last executing test programs: 2m7.941619273s ago: executing program 3 (id=3541): openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0xd, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) pwrite64$auto(0xc8, 0x0, 0x100000000000fdf3, 0x3) 2m7.285411463s ago: executing program 3 (id=3546): mmap$auto(0x0, 0x7, 0x7, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x1}, 0x21) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) read$auto(0x3, 0x0, 0x80) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x100102, 0x0) close_range$auto(0x2, 0x8, 0x0) 2m6.424415462s ago: executing program 3 (id=3548): openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0x401, 0x8000) bind$auto(0x3, 0x0, 0x6d) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) listmount$auto(&(0x7f0000000080)={0x1f, @raw, 0x80000026, 0xfffffffffffffff7, 0x8}, 0x0, 0xf4240, 0x1) 2m3.532073539s ago: executing program 3 (id=3558): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 2m2.924506372s ago: executing program 3 (id=3561): openat$auto_ext4_dir_operations_ext4(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci4/power\x00', 0x20100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0xfffffffd, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f2, 0x24) 2m2.086066958s ago: executing program 3 (id=3564): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0x400018) ioctl$auto(0x3, 0x4020565a, 0x38) ioctl$auto(0x3, 0x4020565b, 0x38) 2m1.639327962s ago: executing program 32 (id=3564): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0x400018) ioctl$auto(0x3, 0x4020565a, 0x38) ioctl$auto(0x3, 0x4020565b, 0x38) 8.000283361s ago: executing program 0 (id=4046): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000100)="8c070000001b208365d5c0d112dbab0800002eb01c3db79f77fdc2bb5057100112d88f73348a54396800ed598a0e5500d7c0cbb6b1e91df3a518659678d207bd9be09b6674129571d279", 0x40000000001243}, 0x3, 0x0) ioctl$auto(r0, 0x400454ca, 0x38) ioctl$auto_TUNSETOWNER(r0, 0x400454cc, 0x0) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) ioctl$auto(r2, 0x400454ca, 0x38) 7.345703066s ago: executing program 4 (id=4049): mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0300, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) io_uring_setup$auto(0x59, 0x0) r1 = socketcall$auto(0xffe, 0x0) ioctl$auto(0x3, 0x4008ae61, r1) 7.220328922s ago: executing program 0 (id=4051): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2?', 0x80000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x2a742, 0x0) mmap$auto(0x0, 0x10000, 0xde, 0x11, r1, 0x28000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) write$auto(r2, 0x0, 0xfffffdef) 6.203651411s ago: executing program 4 (id=4054): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x184) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) 4.906763487s ago: executing program 4 (id=4058): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x34, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x13, 0x2, ':\xbf*,\x8a}\x00\xfa\x88\xc7K\xf7\xff\xff\xff'}, @SMC_PNETID_ETHNAME={0xb, 0x2, ':\xbf+,\x8a}\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x8000) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000100)={0x7}) 4.606405293s ago: executing program 2 (id=4060): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = eventfd$auto(0x4) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) ioctl$auto(r2, 0x4008af20, r1) read$auto_ptdump_curknl_fops_(r0, &(0x7f00000003c0)=""/182, 0xb6) 3.972532322s ago: executing program 2 (id=4062): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) fstat$auto(r0, 0x0) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptytd\x00', 0x800, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101c40, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x541c, r2) 3.729708599s ago: executing program 4 (id=4063): r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x29, 0x3e, 0x0, 0x1ff) finit_module$auto(0x3, 0xfffffffffffffffe, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xbfffffffffff0006, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) setns$auto(0x0, 0xb) 3.505207433s ago: executing program 0 (id=4064): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x6}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f3, 0x24) 3.284721709s ago: executing program 1 (id=4065): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card0/pcm0c/sub6/info\x00', 0x88140, 0x0) pread64$auto(r1, 0x0, 0x1ff, 0x9) ioctl$auto(0x3, 0x402c542b, 0x38) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) 3.036106297s ago: executing program 2 (id=4066): mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) setfsuid$auto(0xee00) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0xff04, 0x0) 2.948033407s ago: executing program 1 (id=4067): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x36}}, 0x55) io_uring_setup$auto(0x6, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r1, 0x4, 0x7ff) connect$auto(r0, &(0x7f0000000000)=@l2tp={0x2, 0x0, @multicast2, 0x1}, 0x7f) write$auto(0x3, 0x0, 0xfdef) 2.703049942s ago: executing program 2 (id=4068): socket(0x10, 0x2, 0x0) socket(0x2, 0x1, 0x106) socket(0x2, 0x80002, 0x73) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x100, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) r1 = io_uring_setup$auto(0x1, 0x0) ioctl$auto(r0, 0xc0585604, r1) 2.361713452s ago: executing program 0 (id=4069): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) unshare$auto(0x40000080) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/mice\x00', 0x22002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto(0x3, 0x0, 0x70) 2.357934373s ago: executing program 2 (id=4070): mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/force_tx_status\x00', 0x82, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001140)='/proc/sys/net/ipv6/conf/wg1/drop_unicast_in_l2_multicast\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x84) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0xb, 0xa, 0x40007fff, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x5e, 0x80000001, 0x7, 0x2, 0x93, 0x400000001, 0x2]}, 0x0) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) 1.998055186s ago: executing program 2 (id=4071): r0 = socket(0x2, 0x801, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020209, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x2, 0x4}, 0x8}, 0x5, 0x20000000) sendmsg$auto_ETHTOOL_MSG_TSCONFIG_SET(r0, 0x0, 0x24044010) close_range$auto(0x2, 0x8, 0x0) 1.772103575s ago: executing program 4 (id=4072): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x123002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x3) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.7/usb8/power/level\x00', 0x2c81, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) 1.732089485s ago: executing program 1 (id=4073): mmap$auto(0x0, 0x2020009, 0x3, 0x20000000000eb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x3a, 0xffffff01, 0x9, 0x8000000000000000, 0x8, 0x7, 0x9, 0x5, 0x5, 0x9, 0x3, 0x8, 0x5, 0xf, 0xfff, 0x9, 0x10001, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff]}, 0x800, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="1b0026bd7400fddbdf250300000004000800100003800c0009"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000140)={0x0, 0xc3}, 0x6, 0x0, 0x0, 0x504}, 0x1}, 0x2, 0x0) 1.363132297s ago: executing program 1 (id=4074): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f00000000c0), 0x3c3501, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000000), r1) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) close_range$auto(0x2, 0x8, 0x0) 379.353127ms ago: executing program 0 (id=4075): socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70090000004a0003000000000008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="8b632abd7000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 378.201615ms ago: executing program 1 (id=4076): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x88042, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22241, 0x155) socket(0xa, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x19, 0x0, 0x8) 95.684659ms ago: executing program 1 (id=4077): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty42\x00', 0x800, 0x0) socket(0xa, 0x5, 0x84) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/manager\x00', 0x82, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 95.480554ms ago: executing program 4 (id=4078): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/net/bond0/queues/tx-13/xps_cpus\x00', 0x2, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x22003, 0x0) 0s ago: executing program 0 (id=4079): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) eventfd$auto(0x4) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) ioctl$auto(r1, 0x4008af20, r0) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): 249 > 9 [ 610.765882][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 610.775749][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 610.784306][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 611.431711][T15882] chnl_net:caif_netlink_parms(): no params data found [ 611.702715][T15887] zswap: compressor not available [ 611.800425][T15882] bridge0: port 1(bridge_slave_0) entered blocking state [ 611.810901][T15882] bridge0: port 1(bridge_slave_0) entered disabled state [ 611.818691][T15882] bridge_slave_0: entered allmulticast mode [ 611.827798][T15882] bridge_slave_0: entered promiscuous mode [ 611.838980][T15882] bridge0: port 2(bridge_slave_1) entered blocking state [ 611.865541][T15882] bridge0: port 2(bridge_slave_1) entered disabled state [ 611.872893][T15882] bridge_slave_1: entered allmulticast mode [ 612.125474][T15904] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3572'. [ 612.330985][T15908] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input8 [ 612.355438][T15882] bridge_slave_1: entered promiscuous mode [ 612.615242][T15882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 612.650266][T15882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 612.777618][T15913] FAULT_INJECTION: forcing a failure. [ 612.777618][T15913] name failslab, interval 1, probability 0, space 0, times 0 [ 612.803229][T15913] CPU: 0 UID: 0 PID: 15913 Comm: syz.0.3575 Tainted: G L syzkaller #0 PREEMPT(full) [ 612.803286][T15913] Tainted: [L]=SOFTLOCKUP [ 612.803300][T15913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 612.803322][T15913] Call Trace: [ 612.803335][T15913] [ 612.803348][T15913] dump_stack_lvl+0x100/0x190 [ 612.803406][T15913] should_fail_ex.cold+0x5/0xa [ 612.803446][T15913] ? vkms_crtc_atomic_check+0x38a/0x7c0 [ 612.803490][T15913] should_failslab+0xc2/0x120 [ 612.803528][T15913] __kmalloc_noprof+0xe0/0x850 [ 612.803577][T15913] ? drm_atomic_add_affected_planes+0x32b/0x3f0 [ 612.803635][T15913] vkms_crtc_atomic_check+0x38a/0x7c0 [ 612.803686][T15913] ? __pfx_vkms_crtc_atomic_check+0x10/0x10 [ 612.803729][T15913] drm_atomic_helper_check_planes+0x4dc/0x900 [ 612.803785][T15913] drm_atomic_helper_check+0xae/0x190 [ 612.803834][T15913] vkms_atomic_check+0x1d9/0x250 [ 612.803890][T15913] ? __pfx_vkms_atomic_check+0x10/0x10 [ 612.803950][T15913] drm_atomic_check_only+0x19ea/0x31b0 [ 612.804013][T15913] drm_atomic_commit+0x132/0x300 [ 612.804056][T15913] ? __pfx_drm_atomic_commit+0x10/0x10 [ 612.804109][T15913] ? __pfx___drm_printfn_info+0x10/0x10 [ 612.804153][T15913] ? drm_client_rotation+0x451/0x6a0 [ 612.804209][T15913] drm_client_modeset_commit_atomic+0x6a6/0x7e0 [ 612.804270][T15913] ? __mutex_lock+0x26a/0x1b90 [ 612.804323][T15913] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 612.804373][T15913] ? drm_master_internal_acquire+0x21/0x80 [ 612.804458][T15913] drm_client_modeset_commit_locked+0x14d/0x580 [ 612.804513][T15913] drm_client_modeset_commit+0x4f/0x80 [ 612.804564][T15913] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 612.804618][T15913] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 612.804671][T15913] drm_fbdev_client_restore+0x1b/0x30 [ 612.804708][T15913] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 612.804745][T15913] drm_client_dev_restore+0x205/0x2a0 [ 612.804799][T15913] drm_release+0x2c6/0x360 [ 612.804842][T15913] ? __pfx_drm_release+0x10/0x10 [ 612.804885][T15913] __fput+0x3ff/0xb40 [ 612.804937][T15913] task_work_run+0x150/0x240 [ 612.804988][T15913] ? __pfx_task_work_run+0x10/0x10 [ 612.805051][T15913] exit_to_user_mode_loop+0x100/0x4a0 [ 612.805111][T15913] do_syscall_64+0x668/0xf80 [ 612.805161][T15913] ? clear_bhb_loop+0x40/0x90 [ 612.805207][T15913] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.805243][T15913] RIP: 0033:0x7fd5a359c799 [ 612.805273][T15913] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 612.805307][T15913] RSP: 002b:00007fd5a4422028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 612.805340][T15913] RAX: 0000000000000000 RBX: 00007fd5a3815fa0 RCX: 00007fd5a359c799 [ 612.805363][T15913] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 612.805383][T15913] RBP: 00007fd5a3632c99 R08: 0000000000000000 R09: 0000000000000000 [ 612.805403][T15913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 612.805425][T15913] R13: 00007fd5a3816038 R14: 00007fd5a3815fa0 R15: 00007ffff459d928 [ 612.805472][T15913] [ 613.121403][ T51] Bluetooth: hci0: command tx timeout [ 613.608520][T15882] team0: Port device team_slave_0 added [ 613.632960][T15882] team0: Port device team_slave_1 added [ 613.879181][T15882] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 613.903608][T15882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 613.996733][T15882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 614.027297][T15882] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 614.055719][T15882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 614.150931][T15882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 614.307173][T15882] hsr_slave_0: entered promiscuous mode [ 614.314571][T15882] hsr_slave_1: entered promiscuous mode [ 614.321332][T15882] debugfs: 'hsr0' already exists in 'hsr' [ 614.330338][T15882] Cannot create hsr debugfs directory [ 614.981807][T15882] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 615.039919][T15882] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 615.116687][T15882] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 615.163285][ T51] Bluetooth: hci0: command tx timeout [ 615.193338][T15882] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 615.599272][T15882] 8021q: adding VLAN 0 to HW filter on device bond0 [ 615.746741][T15882] 8021q: adding VLAN 0 to HW filter on device team0 [ 615.792257][ T131] bridge0: port 1(bridge_slave_0) entered blocking state [ 615.799538][ T131] bridge0: port 1(bridge_slave_0) entered forwarding state [ 615.900924][T12515] bridge0: port 2(bridge_slave_1) entered blocking state [ 615.908198][T12515] bridge0: port 2(bridge_slave_1) entered forwarding state [ 616.075471][T15882] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 616.637573][T15882] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 617.245241][ T51] Bluetooth: hci0: command tx timeout [ 617.280116][T15962] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3589'. [ 617.674816][T15970] netlink: 'syz.2.3590': attribute type 27 has an invalid length. [ 617.712466][T15882] veth0_vlan: entered promiscuous mode [ 617.734070][T15970] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3590'. [ 617.752030][T15882] veth1_vlan: entered promiscuous mode [ 617.895734][T15882] veth0_macvtap: entered promiscuous mode [ 617.932149][T15882] veth1_macvtap: entered promiscuous mode [ 617.989757][T15882] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 618.036378][T15974] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3593'. [ 618.077300][T15882] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 618.100091][ T150] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.157845][ T150] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.173558][ T150] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.226026][ T150] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.487742][T12515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 618.529228][T12515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 618.677831][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 618.689065][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 618.885182][T15882] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 619.323384][ T51] Bluetooth: hci0: command tx timeout [ 620.574099][T16009] GUP no longer grows the stack in syz.2.3602 (16009): 14000-41000 (4000) [ 620.584990][T16009] CPU: 0 UID: 0 PID: 16009 Comm: syz.2.3602 Tainted: G L syzkaller #0 PREEMPT(full) [ 620.585045][T16009] Tainted: [L]=SOFTLOCKUP [ 620.585058][T16009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 620.585079][T16009] Call Trace: [ 620.585093][T16009] [ 620.585106][T16009] dump_stack_lvl+0x100/0x190 [ 620.585165][T16009] gup_vma_lookup.cold+0x83/0x96 [ 620.585217][T16009] __get_user_pages+0x241/0x34d0 [ 620.585267][T16009] ? down_read_killable+0x30e/0x4c0 [ 620.585324][T16009] ? __lock_acquire+0x4a5/0x2630 [ 620.585370][T16009] ? __pfx___get_user_pages+0x10/0x10 [ 620.585421][T16009] __gup_longterm_locked+0x87d/0x16f0 [ 620.585476][T16009] ? __pfx___gup_longterm_locked+0x10/0x10 [ 620.585520][T16009] ? try_get_folio+0x262/0x750 [ 620.585555][T16009] ? find_held_lock+0x2b/0x80 [ 620.585588][T16009] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 620.585635][T16009] gup_fast_fallback+0x18c6/0x2460 [ 620.585707][T16009] ? __pfx_gup_fast_fallback+0x10/0x10 [ 620.585759][T16009] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 620.585799][T16009] ? is_bpf_text_address+0x94/0x1a0 [ 620.585858][T16009] ? __kernel_text_address+0xd/0x30 [ 620.585909][T16009] ? unwind_get_return_address+0x59/0xa0 [ 620.585952][T16009] pin_user_pages_fast+0xa7/0xf0 [ 620.585993][T16009] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 620.586046][T16009] iov_iter_extract_pages+0xa0d/0x1ef0 [ 620.586096][T16009] ? __blkdev_direct_IO_simple+0x112/0x890 [ 620.586147][T16009] ? kasan_save_stack+0x3f/0x50 [ 620.586198][T16009] ? kasan_save_stack+0x30/0x50 [ 620.586248][T16009] ? kasan_save_track+0x14/0x30 [ 620.586303][T16009] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 620.586343][T16009] ? blkdev_direct_IO+0xc76/0x1fb0 [ 620.586388][T16009] ? blkdev_write_iter+0x703/0xd70 [ 620.586437][T16009] ? vfs_write+0x6ac/0x1070 [ 620.586494][T16009] ? __lock_acquire+0x4a5/0x2630 [ 620.586547][T16009] iov_iter_extract_bvecs+0x10e/0xf40 [ 620.586596][T16009] ? find_held_lock+0x2b/0x80 [ 620.586627][T16009] ? bio_associate_blkg_from_css+0x394/0x13f0 [ 620.586675][T16009] ? __pfx_iov_iter_extract_bvecs+0x10/0x10 [ 620.586728][T16009] ? bio_associate_blkg_from_css+0x550/0x13f0 [ 620.586787][T16009] bio_iov_iter_get_pages+0x26a/0x970 [ 620.586838][T16009] __blkdev_direct_IO_simple+0x3a7/0x890 [ 620.586900][T16009] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 620.586980][T16009] ? ktime_get_coarse_real_ts64_mg+0x249/0x300 [ 620.587023][T16009] ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300 [ 620.587075][T16009] blkdev_direct_IO+0xc76/0x1fb0 [ 620.587141][T16009] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 620.587189][T16009] ? rcu_is_watching+0x12/0xc0 [ 620.587242][T16009] ? __mark_inode_dirty+0x55c/0x1790 [ 620.587291][T16009] ? filemap_check_errors+0xa9/0x150 [ 620.587340][T16009] blkdev_write_iter+0x703/0xd70 [ 620.587399][T16009] vfs_write+0x6ac/0x1070 [ 620.587453][T16009] ? __pfx_blkdev_write_iter+0x10/0x10 [ 620.587508][T16009] ? __pfx_vfs_write+0x10/0x10 [ 620.587559][T16009] ? find_held_lock+0x2b/0x80 [ 620.587617][T16009] ksys_write+0x12a/0x250 [ 620.587649][T16009] ? __pfx_ksys_write+0x10/0x10 [ 620.587693][T16009] do_syscall_64+0x106/0xf80 [ 620.587752][T16009] ? clear_bhb_loop+0x40/0x90 [ 620.587798][T16009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.587834][T16009] RIP: 0033:0x7fbf65d9c799 [ 620.587863][T16009] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 620.587898][T16009] RSP: 002b:00007fbf66cb9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 620.587932][T16009] RAX: ffffffffffffffda RBX: 00007fbf66015fa0 RCX: 00007fbf65d9c799 [ 620.587956][T16009] RDX: 000000000010007c RSI: 0000000000000000 RDI: 0000000000000003 [ 620.587977][T16009] RBP: 00007fbf65e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 620.587997][T16009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.588019][T16009] R13: 00007fbf66016038 R14: 00007fbf66015fa0 R15: 00007ffcf73b4758 [ 620.588065][T16009] [ 621.538910][T16018] netlink: 346 bytes leftover after parsing attributes in process `syz.4.3606'. [ 621.845114][T16022] base or size exceeds the MTRR width [ 623.077311][T16041] zswap: compressor not available [ 623.760155][T16059] usb usb36: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 623.808763][T16059] vhci_hcd vhci_hcd.1: default hub control req: c902 v00bf i0000 l0 [ 624.452449][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.458953][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.085031][T16089] FAULT_INJECTION: forcing a failure. [ 626.085031][T16089] name failslab, interval 1, probability 0, space 0, times 0 [ 626.100828][T16089] CPU: 0 UID: 0 PID: 16089 Comm: syz.1.3629 Tainted: G L syzkaller #0 PREEMPT(full) [ 626.100880][T16089] Tainted: [L]=SOFTLOCKUP [ 626.100893][T16089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 626.100913][T16089] Call Trace: [ 626.100925][T16089] [ 626.100939][T16089] dump_stack_lvl+0x100/0x190 [ 626.100998][T16089] should_fail_ex.cold+0x5/0xa [ 626.101039][T16089] should_failslab+0xc2/0x120 [ 626.101077][T16089] __kmalloc_cache_noprof+0x7a/0x6f0 [ 626.101122][T16089] ? kobject_create_and_add+0x46/0xc0 [ 626.101167][T16089] kobject_create_and_add+0x46/0xc0 [ 626.101204][T16089] __add_disk+0x66f/0xe40 [ 626.101261][T16089] ? find_held_lock+0x2b/0x80 [ 626.101298][T16089] add_disk_fwnode+0x3d4/0x5c0 [ 626.101360][T16089] zram_add+0x4d2/0x610 [ 626.101405][T16089] ? __pfx_zram_add+0x10/0x10 [ 626.101477][T16089] ? find_held_lock+0x2b/0x80 [ 626.101510][T16089] ? sysfs_file_kobj+0xe4/0x290 [ 626.101568][T16089] ? __pfx_hot_add_show+0x10/0x10 [ 626.101620][T16089] hot_add_show+0x21/0x80 [ 626.101666][T16089] class_attr_show+0x72/0xa0 [ 626.101706][T16089] ? __pfx_class_attr_show+0x10/0x10 [ 626.101745][T16089] sysfs_kf_seq_show+0x217/0x3a0 [ 626.101800][T16089] seq_read_iter+0x32f/0x1270 [ 626.101874][T16089] kernfs_fop_read_iter+0x46c/0x610 [ 626.101915][T16089] ? rw_verify_area+0xce/0x6d0 [ 626.101966][T16089] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 626.102009][T16089] vfs_read+0x825/0xb30 [ 626.102071][T16089] ? __pfx_vfs_read+0x10/0x10 [ 626.102155][T16089] ksys_read+0x12a/0x250 [ 626.102209][T16089] ? __pfx_ksys_read+0x10/0x10 [ 626.102278][T16089] do_syscall_64+0x106/0xf80 [ 626.102326][T16089] ? clear_bhb_loop+0x40/0x90 [ 626.102371][T16089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 626.102407][T16089] RIP: 0033:0x7f170999c799 [ 626.102438][T16089] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 626.102474][T16089] RSP: 002b:00007f170a8ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 626.102507][T16089] RAX: ffffffffffffffda RBX: 00007f1709c15fa0 RCX: 00007f170999c799 [ 626.102531][T16089] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000005 [ 626.102562][T16089] RBP: 00007f1709a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 626.102585][T16089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 626.102606][T16089] R13: 00007f1709c16038 R14: 00007f1709c15fa0 R15: 00007ffc9276bbf8 [ 626.102654][T16089] [ 626.914764][T16042] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 627.285907][T16109] FAULT_INJECTION: forcing a failure. [ 627.285907][T16109] name failslab, interval 1, probability 0, space 0, times 0 [ 627.355489][T16109] CPU: 1 UID: 0 PID: 16109 Comm: syz.2.3637 Tainted: G L syzkaller #0 PREEMPT(full) [ 627.355545][T16109] Tainted: [L]=SOFTLOCKUP [ 627.355558][T16109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 627.355580][T16109] Call Trace: [ 627.355591][T16109] [ 627.355606][T16109] dump_stack_lvl+0x100/0x190 [ 627.355664][T16109] should_fail_ex.cold+0x5/0xa [ 627.355706][T16109] should_failslab+0xc2/0x120 [ 627.355742][T16109] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 627.355795][T16109] ? __kernfs_new_node+0xd2/0x960 [ 627.355855][T16109] __kernfs_new_node+0xd2/0x960 [ 627.355911][T16109] ? __pfx___kernfs_new_node+0x10/0x10 [ 627.355974][T16109] ? find_held_lock+0x2b/0x80 [ 627.356006][T16109] ? kernfs_root+0xee/0x2a0 [ 627.356053][T16109] ? kernfs_root+0xee/0x2a0 [ 627.356123][T16109] kernfs_new_node+0x11b/0x1a0 [ 627.356187][T16109] __kernfs_create_file+0x53/0x350 [ 627.356234][T16109] sysfs_add_file_mode_ns+0x207/0x3c0 [ 627.356291][T16109] internal_create_group+0x593/0xf40 [ 627.356355][T16109] ? __pfx_internal_create_group+0x10/0x10 [ 627.356417][T16109] ? kernfs_create_link+0x1bd/0x240 [ 627.356477][T16109] internal_create_groups+0x9d/0x150 [ 627.356535][T16109] device_add+0x7c8/0x1950 [ 627.356581][T16109] ? __pfx_device_add+0x10/0x10 [ 627.356624][T16109] ? lockdep_init_map_type+0x5c/0x250 [ 627.356672][T16109] ? __init_waitqueue_head+0xca/0x150 [ 627.356737][T16109] netdev_register_kobject+0x1a9/0x3d0 [ 627.356801][T16109] register_netdevice+0x12e0/0x2210 [ 627.356861][T16109] ? idr_alloc+0xdd/0x130 [ 627.356910][T16109] ? __pfx_register_netdevice+0x10/0x10 [ 627.356962][T16109] ? net_generic+0xea/0x2a0 [ 627.357029][T16109] ppp_dev_configure+0x986/0xcb0 [ 627.357091][T16109] ppp_ioctl+0x985/0x2800 [ 627.357142][T16109] ? find_held_lock+0x2b/0x80 [ 627.357177][T16109] ? __pfx_ppp_ioctl+0x10/0x10 [ 627.357234][T16109] ? __fget_files+0x21f/0x3d0 [ 627.357274][T16109] ? __pfx_ppp_ioctl+0x10/0x10 [ 627.357324][T16109] __x64_sys_ioctl+0x18e/0x210 [ 627.357380][T16109] do_syscall_64+0x106/0xf80 [ 627.357428][T16109] ? clear_bhb_loop+0x40/0x90 [ 627.357472][T16109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.357509][T16109] RIP: 0033:0x7fbf65d9c799 [ 627.357538][T16109] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 627.357572][T16109] RSP: 002b:00007fbf66cb9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 627.357606][T16109] RAX: ffffffffffffffda RBX: 00007fbf66015fa0 RCX: 00007fbf65d9c799 [ 627.357630][T16109] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000005 [ 627.357652][T16109] RBP: 00007fbf65e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 627.357675][T16109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 627.357696][T16109] R13: 00007fbf66016038 R14: 00007fbf66015fa0 R15: 00007ffcf73b4758 [ 627.357743][T16109] [ 627.892081][T16115] FAULT_INJECTION: forcing a failure. [ 627.892081][T16115] name failslab, interval 1, probability 0, space 0, times 0 [ 627.931674][T16115] CPU: 0 UID: 0 PID: 16115 Comm: syz.0.3641 Tainted: G L syzkaller #0 PREEMPT(full) [ 627.931733][T16115] Tainted: [L]=SOFTLOCKUP [ 627.931748][T16115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 627.931771][T16115] Call Trace: [ 627.931783][T16115] [ 627.931797][T16115] dump_stack_lvl+0x100/0x190 [ 627.931859][T16115] should_fail_ex.cold+0x5/0xa [ 627.931903][T16115] should_failslab+0xc2/0x120 [ 627.931951][T16115] __kmalloc_cache_noprof+0x7a/0x6f0 [ 627.932006][T16115] ? v9fs_get_tree+0x9c/0xb50 [ 627.932071][T16115] v9fs_get_tree+0x9c/0xb50 [ 627.932123][T16115] ? rcu_is_watching+0x12/0xc0 [ 627.932178][T16115] ? __pfx_v9fs_get_tree+0x10/0x10 [ 627.932238][T16115] ? bpf_lsm_capable+0x9/0x10 [ 627.932274][T16115] ? security_capable+0x80/0x260 [ 627.932333][T16115] vfs_get_tree+0x92/0x320 [ 627.932382][T16115] vfs_cmd_create+0xd7/0x2a0 [ 627.932430][T16115] __do_sys_fsconfig+0x55a/0xcb0 [ 627.932480][T16115] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 627.932547][T16115] do_syscall_64+0x106/0xf80 [ 627.932598][T16115] ? clear_bhb_loop+0x40/0x90 [ 627.932642][T16115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.932679][T16115] RIP: 0033:0x7fd5a359c799 [ 627.932709][T16115] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 627.932744][T16115] RSP: 002b:00007fd5a4422028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 627.932778][T16115] RAX: ffffffffffffffda RBX: 00007fd5a3815fa0 RCX: 00007fd5a359c799 [ 627.932802][T16115] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003 [ 627.932824][T16115] RBP: 00007fd5a3632c99 R08: 0000000000000000 R09: 0000000000000000 [ 627.932846][T16115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 627.932867][T16115] R13: 00007fd5a3816038 R14: 00007fd5a3815fa0 R15: 00007ffff459d928 [ 627.932920][T16115] [ 628.411611][T16122] FAULT_INJECTION: forcing a failure. [ 628.411611][T16122] name failslab, interval 1, probability 0, space 0, times 0 [ 628.427125][T16122] CPU: 0 UID: 0 PID: 16122 Comm: syz.2.3643 Tainted: G L syzkaller #0 PREEMPT(full) [ 628.427179][T16122] Tainted: [L]=SOFTLOCKUP [ 628.427193][T16122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 628.427214][T16122] Call Trace: [ 628.427226][T16122] [ 628.427239][T16122] dump_stack_lvl+0x100/0x190 [ 628.427301][T16122] should_fail_ex.cold+0x5/0xa [ 628.427342][T16122] ? constrain_params_by_rules+0x175/0xcc0 [ 628.427389][T16122] should_failslab+0xc2/0x120 [ 628.427434][T16122] __kmalloc_noprof+0xe0/0x850 [ 628.427485][T16122] ? unwind_get_return_address+0x59/0xa0 [ 628.427532][T16122] constrain_params_by_rules+0x175/0xcc0 [ 628.427586][T16122] ? stack_trace_save+0x8e/0xc0 [ 628.427627][T16122] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 628.427681][T16122] ? __kasan_kmalloc+0xaa/0xb0 [ 628.427732][T16122] ? snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 628.427773][T16122] ? snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 628.427813][T16122] ? snd_pcm_oss_get_formats+0x7d/0x350 [ 628.427865][T16122] ? snd_interval_refine+0x2d0/0x580 [ 628.427924][T16122] snd_pcm_hw_refine+0x7e7/0xad0 [ 628.427976][T16122] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 628.428040][T16122] ? snd_interval_refine+0x2d0/0x580 [ 628.428098][T16122] snd_pcm_oss_change_params_locked+0xdb3/0x39f0 [ 628.428172][T16122] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 628.428215][T16122] ? __pfx___mutex_lock+0x10/0x10 [ 628.428264][T16122] ? find_held_lock+0x2b/0x80 [ 628.428296][T16122] ? tomoyo_path_number_perm+0x28f/0x580 [ 628.428352][T16122] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 628.428390][T16122] ? futex_wait+0x125/0x380 [ 628.428459][T16122] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 628.428509][T16122] snd_pcm_oss_get_formats+0x7d/0x350 [ 628.428549][T16122] ? do_vfs_ioctl+0x226/0x13e0 [ 628.428599][T16122] ? __pfx_snd_pcm_oss_get_formats+0x10/0x10 [ 628.428654][T16122] snd_pcm_oss_ioctl+0x1719/0x3720 [ 628.428696][T16122] ? find_held_lock+0x2b/0x80 [ 628.428728][T16122] ? __fget_files+0x215/0x3d0 [ 628.428759][T16122] ? hook_file_ioctl_common+0x146/0x410 [ 628.428801][T16122] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 628.428846][T16122] ? __fget_files+0x21f/0x3d0 [ 628.428884][T16122] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 628.428927][T16122] __x64_sys_ioctl+0x18e/0x210 [ 628.428980][T16122] do_syscall_64+0x106/0xf80 [ 628.429029][T16122] ? clear_bhb_loop+0x40/0x90 [ 628.429072][T16122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.429109][T16122] RIP: 0033:0x7fbf65d9c799 [ 628.429138][T16122] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 628.429173][T16122] RSP: 002b:00007fbf66cb9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 628.429207][T16122] RAX: ffffffffffffffda RBX: 00007fbf66015fa0 RCX: 00007fbf65d9c799 [ 628.429232][T16122] RDX: 0000000000000000 RSI: 000000008004500b RDI: 0000000000000005 [ 628.429254][T16122] RBP: 00007fbf65e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 628.429276][T16122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 628.429297][T16122] R13: 00007fbf66016038 R14: 00007fbf66015fa0 R15: 00007ffcf73b4758 [ 628.429344][T16122] [ 629.574151][T16145] syz_tun: refused to change device tx_queue_len [ 629.584086][T16144] FAULT_INJECTION: forcing a failure. [ 629.584086][T16144] name failslab, interval 1, probability 0, space 0, times 0 [ 629.611508][T16144] CPU: 1 UID: 0 PID: 16144 Comm: syz.0.3652 Tainted: G L syzkaller #0 PREEMPT(full) [ 629.611563][T16144] Tainted: [L]=SOFTLOCKUP [ 629.611576][T16144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 629.611597][T16144] Call Trace: [ 629.611609][T16144] [ 629.611622][T16144] dump_stack_lvl+0x100/0x190 [ 629.611680][T16144] should_fail_ex.cold+0x5/0xa [ 629.611722][T16144] should_failslab+0xc2/0x120 [ 629.611759][T16144] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 629.611810][T16144] ? fcntl_setlk+0xaa/0xe40 [ 629.611845][T16144] ? __lock_acquire+0x4a5/0x2630 [ 629.611895][T16144] fcntl_setlk+0xaa/0xe40 [ 629.611948][T16144] ? __pfx_fcntl_setlk+0x10/0x10 [ 629.611990][T16144] ? find_held_lock+0x2b/0x80 [ 629.612021][T16144] ? __might_fault+0xc5/0x140 [ 629.612069][T16144] ? __might_fault+0xc5/0x140 [ 629.612135][T16144] do_fcntl+0xf39/0x1670 [ 629.612179][T16144] ? __pfx_do_fcntl+0x10/0x10 [ 629.612219][T16144] ? __fget_files+0x215/0x3d0 [ 