last executing test programs: 5.461553124s ago: executing program 2 (id=1764): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010072e0fa60fddbdf250000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c00"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5.297357536s ago: executing program 2 (id=1765): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) sysfs$auto(0x2, 0x2, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0) 4.805683329s ago: executing program 2 (id=1770): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) bpf$auto(0x5, 0x0, 0x80) madvise$auto(0x0, 0xffffffffffff0005, 0x19) getgid() 3.269533456s ago: executing program 1 (id=1786): r0 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x2000000006, 0x2) landlock_restrict_self$auto(r0, 0xb) 3.236747199s ago: executing program 3 (id=1787): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4048ae9b, &(0x7f0000000100)={0x7}) 3.085967544s ago: executing program 0 (id=1788): landlock_create_ruleset$auto(&(0x7f0000000080)={0x3, 0xe76, 0x80000000}, 0xc27, 0x2) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', 0x0, 0x10000, 0x0) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80200", @ANYRES8, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f30"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x2400c090) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) ioctl$auto_VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000000)={0x8}) ioctl$auto_VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000080)={0x6}) 3.034979419s ago: executing program 2 (id=1789): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = socket(0x10, 0x2, 0x14) r1 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x7fff) writev$auto(r0, &(0x7f00000000c0)={0x0, 0x710f}, 0x5) 2.643686389s ago: executing program 3 (id=1790): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) setresgid$auto(0x81, 0x800000a0, 0x8) setgroups$auto(0xc00000000, 0xfffffffffffffffc) setresuid$auto(0x8, 0x8, 0x0) setfsuid$auto(0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0) write$auto(r0, 0x0, 0x2) 2.476118992s ago: executing program 3 (id=1791): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socketcall$auto(0x8000, 0x0) 2.475571255s ago: executing program 0 (id=1799): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0x2c0400, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x86a7, 0x11, 0xfffffffe, 0x6, 0x30000000, 0x9, 0xffffffffffffffff, [0x0, 0x0, 0xffff], {0x6, 0x10001, 0x20000b, 0x2e1, 0x504, 0x1, 0x101, 0x6, 0x5}, {0xfff7ffff, 0x2, 0x52, 0x5, 0x10001, 0x440, 0x76c5, 0x8, 0x8000000000040000}}) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x800000002, &(0x7f0000000280)={&(0x7f0000000040), 0x1ffffffff}, 0x6, 0x0) r1 = socket(0xa, 0x3, 0x3a) ioctl$auto(r1, 0x890c, 0x1) 2.141913382s ago: executing program 0 (id=1792): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.5/usb6/maxchild\x00', 0x8000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0x141401, 0x0) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) timerfd_create$auto(0x9, 0x0) fgetxattr$auto(r0, &(0x7f00000004c0)='security.capability\x00\x06\xa1\xcd\xd3<\x81\a(\xa2f*\xaf\xc8\x02\xe9\x14\x8fE2k\x19{\xd4\xf2\xdf\x80\x9c\x87\x86\xde20\x8e\x1cN\xd4.\xd3Z\xf3K\x98vW\x7f\x94Z\x0e>\x85S&\xe5\x96\xce\xf15\xb3v\xa8R\x05\x94\x8c\x1df\x11\xbd\xd0\x7fu\xc7{\xe1\xff\xff\xc4\xbb\x17\xd5\xee\xd8\x143\xed\xc4|\xd3\f\x05\f\x95\xce\xbf9\xc8\xf1m\x96\xa3\xc0\xf29\x8b\x02\x89\xed`\xb4\xcb\xb3O\x97X\xe3\xd0j\xa5\xd0\x9e*\xf9|\xd9\xc2\xf4X\xc9[\xfa\xcf\xa3\xeb\x05EOgaA\xb1@f\x93F0\x8cR\xc5\xb6\x16\xfa\xe7\x13\x00\x02\xf4\x80\xe3\xd2\xf4MP\x87vB\xefJ\xeb\xb3\\\x88\x18` \xca\x8faI\x89\xb6\x91\x1ae\xd2\xad\xbe\xb3\xe6\bX]\xd7\x81.\xd2\xed\xc4\x9f\xb5~\xb4\xc6^\x97\xc3\xa2\x16\x99\xfc\x00_\xe6\xb0G\xe9`\xb4+2\x93\n9 EU\x1e\xb4\xbeVt\x89\xf9\xc7\xe1`4O\x00\x00\x00\x00\xa5\xe0\xf5\xb2\x00\x00t\x10\"\x15\xbc\xdb\x92\xff\xa7\xe1Vv\xe5*\xc5\xe1r\xf5\xa4Cw\x1c/?\xbcn\xe3\x8aX\xfc\xe9,\xca,9\xda\xad\x87\xb1\xb2\xff#\xa1Yi\xd3\x17l6\xa0\xd8\x1b\xad8\a\xfc%\xa6(\xcb\x97(\x16\x81\xbf\xc6\xdbw\x13!\xc9\xc6\xc3\xfbc\xfe\x83\xcd\x16 e\xcd\x91y@\xe2\xd8{\xec\xbb\xbb\x1d5\t\xed>\xa9&\xce\xfc\xab[\xae\xa1\x94\b\xcc/-\x12\x8d\x84K\xf0\xd0\x0f\x13)\x17CI\xb7\xf35\xfc\xe8(\xfa\t2\xafQ8}\xd8\xbb\xe4nlR\xf8\xc9\xf2\xa3\xe5\x83\r\t\xb96d\xd6\x1e\xbd*\xa4\xc9\xcbE2\xe9\x81\xc3\xc3\x8a\x15\xcb\xf2\x8a\n\xe8\x1c\x88\xd4\xa5\x96!dJ+\xd2\x01#v\xd8BgB`\x8alP\r\x04\xce\x04$\xaag\xb6\xdb6-0>\xb3u\xd4\xdb\xd8~\xb0\f', 0x0, 0x96) 2.116428897s ago: executing program 1 (id=1793): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x5, 0x0) bind$auto(0x3, 0x0, 0x6b) connect$auto(0x3, 0x0, 0x6b) 2.047250658s ago: executing program 2 (id=1794): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400, 0x0) 1.972044505s ago: executing program 0 (id=1795): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video52\x00', 0x6aa01, 0x0) ioctl$auto(r1, 0xc0585611, r1) 1.850439253s ago: executing program 1 (id=1796): clock_getres$auto(0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x60042, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x4, 0x3) 1.625281632s ago: executing program 0 (id=1797): sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x10008, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x6}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x8929, 0x24) 1.483451503s ago: executing program 2 (id=1798): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) bpf$auto(0x5, 0x0, 0x80) madvise$auto(0x0, 0xffffffffffff0005, 0x19) getgid() 1.23873669s ago: executing program 3 (id=1800): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0x400018) ioctl$auto(0x3, 0x4020565b, 0x38) 1.15820046s ago: executing program 1 (id=1801): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x7fff}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x8080) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.099871008s ago: executing program 1 (id=1802): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @host}, 0x55) listen$auto(0x3, 0x81) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) 1.045754024s ago: executing program 3 (id=1803): r0 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x2000000006, 0x2) landlock_restrict_self$auto(r0, 0xb) 338.15059ms ago: executing program 1 (id=1804): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = socket(0x10, 0x2, 0x14) r1 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x7fff) writev$auto(r0, &(0x7f00000000c0)={0x0, 0x710f}, 0x5) 184.165826ms ago: executing program 0 (id=1805): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) r0 = open(&(0x7f0000000100)='.\x00', 0x595082, 0x0) write$auto(r0, 0x0, 0xfffffdf1) fcntl$auto_F_ADD_SEALS(r0, 0x409, 0x9) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mprotect$auto(0x0, 0x8000000000000001, 0x8) 0s ago: executing program 3 (id=1806): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x84) kernel console output (not intermixed with test programs): [ 172.770404][ T7539] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 172.770436][ T7539] RAX: 0000000000000000 RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 172.770466][ T7539] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 172.770487][ T7539] RBP: 00007f2168832c99 R08: 0000000000000000 R09: 0000000000000000 [ 172.770507][ T7539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 172.770527][ T7539] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 172.770574][ T7539] [ 174.041499][ T7567] netlink: 'syz.3.598': attribute type 4 has an invalid length. [ 174.187691][ T7562] zswap: compressor not available [ 174.280833][ T7576] netlink: 326 bytes leftover after parsing attributes in process `syz.2.602'. [ 175.725276][ T7617] netlink: 28 bytes leftover after parsing attributes in process `syz.0.617'. [ 176.195388][ T7626] netlink: 326 bytes leftover after parsing attributes in process `syz.3.621'. [ 177.286782][ T7660] netlink: 'syz.1.635': attribute type 64 has an invalid length. [ 177.369102][ T7660] netlink: 74 bytes leftover after parsing attributes in process `syz.1.635'. [ 180.204064][ T7721] FAULT_INJECTION: forcing a failure. [ 180.204064][ T7721] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 180.217779][ T7721] CPU: 1 UID: 0 PID: 7721 Comm: syz.0.658 Not tainted syzkaller #0 PREEMPT(full) [ 180.217811][ T7721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 180.217830][ T7721] Call Trace: [ 180.217839][ T7721] [ 180.217848][ T7721] dump_stack_lvl+0x100/0x190 [ 180.217890][ T7721] should_fail_ex.cold+0x5/0xa [ 180.217914][ T7721] ? prepare_alloc_pages+0x16d/0x5f0 [ 180.217945][ T7721] should_fail_alloc_page+0xeb/0x140 [ 180.217973][ T7721] prepare_alloc_pages+0x1f0/0x5f0 [ 180.218013][ T7721] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 180.218058][ T7721] ? reacquire_held_locks+0xce/0x1e0 [ 180.218091][ T7721] ? folio_lock_anon_vma_read+0x348/0xe30 [ 180.218129][ T7721] ? folio_lock_anon_vma_read+0x348/0xe30 [ 180.218166][ T7721] ? __up_read+0x2c5/0x700 [ 180.218202][ T7721] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 180.218240][ T7721] ? __pfx___up_read+0x10/0x10 [ 180.218275][ T7721] ? rmap_walk_anon+0x561/0x870 [ 180.218331][ T7721] __folio_alloc_noprof+0x13/0x2f0 [ 180.218369][ T7721] alloc_migration_target+0x1d7/0x6d0 [ 180.218400][ T7721] migrate_pages_batch+0x4f2/0x4530 [ 180.218432][ T7721] ? __pfx_alloc_migration_target+0x10/0x10 [ 180.218470][ T7721] ? walk_pgd_range+0x1115/0x1eb0 [ 180.218509][ T7721] ? __pfx_migrate_pages_batch+0x10/0x10 [ 180.218559][ T7721] migrate_pages_sync+0x12c/0x880 [ 180.218590][ T7721] ? __pfx_alloc_migration_target+0x10/0x10 [ 180.218629][ T7721] ? __pfx_migrate_pages_sync+0x10/0x10 [ 180.218657][ T7721] ? __pfx_queue_pages_test_walk+0x10/0x10 [ 180.218692][ T7721] ? walk_page_range_mm_unsafe+0x32c/0xa10 [ 180.218739][ T7721] migrate_pages+0x1aae/0x28a0 [ 180.218773][ T7721] ? __pfx_alloc_migration_target+0x10/0x10 [ 180.218815][ T7721] ? __pfx_migrate_pages+0x10/0x10 [ 180.218847][ T7721] ? queue_pages_range+0x11e/0x180 [ 180.218899][ T7721] ? __up_read+0x2c5/0x700 [ 180.218935][ T7721] ? __pfx___up_read+0x10/0x10 [ 180.218970][ T7721] ? do_migrate_pages+0x451/0x740 [ 180.219002][ T7721] ? do_migrate_pages+0x451/0x740 [ 180.219034][ T7721] do_migrate_pages+0x488/0x740 [ 180.219069][ T7721] ? __pfx_do_migrate_pages+0x10/0x10 [ 180.219100][ T7721] ? rcu_is_watching+0x12/0xc0 [ 180.219139][ T7721] ? cap_capable+0x107/0x460 [ 180.219177][ T7721] ? get_task_mm+0xc2/0xf0 [ 180.219201][ T7721] ? security_capable+0xbd/0x260 [ 180.219243][ T7721] kernel_migrate_pages+0x560/0x700 [ 180.219271][ T7721] ? __pfx_kernel_migrate_pages+0x10/0x10 [ 180.219298][ T7721] ? xfd_validate_state+0x129/0x190 [ 180.219341][ T7721] __x64_sys_migrate_pages+0x96/0x100 [ 180.219369][ T7721] ? lockdep_hardirqs_on+0x78/0x100 [ 180.219405][ T7721] do_syscall_64+0x106/0xf80 [ 180.219439][ T7721] ? clear_bhb_loop+0x40/0x90 [ 180.219469][ T7721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.219495][ T7721] RIP: 0033:0x7ff503d9c799 [ 180.219516][ T7721] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 180.219540][ T7721] RSP: 002b:00007ff504d35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 [ 180.219563][ T7721] RAX: ffffffffffffffda RBX: 00007ff504015fa0 RCX: 00007ff503d9c799 [ 180.219579][ T7721] RDX: 0000200000000100 RSI: 000000000000000a RDI: 0000000000000000 [ 180.219594][ T7721] RBP: 00007ff503e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 180.219609][ T7721] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000 [ 180.219624][ T7721] R13: 00007ff504016038 R14: 00007ff504015fa0 R15: 00007ffcc4039978 [ 180.219654][ T7721] [ 181.182446][ T7736] netlink: 36 bytes leftover after parsing attributes in process `syz.0.665'. [ 181.297280][ T30] audit: type=1804 audit(1773833599.795:6): pid=7738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.667" name=2F6E6577726F6F742F3138312F50524F46494C455F56455253494F4E3D32303135303530350A302D434F4D4D454E543D0A302D505245464552454E43453D7B206D61785F61756469745F6C6F673D3332206D61785F6C6561726E696E675F656E7472793D3634207D0A302D434F4E4649473D7B206D6F64653D6C6561726E696E67206772616E745F6C6F673D6E6F2072656A6563745F6C6F673D796573207D0A dev="tmpfs" ino=932 res=1 errno=0 [ 181.628267][ T7750] block nbd0: Unsupported socket: should be TCP or UNIX. [ 182.165884][ T7757] netlink: 334 bytes leftover after parsing attributes in process `syz.3.673'. [ 183.141036][ T7782] sctp: [Deprecated]: syz.2.682 (pid 7782) Use of struct sctp_assoc_value in delayed_ack socket option. [ 183.141036][ T7782] Use struct sctp_sack_info instead [ 187.226282][ T7887] netlink: 28 bytes leftover after parsing attributes in process `syz.2.723'. [ 187.414519][ T7898] netlink: 28 bytes leftover after parsing attributes in process `syz.0.728'. [ 187.542790][ T7901] netlink: 20 bytes leftover after parsing attributes in process `syz.0.730'. [ 187.649221][ T7904] netlink: 330 bytes leftover after parsing attributes in process `syz.1.731'. [ 188.431902][ T7925] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 188.442866][ T7925] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 188.783338][ T7917] NFSD: Failed to start, no listeners configured. [ 189.719356][ T7955] netlink: 'syz.1.749': attribute type 1 has an invalid length. [ 189.727105][ T7955] netlink: 322 bytes leftover after parsing attributes in process `syz.1.749'. [ 189.804120][ T7955] netlink: 'syz.1.749': attribute type 1 has an invalid length. [ 189.879021][ T7955] netlink: 322 bytes leftover after parsing attributes in process `syz.1.749'. [ 190.044424][ T7964] netlink: 334 bytes leftover after parsing attributes in process `syz.2.753'. [ 190.313101][ T7970] FAULT_INJECTION: forcing a failure. [ 190.313101][ T7970] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 190.358737][ T7970] CPU: 1 UID: 0 PID: 7970 Comm: syz.2.756 Not tainted syzkaller #0 PREEMPT(full) [ 190.358782][ T7970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 190.358802][ T7970] Call Trace: [ 190.358813][ T7970] [ 190.358826][ T7970] dump_stack_lvl+0x100/0x190 [ 190.358884][ T7970] should_fail_ex.cold+0x5/0xa [ 190.358918][ T7970] ? prepare_alloc_pages+0x16d/0x5f0 [ 190.358962][ T7970] should_fail_alloc_page+0xeb/0x140 [ 190.359003][ T7970] prepare_alloc_pages+0x1f0/0x5f0 [ 190.359060][ T7970] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 190.359122][ T7970] ? reacquire_held_locks+0xce/0x1e0 [ 190.359169][ T7970] ? folio_lock_anon_vma_read+0x348/0xe30 [ 190.359220][ T7970] ? folio_lock_anon_vma_read+0x348/0xe30 [ 190.359273][ T7970] ? __up_read+0x2c5/0x700 [ 190.359324][ T7970] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 190.359378][ T7970] ? __pfx___up_read+0x10/0x10 [ 190.359427][ T7970] ? rmap_walk_anon+0x561/0x870 [ 190.359507][ T7970] __folio_alloc_noprof+0x13/0x2f0 [ 190.359560][ T7970] alloc_migration_target+0x1d7/0x6d0 [ 190.359605][ T7970] migrate_pages_batch+0x4f2/0x4530 [ 190.359649][ T7970] ? __pfx_alloc_migration_target+0x10/0x10 [ 190.359705][ T7970] ? walk_pgd_range+0x1115/0x1eb0 [ 190.359760][ T7970] ? __pfx_migrate_pages_batch+0x10/0x10 [ 190.359833][ T7970] migrate_pages_sync+0x12c/0x880 [ 190.359878][ T7970] ? __pfx_alloc_migration_target+0x10/0x10 [ 190.359929][ T7970] ? __pfx_migrate_pages_sync+0x10/0x10 [ 190.359969][ T7970] ? __pfx_queue_pages_test_walk+0x10/0x10 [ 190.360026][ T7970] ? walk_page_range_mm_unsafe+0x32c/0xa10 [ 190.360092][ T7970] migrate_pages+0x1aae/0x28a0 [ 190.360142][ T7970] ? __pfx_alloc_migration_target+0x10/0x10 [ 190.360193][ T7970] ? __pfx_migrate_pages+0x10/0x10 [ 190.360238][ T7970] ? queue_pages_range+0x11e/0x180 [ 190.360298][ T7970] ? __up_read+0x2c5/0x700 [ 190.360349][ T7970] ? __pfx___up_read+0x10/0x10 [ 190.360398][ T7970] ? do_migrate_pages+0x451/0x740 [ 190.360434][ T7970] ? do_migrate_pages+0x451/0x740 [ 190.360480][ T7970] do_migrate_pages+0x488/0x740 [ 190.360529][ T7970] ? __pfx_do_migrate_pages+0x10/0x10 [ 190.360573][ T7970] ? rcu_is_watching+0x12/0xc0 [ 190.360626][ T7970] ? cap_capable+0x107/0x460 [ 190.360678][ T7970] ? get_task_mm+0xc2/0xf0 [ 190.360714][ T7970] ? security_capable+0xbd/0x260 [ 190.360774][ T7970] kernel_migrate_pages+0x560/0x700 [ 190.360814][ T7970] ? __pfx_kernel_migrate_pages+0x10/0x10 [ 190.360850][ T7970] ? xfd_validate_state+0x129/0x190 [ 190.360912][ T7970] __x64_sys_migrate_pages+0x96/0x100 [ 190.360951][ T7970] ? lockdep_hardirqs_on+0x78/0x100 [ 190.361002][ T7970] do_syscall_64+0x106/0xf80 [ 190.361059][ T7970] ? clear_bhb_loop+0x40/0x90 [ 190.361104][ T7970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.361141][ T7970] RIP: 0033:0x7fd96619c799 [ 190.361169][ T7970] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 190.361202][ T7970] RSP: 002b:00007fd967123028 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 [ 190.361235][ T7970] RAX: