last executing test programs: 3.945806325s ago: executing program 0 (id=1679): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/loop9/queue/nr_requests\x00', 0xa022, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi2\x00', 0xa200, 0x0) ioctl$auto(r1, 0xc0585611, r1) 3.805066523s ago: executing program 0 (id=1673): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYBLOB="000336bd7000fedbdf25020000"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r1 = socket(0xa, 0x5, 0x84) setsockopt$auto(r1, 0x10000000084, 0x20, 0x0, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) acct$auto(&(0x7f0000000000)='/dev/bus/usb/015/001\x00') 3.588345618s ago: executing program 0 (id=1675): mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0x20) socket(0x2, 0x2, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/radio18\x00', 0x8aa40, 0x0) 2.578986281s ago: executing program 0 (id=1684): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) bpf$auto(0x1, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x9, 0x81, 0xffffffffffffffff, 0x2, 0x8}, 0x100000cf) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x800}, 0x6}, 0xfffffdf9, 0x10, 0x0) ioctl$auto(r0, 0x89f1, 0x24) 2.549565868s ago: executing program 1 (id=1685): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYBLOB="010027bd7000f9dbdf25010000000600020000000000"], 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x4080) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100cda4429629bd7100f9db5f2502"], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x8, 0x4008) 2.430892617s ago: executing program 1 (id=1686): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000080)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r0, r2, 0x4, 0x302f, r1, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000000c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0x91) 2.363083466s ago: executing program 3 (id=1687): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) r0 = epoll_create$auto(0x3e) epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.30212411s ago: executing program 1 (id=1688): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4$auto(r1, 0x0, 0x2, 0x0) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r0, 0x0, 0x4000010) 1.987695134s ago: executing program 2 (id=1690): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000040)={0x80}) 1.931105258s ago: executing program 3 (id=1691): r0 = openat$auto_ftrace_formats_fops_trace_printk(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/printk_formats\x00', 0x109000, 0x0) fstat$auto(r0, &(0x7f0000000040)={0x49ef, 0xa, 0xc, 0x5, 0x0, 0xee00, 0x0, 0xb6, 0x586d, 0x1c3084ec, 0x0, 0x7, 0x4, 0x4d, 0x6, 0x7fff, 0x9}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) fcntl$auto_F_OFD_GETLK(r1, 0x24, 0x80) 1.747354402s ago: executing program 2 (id=1692): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x2, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) read$auto(0x3, 0x0, 0x8080) write$auto(0x3, 0x0, 0xffd8) 1.605682266s ago: executing program 0 (id=1693): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto(0x0, 0xff7fffffffff0001, 0x15) connect$auto(0x3, 0x0, 0x55) 1.249376372s ago: executing program 1 (id=1694): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x3b) io_uring_setup$auto(0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101c81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0xc01, 0x1, 0x6d, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 1.224708909s ago: executing program 3 (id=1695): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = prctl$auto(0x8, 0xfffffffffffffffd, 0x0, 0xfffffffffff7fffd, 0x2) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0x80000000}, 0x2, 0x4, 0x5) lseek$auto(0x3, 0x0, 0x1) sendmmsg$auto(0xffffffffffffffff, 0x0, 0xfffffff9, 0xfffffff7) 1.203226881s ago: executing program 2 (id=1696): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) 635.095467ms ago: executing program 3 (id=1697): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 578.403052ms ago: executing program 2 (id=1698): mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) eventfd$auto(0x8e) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r1, 0x4040ae79, r2) close_range$auto(0x2, 0x8, 0x0) 515.694277ms ago: executing program 0 (id=1699): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x22202, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) capset$auto(0x0, 0x0) write$auto(0x3, 0x0, 0x7fffffff) madvise$auto(0x0, 0xffffffffffff0001, 0x15) pread64$auto(0xffffffffffffffff, 0x0, 0xf42c, 0x1000000000400) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 302.23397ms ago: executing program 3 (id=1700): symlink$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/domainname\x00', 0x1c9442, 0x0) r0 = epoll_create$auto(0x8) epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, 0x0, 0x0) 259.294628ms ago: executing program 1 (id=1701): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r0, 0x2, 0x9) ioctl$auto(0x3, 0x400c4d05, r0) ioctl$auto(0x3, 0x400c4d09, r0) close_range$auto(0x2, 0x8, 0x0) 226.876345ms ago: executing program 2 (id=1702): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(0x8000000000000001, 0x26, 0x8) io_uring_setup$auto(0x6, 0x0) fcntl$auto(r0, 0x24, 0x8) fcntl$auto(0x8000000000000001, 0x26, 0x8) 82.563486ms ago: executing program 3 (id=1703): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) getpriority$auto_PRIO_USER(0x2, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) pipe2$auto(0x0, 0x80) 40.039465ms ago: executing program 2 (id=1704): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) sysfs$auto(0x2, 0x23, 0x0) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r2, 0x0, 0x4) 0s ago: executing program 1 (id=1705): mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x1, 0x84) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x2) getsockopt$auto(r0, 0x0, 0xce, 0x0, 0x0) kernel console output (not intermixed with test programs): 865512][ T7201] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 147.865544][ T7201] RAX: 0000000000000000 RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 147.865563][ T7201] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 147.865580][ T7201] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 147.865598][ T7201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 147.865616][ T7201] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 147.865657][ T7201] [ 148.205481][ T7207] netlink: 342 bytes leftover after parsing attributes in process `syz.3.510'. [ 150.143550][ T7240] netlink: 330 bytes leftover after parsing attributes in process `syz.3.523'. [ 152.744293][ T7294] netlink: 342 bytes leftover after parsing attributes in process `syz.0.545'. [ 152.791792][ T7294] netlink: 342 bytes leftover after parsing attributes in process `syz.0.545'. [ 153.647369][ T7321] netlink: 330 bytes leftover after parsing attributes in process `syz.3.556'. [ 156.081703][ T7358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.571'. [ 157.702755][ T7385] ptrace attach of "./syz-executor exec"[5828] was attempted by ""[7385] [ 158.505303][ T7399] binder: 7396:7399 ioctl 40086602 e20 returned -22 [ 161.304379][ T7463] netlink: 342 bytes leftover after parsing attributes in process `syz.0.592'. [ 161.334407][ T7463] IPv6: NLM_F_CREATE should be specified