629.612265][T16144] ? tomoyo_file_fcntl+0x6c/0xc0 [ 629.612324][T16144] __x64_sys_fcntl+0x163/0x200 [ 629.612373][T16144] do_syscall_64+0x106/0xf80 [ 629.612420][T16144] ? clear_bhb_loop+0x40/0x90 [ 629.612469][T16144] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.612505][T16144] RIP: 0033:0x7fd5a359c799 [ 629.612534][T16144] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 629.612569][T16144] RSP: 002b:00007fd5a4422028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 629.612602][T16144] RAX: ffffffffffffffda RBX: 00007fd5a3815fa0 RCX: 00007fd5a359c799 [ 629.612625][T16144] RDX: 0000000000000004 RSI: 0000000000000026 RDI: 0000000000000003 [ 629.612647][T16144] RBP: 00007fd5a3632c99 R08: 0000000000000000 R09: 0000000000000000 [ 629.612668][T16144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 629.612689][T16144] R13: 00007fd5a3816038 R14: 00007fd5a3815fa0 R15: 00007ffff459d928 [ 629.612733][T16144] [ 629.961879][T16147] FAULT_INJECTION: forcing a failure. [ 629.961879][T16147] name failslab, interval 1, probability 0, space 0, times 0 [ 629.975480][T16147] CPU: 1 UID: 0 PID: 16147 Comm: syz.0.3653 Tainted: G L syzkaller #0 PREEMPT(full) [ 629.975534][T16147] Tainted: [L]=SOFTLOCKUP [ 629.975548][T16147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 629.975569][T16147] Call Trace: [ 629.975580][T16147] [ 629.975593][T16147] dump_stack_lvl+0x100/0x190 [ 629.975652][T16147] should_fail_ex.cold+0x5/0xa [ 629.975693][T16147] ? iter_file_splice_write+0x1d8/0x10a0 [ 629.975727][T16147] should_failslab+0xc2/0x120 [ 629.975763][T16147] __kmalloc_noprof+0xe0/0x850 [ 629.975814][T16147] ? __pfx___might_resched+0x10/0x10 [ 629.975872][T16147] iter_file_splice_write+0x1d8/0x10a0 [ 629.975930][T16147] ? __pfx_iter_file_splice_write+0x10/0x10 [ 629.975967][T16147] ? __lock_acquire+0x4a5/0x2630 [ 629.976013][T16147] ? shmem_file_splice_read+0x724/0xdd0 [ 629.976093][T16147] ? __pfx_iter_file_splice_write+0x10/0x10 [ 629.976132][T16147] direct_splice_actor+0x192/0x6c0 [ 629.976209][T16147] splice_direct_to_actor+0x345/0xa30 [ 629.976249][T16147] ? __pfx_direct_splice_actor+0x10/0x10 [ 629.976316][T16147] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 629.976365][T16147] do_splice_direct+0x174/0x240 [ 629.976402][T16147] ? __pfx_do_splice_direct+0x10/0x10 [ 629.976440][T16147] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 629.976503][T16147] ? rw_verify_area+0xce/0x6d0 [ 629.976559][T16147] do_sendfile+0xadc/0xe20 [ 629.976623][T16147] ? __pfx_do_sendfile+0x10/0x10 [ 629.976691][T16147] __x64_sys_sendfile64+0x154/0x220 [ 629.976734][T16147] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 629.976789][T16147] do_syscall_64+0x106/0xf80 [ 629.976836][T16147] ? clear_bhb_loop+0x40/0x90 [ 629.976880][T16147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.976917][T16147] RIP: 0033:0x7fd5a359c799 [ 629.976946][T16147] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 629.976981][T16147] RSP: 002b:00007fd5a4422028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 629.977015][T16147] RAX: ffffffffffffffda RBX: 00007fd5a3815fa0 RCX: 00007fd5a359c799 [ 629.977039][T16147] RDX: 0000200000000000 RSI: 0000000000000005 RDI: 0000000000000005 [ 629.977060][T16147] RBP: 00007fd5a3632c99 R08: 0000000000000000 R09: 0000000000000000 [ 629.977081][T16147] R10: 0000000000000b5d R11: 0000000000000246 R12: 0000000000000000 [ 629.977103][T16147] R13: 00007fd5a3816038 R14: 00007fd5a3815fa0 R15: 00007ffff459d928 [ 629.977159][T16147] [ 630.400245][T16149] FAULT_INJECTION: forcing a failure. [ 630.400245][T16149] name failslab, interval 1, probability 0, space 0, times 0 [ 630.433828][T16149] CPU: 1 UID: 0 PID: 16149 Comm: syz.1.3654 Tainted: G L syzkaller #0 PREEMPT(full) [ 630.433882][T16149] Tainted: [L]=SOFTLOCKUP [ 630.433895][T16149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 630.433917][T16149] Call Trace: [ 630.433928][T16149] [ 630.433942][T16149] dump_stack_lvl+0x100/0x190 [ 630.434002][T16149] should_fail_ex.cold+0x5/0xa [ 630.434043][T16149] should_failslab+0xc2/0x120 [ 630.434081][T16149] __kmalloc_cache_noprof+0x7a/0x6f0 [ 630.434153][T16149] ? tomoyo_write_log2+0x333/0xbc0 [ 630.434207][T16149] tomoyo_write_log2+0x333/0xbc0 [ 630.434260][T16149] tomoyo_supervisor+0x15e/0x1340 [ 630.434319][T16149] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 630.434375][T16149] ? tomoyo_realpath_from_path+0x19c/0x690 [ 630.434435][T16149] ? tomoyo_realpath_from_path+0x19c/0x690 [ 630.434481][T16149] ? kfree+0x1f6/0x6b0 [ 630.434527][T16149] ? tomoyo_check_path_number_acl+0x1e6/0x2f0 [ 630.434580][T16149] tomoyo_path_number_perm+0x445/0x580 [ 630.434632][T16149] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 630.434670][T16149] ? futex_wait+0x125/0x380 [ 630.434763][T16149] ? find_held_lock+0x2b/0x80 [ 630.434796][T16149] ? __fget_files+0x215/0x3d0 [ 630.434826][T16149] ? hook_file_ioctl_common+0x146/0x410 [ 630.434873][T16149] ? __fget_files+0x21f/0x3d0 [ 630.434913][T16149] security_file_ioctl+0xd3/0x230 [ 630.434954][T16149] __x64_sys_ioctl+0xb7/0x210 [ 630.435007][T16149] do_syscall_64+0x106/0xf80 [ 630.435056][T16149] ? clear_bhb_loop+0x40/0x90 [ 630.435100][T16149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 630.435138][T16149] RIP: 0033:0x7f170999c799 [ 630.435167][T16149] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 630.435200][T16149] RSP: 002b:00007f170a8ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 630.435234][T16149] RAX: ffffffffffffffda RBX: 00007f1709c15fa0 RCX: 00007f170999c799 [ 630.435257][T16149] RDX: 0000000000000005 RSI: 0000000000000809 RDI: 0000000000000003 [ 630.435278][T16149] RBP: 00007f1709a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 630.435299][T16149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 630.435321][T16149] R13: 00007f1709c16038 R14: 00007f1709c15fa0 R15: 00007ffc9276bbf8 [ 630.435367][T16149] [ 630.597648][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805e3c5c00: rx timeout, send abort [ 630.620197][ T5176] ERROR: Out of memory at tomoyo_memory_ok. [ 630.627861][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805e3c5c00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 631.035210][T16157] FAULT_INJECTION: forcing a failure. [ 631.035210][T16157] name failslab, interval 1, probability 0, space 0, times 0 [ 631.083517][T16157] CPU: 0 UID: 0 PID: 16157 Comm: syz.1.3657 Tainted: G L syzkaller #0 PREEMPT(full) [ 631.083580][T16157] Tainted: [L]=SOFTLOCKUP [ 631.083593][T16157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 631.083613][T16157] Call Trace: [ 631.083627][T16157] [ 631.083641][T16157] dump_stack_lvl+0x100/0x190 [ 631.083697][T16157] should_fail_ex.cold+0x5/0xa [ 631.083738][T16157] ? constrain_params_by_rules+0x175/0xcc0 [ 631.083784][T16157] should_failslab+0xc2/0x120 [ 631.083821][T16157] __kmalloc_noprof+0xe0/0x850 [ 631.083870][T16157] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 631.083917][T16157] constrain_params_by_rules+0x175/0xcc0 [ 631.083962][T16157] ? unwind_get_return_address+0x59/0xa0 [ 631.084017][T16157] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 631.084064][T16157] ? stack_trace_save+0x8e/0xc0 [ 631.084098][T16157] ? __pfx_stack_trace_save+0x10/0x10 [ 631.084135][T16157] ? snd_pcm_oss_change_params_locked+0xa6d/0x39f0 [ 631.084190][T16157] ? snd_pcm_oss_change_params_locked+0xae1/0x39f0 [ 631.084230][T16157] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 631.084269][T16157] ? snd_pcm_oss_sync+0x265/0x840 [ 631.084305][T16157] ? snd_pcm_oss_release+0x238/0x300 [ 631.084343][T16157] ? __fput+0x3ff/0xb40 [ 631.084381][T16157] ? task_work_run+0x150/0x240 [ 631.084429][T16157] ? snd_interval_refine+0x2d0/0x580 [ 631.084487][T16157] snd_pcm_hw_refine+0x7e7/0xad0 [ 631.084540][T16157] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 631.084629][T16157] snd_pcm_hw_param_first+0x2b0/0x680 [ 631.084679][T16157] snd_pcm_hw_param_near.constprop.0+0x739/0x850 [ 631.084727][T16157] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 631.084770][T16157] ? snd_pcm_oss_change_params_locked+0xa6d/0x39f0 [ 631.084811][T16157] ? kfree+0x1f6/0x6b0 [ 631.084863][T16157] snd_pcm_oss_change_params_locked+0xae1/0x39f0 [ 631.084922][T16157] ? snd_pcm_oss_sync+0x243/0x840 [ 631.084963][T16157] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 631.085004][T16157] ? task_work_add+0x201/0x3b0 [ 631.085057][T16157] ? __pfx___mutex_lock+0x10/0x10 [ 631.085134][T16157] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 631.085177][T16157] snd_pcm_oss_sync+0x265/0x840 [ 631.085223][T16157] snd_pcm_oss_release+0x238/0x300 [ 631.085265][T16157] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 631.085307][T16157] __fput+0x3ff/0xb40 [ 631.085356][T16157] task_work_run+0x150/0x240 [ 631.085408][T16157] ? __pfx_task_work_run+0x10/0x10 [ 631.085470][T16157] exit_to_user_mode_loop+0x100/0x4a0 [ 631.085521][T16157] do_syscall_64+0x668/0xf80 [ 631.085578][T16157] ? clear_bhb_loop+0x40/0x90 [ 631.085623][T16157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 631.085660][T16157] RIP: 0033:0x7f170999c799 [ 631.085689][T16157] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 631.085725][T16157] RSP: 002b:00007f170a8ce028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 631.085761][T16157] RAX: 0000000000000000 RBX: 00007f1709c15fa0 RCX: 00007f170999c799 [ 631.085784][T16157] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000 [ 631.085805][T16157] RBP: 00007f1709a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 631.085828][T16157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 631.085850][T16157] R13: 00007f1709c16038 R14: 00007f1709c15fa0 R15: 00007ffc9276bbf8 [ 631.085892][T16157] [ 631.541427][T16162] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3660'. [ 633.343825][T16196] zswap: compressor not available [ 633.568119][T16211] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3673'. [ 633.588602][T16211] netlink: 354 bytes leftover after parsing attributes in process `syz.0.3673'. [ 634.789953][T16216] FAULT_INJECTION: forcing a failure. [ 634.789953][T16216] name failslab, interval 1, probability 0, space 0, times 0 [ 634.823263][T16216] CPU: 1 UID: 0 PID: 16216 Comm: syz.2.3675 Tainted: G L syzkaller #0 PREEMPT(full) [ 634.823317][T16216] Tainted: [L]=SOFTLOCKUP [ 634.823330][T16216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 634.823351][T16216] Call Trace: [ 634.823363][T16216] [ 634.823377][T16216] dump_stack_lvl+0x100/0x190 [ 634.823438][T16216] should_fail_ex.cold+0x5/0xa [ 634.823480][T16216] should_failslab+0xc2/0x120 [ 634.823516][T16216] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 634.823574][T16216] ? fib_rules_register+0x30/0x500 [ 634.823634][T16216] kmemdup_noprof+0x29/0x60 [ 634.823690][T16216] fib_rules_register+0x30/0x500 [ 634.823748][T16216] fib4_rules_init+0x1f/0x1c0 [ 634.823804][T16216] fib_net_init+0x1dc/0x3f0 [ 634.823852][T16216] ? is_module_address+0x69/0xf0 [ 634.823898][T16216] ? __pfx_fib_net_init+0x10/0x10 [ 634.823951][T16216] ? timer_init_key+0x150/0x340 [ 634.823995][T16216] ? devinet_init_net+0x56c/0x8d0 [ 634.824057][T16216] ? __pfx_fib_net_init+0x10/0x10 [ 634.824107][T16216] ops_init+0x1e2/0x5f0 [ 634.824162][T16216] setup_net+0x118/0x3a0 [ 634.824215][T16216] ? __pfx_setup_net+0x10/0x10 [ 634.824265][T16216] ? lockdep_init_map_type+0x5c/0x250 [ 634.824314][T16216] ? mutex_init_lockep+0x110/0x150 [ 634.824368][T16216] copy_net_ns+0x46f/0x7c0 [ 634.824429][T16216] create_new_namespaces+0x3ea/0xac0 [ 634.824477][T16216] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 634.824519][T16216] ksys_unshare+0x473/0xad0 [ 634.824566][T16216] ? __pfx_ksys_unshare+0x10/0x10 [ 634.824626][T16216] __x64_sys_unshare+0x31/0x40 [ 634.824669][T16216] do_syscall_64+0x106/0xf80 [ 634.824716][T16216] ? clear_bhb_loop+0x40/0x90 [ 634.824759][T16216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 634.824805][T16216] RIP: 0033:0x7fbf65d9c799 [ 634.824835][T16216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 634.824870][T16216] RSP: 002b:00007fbf66cb9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 634.824904][T16216] RAX: ffffffffffffffda RBX: 00007fbf66015fa0 RCX: 00007fbf65d9c799 [ 634.824928][T16216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 634.824951][T16216] RBP: 00007fbf65e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 634.824973][T16216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 634.824994][T16216] R13: 00007fbf66016038 R14: 00007fbf66015fa0 R15: 00007ffcf73b4758 [ 634.825041][T16216] [ 636.044432][T16234] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3681'. [ 637.908093][T16270] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3694'. [ 638.275617][T16276] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3697'. [ 639.502128][T16297] FAULT_INJECTION: forcing a failure. [ 639.502128][T16297] name failslab, interval 1, probability 0, space 0, times 0 [ 639.515735][T16297] CPU: 0 UID: 0 PID: 16297 Comm: syz.4.3705 Tainted: G L syzkaller #0 PREEMPT(full) [ 639.515791][T16297] Tainted: [L]=SOFTLOCKUP [ 639.515805][T16297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 639.515826][T16297] Call Trace: [ 639.515838][T16297] [ 639.515852][T16297] dump_stack_lvl+0x100/0x190 [ 639.515911][T16297] should_fail_ex.cold+0x5/0xa [ 639.515953][T16297] should_failslab+0xc2/0x120 [ 639.515990][T16297] __kmalloc_cache_noprof+0x7a/0x6f0 [ 639.516036][T16297] ? do_getname+0x238/0x390 [ 639.516080][T16297] ? strncpy_from_user+0x19d/0x2d0 [ 639.516123][T16297] do_getname+0x238/0x390 [ 639.516170][T16297] do_sys_openat2+0xc5/0x1e0 [ 639.516226][T16297] ? __pfx_do_sys_openat2+0x10/0x10 [ 639.516286][T16297] __x64_sys_openat+0x12d/0x210 [ 639.516334][T16297] ? __pfx___x64_sys_openat+0x10/0x10 [ 639.516398][T16297] do_syscall_64+0x106/0xf80 [ 639.516446][T16297] ? clear_bhb_loop+0x40/0x90 [ 639.516488][T16297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.516525][T16297] RIP: 0033:0x7f7e9659c799 [ 639.516553][T16297] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 639.516589][T16297] RSP: 002b:00007f7e97541028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 639.516623][T16297] RAX: ffffffffffffffda RBX: 00007f7e96815fa0 RCX: 00007f7e9659c799 [ 639.516647][T16297] RDX: 0000000000002304 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 639.516669][T16297] RBP: 00007f7e96632c99 R08: 0000000000000000 R09: 0000000000000000 [ 639.516691][T16297] R10: 0000000000001a00 R11: 0000000000000246 R12: 0000000000000000 [ 639.516712][T16297] R13: 00007f7e96816038 R14: 00007f7e96815fa0 R15: 00007ffc49573888 [ 639.516757][T16297] [ 643.940136][T16367] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3726'. [ 644.674418][T16374] netlink: 'syz.1.3729': attribute type 16 has an invalid length. [ 644.703532][T16374] netlink: 50 bytes leftover after parsing attributes in process `syz.1.3729'. [ 644.745542][T16374] netlink: 'syz.1.3729': attribute type 16 has an invalid length. [ 644.763330][T16374] netlink: 50 bytes leftover after parsing attributes in process `syz.1.3729'. [ 644.787154][T16369] synth uevent: /devices/virtual/net/lowpan0: unknown uevent action string [ 644.803333][T16369] net lowpan0: uevent: failed to send synthetic uevent: -22 [ 645.114821][T16380] netlink: 146 bytes leftover after parsing attributes in process `syz.2.3733'. [ 645.234785][T16382] FAULT_INJECTION: forcing a failure. [ 645.234785][T16382] name failslab, interval 1, probability 0, space 0, times 0 [ 645.293226][T16382] CPU: 0 UID: 0 PID: 16382 Comm: syz.0.3734 Tainted: G L syzkaller #0 PREEMPT(full) [ 645.293281][T16382] Tainted: [L]=SOFTLOCKUP [ 645.293294][T16382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 645.293317][T16382] Call Trace: [ 645.293329][T16382] [ 645.293342][T16382] dump_stack_lvl+0x100/0x190 [ 645.293401][T16382] should_fail_ex.cold+0x5/0xa [ 645.293443][T16382] should_failslab+0xc2/0x120 [ 645.293481][T16382] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 645.293533][T16382] ? sk_prot_alloc+0x60/0x2a0 [ 645.293575][T16382] sk_prot_alloc+0x60/0x2a0 [ 645.293612][T16382] sk_alloc+0x36/0xe80 [ 645.293669][T16382] kcm_create+0xfc/0x6a0 [ 645.293715][T16382] __sock_create+0x339/0x860 [ 645.293761][T16382] __sys_socket+0x14d/0x260 [ 645.293800][T16382] ? __pfx___sys_socket+0x10/0x10 [ 645.293850][T16382] __x64_sys_socket+0x72/0xb0 [ 645.293888][T16382] ? lockdep_hardirqs_on+0x78/0x100 [ 645.293937][T16382] do_syscall_64+0x106/0xf80 [ 645.293984][T16382] ? clear_bhb_loop+0x40/0x90 [ 645.294027][T16382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 645.294062][T16382] RIP: 