ffffffffffffffda RBX: 00007fd966415fa0 RCX: 00007fd96619c799 [ 190.361258][ T7970] RDX: 0000200000000100 RSI: 000000000000000a RDI: 0000000000000000 [ 190.361279][ T7970] RBP: 00007fd966232c99 R08: 0000000000000000 R09: 0000000000000000 [ 190.361299][ T7970] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000 [ 190.361320][ T7970] R13: 00007fd966416038 R14: 00007fd966415fa0 R15: 00007ffccb8b61f8 [ 190.361366][ T7970] [ 191.836567][ T7996] random: crng reseeded on system resumption [ 192.807894][ T8009] netlink: 326 bytes leftover after parsing attributes in process `syz.2.767'. [ 192.914991][ T8018] random: crng reseeded on system resumption [ 192.945433][ T8018] FAULT_INJECTION: forcing a failure. [ 192.945433][ T8018] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 193.048820][ T8018] CPU: 0 UID: 0 PID: 8018 Comm: syz.3.771 Not tainted syzkaller #0 PREEMPT(full) [ 193.048867][ T8018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 193.048888][ T8018] Call Trace: [ 193.048899][ T8018] [ 193.048913][ T8018] dump_stack_lvl+0x100/0x190 [ 193.048974][ T8018] should_fail_ex.cold+0x5/0xa [ 193.049005][ T8018] ? prepare_alloc_pages+0x16d/0x5f0 [ 193.049048][ T8018] should_fail_alloc_page+0xeb/0x140 [ 193.049086][ T8018] prepare_alloc_pages+0x1f0/0x5f0 [ 193.049133][ T8018] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 193.049191][ T8018] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 193.049253][ T8018] ? stack_trace_save+0x8e/0xc0 [ 193.049282][ T8018] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 193.049325][ T8018] ? stack_depot_save_flags+0x27/0x9d0 [ 193.049361][ T8018] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 193.049408][ T8018] ? kasan_save_stack+0x3f/0x50 [ 193.049457][ T8018] ? kasan_save_stack+0x30/0x50 [ 193.049501][ T8018] ? kasan_save_track+0x14/0x30 [ 193.049559][ T8018] ? do_sys_openat2+0x10d/0x1e0 [ 193.049599][ T8018] ? __x64_sys_openat+0x12d/0x210 [ 193.049641][ T8018] ? do_syscall_64+0x106/0xf80 [ 193.049688][ T8018] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.049727][ T8018] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 193.049805][ T8018] ? policy_nodemask+0xed/0x4f0 [ 193.049844][ T8018] alloc_pages_mpol+0x1fb/0x550 [ 193.049881][ T8018] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 193.049919][ T8018] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 193.049963][ T8018] alloc_pages_noprof+0x131/0x390 [ 193.050002][ T8018] get_zeroed_page_noprof+0x18/0xb0 [ 193.050040][ T8018] get_image_page+0x18/0x1a0 [ 193.050096][ T8018] alloc_rtree_node+0x3c/0xb0 [ 193.050149][ T8018] memory_bm_create+0x65e/0xba0 [ 193.050224][ T8018] create_basic_memory_bitmaps+0x10b/0x350 [ 193.050266][ T8018] snapshot_open+0x230/0x2a0 [ 193.050304][ T8018] ? __pfx_snapshot_open+0x10/0x10 [ 193.050344][ T8018] misc_open+0x26d/0x450 [ 193.050382][ T8018] ? __pfx_misc_open+0x10/0x10 [ 193.050420][ T8018] chrdev_open+0x234/0x6a0 [ 193.050454][ T8018] ? __pfx_apparmor_file_open+0x10/0x10 [ 193.050520][ T8018] ? __pfx_chrdev_open+0x10/0x10 [ 193.050558][ T8018] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 193.050603][ T8018] do_dentry_open+0x6d8/0x1660 [ 193.050636][ T8018] ? __pfx_chrdev_open+0x10/0x10 [ 193.050681][ T8018] vfs_open+0x82/0x3f0 [ 193.050728][ T8018] path_openat+0x208c/0x31a0 [ 193.050789][ T8018] ? __pfx_path_openat+0x10/0x10 [ 193.050841][ T8018] do_file_open+0x20e/0x430 [ 193.050880][ T8018] ? __pfx_do_file_open+0x10/0x10 [ 193.050947][ T8018] ? alloc_fd+0x476/0x790 [ 193.050987][ T8018] ? do_getname+0x191/0x390 [ 193.051034][ T8018] do_sys_openat2+0x10d/0x1e0 [ 193.051080][ T8018] ? __pfx_do_sys_openat2+0x10/0x10 [ 193.051130][ T8018] ? __fget_files+0x21f/0x3d0 [ 193.051173][ T8018] __x64_sys_openat+0x12d/0x210 [ 193.051222][ T8018] ? __pfx___x64_sys_openat+0x10/0x10 [ 193.051284][ T8018] do_syscall_64+0x106/0xf80 [ 193.051333][ T8018] ? clear_bhb_loop+0x40/0x90 [ 193.051375][ T8018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.051410][ T8018] RIP: 0033:0x7f216879c799 [ 193.051438][ T8018] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 193.051467][ T8018] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 193.051494][ T8018] RAX: ffffffffffffffda RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 193.051514][ T8018] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 193.051531][ T8018] RBP: 00007f2168832c99 R08: 0000000000000000 R09: 0000000000000000 [ 193.051548][ T8018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 193.051565][ T8018] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 193.051602][ T8018] [ 193.763854][ T8029] netlink: 302 bytes leftover after parsing attributes in process `syz.0.776'. [ 194.505002][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.511581][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 197.815836][ T8105] netlink: 'syz.3.801': attribute type 1 has an invalid length. [ 198.294777][ T8113] netlink: 342 bytes leftover after parsing attributes in process `syz.3.804'. [ 198.311609][ T8113] netlink: 342 bytes leftover after parsing attributes in process `syz.3.804'. [ 200.876082][ T8170] netlink: 8 bytes leftover after parsing attributes in process `syz.3.825'. [ 200.909242][ T8162] netlink: 'syz.1.830': attribute type 19 has an invalid length. [ 200.917047][ T8162] netlink: 334 bytes leftover after parsing attributes in process `syz.1.830'. [ 204.450260][ T8239] zswap: compressor not available [ 204.972171][ T8258] netlink: 334 bytes leftover after parsing attributes in process `syz.0.857'. [ 207.563588][ T8322] netlink: 342 bytes leftover after parsing attributes in process `syz.1.881'. [ 207.590643][ T8322] netlink: 342 bytes leftover after parsing attributes in process `syz.1.881'. [ 208.061960][ T8338] netlink: 'syz.1.889': attribute type 1 has an invalid length. [ 208.195102][ T8345] random: crng reseeded on system resumption [ 209.067947][ T8359] sctp: [Deprecated]: syz.2.895 (pid 8359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 209.067947][ T8359] Use struct sctp_sack_info instead [ 210.147372][ T8380] Invalid ELF header magic: != ELF [ 211.950314][ T5839] Bluetooth: hci0: command 0x0406 tx timeout [ 211.956108][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 211.956937][ T5839] Bluetooth: hci1: command 0x0406 tx timeout [ 212.195941][ T8442] netlink: 334 bytes leftover after parsing attributes in process `syz.0.926'. [ 213.019095][ T8458] netlink: 28 bytes leftover after parsing attributes in process `syz.2.931'. [ 213.277207][ T8468] netlink: 338 bytes leftover after parsing attributes in process `syz.2.933'. [ 213.407946][ T8463] zswap: compressor not available [ 214.952432][ T8504] syz.0.947 uses obsolete (PF_INET,SOCK_PACKET) [ 215.471677][ T8526] FAULT_INJECTION: forcing a failure. [ 215.471677][ T8526] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 215.538823][ T8526] CPU: 1 UID: 0 PID: 8526 Comm: syz.1.952 Not tainted syzkaller #0 PREEMPT(full) [ 215.538869][ T8526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 215.538889][ T8526] Call Trace: [ 215.538900][ T8526] [ 215.538913][ T8526] dump_stack_lvl+0x100/0x190 [ 215.538971][ T8526] should_fail_ex.cold+0x5/0xa [ 215.539004][ T8526] ? prepare_alloc_pages+0x16d/0x5f0 [ 215.539048][ T8526] should_fail_alloc_page+0xeb/0x140 [ 215.539088][ T8526] prepare_alloc_pages+0x1f0/0x5f0 [ 215.539134][ T8526] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 215.539196][ T8526] ? rcu_is_watching+0x12/0xc0 [ 215.539250][ T8526] ? trace_mm_page_alloc+0x17a/0x1d0 [ 215.539291][ T8526] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 215.539351][ T8526] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 215.539412][ T8526] ? find_held_lock+0x2b/0x80 [ 215.539445][ T8526] ? is_bpf_text_address+0x8a/0x1a0 [ 215.539506][ T8526] ? is_bpf_text_address+0x8a/0x1a0 [ 215.539565][ T8526] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 215.539603][ T8526] ? is_bpf_text_address+0x94/0x1a0 [ 215.539665][ T8526] ? kernel_text_address+0x8d/0x100 [ 215.539718][ T8526] ? __kernel_text_address+0xd/0x30 [ 215.539768][ T8526] ? unwind_get_return_address+0x59/0xa0 [ 215.539816][ T8526] alloc_pages_bulk_noprof+0x782/0x1490 [ 215.539886][ T8526] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 215.539944][ T8526] ? kasan_save_stack+0x30/0x50 [ 215.540008][ T8526] ? alloc_pages_noprof+0x233/0x390 [ 215.540048][ T8526] __kasan_populate_vmalloc+0xf0/0x210 [ 215.540111][ T8526] alloc_vmap_area+0x95d/0x2bd0 [ 215.540165][ T8526] ? __pfx_alloc_vmap_area+0x10/0x10 [ 215.540219][ T8526] __get_vm_area_node+0x1ca/0x330 [ 215.540267][ T8526] __vmalloc_node_range_noprof+0x213/0x1530 [ 215.540313][ T8526] ? kernel_clone+0xfc/0x9a0 [ 215.540350][ T8526] ? find_held_lock+0x2b/0x80 [ 215.540382][ T8526] ? local_lock_release+0x99/0x130 [ 215.540421][ T8526] ? local_lock_release+0x99/0x130 [ 215.540467][ T8526] ? kernel_clone+0xfc/0x9a0 [ 215.540519][ T8526] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 215.540566][ T8526] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 215.540613][ T8526] ? rcu_is_watching+0x12/0xc0 [ 215.540671][ T8526] ? trace_kmem_cache_alloc+0xf3/0x120 [ 215.540712][ T8526] ? kernel_clone+0xfc/0x9a0 [ 215.540747][ T8526] __vmalloc_node_noprof+0xad/0xf0 [ 215.540787][ T8526] ? kernel_clone+0xfc/0x9a0 [ 215.540828][ T8526] copy_process+0x5ec/0x7a40 [ 215.540868][ T8526] ? __pfx___futex_wait+0x10/0x10 [ 215.540933][ T8526] ? __pfx_copy_process+0x10/0x10 [ 215.540991][ T8526] kernel_clone+0xfc/0x9a0 [ 215.541028][ T8526] ? __pfx_futex_wait+0x10/0x10 [ 215.541079][ T8526] ? __pfx_kernel_clone+0x10/0x10 [ 215.541139][ T8526] __do_sys_clone+0xd9/0x120 [ 215.541181][ T8526] ? __pfx___do_sys_clone+0x10/0x10 [ 215.541251][ T8526] do_syscall_64+0x106/0xf80 [ 215.541298][ T8526] ? clear_bhb_loop+0x40/0x90 [ 215.541340][ T8526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.541375][ T8526] RIP: 0033:0x7f524019c799 [ 215.541404][ T8526] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 215.541437][ T8526] RSP: 002b:00007f52410c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 215.541469][ T8526] RAX: ffffffffffffffda RBX: 00007f5240415fa0 RCX: 00007f524019c799 [ 215.541491][ T8526] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 215.541511][ T8526] RBP: 00007f5240232c99 R08: 0000000000000002 R09: 0000000000000000 [ 215.541531][ T8526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 215.541551][ T8526] R13: 00007f5240416038 R14: 00007f5240415fa0 R15: 00007ffd4dfbec58 [ 215.541595][ T8526] [ 215.547178][ T8526] syz.1.952: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 215.988797][ T8526] CPU: 1 UID: 0 PID: 8526 Comm: syz.1.952 Not tainted syzkaller #0 PREEMPT(full) [ 215.988845][ T8526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 215.988865][ T8526] Call Trace: [ 215.988876][ T8526] [ 215.988888][ T8526] dump_stack_lvl+0x100/0x190 [ 215.988947][ T8526] warn_alloc.cold+0x95/0x1c1 [ 215.989006][ T8526] ? __pfx_warn_alloc+0x10/0x10 [ 215.989054][ T8526] ? lockdep_hardirqs_on+0x78/0x100 [ 215.989108][ T8526] ? __get_vm_area_node+0x2c5/0x330 [ 215.989156][ T8526] ? __get_vm_area_node+0x208/0x330 [ 215.989203][ T8526] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 215.989246][ T8526] ? find_held_lock+0x2b/0x80 [ 215.989278][ T8526] ? local_lock_release+0x99/0x130 [ 215.989318][ T8526] ? local_lock_release+0x99/0x130 [ 215.989371][ T8526] ? kernel_clone+0xfc/0x9a0 [ 215.989421][ T8526] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 215.989468][ T8526] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 215.989514][ T8526] ? rcu_is_watching+0x12/0xc0 [ 215.989566][ T8526] ? trace_kmem_cache_alloc+0xf3/0x120 [ 215.989613][ T8526] ? kernel_clone+0xfc/0x9a0 [ 215.989651][ T8526] __vmalloc_node_noprof+0xad/0xf0 [ 215.989693][ T8526] ? kernel_clone+0xfc/0x9a0 [ 215.989736][ T8526] copy_process+0x5ec/0x7a40 [ 215.989778][ T8526] ? __pfx___futex_wait+0x10/0x10 [ 215.989846][ T8526] ? __pfx_copy_process+0x10/0x10 [ 215.989905][ T8526] kernel_clone+0xfc/0x9a0 [ 215.989942][ T8526] ? __pfx_futex_wait+0x10/0x10 [ 215.990010][ T8526] ? __pfx_kernel_clone+0x10/0x10 [ 215.990083][ T8526] __do_sys_clone+0xd9/0x120 [ 215.990130][ T8526] ? __pfx___do_sys_clone+0x10/0x10 [ 215.990203][ T8526] do_syscall_64+0x106/0xf80 [ 215.990249][ T8526] ? clear_bhb_loop+0x40/0x90 [ 215.990291][ T8526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.990326][ T8526] RIP: 0033:0x7f524019c799 [ 215.990353][ T8526] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 215.990384][ T8526] RSP: 002b:00007f52410c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 215.990415][ T8526] RAX: ffffffffffffffda RBX: 00007f5240415fa0 RCX: 00007f524019c799 [ 215.990436][ T8526] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 215.990456][ T8526] RBP: 00007f5240232c99 R08: 0000000000000002 R09: 0000000000000000 [ 215.990476][ T8526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 215.990496][ T8526] R13: 00007f5240416038 R14: 00007f5240415fa0 R15: 00007ffd4dfbec58 [ 215.990540][ T8526] [ 215.990563][ T8526] Mem-Info: [ 216.259323][ T8526] active_anon:24529 inactive_anon:0 isolated_anon:0 [ 216.259323][ T8526] active_file:14332 inactive_file:40241 isolated_file:0 [ 216.259323][ T8526] unevictable:768 dirty:177 writeback:0 [ 216.259323][ T8526] slab_reclaimable:11198 slab_unreclaimable:90886 [ 216.259323][ T8526] mapped:34439 shmem:20212 pagetables:1156 [ 216.259323][ T8526] sec_pagetables:0 bounce:0 [ 216.259323][ T8526] kernel_misc_reclaimable:0 [ 216.259323][ T8526] free:1321713 free_pcp:6210 free_cma:0 [ 216.396639][ T8526] Node 0 active_anon:101008kB inactive_anon:0kB active_file:57328kB inactive_file:160768kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:140560kB dirty:708kB writeback:0kB shmem:81908kB shmem_thp:4096kB shmem_pmdmapped:4096kB anon_thp:0kB kernel_stack:11404kB pagetables:4384kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 216.468943][ T8526] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 216.523108][ T8526] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 216.604681][ T8526] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 216.624928][ T8526] Node 0 DMA32 free:1322256kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:107096kB inactive_anon:0kB active_file:57328kB inactive_file:160768kB unevictable:1536kB writepending:672kB zspages:0kB present:3129332kB managed:2537380kB mlocked:0kB bounce:0kB free_pcp:23308kB local_pcp:6008kB free_cma:0kB [ 216.718696][ T8526] lowmem_reserve[]: 0 0 1 1 1 [ 216.724587][ T8526] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:4kB free_cma:0kB [ 216.816312][ T8526] lowmem_reserve[]: 0 0 0 0 0 [ 216.831307][ T8526] Node 1 Normal free:3944836kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 216.923296][ T8526] lowmem_reserve[]: 0 0 0 0 0 [ 216.930125][ T8526] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 217.009239][ T8526] Node 0 DMA32: 1594*4kB (UM) 1440*8kB (U) 797*16kB (UME) 94*32kB (UME) 12*64kB (UE) 25*128kB (UE) 35*256kB (UME) 50*512kB (UME) 18*1024kB (UME) 14*2048kB (UM) 292*4096kB (UM) = 1315320kB [ 217.059085][ T5144] Bluetooth: hci3: command 0x0406 tx timeout [ 217.068718][ T8526] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 217.096939][ T8526] Node 1 Normal: 1*4kB (M) 2*8kB (UM) 7*16kB (UM) 6*32kB (UM) 3*64kB (UM) 3*128kB (UM) 2*256kB (M) 2*512kB (M) 2*1024kB (UM) 0*2048kB 962*4096kB (M) = 3944836kB [ 217.154711][ T8526] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 217.198750][ T8526] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 217.219078][ T8526] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 217.256057][ T8526] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 217.288043][ T8526] 79639 total pagecache pages [ 217.293198][ T8526] 37 pages in swap cache [ 217.297497][ T8526] Free swap = 124860kB [ 217.302323][ T8526] Total swap = 124996kB [ 217.306525][ T8526] 2097051 pages RAM [ 217.310852][ T8526] 0 pages HighMem/MovableOnly [ 217.315879][ T8526] 430826 pages reserved [ 217.323354][ T8526] 0 pages cma reserved [ 217.812598][ T8560] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 217.846994][ T8560] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 218.074682][ T8570] netlink: 326 bytes leftover after parsing attributes in process `syz.2.963'. [ 219.105262][ T8593] netlink: 338 bytes leftover after parsing attributes in process `syz.0.969'. [ 219.144880][ T8590] raw_sendmsg: syz.2.968 forgot to set AF_INET. Fix it! [ 219.935797][ T8610] FAULT_INJECTION: forcing a failure. [ 219.935797][ T8610] name failslab, interval 1, probability 0, space 0, times 0 [ 219.993155][ T8610] CPU: 1 UID: 0 PID: 8610 Comm: syz.1.976 Not tainted syzkaller #0 PREEMPT(full) [ 219.993200][ T8610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 219.993221][ T8610] Call Trace: [ 219.993241][ T8610] [ 219.993253][ T8610] dump_stack_lvl+0x100/0x190 [ 219.993311][ T8610] should_fail_ex.cold+0x5/0xa [ 219.993351][ T8610] should_failslab+0xc2/0x120 [ 219.993388][ T8610] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 219.993442][ T8610] ? security_file_alloc+0x34/0x2c0 [ 219.993485][ T8610] ? trace_kmem_cache_alloc+0xf3/0x120 [ 219.993528][ T8610] security_file_alloc+0x34/0x2c0 [ 219.993572][ T8610] init_file+0x95/0x480 [ 219.993614][ T8610] alloc_empty_file+0x73/0x1c0 [ 219.993660][ T8610] alloc_file_clone+0x5f/0x110 [ 219.993707][ T8610] create_pipe_files+0x40e/0x970 [ 219.993750][ T8610] do_pipe2+0xbd/0x1e0 [ 219.993786][ T8610] ? __pfx_do_pipe2+0x10/0x10 [ 219.993837][ T8610] __x64_sys_pipe+0x33/0x50 [ 219.993873][ T8610] do_syscall_64+0x106/0xf80 [ 219.993920][ T8610] ? clear_bhb_loop+0x40/0x90 [ 219.993962][ T8610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.993998][ T8610] RIP: 0033:0x7f524019c799 [ 219.994026][ T8610] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 219.994059][ T8610] RSP: 002b:00007f52410c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 219.994092][ T8610] RAX: ffffffffffffffda RBX: 00007f5240415fa0 RCX: 00007f524019c799 [ 219.994115][ T8610] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 219.994136][ T8610] RBP: 00007f5240232c99 R08: 0000000000000000 R09: 0000000000000000 [ 219.994157][ T8610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 219.994177][ T8610] R13: 00007f5240416038 R14: 00007f5240415fa0 R15: 00007ffd4dfbec58 [ 219.994221][ T8610] [ 220.650770][ T8623] netlink: 342 bytes leftover after parsing attributes in process `syz.0.980'. [ 221.311896][ T8634] netlink: 330 bytes leftover after parsing attributes in process `syz.2.992'. [ 222.115070][ T8639] Invalid ELF header magic: != ELF [ 223.237648][ T8679] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1000'. [ 223.939514][ T8693] netlink: zone id is out of range [ 223.971875][ T8693] netlink: zone id is out of range [ 224.071954][ T8693] netlink: zone id is out of range [ 224.112710][ T8693] netlink: set zone limit has 8 unknown bytes [ 224.728569][ T8713] futex_wake_op: syz.1.1014 tries to shift op by -2048; fix this program [ 226.157055][ T8739] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1022'. [ 226.187210][ T8739] veth0_macvtap: left promiscuous mode [ 226.212763][ T8739] macvtap0: entered promiscuous mode [ 226.238693][ T8739] macvtap0: entered allmulticast mode [ 226.961433][ T8757] ubi0: attaching mtd0 [ 226.972716][ T8759] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1030'. [ 226.985240][ T8757] ubi0: scanning is finished [ 227.008785][ T8757] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 227.254458][ T8757] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 227.395743][ T8774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1035'. [ 227.412134][ T8774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1035'. [ 227.487722][ T8777] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1036'. [ 228.970794][ T8798] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 228.983546][ T8798] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 229.046351][ T8798] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 229.070617][ T8798] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 229.092089][ T8798] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 229.111262][ T8798] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 229.140606][ T8798] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 229.158544][ T8798] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 229.695207][ T8817] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1050'. [ 229.736344][ T8817] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 229.775776][ T8817] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 229.807928][ T8817] bond0 (unregistering): Released all slaves [ 230.298957][ T8826] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1053'. [ 230.972455][ T8846] FAULT_INJECTION: forcing a failure. [ 230.972455][ T8846] name failslab, interval 1, probability 0, space 0, times 0 [ 230.988512][ T5828] Bluetooth: hci0: command 0x0406 tx timeout [ 230.999001][ T8846] CPU: 0 UID: 0 PID: 8846 Comm: syz.2.1061 Tainted: G L syzkaller #0 PREEMPT(full) [ 230.999054][ T8846] Tainted: [L]=SOFTLOCKUP [ 230.999066][ T8846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 230.999086][ T8846] Call Trace: [ 230.999096][ T8846] [ 230.999109][ T8846] dump_stack_lvl+0x100/0x190 [ 230.999174][ T8846] should_fail_ex.cold+0x5/0xa [ 230.999212][ T8846] ? security_inode_init_security+0x113/0x370 [ 230.999263][ T8846] should_failslab+0xc2/0x120 [ 230.999301][ T8846] __kmalloc_noprof+0xe0/0x850 [ 230.999363][ T8846] security_inode_init_security+0x113/0x370 [ 230.999416][ T8846] ? __pfx_shmem_initxattrs+0x10/0x10 [ 230.999456][ T8846] ? __pfx_security_inode_init_security+0x10/0x10 [ 230.999519][ T8846] shmem_tmpfile+0xfa/0x210 [ 230.999561][ T8846] ? d_alloc+0x176/0x1e0 [ 230.999598][ T8846] ? __pfx_shmem_tmpfile+0x10/0x10 [ 230.999642][ T8846] ? do_raw_spin_unlock+0x145/0x1e0 [ 230.999694][ T8846] ? _raw_spin_unlock+0x28/0x50 [ 230.999742][ T8846] vfs_tmpfile+0x2be/0x9a0 [ 230.999789][ T8846] path_openat+0x164e/0x31a0 [ 230.999824][ T8846] ? kasan_save_stack+0x3f/0x50 [ 230.999877][ T8846] ? kasan_save_stack+0x30/0x50 [ 230.999930][ T8846] ? __kasan_slab_alloc+0x89/0x90 [ 230.999961][ T8846] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 231.000011][ T8846] ? do_getname+0x35/0x390 [ 231.000055][ T8846] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.000097][ T8846] ? __pfx_path_openat+0x10/0x10 [ 231.000158][ T8846] do_file_open+0x20e/0x430 [ 231.000198][ T8846] ? __pfx_do_file_open+0x10/0x10 [ 231.000266][ T8846] ? _raw_spin_unlock+0x28/0x50 [ 231.000308][ T8846] ? alloc_fd+0x476/0x790 [ 231.000355][ T8846] do_sys_openat2+0x10d/0x1e0 [ 231.000401][ T8846] ? __pfx_do_sys_openat2+0x10/0x10 [ 231.000449][ T8846] ? __fget_files+0x21f/0x3d0 [ 231.000492][ T8846] __x64_sys_open+0xfe/0x1d0 [ 231.000538][ T8846] ? __pfx___x64_sys_open+0x10/0x10 [ 231.000600][ T8846] do_syscall_64+0x106/0xf80 [ 231.000647][ T8846] ? clear_bhb_loop+0x40/0x90 [ 231.000691][ T8846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.000726][ T8846] RIP: 0033:0x7fd96619c799 [ 231.000754][ T8846] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 231.000787][ T8846] RSP: 002b:00007fd967123028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 231.000820][ T8846] RAX: ffffffffffffffda RBX: 00007fd966415fa0 RCX: 00007fd96619c799 [ 231.000859][ T8846] RDX: 78e22799f4a46e8e RSI: 0000000000518282 RDI: 0000200000000080 [ 231.000881][ T8846] RBP: 00007fd966232c99 R08: 0000000000000000 R09: 0000000000000000 [ 231.000902][ T8846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 231.000922][ T8846] R13: 00007fd966416038 R14: 00007fd966415fa0 R15: 00007ffccb8b61f8 [ 231.000968][ T8846] [ 231.285800][ T5828] Bluetooth: hci1: command 0x0406 tx timeout [ 231.291974][ T5828] Bluetooth: hci2: command 0x0406 tx timeout [ 231.298027][ T5828] Bluetooth: hci3: command 0x0406 tx timeout [ 231.905150][ T8863] FAULT_INJECTION: forcing a failure. [ 231.905150][ T8863] name failslab, interval 1, probability 0, space 0, times 0 [ 231.928453][ T8863] CPU: 0 UID: 0 PID: 8863 Comm: syz.1.1068 Tainted: G L syzkaller #0 PREEMPT(full) [ 231.928510][ T8863] Tainted: [L]=SOFTLOCKUP [ 231.928522][ T8863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 231.928543][ T8863] Call Trace: [ 231.928552][ T8863] [ 231.928563][ T8863] dump_stack_lvl+0x100/0x190 [ 231.928622][ T8863] should_fail_ex.cold+0x5/0xa [ 231.928659][ T8863] ? __vb2_queue_alloc+0x23e/0x1160 [ 231.928688][ T8863] should_failslab+0xc2/0x120 [ 231.928719][ T8863] __kmalloc_noprof+0xe0/0x850 [ 231.928763][ T8863] ? bitmap_find_next_zero_area_off+0xb4/0xd0 [ 231.928819][ T8863] __vb2_queue_alloc+0x23e/0x1160 [ 231.928867][ T8863] vb2_core_reqbufs+0x899/0xf30 [ 231.928905][ T8863] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 231.928955][ T8863] __vb2_init_fileio+0x32d/0x1000 [ 231.928986][ T8863] ? lockdep_hardirqs_on+0x78/0x100 [ 231.929029][ T8863] ? __pollwait+0x276/0x470 [ 231.929078][ T8863] vb2_core_poll+0x611/0x740 [ 231.929111][ T8863] vb2_poll+0x4b/0xe0 [ 231.929156][ T8863] vb2_fop_poll+0x10e/0x350 [ 231.929185][ T8863] ? __pfx_vb2_fop_poll+0x10/0x10 [ 231.929210][ T8863] v4l2_poll+0x15f/0x220 [ 231.929255][ T8863] ? __pfx_v4l2_poll+0x10/0x10 [ 231.929297][ T8863] do_sys_poll+0x6e5/0xeb0 [ 231.929354][ T8863] ? __pfx_do_sys_poll+0x10/0x10 [ 231.929428][ T8863] ? __futex_wait+0x256/0x300 [ 231.929474][ T8863] ? __pfx___pollwait+0x10/0x10 [ 231.929522][ T8863] ? __pfx_pollwake+0x10/0x10 [ 231.929615][ T8863] ? ktime_get_ts64+0x2d2/0x3f0 [ 231.929647][ T8863] ? read_tsc+0x9/0x20 [ 231.929677][ T8863] ? ktime_get_ts64+0x256/0x3f0 [ 231.929711][ T8863] ? poll_select_set_timeout+0xcc/0x160 [ 231.929756][ T8863] ? __x64_sys_futex+0x358/0x4d0 [ 231.929804][ T8863] __x64_sys_poll+0x1b3/0x420 [ 231.929832][ T8863] ? __pfx___x64_sys_poll+0x10/0x10 [ 231.929868][ T8863] do_syscall_64+0x106/0xf80 [ 231.929908][ T8863] ? clear_bhb_loop+0x40/0x90 [ 231.929943][ T8863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.929972][ T8863] RIP: 0033:0x7f524019c799 [ 231.929996][ T8863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 231.930023][ T8863] RSP: 002b:00007f52410c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 231.930050][ T8863] RAX: ffffffffffffffda RBX: 00007f5240415fa0 RCX: 00007f524019c799 [ 231.930069][ T8863] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480 [ 231.930085][ T8863] RBP: 00007f5240232c99 R08: 0000000000000000 R09: 0000000000000000 [ 231.930102][ T8863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 231.930118][ T8863] R13: 00007f5240416038 R14: 00007f5240415fa0 R15: 00007ffd4dfbec58 [ 231.930153][ T8863] [ 233.062969][ T5144] Bluetooth: hci0: command 0x0406 tx timeout [ 233.378851][ T5144] Bluetooth: hci3: command 0x0406 tx timeout [ 233.384968][ T5144] Bluetooth: hci2: command 0x0406 tx timeout [ 233.391708][ T5144] Bluetooth: hci1: command 0x0406 tx timeout [ 233.739788][ T8908] nbd: must specify at least one socket [ 235.732613][ T8933] ubi0: attaching mtd0 [ 235.741035][ T8933] ubi0: scanning is finished [ 235.745736][ T8933] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 235.911891][ T8933] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 236.434681][ T8961] random: crng reseeded on system resumption [ 236.574891][ T8963] Unrecognized hibernate image header format! [ 236.784560][ T8963] PM: hibernation: Image mismatch: architecture specific data [ 237.209072][ T8969] ubi0: attaching mtd0 [ 237.215399][ T8969] ubi0: scanning is finished [ 237.368723][ T8969] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 237.562511][ T8969] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 238.720404][ T9001] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 238.726698][ T9001] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 238.739025][ T9001] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 238.745210][ T9001] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 239.249623][ T9019] FAULT_INJECTION: forcing a failure. [ 239.249623][ T9019] name failslab, interval 1, probability 0, space 0, times 0 [ 239.263518][ T9019] CPU: 0 UID: 0 PID: 9019 Comm: syz.0.1121 Tainted: G L syzkaller #0 PREEMPT(full) [ 239.263570][ T9019] Tainted: [L]=SOFTLOCKUP [ 239.263581][ T9019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 239.263601][ T9019] Call Trace: [ 239.263612][ T9019] [ 239.263626][ T9019] dump_stack_lvl+0x100/0x190 [ 239.263685][ T9019] should_fail_ex.cold+0x5/0xa [ 239.263725][ T9019] should_failslab+0xc2/0x120 [ 239.263762][ T9019] __kmalloc_cache_noprof+0x7a/0x6f0 [ 239.263810][ T9019] ? apply_wqattrs_prepare+0x136/0xbb0 [ 239.263855][ T9019] apply_wqattrs_prepare+0x136/0xbb0 [ 239.263890][ T9019] ? __alloc_workqueue+0x901/0x1880 [ 239.263944][ T9019] apply_workqueue_attrs_locked+0x64/0xe0 [ 239.263983][ T9019] __alloc_workqueue+0xe25/0x1880 [ 239.264032][ T9019] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 239.264084][ T9019] alloc_workqueue_noprof+0xd2/0x200 [ 239.264126][ T9019] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 239.264182][ T9019] ? __pfx___debug_object_init+0x10/0x10 [ 239.264248][ T9019] nci_register_device+0x21e/0xb80 [ 239.264291][ T9019] ? __pfx_nci_register_device+0x10/0x10 [ 239.264337][ T9019] ? lockdep_init_map_type+0x5c/0x250 [ 239.264399][ T9019] virtual_ncidev_open+0x141/0x220 [ 239.264449][ T9019] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 239.264496][ T9019] misc_open+0x26d/0x450 [ 239.264536][ T9019] ? __pfx_misc_open+0x10/0x10 [ 239.264575][ T9019] chrdev_open+0x234/0x6a0 [ 239.264611][ T9019] ? __pfx_apparmor_file_open+0x10/0x10 [ 239.264669][ T9019] ? __pfx_chrdev_open+0x10/0x10 [ 239.264709][ T9019] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 239.264757][ T9019] do_dentry_open+0x6d8/0x1660 [ 239.264792][ T9019] ? __pfx_chrdev_open+0x10/0x10 [ 239.264839][ T9019] vfs_open+0x82/0x3f0 [ 239.264889][ T9019] path_openat+0x208c/0x31a0 [ 239.264941][ T9019] ? __pfx_path_openat+0x10/0x10 [ 239.264995][ T9019] do_file_open+0x20e/0x430 [ 239.265034][ T9019] ? __pfx_do_file_open+0x10/0x10 [ 239.265101][ T9019] ? alloc_fd+0x476/0x790 [ 239.265140][ T9019] ? do_getname+0x191/0x390 [ 239.265187][ T9019] do_sys_openat2+0x10d/0x1e0 [ 239.265232][ T9019] ? __pfx_do_sys_openat2+0x10/0x10 [ 239.265282][ T9019] ? __fget_files+0x21f/0x3d0 [ 239.265324][ T9019] __x64_sys_openat+0x12d/0x210 [ 239.265371][ T9019] ? __pfx___x64_sys_openat+0x10/0x10 [ 239.265444][ T9019] do_syscall_64+0x106/0xf80 [ 239.265494][ T9019] ? clear_bhb_loop+0x40/0x90 [ 239.265536][ T9019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.265572][ T9019] RIP: 0033:0x7ff503d9c799 [ 239.265600][ T9019] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 239.265633][ T9019] RSP: 002b:00007ff504d35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 239.265666][ T9019] RAX: ffffffffffffffda RBX: 00007ff504015fa0 RCX: 00007ff503d9c799 [ 239.265688][ T9019] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 239.265710][ T9019] RBP: 00007ff503e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 239.265731][ T9019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.265751][ T9019] R13: 00007ff504016038 R14: 00007ff504015fa0 R15: 00007ffcc4039978 [ 239.265796][ T9019] [ 240.739187][ T5144] Bluetooth: hci1: command 0x0406 tx timeout [ 240.739221][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 240.818727][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 240.824875][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 240.879292][ T9041] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 240.895978][ T9041] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 240.929270][ T9041] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 240.950223][ T9041] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 241.029692][ T9045] FAULT_INJECTION: forcing a failure. [ 241.029692][ T9045] name failslab, interval 1, probability 0, space 0, times 0 [ 241.073007][ T9045] CPU: 1 UID: 0 PID: 9045 Comm: syz.3.1129 Tainted: G L syzkaller #0 PREEMPT(full) [ 241.073064][ T9045] Tainted: [L]=SOFTLOCKUP [ 241.073077][ T9045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 241.073105][ T9045] Call Trace: [ 241.073116][ T9045] [ 241.073129][ T9045] dump_stack_lvl+0x100/0x190 [ 241.073188][ T9045] should_fail_ex.cold+0x5/0xa [ 241.073228][ T9045] should_failslab+0xc2/0x120 [ 241.073264][ T9045] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 241.073315][ T9045] ? dup_fd+0x4d/0xd10 [ 241.073348][ T9045] ? trace_kmalloc+0x101/0x130 [ 241.073388][ T9045] dup_fd+0x4d/0xd10 [ 241.073427][ T9045] ? apparmor_task_alloc+0x2c1/0x3b0 [ 241.073487][ T9045] copy_process+0x268f/0x7a40 [ 241.073547][ T9045] ? __pfx_copy_process+0x10/0x10 [ 241.073607][ T9045] kernel_clone+0xfc/0x9a0 [ 241.073643][ T9045] ? __pfx_futex_wait+0x10/0x10 [ 241.073698][ T9045] ? __pfx_kernel_clone+0x10/0x10 [ 241.073761][ T9045] __do_sys_clone+0xd9/0x120 [ 241.073801][ T9045] ? __pfx___do_sys_clone+0x10/0x10 [ 241.073876][ T9045] do_syscall_64+0x106/0xf80 [ 241.073930][ T9045] ? clear_bhb_loop+0x40/0x90 [ 241.073973][ T9045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.074008][ T9045] RIP: 0033:0x7f216879c799 [ 241.074036][ T9045] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 241.074068][ T9045] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 241.074106][ T9045] RAX: ffffffffffffffda RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 241.074129][ T9045] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 241.074149][ T9045] RBP: 00007f2168832c99 R08: 0000000000000002 R09: 0000000000000000 [ 241.074170][ T9045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.074190][ T9045] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 241.074234][ T9045] [ 241.283796][ T9049] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1131'. [ 241.850806][ T9067] FAULT_INJECTION: forcing a failure. [ 241.850806][ T9067] name failslab, interval 1, probability 0, space 0, times 0 [ 241.864049][ T9067] CPU: 0 UID: 0 PID: 9067 Comm: syz.1.1139 Tainted: G L syzkaller #0 PREEMPT(full) [ 241.864102][ T9067] Tainted: [L]=SOFTLOCKUP [ 241.864114][ T9067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 241.864133][ T9067] Call Trace: [ 241.864144][ T9067] [ 241.864156][ T9067] dump_stack_lvl+0x100/0x190 [ 241.864213][ T9067] should_fail_ex.cold+0x5/0xa [ 241.864252][ T9067] should_failslab+0xc2/0x120 [ 241.864287][ T9067] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 241.864338][ T9067] ? __pmd_alloc+0xbf/0x950 [ 241.864385][ T9067] __pmd_alloc+0xbf/0x950 [ 241.864439][ T9067] ? mt_find+0x687/0x8e0 [ 241.864495][ T9067] huge_pte_alloc+0x5ee/0x730 [ 241.864543][ T9067] hugetlb_fault+0x363/0x1450 [ 241.864593][ T9067] ? __pfx_hugetlb_fault+0x10/0x10 [ 241.864652][ T9067] ? find_vma+0xbf/0x140 [ 241.864684][ T9067] ? __pfx_find_vma+0x10/0x10 [ 241.864723][ T9067] handle_mm_fault+0x5f1/0xa20 [ 241.864780][ T9067] do_user_addr_fault+0x74c/0x12f0 [ 241.864860][ T9067] exc_page_fault+0x6f/0xd0 [ 241.864910][ T9067] asm_exc_page_fault+0x26/0x30 [ 241.864945][ T9067] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 241.864984][ T9067] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 [ 241.865017][ T9067] RSP: 0018:ffffc9000e647d30 EFLAGS: 00050202 [ 241.865044][ T9067] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 241.865064][ T9067] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc9000e647da0 [ 241.865085][ T9067] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52001cc8fb4 [ 241.865106][ T9067] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 241.865125][ T9067] R13: ffffc9000e647da0 R14: 0000000000000000 R15: 0000000000000000 [ 241.865168][ T9067] _copy_from_user+0x98/0xd0 [ 241.865209][ T9067] do_sock_getsockopt+0x30b/0x3d0 [ 241.865248][ T9067] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 241.865306][ T9067] __sys_getsockopt+0x133/0x1d0 [ 241.865367][ T9067] ? __x64_sys_getsockopt+0xbd/0x160 [ 241.865413][ T9067] __x64_sys_getsockopt+0xbd/0x160 [ 241.865461][ T9067] ? do_syscall_64+0x95/0xf80 [ 241.865509][ T9067] ? lockdep_hardirqs_on+0x78/0x100 [ 241.865557][ T9067] do_syscall_64+0x106/0xf80 [ 241.865610][ T9067] ? clear_bhb_loop+0x40/0x90 [ 241.865653][ T9067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.865689][ T9067] RIP: 0033:0x7f524019c799 [ 241.865716][ T9067] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 241.865748][ T9067] RSP: 002b:00007f52410c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 241.865779][ T9067] RAX: ffffffffffffffda RBX: 00007f5240415fa0 RCX: 00007f524019c799 [ 241.865801][ T9067] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003 [ 241.865821][ T9067] RBP: 00007f5240232c99 R08: 0000000000000000 R09: 0000000000000000 [ 241.865848][ T9067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.865869][ T9067] R13: 00007f5240416038 R14: 00007f5240415fa0 R15: 00007ffd4dfbec58 [ 241.865915][ T9067] [ 242.908312][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 242.908333][ T5144] Bluetooth: hci0: command 0x0406 tx timeout [ 242.988729][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 242.988882][ T5144] Bluetooth: hci2: command 0x0406 tx timeout [ 245.943122][ T9157] netlink: 'syz.3.1174': attribute type 15 has an invalid length. [ 245.951222][ T9157] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1174'. [ 247.763691][ T9199] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1190'. [ 247.774396][ T9199] openvswitch: netlink: IP tunnel dst address not specified [ 248.672806][ T9221] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1199'. [ 249.433697][ T9238] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1205'. [ 250.067033][ T9251] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1211'. [ 250.083578][ T9251] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1211'. [ 251.291455][ T9275] random: crng reseeded on system resumption [ 251.440474][ T9279] Unrecognized hibernate image header format! [ 251.446703][ T9279] PM: hibernation: Image mismatch: architecture specific data [ 253.205801][ T9335] process 'syz.1.1238' launched './file0' with NULL argv: empty string added [ 253.229810][ T9326] ERROR: Out of memory at tomoyo_memory_ok. [ 253.237551][ T9326] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /sbin/start-stop-daemon /usr/sbin/sshd /usr/libexec/sshd-session /bin/sh /root/syz-executor /root/syz-executor /newroot/316/file0' not defined. [ 253.268086][ T9335] ERROR: Out of memory at tomoyo_memory_ok. [ 255.944934][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.951453][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 259.259033][ T9486] FAULT_INJECTION: forcing a failure. [ 259.259033][ T9486] name failslab, interval 1, probability 0, space 0, times 0 [ 259.321663][ T9486] CPU: 0 UID: 0 PID: 9486 Comm: syz.0.1291 Tainted: G L syzkaller #0 PREEMPT(full) [ 259.321712][ T9486] Tainted: [L]=SOFTLOCKUP [ 259.321722][ T9486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 259.321739][ T9486] Call Trace: [ 259.321748][ T9486] [ 259.321759][ T9486] dump_stack_lvl+0x100/0x190 [ 259.321809][ T9486] should_fail_ex.cold+0x5/0xa [ 259.321844][ T9486] should_failslab+0xc2/0x120 [ 259.321875][ T9486] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 259.321926][ T9486] ? landlock_restrict_sibling_threads+0x48a/0x1280 [ 259.321975][ T9486] krealloc_node_align_noprof+0x30a/0x3e0 [ 259.322029][ T9486] landlock_restrict_sibling_threads+0x48a/0x1280 [ 259.322080][ T9486] ? __pfx_landlock_restrict_sibling_threads+0x10/0x10 [ 259.322156][ T9486] ? __pfx___might_resched+0x10/0x10 [ 259.322211][ T9486] ? landlock_merge_ruleset+0x213/0x830 [ 259.322254][ T9486] __do_sys_landlock_restrict_self+0x5c9/0x9e0 [ 259.322322][ T9486] do_syscall_64+0x106/0xf80 [ 259.322370][ T9486] ? clear_bhb_loop+0x40/0x90 [ 259.322420][ T9486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.322452][ T9486] RIP: 0033:0x7ff503d9c799 [ 259.322476][ T9486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 259.322504][ T9486] RSP: 002b:00007ff504d14028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 259.322533][ T9486] RAX: ffffffffffffffda RBX: 00007ff504016090 RCX: 00007ff503d9c799 [ 259.322552][ T9486] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000003 [ 259.322570][ T9486] RBP: 00007ff503e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 259.322588][ T9486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.322605][ T9486] R13: 00007ff504016128 R14: 00007ff504016090 R15: 00007ffcc4039978 [ 259.322643][ T9486] [ 259.680271][ T9498] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1298'. [ 259.889032][ T5144] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 259.889078][ T5144] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 259.904611][ T5144] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 259.904694][ T5144] Bluetooth: hci0: Unknown advertising packet type: 0x14 [ 259.912197][ T5144] Bluetooth: hci0: Unknown advertising packet type: 0x14 [ 259.920187][ T5144] Bluetooth: hci0: Unknown advertising packet type: 0x14 [ 259.930249][ T5144] Bluetooth: hci0: Unknown advertising packet type: 0x72 [ 259.938201][ T5144] Bluetooth: hci0: Unknown advertising packet type: 0x14 [ 259.958680][ T5144] Bluetooth: hci0: Malformed LE Event: 0x0d [ 260.902101][ T9541] input: jJǼ-9%vlQ J86 as /devices/virtual/input/input5 [ 260.977544][ T5178] ERROR: Out of memory at tomoyo_memory_ok. [ 261.460784][ T9549] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1317'. [ 262.203628][ T9572] pim6reg: entered allmulticast mode [ 262.788532][ T9593] vivid-007: ================= START STATUS ================= [ 262.796371][ T9593] vivid-007: Generate PTS: true [ 262.851189][ T9593] vivid-007: Generate SCR: true [ 262.856178][ T9593] tpg source WxH: 320x240 (Y'CbCr) [ 262.870251][ T9593] tpg field: 1 [ 262.878352][ T9593] tpg crop: (0,0)/320x240 [ 262.889614][ T9599] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1337'. [ 262.898879][ T9593] tpg compose: (0,0)/320x240 [ 262.909196][ T9593] tpg colorspace: 8 [ 262.928448][ T9593] tpg transfer function: 0/0 [ 262.957958][ T9593] tpg Y'CbCr encoding: 0/0 [ 262.969231][ T9593] tpg quantization: 0/0 [ 262.989733][ T9593] tpg RGB range: 0/2 [ 263.009668][ T9593] vivid-007: ================== END STATUS ================== [ 263.993379][ T9626] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1347'. [ 264.297851][ T9632] FAULT_INJECTION: forcing a failure. [ 264.297851][ T9632] name failslab, interval 1, probability 0, space 0, times 0 [ 264.322334][ T9632] CPU: 0 UID: 0 PID: 9632 Comm: syz.1.1350 Tainted: G L syzkaller #0 PREEMPT(full) [ 264.322389][ T9632] Tainted: [L]=SOFTLOCKUP [ 264.322401][ T9632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 264.322420][ T9632] Call Trace: [ 264.322431][ T9632] [ 264.322444][ T9632] dump_stack_lvl+0x100/0x190 [ 264.322503][ T9632] should_fail_ex.cold+0x5/0xa [ 264.322543][ T9632] should_failslab+0xc2/0x120 [ 264.322581][ T9632] __kmalloc_cache_noprof+0x7a/0x6f0 [ 264.322626][ T9632] ? snd_pcm_attach_substream+0x451/0xd60 [ 264.322676][ T9632] ? snd_ctl_get_preferred_subdevice+0x191/0x200 [ 264.322733][ T9632] snd_pcm_attach_substream+0x451/0xd60 [ 264.322795][ T9632] snd_pcm_open_substream+0x90/0x1850 [ 264.322847][ T9632] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 264.322915][ T9632] snd_pcm_oss_open+0x735/0x1390 [ 264.322976][ T9632] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 264.323016][ T9632] ? __lock_acquire+0x4a5/0x2630 [ 264.323061][ T9632] ? __pfx_default_wake_function+0x10/0x10 [ 264.323101][ T9632] ? __lock_acquire+0x4a5/0x2630 [ 264.323155][ T9632] ? do_raw_spin_lock+0x128/0x260 [ 264.323208][ T9632] ? soundcore_open+0x231/0x5a0 [ 264.323245][ T9632] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 264.323285][ T9632] soundcore_open+0x2e3/0x5a0 [ 264.323322][ T9632] ? __pfx_soundcore_open+0x10/0x10 [ 264.323355][ T9632] chrdev_open+0x234/0x6a0 [ 264.323390][ T9632] ? __pfx_apparmor_file_open+0x10/0x10 [ 264.323449][ T9632] ? __pfx_chrdev_open+0x10/0x10 [ 264.323488][ T9632] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 264.323534][ T9632] do_dentry_open+0x6d8/0x1660 [ 264.323567][ T9632] ? __pfx_chrdev_open+0x10/0x10 [ 264.323613][ T9632] vfs_open+0x82/0x3f0 [ 264.323660][ T9632] path_openat+0x208c/0x31a0 [ 264.323709][ T9632] ? __pfx_path_openat+0x10/0x10 [ 264.323761][ T9632] do_file_open+0x20e/0x430 [ 264.323800][ T9632] ? __pfx_do_file_open+0x10/0x10 [ 264.323866][ T9632] ? alloc_fd+0x476/0x790 [ 264.323904][ T9632] ? do_getname+0x191/0x390 [ 264.323958][ T9632] do_sys_openat2+0x10d/0x1e0 [ 264.324003][ T9632] ? __pfx_do_sys_openat2+0x10/0x10 [ 264.324052][ T9632] ? __fget_files+0x21f/0x3d0 [ 264.324093][ T9632] __x64_sys_openat+0x12d/0x210 [ 264.324142][ T9632] ? __pfx___x64_sys_openat+0x10/0x10 [ 264.324207][ T9632] do_syscall_64+0x106/0xf80 [ 264.324255][ T9632] ? clear_bhb_loop+0x40/0x90 [ 264.324297][ T9632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.324333][ T9632] RIP: 0033:0x7f524019c799 [ 264.324362][ T9632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 264.324395][ T9632] RSP: 002b:00007f52410c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 264.324428][ T9632] RAX: ffffffffffffffda RBX: 00007f5240415fa0 RCX: 00007f524019c799 [ 264.324451][ T9632] RDX: 0000000000020342 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 264.324473][ T9632] RBP: 00007f5240232c99 R08: 0000000000000000 R09: 0000000000000000 [ 264.324493][ T9632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 264.324513][ T9632] R13: 00007f5240416038 R14: 00007f5240415fa0 R15: 00007ffd4dfbec58 [ 264.324558][ T9632] [ 265.798037][ T9661] ACPI: button: Initial lid state set to 'ignore' [ 267.214839][ T9689] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1370'. [ 267.270331][ T9689] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1370'. [ 267.616418][ T9703] netlink: 'syz.1.1376': attribute type 4 has an invalid length. [ 267.641396][ T9703] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1376'. [ 267.989177][ T9716] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1382'. [ 268.339087][ T9726] random: crng reseeded on system resumption [ 268.992002][ T9751] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 269.766423][ T9775] zswap: compressor not available [ 270.246718][ T9793] zswap: compressor not available [ 270.510728][ T9809] FAULT_INJECTION: forcing a failure. [ 270.510728][ T9809] name failslab, interval 1, probability 0, space 0, times 0 [ 270.601402][ T9809] CPU: 1 UID: 0 PID: 9809 Comm: syz.1.1416 Tainted: G L syzkaller #0 PREEMPT(full) [ 270.601457][ T9809] Tainted: [L]=SOFTLOCKUP [ 270.601469][ T9809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 270.601489][ T9809] Call Trace: [ 270.601500][ T9809] [ 270.601512][ T9809] dump_stack_lvl+0x100/0x190 [ 270.601570][ T9809] should_fail_ex.cold+0x5/0xa [ 270.601611][ T9809] should_failslab+0xc2/0x120 [ 270.601650][ T9809] __kmalloc_cache_noprof+0x7a/0x6f0 [ 270.601696][ T9809] ? snd_seq_oss_writeq_new+0xb5/0x2b0 [ 270.601757][ T9809] snd_seq_oss_writeq_new+0xb5/0x2b0 [ 270.601808][ T9809] ? __pfx_snd_seq_oss_writeq_new+0x10/0x10 [ 270.601873][ T9809] ? __raw_spin_lock_init+0x3a/0x110 [ 270.601936][ T9809] snd_seq_oss_open+0x7bc/0xa10 [ 270.601980][ T9809] odev_open+0x79/0xc0 [ 270.602010][ T9809] ? __pfx_odev_open+0x10/0x10 [ 270.602040][ T9809] soundcore_open+0x2e3/0x5a0 [ 270.602077][ T9809] ? __pfx_soundcore_open+0x10/0x10 [ 270.602121][ T9809] chrdev_open+0x234/0x6a0 [ 270.602156][ T9809] ? __pfx_apparmor_file_open+0x10/0x10 [ 270.602215][ T9809] ? __pfx_chrdev_open+0x10/0x10 [ 270.602253][ T9809] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 270.602300][ T9809] do_dentry_open+0x6d8/0x1660 [ 270.602334][ T9809] ? __pfx_chrdev_open+0x10/0x10 [ 270.602382][ T9809] vfs_open+0x82/0x3f0 [ 270.602431][ T9809] path_openat+0x208c/0x31a0 [ 270.602482][ T9809] ? __pfx_path_openat+0x10/0x10 [ 270.602535][ T9809] do_file_open+0x20e/0x430 [ 270.602574][ T9809] ? __pfx_do_file_open+0x10/0x10 [ 270.602641][ T9809] ? alloc_fd+0x476/0x790 [ 270.602679][ T9809] ? do_getname+0x191/0x390 [ 270.602727][ T9809] do_sys_openat2+0x10d/0x1e0 [ 270.602775][ T9809] ? __pfx_do_sys_openat2+0x10/0x10 [ 270.602825][ T9809] ? __fget_files+0x21f/0x3d0 [ 270.602867][ T9809] __x64_sys_openat+0x12d/0x210 [ 270.602916][ T9809] ? __pfx___x64_sys_openat+0x10/0x10 [ 270.602980][ T9809] do_syscall_64+0x106/0xf80 [ 270.603028][ T9809] ? clear_bhb_loop+0x40/0x90 [ 270.603072][ T9809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.603115][ T9809] RIP: 0033:0x7f524019c799 [ 270.603143][ T9809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 270.603177][ T9809] RSP: 002b:00007f52410c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 270.603211][ T9809] RAX: ffffffffffffffda RBX: 00007f5240415fa0 RCX: 00007f524019c799 [ 270.603233][ T9809] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 270.603255][ T9809] RBP: 00007f5240232c99 R08: 0000000000000000 R09: 0000000000000000 [ 270.603275][ T9809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 270.603296][ T9809] R13: 00007f5240416038 R14: 00007f5240415fa0 R15: 00007ffd4dfbec58 [ 270.603339][ T9809] [ 271.255474][ T9823] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1422'. [ 271.398376][ T9825] netlink: 130 bytes leftover after parsing attributes in process `syz.1.1423'. [ 271.716536][ T9836] FAULT_INJECTION: forcing a failure. [ 271.716536][ T9836] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 271.730719][ T9836] CPU: 0 UID: 0 PID: 9836 Comm: syz.1.1426 Tainted: G L syzkaller #0 PREEMPT(full) [ 271.730770][ T9836] Tainted: [L]=SOFTLOCKUP [ 271.730782][ T9836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 271.730800][ T9836] Call Trace: [ 271.730811][ T9836] [ 271.730822][ T9836] dump_stack_lvl+0x100/0x190 [ 271.730879][ T9836] should_fail_ex.cold+0x5/0xa [ 271.730910][ T9836] ? prepare_alloc_pages+0x16d/0x5f0 [ 271.730955][ T9836] should_fail_alloc_page+0xeb/0x140 [ 271.730994][ T9836] prepare_alloc_pages+0x1f0/0x5f0 [ 271.731034][ T9836] ? arch_stack_walk+0xa6/0xf0 [ 271.731073][ T9836] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 271.731129][ T9836] ? stack_trace_save+0x8e/0xc0 [ 271.731159][ T9836] ? __pfx_stack_trace_save+0x10/0x10 [ 271.731188][ T9836] ? stack_depot_save_flags+0x27/0x9d0 [ 271.731239][ T9836] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 271.731290][ T9836] ? kasan_save_stack+0x3f/0x50 [ 271.731340][ T9836] ? kasan_save_stack+0x30/0x50 [ 271.731389][ T9836] ? kasan_save_track+0x14/0x30 [ 271.731448][ T9836] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 271.731501][ T9836] ? move_page_tables+0x3224/0x4500 [ 271.731550][ T9836] ? copy_vma_and_data+0x25c/0x7c0 [ 271.731598][ T9836] ? move_vma+0x51b/0x1890 [ 271.731643][ T9836] ? mremap_to+0x1b7/0x450 [ 271.731688][ T9836] ? do_mremap+0xb76/0x2130 [ 271.731736][ T9836] ? __do_sys_mremap+0x126/0x170 [ 271.731784][ T9836] ? do_syscall_64+0x106/0xf80 [ 271.731832][ T9836] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.731886][ T9836] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 271.731946][ T9836] ? policy_nodemask+0xed/0x4f0 [ 271.731985][ T9836] alloc_pages_mpol+0x1fb/0x550 [ 271.732020][ T9836] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 271.732069][ T9836] alloc_pages_noprof+0x131/0x390 [ 271.732108][ T9836] pte_alloc_one+0x1c/0x3d0 [ 271.732148][ T9836] __pte_alloc+0x6d/0x3e0 [ 271.732183][ T9836] ? __pfx___pte_alloc+0x10/0x10 [ 271.732218][ T9836] ? _raw_spin_unlock+0x28/0x50 [ 271.732268][ T9836] ? __pmd_alloc+0x3fb/0x950 [ 271.732312][ T9836] move_page_tables+0x257e/0x4500 [ 271.732367][ T9836] ? __pfx_copy_vma+0x10/0x10 [ 271.732435][ T9836] ? __pfx_move_page_tables+0x10/0x10 [ 271.732510][ T9836] ? finish_task_switch.isra.0+0x200/0xb80 [ 271.732554][ T9836] copy_vma_and_data+0x25c/0x7c0 [ 271.732610][ T9836] ? __pfx_copy_vma_and_data+0x10/0x10 [ 271.732680][ T9836] ? __vma_start_write+0x17f/0x280 [ 271.732725][ T9836] ? __pfx___vma_start_write+0x10/0x10 [ 271.732782][ T9836] move_vma+0x51b/0x1890 [ 271.732842][ T9836] ? __pfx_move_vma+0x10/0x10 [ 271.732897][ T9836] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 271.732939][ T9836] ? cap_mmap_addr+0x4b/0x120 [ 271.732993][ T9836] ? bpf_lsm_mmap_addr+0x9/0x30 [ 271.733023][ T9836] ? security_mmap_addr+0x71/0x1e0 [ 271.733065][ T9836] ? __get_unmapped_area+0x255/0x3e0 [ 271.733110][ T9836] ? vrm_set_new_addr+0x204/0x290 [ 271.733163][ T9836] mremap_to+0x1b7/0x450 [ 271.733217][ T9836] do_mremap+0xb76/0x2130 [ 271.733294][ T9836] ? __pfx_do_mremap+0x10/0x10 [ 271.733356][ T9836] ? ksys_write+0x190/0x250 [ 271.733399][ T9836] __do_sys_mremap+0x126/0x170 [ 271.733452][ T9836] ? __pfx___do_sys_mremap+0x10/0x10 [ 271.733516][ T9836] ? __x64_sys_futex+0x34f/0x4d0 [ 271.733588][ T9836] do_syscall_64+0x106/0xf80 [ 271.733636][ T9836] ? clear_bhb_loop+0x40/0x90 [ 271.733680][ T9836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.733716][ T9836] RIP: 0033:0x7f524019c799 [ 271.733744][ T9836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 271.733779][ T9836] RSP: 002b:00007f52410a1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 271.733813][ T9836] RAX: ffffffffffffffda RBX: 00007f5240416090 RCX: 00007f524019c799 [ 271.733836][ T9836] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 271.733858][ T9836] RBP: 00007f5240232c99 R08: 0000000100000000 R09: 0000000000000000 [ 271.733880][ T9836] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 271.733901][ T9836] R13: 00007f5240416128 R14: 00007f5240416090 R15: 00007ffd4dfbec58 [ 271.733947][ T9836] [ 272.409435][ T9844] FAULT_INJECTION: forcing a failure. [ 272.409435][ T9844] name failslab, interval 1, probability 0, space 0, times 0 [ 272.464967][ T9844] CPU: 1 UID: 0 PID: 9844 Comm: syz.0.1430 Tainted: G L syzkaller #0 PREEMPT(full) [ 272.465025][ T9844] Tainted: [L]=SOFTLOCKUP [ 272.465038][ T9844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 272.465058][ T9844] Call Trace: [ 272.465070][ T9844] [ 272.465083][ T9844] dump_stack_lvl+0x100/0x190 [ 272.465142][ T9844] should_fail_ex.cold+0x5/0xa [ 272.465178][ T9844] should_failslab+0xc2/0x120 [ 272.465221][ T9844] __kmalloc_cache_noprof+0x7a/0x6f0 [ 272.465265][ T9844] ? ring_buffer_read_start+0x149/0x460 [ 272.465326][ T9844] ring_buffer_read_start+0x149/0x460 [ 272.465377][ T9844] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 272.465423][ T9844] ? lockdep_init_map_type+0x5c/0x250 [ 272.465464][ T9844] ? ring_buffer_overruns+0x14e/0x1a0 [ 272.465502][ T9844] tracing_open+0x9cd/0xef0 [ 272.465543][ T9844] do_dentry_open+0x6d8/0x1660 [ 272.465570][ T9844] ? __pfx_tracing_open+0x10/0x10 [ 272.465617][ T9844] vfs_open+0x82/0x3f0 [ 272.465666][ T9844] path_openat+0x208c/0x31a0 [ 272.465715][ T9844] ? __pfx_path_openat+0x10/0x10 [ 272.465770][ T9844] do_file_open+0x20e/0x430 [ 272.465810][ T9844] ? __pfx_do_file_open+0x10/0x10 [ 272.465875][ T9844] ? alloc_fd+0x476/0x790 [ 272.465912][ T9844] ? do_getname+0x191/0x390 [ 272.465956][ T9844] do_sys_openat2+0x10d/0x1e0 [ 272.466002][ T9844] ? __pfx_do_sys_openat2+0x10/0x10 [ 272.466048][ T9844] ? __fget_files+0x21f/0x3d0 [ 272.466087][ T9844] __x64_sys_openat+0x12d/0x210 [ 272.466133][ T9844] ? __pfx___x64_sys_openat+0x10/0x10 [ 272.466197][ T9844] do_syscall_64+0x106/0xf80 [ 272.466251][ T9844] ? clear_bhb_loop+0x40/0x90 [ 272.466293][ T9844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.466327][ T9844] RIP: 0033:0x7ff503d9c799 [ 272.466355][ T9844] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 272.466389][ T9844] RSP: 002b:00007ff504d35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 272.466421][ T9844] RAX: ffffffffffffffda RBX: 00007ff504015fa0 RCX: 00007ff503d9c799 [ 272.466443][ T9844] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 272.466466][ T9844] RBP: 00007ff503e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 272.466488][ T9844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.466508][ T9844] R13: 00007ff504016038 R14: 00007ff504015fa0 R15: 00007ffcc4039978 [ 272.466554][ T9844] [ 272.852427][ T9853] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1437'. [ 272.878631][ T9853] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1437'. [ 273.409308][ T9874] FAULT_INJECTION: forcing a failure. [ 273.409308][ T9874] name failslab, interval 1, probability 0, space 0, times 0 [ 273.436982][ T9874] CPU: 1 UID: 0 PID: 9874 Comm: syz.1.1443 Tainted: G L syzkaller #0 PREEMPT(full) [ 273.437040][ T9874] Tainted: [L]=SOFTLOCKUP [ 273.437054][ T9874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 273.437075][ T9874] Call Trace: [ 273.437086][ T9874] [ 273.437100][ T9874] dump_stack_lvl+0x100/0x190 [ 273.437243][ T9874] should_fail_ex.cold+0x5/0xa [ 273.437291][ T9874] should_failslab+0xc2/0x120 [ 273.437330][ T9874] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 273.437386][ T9874] ? security_inode_alloc+0x3b/0x2c0 [ 273.437421][ T9874] ? lockdep_init_map_type+0x5c/0x250 [ 273.437475][ T9874] security_inode_alloc+0x3b/0x2c0 [ 273.437514][ T9874] inode_init_always_gfp+0xced/0x1040 [ 273.437558][ T9874] alloc_inode+0x8e/0x250 [ 273.437605][ T9874] path_from_stashed+0x25b/0x750 [ 273.437644][ T9874] ? do_raw_spin_unlock+0x145/0x1e0 [ 273.437709][ T9874] ns_get_path+0x60/0x80 [ 273.437746][ T9874] proc_ns_get_link+0x121/0x230 [ 273.437797][ T9874] ? __pfx_proc_ns_get_link+0x10/0x10 [ 273.437864][ T9874] ? atime_needs_update+0x8b/0x6b0 [ 273.437921][ T9874] pick_link+0xd17/0x13c0 [ 273.437973][ T9874] ? __pfx_proc_ns_get_link+0x10/0x10 [ 273.438030][ T9874] step_into_slowpath+0x9ba/0xf90 [ 273.438092][ T9874] ? __pfx_step_into_slowpath+0x10/0x10 [ 273.438145][ T9874] ? find_held_lock+0x2b/0x80 [ 273.438191][ T9874] path_openat+0xf95/0x31a0 [ 273.438240][ T9874] ? __pfx_path_openat+0x10/0x10 [ 273.438293][ T9874] do_file_open+0x20e/0x430 [ 273.438334][ T9874] ? __pfx_do_file_open+0x10/0x10 [ 273.438400][ T9874] ? alloc_fd+0x476/0x790 [ 273.438440][ T9874] ? do_getname+0x191/0x390 [ 273.438487][ T9874] do_sys_openat2+0x10d/0x1e0 [ 273.438532][ T9874] ? __pfx_do_sys_openat2+0x10/0x10 [ 273.438580][ T9874] ? __fget_files+0x21f/0x3d0 [ 273.438619][ T9874] __x64_sys_openat+0x12d/0x210 [ 273.438665][ T9874] ? __pfx___x64_sys_openat+0x10/0x10 [ 273.438727][ T9874] do_syscall_64+0x106/0xf80 [ 273.438777][ T9874] ? clear_bhb_loop+0x40/0x90 [ 273.438817][ T9874] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.438861][ T9874] RIP: 0033:0x7f524015cfce [ 273.438890][ T9874] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 273.438924][ T9874] RSP: 002b:00007f52410c1ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 273.438959][ T9874] RAX: ffffffffffffffda RBX: 00007f52410c26c0 RCX: 00007f524015cfce [ 273.438981][ T9874] RDX: 0000000000000002 RSI: 00007f52410c1f90 RDI: ffffffffffffff9c [ 273.439001][ T9874] RBP: 00007f5240232c99 R08: 0000000000000000 R09: 0000000000000000 [ 273.439022][ T9874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.439043][ T9874] R13: 00007f5240416038 R14: 00007f5240415fa0 R15: 00007ffd4dfbec58 [ 273.439088][ T9874] [ 276.172512][ T9965] Unable to find swap-space signature [ 277.178214][ T9999] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1494'. [ 277.383166][T10002] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1495'. [ 277.619811][T10008] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1499'. [ 277.677381][T10009] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1497'. [ 277.815556][T10011] FAULT_INJECTION: forcing a failure. [ 277.815556][T10011] name failslab, interval 1, probability 0, space 0, times 0 [ 277.828973][T10008] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1499'. [ 277.847159][T10011] CPU: 0 UID: 0 PID: 10011 Comm: syz.3.1500 Tainted: G L syzkaller #0 PREEMPT(full) [ 277.847216][T10011] Tainted: [L]=SOFTLOCKUP [ 277.847228][T10011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 277.847248][T10011] Call Trace: [ 277.847259][T10011] [ 277.847272][T10011] dump_stack_lvl+0x100/0x190 [ 277.847332][T10011] should_fail_ex.cold+0x5/0xa [ 277.847372][T10011] should_failslab+0xc2/0x120 [ 277.847437][T10011] __kmalloc_cache_noprof+0x7a/0x6f0 [ 277.847484][T10011] ? snd_midi_event_new+0x6f/0x210 [ 277.847550][T10011] snd_midi_event_new+0x6f/0x210 [ 277.847607][T10011] snd_virmidi_input_open+0x107/0x4d0 [ 277.847650][T10011] open_substream+0x480/0x9e0 [ 277.847697][T10011] rawmidi_open_priv+0x55d/0x6f0 [ 277.847750][T10011] snd_rawmidi_open+0x4c9/0xba0 [ 277.847805][T10011] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 277.847855][T10011] ? __pfx_default_wake_function+0x10/0x10 [ 277.847895][T10011] ? kobject_get_unless_zero+0x156/0x200 [ 277.847956][T10011] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 277.848001][T10011] snd_open+0x22d/0x4c0 [ 277.848036][T10011] ? __pfx_snd_open+0x10/0x10 [ 277.848070][T10011] chrdev_open+0x234/0x6a0 [ 277.848106][T10011] ? __pfx_apparmor_file_open+0x10/0x10 [ 277.848165][T10011] ? __pfx_chrdev_open+0x10/0x10 [ 277.848203][T10011] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 277.848249][T10011] do_dentry_open+0x6d8/0x1660 [ 277.848284][T10011] ? __pfx_chrdev_open+0x10/0x10 [ 277.848329][T10011] vfs_open+0x82/0x3f0 [ 277.848379][T10011] path_openat+0x208c/0x31a0 [ 277.848515][T10011] ? __pfx_path_openat+0x10/0x10 [ 277.848579][T10011] do_file_open+0x20e/0x430 [ 277.848618][T10011] ? __pfx_do_file_open+0x10/0x10 [ 277.848691][T10011] ? alloc_fd+0x476/0x790 [ 277.848732][T10011] ? do_getname+0x191/0x390 [ 277.848782][T10011] do_sys_openat2+0x10d/0x1e0 [ 277.848829][T10011] ? __pfx_do_sys_openat2+0x10/0x10 [ 277.848881][T10011] ? __fget_files+0x21f/0x3d0 [ 277.848925][T10011] __x64_sys_openat+0x12d/0x210 [ 277.848974][T10011] ? __pfx___x64_sys_openat+0x10/0x10 [ 277.849038][T10011] do_syscall_64+0x106/0xf80 [ 277.849088][T10011] ? clear_bhb_loop+0x40/0x90 [ 277.849134][T10011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.849174][T10011] RIP: 0033:0x7f216879c799 [ 277.849203][T10011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 277.849237][T10011] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 277.849272][T10011] RAX: ffffffffffffffda RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 277.849296][T10011] RDX: 0000000000080102 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 277.849319][T10011] RBP: 00007f2168832c99 R08: 0000000000000000 R09: 0000000000000000 [ 277.849342][T10011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.849363][T10011] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 277.849410][T10011] [ 278.484402][T10019] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1502'. [ 279.763909][T10049] netlink: 130 bytes leftover after parsing attributes in process `syz.0.1514'. [ 280.860464][T10070] capability: warning: `syz.3.1524' uses 32-bit capabilities (legacy support in use) [ 282.567248][T10118] FAULT_INJECTION: forcing a failure. [ 282.567248][T10118] name failslab, interval 1, probability 0, space 0, times 0 [ 282.644647][T10118] CPU: 0 UID: 0 PID: 10118 Comm: syz.2.1541 Tainted: G L syzkaller #0 PREEMPT(full) [ 282.644701][T10118] Tainted: [L]=SOFTLOCKUP [ 282.644713][T10118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 282.644733][T10118] Call Trace: [ 282.644744][T10118] [ 282.644757][T10118] dump_stack_lvl+0x100/0x190 [ 282.644815][T10118] should_fail_ex.cold+0x5/0xa [ 282.644858][T10118] should_failslab+0xc2/0x120 [ 282.644897][T10118] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 282.644950][T10118] ? vm_area_dup+0x27/0x8e0 [ 282.644996][T10118] ? __vma_start_write+0x17f/0x280 [ 282.645051][T10118] vm_area_dup+0x27/0x8e0 [ 282.645103][T10118] dup_mmap+0x6f6/0x2180 [ 282.645162][T10118] ? __pfx_dup_mmap+0x10/0x10 [ 282.645202][T10118] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 282.645268][T10118] ? __lock_acquire+0x4a5/0x2630 [ 282.645316][T10118] ? find_held_lock+0x2b/0x80 [ 282.645348][T10118] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 282.645421][T10118] copy_process+0x7523/0x7a40 [ 282.645462][T10118] ? futex_unqueue+0x133/0x2c0 [ 282.645526][T10118] ? __pfx_copy_process+0x10/0x10 [ 282.645579][T10118] ? _copy_from_user+0x59/0xd0 [ 282.645626][T10118] kernel_clone+0xfc/0x9a0 [ 282.645669][T10118] ? __pfx_kernel_clone+0x10/0x10 [ 282.645720][T10118] ? __pfx_futex_wait+0x10/0x10 [ 282.645785][T10118] __do_sys_clone3+0x214/0x290 [ 282.645826][T10118] ? __pfx___do_sys_clone3+0x10/0x10 [ 282.645923][T10118] do_syscall_64+0x106/0xf80 [ 282.645973][T10118] ? clear_bhb_loop+0x40/0x90 [ 282.646017][T10118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.646053][T10118] RIP: 0033:0x7fd96619c799 [ 282.646083][T10118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 282.646116][T10118] RSP: 002b:00007fd967122ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 282.646150][T10118] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fd96619c799 [ 282.646173][T10118] RDX: 00007fd967122f10 RSI: 0000000000000058 RDI: 00007fd967122f10 [ 282.646195][T10118] RBP: 00007fd966232c99 R08: 0000000000000000 R09: 0000000000000058 [ 282.646218][T10118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 282.646238][T10118] R13: 00007fd966416038 R14: 00007fd966415fa0 R15: 00007ffccb8b61f8 [ 282.646295][T10118] [ 283.412295][T10131] FAULT_INJECTION: forcing a failure. [ 283.412295][T10131] name failslab, interval 1, probability 0, space 0, times 0 [ 283.446023][T10131] CPU: 1 UID: 0 PID: 10131 Comm: syz.3.1547 Tainted: G L syzkaller #0 PREEMPT(full) [ 283.446079][T10131] Tainted: [L]=SOFTLOCKUP [ 283.446092][T10131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 283.446113][T10131] Call Trace: [ 283.446125][T10131] [ 283.446138][T10131] dump_stack_lvl+0x100/0x190 [ 283.446196][T10131] should_fail_ex.cold+0x5/0xa [ 283.446237][T10131] should_failslab+0xc2/0x120 [ 283.446276][T10131] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 283.446331][T10131] ? __d_alloc+0x34/0xa80 [ 283.446377][T10131] __d_alloc+0x34/0xa80 [ 283.446418][T10131] d_alloc_parallel+0x111/0x14e0 [ 283.446468][T10131] ? stack_trace_save+0x8e/0xc0 [ 283.446503][T10131] ? __lock_acquire+0x4a5/0x2630 [ 283.446554][T10131] ? __pfx_d_alloc_parallel+0x10/0x10 [ 283.446608][T10131] ? lockdep_init_map_type+0x5c/0x250 [ 283.446657][T10131] ? lockdep_init_map_type+0x5c/0x250 [ 283.446711][T10131] __lookup_slow+0x193/0x460 [ 283.446759][T10131] ? __pfx___lookup_slow+0x10/0x10 [ 283.446826][T10131] ? __d_lookup+0x266/0x4a0 [ 283.446907][T10131] lookup_slow+0x50/0x70 [ 283.446964][T10131] link_path_walk+0x1377/0x1cc0 [ 283.447034][T10131] path_openat+0x1be/0x31a0 [ 283.447068][T10131] ? kasan_save_stack+0x3f/0x50 [ 283.447119][T10131] ? kasan_save_stack+0x30/0x50 [ 283.447171][T10131] ? kasan_save_track+0x14/0x30 [ 283.447224][T10131] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 283.447287][T10131] ? __pfx_path_openat+0x10/0x10 [ 283.447340][T10131] do_file_open+0x20e/0x430 [ 283.447380][T10131] ? __pfx_do_file_open+0x10/0x10 [ 283.447447][T10131] ? alloc_fd+0x476/0x790 [ 283.447487][T10131] ? do_getname+0x191/0x390 [ 283.447533][T10131] do_sys_openat2+0x10d/0x1e0 [ 283.447578][T10131] ? __pfx_do_sys_openat2+0x10/0x10 [ 283.447638][T10131] __x64_sys_openat+0x12d/0x210 [ 