when creating new route [ 161.361354][ T7463] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 161.368979][ T7463] IPv6: NLM_F_CREATE should be set when creating new route [ 161.376420][ T7463] IPv6: NLM_F_CREATE should be set when creating new route [ 161.467405][ T7466] netlink: 342 bytes leftover after parsing attributes in process `syz.0.592'. [ 161.551343][ T7466] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 163.859834][ T7504] FAULT_INJECTION: forcing a failure. [ 163.859834][ T7504] name failslab, interval 1, probability 0, space 0, times 0 [ 163.881211][ T7504] CPU: 0 UID: 0 PID: 7504 Comm: syz.0.606 Tainted: G L syzkaller #0 PREEMPT(full) [ 163.881258][ T7504] Tainted: [L]=SOFTLOCKUP [ 163.881268][ T7504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 163.881284][ T7504] Call Trace: [ 163.881294][ T7504] [ 163.881306][ T7504] dump_stack_lvl+0x100/0x190 [ 163.881355][ T7504] should_fail_ex.cold+0x5/0xa [ 163.881387][ T7504] ? tomoyo_encode2+0xfb/0x3c0 [ 163.881422][ T7504] should_failslab+0xc2/0x120 [ 163.881453][ T7504] __kmalloc_noprof+0xe0/0x850 [ 163.881495][ T7504] ? d_absolute_path+0x136/0x1b0 [ 163.881540][ T7504] tomoyo_encode2+0xfb/0x3c0 [ 163.881588][ T7504] tomoyo_encode+0x29/0x50 [ 163.881626][ T7504] tomoyo_realpath_from_path+0x18c/0x690 [ 163.881678][ T7504] tomoyo_path_number_perm+0x23c/0x580 [ 163.881710][ T7504] ? tomoyo_path_number_perm+0x22e/0x580 [ 163.881748][ T7504] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 163.881779][ T7504] ? futex_wait+0x125/0x380 [ 163.881868][ T7504] ? find_held_lock+0x2b/0x80 [ 163.881897][ T7504] ? __fget_files+0x215/0x3d0 [ 163.881924][ T7504] ? hook_file_ioctl_common+0x146/0x410 [ 163.881970][ T7504] ? __fget_files+0x21f/0x3d0 [ 163.882017][ T7504] security_file_ioctl+0xd3/0x230 [ 163.882053][ T7504] __x64_sys_ioctl+0xb7/0x210 [ 163.882103][ T7504] do_syscall_64+0x106/0xf80 [ 163.882147][ T7504] ? clear_bhb_loop+0x40/0x90 [ 163.882186][ T7504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.882218][ T7504] RIP: 0033:0x7f9decd9c799 [ 163.882245][ T7504] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 163.882274][ T7504] RSP: 002b:00007f9deaff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 163.882304][ T7504] RAX: ffffffffffffffda RBX: 00007f9ded015fa0 RCX: 00007f9decd9c799 [ 163.882324][ T7504] RDX: 0000000000000000 RSI: 00000000c4c85513 RDI: 0000000000000005 [ 163.882343][ T7504] RBP: 00007f9dece32c99 R08: 0000000000000000 R09: 0000000000000000 [ 163.882361][ T7504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 163.882379][ T7504] R13: 00007f9ded016038 R14: 00007f9ded015fa0 R15: 00007ffce7e9e598 [ 163.882422][ T7504] [ 163.882449][ T7504] ERROR: Out of memory at tomoyo_realpath_from_path. [ 164.564009][ T7517] FAULT_INJECTION: forcing a failure. [ 164.564009][ T7517] name failslab, interval 1, probability 0, space 0, times 0 [ 164.611320][ T7517] CPU: 0 UID: 0 PID: 7517 Comm: syz.2.611 Tainted: G L syzkaller #0 PREEMPT(full) [ 164.611370][ T7517] Tainted: [L]=SOFTLOCKUP [ 164.611380][ T7517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 164.611398][ T7517] Call Trace: [ 164.611408][ T7517] [ 164.611419][ T7517] dump_stack_lvl+0x100/0x190 [ 164.611472][ T7517] should_fail_ex.cold+0x5/0xa [ 164.611509][ T7517] should_failslab+0xc2/0x120 [ 164.611541][ T7517] __kmalloc_cache_noprof+0x7a/0x6f0 [ 164.611582][ T7517] ? mtdchar_open+0x1e5/0x340 [ 164.611611][ T7517] ? find_held_lock+0x2b/0x80 [ 164.611638][ T7517] ? chrdev_open+0x10b/0x6a0 [ 164.611675][ T7517] mtdchar_open+0x1e5/0x340 [ 164.611707][ T7517] ? __pfx_mtdchar_open+0x10/0x10 [ 164.611736][ T7517] chrdev_open+0x234/0x6a0 [ 164.611764][ T7517] ? __pfx_apparmor_file_open+0x10/0x10 [ 164.611806][ T7517] ? __pfx_chrdev_open+0x10/0x10 [ 164.611840][ T7517] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 164.611881][ T7517] do_dentry_open+0x6d8/0x1660 [ 164.611909][ T7517] ? __pfx_chrdev_open+0x10/0x10 [ 164.611948][ T7517] vfs_open+0x82/0x3f0 [ 164.611997][ T7517] path_openat+0x208c/0x31a0 [ 164.612039][ T7517] ? __pfx_path_openat+0x10/0x10 [ 164.612091][ T7517] do_file_open+0x20e/0x430 [ 164.612125][ T7517] ? __pfx_do_file_open+0x10/0x10 [ 164.612184][ T7517] ? alloc_fd+0x476/0x790 [ 164.612216][ T7517] ? do_getname+0x191/0x390 [ 164.612256][ T7517] do_sys_openat2+0x10d/0x1e0 [ 164.612293][ T7517] ? __pfx_do_sys_openat2+0x10/0x10 [ 164.612334][ T7517] ? __fget_files+0x21f/0x3d0 [ 164.612367][ T7517] __x64_sys_openat+0x12d/0x210 [ 164.612404][ T7517] ? __pfx___x64_sys_openat+0x10/0x10 [ 164.612456][ T7517] do_syscall_64+0x106/0xf80 [ 164.612494][ T7517] ? clear_bhb_loop+0x40/0x90 [ 164.612528][ T7517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.612556][ T7517] RIP: 0033:0x7f66a2d9c799 [ 164.612580][ T7517] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 164.612605][ T7517] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 164.612633][ T7517] RAX: ffffffffffffffda RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 164.612668][ T7517] RDX: 0000000000002c00 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 164.612684][ T7517] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 164.612701][ T7517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 164.612717][ T7517] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 164.612756][ T7517] [ 166.271540][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 166.388462][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 166.397405][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 166.528307][ T7535] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 166.544706][ T7535] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 166.566683][ T7535] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 166.577467][ T7535] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 166.589107][ T7535] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 166.604591][ T7535] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 166.639604][ T7535] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 166.650327][ T7535] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 166.676521][ T7535] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 166.696956][ T7535] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 166.721240][ T7535] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 166.732799][ T7535] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 168.011678][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout [ 168.345130][ T7587] FAULT_INJECTION: forcing a failure. [ 168.345130][ T7587] name failslab, interval 1, probability 0, space 0, times 0 [ 168.369050][ T7587] CPU: 1 UID: 0 PID: 7587 Comm: syz.2.644 Tainted: G L syzkaller #0 PREEMPT(full) [ 168.369102][ T7587] Tainted: [L]=SOFTLOCKUP [ 168.369112][ T7587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 168.369130][ T7587] Call Trace: [ 168.369140][ T7587] [ 168.369152][ T7587] dump_stack_lvl+0x100/0x190 [ 168.369205][ T7587] should_fail_ex.cold+0x5/0xa [ 168.369241][ T7587] should_failslab+0xc2/0x120 [ 168.369274][ T7587] __kmalloc_cache_noprof+0x7a/0x6f0 [ 168.369315][ T7587] ? drm_file_alloc+0x74/0xb40 [ 168.369363][ T7587] drm_file_alloc+0x74/0xb40 [ 168.369408][ T7587] drm_open_helper+0x1fc/0x540 [ 168.369453][ T7587] drm_open+0x1a0/0x3e0 [ 168.369491][ T7587] ? __pfx_drm_open+0x10/0x10 [ 168.369529][ T7587] drm_stub_open+0x20f/0x380 [ 168.369569][ T7587] ? __pfx_drm_stub_open+0x10/0x10 [ 168.369607][ T7587] chrdev_open+0x234/0x6a0 [ 168.369647][ T7587] ? __pfx_apparmor_file_open+0x10/0x10 [ 168.369697][ T7587] ? __pfx_chrdev_open+0x10/0x10 [ 168.369732][ T7587] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 168.369773][ T7587] do_dentry_open+0x6d8/0x1660 [ 168.369802][ T7587] ? __pfx_chrdev_open+0x10/0x10 [ 168.369839][ T7587] vfs_open+0x82/0x3f0 [ 168.369877][ T7587] path_openat+0x208c/0x31a0 [ 168.369918][ T7587] ? __pfx_path_openat+0x10/0x10 [ 168.369962][ T7587] do_file_open+0x20e/0x430 [ 168.369995][ T7587] ? __pfx_do_file_open+0x10/0x10 [ 168.370049][ T7587] ? alloc_fd+0x476/0x790 [ 168.370079][ T7587] ? do_getname+0x191/0x390 [ 168.370113][ T7587] do_sys_openat2+0x10d/0x1e0 [ 168.370150][ T7587] ? __pfx_do_sys_openat2+0x10/0x10 [ 168.370190][ T7587] ? __fget_files+0x21f/0x3d0 [ 168.370220][ T7587] __x64_sys_openat+0x12d/0x210 [ 168.370257][ T7587] ? __pfx___x64_sys_openat+0x10/0x10 [ 168.370302][ T7587] do_syscall_64+0x106/0xf80 [ 168.370336][ T7587] ? clear_bhb_loop+0x40/0x90 [ 168.370369][ T7587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.370408][ T7587] RIP: 0033:0x7f66a2d9c799 [ 168.370431][ T7587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 168.370457][ T7587] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 168.370484][ T7587] RAX: ffffffffffffffda RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 168.370501][ T7587] RDX: 0000000000129800 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 168.370517][ T7587] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 168.370533][ T7587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.370548][ T7587] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 168.370581][ T7587] [ 168.819167][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.825405][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout [ 168.836080][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout [ 170.091742][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 170.091979][ T7616] zswap: compressor not available [ 170.537918][ T7631] FAULT_INJECTION: forcing a failure. [ 170.537918][ T7631] name failslab, interval 1, probability 0, space 0, times 0 [ 170.584304][ T7631] CPU: 1 UID: 0 PID: 7631 Comm: syz.1.651 Tainted: G L syzkaller #0 PREEMPT(full) [ 170.584355][ T7631] Tainted: [L]=SOFTLOCKUP [ 170.584367][ T7631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 170.584384][ T7631] Call Trace: [ 170.584395][ T7631] [ 170.584407][ T7631] dump_stack_lvl+0x100/0x190 [ 170.584460][ T7631] should_fail_ex.cold+0x5/0xa [ 170.584497][ T7631] should_failslab+0xc2/0x120 [ 170.584531][ T7631] __kmalloc_cache_noprof+0x7a/0x6f0 [ 170.584573][ T7631] ? snd_virmidi_input_open+0xc8/0x4d0 [ 170.584616][ T7631] ? __kasan_kmalloc+0xaa/0xb0 [ 170.584671][ T7631] snd_virmidi_input_open+0xc8/0x4d0 [ 170.584712][ T7631] open_substream+0x480/0x9e0 [ 170.584756][ T7631] rawmidi_open_priv+0x524/0x6f0 [ 170.584806][ T7631] snd_rawmidi_open+0x4c9/0xba0 [ 170.584864][ T7631] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 170.584909][ T7631] ? __pfx_default_wake_function+0x10/0x10 [ 170.584942][ T7631] ? soundcore_open+0x231/0x5a0 [ 170.584971][ T7631] ? soundcore_open+0x231/0x5a0 [ 170.585005][ T7631] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 170.585050][ T7631] soundcore_open+0x2e3/0x5a0 [ 170.585084][ T7631] ? __pfx_soundcore_open+0x10/0x10 [ 170.585115][ T7631] chrdev_open+0x234/0x6a0 [ 170.585147][ T7631] ? __pfx_apparmor_file_open+0x10/0x10 [ 170.585198][ T7631] ? __pfx_chrdev_open+0x10/0x10 [ 170.585233][ T7631] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 170.585275][ T7631] do_dentry_open+0x6d8/0x1660 [ 170.585306][ T7631] ? __pfx_chrdev_open+0x10/0x10 [ 170.585355][ T7631] vfs_open+0x82/0x3f0 [ 170.585401][ T7631] path_openat+0x208c/0x31a0 [ 170.585448][ T7631] ? __pfx_path_openat+0x10/0x10 [ 170.585497][ T7631] do_file_open+0x20e/0x430 [ 170.585533][ T7631] ? __pfx_do_file_open+0x10/0x10 [ 170.585604][ T7631] ? alloc_fd+0x476/0x790 [ 170.585641][ T7631] ? do_getname+0x191/0x390 [ 170.585685][ T7631] do_sys_openat2+0x10d/0x1e0 [ 170.585727][ T7631] ? __pfx_do_sys_openat2+0x10/0x10 [ 170.585771][ T7631] ? __fget_files+0x21f/0x3d0 [ 170.585810][ T7631] __x64_sys_openat+0x12d/0x210 [ 170.585852][ T7631] ? __pfx___x64_sys_openat+0x10/0x10 [ 170.585910][ T7631] do_syscall_64+0x106/0xf80 [ 170.585952][ T7631] ? clear_bhb_loop+0x40/0x90 [ 170.585987][ T7631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.586018][ T7631] RIP: 0033:0x7f7f5a99c799 [ 170.586042][ T7631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 170.586068][ T7631] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 170.586099][ T7631] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 170.586119][ T7631] RDX: 0000000000000800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 170.586139][ T7631] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 170.586156][ T7631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 170.586173][ T7631] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 170.586216][ T7631] [ 170.899240][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 170.905463][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 170.911773][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 172.173730][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout [ 172.560894][ T7672] netlink: 28 bytes leftover after parsing attributes in process `syz.0.664'. [ 172.570227][ T7672] ipvlan0: entered promiscuous mode [ 172.582172][ T7672] ipvlan0: entered allmulticast mode [ 172.587772][ T7672] veth0_vlan: entered allmulticast mode [ 172.974175][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout [ 172.980254][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout [ 172.987443][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 176.232566][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 176.241330][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 176.341570][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 176.406582][ T7769] sg_write: data in/out 220/90 bytes for SCSI command 0x0-- guessing data in; [ 176.406582][ T7769] program syz.2.699 not setting count and/or reply_len properly [ 176.533111][ T7774] netlink: 28 bytes leftover after parsing attributes in process `syz.2.703'. [ 176.658692][ T7758] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 176.669630][ T7758] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 176.687144][ T7758] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 176.704772][ T7758] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 177.135157][ T7791] FAULT_INJECTION: forcing a failure. [ 177.135157][ T7791] name failslab, interval 1, probability 0, space 0, times 0 [ 177.166058][ T7791] CPU: 0 UID: 0 PID: 7791 Comm: syz.3.707 Tainted: G L syzkaller #0 PREEMPT(full) [ 177.166109][ T7791] Tainted: [L]=SOFTLOCKUP [ 177.166120][ T7791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 177.166136][ T7791] Call Trace: [ 177.166146][ T7791] [ 177.166158][ T7791] dump_stack_lvl+0x100/0x190 [ 177.166206][ T7791] should_fail_ex.cold+0x5/0xa [ 177.166242][ T7791] ? drm_atomic_state_init+0x190/0x490 [ 177.166275][ T7791] should_failslab+0xc2/0x120 [ 177.166309][ T7791] __kmalloc_noprof+0xe0/0x850 [ 177.166365][ T7791] drm_atomic_state_init+0x190/0x490 [ 177.166401][ T7791] ? kasan_save_track+0x14/0x30 [ 177.166448][ T7791] drm_atomic_state_alloc+0xd3/0x120 [ 177.166486][ T7791] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 177.166529][ T7791] ? trace_contention_end+0x140/0x180 [ 177.166569][ T7791] ? __mutex_lock+0x26a/0x1b90 [ 177.166621][ T7791] ? __mutex_lock+0x26a/0x1b90 [ 177.166661][ T7791] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 177.166702][ T7791] ? drm_master_internal_acquire+0x21/0x80 [ 177.166775][ T7791] drm_client_modeset_commit_locked+0x14d/0x580 [ 177.166823][ T7791] drm_client_modeset_commit+0x4f/0x80 [ 177.166865][ T7791] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 177.166911][ T7791] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 177.166958][ T7791] drm_fbdev_client_restore+0x1b/0x30 [ 177.166994][ T7791] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 177.167028][ T7791] drm_client_dev_restore+0x205/0x2a0 [ 177.167079][ T7791] drm_release+0x2c6/0x360 [ 177.167121][ T7791] ? __pfx_drm_release+0x10/0x10 [ 177.167161][ T7791] __fput+0x3ff/0xb40 [ 177.167215][ T7791] task_work_run+0x150/0x240 [ 177.167263][ T7791] ? __pfx_task_work_run+0x10/0x10 [ 177.167323][ T7791] exit_to_user_mode_loop+0x100/0x4a0 [ 177.167370][ T7791] do_syscall_64+0x668/0xf80 [ 177.167413][ T7791] ? clear_bhb_loop+0x40/0x90 [ 177.167454][ T7791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.167487][ T7791] RIP: 0033:0x7f6f0f19c799 [ 177.167515][ T7791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 177.167545][ T7791] RSP: 002b:00007f6f0ffff028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 177.167584][ T7791] RAX: 0000000000000000 RBX: 00007f6f0f415fa0 RCX: 00007f6f0f19c799 [ 177.167603][ T7791] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 177.167620][ T7791] RBP: 00007f6f0f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 177.167638][ T7791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.167655][ T7791] R13: 00007f6f0f416038 R14: 00007f6f0f415fa0 R15: 00007ffc5ce1c268 [ 177.167699][ T7791] [ 178.011285][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout [ 178.731241][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.737551][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 178.743878][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout [ 179.405822][ T7819] netlink: 330 bytes leftover after parsing attributes in process `syz.0.719'. [ 179.477048][ T7822] netlink: 334 bytes leftover after parsing attributes in process `syz.1.717'. [ 180.411704][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 180.622134][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 181.236714][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 181.531614][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 182.143996][ T7857] smpboot: CPU 1 is now offline [ 182.882403][ T7863] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 182.909531][ T7863] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 182.921316][ T7863] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 182.949717][ T7863] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 183.089931][ T7860] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 184.412075][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout [ 184.971215][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout [ 184.977334][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout [ 184.988745][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 186.186872][ T7934] FAULT_INJECTION: forcing a failure. [ 186.186872][ T7934] name failslab, interval 1, probability 0, space 0, times 0 [ 186.261448][ T7934] CPU: 0 UID: 0 PID: 7934 Comm: syz.3.760 Tainted: G L syzkaller #0 PREEMPT(full) [ 186.261500][ T7934] Tainted: [L]=SOFTLOCKUP [ 186.261510][ T7934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 186.261527][ T7934] Call Trace: [ 186.261538][ T7934] [ 186.261550][ T7934] dump_stack_lvl+0x100/0x190 [ 186.261621][ T7934] should_fail_ex.cold+0x5/0xa [ 186.261659][ T7934] should_failslab+0xc2/0x120 [ 186.261702][ T7934] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 186.261750][ T7934] ? security_inode_alloc+0x3b/0x2c0 [ 186.261783][ T7934] ? lockdep_init_map_type+0x5c/0x250 [ 186.261832][ T7934] security_inode_alloc+0x3b/0x2c0 [ 186.261866][ T7934] inode_init_always_gfp+0xced/0x1040 [ 186.261914][ T7934] alloc_inode+0x8e/0x250 [ 186.261956][ T7934] new_inode+0x22/0x1c0 [ 186.262002][ T7934] shmem_get_inode+0x212/0x1040 [ 186.262052][ T7934] ? __pfx_shmem_get_inode+0x10/0x10 [ 186.262096][ T7934] ? map_id_range_up+0x2ce/0x3b0 [ 186.262129][ T7934] ? __pfx_make_vfsuid+0x10/0x10 [ 186.262179][ T7934] shmem_symlink+0x11b/0xa00 [ 186.262228][ T7934] ? generic_permission+0xae/0x800 [ 186.262271][ T7934] ? __pfx_shmem_symlink+0x10/0x10 [ 186.262317][ T7934] ? security_inode_permission+0xbf/0x250 [ 186.262354][ T7934] ? inode_permission+0x374/0x620 [ 186.262392][ T7934] ? tomoyo_path_symlink+0x97/0xe0 [ 186.262503][ T7934] vfs_symlink+0x178/0x4d0 [ 186.262562][ T7934] filename_symlinkat+0x2a6/0x560 [ 186.262604][ T7934] ? __pfx_filename_symlinkat+0x10/0x10 [ 186.262641][ T7934] ? strncpy_from_user+0x19d/0x2d0 [ 186.262693][ T7934] ? do_getname+0x191/0x390 [ 186.262735][ T7934] __x64_sys_symlink+0x79/0xb0 [ 186.262773][ T7934] do_syscall_64+0x106/0xf80 [ 186.262816][ T7934] ? clear_bhb_loop+0x40/0x90 [ 186.262857][ T7934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.262889][ T7934] RIP: 0033:0x7f6f0f19c799 [ 186.262917][ T7934] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.262945][ T7934] RSP: 002b:00007f6f0ffff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 186.262976][ T7934] RAX: ffffffffffffffda RBX: 00007f6f0f415fa0 RCX: 00007f6f0f19c799 [ 186.262996][ T7934] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 186.263014][ T7934] RBP: 00007f6f0f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 186.263032][ T7934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.263050][ T7934] R13: 00007f6f0f416038 R14: 00007f6f0f415fa0 R15: 00007ffc5ce1c268 [ 186.263094][ T7934] [ 186.835488][ T7944] random: crng reseeded on system resumption [ 186.886543][ T7944] FAULT_INJECTION: forcing a failure. [ 186.886543][ T7944] name failslab, interval 1, probability 0, space 0, times 0 [ 186.911357][ T7944] CPU: 0 UID: 0 PID: 7944 Comm: syz.2.764 Tainted: G L syzkaller #0 PREEMPT(full) [ 186.911407][ T7944] Tainted: [L]=SOFTLOCKUP [ 186.911418][ T7944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 186.911436][ T7944] Call Trace: [ 186.911446][ T7944] [ 186.911458][ T7944] dump_stack_lvl+0x100/0x190 [ 186.911521][ T7944] should_fail_ex.cold+0x5/0xa [ 186.911559][ T7944] should_failslab+0xc2/0x120 [ 186.911591][ T7944] __kmalloc_cache_noprof+0x7a/0x6f0 [ 186.911630][ T7944] ? create_basic_memory_bitmaps+0xeb/0x350 [ 186.911672][ T7944] create_basic_memory_bitmaps+0xeb/0x350 [ 186.911712][ T7944] snapshot_open+0x230/0x2a0 [ 186.911744][ T7944] ? __pfx_snapshot_open+0x10/0x10 [ 186.911779][ T7944] misc_open+0x26d/0x450 [ 186.911814][ T7944] ? __pfx_misc_open+0x10/0x10 [ 186.911848][ T7944] chrdev_open+0x234/0x6a0 [ 186.911878][ T7944] ? __pfx_apparmor_file_open+0x10/0x10 [ 186.911930][ T7944] ? __pfx_chrdev_open+0x10/0x10 [ 186.911964][ T7944] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 