0033:0x7fd5a359c799 [ 645.294090][T16382] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 645.294124][T16382] RSP: 002b:00007fd5a4422028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 645.294157][T16382] RAX: ffffffffffffffda RBX: 00007fd5a3815fa0 RCX: 00007fd5a359c799 [ 645.294181][T16382] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000029 [ 645.294202][T16382] RBP: 00007fd5a3632c99 R08: 0000000000000000 R09: 0000000000000000 [ 645.294223][T16382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 645.294245][T16382] R13: 00007fd5a3816038 R14: 00007fd5a3815fa0 R15: 00007ffff459d928 [ 645.294290][T16382] [ 647.397243][T16416] FAULT_INJECTION: forcing a failure. [ 647.397243][T16416] name failslab, interval 1, probability 0, space 0, times 0 [ 647.450970][T16416] CPU: 0 UID: 0 PID: 16416 Comm: syz.4.3746 Tainted: G L syzkaller #0 PREEMPT(full) [ 647.451026][T16416] Tainted: [L]=SOFTLOCKUP [ 647.451039][T16416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 647.451059][T16416] Call Trace: [ 647.451072][T16416] [ 647.451086][T16416] dump_stack_lvl+0x100/0x190 [ 647.451144][T16416] should_fail_ex.cold+0x5/0xa [ 647.451185][T16416] should_failslab+0xc2/0x120 [ 647.451222][T16416] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 647.451279][T16416] ? fib_rules_register+0x30/0x500 [ 647.451340][T16416] kmemdup_noprof+0x29/0x60 [ 647.451395][T16416] fib_rules_register+0x30/0x500 [ 647.451452][T16416] fib4_rules_init+0x1f/0x1c0 [ 647.451497][T16416] fib_net_init+0x1dc/0x3f0 [ 647.451548][T16416] ? is_module_address+0x69/0xf0 [ 647.451594][T16416] ? __pfx_fib_net_init+0x10/0x10 [ 647.451644][T16416] ? timer_init_key+0x150/0x340 [ 647.451686][T16416] ? devinet_init_net+0x56c/0x8d0 [ 647.451744][T16416] ? __pfx_fib_net_init+0x10/0x10 [ 647.451793][T16416] ops_init+0x1e2/0x5f0 [ 647.451845][T16416] setup_net+0x118/0x3a0 [ 647.451895][T16416] ? __pfx_setup_net+0x10/0x10 [ 647.451942][T16416] ? lockdep_init_map_type+0x5c/0x250 [ 647.451999][T16416] ? mutex_init_lockep+0x110/0x150 [ 647.452053][T16416] copy_net_ns+0x46f/0x7c0 [ 647.452112][T16416] create_new_namespaces+0x3ea/0xac0 [ 647.452159][T16416] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 647.452197][T16416] ksys_unshare+0x473/0xad0 [ 647.452244][T16416] ? __pfx_ksys_unshare+0x10/0x10 [ 647.452322][T16416] __x64_sys_unshare+0x31/0x40 [ 647.452366][T16416] do_syscall_64+0x106/0xf80 [ 647.452414][T16416] ? clear_bhb_loop+0x40/0x90 [ 647.452458][T16416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.452495][T16416] RIP: 0033:0x7f7e9659c799 [ 647.452524][T16416] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 647.452560][T16416] RSP: 002b:00007f7e97541028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 647.452592][T16416] RAX: ffffffffffffffda RBX: 00007f7e96815fa0 RCX: 00007f7e9659c799 [ 647.452614][T16416] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 647.452636][T16416] RBP: 00007f7e96632c99 R08: 0000000000000000 R09: 0000000000000000 [ 647.452654][T16416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 647.452672][T16416] R13: 00007f7e96816038 R14: 00007f7e96815fa0 R15: 00007ffc49573888 [ 647.452709][T16416] [ 648.267940][T16427] FAULT_INJECTION: forcing a failure. [ 648.267940][T16427] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 648.323274][T16427] CPU: 1 UID: 0 PID: 16427 Comm: syz.0.3749 Tainted: G L syzkaller #0 PREEMPT(full) [ 648.323328][T16427] Tainted: [L]=SOFTLOCKUP [ 648.323340][T16427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 648.323360][T16427] Call Trace: [ 648.323372][T16427] [ 648.323386][T16427] dump_stack_lvl+0x100/0x190 [ 648.323444][T16427] should_fail_ex.cold+0x5/0xa [ 648.323477][T16427] ? prepare_alloc_pages+0x16d/0x5f0 [ 648.323521][T16427] should_fail_alloc_page+0xeb/0x140 [ 648.323559][T16427] prepare_alloc_pages+0x1f0/0x5f0 [ 648.323604][T16427] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 648.323668][T16427] ? cpa_flush+0x19c/0x980 [ 648.323700][T16427] ? __lock_acquire+0x4a5/0x2630 [ 648.323743][T16427] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 648.323797][T16427] ? pgprot2cachemode+0x9a/0x130 [ 648.323842][T16427] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 648.323924][T16427] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 648.323986][T16427] ? policy_nodemask+0xed/0x4f0 [ 648.324021][T16427] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 648.324082][T16427] ? policy_nodemask+0xed/0x4f0 [ 648.324120][T16427] alloc_pages_mpol+0x1fb/0x550 [ 648.324158][T16427] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 648.324197][T16427] ? alloc_pages_noprof+0x233/0x390 [ 648.324238][T16427] alloc_pages_noprof+0x131/0x390 [ 648.324276][T16427] kimage_alloc_pages+0x72/0x380 [ 648.324341][T16427] kimage_alloc_page+0x232/0x910 [ 648.324408][T16427] kimage_load_segment+0x507/0xde0 [ 648.324454][T16427] do_kexec_load+0x58d/0x810 [ 648.324494][T16427] ? __pfx_do_kexec_load+0x10/0x10 [ 648.324535][T16427] ? _copy_from_user+0x59/0xd0 [ 648.324577][T16427] __x64_sys_kexec_load+0x1bf/0x230 [ 648.324620][T16427] do_syscall_64+0x106/0xf80 [ 648.324666][T16427] ? clear_bhb_loop+0x40/0x90 [ 648.324708][T16427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.324744][T16427] RIP: 0033:0x7fd5a359c799 [ 648.324772][T16427] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 648.324806][T16427] RSP: 002b:00007fd5a4422028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 648.324838][T16427] RAX: ffffffffffffffda RBX: 00007fd5a3815fa0 RCX: 00007fd5a359c799 [ 648.324860][T16427] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 00000000ffffffff [ 648.324881][T16427] RBP: 00007fd5a3632c99 R08: 0000000000000000 R09: 0000000000000000 [ 648.324902][T16427] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 648.324929][T16427] R13: 00007fd5a3816038 R14: 00007fd5a3815fa0 R15: 00007ffff459d928 [ 648.324974][T16427] [ 649.850228][T16454] FAULT_INJECTION: forcing a failure. [ 649.850228][T16454] name failslab, interval 1, probability 0, space 0, times 0 [ 649.895249][T16454] CPU: 1 UID: 0 PID: 16454 Comm: syz.0.3757 Tainted: G L syzkaller #0 PREEMPT(full) [ 649.895311][T16454] Tainted: [L]=SOFTLOCKUP [ 649.895327][T16454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 649.895352][T16454] Call Trace: [ 649.895364][T16454] [ 649.895380][T16454] dump_stack_lvl+0x100/0x190 [ 649.895446][T16454] should_fail_ex.cold+0x5/0xa [ 649.895493][T16454] should_failslab+0xc2/0x120 [ 649.895535][T16454] __kmalloc_cache_noprof+0x7a/0x6f0 [ 649.895597][T16454] ? cgroup_file_open+0x90/0x470 [ 649.895639][T16454] ? lockdep_init_map_type+0x5c/0x250 [ 649.895700][T16454] cgroup_file_open+0x90/0x470 [ 649.895739][T16454] ? __pfx_cgroup_file_open+0x10/0x10 [ 649.895784][T16454] kernfs_fop_open+0x8b5/0xd50 [ 649.895840][T16454] do_dentry_open+0x6d8/0x1660 [ 649.895878][T16454] ? __pfx_kernfs_fop_open+0x10/0x10 [ 649.895934][T16454] vfs_open+0x82/0x3f0 [ 649.895991][T16454] path_openat+0x208c/0x31a0 [ 649.896053][T16454] ? __pfx_path_openat+0x10/0x10 [ 649.896111][T16454] do_file_open+0x20e/0x430 [ 649.896155][T16454] ? __pfx_do_file_open+0x10/0x10 [ 649.896230][T16454] ? alloc_fd+0x476/0x790 [ 649.896273][T16454] ? do_getname+0x191/0x390 [ 649.896325][T16454] do_sys_openat2+0x10d/0x1e0 [ 649.896379][T16454] ? __pfx_do_sys_openat2+0x10/0x10 [ 649.896431][T16454] ? apparmor_capable+0x1d7/0x4d0 [ 649.896480][T16454] __x64_sys_openat+0x12d/0x210 [ 649.896534][T16454] ? __pfx___x64_sys_openat+0x10/0x10 [ 649.896615][T16454] do_syscall_64+0x106/0xf80 [ 649.896672][T16454] ? clear_bhb_loop+0x40/0x90 [ 649.896721][T16454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.896761][T16454] RIP: 0033:0x7fd5a359c799 [ 649.896793][T16454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 649.896831][T16454] RSP: 002b:00007fd5a4422028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 649.896869][T16454] RAX: ffffffffffffffda RBX: 00007fd5a3815fa0 RCX: 00007fd5a359c799 [ 649.896894][T16454] RDX: 0000000000182b02 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 649.896921][T16454] RBP: 00007fd5a3632c99 R08: 0000000000000000 R09: 0000000000000000 [ 649.896945][T16454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 649.896970][T16454] R13: 00007fd5a3816038 R14: 00007fd5a3815fa0 R15: 00007ffff459d928 [ 649.897021][T16454] [ 651.244773][T16473] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3763'. [ 652.734926][T16501] FAULT_INJECTION: forcing a failure. [ 652.734926][T16501] name failslab, interval 1, probability 0, space 0, times 0 [ 652.762384][T16501] CPU: 1 UID: 0 PID: 16501 Comm: syz.0.3773 Tainted: G L syzkaller #0 PREEMPT(full) [ 652.762450][T16501] Tainted: [L]=SOFTLOCKUP [ 652.762464][T16501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 652.762485][T16501] Call Trace: [ 652.762497][T16501] [ 652.762512][T16501] dump_stack_lvl+0x100/0x190 [ 652.762572][T16501] should_fail_ex.cold+0x5/0xa [ 652.762614][T16501] should_failslab+0xc2/0x120 [ 652.762652][T16501] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 652.762705][T16501] ? do_epoll_ctl+0xc6c/0x36a0 [ 652.762740][T16501] ? percpu_counter_add_batch+0xb9/0x230 [ 652.762786][T16501] do_epoll_ctl+0xc6c/0x36a0 [ 652.762823][T16501] ? ksys_write+0x190/0x250 [ 652.762854][T16501] ? ksys_write+0x190/0x250 [ 652.762897][T16501] ? __pfx_do_epoll_ctl+0x10/0x10 [ 652.762930][T16501] ? find_held_lock+0x2b/0x80 [ 652.762962][T16501] ? __might_fault+0xc5/0x140 [ 652.763009][T16501] ? __might_fault+0xc5/0x140 [ 652.763075][T16501] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 652.763111][T16501] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 652.763151][T16501] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 652.763200][T16501] do_syscall_64+0x106/0xf80 [ 652.763251][T16501] ? clear_bhb_loop+0x40/0x90 [ 652.763295][T16501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.763332][T16501] RIP: 0033:0x7fd5a359c799 [ 652.763362][T16501] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 652.763404][T16501] RSP: 002b:00007fd5a4422028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 652.763438][T16501] RAX: ffffffffffffffda RBX: 00007fd5a3815fa0 RCX: 00007fd5a359c799 [ 652.763461][T16501] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 652.763482][T16501] RBP: 00007fd5a3632c99 R08: 0000000000000000 R09: 0000000000000000 [ 652.763503][T16501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 652.763523][T16501] R13: 00007fd5a3816038 R14: 00007fd5a3815fa0 R15: 00007ffff459d928 [ 652.763569][T16501] [ 653.322524][T16508] netlink: 346 bytes leftover after parsing attributes in process `syz.2.3774'. [ 655.309604][T16536] random: crng reseeded on system resumption [ 655.354507][T16536] FAULT_INJECTION: forcing a failure. [ 655.354507][T16536] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 655.438532][T16536] CPU: 1 UID: 0 PID: 16536 Comm: syz.1.3782 Tainted: G L syzkaller #0 PREEMPT(full) [ 655.438588][T16536] Tainted: [L]=SOFTLOCKUP [ 655.438602][T16536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 655.438633][T16536] Call Trace: [ 655.438645][T16536] [ 655.438658][T16536] dump_stack_lvl+0x100/0x190 [ 655.438716][T16536] should_fail_ex.cold+0x5/0xa [ 655.438751][T16536] ? prepare_alloc_pages+0x16d/0x5f0 [ 655.438795][T16536] should_fail_alloc_page+0xeb/0x140 [ 655.438834][T16536] prepare_alloc_pages+0x1f0/0x5f0 [ 655.438882][T16536] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 655.438941][T16536] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 655.439011][T16536] ? stack_trace_save+0x8e/0xc0 [ 655.439047][T16536] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 655.439101][T16536] ? stack_depot_save_flags+0x27/0x9d0 [ 655.439147][T16536] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 655.439207][T16536] ? kasan_save_stack+0x3f/0x50 [ 655.439261][T16536] ? kasan_save_stack+0x30/0x50 [ 655.439311][T16536] ? kasan_save_track+0x14/0x30 [ 655.439380][T16536] ? do_sys_openat2+0x10d/0x1e0 [ 655.439424][T16536] ? __x64_sys_openat+0x12d/0x210 [ 655.439469][T16536] ? do_syscall_64+0x106/0xf80 [ 655.439517][T16536] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.439555][T16536] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 655.439627][T16536] ? policy_nodemask+0xed/0x4f0 [ 655.439669][T16536] alloc_pages_mpol+0x1fb/0x550 [ 655.439708][T16536] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 655.439745][T16536] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 655.439789][T16536] alloc_pages_noprof+0x131/0x390 [ 655.439829][T16536] get_zeroed_page_noprof+0x18/0xb0 [ 655.439869][T16536] get_image_page+0x18/0x1a0 [ 655.439923][T16536] alloc_rtree_node+0x3c/0xb0 [ 655.439980][T16536] memory_bm_create+0x65e/0xba0 [ 655.440057][T16536] create_basic_memory_bitmaps+0xbd/0x350 [ 655.440100][T16536] snapshot_open+0x230/0x2a0 [ 655.440140][T16536] ? __pfx_snapshot_open+0x10/0x10 [ 655.440182][T16536] misc_open+0x26d/0x450 [ 655.440223][T16536] ? __pfx_misc_open+0x10/0x10 [ 655.440261][T16536] chrdev_open+0x234/0x6a0 [ 655.440304][T16536] ? __pfx_apparmor_file_open+0x10/0x10 [ 655.440373][T16536] ? __pfx_chrdev_open+0x10/0x10 [ 655.440417][T16536] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 655.440478][T16536] do_dentry_open+0x6d8/0x1660 [ 655.440512][T16536] ? __pfx_chrdev_open+0x10/0x10 [ 655.440559][T16536] vfs_open+0x82/0x3f0 [ 655.440609][T16536] path_openat+0x208c/0x31a0 [ 655.440668][T16536] ? __pfx_path_openat+0x10/0x10 [ 655.440721][T16536] do_file_open+0x20e/0x430 [ 655.440762][T16536] ? __pfx_do_file_open+0x10/0x10 [ 655.440831][T16536] ? alloc_fd+0x476/0x790 [ 655.440869][T16536] ? do_getname+0x191/0x390 [ 655.440917][T16536] do_sys_openat2+0x10d/0x1e0 [ 655.440964][T16536] ? __pfx_do_sys_openat2+0x10/0x10 [ 655.441013][T16536] ? find_held_lock+0x2b/0x80 [ 655.441057][T16536] __x64_sys_openat+0x12d/0x210 [ 655.441106][T16536] ? __pfx___x64_sys_openat+0x10/0x10 [ 655.441172][T16536] do_syscall_64+0x106/0xf80 [ 655.441221][T16536] ? clear_bhb_loop+0x40/0x90 [ 655.441264][T16536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.441301][T16536] RIP: 0033:0x7f170999c799 [ 655.441331][T16536] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 655.441366][T16536] RSP: 002b:00007f170a8ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 655.441402][T16536] RAX: ffffffffffffffda RBX: 00007f1709c15fa0 RCX: 00007f170999c799 [ 655.441426][T16536] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 655.441450][T16536] RBP: 00007f1709a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 655.441471][T16536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 655.441492][T16536] R13: 00007f1709c16038 R14: 00007f1709c15fa0 R15: 00007ffc9276bbf8 [ 655.441540][T16536] [ 656.546038][T16538] sp0: Synchronizing with TNC [ 656.725635][T16544] pci 0000:00:00.0: MSI/MSI-X allowed for future drivers [ 657.015134][T16552] ERROR: Out of memory at tomoyo_memory_ok. [ 657.596068][T16565] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 657.785384][T16567] sctp: [Deprecated]: syz.4.3794 (pid 16567) Use of struct sctp_assoc_value in delayed_ack socket option. [ 657.785384][T16567] Use struct sctp_sack_info instead [ 659.943795][T16601] FAULT_INJECTION: forcing a failure. [ 659.943795][T16601] name failslab, interval 1, probability 0, space 0, times 0 [ 659.970312][T16604] netlink: 'syz.4.3803': attribute type 1 has an invalid length. [ 659.991345][T16601] CPU: 1 UID: 0 PID: 16601 Comm: syz.1.3801 Tainted: G L syzkaller #0 PREEMPT(full) [ 659.991402][T16601] Tainted: [L]=SOFTLOCKUP [ 659.991415][T16601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 659.991435][T16601] Call Trace: [ 659.991447][T16601] [ 659.991461][T16601] dump_stack_lvl+0x100/0x190 [ 659.991528][T16601] should_fail_ex.cold+0x5/0xa [ 659.991571][T16601] should_failslab+0xc2/0x120 [ 659.991607][T16601] __kmalloc_cache_noprof+0x7a/0x6f0 [ 659.991652][T16601] ? mqueue_init_fs_context+0x4b/0x690 [ 659.991714][T16601] mqueue_init_fs_context+0x4b/0x690 [ 659.991772][T16601] alloc_fs_context+0x60c/0xf40 [ 659.991818][T16601] mq_init_ns+0x16e/0x820 [ 659.991853][T16601] copy_ipcs+0x3dd/0x7e0 [ 659.991890][T16601] create_new_namespaces+0x20a/0xac0 [ 659.991927][T16601] ? security_capable+0x80/0x260 [ 659.991986][T16601] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 659.992028][T16601] ksys_unshare+0x473/0xad0 [ 659.992075][T16601] ? __pfx_ksys_unshare+0x10/0x10 [ 659.992136][T16601] __x64_sys_unshare+0x31/0x40 [ 659.992178][T16601] do_syscall_64+0x106/0xf80 [ 659.992227][T16601] ? clear_bhb_loop+0x40/0x90 [ 659.992271][T16601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.992308][T16601] RIP: 