283.447683][T10131] ? __pfx___x64_sys_openat+0x10/0x10 [ 283.447744][T10131] do_syscall_64+0x106/0xf80 [ 283.447793][T10131] ? clear_bhb_loop+0x40/0x90 [ 283.447837][T10131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.447873][T10131] RIP: 0033:0x7f216879c799 [ 283.447901][T10131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 283.447944][T10131] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 283.447978][T10131] RAX: ffffffffffffffda RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 283.448002][T10131] RDX: 0000000000002400 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 283.448025][T10131] RBP: 00007f2168832c99 R08: 0000000000000000 R09: 0000000000000000 [ 283.448047][T10131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.448069][T10131] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 283.448113][T10131] [ 283.944333][T10147] netlink: 'syz.2.1553': attribute type 64 has an invalid length. [ 283.974402][T10147] netlink: 74 bytes leftover after parsing attributes in process `syz.2.1553'. [ 284.429372][T10159] random: crng reseeded on system resumption [ 284.444303][T10159] FAULT_INJECTION: forcing a failure. [ 284.444303][T10159] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 284.475002][T10159] CPU: 1 UID: 0 PID: 10159 Comm: syz.2.1558 Tainted: G L syzkaller #0 PREEMPT(full) [ 284.475066][T10159] Tainted: [L]=SOFTLOCKUP [ 284.475079][T10159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 284.475100][T10159] Call Trace: [ 284.475111][T10159] [ 284.475124][T10159] dump_stack_lvl+0x100/0x190 [ 284.475183][T10159] should_fail_ex.cold+0x5/0xa [ 284.475217][T10159] ? prepare_alloc_pages+0x16d/0x5f0 [ 284.475262][T10159] should_fail_alloc_page+0xeb/0x140 [ 284.475302][T10159] prepare_alloc_pages+0x1f0/0x5f0 [ 284.475350][T10159] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 284.475406][T10159] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 284.475473][T10159] ? stack_trace_save+0x8e/0xc0 [ 284.475510][T10159] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 284.475563][T10159] ? stack_depot_save_flags+0x27/0x9d0 [ 284.475605][T10159] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 284.475664][T10159] ? kasan_save_stack+0x3f/0x50 [ 284.475714][T10159] ? kasan_save_stack+0x30/0x50 [ 284.475765][T10159] ? kasan_save_track+0x14/0x30 [ 284.475825][T10159] ? do_sys_openat2+0x10d/0x1e0 [ 284.475868][T10159] ? __x64_sys_openat+0x12d/0x210 [ 284.475912][T10159] ? do_syscall_64+0x106/0xf80 [ 284.475959][T10159] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.475998][T10159] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 284.476057][T10159] ? policy_nodemask+0xed/0x4f0 [ 284.476106][T10159] alloc_pages_mpol+0x1fb/0x550 [ 284.476145][T10159] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 284.476183][T10159] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 284.476227][T10159] alloc_pages_noprof+0x131/0x390 [ 284.476267][T10159] get_zeroed_page_noprof+0x18/0xb0 [ 284.476306][T10159] get_image_page+0x18/0x1a0 [ 284.476362][T10159] alloc_rtree_node+0x3c/0xb0 [ 284.476417][T10159] memory_bm_create+0x65e/0xba0 [ 284.476493][T10159] create_basic_memory_bitmaps+0x10b/0x350 [ 284.476537][T10159] snapshot_open+0x230/0x2a0 [ 284.476575][T10159] ? __pfx_snapshot_open+0x10/0x10 [ 284.476616][T10159] misc_open+0x26d/0x450 [ 284.476657][T10159] ? __pfx_misc_open+0x10/0x10 [ 284.476696][T10159] chrdev_open+0x234/0x6a0 [ 284.476730][T10159] ? __pfx_apparmor_file_open+0x10/0x10 [ 284.476789][T10159] ? __pfx_chrdev_open+0x10/0x10 [ 284.476827][T10159] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 284.476873][T10159] do_dentry_open+0x6d8/0x1660 [ 284.476906][T10159] ? __pfx_chrdev_open+0x10/0x10 [ 284.476952][T10159] vfs_open+0x82/0x3f0 [ 284.477000][T10159] path_openat+0x208c/0x31a0 [ 284.477050][T10159] ? __pfx_path_openat+0x10/0x10 [ 284.477110][T10159] do_file_open+0x20e/0x430 [ 284.477149][T10159] ? __pfx_do_file_open+0x10/0x10 [ 284.477217][T10159] ? alloc_fd+0x476/0x790 [ 284.477255][T10159] ? do_getname+0x191/0x390 [ 284.477303][T10159] do_sys_openat2+0x10d/0x1e0 [ 284.477350][T10159] ? __pfx_do_sys_openat2+0x10/0x10 [ 284.477398][T10159] ? find_held_lock+0x2b/0x80 [ 284.477442][T10159] __x64_sys_openat+0x12d/0x210 [ 284.477490][T10159] ? __pfx___x64_sys_openat+0x10/0x10 [ 284.477554][T10159] do_syscall_64+0x106/0xf80 [ 284.477602][T10159] ? clear_bhb_loop+0x40/0x90 [ 284.477645][T10159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.477680][T10159] RIP: 0033:0x7fd96619c799 [ 284.477710][T10159] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 284.477744][T10159] RSP: 002b:00007fd967123028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 284.477778][T10159] RAX: ffffffffffffffda RBX: 00007fd966415fa0 RCX: 00007fd96619c799 [ 284.477800][T10159] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 284.477823][T10159] RBP: 00007fd966232c99 R08: 0000000000000000 R09: 0000000000000000 [ 284.477844][T10159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 284.477864][T10159] R13: 00007fd966416038 R14: 00007fd966415fa0 R15: 00007ffccb8b61f8 [ 284.477909][T10159] [ 284.974117][T10162] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1559'. [ 285.327929][T10168] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1563'. [ 285.423594][T10166] FAULT_INJECTION: forcing a failure. [ 285.423594][T10166] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 285.459510][T10166] CPU: 0 UID: 0 PID: 10166 Comm: syz.0.1561 Tainted: G L syzkaller #0 PREEMPT(full) [ 285.459565][T10166] Tainted: [L]=SOFTLOCKUP [ 285.459578][T10166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 285.459598][T10166] Call Trace: [ 285.459609][T10166] [ 285.459622][T10166] dump_stack_lvl+0x100/0x190 [ 285.459694][T10166] should_fail_ex.cold+0x5/0xa [ 285.459729][T10166] ? prepare_alloc_pages+0x16d/0x5f0 [ 285.459774][T10166] should_fail_alloc_page+0xeb/0x140 [ 285.459814][T10166] prepare_alloc_pages+0x1f0/0x5f0 [ 285.459852][T10166] ? arch_stack_walk+0xa6/0xf0 [ 285.459891][T10166] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 285.459953][T10166] ? stack_trace_save+0x8e/0xc0 [ 285.459988][T10166] ? __pfx_stack_trace_save+0x10/0x10 [ 285.460022][T10166] ? stack_depot_save_flags+0x27/0x9d0 [ 285.460073][T10166] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 285.460130][T10166] ? kasan_save_stack+0x3f/0x50 [ 285.460182][T10166] ? kasan_save_stack+0x30/0x50 [ 285.460235][T10166] ? kasan_save_track+0x14/0x30 [ 285.460285][T10166] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 285.460330][T10166] ? move_page_tables+0x3224/0x4500 [ 285.460370][T10166] ? copy_vma_and_data+0x25c/0x7c0 [ 285.460415][T10166] ? move_vma+0x51b/0x1890 [ 285.460461][T10166] ? mremap_to+0x1b7/0x450 [ 285.460506][T10166] ? do_mremap+0xb76/0x2130 [ 285.460553][T10166] ? __do_sys_mremap+0x126/0x170 [ 285.460601][T10166] ? do_syscall_64+0x106/0xf80 [ 285.460650][T10166] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.460713][T10166] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 285.460776][T10166] ? policy_nodemask+0xed/0x4f0 [ 285.460815][T10166] alloc_pages_mpol+0x1fb/0x550 [ 285.460853][T10166] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 285.460901][T10166] alloc_pages_noprof+0x131/0x390 [ 285.460942][T10166] pte_alloc_one+0x1c/0x3d0 [ 285.460981][T10166] __pte_alloc+0x6d/0x3e0 [ 285.461015][T10166] ? __pfx___pte_alloc+0x10/0x10 [ 285.461050][T10166] ? _raw_spin_unlock+0x28/0x50 [ 285.461093][T10166] ? __pmd_alloc+0x3fb/0x950 [ 285.461136][T10166] move_page_tables+0x257e/0x4500 [ 285.461190][T10166] ? __pfx_copy_vma+0x10/0x10 [ 285.461255][T10166] ? __pfx_move_page_tables+0x10/0x10 [ 285.461330][T10166] ? finish_task_switch.isra.0+0x200/0xb80 [ 285.461376][T10166] copy_vma_and_data+0x25c/0x7c0 [ 285.461432][T10166] ? __pfx_copy_vma_and_data+0x10/0x10 [ 285.461504][T10166] ? __vma_start_write+0x17f/0x280 [ 285.461551][T10166] ? __pfx___vma_start_write+0x10/0x10 [ 285.461609][T10166] move_vma+0x51b/0x1890 [ 285.461668][T10166] ? __pfx_move_vma+0x10/0x10 [ 285.461733][T10166] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 285.461776][T10166] ? cap_mmap_addr+0x4b/0x120 [ 285.461830][T10166] ? bpf_lsm_mmap_addr+0x9/0x30 [ 285.461860][T10166] ? security_mmap_addr+0x71/0x1e0 [ 285.461904][T10166] ? __get_unmapped_area+0x255/0x3e0 [ 285.461948][T10166] ? vrm_set_new_addr+0x204/0x290 [ 285.462003][T10166] mremap_to+0x1b7/0x450 [ 285.462058][T10166] do_mremap+0xb76/0x2130 [ 285.462128][T10166] ? __pfx_do_mremap+0x10/0x10 [ 285.462189][T10166] ? ksys_write+0x190/0x250 [ 285.462233][T10166] __do_sys_mremap+0x126/0x170 [ 285.462286][T10166] ? __pfx___do_sys_mremap+0x10/0x10 [ 285.462350][T10166] ? __x64_sys_futex+0x34f/0x4d0 [ 285.462424][T10166] do_syscall_64+0x106/0xf80 [ 285.462473][T10166] ? clear_bhb_loop+0x40/0x90 [ 285.462517][T10166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.462555][T10166] RIP: 0033:0x7ff503d9c799 [ 285.462584][T10166] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 285.462618][T10166] RSP: 002b:00007ff504d35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 285.462652][T10166] RAX: ffffffffffffffda RBX: 00007ff504015fa0 RCX: 00007ff503d9c799 [ 285.462675][T10166] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 285.462705][T10166] RBP: 00007ff503e32c99 R08: 0000000100000000 R09: 0000000000000000 [ 285.462727][T10166] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 285.462748][T10166] R13: 00007ff504016038 R14: 00007ff504015fa0 R15: 00007ffcc4039978 [ 285.462795][T10166] [ 286.509537][T10202] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1576'. [ 286.609928][T10205] FAULT_INJECTION: forcing a failure. [ 286.609928][T10205] name failslab, interval 1, probability 0, space 0, times 0 [ 286.648718][T10205] CPU: 0 UID: 0 PID: 10205 Comm: syz.3.1577 Tainted: G L syzkaller #0 PREEMPT(full) [ 286.648772][T10205] Tainted: [L]=SOFTLOCKUP [ 286.648784][T10205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 286.648806][T10205] Call Trace: [ 286.648818][T10205] [ 286.648831][T10205] dump_stack_lvl+0x100/0x190 [ 286.648889][T10205] should_fail_ex.cold+0x5/0xa [ 286.648929][T10205] should_failslab+0xc2/0x120 [ 286.648968][T10205] __kmalloc_cache_noprof+0x7a/0x6f0 [ 286.649016][T10205] ? __do_sys_memfd_create+0x170/0x3d0 [ 286.649073][T10205] __do_sys_memfd_create+0x170/0x3d0 [ 286.649125][T10205] do_syscall_64+0x106/0xf80 [ 286.649175][T10205] ? clear_bhb_loop+0x40/0x90 [ 286.649219][T10205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.649256][T10205] RIP: 0033:0x7f216879c799 [ 286.649284][T10205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 286.649319][T10205] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 286.649352][T10205] RAX: ffffffffffffffda RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 286.649376][T10205] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 286.649397][T10205] RBP: 00007f2168832c99 R08: 0000000000000000 R09: 0000000000000000 [ 286.649419][T10205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 286.649439][T10205] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 286.649485][T10205] [ 286.835038][T10209] FAULT_INJECTION: forcing a failure. [ 286.835038][T10209] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 286.848502][T10209] CPU: 0 UID: 0 PID: 10209 Comm: syz.0.1579 Tainted: G L syzkaller #0 PREEMPT(full) [ 286.848562][T10209] Tainted: [L]=SOFTLOCKUP [ 286.848574][T10209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 286.848601][T10209] Call Trace: [ 286.848612][T10209] [ 286.848624][T10209] dump_stack_lvl+0x100/0x190 [ 286.848675][T10209] should_fail_ex.cold+0x5/0xa [ 286.848704][T10209] ? prepare_alloc_pages+0x16d/0x5f0 [ 286.848739][T10209] should_fail_alloc_page+0xeb/0x140 [ 286.848773][T10209] prepare_alloc_pages+0x1f0/0x5f0 [ 286.848811][T10209] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 286.848859][T10209] ? ima_match_policy+0x8c4/0x2350 [ 286.848892][T10209] ? ima_match_policy+0x8c4/0x2350 [ 286.848928][T10209] ? __lock_acquire+0x4a5/0x2630 [ 286.848973][T10209] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 286.849016][T10209] ? __lock_acquire+0x4a5/0x2630 [ 286.849054][T10209] ? look_up_lock_class+0x55/0x120 [ 286.849096][T10209] ? register_lock_class+0x40/0x560 [ 286.849140][T10209] ? lock_acquire+0x1cf/0x380 [ 286.849181][T10209] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 286.849232][T10209] ? policy_nodemask+0xed/0x4f0 [ 286.849265][T10209] alloc_pages_mpol+0x1fb/0x550 [ 286.849296][T10209] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 286.849326][T10209] ? __pfx___pollwait+0x10/0x10 [ 286.849370][T10209] ? mark_held_locks+0x40/0x70 [ 286.849409][T10209] alloc_pages_noprof+0x131/0x390 [ 286.849440][T10209] ? __pfx___pollwait+0x10/0x10 [ 286.849482][T10209] get_free_pages_noprof+0x10/0xb0 [ 286.849511][T10209] __pollwait+0x29a/0x470 [ 286.849554][T10209] ? __pfx___pollwait+0x10/0x10 [ 286.849606][T10209] ? __pfx___pollwait+0x10/0x10 [ 286.849648][T10209] vb2_poll+0x8c/0xe0 [ 286.849696][T10209] vb2_fop_poll+0x10e/0x350 [ 286.849725][T10209] ? __pfx_vb2_fop_poll+0x10/0x10 [ 286.849751][T10209] v4l2_poll+0x15f/0x220 [ 286.849795][T10209] ? __pfx_v4l2_poll+0x10/0x10 [ 286.849838][T10209] do_sys_poll+0x6e5/0xeb0 [ 286.849883][T10209] ? lockdep_hardirqs_on+0x78/0x100 [ 286.849934][T10209] ? __pfx_do_sys_poll+0x10/0x10 [ 286.849979][T10209] ? __lock_acquire+0x4a5/0x2630 [ 286.850043][T10209] ? futex_unqueue+0x13d/0x2c0 [ 286.850079][T10209] ? __pfx___pollwait+0x10/0x10 [ 286.850128][T10209] ? __pfx_pollwake+0x10/0x10 [ 286.850174][T10209] ? __pfx_pollwake+0x10/0x10 [ 286.850221][T10209] ? __pfx_pollwake+0x10/0x10 [ 286.850268][T10209] ? __pfx_pollwake+0x10/0x10 [ 286.850314][T10209] ? __pfx_pollwake+0x10/0x10 [ 286.850361][T10209] ? __pfx_pollwake+0x10/0x10 [ 286.850407][T10209] ? __pfx_pollwake+0x10/0x10 [ 286.850453][T10209] ? __pfx_pollwake+0x10/0x10 [ 286.850500][T10209] ? __pfx_pollwake+0x10/0x10 [ 286.850547][T10209] ? do_futex+0x192/0x350 [ 286.850582][T10209] ? set_user_sigmask+0x1e1/0x270 [ 286.850636][T10209] ? __pfx_set_user_sigmask+0x10/0x10 [ 286.850681][T10209] ? __pfx___might_resched+0x10/0x10 [ 286.850725][T10209] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 286.850774][T10209] __x64_sys_ppoll+0x2b5/0x350 [ 286.850805][T10209] ? __pfx___x64_sys_ppoll+0x10/0x10 [ 286.850847][T10209] do_syscall_64+0x106/0xf80 [ 286.850886][T10209] ? clear_bhb_loop+0x40/0x90 [ 286.850922][T10209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.850951][T10209] RIP: 0033:0x7ff503d9c799 [ 286.850976][T10209] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 286.851005][T10209] RSP: 002b:00007ff504d35028 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 286.851034][T10209] RAX: ffffffffffffffda RBX: 00007ff504015fa0 RCX: 00007ff503d9c799 [ 286.851053][T10209] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000200000000200 [ 286.851071][T10209] RBP: 00007ff503e32c99 R08: 0000000000000008 R09: 0000000000000000 [ 286.851089][T10209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 286.851106][T10209] R13: 00007ff504016038 R14: 00007ff504015fa0 R15: 00007ffcc4039978 [ 286.851143][T10209] [ 287.893937][T10217] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1582'. [ 289.109366][T10243] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1590'. [ 289.602064][T10261] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1599'. [ 291.366348][T10301] FAULT_INJECTION: forcing a failure. [ 291.366348][T10301] name failslab, interval 1, probability 0, space 0, times 0 [ 291.412397][T10301] CPU: 0 UID: 0 PID: 10301 Comm: syz.3.1609 Tainted: G L syzkaller #0 PREEMPT(full) [ 291.412477][T10301] Tainted: [L]=SOFTLOCKUP [ 291.412490][T10301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 291.412511][T10301] Call Trace: [ 291.412522][T10301] [ 291.412535][T10301] dump_stack_lvl+0x100/0x190 [ 291.412598][T10301] should_fail_ex.cold+0x5/0xa [ 291.412638][T10301] should_failslab+0xc2/0x120 [ 291.412678][T10301] __kmalloc_cache_noprof+0x7a/0x6f0 [ 291.412727][T10301] ? ring_buffer_read_start+0x149/0x460 [ 291.412791][T10301] ring_buffer_read_start+0x149/0x460 [ 291.412844][T10301] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 291.412897][T10301] ? lockdep_init_map_type+0x5c/0x250 [ 291.412948][T10301] ? ring_buffer_overruns+0x14e/0x1a0 [ 291.412998][T10301] tracing_open+0x9cd/0xef0 [ 291.413050][T10301] do_dentry_open+0x6d8/0x1660 [ 291.413085][T10301] ? __pfx_tracing_open+0x10/0x10 [ 291.413138][T10301] vfs_open+0x82/0x3f0 [ 291.413187][T10301] path_openat+0x208c/0x31a0 [ 291.413240][T10301] ? __pfx_path_openat+0x10/0x10 [ 291.413293][T10301] do_file_open+0x20e/0x430 [ 291.413334][T10301] ? __pfx_do_file_open+0x10/0x10 [ 291.413404][T10301] ? alloc_fd+0x476/0x790 [ 291.413444][T10301] ? do_getname+0x191/0x390 [ 291.413508][T10301] do_sys_openat2+0x10d/0x1e0 [ 291.413556][T10301] ? __pfx_do_sys_openat2+0x10/0x10 [ 291.413607][T10301] ? __fget_files+0x21f/0x3d0 [ 291.413649][T10301] __x64_sys_openat+0x12d/0x210 [ 291.413698][T10301] ? __pfx___x64_sys_openat+0x10/0x10 [ 291.413763][T10301] do_syscall_64+0x106/0xf80 [ 291.413812][T10301] ? clear_bhb_loop+0x40/0x90 [ 291.413855][T10301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.413891][T10301] RIP: 0033:0x7f216879c799 [ 291.413919][T10301] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 291.413954][T10301] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 291.413987][T10301] RAX: ffffffffffffffda RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 291.414011][T10301] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 291.414034][T10301] RBP: 00007f2168832c99 R08: 0000000000000000 R09: 0000000000000000 [ 291.414056][T10301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 291.414077][T10301] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 291.414123][T10301] [ 292.387467][T10322] sg_write: data in/out 1886744398/84 bytes for SCSI command 0x72-- guessing data in; [ 292.387467][T10322] program syz.3.1616 not setting count and/or reply_len properly [ 294.881468][T10387] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1645'. [ 295.720335][T10415] input: jJǼ-9%vlQ J86 as /devices/virtual/input/input7 [ 296.286498][T10422] vivid-007: ================= START STATUS ================= [ 296.302203][T10422] vivid-007: Generate PTS: true [ 296.312682][T10422] vivid-007: Generate SCR: true [ 296.335173][T10422] tpg source WxH: 320x240 (Y'CbCr) [ 296.350522][T10422] tpg field: 1 [ 296.360909][T10422] tpg crop: (0,0)/320x240 [ 296.375537][T10422] tpg compose: (0,0)/320x240 [ 296.392201][T10422] tpg colorspace: 8 [ 296.402879][T10422] tpg transfer function: 0/0 [ 296.419824][T10422] tpg Y'CbCr encoding: 0/0 [ 296.440046][T10422] tpg quantization: 0/0 [ 296.457808][T10422] tpg RGB range: 0/2 [ 296.485780][T10422] vivid-007: ================== END STATUS ================== [ 297.345051][T10443] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1656'. [ 298.952969][T10469] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1663'. [ 301.975926][T10538] FAULT_INJECTION: forcing a failure. [ 301.975926][T10538] name failslab, interval 1, probability 0, space 0, times 0 [ 301.988952][T10538] CPU: 0 UID: 0 PID: 10538 Comm: syz.2.1690 Tainted: G L syzkaller #0 PREEMPT(full) [ 301.989015][T10538] Tainted: [L]=SOFTLOCKUP [ 301.989027][T10538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 301.989047][T10538] Call Trace: [ 301.989058][T10538] [ 301.989071][T10538] dump_stack_lvl+0x100/0x190 [ 301.989141][T10538] should_fail_ex.cold+0x5/0xa [ 301.989183][T10538] should_failslab+0xc2/0x120 [ 301.989221][T10538] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 301.989274][T10538] ? __d_alloc+0x34/0xa80 [ 301.989323][T10538] __d_alloc+0x34/0xa80 [ 301.989366][T10538] d_alloc_parallel+0x111/0x14e0 [ 301.989541][T10538] ? stack_trace_save+0x8e/0xc0 [ 301.989589][T10538] ? __lock_acquire+0x4a5/0x2630 [ 301.989656][T10538] ? __pfx_d_alloc_parallel+0x10/0x10 [ 301.989713][T10538] ? lockdep_init_map_type+0x5c/0x250 [ 301.989762][T10538] ? lockdep_init_map_type+0x5c/0x250 [ 301.989817][T10538] __lookup_slow+0x193/0x460 [ 301.989864][T10538] ? __pfx___lookup_slow+0x10/0x10 [ 301.989931][T10538] ? __d_lookup+0x266/0x4a0 [ 301.989992][T10538] lookup_slow+0x50/0x70 [ 301.990037][T10538] link_path_walk+0x1377/0x1cc0 [ 301.990102][T10538] path_openat+0x1be/0x31a0 [ 301.990136][T10538] ? kasan_save_stack+0x3f/0x50 [ 301.990189][T10538] ? kasan_save_stack+0x30/0x50 [ 301.990243][T10538] ? kasan_save_track+0x14/0x30 [ 301.990298][T10538] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 301.990364][T10538] ? __pfx_path_openat+0x10/0x10 [ 301.990444][T10538] do_file_open+0x20e/0x430 [ 301.990486][T10538] ? __pfx_do_file_open+0x10/0x10 [ 301.990556][T10538] ? alloc_fd+0x476/0x790 [ 301.990596][T10538] ? do_getname+0x191/0x390 [ 301.990638][T10538] do_sys_openat2+0x10d/0x1e0 [ 301.990678][T10538] ? __pfx_do_sys_openat2+0x10/0x10 [ 301.990729][T10538] __x64_sys_openat+0x12d/0x210 [ 301.990769][T10538] ? __pfx___x64_sys_openat+0x10/0x10 [ 301.990824][T10538] do_syscall_64+0x106/0xf80 [ 301.990864][T10538] ? clear_bhb_loop+0x40/0x90 [ 301.990900][T10538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.990930][T10538] RIP: 0033:0x7fd96619c799 [ 301.990956][T10538] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 301.990984][T10538] RSP: 002b:00007fd967123028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 301.991013][T10538] RAX: ffffffffffffffda RBX: 00007fd966415fa0 RCX: 00007fd96619c799 [ 301.991032][T10538] RDX: 0000000000002400 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 301.991051][T10538] RBP: 00007fd966232c99 R08: 0000000000000000 R09: 0000000000000000 [ 301.991069][T10538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.991087][T10538] R13: 00007fd966416038 R14: 00007fd966415fa0 R15: 00007ffccb8b61f8 [ 301.991212][T10538] [ 303.613232][T10558] FAULT_INJECTION: forcing a failure. [ 303.613232][T10558] name failslab, interval 1, probability 0, space 0, times 0 [ 303.658693][T10558] CPU: 1 UID: 0 PID: 10558 Comm: syz.3.1695 Tainted: G L syzkaller #0 PREEMPT(full) [ 303.658750][T10558] Tainted: [L]=SOFTLOCKUP [ 303.658763][T10558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 303.658784][T10558] Call Trace: [ 303.658795][T10558] [ 303.658809][T10558] dump_stack_lvl+0x100/0x190 [ 303.658868][T10558] should_fail_ex.cold+0x5/0xa [ 303.658910][T10558] should_failslab+0xc2/0x120 [ 303.658947][T10558] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 303.659017][T10558] ? alloc_io_context+0x21/0x2f0 [ 303.659058][T10558] ? set_task_ioprio+0x48f/0x670 [ 303.659107][T10558] alloc_io_context+0x21/0x2f0 [ 303.659148][T10558] set_task_ioprio+0x49e/0x670 [ 303.659195][T10558] __do_sys_ioprio_set+0x55c/0xb40 [ 303.659230][T10558] ? __do_sys_ioprio_set+0x3de/0xb40 [ 303.659276][T10558] do_syscall_64+0x106/0xf80 [ 303.659324][T10558] ? clear_bhb_loop+0x40/0x90 [ 303.659367][T10558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.659403][T10558] RIP: 0033:0x7f216879c799 [ 303.659431][T10558] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 303.659465][T10558] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fb [ 303.659498][T10558] RAX: ffffffffffffffda RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 303.659521][T10558] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000003 [ 303.659542][T10558] RBP: 00007f2168832c99 R08: 0000000000000000 R09: 0000000000000000 [ 303.659563][T10558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.659584][T10558] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 303.659629][T10558] [ 304.085534][T10564] FAULT_INJECTION: forcing a failure. [ 304.085534][T10564] name failslab, interval 1, probability 0, space 0, times 0 [ 304.140261][T10564] CPU: 1 UID: 0 PID: 10564 Comm: syz.1.1697 Tainted: G L syzkaller #0 PREEMPT(full) [ 304.140321][T10564] Tainted: [L]=SOFTLOCKUP [ 304.140333][T10564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 304.140354][T10564] Call Trace: [ 304.140365][T10564] [ 304.140378][T10564] dump_stack_lvl+0x100/0x190 [ 304.140436][T10564] should_fail_ex.cold+0x5/0xa [ 304.140480][T10564] should_failslab+0xc2/0x120 [ 304.140517][T10564] __kmalloc_cache_noprof+0x7a/0x6f0 [ 304.140562][T10564] ? mon_text_open+0xe3/0x510 [ 304.140603][T10564] ? __pfx_mon_text_open+0x10/0x10 [ 304.140634][T10564] mon_text_open+0xe3/0x510 [ 304.140666][T10564] ? __pfx_mon_text_open+0x10/0x10 [ 304.140701][T10564] ? __debugfs_file_get+0x1fc/0x860 [ 304.140750][T10564] ? __pfx___debugfs_file_get+0x10/0x10 [ 304.140799][T10564] ? __pfx_apparmor_file_open+0x10/0x10 [ 304.140853][T10564] ? lockdown_is_locked_down+0x3d/0x140 [ 304.140904][T10564] ? bpf_lsm_locked_down+0x9/0x10 [ 304.140954][T10564] ? __pfx_mon_text_open+0x10/0x10 [ 304.140985][T10564] full_proxy_open_regular+0x1b6/0x370 [ 304.141043][T10564] do_dentry_open+0x6d8/0x1660 [ 304.141078][T10564] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 304.141144][T10564] vfs_open+0x82/0x3f0 [ 304.141193][T10564] path_openat+0x208c/0x31a0 [ 304.141244][T10564] ? __pfx_path_openat+0x10/0x10 [ 304.141296][T10564] do_file_open+0x20e/0x430 [ 304.141335][T10564] ? __pfx_do_file_open+0x10/0x10 [ 304.141402][T10564] ? alloc_fd+0x476/0x790 [ 304.141439][T10564] ? do_getname+0x191/0x390 [ 304.141487][T10564] do_sys_openat2+0x10d/0x1e0 [ 304.141533][T10564] ? __pfx_do_sys_openat2+0x10/0x10 [ 304.141583][T10564] ? __fget_files+0x21f/0x3d0 [ 304.141625][T10564] __x64_sys_openat+0x12d/0x210 [ 304.141672][T10564] ? __pfx___x64_sys_openat+0x10/0x10 [ 304.141735][T10564] do_syscall_64+0x106/0xf80 [ 304.141782][T10564] ? clear_bhb_loop+0x40/0x90 [ 304.141824][T10564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.141859][T10564] RIP: 0033:0x7f524019c799 [ 304.141888][T10564] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 304.141924][T10564] RSP: 002b:00007f52410c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 304.141965][T10564] RAX: ffffffffffffffda RBX: 00007f5240415fa0 RCX: 00007f524019c799 [ 304.141988][T10564] RDX: 0000000000080080 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 304.142011][T10564] RBP: 00007f5240232c99 R08: 0000000000000000 R09: 0000000000000000 [ 304.142032][T10564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 304.142053][T10564] R13: 00007f5240416038 R14: 00007f5240415fa0 R15: 00007ffd4dfbec58 [ 304.142098][T10564] [ 305.057952][T10580] netlink: 'syz.0.1705': attribute type 29 has an invalid length. [ 305.097182][T10580] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1705'. [ 305.354180][T10586] FAULT_INJECTION: forcing a failure. [ 305.354180][T10586] name fail_futex, interval 1, probability 0, space 0, times 1 [ 305.367460][T10586] CPU: 0 UID: 0 PID: 10586 Comm: syz.0.1709 Tainted: G L syzkaller #0 PREEMPT(full) [ 305.367515][T10586] Tainted: [L]=SOFTLOCKUP [ 305.367526][T10586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 305.367547][T10586] Call Trace: [ 305.367558][T10586] [ 305.367571][T10586] dump_stack_lvl+0x100/0x190 [ 305.367628][T10586] should_fail_ex.cold+0x5/0xa [ 305.367668][T10586] get_futex_key+0x1d2/0x1620 [ 305.367716][T10586] ? __pfx_get_futex_key+0x10/0x10 [ 305.367772][T10586] futex_wake+0xea/0x530 [ 305.367839][T10586] ? __pfx_futex_wake+0x10/0x10 [ 305.367909][T10586] do_futex+0x32b/0x350 [ 305.367958][T10586] ? __pfx_do_futex+0x10/0x10 [ 305.368002][T10586] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 305.368049][T10586] ? lockdep_hardirqs_on+0x78/0x100 [ 305.368098][T10586] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 305.368149][T10586] __x64_sys_futex+0x34f/0x4d0 [ 305.368202][T10586] ? __pfx___x64_sys_futex+0x10/0x10 [ 305.368264][T10586] do_syscall_64+0x106/0xf80 [ 305.368312][T10586] ? clear_bhb_loop+0x40/0x90 [ 305.368355][T10586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.368396][T10586] RIP: 0033:0x7ff503d9c799 [ 305.368425][T10586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 305.368460][T10586] RSP: 002b:00007ff504d350e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 305.368494][T10586] RAX: ffffffffffffffda RBX: 00007ff504015fa8 RCX: 00007ff503d9c799 [ 305.368516][T10586] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff504015fac [ 305.368539][T10586] RBP: 00007ff504015fa0 R08: 0000000000000000 R09: 0000000000000000 [ 305.368559][T10586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 305.368577][T10586] R13: 00007ff504016038 R14: 00007ffcc4039890 R15: 00007ffcc4039978 [ 305.368619][T10586] [ 307.112042][T10623] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1724'. [ 307.391619][T10632] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1728'. [ 307.405619][T10632] ipvlan0: entered promiscuous mode [ 307.418683][T10632] ipvlan0: entered allmulticast mode [ 307.438691][T10632] veth0_vlan: entered allmulticast mode [ 308.113300][T10649] FAULT_INJECTION: forcing a failure. [ 308.113300][T10649] name failslab, interval 1, probability 0, space 0, times 0 [ 308.189174][T10649] CPU: 0 UID: 0 PID: 10649 Comm: syz.2.1734 Tainted: G L syzkaller #0 PREEMPT(full) [ 308.189232][T10649] Tainted: [L]=SOFTLOCKUP [ 308.189245][T10649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 308.189266][T10649] Call Trace: [ 308.189278][T10649] [ 308.189292][T10649] dump_stack_lvl+0x100/0x190 [ 308.189351][T10649] should_fail_ex.cold+0x5/0xa [ 308.189392][T10649] should_failslab+0xc2/0x120 [ 308.189429][T10649] __kmalloc_cache_noprof+0x7a/0x6f0 [ 308.189476][T10649] ? mtdchar_open+0x1e5/0x340 [ 308.189510][T10649] ? find_held_lock+0x2b/0x80 [ 308.189543][T10649] ? chrdev_open+0x10b/0x6a0 [ 308.189584][T10649] mtdchar_open+0x1e5/0x340 [ 308.189620][T10649] ? __pfx_mtdchar_open+0x10/0x10 [ 308.189656][T10649] chrdev_open+0x234/0x6a0 [ 308.189691][T10649] ? __pfx_apparmor_file_open+0x10/0x10 [ 308.189750][T10649] ? __pfx_chrdev_open+0x10/0x10 [ 308.189799][T10649] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 308.189849][T10649] do_dentry_open+0x6d8/0x1660 [ 308.189883][T10649] ? __pfx_chrdev_open+0x10/0x10 [ 308.189930][T10649] vfs_open+0x82/0x3f0 [ 308.189979][T10649] path_openat+0x208c/0x31a0 [ 308.190030][T10649] ? __pfx_path_openat+0x10/0x10 [ 308.190083][T10649] do_file_open+0x20e/0x430 [ 308.190123][T10649] ? __pfx_do_file_open+0x10/0x10 [ 308.190189][T10649] ? alloc_fd+0x476/0x790 [ 308.190233][T10649] ? do_getname+0x191/0x390 [ 308.190281][T10649] do_sys_openat2+0x10d/0x1e0 [ 308.190328][T10649] ? __pfx_do_sys_openat2+0x10/0x10 [ 308.190379][T10649] ? __fget_files+0x21f/0x3d0 [ 308.190420][T10649] __x64_sys_openat+0x12d/0x210 [ 308.190480][T10649] ? __pfx___x64_sys_openat+0x10/0x10 [ 308.190543][T10649] do_syscall_64+0x106/0xf80 [ 308.190592][T10649] ? clear_bhb_loop+0x40/0x90 [ 308.190636][T10649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.190672][T10649] RIP: 0033:0x7fd96619c799 [ 308.190700][T10649] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 308.190735][T10649] RSP: 002b:00007fd967123028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 308.190769][T10649] RAX: ffffffffffffffda RBX: 00007fd966415fa0 RCX: 00007fd96619c799 [ 308.190800][T10649] RDX: 0000000000002c00 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 308.190823][T10649] RBP: 00007fd966232c99 R08: 0000000000000000 R09: 0000000000000000 [ 308.190845][T10649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.190865][T10649] R13: 00007fd966416038 R14: 00007fd966415fa0 R15: 00007ffccb8b61f8 [ 308.190911][T10649] [ 308.972661][T10668] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1740'. [ 310.749663][T10719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1758'. [ 311.562078][T10740] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1764'. [ 312.287595][T10755] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1771'. [ 312.660162][T10765] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1775'. [ 313.100498][T10771] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1777'. [ 313.181039][T10772] syz.3.1779 (10772): /proc/10770/oom_adj is deprecated, please use /proc/10770/oom_score_adj instead. [ 313.220149][T10771] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1777'. [ 313.248695][T10771] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1777'. [ 313.976370][T10791] FAULT_INJECTION: forcing a failure. [ 313.976370][T10791] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 314.011999][T10791] CPU: 1 UID: 0 PID: 10791 Comm: syz.1.1786 Tainted: G L syzkaller #0 PREEMPT(full) [ 314.012065][T10791] Tainted: [L]=SOFTLOCKUP [ 314.012078][T10791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 314.012098][T10791] Call Trace: [ 314.012109][T10791] [ 314.012122][T10791] dump_stack_lvl+0x100/0x190 [ 314.012181][T10791] should_fail_ex.cold+0x5/0xa [ 314.012215][T10791] ? prepare_alloc_pages+0x16d/0x5f0 [ 314.012258][T10791] should_fail_alloc_page+0xeb/0x140 [ 314.012298][T10791] prepare_alloc_pages+0x1f0/0x5f0 [ 314.012345][T10791] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 314.012410][T10791] ? try_to_migrate_one+0x13fd/0x3860 [ 314.012472][T10791] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 314.012544][T10791] ? reacquire_held_locks+0xce/0x1e0 [ 314.012589][T10791] ? folio_lock_anon_vma_read+0x348/0xe30 [ 314.012642][T10791] ? folio_lock_anon_vma_read+0x348/0xe30 [ 314.012694][T10791] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 314.012756][T10791] ? policy_nodemask+0xed/0x4f0 [ 314.012796][T10791] alloc_pages_mpol+0x1fb/0x550 [ 314.012835][T10791] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 314.012883][T10791] folio_alloc_mpol_noprof+0x36/0x340 [ 314.012930][T10791] alloc_migration_target_by_mpol+0x2c1/0x650 [ 