186.912002][ T7944] do_dentry_open+0x6d8/0x1660 [ 186.912032][ T7944] ? __pfx_chrdev_open+0x10/0x10 [ 186.912076][ T7944] vfs_open+0x82/0x3f0 [ 186.912121][ T7944] path_openat+0x208c/0x31a0 [ 186.912169][ T7944] ? __pfx_path_openat+0x10/0x10 [ 186.912217][ T7944] do_file_open+0x20e/0x430 [ 186.912253][ T7944] ? __pfx_do_file_open+0x10/0x10 [ 186.912317][ T7944] ? alloc_fd+0x476/0x790 [ 186.912352][ T7944] ? do_getname+0x191/0x390 [ 186.912418][ T7944] do_sys_openat2+0x10d/0x1e0 [ 186.912458][ T7944] ? __pfx_do_sys_openat2+0x10/0x10 [ 186.912504][ T7944] ? find_held_lock+0x2b/0x80 [ 186.912542][ T7944] __x64_sys_openat+0x12d/0x210 [ 186.912580][ T7944] ? __pfx___x64_sys_openat+0x10/0x10 [ 186.912631][ T7944] do_syscall_64+0x106/0xf80 [ 186.912671][ T7944] ? clear_bhb_loop+0x40/0x90 [ 186.912702][ T7944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.912726][ T7944] RIP: 0033:0x7f66a2d9c799 [ 186.912749][ T7944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.912771][ T7944] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 186.912796][ T7944] RAX: ffffffffffffffda RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 186.912811][ T7944] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 186.912827][ T7944] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 186.912841][ T7944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.912854][ T7944] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 186.912886][ T7944] [ 187.773918][ T7956] netlink: 'syz.1.767': attribute type 19 has an invalid length. [ 187.802605][ T7956] netlink: 334 bytes leftover after parsing attributes in process `syz.1.767'. [ 190.383893][ T8010] netlink: 28 bytes leftover after parsing attributes in process `syz.2.785'. [ 191.054100][ T8015] netlink: 146 bytes leftover after parsing attributes in process `syz.2.788'. [ 191.336601][ T8027] syz.2.794 (8027): /proc/8026/oom_adj is deprecated, please use /proc/8026/oom_score_adj instead. [ 191.502492][ T8034] netlink: 342 bytes leftover after parsing attributes in process `syz.2.796'. [ 191.611947][ T8034] netlink: 342 bytes leftover after parsing attributes in process `syz.2.796'. [ 191.703886][ T8039] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 193.655429][ T8080] netlink: 146 bytes leftover after parsing attributes in process `syz.2.813'. [ 193.978307][ T8089] FAULT_INJECTION: forcing a failure. [ 193.978307][ T8089] name failslab, interval 1, probability 0, space 0, times 0 [ 194.038916][ T8089] CPU: 1 UID: 0 PID: 8089 Comm: syz.1.818 Tainted: G L syzkaller #0 PREEMPT(full) [ 194.038965][ T8089] Tainted: [L]=SOFTLOCKUP [ 194.038975][ T8089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 194.038993][ T8089] Call Trace: [ 194.039004][ T8089] [ 194.039016][ T8089] dump_stack_lvl+0x100/0x190 [ 194.039069][ T8089] should_fail_ex.cold+0x5/0xa [ 194.039107][ T8089] ? tracepoint_add_func+0x2c5/0xf30 [ 194.039137][ T8089] should_failslab+0xc2/0x120 [ 194.039170][ T8089] __kmalloc_noprof+0xe0/0x850 [ 194.039223][ T8089] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 194.039256][ T8089] tracepoint_add_func+0x2c5/0xf30 [ 194.039286][ T8089] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 194.039318][ T8089] ? __pfx___mutex_lock+0x10/0x10 [ 194.039361][ T8089] ? rcu_is_watching+0x12/0xc0 [ 194.039423][ T8089] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 194.039453][ T8089] tracepoint_probe_register+0xc4/0x110 [ 194.039488][ T8089] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 194.039521][ T8089] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 194.039555][ T8089] ? __lock_acquire+0x4a5/0x2630 [ 194.039606][ T8089] tracing_start_sched_switch+0xaf/0x170 [ 194.039659][ T8089] __ftrace_event_enable_disable+0x557/0x6f0 [ 194.039698][ T8089] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 194.039744][ T8089] ftrace_set_clr_event+0x16e/0x330 [ 194.039787][ T8089] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 194.039825][ T8089] ? trace_get_user+0x3ae/0xa70 [ 194.039869][ T8089] ftrace_event_write+0x259/0x2c0 [ 194.039909][ T8089] ? __pfx_ftrace_event_write+0x10/0x10 [ 194.039965][ T8089] vfs_write+0x2aa/0x1070 [ 194.039994][ T8089] ? __pfx_ftrace_event_write+0x10/0x10 [ 194.040038][ T8089] ? __pfx_vfs_write+0x10/0x10 [ 194.040064][ T8089] ? __fget_files+0x215/0x3d0 [ 194.040104][ T8089] ? __fget_files+0x21f/0x3d0 [ 194.040147][ T8089] ksys_write+0x12a/0x250 [ 194.040176][ T8089] ? __pfx_ksys_write+0x10/0x10 [ 194.040218][ T8089] do_syscall_64+0x106/0xf80 [ 194.040261][ T8089] ? clear_bhb_loop+0x40/0x90 [ 194.040301][ T8089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.040332][ T8089] RIP: 0033:0x7f7f5a99c799 [ 194.040359][ T8089] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 194.040387][ T8089] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 194.040426][ T8089] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 194.040445][ T8089] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000005 [ 194.040464][ T8089] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 194.040482][ T8089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.040499][ T8089] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 194.040544][ T8089] [ 194.040557][ T8089] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup [ 194.418296][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.425117][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.758090][ T8113] FAULT_INJECTION: forcing a failure. [ 194.758090][ T8113] name failslab, interval 1, probability 0, space 0, times 0 [ 194.781495][ T8113] CPU: 0 UID: 0 PID: 8113 Comm: syz.3.826 Tainted: G L syzkaller #0 PREEMPT(full) [ 194.781548][ T8113] Tainted: [L]=SOFTLOCKUP [ 194.781560][ T8113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 194.781578][ T8113] Call Trace: [ 194.781588][ T8113] [ 194.781600][ T8113] dump_stack_lvl+0x100/0x190 [ 194.781651][ T8113] should_fail_ex.cold+0x5/0xa [ 194.781688][ T8113] should_failslab+0xc2/0x120 [ 194.781723][ T8113] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 194.781774][ T8113] ? __request_module+0x2d5/0x6c0 [ 194.781825][ T8113] kstrdup+0x51/0xe0 [ 194.781876][ T8113] __request_module+0x2d5/0x6c0 [ 194.781919][ T8113] ? __pfx___request_module+0x10/0x10 [ 194.781978][ T8113] ? __get_fs_type+0x12c/0x170 [ 194.782013][ T8113] ? __get_fs_type+0x12c/0x170 [ 194.782064][ T8113] get_fs_type+0xd7/0x190 [ 194.782102][ T8113] __x64_sys_fsopen+0xca/0x220 [ 194.782146][ T8113] do_syscall_64+0x106/0xf80 [ 194.782191][ T8113] ? clear_bhb_loop+0x40/0x90 [ 194.782229][ T8113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.782262][ T8113] RIP: 0033:0x7f6f0f19c799 [ 194.782289][ T8113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 194.782317][ T8113] RSP: 002b:00007f6f0ffff028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 194.782358][ T8113] RAX: ffffffffffffffda RBX: 00007f6f0f415fa0 RCX: 00007f6f0f19c799 [ 194.782378][ T8113] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 194.782396][ T8113] RBP: 00007f6f0f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 194.782415][ T8113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.782433][ T8113] R13: 00007f6f0f416038 R14: 00007f6f0f415fa0 R15: 00007ffc5ce1c268 [ 194.782474][ T8113] [ 195.056688][ T8118] netlink: 4 bytes leftover after parsing