0033:0x7f170999c799 [ 659.992338][T16601] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 659.992374][T16601] RSP: 002b:00007f170a8ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 659.992410][T16601] RAX: ffffffffffffffda RBX: 00007f1709c15fa0 RCX: 00007f170999c799 [ 659.992434][T16601] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 659.992455][T16601] RBP: 00007f1709a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 659.992475][T16601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 659.992495][T16601] R13: 00007f1709c16038 R14: 00007f1709c15fa0 R15: 00007ffc9276bbf8 [ 659.992549][T16601] [ 660.021428][T16604] netlink: 314 bytes leftover after parsing attributes in process `syz.4.3803'. [ 660.670120][T16616] FAULT_INJECTION: forcing a failure. [ 660.670120][T16616] name failslab, interval 1, probability 0, space 0, times 0 [ 660.709661][T16616] CPU: 1 UID: 0 PID: 16616 Comm: syz.4.3805 Tainted: G L syzkaller #0 PREEMPT(full) [ 660.709717][T16616] Tainted: [L]=SOFTLOCKUP [ 660.709730][T16616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 660.709751][T16616] Call Trace: [ 660.709763][T16616] [ 660.709776][T16616] dump_stack_lvl+0x100/0x190 [ 660.709844][T16616] should_fail_ex.cold+0x5/0xa [ 660.709884][T16616] ? snd_pcm_plugin_build+0x64/0x650 [ 660.709928][T16616] should_failslab+0xc2/0x120 [ 660.709963][T16616] __kmalloc_noprof+0xe0/0x850 [ 660.710017][T16616] ? snd_pcm_hw_params+0x262/0x1cb0 [ 660.710071][T16616] snd_pcm_plugin_build+0x64/0x650 [ 660.710122][T16616] snd_pcm_plugin_build_io+0x207/0x5f0 [ 660.710169][T16616] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 660.710219][T16616] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 660.710275][T16616] snd_pcm_oss_change_params_locked+0x2eb3/0x39f0 [ 660.710338][T16616] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 660.710377][T16616] ? task_work_add+0x201/0x3b0 [ 660.710430][T16616] ? __pfx___mutex_lock+0x10/0x10 [ 660.710515][T16616] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 660.710560][T16616] snd_pcm_oss_sync+0x265/0x840 [ 660.710607][T16616] snd_pcm_oss_release+0x238/0x300 [ 660.710648][T16616] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 660.710688][T16616] __fput+0x3ff/0xb40 [ 660.710737][T16616] task_work_run+0x150/0x240 [ 660.710789][T16616] ? __pfx_task_work_run+0x10/0x10 [ 660.710852][T16616] exit_to_user_mode_loop+0x100/0x4a0 [ 660.710925][T16616] do_syscall_64+0x668/0xf80 [ 660.710972][T16616] ? clear_bhb_loop+0x40/0x90 [ 660.711015][T16616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.711053][T16616] RIP: 0033:0x7f7e9659c799 [ 660.711081][T16616] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 660.711114][T16616] RSP: 002b:00007f7e97541028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 660.711147][T16616] RAX: 0000000000000000 RBX: 00007f7e96815fa0 RCX: 00007f7e9659c799 [ 660.711170][T16616] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 660.711191][T16616] RBP: 00007f7e96632c99 R08: 0000000000000000 R09: 0000000000000000 [ 660.711212][T16616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 660.711235][T16616] R13: 00007f7e96816038 R14: 00007f7e96815fa0 R15: 00007ffc49573888 [ 660.711281][T16616] [ 660.825762][T16619] vivid-007: ================= START STATUS ================= [ 661.025334][T16619] vivid-007: Generate PTS: true [ 661.053195][T16619] vivid-007: Generate SCR: true [ 661.089130][T16619] tpg source WxH: 320x240 (Y'CbCr) [ 661.113232][T16619] tpg field: 1 [ 661.121958][T16617] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 661.124325][T16619] tpg crop: (0,0)/320x240 [ 661.152930][T16617] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 661.199678][T16617] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 661.210570][T16619] tpg compose: (0,0)/320x240 [ 661.253622][T16619] tpg colorspace: 8 [ 661.263215][T16619] tpg transfer function: 0/0 [ 661.266843][T16617] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 661.285070][T16617] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 661.304537][T16619] tpg Y'CbCr encoding: 0/0 [ 661.330549][T16619] tpg quantization: 0/0 [ 661.365170][T16617] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 661.371346][T16619] tpg RGB range: 0/2 [ 661.382150][T16619] vivid-007: ================== END STATUS ================== [ 661.949227][T16634] sp0: Synchronizing with TNC [ 663.163158][ T5829] Bluetooth: hci2: command 0x0406 tx timeout [ 663.163254][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 663.247407][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 663.323204][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 664.214001][T16683] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3827'. [ 664.406578][T16688] netlink: 322 bytes leftover after parsing attributes in process `syz.1.3825'. [ 664.594760][T16694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3829'. [ 664.634001][T16694] netlink: 5 bytes leftover after parsing attributes in process `syz.0.3829'. [ 664.642955][T16694] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3829'. [ 665.403713][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 666.709421][T16730] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3839'. [ 666.742172][T16730] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3839'. [ 667.073995][T16737] capability: warning: `syz.2.3843' uses 32-bit capabilities (legacy support in use) [ 667.111101][T16739] netlink: 354 bytes leftover after parsing attributes in process `syz.1.3844'. [ 667.483542][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 667.502123][T16743] type: 65536 invalid [ 667.616871][T16746] smpboot: CPU 1 is now offline [ 668.406053][T16751] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 668.440184][T16751] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 668.470389][T16751] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 668.506884][T16751] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 669.834903][T16773] FAULT_INJECTION: forcing a failure. [ 669.834903][T16773] name failslab, interval 1, probability 0, space 0, times 0 [ 669.959499][T16773] CPU: 0 UID: 0 PID: 16773 Comm: syz.1.3854 Tainted: G L syzkaller #0 PREEMPT(full) [ 669.959541][T16773] Tainted: [L]=SOFTLOCKUP [ 669.959551][T16773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 669.959566][T16773] Call Trace: [ 669.959575][T16773] [ 669.959585][T16773] dump_stack_lvl+0x100/0x190 [ 669.959629][T16773] should_fail_ex.cold+0x5/0xa [ 669.959658][T16773] should_failslab+0xc2/0x120 [ 669.959685][T16773] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 669.959723][T16773] ? vm_area_dup+0x27/0x8e0 [ 669.959762][T16773] vm_area_dup+0x27/0x8e0 [ 669.959798][T16773] __split_vma+0x18c/0xd90 [ 669.959838][T16773] ? __pfx___split_vma+0x10/0x10 [ 669.959880][T16773] ? __pfx_mas_prev+0x10/0x10 [ 669.959929][T16773] vms_gather_munmap_vmas+0x39f/0x1500 [ 669.959965][T16773] ? find_held_lock+0x2b/0x80 [ 669.959995][T16773] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 669.960038][T16773] ? move_page_tables+0xe1d/0x4500 [ 669.960091][T16773] do_vmi_align_munmap+0x287/0x5f0 [ 669.960132][T16773] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 669.960211][T16773] do_vmi_munmap+0x1f8/0x3e0 [ 669.960253][T16773] move_vma+0xd99/0x1890 [ 669.960294][T16773] ? __pfx_move_vma+0x10/0x10 [ 669.960333][T16773] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 669.960373][T16773] ? vrm_set_new_addr+0x204/0x290 [ 669.960412][T16773] mremap_to+0x1b7/0x450 [ 669.960450][T16773] do_mremap+0xb76/0x2130 [ 669.960499][T16773] ? __pfx_do_mremap+0x10/0x10 [ 669.960542][T16773] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 669.960593][T16773] __do_sys_mremap+0x126/0x170 [ 669.960631][T16773] ? __pfx___do_sys_mremap+0x10/0x10 [ 669.960676][T16773] ? __x64_sys_futex+0x34f/0x4d0 [ 669.960727][T16773] do_syscall_64+0x106/0xf80 [ 669.960762][T16773] ? clear_bhb_loop+0x40/0x90 [ 669.960793][T16773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 669.960820][T16773] RIP: 0033:0x7f170999c799 [ 669.960841][T16773] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 669.960866][T16773] RSP: 002b:00007f170a8ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 669.960890][T16773] RAX: ffffffffffffffda RBX: 00007f1709c16090 RCX: 00007f170999c799 [ 669.960908][T16773] RDX: 0000000000000037 RSI: 0000000000000008 RDI: 0000200000001000 [ 669.960924][T16773] RBP: 00007f1709a32c99 R08: 000000110c230000 R09: 0000000000000000 [ 669.960941][T16773] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 669.960957][T16773] R13: 00007f1709c16128 R14: 00007f1709c16090 R15: 00007ffc9276bbf8 [ 669.960990][T16773] [ 670.565745][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 670.571799][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 670.578317][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 670.584633][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 672.594060][T16814] FAULT_INJECTION: forcing a failure. [ 672.594060][T16814] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 672.664947][T16814] CPU: 0 UID: 0 PID: 16814 Comm: syz.2.3867 Tainted: G L syzkaller #0 PREEMPT(full) [ 672.664990][T16814] Tainted: [L]=SOFTLOCKUP [ 672.664999][T16814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 672.665015][T16814] Call Trace: [ 672.665024][T16814] [ 672.665035][T16814] dump_stack_lvl+0x100/0x190 [ 672.665078][T16814] should_fail_ex.cold+0x5/0xa [ 672.665103][T16814] ? prepare_alloc_pages+0x16d/0x5f0 [ 672.665134][T16814] should_fail_alloc_page+0xeb/0x140 [ 672.665163][T16814] prepare_alloc_pages+0x1f0/0x5f0 [ 672.665192][T16814] ? unwind_get_return_address+0x59/0xa0 [ 672.665222][T16814] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 672.665271][T16814] ? stack_trace_save+0x8e/0xc0 [ 672.665298][T16814] ? __pfx_stack_trace_save+0x10/0x10 [ 672.665323][T16814] ? stack_depot_save_flags+0x27/0x9d0 [ 672.665355][T16814] ? find_held_lock+0x2b/0x80 [ 672.665379][T16814] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 672.665421][T16814] ? kasan_save_stack+0x3f/0x50 [ 672.665461][T16814] ? kasan_save_track+0x14/0x30 [ 672.665499][T16814] ? __kasan_slab_alloc+0x89/0x90 [ 672.665521][T16814] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 672.665559][T16814] ? security_inode_alloc+0x3b/0x2c0 [ 672.665582][T16814] ? inode_init_always_gfp+0xced/0x1040 [ 672.665607][T16814] ? alloc_inode+0x8e/0x250 [ 672.665638][T16814] ? sock_alloc+0x44/0x280 [ 672.665675][T16814] ? __sock_create+0xc2/0x860 [ 672.665707][T16814] ? __sys_socket+0x14d/0x260 [ 672.665745][T16814] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 672.665791][T16814] ? policy_nodemask+0xed/0x4f0 [ 672.665819][T16814] alloc_pages_mpol+0x1fb/0x550 [ 672.665848][T16814] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 672.665882][T16814] ? sk_prot_alloc+0x10b/0x2a0 [ 672.665904][T16814] ___kmalloc_large_node+0x104/0x150 [ 672.665937][T16814] __kmalloc_large_node_noprof+0x1c/0x70 [ 672.665969][T16814] __kmalloc_noprof+0x5be/0x850 [ 672.666013][T16814] sk_prot_alloc+0x10b/0x2a0 [ 672.666039][T16814] sk_alloc+0x36/0xe80 [ 672.666072][T16814] can_create+0x1e5/0x630 [ 672.666109][T16814] __sock_create+0x339/0x860 [ 672.666140][T16814] __sys_socket+0x14d/0x260 [ 672.666168][T16814] ? __pfx___sys_socket+0x10/0x10 [ 672.666205][T16814] __x64_sys_socket+0x72/0xb0 [ 672.666232][T16814] ? lockdep_hardirqs_on+0x78/0x100 [ 672.666268][T16814] do_syscall_64+0x106/0xf80 [ 672.666303][T16814] ? clear_bhb_loop+0x40/0x90 [ 672.666334][T16814] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 672.666360][T16814] RIP: 0033:0x7fbf65d9c799 [ 672.666382][T16814] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 672.666406][T16814] RSP: 002b:00007fbf66cb9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 672.666431][T16814] RAX: ffffffffffffffda RBX: 00007fbf66015fa0 RCX: 00007fbf65d9c799 [ 672.666448][T16814] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 000000000000001d [ 672.666464][T16814] RBP: 00007fbf65e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 672.666480][T16814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 672.666495][T16814] R13: 00007fbf66016038 R14: 00007fbf66015fa0 R15: 00007ffcf73b4758 [ 672.666527][T16814] [ 673.547471][T16819] blktrace: Concurrent blktraces are not allowed on sda1 [ 674.315673][T16824] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 674.337620][T16824] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 674.383418][T16824] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 674.415631][T16824] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 675.814667][T16846] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 675.892773][T16846] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 675.904347][T16848] netlink: 'syz.0.3882': attribute type 4 has an invalid length. [ 676.219959][T16851] FAULT_INJECTION: forcing a failure. [ 676.219959][T16851] name failslab, interval 1, probability 0, space 0, times 0 [ 676.305513][T16851] CPU: 0 UID: 0 PID: 16851 Comm: syz.2.3884 Tainted: G L syzkaller #0 PREEMPT(full) [ 676.305555][T16851] Tainted: [L]=SOFTLOCKUP [ 676.305565][T16851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 676.305580][T16851] Call Trace: [ 676.305589][T16851] [ 676.305599][T16851] dump_stack_lvl+0x100/0x190 [ 676.305642][T16851] should_fail_ex.cold+0x5/0xa [ 676.305672][T16851] should_failslab+0xc2/0x120 [ 676.305698][T16851] __kmalloc_cache_noprof+0x7a/0x6f0 [ 676.305732][T16851] ? alloc_tty_struct+0x96/0x8c0 [ 676.305771][T16851] ? ptmx_open+0x102/0x3c0 [ 676.305804][T16851] alloc_tty_struct+0x96/0x8c0 [ 676.305842][T16851] ? __mutex_unlock_slowpath+0x15c/0x790 [ 676.305882][T16851] ? __pfx_alloc_tty_struct+0x10/0x10 [ 676.305922][T16851] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 676.305967][T16851] tty_init_dev.part.0+0x20/0x470 [ 676.306010][T16851] tty_init_dev+0x60/0x80 [ 676.306050][T16851] ptmx_open+0x15e/0x3c0 [ 676.306080][T16851] ? __pfx_ptmx_open+0x10/0x10 [ 676.306109][T16851] chrdev_open+0x234/0x6a0 [ 676.306134][T16851] ? __pfx_apparmor_file_open+0x10/0x10 [ 676.306176][T16851] ? __pfx_chrdev_open+0x10/0x10 [ 676.306204][T16851] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 676.306237][T16851] do_dentry_open+0x6d8/0x1660 [ 676.306261][T16851] ? __pfx_chrdev_open+0x10/0x10 [ 676.306301][T16851] vfs_open+0x82/0x3f0 [ 676.306336][T16851] path_openat+0x208c/0x31a0 [ 676.306372][T16851] ? __pfx_path_openat+0x10/0x10 [ 676.306410][T16851] do_file_open+0x20e/0x430 [ 676.306438][T16851] ? __pfx_do_file_open+0x10/0x10 [ 676.306485][T16851] ? alloc_fd+0x476/0x790 [ 676.306512][T16851] ? do_getname+0x191/0x390 [ 676.306546][T16851] do_sys_openat2+0x10d/0x1e0 [ 676.306580][T16851] ? __pfx_do_sys_openat2+0x10/0x10 [ 676.306615][T16851] ? __fget_files+0x21f/0x3d0 [ 676.306645][T16851] __x64_sys_openat+0x12d/0x210 [ 676.306680][T16851] ? __pfx___x64_sys_openat+0x10/0x10 [ 676.306725][T16851] do_syscall_64+0x106/0xf80 [ 676.306760][T16851] ? clear_bhb_loop+0x40/0x90 [ 676.306791][T16851] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 676.306817][T16851] RIP: 0033:0x7fbf65d9c799 [ 676.306838][T16851] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 676.306864][T16851] RSP: 002b:00007fbf66cb9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 676.306888][T16851] RAX: ffffffffffffffda RBX: 00007fbf66015fa0 RCX: 00007fbf65d9c799 [ 676.306909][T16851] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 676.306925][T16851] RBP: 00007fbf65e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 676.306941][T16851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 676.306957][T16851] R13: 00007fbf66016038 R14: 00007fbf66015fa0 R15: 00007ffcf73b4758 [ 676.306989][T16851] [ 677.025020][ T5829] Bluetooth: hci2: command 0x0406 tx timeout [ 677.031172][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 677.037617][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout [ 677.068829][ T5829] Bluetooth: hci1: command 0x0406 tx timeout [ 677.383721][T16861] FAULT_INJECTION: forcing a failure. [ 677.383721][T16861] name failslab, interval 1, probability 0, space 0, times 0 [ 677.445091][T16861] CPU: 0 UID: 0 PID: 16861 Comm: syz.1.3887 Tainted: G L syzkaller #0 PREEMPT(full) [ 677.445132][T16861] Tainted: [L]=SOFTLOCKUP [ 677.445141][T16861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 677.445156][T16861] Call Trace: [ 677.445173][T16861] [ 677.445183][T16861] dump_stack_lvl+0x100/0x190 [ 677.445227][T16861] should_fail_ex.cold+0x5/0xa [ 677.445255][T16861] ? iovec_from_user+0x8d/0x140 [ 677.445284][T16861] should_failslab+0xc2/0x120 [ 677.445311][T16861] __kmalloc_noprof+0xe0/0x850 [ 677.445350][T16861] ? futex_hash+0x2c5/0x380 [ 677.445382][T16861] iovec_from_user+0x8d/0x140 [ 677.445415][T16861] process_vm_rw+0x1e5/0x2d0 [ 677.445458][T16861] ? __pfx_process_vm_rw+0x10/0x10 [ 677.445505][T16861] ? ksys_write+0x190/0x250 [ 677.445552][T16861] ? xfd_validate_state+0x129/0x190 [ 677.445594][T16861] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 677.445636][T16861] ? do_syscall_64+0x95/0xf80 [ 677.445671][T16861] ? lockdep_hardirqs_on+0x78/0x100 [ 677.445706][T16861] do_syscall_64+0x106/0xf80 [ 677.445740][T16861] ? clear_bhb_loop+0x40/0x90 [ 677.445771][T16861] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 677.445797][T16861] RIP: 0033:0x7f170999c799 [ 677.445817][T16861] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 677.445842][T16861] RSP: 002b:00007f170a8ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 677.445866][T16861] RAX: ffffffffffffffda RBX: 00007f1709c15fa0 RCX: 00007f170999c799 [ 677.445883][T16861] RDX: 0000040000000001 RSI: 0000200000000080 RDI: 00000000000006ad [ 677.445899][T16861] RBP: 00007f1709a32c99 R08: 000000000000000a R09: 0000000000000000 [ 677.445915][T16861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 677.445930][T16861] R13: 00007f1709c16038 R14: 00007f1709c15fa0 R15: 00007ffc9276bbf8 [ 677.445963][T16861] [ 679.315890][T16871] zswap: compressor not available [ 679.511875][T16867] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 679.563338][T16867] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 679.569435][T16867] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 679.625658][T16867] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 681.003812][ T5829] Bluetooth: hci2: command 0x0406 tx timeout [ 681.646057][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 681.652726][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 681.659000][T15754] Bluetooth: hci1: command 0x0406 tx timeout [ 682.780838][T16908] FAULT_INJECTION: forcing a failure. [ 682.780838][T16908] name failslab, interval 1, probability 0, space 0, times 0 [ 682.865884][T16908] CPU: 0 UID: 0 PID: 16908 Comm: syz.0.3904 Tainted: G L syzkaller #0 PREEMPT(full) [ 682.865925][T16908] Tainted: [L]=SOFTLOCKUP [ 682.865935][T16908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 682.865951][T16908] Call Trace: [ 682.865960][T16908] [ 682.865970][T16908] dump_stack_lvl+0x100/0x190 [ 682.866013][T16908] should_fail_ex.cold+0x5/0xa [ 682.866043][T16908] should_failslab+0xc2/0x120 [ 682.866070][T16908] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 682.866108][T16908] ? security_inode_alloc+0x3b/0x2c0 [ 682.866133][T16908] ? lockdep_init_map_type+0x5c/0x250 [ 682.866171][T16908] security_inode_alloc+0x3b/0x2c0 [ 682.866197][T16908] inode_init_always_gfp+0xced/0x1040 [ 682.866227][T16908] alloc_inode+0x8e/0x250 [ 682.866261][T16908] new_inode+0x22/0x1c0 [ 682.866296][T16908] proc_pid_make_inode+0x22/0x160 [ 682.866334][T16908] proc_ns_dir_lookup+0x25b/0x390 [ 682.866375][T16908] lookup_open.isra.0+0x631/0x11b0 [ 682.866419][T16908] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 682.866477][T16908] ? mnt_get_write_access+0x1e9/0x2f0 [ 682.866516][T16908] path_openat+0xa98/0x31a0 [ 682.866551][T16908] ? __pfx_path_openat+0x10/0x10 [ 682.866588][T16908] do_file_open+0x20e/0x430 [ 682.866630][T16908] ? __pfx_do_file_open+0x10/0x10 [ 682.866667][T16908] ? __pfx_kfree_link+0x10/0x10 [ 682.866712][T16908] ? alloc_fd+0x476/0x790 [ 682.866739][T16908] ? do_getname+0x191/0x390 [ 682.866774][T16908] do_sys_openat2+0x10d/0x1e0 [ 682.866808][T16908] ? __pfx_do_sys_openat2+0x10/0x10 [ 682.866853][T16908] __x64_sys_openat+0x12d/0x210 [ 682.866887][T16908] ? __pfx___x64_sys_openat+0x10/0x10 [ 682.866925][T16908] ? do_user_addr_fault+0x8d6/0x12f0 [ 682.866973][T16908] do_syscall_64+0x106/0xf80 [ 682.867009][T16908] ? clear_bhb_loop+0x40/0x90 [ 682.867040][T16908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 682.867067][T16908] RIP: 0033:0x7fd5a355cfce [ 682.867087][T16908] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 682.867113][T16908] RSP: 002b:00007fd5a4421ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 682.867137][T16908] RAX: ffffffffffffffda RBX: 00007fd5a44226c0 RCX: 00007fd5a355cfce [ 682.867155][T16908] RDX: 0000000000000002 RSI: 00007fd5a4421f90 RDI: ffffffffffffff9c [ 682.867171][T16908] RBP: 00007fd5a3632c99 R08: 0000000000000000 R09: 0000000000000000 [ 682.867187][T16908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 682.867202][T16908] R13: 00007fd5a3816038 R14: 00007fd5a3815fa0 R15: 00007ffff459d928 [ 682.867235][T16908] [ 684.233244][T16918] netlink: 234 bytes leftover after parsing attributes in process `syz.2.3907'. [ 685.905966][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.912287][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.460230][T16951] netlink: 'syz.1.3918': attribute type 21 has an invalid length. [ 686.512915][T16951] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3918'. [ 686.742264][T16954] nvme_fabrics: missing parameter 'transport=%s' [ 686.767001][T16954] nvme_fabrics: missing parameter 'nqn=%s' [ 688.825472][T16991] bridge0: mtu greater than device maximum [ 689.417877][T17000] FAULT_INJECTION: forcing a failure. [ 689.417877][T17000] name failslab, interval 1, probability 0, space 0, times 0 [ 689.597047][T17000] CPU: 0 UID: 0 PID: 17000 Comm: syz.4.3935 Tainted: G L syzkaller #0 PREEMPT(full) [ 689.597089][T17000] Tainted: [L]=SOFTLOCKUP [ 689.597098][T17000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 689.597114][T17000] Call Trace: [ 689.597123][T17000] [ 689.597132][T17000] dump_stack_lvl+0x100/0x190 [ 689.597175][T17000] should_fail_ex.cold+0x5/0xa [ 689.597205][T17000] should_failslab+0xc2/0x120 [ 689.597231][T17000] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 689.597270][T17000] ? vm_area_dup+0x27/0x8e0 [ 689.597309][T17000] vm_area_dup+0x27/0x8e0 [ 689.597344][T17000] __split_vma+0x18c/0xd90 [ 689.597383][T17000] ? __pfx___split_vma+0x10/0x10 [ 689.597424][T17000] ? __pfx_mas_prev+0x10/0x10 [ 689.597470][T17000] vms_gather_munmap_vmas+0x39f/0x1500 [ 689.597506][T17000] ? find_held_lock+0x2b/0x80 [ 689.597536][T17000] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 689.597572][T17000] ? move_page_tables+0xe1d/0x4500 [ 689.597625][T17000] do_vmi_align_munmap+0x287/0x5f0 [ 689.597666][T17000] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 689.597744][T17000] do_vmi_munmap+0x1f8/0x3e0 [ 689.597785][T17000] move_vma+0xd99/0x1890 [ 689.597826][T17000] ? __pfx_move_vma+0x10/0x10 [ 689.597866][T17000] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 689.597906][T17000] ? vrm_set_new_addr+0x204/0x290 [ 689.597952][T17000] mremap_to+0x1b7/0x450 [ 689.597991][T17000] do_mremap+0xb76/0x2130 [ 689.598040][T17000] ? __pfx_do_mremap+0x10/0x10 [ 689.598088][T17000] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 689.598139][T17000] __do_sys_mremap+0x126/0x170 [ 689.598177][T17000] ? __pfx___do_sys_mremap+0x10/0x10 [ 689.598223][T17000] ? __x64_sys_futex+0x34f/0x4d0 [ 689.598273][T17000] do_syscall_64+0x106/0xf80 [ 689.598308][T17000] ? clear_bhb_loop+0x40/0x90 [ 689.598339][T17000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.598365][T17000] RIP: 0033:0x7f7e9659c799 [ 689.598385][T17000] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 689.598410][T17000] RSP: 002b:00007f7e97520028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 689.598433][T17000] RAX: ffffffffffffffda RBX: 00007f7e96816090 RCX: 00007f7e9659c799 [ 689.598451][T17000] RDX: 0000000000000037 RSI: 0000000000000008 RDI: 0000200000001000 [ 689.598466][T17000] RBP: 00007f7e96632c99 R08: 000000110c230000 R09: 0000000000000000 [ 689.598483][T17000] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 689.598498][T17000] R13: 00007f7e96816128 R14: 00007f7e96816090 R15: 00007ffc49573888 [ 689.598530][T17000] [ 690.215402][ T30] audit: type=1800 audit(1773564502.752:20): pid=17002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3936" name="dbroot" dev="configfs" ino=289619 res=0 errno=0 [ 690.863806][T17009] FAULT_INJECTION: forcing a failure. [ 690.863806][T17009] name failslab, interval 1, probability 0, space 0, times 0 [ 691.043365][T17009] CPU: 0 UID: 0 PID: 17009 Comm: syz.4.3938 Tainted: G L syzkaller #0 PREEMPT(full) [ 691.043408][T17009] Tainted: [L]=SOFTLOCKUP [ 691.043417][T17009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 691.043433][T17009] Call Trace: [ 691.043442][T17009] [ 691.043453][T17009] dump_stack_lvl+0x100/0x190 [ 691.043495][T17009] should_fail_ex.cold+0x5/0xa [ 691.043525][T17009] should_failslab+0xc2/0x120 [ 691.043551][T17009] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 691.043592][T17009] ? __d_alloc+0x34/0xa80 [ 691.043620][T17009] ? security_inode_alloc+0xcf/0x2c0 [ 691.043648][T17009] __d_alloc+0x34/0xa80 [ 691.043674][T17009] ? __ns_ref_active_get+0x9f/0x1b0 [ 691.043708][T17009] path_from_stashed+0x427/0x750 [ 691.043742][T17009] ns_get_path+0x60/0x80 [ 691.043767][T17009] proc_ns_get_link+0x121/0x230 [ 691.043812][T17009] ? __pfx_proc_ns_get_link+0x10/0x10 [ 691.043851][T17009] ? atime_needs_update+0x8b/0x6b0 [ 691.043890][T17009] pick_link+0xd17/0x13c0 [ 691.043926][T17009] ? __pfx_proc_ns_get_link+0x10/0x10 [ 691.043965][T17009] step_into_slowpath+0x9ba/0xf90 [ 691.044009][T17009] ? __pfx_step_into_slowpath+0x10/0x10 [ 691.044047][T17009] ? find_held_lock+0x2b/0x80 [ 691.044080][T17009] path_openat+0xf95/0x31a0 [ 691.044115][T17009] ? __pfx_path_openat+0x10/0x10 [ 691.044152][T17009] do_file_open+0x20e/0x430 [ 691.044180][T17009] ? __pfx_do_file_open+0x10/0x10 [ 691.044226][T17009] ? alloc_fd+0x476/0x790 [ 691.044253][T17009] ? do_getname+0x191/0x390 [ 691.044287][T17009] do_sys_openat2+0x10d/0x1e0 [ 691.044321][T17009] ? __pfx_do_sys_openat2+0x10/0x10 [ 691.044365][T17009] __x64_sys_openat+0x12d/0x210 [ 691.044399][T17009] ? __pfx___x64_sys_openat+0x10/0x10 [ 691.044437][T17009] ? do_user_addr_fault+0x8d6/0x12f0 [ 691.044485][T17009] do_syscall_64+0x106/0xf80 [ 691.044520][T17009] ? clear_bhb_loop+0x40/0x90 [ 691.044551][T17009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 691.044578][T17009] RIP: 0033:0x7f7e9655cfce [ 691.044599][T17009] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 691.044624][T17009] RSP: 002b:00007f7e9751fec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 691.044648][T17009] RAX: ffffffffffffffda RBX: 00007f7e975206c0 RCX: 00007f7e9655cfce [ 691.044665][T17009] RDX: 0000000000000002 RSI: 00007f7e9751ff90 RDI: ffffffffffffff9c [ 691.044682][T17009] RBP: 00007f7e96632c99 R08: 0000000000000000 R09: 0000000000000000 [ 691.044698][T17009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 691.044714][T17009] R13: 00007f7e96816128 R14: 00007f7e96816090 R15: 00007ffc49573888 [ 691.044746][T17009] [ 692.712504][T17022] FAULT_INJECTION: forcing a failure. [ 692.712504][T17022] name failslab, interval 1, probability 0, space 0, times 0 [ 692.969283][T17022] CPU: 0 UID: 0 PID: 17022 Comm: syz.2.3943 Tainted: G L syzkaller #0 PREEMPT(full) [ 692.969325][T17022] Tainted: [L]=SOFTLOCKUP [ 692.969334][T17022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 692.969354][T17022] Call Trace: [ 692.969363][T17022] [ 692.969373][T17022] dump_stack_lvl+0x100/0x190 [ 692.969417][T17022] should_fail_ex.cold+0x5/0xa [ 692.969446][T17022] ? vkms_crtc_atomic_check+0x38a/0x7c0 [ 692.969477][T17022] should_failslab+0xc2/0x120 [ 692.969504][T17022] __kmalloc_noprof+0xe0/0x850 [ 692.969542][T17022] ? drm_atomic_add_affected_planes+0x32b/0x3f0 [ 692.969586][T17022] vkms_crtc_atomic_check+0x38a/0x7c0 [ 692.969624][T17022] ? __pfx_vkms_crtc_atomic_check+0x10/0x10 [ 692.969655][T17022] drm_atomic_helper_check_planes+0x4dc/0x900 [ 692.969694][T17022] drm_atomic_helper_check+0xae/0x190 [ 692.969729][T17022] vkms_atomic_check+0x1d9/0x250 [ 692.969770][T17022] ? __pfx_vkms_atomic_check+0x10/0x10 [ 692.969814][T17022] drm_atomic_check_only+0x19ea/0x31b0 [ 692.969867][T17022] drm_atomic_commit+0x132/0x300 [ 692.969897][T17022] ? __pfx_drm_atomic_commit+0x10/0x10 [ 692.969927][T17022] ? __pfx___drm_printfn_info+0x10/0x10 [ 692.969960][T17022] ? drm_client_rotation+0x451/0x6a0 [ 692.969999][T17022] drm_client_modeset_commit_atomic+0x6a6/0x7e0 [ 692.970043][T17022] ? __mutex_lock+0x26a/0x1b90 [ 692.970081][T17022] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 692.970120][T17022] ? drm_master_internal_acquire+0x21/0x80 [ 692.970182][T17022] drm_client_modeset_commit_locked+0x14d/0x580 [ 692.970224][T17022] drm_client_modeset_commit+0x4f/0x80 [ 692.970261][T17022] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 692.970302][T17022] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 692.970345][T17022] drm_fbdev_client_restore+0x1b/0x30 [ 692.970373][T17022] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 692.970401][T17022] drm_client_dev_restore+0x205/0x2a0 [ 692.970442][T17022] drm_release+0x2c6/0x360 [ 692.970474][T17022] ? __pfx_drm_release+0x10/0x10 [ 692.970506][T17022] __fput+0x3ff/0xb40 [ 692.970543][T17022] task_work_run+0x150/0x240 [ 692.970588][T17022] ? __pfx_task_work_run+0x10/0x10 [ 692.970635][T17022] exit_to_user_mode_loop+0x100/0x4a0 [ 692.970672][T17022] do_syscall_64+0x668/0xf80 [ 692.970708][T17022] ? clear_bhb_loop+0x40/0x90 [ 692.970739][T17022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 692.970766][T17022] RIP: 0033:0x7fbf65d9c799 [ 692.970787][T17022] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 692.970812][T17022] RSP: 002b:00007fbf66cb9028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 692.970836][T17022] RAX: 0000000000000000 RBX: 00007fbf66015fa0 RCX: 00007fbf65d9c799 [ 692.970852][T17022] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 692.970867][T17022] RBP: 00007fbf65e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 692.970883][T17022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 692.970898][T17022] R13: 00007fbf66016038 R14: 00007fbf66015fa0 R15: 00007ffcf73b4758 [ 692.970931][T17022] [ 693.862348][T17026] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3946'. [ 693.897062][T17026] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3946'. [ 697.507407][T17062] FAULT_INJECTION: forcing a failure. [ 697.507407][T17062] name failslab, interval 1, probability 0, space 0, times 0 [ 697.659855][T17062] CPU: 0 UID: 0 PID: 17062 Comm: syz.2.3957 Tainted: G L syzkaller #0 PREEMPT(full) [ 697.659896][T17062] Tainted: [L]=SOFTLOCKUP [ 697.659906][T17062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 697.659922][T17062] Call Trace: [ 697.659931][T17062] [ 697.659940][T17062] dump_stack_lvl+0x100/0x190 [ 697.659983][T17062] should_fail_ex.cold+0x5/0xa [ 697.660012][T17062] should_failslab+0xc2/0x120 [ 697.660039][T17062] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 697.660086][T17062] ? sock_alloc_inode+0x25/0x1c0 [ 697.660132][T17062] ? __pfx_sock_alloc_inode+0x10/0x10 [ 697.660175][T17062] sock_alloc_inode+0x25/0x1c0 [ 697.660216][T17062] alloc_inode+0x68/0x250 [ 697.660250][T17062] sock_alloc+0x44/0x280 [ 697.660290][T17062] do_accept+0xf9/0x530 [ 697.660319][T17062] ? 0xffffffff81000000 [ 697.660338][T17062] ? do_raw_spin_lock+0x128/0x260 [ 697.660378][T17062] ? __pfx_do_accept+0x10/0x10 [ 697.660425][T17062] ? 0xffffffff81000000 [ 697.660442][T17062] __sys_accept4+0x108/0x200 [ 697.660473][T17062] ? __pfx___sys_accept4+0x10/0x10 [ 697.660512][T17062] __x64_sys_accept+0x74/0xb0 [ 697.660541][T17062] ? lockdep_hardirqs_on+0x78/0x100 [ 697.660577][T17062] do_syscall_64+0x106/0xf80 [ 697.660612][T17062] ? clear_bhb_loop+0x40/0x90 [ 697.660643][T17062] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.660669][T17062] RIP: 0033:0x7fbf65d9c799 [ 697.660688][T17062] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 697.660713][T17062] RSP: 002b:00007fbf66cb9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 697.660736][T17062] RAX: ffffffffffffffda RBX: 00007fbf66015fa0 RCX: 00007fbf65d9c799 [ 697.660753][T17062] RDX: ffffffff81000000 RSI: ffffffffffffffff RDI: 0000000000000003 [ 697.660770][T17062] RBP: 00007fbf65e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 697.660785][T17062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.660800][T17062] R13: 00007fbf66016038 R14: 00007fbf66015fa0 R15: 00007ffcf73b4758 [ 697.660825][T17062] ? 