314.012981][T10791] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 314.013036][T10791] ? __pfx___might_resched+0x10/0x10 [ 314.013090][T10791] ? folio_get_anon_vma+0x16b/0x980 [ 314.013143][T10791] migrate_pages_batch+0x4f2/0x4530 [ 314.013187][T10791] ? core_kernel_text+0x60/0xb0 [ 314.013237][T10791] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 314.013301][T10791] ? __pfx_migrate_pages_batch+0x10/0x10 [ 314.013347][T10791] ? __pfx_stack_trace_save+0x10/0x10 [ 314.013383][T10791] ? stack_depot_save_flags+0x27/0x9d0 [ 314.013425][T10791] ? __split_vma+0x392/0xd90 [ 314.013476][T10791] ? kasan_save_stack+0x3f/0x50 [ 314.013527][T10791] ? kasan_save_stack+0x30/0x50 [ 314.013578][T10791] ? kasan_save_track+0x14/0x30 [ 314.013630][T10791] ? __kasan_slab_alloc+0x89/0x90 [ 314.013660][T10791] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 314.013712][T10791] ? __mpol_dup+0x74/0x370 [ 314.013749][T10791] ? mbind_range+0x2ad/0x550 [ 314.013793][T10791] migrate_pages_sync+0x12c/0x880 [ 314.013836][T10791] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 314.013893][T10791] ? __pfx_migrate_pages_sync+0x10/0x10 [ 314.013940][T10791] ? __lock_acquire+0x4a5/0x2630 [ 314.013994][T10791] migrate_pages+0x1aae/0x28a0 [ 314.014052][T10791] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 314.014110][T10791] ? __pfx_migrate_pages+0x10/0x10 [ 314.014157][T10791] ? find_held_lock+0x2b/0x80 [ 314.014190][T10791] ? do_mbind+0x557/0xfd0 [ 314.014239][T10791] ? up_write+0x290/0x4f0 [ 314.014292][T10791] do_mbind+0x5a6/0xfd0 [ 314.014346][T10791] ? __pfx_do_mbind+0x10/0x10 [ 314.014388][T10791] ? ksys_write+0x190/0x250 [ 314.014419][T10791] ? ksys_write+0x190/0x250 [ 314.014468][T10791] ? __pfx_get_nodes+0x10/0x10 [ 314.014535][T10791] kernel_mbind+0x1b7/0x200 [ 314.014582][T10791] ? __pfx_kernel_mbind+0x10/0x10 [ 314.014639][T10791] do_syscall_64+0x106/0xf80 [ 314.014688][T10791] ? clear_bhb_loop+0x40/0x90 [ 314.014731][T10791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.014767][T10791] RIP: 0033:0x7f524019c799 [ 314.014797][T10791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 314.014831][T10791] RSP: 002b:00007f52410a1028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 314.014866][T10791] RAX: ffffffffffffffda RBX: 00007f5240416090 RCX: 00007f524019c799 [ 314.014889][T10791] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 314.014910][T10791] RBP: 00007f5240232c99 R08: 0000002000000006 R09: 0000000000000002 [ 314.014931][T10791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 314.014953][T10791] R13: 00007f5240416128 R14: 00007f5240416090 R15: 00007ffd4dfbec58 [ 314.014998][T10791] [ 315.819987][T10825] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1801'. [ 316.132638][T10833] FAULT_INJECTION: forcing a failure. [ 316.132638][T10833] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 316.168526][T10833] CPU: 1 UID: 0 PID: 10833 Comm: syz.3.1803 Tainted: G L syzkaller #0 PREEMPT(full) [ 316.168586][T10833] Tainted: [L]=SOFTLOCKUP [ 316.168598][T10833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 316.168619][T10833] Call Trace: [ 316.168631][T10833] [ 316.168644][T10833] dump_stack_lvl+0x100/0x190 [ 316.168702][T10833] should_fail_ex.cold+0x5/0xa [ 316.168737][T10833] ? prepare_alloc_pages+0x16d/0x5f0 [ 316.168782][T10833] should_fail_alloc_page+0xeb/0x140 [ 316.168822][T10833] prepare_alloc_pages+0x1f0/0x5f0 [ 316.168863][T10833] ? __pfx_mas_wr_bnode+0x10/0x10 [ 316.168924][T10833] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 316.168993][T10833] ? mas_ascend+0x53d/0xb30 [ 316.169046][T10833] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 316.169110][T10833] ? mas_next_node+0x7f8/0xf30 [ 316.169158][T10833] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 316.169221][T10833] ? mt_validate_nulls+0x1b3/0x9c0 [ 316.169281][T10833] ? __pfx_mt_validate_nulls+0x10/0x10 [ 316.169343][T10833] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 316.169406][T10833] ? policy_nodemask+0xed/0x4f0 [ 316.169446][T10833] alloc_pages_mpol+0x1fb/0x550 [ 316.169485][T10833] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 316.169525][T10833] ? __lock_acquire+0x4a5/0x2630 [ 316.169577][T10833] folio_alloc_mpol_noprof+0x36/0x340 [ 316.169624][T10833] alloc_migration_target_by_mpol+0x2c1/0x650 [ 316.169675][T10833] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 316.169722][T10833] ? __pfx___might_resched+0x10/0x10 [ 316.169773][T10833] ? is_bpf_text_address+0x8a/0x1a0 [ 316.169836][T10833] migrate_pages_batch+0x4f2/0x4530 [ 316.169881][T10833] ? core_kernel_text+0x60/0xb0 [ 316.169934][T10833] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 316.169983][T10833] ? arch_stack_walk+0xa6/0xf0 [ 316.170038][T10833] ? __pfx_migrate_pages_batch+0x10/0x10 [ 316.170084][T10833] ? __pfx_stack_trace_save+0x10/0x10 [ 316.170120][T10833] ? stack_depot_save_flags+0x27/0x9d0 [ 316.170164][T10833] ? __split_vma+0x392/0xd90 [ 316.170216][T10833] ? kasan_save_stack+0x3f/0x50 [ 316.170268][T10833] ? kasan_save_stack+0x30/0x50 [ 316.170321][T10833] ? kasan_save_track+0x14/0x30 [ 316.170373][T10833] ? __kasan_slab_alloc+0x89/0x90 [ 316.170405][T10833] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 316.170456][T10833] ? __mpol_dup+0x74/0x370 [ 316.170494][T10833] ? mbind_range+0x2ad/0x550 [ 316.170541][T10833] migrate_pages_sync+0x12c/0x880 [ 316.170587][T10833] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 316.170644][T10833] ? __pfx_migrate_pages_sync+0x10/0x10 [ 316.170692][T10833] ? __lock_acquire+0x4a5/0x2630 [ 316.170749][T10833] migrate_pages+0x1aae/0x28a0 [ 316.170798][T10833] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 316.170855][T10833] ? __pfx_migrate_pages+0x10/0x10 [ 316.170903][T10833] ? find_held_lock+0x2b/0x80 [ 316.170937][T10833] ? do_mbind+0x557/0xfd0 [ 316.170993][T10833] ? up_write+0x290/0x4f0 [ 316.171047][T10833] do_mbind+0x5a6/0xfd0 [ 316.171104][T10833] ? __pfx_do_mbind+0x10/0x10 [ 316.171148][T10833] ? ksys_write+0x190/0x250 [ 316.171178][T10833] ? ksys_write+0x190/0x250 [ 316.171229][T10833] ? __pfx_get_nodes+0x10/0x10 [ 316.171294][T10833] kernel_mbind+0x1b7/0x200 [ 316.171343][T10833] ? __pfx_kernel_mbind+0x10/0x10 [ 316.171400][T10833] do_syscall_64+0x106/0xf80 [ 316.171449][T10833] ? clear_bhb_loop+0x40/0x90 [ 316.171494][T10833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.171531][T10833] RIP: 0033:0x7f216879c799 [ 316.171560][T10833] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 316.171594][T10833] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 316.171628][T10833] RAX: ffffffffffffffda RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 316.171651][T10833] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 316.171673][T10833] RBP: 00007f2168832c99 R08: 0000002000000006 R09: 0000000000000002 [ 316.171695][T10833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.171716][T10833] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 316.171762][T10833] [ 317.137512][T10841] Console: switching to colour VGA+ 80x25 [ 317.203205][T10841] ================================================================== [ 317.203234][T10841] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60 [ 317.203286][T10841] Read of size 26 at addr ffff888037aeebea by task syz.3.1806/10841 [ 317.203316][T10841] [ 317.203334][T10841] CPU: 0 UID: 0 PID: 10841 Comm: syz.3.1806 Tainted: G L syzkaller #0 PREEMPT(full) [ 317.203382][T10841] Tainted: [L]=SOFTLOCKUP [ 317.203394][T10841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 317.203414][T10841] Call Trace: [ 317.203424][T10841] [ 317.203435][T10841] dump_stack_lvl+0x100/0x190 [ 317.203486][T10841] print_report+0x156/0x4c9 [ 317.203535][T10841] ? __virt_addr_valid+0x81/0x620 [ 317.203576][T10841] ? __phys_addr+0xe8/0x180 [ 317.203641][T10841] ? fbcon_prepare_logo+0x94e/0xc60 [ 317.203677][T10841] kasan_report+0xdf/0x1e0 [ 317.203713][T10841] ? fbcon_prepare_logo+0x94e/0xc60 [ 317.203754][T10841] kasan_check_range+0x10f/0x1e0 [ 317.203798][T10841] __asan_memcpy+0x23/0x60 [ 317.203848][T10841] fbcon_prepare_logo+0x94e/0xc60 [ 317.203894][T10841] fbcon_init+0x10a0/0x1820 [ 317.203934][T10841] visual_init+0x320/0x620 [ 317.203979][T10841] do_bind_con_driver.isra.0+0x636/0x9c0 [ 317.204027][T10841] store_bind+0x609/0x730 [ 317.204070][T10841] ? __pfx_store_bind+0x10/0x10 [ 317.204107][T10841] dev_attr_store+0x58/0x80 [ 317.204141][T10841] ? __pfx_dev_attr_store+0x10/0x10 [ 317.204182][T10841] sysfs_kf_write+0xf2/0x150 [ 317.204227][T10841] kernfs_fop_write_iter+0x3e0/0x5f0 [ 317.204263][T10841] ? __pfx_sysfs_kf_write+0x10/0x10 [ 317.204305][T10841] vfs_write+0x6ac/0x1070 [ 317.204337][T10841] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 317.204376][T10841] ? __pfx_vfs_write+0x10/0x10 [ 317.204421][T10841] ksys_write+0x12a/0x250 [ 317.204452][T10841] ? __pfx_ksys_write+0x10/0x10 [ 317.204490][T10841] do_syscall_64+0x106/0xf80 [ 317.204539][T10841] ? clear_bhb_loop+0x40/0x90 [ 317.204580][T10841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.204615][T10841] RIP: 0033:0x7f216879c799 [ 317.204642][T10841] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 317.204676][T10841] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 317.204710][T10841] RAX: ffffffffffffffda RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 317.204733][T10841] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003 [ 317.204756][T10841] RBP: 00007f2168832c99 R08: 0000000000000000 R09: 0000000000000000 [ 317.204778][T10841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.204799][T10841] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 317.204834][T10841] [ 317.204845][T10841] [ 317.204854][T10841] Allocated by task 5826: [ 317.204879][T10841] kasan_save_stack+0x30/0x50 [ 317.204932][T10841] kasan_save_track+0x14/0x30 [ 317.204990][T10841] __kasan_kmalloc+0xaa/0xb0 [ 317.205040][T10841] __kmalloc_noprof+0x301/0x850 [ 317.205091][T10841] __register_sysctl_table+0xbe4/0x1650 [ 317.205147][T10841] __devinet_sysctl_register+0x1b9/0x360 [ 317.205200][T10841] devinet_sysctl_register+0x17b/0x210 [ 317.205253][T10841] inetdev_init+0x2b8/0x570 [ 317.205303][T10841] inetdev_event+0x7fa/0x17f0 [ 317.205354][T10841] notifier_call_chain+0x99/0x420 [ 317.205396][T10841] call_netdevice_notifiers_info+0xbe/0x110 [ 317.205454][T10841] register_netdevice+0x16e6/0x2210 [ 317.205504][T10841] cfg80211_register_netdevice+0x149/0x310 [ 317.205538][T10841] ieee80211_if_add+0xcfe/0x1860 [ 317.205579][T10841] ieee80211_register_hw+0x38a4/0x4140 [ 317.205633][T10841] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 317.205697][T10841] hwsim_new_radio_nl+0xc1f/0x1340 [ 317.205751][T10841] genl_family_rcv_msg_doit+0x214/0x300 [ 317.205786][T10841] genl_rcv_msg+0x560/0x800 [ 317.205817][T10841] netlink_rcv_skb+0x159/0x420 [ 317.205868][T10841] genl_rcv+0x28/0x40 [ 317.205896][T10841] netlink_unicast+0x5aa/0x870 [ 317.205945][T10841] netlink_sendmsg+0x8b0/0xda0 [ 317.206003][T10841] __sys_sendto+0x468/0x4b0 [ 317.206045][T10841] __x64_sys_sendto+0xe0/0x1c0 [ 317.206087][T10841] do_syscall_64+0x106/0xf80 [ 317.206134][T10841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.206169][T10841] [ 317.206177][T10841] The buggy address belongs to the object at ffff888037aeeb00 [ 317.206177][T10841] which belongs to the cache kmalloc-192 of size 192 [ 317.206206][T10841] The buggy address is located 44 bytes to the right of [ 317.206206][T10841] allocated 190-byte region [ffff888037aeeb00, ffff888037aeebbe) [ 317.206242][T10841] [ 317.206251][T10841] The buggy address belongs to the physical page: [ 317.206265][T10841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x37aee [ 317.206304][T10841] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 317.206331][T10841] page_type: f5(slab) [ 317.206370][T10841] raw: 00fff00000000000 ffff88813fe3c3c0 dead000000000100 dead000000000122 [ 317.206406][T10841] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 317.206427][T10841] page dumped because: kasan: bad access detected [ 317.206455][T10841] page_owner tracks the page as allocated [ 317.206467][T10841] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 27761850934, free_ts 27743481364 [ 317.206524][T10841] post_alloc_hook+0x153/0x170 [ 317.206570][T10841] get_page_from_freelist+0x111d/0x3140 [ 317.206620][T10841] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 317.206670][T10841] new_slab+0xa6/0x6b0 [ 317.206709][T10841] refill_objects+0x26b/0x400 [ 317.206753][T10841] __pcs_replace_empty_main+0x1ab/0x660 [ 317.206802][T10841] __kmalloc_cache_noprof+0x493/0x6f0 [ 317.206843][T10841] call_usermodehelper_setup+0xaf/0x360 [ 317.206895][T10841] kobject_uevent_env+0x17c1/0x18b0 [ 317.206930][T10841] param_sysfs_builtin_init+0x37b/0x3f0 [ 317.206987][T10841] do_one_initcall+0x11d/0x760 [ 317.207020][T10841] kernel_init_freeable+0x6e5/0x7a0 [ 317.207051][T10841] kernel_init+0x1f/0x1e0 [ 317.207083][T10841] ret_from_fork+0x754/0xd80 [ 317.207130][T10841] ret_from_fork_asm+0x1a/0x30 [ 317.207164][T10841] page last free pid 10 tgid 10 stack trace: [ 317.207182][T10841] __free_frozen_pages+0x7e1/0x10d0 [ 317.207222][T10841] vfree.part.0+0x12b/0x9d0 [ 317.207257][T10841] delayed_vfree_work+0x8e/0xd0 [ 317.207294][T10841] process_one_work+0xa23/0x19a0 [ 317.207341][T10841] worker_thread+0x5ef/0xe50 [ 317.207385][T10841] kthread+0x370/0x450 [ 317.207427][T10841] ret_from_fork+0x754/0xd80 [ 317.207473][T10841] ret_from_fork_asm+0x1a/0x30 [ 317.207507][T10841] [ 317.207515][T10841] Memory state around the buggy address: [ 317.207533][T10841] ffff888037aeea80: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc [ 317.207558][T10841] ffff888037aeeb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 317.207584][T10841] >ffff888037aeeb80: 00 00 00 00 00 00 00 06 fc fc fc fc fc fc fc fc [ 317.207615][T10841] ^ [ 317.207634][T10841] ffff888037aeec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 317.207658][T10841] ffff888037aeec80: 00 00 00 00 00 00 00 06 fc fc fc fc fc fc fc fc [ 317.207678][T10841] ================================================================== [ 317.213124][T10841] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 317.213159][T10841] CPU: 0 UID: 0 PID: 10841 Comm: syz.3.1806 Tainted: G L syzkaller #0 PREEMPT(full) [ 317.213210][T10841] Tainted: [L]=SOFTLOCKUP [ 317.213223][T10841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 317.213245][T10841] Call Trace: [ 317.213256][T10841] [ 317.213269][T10841] dump_stack_lvl+0x100/0x190 [ 317.213323][T10841] vpanic+0x552/0x970 [ 317.213357][T10841] ? __pfx_vpanic+0x10/0x10 [ 317.213395][T10841] ? fbcon_prepare_logo+0x94e/0xc60 [ 317.213432][T10841] panic+0xd1/0xe0 [ 317.213464][T10841] ? __pfx_panic+0x10/0x10 [ 317.213498][T10841] ? fbcon_prepare_logo+0x94e/0xc60 [ 317.213535][T10841] ? preempt_schedule_common+0x42/0xc0 [ 317.213591][T10841] check_panic_on_warn.cold+0x19/0x34 [ 317.213631][T10841] end_report.part.0+0x3a/0x90 [ 317.213680][T10841] kasan_report.cold+0xe/0x18 [ 317.213729][T10841] ? fbcon_prepare_logo+0x94e/0xc60 [ 317.213771][T10841] kasan_check_range+0x10f/0x1e0 [ 317.213811][T10841] __asan_memcpy+0x23/0x60 [ 317.213856][T10841] fbcon_prepare_logo+0x94e/0xc60 [ 317.213897][T10841] fbcon_init+0x10a0/0x1820 [ 317.213935][T10841] visual_init+0x320/0x620 [ 317.213984][T10841] do_bind_con_driver.isra.0+0x636/0x9c0 [ 317.214037][T10841] store_bind+0x609/0x730 [ 317.214085][T10841] ? __pfx_store_bind+0x10/0x10 [ 317.214129][T10841] dev_attr_store+0x58/0x80 [ 317.214184][T10841] ? __pfx_dev_attr_store+0x10/0x10 [ 317.214221][T10841] sysfs_kf_write+0xf2/0x150 [ 317.214264][T10841] kernfs_fop_write_iter+0x3e0/0x5f0 [ 317.214300][T10841] ? __pfx_sysfs_kf_write+0x10/0x10 [ 317.214344][T10841] vfs_write+0x6ac/0x1070 [ 317.214377][T10841] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 317.214418][T10841] ? __pfx_vfs_write+0x10/0x10 [ 317.214479][T10841] ksys_write+0x12a/0x250 [ 317.214512][T10841] ? __pfx_ksys_write+0x10/0x10 [ 317.214551][T10841] do_syscall_64+0x106/0xf80 [ 317.214601][T10841] ? clear_bhb_loop+0x40/0x90 [ 317.214642][T10841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.214680][T10841] RIP: 0033:0x7f216879c799 [ 317.214707][T10841] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 317.214744][T10841] RSP: 002b:00007f2169614028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 317.214791][T10841] RAX: ffffffffffffffda RBX: 00007f2168a15fa0 RCX: 00007f216879c799 [ 317.214814][T10841] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003 [ 317.214836][T10841] RBP: 00007f2168832c99 R08: 0000000000000000 R09: 0000000000000000 [ 317.214857][T10841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.214878][T10841] R13: 00007f2168a16038 R14: 00007f2168a15fa0 R15: 00007ffc58ddc688 [ 317.214912][T10841] [ 317.215511][T10841] Kernel Offset: disabled