantization: 0/0 [ 331.013217][ T9650] tpg RGB range: 0/2 [ 331.030693][ T9650] vivid-007: ================== END STATUS ================== [ 332.238993][ T9686] binder: 9685:9686 ioctl 400c620e 2000000008c0 returned -22 [ 332.627214][ T9690] FAULT_INJECTION: forcing a failure. [ 332.627214][ T9690] name fail_futex, interval 1, probability 0, space 0, times 0 [ 332.685324][ T9690] CPU: 0 UID: 0 PID: 9690 Comm: syz.1.923 Tainted: G L syzkaller #0 PREEMPT(full) [ 332.685355][ T9690] Tainted: [L]=SOFTLOCKUP [ 332.685362][ T9690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 332.685373][ T9690] Call Trace: [ 332.685379][ T9690] [ 332.685386][ T9690] dump_stack_lvl+0x100/0x190 [ 332.685419][ T9690] should_fail_ex.cold+0x5/0xa [ 332.685441][ T9690] get_futex_key+0x1d2/0x1620 [ 332.685469][ T9690] ? __pfx_get_futex_key+0x10/0x10 [ 332.685495][ T9690] ? __fput+0x68a/0xb40 [ 332.685521][ T9690] futex_wait_setup+0x83/0x510 [ 332.685556][ T9690] __futex_wait+0x19f/0x300 [ 332.685586][ T9690] ? __pfx___futex_wait+0x10/0x10 [ 332.685619][ T9690] ? __pfx_futex_wake_mark+0x10/0x10 [ 332.685650][ T9690] ? futex_hash+0x2c5/0x380 [ 332.685678][ T9690] futex_wait+0xed/0x380 [ 332.685707][ T9690] ? __pfx_futex_wait+0x10/0x10 [ 332.685748][ T9690] do_futex+0x1ef/0x350 [ 332.685772][ T9690] ? __pfx_do_futex+0x10/0x10 [ 332.685797][ T9690] ? __pfx___might_resched+0x10/0x10 [ 332.685824][ T9690] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 332.685857][ T9690] __x64_sys_futex+0x34f/0x4d0 [ 332.685884][ T9690] ? __pfx_task_work_run+0x10/0x10 [ 332.685921][ T9690] ? __pfx___x64_sys_futex+0x10/0x10 [ 332.685947][ T9690] ? exit_to_user_mode_loop+0xdd/0x4a0 [ 332.685979][ T9690] do_syscall_64+0x106/0xf80 [ 332.686000][ T9690] ? clear_bhb_loop+0x40/0x90 [ 332.686022][ T9690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.686041][ T9690] RIP: 0033:0x7fe4f9b9c819 [ 332.686056][ T9690] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 332.686073][ T9690] RSP: 002b:00007fe4faa770e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 332.686092][ T9690] RAX: ffffffffffffffda RBX: 00007fe4f9e15fa8 RCX: 00007fe4f9b9c819 [ 332.686104][ T9690] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe4f9e15fa8 [ 332.686115][ T9690] RBP: 00007fe4f9e15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 332.686127][ T9690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 332.686138][ T9690] R13: 00007fe4f9e16038 R14: 00007fff3829e560 R15: 00007fff3829e648 [ 332.686160][ T9690] [ 333.988861][ T9698] zswap: compressor not available [ 335.291802][ T9724] binder: 9723:9724 ioctl 400c620e 2000000008c0 returned -22 [ 335.598365][ T9731] netlink: 'syz.3.932': attribute type 11 has an invalid length. [ 335.645105][ T9731] netlink: 'syz.3.932': attribute type 11 has an invalid length. [ 335.688012][ T9731] netlink: 'syz.3.932': attribute type 11 has an invalid length. [ 335.734901][ T9733] netlink: 342 bytes leftover after parsing attributes in process `syz.3.932'. [ 335.912287][ T9734] netlink: 98 bytes leftover after parsing attributes in