0xffffffff81000000 [ 697.660849][T17062] [ 698.667272][T17071] FAULT_INJECTION: forcing a failure. [ 698.667272][T17071] name failslab, interval 1, probability 0, space 0, times 0 [ 698.813429][T17071] CPU: 0 UID: 0 PID: 17071 Comm: syz.0.3959 Tainted: G L syzkaller #0 PREEMPT(full) [ 698.813472][T17071] Tainted: [L]=SOFTLOCKUP [ 698.813481][T17071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 698.813497][T17071] Call Trace: [ 698.813505][T17071] [ 698.813515][T17071] dump_stack_lvl+0x100/0x190 [ 698.813558][T17071] should_fail_ex.cold+0x5/0xa [ 698.813588][T17071] should_failslab+0xc2/0x120 [ 698.813614][T17071] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 698.813654][T17071] ? mas_alloc_nodes+0x280/0x390 [ 698.813690][T17071] mas_alloc_nodes+0x280/0x390 [ 698.813725][T17071] mas_preallocate+0x39c/0xf10 [ 698.813762][T17071] ? __memcg_slab_post_alloc_hook+0x480/0x990 [ 698.813796][T17071] ? __pfx_mas_preallocate+0x10/0x10 [ 698.813843][T17071] ? anon_vma_name+0x5a/0x250 [ 698.813878][T17071] __split_vma+0x33d/0xd90 [ 698.813924][T17071] ? __pfx___split_vma+0x10/0x10 [ 698.813967][T17071] ? __pfx_mas_prev+0x10/0x10 [ 698.814013][T17071] vms_gather_munmap_vmas+0x39f/0x1500 [ 698.814049][T17071] ? find_held_lock+0x2b/0x80 [ 698.814079][T17071] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 698.814115][T17071] ? move_page_tables+0xe1d/0x4500 [ 698.814167][T17071] do_vmi_align_munmap+0x287/0x5f0 [ 698.814208][T17071] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 698.814286][T17071] do_vmi_munmap+0x1f8/0x3e0 [ 698.814327][T17071] move_vma+0xd99/0x1890 [ 698.814368][T17071] ? __pfx_move_vma+0x10/0x10 [ 698.814408][T17071] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 698.814452][T17071] ? vrm_set_new_addr+0x204/0x290 [ 698.814491][T17071] mremap_to+0x1b7/0x450 [ 698.814529][T17071] do_mremap+0xb76/0x2130 [ 698.814578][T17071] ? __pfx_do_mremap+0x10/0x10 [ 698.814621][T17071] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 698.814671][T17071] __do_sys_mremap+0x126/0x170 [ 698.814709][T17071] ? __pfx___do_sys_mremap+0x10/0x10 [ 698.814755][T17071] ? __x64_sys_futex+0x34f/0x4d0 [ 698.814805][T17071] do_syscall_64+0x106/0xf80 [ 698.814840][T17071] ? clear_bhb_loop+0x40/0x90 [ 698.814871][T17071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 698.814897][T17071] RIP: 0033:0x7fd5a359c799 [ 698.814924][T17071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 698.814949][T17071] RSP: 002b:00007fd5a4401028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 698.814973][T17071] RAX: ffffffffffffffda RBX: 00007fd5a3816090 RCX: 00007fd5a359c799 [ 698.814991][T17071] RDX: 0000000000000037 RSI: 0000000000000008 RDI: 0000200000001000 [ 698.815007][T17071] RBP: 00007fd5a3632c99 R08: 000000110c230000 R09: 0000000000000000 [ 698.815024][T17071] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 698.815039][T17071] R13: 00007fd5a3816128 R14: 00007fd5a3816090 R15: 00007ffff459d928 [ 698.815072][T17071] [ 703.106265][T17101] FAULT_INJECTION: forcing a failure. [ 703.106265][T17101] name failslab, interval 1, probability 0, space 0, times 0 [ 703.245392][T17101] CPU: 0 UID: 0 PID: 17101 Comm: syz.2.3970 Tainted: G L syzkaller #0 PREEMPT(full) [ 703.245435][T17101] Tainted: [L]=SOFTLOCKUP [ 703.245450][T17101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 703.245466][T17101] Call Trace: [ 703.245475][T17101] [ 703.245485][T17101] dump_stack_lvl+0x100/0x190 [ 703.245528][T17101] should_fail_ex.cold+0x5/0xa [ 703.245558][T17101] should_failslab+0xc2/0x120 [ 703.245584][T17101] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 703.245625][T17101] ? __alloc_skb+0x140/0x710 [ 703.245664][T17101] __alloc_skb+0x140/0x710 [ 703.245696][T17101] ? __alloc_skb+0x5b7/0x710 [ 703.245729][T17101] ? __pfx___alloc_skb+0x10/0x10 [ 703.245772][T17101] inet6_ifmcaddr_notify+0xd6/0x1d0 [ 703.245799][T17101] ? __pfx_inet6_ifmcaddr_notify+0x10/0x10 [ 703.245835][T17101] __ipv6_dev_mc_dec+0x297/0x340 [ 703.245873][T17101] ipv6_mc_destroy_dev+0x2cd/0x690 [ 703.245909][T17101] ? __local_bh_enable_ip+0x9e/0x120 [ 703.245939][T17101] addrconf_ifdown.isra.0+0x148a/0x1b70 [ 703.245989][T17101] ? __pfx_addrconf_ifdown.isra.0+0x10/0x10 [ 703.246030][T17101] ? tls_dev_event+0x2c9/0x10f0 [ 703.246062][T17101] ? net_generic+0xea/0x2a0 [ 703.246101][T17101] addrconf_notify+0x458/0x19c0 [ 703.246127][T17101] ? ip6mr_device_event+0x1bc/0x230 [ 703.246160][T17101] notifier_call_chain+0x99/0x420 [ 703.246199][T17101] call_netdevice_notifiers_info+0xbe/0x110 [ 703.246245][T17101] unregister_netdevice_many_notify+0x1208/0x2580 [ 703.246296][T17101] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 703.246338][T17101] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 703.246393][T17101] unregister_netdevice_queue+0x30b/0x3c0 [ 703.246459][T17101] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 703.246501][T17101] ? __pfx_locks_remove_file+0x10/0x10 [ 703.246535][T17101] ppp_release+0x211/0x230 [ 703.246568][T17101] ? __pfx_ppp_release+0x10/0x10 [ 703.246598][T17101] __fput+0x3ff/0xb40 [ 703.246635][T17101] task_work_run+0x150/0x240 [ 703.246673][T17101] ? __pfx_task_work_run+0x10/0x10 [ 703.246718][T17101] exit_to_user_mode_loop+0x100/0x4a0 [ 703.246755][T17101] do_syscall_64+0x668/0xf80 [ 703.246790][T17101] ? clear_bhb_loop+0x40/0x90 [ 703.246822][T17101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.246849][T17101] RIP: 0033:0x7fbf65d9c799 [ 703.246869][T17101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 703.246894][T17101] RSP: 002b:00007fbf66cb9028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 703.246919][T17101] RAX: 0000000000000000 RBX: 00007fbf66015fa0 RCX: 00007fbf65d9c799 [ 703.246935][T17101] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 703.246950][T17101] RBP: 00007fbf65e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 703.246966][T17101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 703.246982][T17101] R13: 00007fbf66016038 R14: 00007fbf66015fa0 R15: 00007ffcf73b4758 [ 703.247014][T17101] [ 704.239568][ C0] vcan0: j1939_tp_rxtimer: 0xffff888035f2f000: rx timeout, send abort [ 704.253280][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888035f2f000: 0x0ffff: (3) A timeout occurred and this is the connection abort to close the session. [ 704.333716][ T5176] ERROR: Out of memory at tomoyo_memory_ok. [ 707.222168][T17141] FAULT_INJECTION: forcing a failure. [ 707.222168][T17141] name failslab, interval 1, probability 0, space 0, times 0 [ 707.298044][T17141] CPU: 0 UID: 0 PID: 17141 Comm: syz.4.3985 Tainted: G L syzkaller #0 PREEMPT(full) [ 707.298086][T17141] Tainted: [L]=SOFTLOCKUP [ 707.298102][T17141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 707.298118][T17141] Call Trace: [ 707.298127][T17141] [ 707.298137][T17141] dump_stack_lvl+0x100/0x190 [ 707.298181][T17141] should_fail_ex.cold+0x5/0xa [ 707.298211][T17141] should_failslab+0xc2/0x120 [ 707.298237][T17141] __kmalloc_cache_noprof+0x7a/0x6f0 [ 707.298271][T17141] ? mon_bin_open+0xe6/0x470 [ 707.298304][T17141] mon_bin_open+0xe6/0x470 [ 707.298332][T17141] ? __pfx_mon_bin_open+0x10/0x10 [ 707.298360][T17141] chrdev_open+0x234/0x6a0 [ 707.298386][T17141] ? __pfx_chrdev_open+0x10/0x10 [ 707.298414][T17141] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 707.298446][T17141] do_dentry_open+0x6d8/0x1660 [ 707.298471][T17141] ? __pfx_chrdev_open+0x10/0x10 [ 707.298503][T17141] vfs_open+0x82/0x3f0 [ 707.298538][T17141] path_openat+0x208c/0x31a0 [ 707.298574][T17141] ? __pfx_path_openat+0x10/0x10 [ 707.298610][T17141] do_file_open+0x20e/0x430 [ 707.298638][T17141] ? __pfx_do_file_open+0x10/0x10 [ 707.298685][T17141] ? alloc_fd+0x476/0x790 [ 707.298712][T17141] ? do_getname+0x191/0x390 [ 707.298746][T17141] do_sys_openat2+0x10d/0x1e0 [ 707.298779][T17141] ? __pfx_do_sys_openat2+0x10/0x10 [ 707.298815][T17141] ? __fget_files+0x21f/0x3d0 [ 707.298844][T17141] __x64_sys_openat+0x12d/0x210 [ 707.298878][T17141] ? __pfx___x64_sys_openat+0x10/0x10 [ 707.298924][T17141] do_syscall_64+0x106/0xf80 [ 707.298959][T17141] ? clear_bhb_loop+0x40/0x90 [ 707.298990][T17141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 707.299017][T17141] RIP: 0033:0x7f7e9659c799 [ 707.299037][T17141] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 707.299062][T17141] RSP: 002b:00007f7e97541028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 707.299086][T17141] RAX: ffffffffffffffda RBX: 00007f7e96815fa0 RCX: 00007f7e9659c799 [ 707.299109][T17141] RDX: 0000000000002040 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 707.299125][T17141] RBP: 00007f7e96632c99 R08: 0000000000000000 R09: 0000000000000000 [ 707.299141][T17141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 707.299156][T17141] R13: 00007f7e96816038 R14: 00007f7e96815fa0 R15: 00007ffc49573888 [ 707.299188][T17141] [ 709.876143][T17171] netlink: 21 bytes leftover after parsing attributes in process `syz.1.3993'. [ 710.582915][T17168] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 710.637497][T17168] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 710.713401][T17168] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 710.740001][T17168] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 711.302879][T17189] FAULT_INJECTION: forcing a failure. [ 711.302879][T17189] name failslab, interval 1, probability 0, space 0, times 0 [ 711.380902][T17189] CPU: 0 UID: 0 PID: 17189 Comm: syz.4.4000 Tainted: G L syzkaller #0 PREEMPT(full) [ 711.380943][T17189] Tainted: [L]=SOFTLOCKUP [ 711.380952][T17189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 711.380968][T17189] Call Trace: [ 711.380977][T17189] [ 711.380986][T17189] dump_stack_lvl+0x100/0x190 [ 711.381029][T17189] should_fail_ex.cold+0x5/0xa [ 711.381059][T17189] should_failslab+0xc2/0x120 [ 711.381086][T17189] __kmalloc_cache_noprof+0x7a/0x6f0 [ 711.381120][T17189] ? tomoyo_init_log+0x1a0/0x20c0 [ 711.381158][T17189] tomoyo_init_log+0x1a0/0x20c0 [ 711.381191][T17189] ? __pfx_format_decode+0x10/0x10 [ 711.381223][T17189] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 711.381273][T17189] ? __pfx_tomoyo_init_log+0x10/0x10 [ 711.381313][T17189] tomoyo_write_log2+0x2ed/0xbc0 [ 711.381350][T17189] tomoyo_supervisor+0x15e/0x1340 [ 711.381394][T17189] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 711.381445][T17189] ? kasan_quarantine_put+0x104/0x240 [ 711.381488][T17189] ? tomoyo_check_path_acl+0x141/0x210 [ 711.381516][T17189] ? tomoyo_check_acl+0x1f7/0x410 [ 711.381570][T17189] tomoyo_path_permission+0x270/0x3b0 [ 711.381601][T17189] tomoyo_check_open_permission+0x37f/0x3c0 [ 711.381630][T17189] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 711.381688][T17189] ? do_raw_spin_lock+0x128/0x260 [ 711.381728][T17189] ? path_get+0x61/0x80 [ 711.381758][T17189] tomoyo_file_open+0x6b/0x90 [ 711.381797][T17189] security_file_open+0xb5/0x1e0 [ 711.381829][T17189] do_dentry_open+0x5aa/0x1660 [ 711.381856][T17189] ? security_inode_permission+0xbf/0x250 [ 711.381888][T17189] vfs_open+0x82/0x3f0 [ 711.381923][T17189] path_openat+0x208c/0x31a0 [ 711.381959][T17189] ? __pfx_path_openat+0x10/0x10 [ 711.381995][T17189] do_file_open+0x20e/0x430 [ 711.382024][T17189] ? __pfx_do_file_open+0x10/0x10 [ 711.382070][T17189] ? alloc_fd+0x476/0x790 [ 711.382098][T17189] ? do_getname+0x191/0x390 [ 711.382131][T17189] do_sys_openat2+0x10d/0x1e0 [ 711.382165][T17189] ? __pfx_do_sys_openat2+0x10/0x10 [ 711.382201][T17189] ? __fget_files+0x21f/0x3d0 [ 711.382229][T17189] __x64_sys_openat+0x12d/0x210 [ 711.382265][T17189] ? __pfx___x64_sys_openat+0x10/0x10 [ 711.382310][T17189] do_syscall_64+0x106/0xf80 [ 711.382344][T17189] ? clear_bhb_loop+0x40/0x90 [ 711.382375][T17189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.382402][T17189] RIP: 0033:0x7f7e9659c799 [ 711.382423][T17189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 711.382448][T17189] RSP: 002b:00007f7e97541028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 711.382473][T17189] RAX: ffffffffffffffda RBX: 00007f7e96815fa0 RCX: 00007f7e9659c799 [ 711.382491][T17189] RDX: 000000000008aa40 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 711.382507][T17189] RBP: 00007f7e96632c99 R08: 0000000000000000 R09: 0000000000000000 [ 711.382524][T17189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 711.382539][T17189] R13: 00007f7e96816038 R14: 00007f7e96815fa0 R15: 00007ffc49573888 [ 711.382577][T17189] [ 712.129778][ T5829] Bluetooth: hci2: command 0x0406 tx timeout [ 712.277702][T17194] FAULT_INJECTION: forcing a failure. [ 712.277702][T17194] name failslab, interval 1, probability 0, space 0, times 0 [ 712.363381][T17194] CPU: 0 UID: 0 PID: 17194 Comm: syz.4.4002 Tainted: G L syzkaller #0 PREEMPT(full) [ 712.363424][T17194] Tainted: [L]=SOFTLOCKUP [ 712.363433][T17194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 712.363449][T17194] Call Trace: [ 712.363465][T17194] [ 712.363475][T17194] dump_stack_lvl+0x100/0x190 [ 712.363518][T17194] should_fail_ex.cold+0x5/0xa [ 712.363548][T17194] should_failslab+0xc2/0x120 [ 712.363575][T17194] __kmalloc_cache_noprof+0x7a/0x6f0 [ 712.363609][T17194] ? tipc_sub_subscribe+0x15c/0x730 [ 712.363643][T17194] ? find_held_lock+0x2b/0x80 [ 712.363671][T17194] tipc_sub_subscribe+0x15c/0x730 [ 712.363710][T17194] tipc_conn_rcv_sub+0x21e/0x3d0 [ 712.363745][T17194] tipc_topsrv_kern_subscr+0x20b/0x3c0 [ 712.363781][T17194] ? __pfx_tipc_topsrv_kern_subscr+0x10/0x10 [ 712.363818][T17194] ? net_generic+0xea/0x2a0 [ 712.363856][T17194] tipc_group_create+0x4ab/0x660 [ 712.363894][T17194] tipc_setsockopt+0x611/0xe30 [ 712.363937][T17194] ? __pfx_tipc_setsockopt+0x10/0x10 [ 712.363991][T17194] ? __pfx_tipc_setsockopt+0x10/0x10 [ 712.364033][T17194] do_sock_setsockopt+0xf3/0x1d0 [ 712.364079][T17194] __sys_setsockopt+0x119/0x190 [ 712.364119][T17194] __x64_sys_setsockopt+0xbd/0x160 [ 712.364153][T17194] ? do_syscall_64+0x95/0xf80 [ 712.364188][T17194] ? lockdep_hardirqs_on+0x78/0x100 [ 712.364224][T17194] do_syscall_64+0x106/0xf80 [ 712.364258][T17194] ? clear_bhb_loop+0x40/0x90 [ 712.364290][T17194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 712.364316][T17194] RIP: 0033:0x7f7e9659c799 [ 712.364337][T17194] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 712.364362][T17194] RSP: 002b:00007f7e97541028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 712.364386][T17194] RAX: ffffffffffffffda RBX: 00007f7e96815fa0 RCX: 00007f7e9659c799 [ 712.364403][T17194] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 712.364419][T17194] RBP: 00007f7e96632c99 R08: 0000000000000014 R09: 0000000000000000 [ 712.364435][T17194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 712.364450][T17194] R13: 00007f7e96816038 R14: 00007f7e96815fa0 R15: 00007ffc49573888 [ 712.364487][T17194] [ 712.364514][T17194] tipc: Subscription rejected, no memory [ 712.731197][ T5829] Bluetooth: hci1: command 0x0406 tx timeout [ 712.843419][T17193] nvme_fabrics: missing parameter 'transport=%s' [ 712.850217][T17193] nvme_fabrics: missing parameter 'nqn=%s' [ 712.873299][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 712.880219][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout [ 713.065786][T17200] nvme_fabrics: missing parameter 'transport=%s' [ 713.072174][T17200] nvme_fabrics: missing parameter 'nqn=%s' [ 715.942840][T17243] FAULT_INJECTION: forcing a failure. [ 715.942840][T17243] name failslab, interval 1, probability 0, space 0, times 0 [ 716.045141][T17243] CPU: 0 UID: 0 PID: 17243 Comm: syz.1.4018 Tainted: G L syzkaller #0 PREEMPT(full) [ 716.045182][T17243] Tainted: [L]=SOFTLOCKUP [ 716.045192][T17243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 716.045208][T17243] Call Trace: [ 716.045217][T17243] [ 716.045227][T17243] dump_stack_lvl+0x100/0x190 [ 716.045270][T17243] should_fail_ex.cold+0x5/0xa [ 716.045306][T17243] should_failslab+0xc2/0x120 [ 716.045333][T17243] __kmalloc_cache_noprof+0x7a/0x6f0 [ 716.045366][T17243] ? alloc_pipe_info+0x10e/0x590 [ 716.045391][T17243] ? security_inode_alloc+0xcf/0x2c0 [ 716.045422][T17243] alloc_pipe_info+0x10e/0x590 [ 716.045450][T17243] create_pipe_files+0x8c/0x970 [ 716.045481][T17243] do_pipe2+0xbd/0x1e0 [ 716.045506][T17243] ? __pfx_do_pipe2+0x10/0x10 [ 716.045542][T17243] __x64_sys_pipe+0x33/0x50 [ 716.045568][T17243] do_syscall_64+0x106/0xf80 [ 716.045603][T17243] ? clear_bhb_loop+0x40/0x90 [ 716.045634][T17243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.045660][T17243] RIP: 0033:0x7f170999c799 [ 716.045680][T17243] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 716.045706][T17243] RSP: 002b:00007f170a8ce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 716.045731][T17243] RAX: ffffffffffffffda RBX: 00007f1709c15fa0 RCX: 00007f170999c799 [ 716.045747][T17243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 716.045762][T17243] RBP: 