attributes in process `syz.1.829'. [ 195.069594][ T8118] netlink: 5 bytes leftover after parsing attributes in process `syz.1.829'. [ 195.087663][ T8118] netlink: 12 bytes leftover after parsing attributes in process `syz.1.829'. [ 195.293181][ T8120] netlink: 'syz.3.831': attribute type 4 has an invalid length. [ 195.362813][ T8122] smpboot: CPU 1 is now offline [ 195.371761][ T8120] netlink: 'syz.3.831': attribute type 4 has an invalid length. [ 195.464511][ T8125] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 196.247700][ T8140] syz.2.838 (8140) used greatest stack depth: 19608 bytes left [ 196.427735][ T8143] netlink: 28 bytes leftover after parsing attributes in process `syz.3.840'. [ 196.735475][ T8150] smpboot: CPU 1 is now offline [ 196.871765][ T8153] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 197.018746][ T8163] FAULT_INJECTION: forcing a failure. [ 197.018746][ T8163] name failslab, interval 1, probability 0, space 0, times 0 [ 197.188221][ T8163] CPU: 1 UID: 0 PID: 8163 Comm: syz.1.846 Tainted: G L syzkaller #0 PREEMPT(full) [ 197.188274][ T8163] Tainted: [L]=SOFTLOCKUP [ 197.188285][ T8163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 197.188313][ T8163] Call Trace: [ 197.188324][ T8163] [ 197.188335][ T8163] dump_stack_lvl+0x100/0x190 [ 197.188391][ T8163] should_fail_ex.cold+0x5/0xa [ 197.188427][ T8163] ? __alloc_workqueue+0x148/0x1880 [ 197.188463][ T8163] should_failslab+0xc2/0x120 [ 197.188496][ T8163] __kmalloc_noprof+0xe0/0x850 [ 197.188552][ T8163] __alloc_workqueue+0x148/0x1880 [ 197.188588][ T8163] ? __pfx_vsnprintf+0x10/0x10 [ 197.188628][ T8163] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 197.188669][ T8163] ? lockdep_hardirqs_on+0x78/0x100 [ 197.188713][ T8163] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 197.188759][ T8163] alloc_workqueue_noprof+0xd2/0x200 [ 197.188798][ T8163] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 197.188847][ T8163] ? __pfx___debug_object_init+0x10/0x10 [ 197.188909][ T8163] nci_register_device+0x21e/0xb80 [ 197.188947][ T8163] ? __pfx_nci_register_device+0x10/0x10 [ 197.188988][ T8163] ? lockdep_init_map_type+0x5c/0x250 [ 197.189038][ T8163] virtual_ncidev_open+0x141/0x220 [ 197.189084][ T8163] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 197.189126][ T8163] misc_open+0x26d/0x450 [ 197.189161][ T8163] ? __pfx_misc_open+0x10/0x10 [ 197.189195][ T8163] chrdev_open+0x234/0x6a0 [ 197.189227][ T8163] ? __pfx_apparmor_file_open+0x10/0x10 [ 197.189277][ T8163] ? __pfx_chrdev_open+0x10/0x10 [ 197.189319][ T8163] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 197.189360][ T8163] do_dentry_open+0x6d8/0x1660 [ 197.189392][ T8163] ? __pfx_chrdev_open+0x10/0x10 [ 197.189436][ T8163] vfs_open+0x82/0x3f0 [ 197.189481][ T8163] path_openat+0x208c/0x31a0 [ 197.189530][ T8163] ? __pfx_path_openat+0x10/0x10 [ 197.189578][ T8163] do_file_open+0x20e/0x430 [ 197.189615][ T8163] ? __pfx_do_file_open+0x10/0x10 [ 197.189679][ T8163] ? alloc_fd+0x476/0x790 [ 197.189716][ T8163] ? do_getname+0x191/0x390 [ 197.189760][ T8163] do_sys_openat2+0x10d/0x1e0 [ 197.189802][ T8163] ? __pfx_do_sys_openat2+0x10/0x10 [ 197.189859][ T8163] __x64_sys_openat+0x12d/0x210 [ 197.189902][ T8163] ? __pfx___x64_sys_openat+0x10/0x10 [ 197.189961][ T8163] do_syscall_64+0x106/0xf80 [ 197.190004][ T8163] ? clear_bhb_loop+0x40/0x90 [ 197.190043][ T8163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.190076][ T8163] RIP: 0033:0x7f7f5a99c799 [ 197.190102][ T8163] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 197.190131][ T8163] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 197.190163][ T8163] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 197.190183][ T8163] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 197.190202][ T8163] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 197.190222][ T8163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 197.190241][ T8163] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 197.190284][ T8163] [ 197.636254][ T8165] netlink: 334 bytes leftover after parsing attributes in process `syz.0.847'. [ 198.080653][ T8173] netlink: 'syz.0.850': attribute type 4 has an invalid length. [ 198.461820][ T8177] capability: warning: `syz.0.852' uses 32-bit capabilities (legacy support in use) [ 200.362400][ T8215] smpboot: CPU 1 is now offline [ 200.386789][ T8208] netlink: 74 bytes leftover after parsing attributes in process `syz.3.864'. [ 200.458591][ T8219] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 201.432009][ T8238] netlink: 'syz.0.882': attribute type 19 has an invalid length. [ 201.444294][ T8238] netlink: 334 bytes leftover after parsing attributes in process `syz.0.882'. [ 202.402169][ T8256] smpboot: CPU 1 is now offline [ 202.883832][ T8255] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 202.900834][ T8255] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 202.921457][ T8255] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 202.940942][ T8255] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 203.174596][ T8258] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 203.259486][ T8262] smpboot: CPU 1 is now offline [ 203.354120][ T8261] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 203.380658][ T8271] netlink: 4 bytes leftover after parsing attributes in process `syz.3.884'. [ 203.418261][ T8271] netlink: 25 bytes leftover after parsing attributes in process `syz.3.884'. [ 203.960597][ T8279] netlink: 342 bytes leftover after parsing attributes in process `syz.1.888'. [ 204.337053][ T8290] netlink: 'syz.3.891': attribute type 4 has an invalid length. [ 204.367849][ T8290] netlink: 314 bytes leftover after parsing attributes in process `syz.3.891'. [ 204.455628][ T22] IRQ fixup: irq 34 move in progress, old vector 49 [ 204.464932][ T8293] smpboot: CPU 1 is now offline [ 204.491300][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout [ 204.548614][ T8295] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 204.893408][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout [ 204.981157][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout [ 204.987425][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout [ 207.910081][ T8356] random: crng reseeded on system resumption [ 208.381301][ T8371] FAULT_INJECTION: forcing a failure. [ 208.381301][ T8371] name failslab, interval 1, probability 0, space 0, times 0 [ 208.463305][ T8371] CPU: 1 UID: 0 PID: 8371 Comm: syz.0.922 Tainted: G L syzkaller #0 PREEMPT(full) [ 208.463355][ T8371] Tainted: [L]=SOFTLOCKUP [ 208.463366][ T8371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 208.463383][ T8371] Call Trace: [ 208.463392][ T8371] [ 208.463404][ T8371] dump_stack_lvl+0x100/0x190 [ 208.463455][ T8371] should_fail_ex.cold+0x5/0xa [ 208.463493][ T8371] should_failslab+0xc2/0x120 [ 208.463525][ T8371] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 208.463571][ T8371] ? security_file_alloc+0x34/0x2c0 [ 208.463608][ T8371] ? trace_kmem_cache_alloc+0xf3/0x120 [ 208.463646][ T8371] security_file_alloc+0x34/0x2c0 [ 208.463685][ T8371] init_file+0x95/0x480 [ 208.463719][ T8371] alloc_empty_file+0x73/0x1c0 [ 208.463756][ T8371] alloc_file_pseudo+0x13a/0x230 [ 208.463796][ T8371] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 208.463833][ T8371] ? inode_init_always_gfp+0xd0e/0x1040 [ 208.463876][ T8371] sock_alloc_file+0x50/0x210 [ 208.463923][ T8371] do_accept+0x242/0x530 [ 208.463958][ T8371] ? 