process `syz.3.932'. [ 336.389143][ T9746] vivid-007: ================= START STATUS ================= [ 336.419657][ T9746] vivid-007: Generate PTS: true [ 336.464086][ T9746] vivid-007: Generate SCR: true [ 336.494789][ T9746] tpg source WxH: 320x240 (Y'CbCr) [ 336.519895][ T9746] tpg field: 1 [ 336.523325][ T9746] tpg crop: (0,0)/320x240 [ 336.583995][ T9746] tpg compose: (0,0)/320x240 [ 336.588635][ T9746] tpg colorspace: 8 [ 336.592441][ T9746] tpg transfer function: 0/0 [ 336.674401][ T9746] tpg Y'CbCr encoding: 0/0 [ 336.686308][ T9746] tpg quantization: 0/0 [ 336.706579][ T9746] tpg RGB range: 0/2 [ 336.744391][ T9746] vivid-007: ================== END STATUS ================== [ 337.375926][ T9775] vivid-007: ================= START STATUS ================= [ 337.375945][ T9775] vivid-007: Generate PTS: true [ 337.375968][ T9775] vivid-007: Generate SCR: true [ 337.375988][ T9775] tpg source WxH: 320x240 (Y'CbCr) [ 337.375999][ T9775] tpg field: 1 [ 337.376006][ T9775] tpg crop: (0,0)/320x240 [ 337.376018][ T9775] tpg compose: (0,0)/320x240 [ 337.376030][ T9775] tpg colorspace: 8 [ 337.376037][ T9775] tpg transfer function: 0/0 [ 337.376046][ T9775] tpg Y'CbCr encoding: 0/0 [ 337.376056][ T9775] tpg quantization: 0/0 [ 337.376064][ T9775] tpg RGB range: 0/2 [ 337.376072][ T9775] vivid-007: ================== END STATUS ================== [ 337.629999][ T9779] FAULT_INJECTION: forcing a failure. [ 337.629999][ T9779] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 337.630058][ T9779] CPU: 0 UID: 0 PID: 9779 Comm: syz.2.946 Tainted: G L syzkaller #0 PREEMPT(full) [ 337.630084][ T9779] Tainted: [L]=SOFTLOCKUP [ 337.630090][ T9779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 337.630101][ T9779] Call Trace: [ 337.630107][ T9779] [ 337.630113][ T9779] dump_stack_lvl+0x100/0x190 [ 337.630146][ T9779] should_fail_ex.cold+0x5/0xa [ 337.630168][ T9779] _copy_to_user+0x32/0xd0 [ 337.630194][ T9779] simple_read_from_buffer+0xcb/0x170 [ 337.630227][ T9779] proc_fail_nth_read+0x1af/0x230 [ 337.630252][ T9779] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 337.630277][ T9779] ? rw_verify_area+0xce/0x6d0 [ 337.630305][ T9779] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 337.630329][ T9779] vfs_read+0x1e4/0xb30 [ 337.630349][ T9779] ? __pfx_vfs_read+0x10/0x10 [ 337.630366][ T9779] ? __fget_files+0x215/0x3d0 [ 337.630389][ T9779] ? __fget_files+0x21f/0x3d0 [ 337.630414][ T9779] ksys_read+0x12a/0x250 [ 337.630431][ T9779] ? __pfx_ksys_read+0x10/0x10 [ 337.630455][ T9779] do_syscall_64+0x106/0xf80 [ 337.630475][ T9779] ? clear_bhb_loop+0x40/0x90 [ 337.630497][ T9779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.630516][ T9779] RIP: 0033:0x7f961bf5d04e [ 337.630531][ T9779] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 337.630549][ T9779] RSP: 002b:00007f961cd81fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 337.630567][ T9779] RAX: ffffffffffffffda RBX: 00007f961cd826c0 RCX: 00007f961bf5d04e [ 337.630578][ T9779] RDX: 000000000000000f RSI: 00007f961cd820a0 RDI: 0000000000000004 [ 