00007f1709a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 716.045777][T17243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.045793][T17243] R13: 00007f1709c16038 R14: 00007f1709c15fa0 R15: 00007ffc9276bbf8 [ 716.045824][T17243] [ 716.333060][T17247] FAULT_INJECTION: forcing a failure. [ 716.333060][T17247] name failslab, interval 1, probability 0, space 0, times 0 [ 716.345920][T17247] CPU: 0 UID: 0 PID: 17247 Comm: syz.2.4019 Tainted: G L syzkaller #0 PREEMPT(full) [ 716.345961][T17247] Tainted: [L]=SOFTLOCKUP [ 716.345971][T17247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 716.345987][T17247] Call Trace: [ 716.345995][T17247] [ 716.346005][T17247] dump_stack_lvl+0x100/0x190 [ 716.346055][T17247] should_fail_ex.cold+0x5/0xa [ 716.346120][T17247] ? drm_atomic_state_init+0xf4/0x490 [ 716.346152][T17247] should_failslab+0xc2/0x120 [ 716.346179][T17247] __kmalloc_noprof+0xe0/0x850 [ 716.346229][T17247] drm_atomic_state_init+0xf4/0x490 [ 716.346259][T17247] ? kasan_save_track+0x14/0x30 [ 716.346302][T17247] drm_atomic_state_alloc+0xd3/0x120 [ 716.346333][T17247] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 716.346371][T17247] ? trace_contention_end+0x140/0x180 [ 716.346407][T17247] ? __mutex_lock+0x26a/0x1b90 [ 716.346446][T17247] ? __mutex_lock+0x26a/0x1b90 [ 716.346482][T17247] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 716.346520][T17247] ? drm_master_internal_acquire+0x21/0x80 [ 716.346583][T17247] drm_client_modeset_commit_locked+0x14d/0x580 [ 716.346625][T17247] drm_client_modeset_commit+0x4f/0x80 [ 716.346662][T17247] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 716.346703][T17247] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 716.346742][T17247] drm_fbdev_client_restore+0x1b/0x30 [ 716.346770][T17247] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 716.346797][T17247] drm_client_dev_restore+0x205/0x2a0 [ 716.346838][T17247] drm_release+0x2c6/0x360 [ 716.346871][T17247] ? __pfx_drm_release+0x10/0x10 [ 716.346902][T17247] __fput+0x3ff/0xb40 [ 716.346939][T17247] task_work_run+0x150/0x240 [ 716.346977][T17247] ? __pfx_task_work_run+0x10/0x10 [ 716.347023][T17247] exit_to_user_mode_loop+0x100/0x4a0 [ 716.347060][T17247] do_syscall_64+0x668/0xf80 [ 716.347102][T17247] ? clear_bhb_loop+0x40/0x90 [ 716.347134][T17247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.347160][T17247] RIP: 0033:0x7fbf65d9c799 [ 716.347182][T17247] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 716.347208][T17247] RSP: 002b:00007fbf66cb9028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 716.347232][T17247] RAX: 0000000000000000 RBX: 00007fbf66015fa0 RCX: 00007fbf65d9c799 [ 716.347248][T17247] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 716.347264][T17247] RBP: 00007fbf65e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 716.347280][T17247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.347295][T17247] R13: 00007fbf66016038 R14: 00007fbf66015fa0 R15: 00007ffcf73b4758 [ 716.347329][T17247] [ 718.543264][T17264] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4024'. [ 718.642374][T17264] bridge0: port 2(bridge_slave_1) entered disabled state [ 718.649914][T17264] bridge0: port 1(bridge_slave_0) entered disabled state [ 719.258644][T17274] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4028'. [ 720.393686][T17287] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 720.496647][T17287] CPU: 0 UID: 0 PID: 17287 Comm: syz.0.4032 Tainted: G L syzkaller #0 PREEMPT(full) [ 720.496690][T17287] Tainted: [L]=SOFTLOCKUP [ 720.496699][T17287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 720.496714][T17287] Call Trace: [ 720.496723][T17287] [ 720.496733][T17287] dump_stack_lvl+0x100/0x190 [ 720.496776][T17287] sysfs_warn_dup.cold+0x1c/0x28 [ 720.496813][T17287] sysfs_do_create_link_sd+0x113/0x140 [ 720.496852][T17287] sysfs_create_link+0x61/0xc0 [ 720.496887][T17287] device_add+0x675/0x1950 [ 720.496920][T17287] ? __pfx_device_add+0x10/0x10 [ 720.496949][T17287] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 720.496994][T17287] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 720.497035][T17287] wiphy_register+0x1e5b/0x2d30 [ 720.497075][T17287] ? __rtnl_unlock+0xb9/0xf0 [ 720.497115][T17287] ? netdev_run_todo+0x840/0x12c0 [ 720.497159][T17287] ? __pfx_wiphy_register+0x10/0x10 [ 720.497201][T17287] ? __asan_memset+0x23/0x50 [ 720.497237][T17287] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 720.497287][T17287] ieee80211_register_hw+0x2cfd/0x4140 [ 720.497343][T17287] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 720.497383][T17287] ? __pfx___debug_object_init+0x10/0x10 [ 720.497431][T17287] ? find_held_lock+0x2b/0x80 [ 720.497456][T17287] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 720.497500][T17287] ? __hrtimer_setup+0x178/0x280 [ 720.497537][T17287] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 720.497599][T17287] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 720.497658][T17287] hwsim_new_radio_nl+0xc1f/0x1340 [ 720.497707][T17287] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 720.497758][T17287] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 720.497788][T17287] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 720.497821][T17287] genl_family_rcv_msg_doit+0x214/0x300 [ 720.497851][T17287] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 720.497878][T17287] ? genl_get_cmd+0x3ef/0x720 [ 720.497926][T17287] ? bpf_lsm_capable+0x9/0x10 [ 720.497952][T17287] ? security_capable+0x80/0x260 [ 720.497992][T17287] ? ns_capable+0xd2/0xf0 [ 720.498018][T17287] genl_rcv_msg+0x560/0x800 [ 720.498047][T17287] ? __pfx_genl_rcv_msg+0x10/0x10 [ 720.498074][T17287] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 720.498118][T17287] ? __lock_acquire+0x4a5/0x2630 [ 720.498155][T17287] netlink_rcv_skb+0x159/0x420 [ 720.498195][T17287] ? __pfx_genl_rcv_msg+0x10/0x10 [ 720.498222][T17287] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 720.498274][T17287] ? netlink_deliver_tap+0x1ae/0xcc0 [ 720.498316][T17287] genl_rcv+0x28/0x40 [ 720.498337][T17287] netlink_unicast+0x5aa/0x870 [ 720.498381][T17287] ? __pfx_netlink_unicast+0x10/0x10 [ 720.498431][T17287] netlink_sendmsg+0x8b0/0xda0 [ 720.498476][T17287] ? __pfx_netlink_sendmsg+0x10/0x10 [ 720.498514][T17287] ? __import_iovec+0x1d2/0x640 [ 720.498546][T17287] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 720.498592][T17287] ____sys_sendmsg+0x9e1/0xb70 [ 720.498622][T17287] ? __pfx_netlink_sendmsg+0x10/0x10 [ 720.498665][T17287] ? __pfx_____sys_sendmsg+0x10/0x10 [ 720.498698][T17287] ? __pfx_futex_wake_mark+0x10/0x10 [ 720.498744][T17287] ___sys_sendmsg+0x190/0x1e0 [ 720.498774][T17287] ? __pfx____sys_sendmsg+0x10/0x10 [ 720.498839][T17287] __sys_sendmsg+0x170/0x220 [ 720.498877][T17287] ? __pfx___sys_sendmsg+0x10/0x10 [ 720.498912][T17287] ? __x64_sys_futex+0x34f/0x4d0 [ 720.498963][T17287] do_syscall_64+0x106/0xf80 [ 720.498999][T17287] ? clear_bhb_loop+0x40/0x90 [ 720.499030][T17287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.499056][T17287] RIP: 0033:0x7fd5a359c799 [ 720.499078][T17287] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 720.499104][T17287] RSP: 002b:00007fd5a4401028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 720.499129][T17287] RAX: ffffffffffffffda RBX: 00007fd5a3816090 RCX: 00007fd5a359c799 [ 720.499146][T17287] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 720.499163][T17287] RBP: 00007fd5a3632c99 R08: 0000000000000000 R09: 0000000000000000 [ 720.499179][T17287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.499194][T17287] R13: 00007fd5a3816128 R14: 00007fd5a3816090 R15: 00007ffff459d928 [ 720.499227][T17287] [ 722.951950][T17315] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 722.999275][T17316] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4045'. [ 723.042249][T17316] netlink: 25 bytes leftover after parsing attributes in process `syz.2.4045'. [ 724.854824][T17327] ERROR: Out of memory at tomoyo_memory_ok. [ 726.217828][T17348] netlink: 504 bytes leftover after parsing attributes in process `syz.2.4056'. [ 726.292849][T17348] netlink: 504 bytes leftover after parsing attributes in process `syz.2.4056'. [ 727.088044][T17360] random: crng reseeded on system resumption [ 729.599947][T17393] netlink: 318 bytes leftover after parsing attributes in process `syz.1.4073'. [ 729.986571][T17399] FAULT_INJECTION: forcing a failure. [ 729.986571][T17399] name failslab, interval 1, probability 0, space 0, times 0 [ 730.081323][T17399] CPU: 0 UID: 0 PID: 17399 Comm: syz.1.4074 Tainted: G L syzkaller #0 PREEMPT(full) [ 730.081364][T17399] Tainted: [L]=SOFTLOCKUP [ 730.081374][T17399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 730.081389][T17399] Call Trace: [ 730.081398][T17399] [ 730.081410][T17399] dump_stack_lvl+0x100/0x190 [ 730.081453][T17399] should_fail_ex.cold+0x5/0xa [ 730.081482][T17399] should_failslab+0xc2/0x120 [ 730.081509][T17399] __kmalloc_cache_noprof+0x7a/0x6f0 [ 730.081542][T17399] ? drm_atomic_state_alloc+0xb8/0x120 [ 730.081584][T17399] drm_atomic_state_alloc+0xb8/0x120 [ 730.081616][T17399] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 730.081662][T17399] ? trace_contention_end+0x140/0x180 [ 730.081699][T17399] ? __mutex_lock+0x26a/0x1b90 [ 730.081737][T17399] ? __mutex_lock+0x26a/0x1b90 [ 730.081774][T17399] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 730.081812][T17399] ? drm_master_internal_acquire+0x21/0x80 [ 730.081874][T17399] drm_client_modeset_commit_locked+0x14d/0x580 [ 730.081915][T17399] drm_client_modeset_commit+0x4f/0x80 [ 730.081953][T17399] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 730.081993][T17399] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 730.082033][T17399] drm_fbdev_client_restore+0x1b/0x30 [ 730.082061][T17399] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 730.082089][T17399] drm_client_dev_restore+0x205/0x2a0 [ 730.082129][T17399] drm_release+0x2c6/0x360 [ 730.082162][T17399] ? __pfx_drm_release+0x10/0x10 [ 730.082193][T17399] __fput+0x3ff/0xb40 [ 730.082230][T17399] task_work_run+0x150/0x240 [ 730.082269][T17399] ? __pfx_task_work_run+0x10/0x10 [ 730.082315][T17399] exit_to_user_mode_loop+0x100/0x4a0 [ 730.082352][T17399] do_syscall_64+0x668/0xf80 [ 730.082387][T17399] ? clear_bhb_loop+0x40/0x90 [ 730.082419][T17399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 730.082445][T17399] RIP: 0033:0x7f170999c799 [ 730.082466][T17399] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 730.082492][T17399] RSP: 002b:00007f170a8ce028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 730.082517][T17399] RAX: 0000000000000000 RBX: 00007f1709c15fa0 RCX: 00007f170999c799 [ 730.082533][T17399] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 730.082549][T17399] RBP: 00007f1709a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 730.082565][T17399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 730.082582][T17399] R13: 00007f1709c16038 R14: 00007f1709c15fa0 R15: 00007ffc9276bbf8 [ 730.082615][T17399] [ 730.867116][T17405] netlink: 342 bytes leftover after parsing attributes in process `syz.0.4075'. [ 730.921820][T17405] IPv6: Can't replace route, no match found [ 731.313221][T17410] BUG: unable to handle page fault for address: fffff52004852224 [ 731.313242][T17410] #PF: supervisor read access in kernel mode [ 731.313258][T17410] #PF: error_code(0x0000) - not-present page [ 731.313271][T17410] PGD 23fff5067 P4D 23fff5067 PUD 1c6ba067 PMD 0 [ 731.313308][T17410] Oops: Oops: 0000 [#1] SMP KASAN PTI [ 731.313334][T17410] CPU: 0 UID: 0 PID: 17410 Comm: syz.4.4078 Tainted: G L syzkaller #0 PREEMPT(full) [ 731.313370][T17410] Tainted: [L]=SOFTLOCKUP [ 731.313380][T17410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 731.313396][T17410] RIP: 0010:sys_imageblit+0x16c1/0x1d60 [ 731.313436][T17410] Code: 7c cd 00 48 89 fe 48 c1 ee 03 80 3c 1e 00 0f 85 aa 05 00 00 4d 63 f6 48 8b 8c cc 88 00 00 00 4f 8d 34 f7 4c 89 f6 48 c1 ee 03 <80> 3c 1e 00 0f 85 1b 03 00 00 49 89 0e 41 89 c6 8d 4d fd 41 c1 ee [ 731.313463][T17410] RSP: 0018:ffffc90005067598 EFLAGS: 00010a06 [ 731.313482][T17410] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 731.313500][T17410] RDX: 0000000000000000 RSI: 1ffff92004852224 RDI: ffffc90005067620 [ 731.313525][T17410] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000003 [ 731.313541][T17410] R10: 0000000000000010 R11: 0000000000000000 R12: ffff8880267ec609 [ 731.313558][T17410] R13: ffffc90005067620 R14: ffffc90024291120 R15: ffffc90024291120 [ 731.313577][T17410] FS: 00007f7e975416c0(0000) GS:ffff88812434a000(0000) knlGS:0000000000000000 [ 731.313602][T17410] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 731.313619][T17410] CR2: fffff52004852224 CR3: 0000000053496000 CR4: 00000000003526f0 [ 731.313637][T17410] Call Trace: [ 731.313646][T17410] [ 731.313658][T17410] ? __page_table_check_ptes_set+0x1b5/0x4e0 [ 731.313685][T17410] ? find_held_lock+0x2b/0x80 [ 731.313708][T17410] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 731.313734][T17410] ? __pfx_sys_imageblit+0x10/0x10 [ 731.313773][T17410] ? vmap_small_pages_range_noflush+0xc20/0xd50 [ 731.313801][T17410] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 731.313846][T17410] ud_putcs+0x922/0xdf0 [ 731.313885][T17410] ? __pfx_ud_putcs+0x10/0x10 [ 731.313920][T17410] ? fb_get_color_depth+0x120/0x250 [ 731.313946][T17410] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 731.313991][T17410] fbcon_putcs+0x3b2/0x480 [ 731.314014][T17410] ? __pfx_ud_putcs+0x10/0x10 [ 731.314047][T17410] do_update_region+0x2cf/0x3f0 [ 731.314074][T17410] invert_screen+0x27c/0x590 [ 731.314108][T17410] ? __pfx_invert_screen+0x10/0x10 [ 731.314141][T17410] ? __pfx_complement_pos+0x10/0x10 [ 731.314176][T17410] ? vc_do_resize+0x246/0x10f0 [ 731.314207][T17410] ? __vmalloc_node_noprof+0xad/0xf0 [ 731.314239][T17410] clear_selection+0x59/0x70 [ 731.314268][T17410] vc_do_resize+0xda3/0x10f0 [ 731.314304][T17410] ? __pfx_fb_match_mode+0x10/0x10 [ 731.314336][T17410] ? __pfx_vc_do_resize+0x10/0x10 [ 731.314373][T17410] fbcon_modechanged+0x342/0x700 [ 731.314400][T17410] fbcon_update_vcs+0x47/0x60 [ 731.314424][T17410] do_fb_ioctl+0x773/0x7e0 [ 731.314457][T17410] ? __pfx_do_fb_ioctl+0x10/0x10 [ 731.314496][T17410] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 731.314557][T17410] ? __fget_files+0x21f/0x3d0 [ 731.314582][T17410] fb_ioctl+0xe5/0x150 [ 731.314613][T17410] ? __pfx_fb_ioctl+0x10/0x10 [ 731.314646][T17410] __x64_sys_ioctl+0x18e/0x210 [ 731.314682][T17410] do_syscall_64+0x106/0xf80 [ 731.314717][T17410] ? clear_bhb_loop+0x40/0x90 [ 731.314747][T17410] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.314773][T17410] RIP: 0033:0x7f7e9659c799 [ 731.314793][T17410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 731.314819][T17410] RSP: 002b:00007f7e97541028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 731.314843][T17410] RAX: ffffffffffffffda RBX: 00007f7e96815fa0 RCX: 00007f7e9659c799 [ 731.314860][T17410] RDX: 0000200000000080 RSI: 0000000000004601 RDI: 0000000000000004 [ 731.314877][T17410] RBP: 00007f7e96632c99 R08: 0000000000000000 R09: 0000000000000000 [ 731.314893][T17410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 731.314909][T17410] R13: 00007f7e96816038 R14: 00007f7e96815fa0 R15: 00007ffc49573888 [ 731.314934][T17410] [ 731.314943][T17410] Modules linked in: [ 731.314968][T17410] CR2: fffff52004852224 [ 731.314985][T17410] ---[ end trace 0000000000000000 ]--- [ 731.315001][T17410] RIP: 0010:sys_imageblit+0x16c1/0x1d60 [ 731.315038][T17410] Code: 7c cd 00 48 89 fe 48 c1 ee 03 80 3c 1e 00 0f 85 aa 05 00 00 4d 63 f6 48 8b 8c cc 88 00 00 00 4f 8d 34 f7 4c 89 f6 48 c1 ee 03 <80> 3c 1e 00 0f 85 1b 03 00 00 49 89 0e 41 89 c6 8d 4d fd 41 c1 ee [ 731.315064][T17410] RSP: 0018:ffffc90005067598 EFLAGS: 00010a06 [ 731.315084][T17410] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 731.315101][T17410] RDX: 0000000000000000 RSI: 1ffff92004852224 RDI: ffffc90005067620 [ 731.315118][T17410] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000003 [ 731.315134][T17410] R10: 0000000000000010 R11: 0000000000000000 R12: ffff8880267ec609 [ 731.315150][T17410] R13: ffffc90005067620 R14: ffffc90024291120 R15: ffffc90024291120 [ 731.315167][T17410] FS: 00007f7e975416c0(0000) GS:ffff88812434a000(0000) knlGS:0000000000000000 [ 731.315192][T17410] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 731.315209][T17410] CR2: fffff52004852224 CR3: 0000000053496000 CR4: 00000000003526f0 [ 731.315228][T17410] Kernel panic - not syncing: Fatal exception [ 731.315300][T17410] Kernel Offset: disabled