337.630589][ T9779] RBP: 00007f961cd82090 R08: 0000000000000000 R09: 0000000000000000 [ 337.630599][ T9779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 337.630609][ T9779] R13: 00007f961c216128 R14: 00007f961c216090 R15: 00007ffe595daf78 [ 337.630632][ T9779] [ 338.519374][ T9795] netlink: 'syz.2.948': attribute type 11 has an invalid length. [ 338.564031][ T9795] netlink: 'syz.2.948': attribute type 11 has an invalid length. [ 338.600388][ T9795] netlink: 'syz.2.948': attribute type 11 has an invalid length. [ 338.639847][ T9798] netlink: 342 bytes leftover after parsing attributes in process `syz.2.948'. [ 338.671998][ T9800] vivid-007: ================= START STATUS ================= [ 338.757798][ T9800] vivid-007: Generate PTS: true [ 338.762774][ T9800] vivid-007: Generate SCR: true [ 338.785612][ T9798] netlink: 98 bytes leftover after parsing attributes in process `syz.2.948'. [ 338.831219][ T9800] tpg source WxH: 320x240 (Y'CbCr) [ 338.907717][ T9800] tpg field: 1 [ 338.950082][ T9800] tpg crop: (0,0)/320x240 [ 338.988556][ T9800] tpg compose: (0,0)/320x240 [ 339.019978][ T9800] tpg colorspace: 8 [ 339.040740][ T9800] tpg transfer function: 0/0 [ 339.062599][ T9800] tpg Y'CbCr encoding: 0/0 [ 339.081933][ T9800] tpg quantization: 0/0 [ 339.100260][ T9800] tpg RGB range: 0/2 [ 339.119288][ T9800] vivid-007: ================== END STATUS ================== [ 339.710580][ T9828] ================================================================== [ 339.710594][ T9828] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60 [ 339.710630][ T9828] Write of size 8 at addr ffffc90003ef97e0 by task syz.3.959/9828 [ 339.710646][ T9828] [ 339.710666][ T9828] CPU: 0 UID: 0 PID: 9828 Comm: syz.3.959 Tainted: G L syzkaller #0 PREEMPT(full) [ 339.710692][ T9828] Tainted: [L]=SOFTLOCKUP [ 339.710698][ T9828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 339.710709][ T9828] Call Trace: [ 339.710715][ T9828] [ 339.710722][ T9828] dump_stack_lvl+0x100/0x190 [ 339.710751][ T9828] print_report+0x156/0x4c9 [ 339.710776][ T9828] ? _raw_spin_lock_irqsave+0x52/0x60 [ 339.710807][ T9828] ? sys_imageblit+0x19fb/0x1d60 [ 339.710834][ T9828] kasan_report+0xdf/0x1e0 [ 339.710854][ T9828] ? sys_imageblit+0x19fb/0x1d60 [ 339.710885][ T9828] sys_imageblit+0x19fb/0x1d60 [ 339.710915][ T9828] ? __pfx_sys_imageblit+0x10/0x10 [ 339.710947][ T9828] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 339.710970][ T9828] soft_cursor+0x524/0xa10 [ 339.710997][ T9828] bit_cursor+0xe58/0x16f0 [ 339.711022][ T9828] ? __pfx_bit_cursor+0x10/0x10 [ 339.711047][ T9828] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 339.711067][ T9828] ? get_color+0x1da/0x450 [ 339.711085][ T9828] ? __pfx_bit_cursor+0x10/0x10 [ 339.711107][ T9828] fbcon_cursor+0x43c/0x5e0 [ 339.711127][ T9828] ? mark_lock+0x9b0/0xa20 [ 339.711150][ T9828] hide_cursor+0x87/0x230 [ 339.711176][ T9828] do_con_write+0x23fe/0x8540 [ 339.711192][ T9828] ? trace_contention_end+0x140/0x180 [ 339.711218][ T9828] ? __pfx___schedule+0x10/0x10 [ 339.711248][ T9828] ? irqentry_exit+0x180/0x670 [ 339.711266][ T9828] ? lockdep_hardirqs_on+0x78/0x100 [ 339.711283][ T9828] ? __pfx_do_con_write+0x10/0x10 [ 339.711304][ T9828] con_write+0x23/0xb0 [ 339.711319][ T9828] n_tty_write+0x44f/0x12d0 [ 339.711344][ T9828] ? __pfx_n_tty_write+0x10/0x10 [ 339.711364][ T9828] ? trace_kmalloc+0x101/0x130 [ 339.711384][ T9828] ? __pfx_woken_wake_function+0x10/0x10 [ 339.711412][ T9828] ? rcu_is_watching+0x12/0xc0 [ 339.711440][ T9828] ? file_tty_write.isra.0+0x694/0x890 [ 339.711468][ T9828] ? kfree+0x2ec/0x6b0 [ 339.711492][ T9828] ? __pfx_n_tty_write+0x10/0x10 [ 339.711512][ T9828] file_tty_write.isra.0+0x4d2/0x890 [ 339.711543][ T9828] redirected_tty_write+0xd4/0x120 [ 339.711572][ T9828] vfs_write+0x6ac/0x1070 [ 339.711589][ T9828] ? __pfx_redirected_tty_write+0x10/0x10 [ 339.711619][ T9828] ? __pfx_vfs_write+0x10/0x10 [ 339.711635][ T9828] ? find_held_lock+0x2b/0x80 [ 339.711663][ T9828] ksys_write+0x12a/0x250 [ 339.711680][ T9828] ? __pfx_ksys_write+0x10/0x10 [ 339.711699][ T9828] do_syscall_64+0x106/0xf80 [ 339.711717][ T9828] ? clear_bhb_loop+0x40/0x90 [ 339.711737][ T9828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.711756][ T9828] RIP: 0033:0x7efdd0d9c819 [ 339.711770][ T9828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 339.711788][ T9828] RSP: 002b:00007efdd1bc6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 339.711807][ T9828] RAX: ffffffffffffffda RBX: 00007efdd1015fa0 RCX: 00007efdd0d9c819 [ 339.711819][ T9828] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000005 [ 339.711830][ T9828] RBP: 00007efdd0e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 339.711840][ T9828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.711851][ T9828] R13: 00007efdd1016038 R14: 00007efdd1015fa0 R15: 00007ffc0586e128 [ 339.711867][ T9828] [ 339.711873][ T9828] [ 339.711878][ T9828] The buggy address belongs to a vmalloc virtual mapping [ 339.711891][ T9828] Memory state around the buggy address: [ 339.711900][ T9828] ffffc90003ef9680: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 339.711913][ T9828] ffffc90003ef9700: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 339.711930][ T9828] >ffffc90003ef9780: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 339.711939][ T9828] ^ [ 339.711949][ T9828] ffffc90003ef9800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 339.711962][ T9828] ffffc90003ef9880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 339.711972][ T9828] ================================================================== [ 339.722713][ T9828] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 339.722735][ T9828] CPU: 0 UID: 0 PID: 9828 Comm: syz.3.959 Tainted: G L syzkaller #0 PREEMPT(full) [ 339.722763][ T9828] Tainted: [L]=SOFTLOCKUP [ 339.722770][ T9828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 339.722781][ T9828] Call Trace: [ 339.722787][ T9828] [ 339.722795][ T9828] dump_stack_lvl+0x100/0x190 [ 339.722826][ T9828] vpanic+0x552/0x970 [ 339.722843][ T9828] ? __pfx_vpanic+0x10/0x10 [ 339.722863][ T9828] ? sys_imageblit+0x19fb/0x1d60 [ 339.722891][ T9828] panic+0xd1/0xe0 [ 339.722907][ T9828] ? __pfx_panic+0x10/0x10 [ 339.722925][ T9828] ? sys_imageblit+0x19fb/0x1d60 [ 339.722952][ T9828] ? preempt_schedule_common+0x42/0xc0 [ 339.722974][ T9828] check_panic_on_warn.cold+0x19/0x34 [ 339.722993][ T9828] end_report.part.0+0x3a/0x90 [ 339.723018][ T9828] kasan_report.cold+0xe/0x18 [ 339.723044][ T9828] ? sys_imageblit+0x19fb/0x1d60 [ 339.723074][ T9828] sys_imageblit+0x19fb/0x1d60 [ 339.723104][ T9828] ? __pfx_sys_imageblit+0x10/0x10 [ 339.723136][ T9828] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 339.723158][ T9828] soft_cursor+0x524/0xa10 [ 339.723185][ T9828] bit_cursor+0xe58/0x16f0 [ 339.723210][ T9828] ? __pfx_bit_cursor+0x10/0x10 [ 339.723237][ T9828] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 339.723257][ T9828] ? get_color+0x1da/0x450 [ 339.723276][ T9828] ? __pfx_bit_cursor+0x10/0x10 [ 339.723298][ T9828] fbcon_cursor+0x43c/0x5e0 [ 339.723318][ T9828] ? mark_lock+0x9b0/0xa20 [ 339.723342][ T9828] hide_cursor+0x87/0x230 [ 339.723367][ T9828] do_con_write+0x23fe/0x8540 [ 339.723384][ T9828] ? trace_contention_end+0x140/0x180 [ 339.723411][ T9828] ? __pfx___schedule+0x10/0x10 [ 339.723441][ T9828] ? irqentry_exit+0x180/0x670 [ 339.723459][ T9828] ? lockdep_hardirqs_on+0x78/0x100 [ 339.723477][ T9828] ? __pfx_do_con_write+0x10/0x10 [ 339.723498][ T9828] con_write+0x23/0xb0 [ 339.723514][ T9828] n_tty_write+0x44f/0x12d0 [ 339.723539][ T9828] ? __pfx_n_tty_write+0x10/0x10 [ 339.723560][ T9828] ? trace_kmalloc+0x101/0x130 [ 339.723580][ T9828] ? __pfx_woken_wake_function+0x10/0x10 [ 339.723608][ T9828] ? rcu_is_watching+0x12/0xc0 [ 339.723636][ T9828] ? file_tty_write.isra.0+0x694/0x890 [ 339.723672][ T9828] ? kfree+0x2ec/0x6b0 [ 339.723696][ T9828] ? __pfx_n_tty_write+0x10/0x10 [ 339.723716][ T9828] file_tty_write.isra.0+0x4d2/0x890 [ 339.723747][ T9828] redirected_tty_write+0xd4/0x120 [ 339.723777][ T9828] vfs_write+0x6ac/0x1070 [ 339.723795][ T9828] ? __pfx_redirected_tty_write+0x10/0x10 [ 339.723826][ T9828] ? __pfx_vfs_write+0x10/0x10 [ 339.723842][ T9828] ? find_held_lock+0x2b/0x80 [ 339.723864][ T9828] ksys_write+0x12a/0x250 [ 339.723886][ T9828] ? __pfx_ksys_write+0x10/0x10 [ 339.723906][ T9828] do_syscall_64+0x106/0xf80 [ 339.723924][ T9828] ? clear_bhb_loop+0x40/0x90 [ 339.723945][ T9828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.723964][ T9828] RIP: 0033:0x7efdd0d9c819 [ 339.723979][ T9828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 339.723997][ T9828] RSP: 002b:00007efdd1bc6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 339.724015][ T9828] RAX: ffffffffffffffda RBX: 00007efdd1015fa0 RCX: 00007efdd0d9c819 [ 339.724028][ T9828] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000005 [ 339.724039][ T9828] RBP: 00007efdd0e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 339.724050][ T9828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.724060][ T9828] R13: 00007efdd1016038 R14: 00007efdd1015fa0 R15: 00007ffc0586e128 [ 339.724077][ T9828] [ 339.724144][ T9828] Kernel Offset: disabled