0xffffffff81000000 [ 208.463981][ T8371] ? do_raw_spin_lock+0x128/0x260 [ 208.464027][ T8371] ? __pfx_do_accept+0x10/0x10 [ 208.464089][ T8371] ? 0xffffffff81000000 [ 208.464110][ T8371] __sys_accept4+0x108/0x200 [ 208.464158][ T8371] ? __pfx___sys_accept4+0x10/0x10 [ 208.464193][ T8371] ? ksys_write+0x1ac/0x250 [ 208.464221][ T8371] ? __pfx_ksys_write+0x10/0x10 [ 208.464258][ T8371] __x64_sys_accept+0x74/0xb0 [ 208.464293][ T8371] ? lockdep_hardirqs_on+0x78/0x100 [ 208.464343][ T8371] do_syscall_64+0x106/0xf80 [ 208.464384][ T8371] ? clear_bhb_loop+0x40/0x90 [ 208.464421][ T8371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.464452][ T8371] RIP: 0033:0x7f9decd9c799 [ 208.464477][ T8371] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 208.464506][ T8371] RSP: 002b:00007f9deaff6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 208.464535][ T8371] RAX: ffffffffffffffda RBX: 00007f9ded015fa0 RCX: 00007f9decd9c799 [ 208.464554][ T8371] RDX: ffffffff81000000 RSI: ffffffffffffffff RDI: 0000000000000003 [ 208.464573][ T8371] RBP: 00007f9dece32c99 R08: 0000000000000000 R09: 0000000000000000 [ 208.464590][ T8371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 208.464606][ T8371] R13: 00007f9ded016038 R14: 00007f9ded015fa0 R15: 00007ffce7e9e598 [ 208.464636][ T8371] ? 0xffffffff81000000 [ 208.464668][ T8371] [ 209.292466][ T8381] netlink: 322 bytes leftover after parsing attributes in process `syz.1.926'. [ 209.888352][ T8392] netlink: 334 bytes leftover after parsing attributes in process `syz.3.930'. [ 209.953062][ T8394] netlink: 334 bytes leftover after parsing attributes in process `syz.0.929'. [ 210.338990][ T8399] netlink: 130 bytes leftover after parsing attributes in process `syz.0.932'. [ 210.824350][ T8404] base or size exceeds the MTRR width [ 211.242611][ T8419] netlink: 146 bytes leftover after parsing attributes in process `syz.1.940'. [ 211.763873][ T8440] netlink: 346 bytes leftover after parsing attributes in process `syz.0.946'. [ 212.509985][ T8450] smpboot: CPU 1 is now offline [ 212.838085][ T8454] binder: 8453:8454 ioctl c0306201 2000000000c0 returned -14 [ 215.216724][ T8509] netlink: 'syz.3.975': attribute type 33 has an invalid length. [ 215.263830][ T8509] netlink: 322 bytes leftover after parsing attributes in process `syz.3.975'. [ 215.976908][ T8529] netlink: 28 bytes leftover after parsing attributes in process `syz.0.982'. [ 216.014876][ T8529] hsr_slave_0: left promiscuous mode [ 216.028903][ T8529] hsr_slave_1: left promiscuous mode [ 216.358399][ T8533] netlink: 334 bytes leftover after parsing attributes in process `syz.3.984'. [ 216.773822][ T8542] netlink: 142 bytes leftover after parsing attributes in process `syz.1.987'. [ 217.716696][ T8566] netlink: 342 bytes leftover after parsing attributes in process `syz.2.998'. [ 219.705211][ T8618] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1017'. [ 219.815099][ T8618] hsr_slave_0: left promiscuous mode [ 219.861449][ T8618] hsr_slave_1: left promiscuous mode [ 221.297404][ T8658] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1032'. [ 221.317164][ T8658] hsr_slave_0: left promiscuous mode [ 221.328721][ T8658] hsr_slave_1: left promiscuous mode [ 221.709270][ T8668] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1036'. [ 222.108774][ T8674] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1038'. [ 222.517730][ T8685] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1043'. [ 223.232674][ T8707] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1054'. [ 223.488949][ T8715] netlink: 302 bytes leftover after parsing attributes in process `syz.1.1057'. [ 225.385296][ T8759] netlink: 'syz.1.1073': attribute type 4 has an invalid length. [ 229.653262][ T8816] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1091'. [ 229.739344][ T8816] hsr_slave_0: left promiscuous mode [ 229.751266][ T8816] hsr_slave_1: left promiscuous mode [ 229.980328][ T8825] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1096'. [ 230.171869][ T8830] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1098'. [ 230.222766][ T8832] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1100'. [ 230.658269][ T8846] phram: not enough arguments [ 230.750671][ T8850] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 230.809541][ T8850] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 230.915009][ T8853] vcan0: tx drop: invalid da for name 0x000000000000003f [ 231.408276][ T8872] netlink: 'syz.0.1118': attribute type 19 has an invalid length. [ 231.427496][ T8872] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1118'. [ 231.605329][ T8875] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1119'. [ 232.162572][ T8887] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1123'. [ 232.455607][ T8891] FAULT_INJECTION: forcing a failure. [ 232.455607][ T8891] name failslab, interval 1, probability 0, space 0, times 0 [ 232.494457][ T8891] CPU: 0 UID: 0 PID: 8891 Comm: syz.2.1125 Tainted: G L syzkaller #0 PREEMPT(full) [ 232.494488][ T8891] Tainted: [L]=SOFTLOCKUP [ 232.494495][ T8891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 232.494505][ T8891] Call Trace: [ 232.494511][ T8891] [ 232.494518][ T8891] dump_stack_lvl+0x100/0x190 [ 232.494550][ T8891] should_fail_ex.cold+0x5/0xa [ 232.494571][ T8891] should_failslab+0xc2/0x120 [ 232.494591][ T8891] __kmalloc_cache_noprof+0x7a/0x6f0 [ 232.494615][ T8891] ? wakeup_source_device_create+0x46/0x2e0 [ 232.494641][ T8891] wakeup_source_device_create+0x46/0x2e0 [ 232.494664][ T8891] wakeup_source_sysfs_add+0x1c/0x90 [ 232.494685][ T8891] wakeup_source_register+0x154/0x3e0 [ 232.494716][ T8891] ep_create_wakeup_source+0x1df/0x2e0 [ 232.494746][ T8891] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 232.494779][ T8891] ? do_epoll_ctl+0x1012/0x36a0 [ 232.494797][ T8891] ? do_epoll_ctl+0x1012/0x36a0 [ 232.494821][ T8891] do_epoll_ctl+0x1eee/0x36a0 [ 232.494848][ T8891] ? __pfx_do_epoll_ctl+0x10/0x10 [ 232.494865][ T8891] ? find_held_lock+0x2b/0x80 [ 232.494882][ T8891] ? __might_fault+0xc5/0x140 [ 232.494906][ T8891] ? __might_fault+0xc5/0x140 [ 232.494945][ T8891] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 232.494963][ T8891] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 232.494982][ T8891] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 232.495008][ T8891] do_syscall_64+0x106/0xf80 [ 232.495033][ T8891] ? clear_bhb_loop+0x40/0x90 [ 232.495056][ T8891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.495075][ T8891] RIP: 0033:0x7f66a2d9c799 [ 232.495090][ T8891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 232.495108][ T8891] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 232.495125][ T8891] RAX: ffffffffffffffda RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 232.495137][ T8891] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 232.495146][ T8891] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 232.495157][ T8891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.495167][ T8891] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 232.495190][ T8891] [ 232.754371][ T8894] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1126'. [ 233.064968][ T8904] ovs_: entered promiscuous mode [ 233.874472][ T8916] zswap: compressor not available [ 233.949067][ T8926] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1138'. [ 234.070666][ T8928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 234.084869][ T8930] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1140'. [ 234.146625][ T8928] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 234.190542][ T8928] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 234.224565][ T8928] page_type: f5(slab) [ 234.262532][ T8928] raw: 00fff00000000040 ffff88801ce8e8c0 dead000000000100 dead000000000122 [ 234.332599][ T8928] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 234.376650][ T8928] head: 00fff00000000040 ffff88801ce8e8c0 dead000000000100 dead000000000122 [ 234.415248][ T8928] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 234.454760][ T8928] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 234.512789][ T8928] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 234.524591][ T29] audit: type=1800 audit(1773805331.139:4): pid=8936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1142" name="dbroot" dev="configfs" ino=23144 res=0 errno=0 [ 234.565181][ T8936] db_root: cannot open: 0 [ 234.574474][ T8928] page dumped because: unmovable page [ 234.595592][ T8928] page_owner tracks the page as allocated [ 234.631148][ T8928] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevadm), ts 34748269354, free_ts 27937401701 [ 234.761219][ T8928] post_alloc_hook+0x153/0x170 [ 234.792269][ T8928] get_page_from_freelist+0x111d/0x3140 [ 234.811368][ T8928] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 234.837768][ T8928] new_slab+0xa6/0x6b0 [ 234.889232][ T8928] refill_objects+0x26b/0x400 [ 234.918743][ T8928] __pcs_replace_empty_main+0x1ab/0x660 [ 234.948788][ T8928] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 234.967157][ T8928] alloc_inode+0x183/0x250 [ 234.979739][ T8928] iget_locked+0x1d9/0x6d0 [ 234.997122][ T8928] kernfs_get_inode+0x46/0x470 [ 235.011210][ T8928] kernfs_iop_lookup+0x1a7/0x2d0 [ 235.033057][ T8928] __lookup_slow+0x251/0x460 [ 235.058142][ T8928] lookup_slow+0x50/0x70 [ 235.076903][ T8928] path_lookupat+0x5e8/0xc40 [ 235.091330][ T8928] filename_lookup+0x202/0x590 [ 235.106277][ T8928] do_readlinkat+0xd3/0x370 [ 235.126638][ T8928] page last free pid 1 tgid 1 stack trace: [ 235.141117][ T8928] __free_frozen_pages+0x7e1/0x10d0 [ 235.158684][ T8928] free_contig_range+0xde/0x1d0 [ 235.178944][ T8928] destroy_args+0xa8/0x7a0 [ 235.199173][ T8928] debug_vm_pgtable+0x1b66/0x34c0 [ 235.209284][ T8928] do_one_initcall+0x11d/0x760 [ 235.229229][ T8928] kernel_init_freeable+0x6e5/0x7a0 [ 235.245898][ T8928] kernel_init+0x1f/0x1e0 [ 235.263864][ T8928] ret_from_fork+0x754/0xd80 [ 235.280721][ T8928] ret_from_fork_asm+0x1a/0x30 [ 235.503466][ T8966] FAULT_INJECTION: forcing a failure. [ 235.503466][ T8966] name failslab, interval 1, probability 0, space 0, times 0 [ 235.557515][ T8966] CPU: 0 UID: 0 PID: 8966 Comm: syz.3.1154 Tainted: G L syzkaller #0 PREEMPT(full) [ 235.557548][ T8966] Tainted: [L]=SOFTLOCKUP [ 235.557554][ T8966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 235.557565][ T8966] Call Trace: [ 235.557572][ T8966] [ 235.557579][ T8966] dump_stack_lvl+0x100/0x190 [ 235.557612][ T8966] should_fail_ex.cold+0x5/0xa [ 235.557633][ T8966] should_failslab+0xc2/0x120 [ 235.557654][ T8966] __kmalloc_cache_noprof+0x7a/0x6f0 [ 235.557678][ T8966] ? mon_text_open+0xe3/0x510 [ 235.557699][ T8966] ? __pfx_mon_text_open+0x10/0x10 [ 235.557714][ T8966] mon_text_open+0xe3/0x510 [ 235.557731][ T8966] ? __pfx_mon_text_open+0x10/0x10 [ 235.557749][ T8966] ? __debugfs_file_get+0x1fc/0x860 [ 235.557781][ T8966] ? __pfx___debugfs_file_get+0x10/0x10 [ 235.557806][ T8966] ? __pfx_apparmor_file_open+0x10/0x10 [ 235.557834][ T8966] ? lockdown_is_locked_down+0x3d/0x140 [ 235.557860][ T8966] ? bpf_lsm_locked_down+0x9/0x10 [ 235.557883][ T8966] ? __pfx_mon_text_open+0x10/0x10 [ 235.557899][ T8966] full_proxy_open_regular+0x1b6/0x370 [ 235.557928][ T8966] do_dentry_open+0x6d8/0x1660 [ 235.557947][ T8966] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 235.557981][ T8966] vfs_open+0x82/0x3f0 [ 235.558006][ T8966] path_openat+0x208c/0x31a0 [ 235.558032][ T8966] ? __pfx_path_openat+0x10/0x10 [ 235.558058][ T8966] do_file_open+0x20e/0x430 [ 235.558078][ T8966] ? __pfx_do_file_open+0x10/0x10 [ 235.558112][ T8966] ? alloc_fd+0x476/0x790 [ 235.558131][ T8966] ? do_getname+0x191/0x390 [ 235.558155][ T8966] do_sys_openat2+0x10d/0x1e0 [ 235.558179][ T8966] ? __pfx_do_sys_openat2+0x10/0x10 [ 235.558204][ T8966] ? __fget_files+0x21f/0x3d0 [ 235.558225][ T8966] __x64_sys_openat+0x12d/0x210 [ 235.558250][ T8966] ? __pfx___x64_sys_openat+0x10/0x10 [ 235.558282][ T8966] do_syscall_64+0x106/0xf80 [ 235.558318][ T8966] ? clear_bhb_loop+0x40/0x90 [ 235.558341][ T8966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.558360][ T8966] RIP: 0033:0x7f6f0f19c799 [ 235.558377][ T8966] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 235.558394][ T8966] RSP: 002b:00007f6f0ffff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 235.558412][ T8966] RAX: ffffffffffffffda RBX: 00007f6f0f415fa0 RCX: 00007f6f0f19c799 [ 235.558424][ T8966] RDX: 0000000000080080 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 235.558435][ T8966] RBP: 00007f6f0f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 235.558445][ T8966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.558454][ T8966] R13: 00007f6f0f416038 R14: 00007f6f0f415fa0 R15: 00007ffc5ce1c268 [ 235.558476][ T8966] [ 236.761738][ T8991] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 236.776266][ T8988] Console: switching to colour VGA+ 80x25 [ 236.918122][ T8988] Console: switching to colour frame buffer device 128x48 [ 237.563763][ T9006] __nla_validate_parse: 1 callbacks suppressed [ 237.563782][ T9006] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1171'. [ 238.261291][ T9017] mmap: syz.1.1175 (9017) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 238.325698][ T9018] bridge0: port 3(netdevsim1) entered blocking state [ 238.402993][ T9018] bridge0: port 3(netdevsim1) entered disabled state [ 238.450689][ T9018] netdevsim netdevsim1 netdevsim1: entered allmulticast mode [ 238.502516][ T9018] netdevsim netdevsim1 netdevsim1: entered promiscuous mode [ 238.503022][ T9018] bridge0: port 3(netdevsim1) entered blocking state [ 238.503264][ T9018] bridge0: port 3(netdevsim1) entered forwarding state [ 238.862819][ T9028] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1179'. [ 239.421358][ T9042] FAULT_INJECTION: forcing a failure. [ 239.421358][ T9042] name failslab, interval 1, probability 0, space 0, times 0 [ 239.496647][ T9042] CPU: 0 UID: 0 PID: 9042 Comm: syz.1.1184 Tainted: G L syzkaller #0 PREEMPT(full) [ 239.496683][ T9042] Tainted: [L]=SOFTLOCKUP [ 239.496690][ T9042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 239.496700][ T9042] Call Trace: [ 239.496707][ T9042] [ 239.496720][ T9042] dump_stack_lvl+0x100/0x190 [ 239.496753][ T9042] should_fail_ex.cold+0x5/0xa [ 239.496774][ T9042] ? tomoyo_realpath_from_path+0xb6/0x690 [ 239.496807][ T9042] should_failslab+0xc2/0x120 [ 239.496826][ T9042] __kmalloc_noprof+0xe0/0x850 [ 239.496859][ T9042] tomoyo_realpath_from_path+0xb6/0x690 [ 239.496890][ T9042] tomoyo_check_open_permission+0x2af/0x3c0 [ 239.496912][ T9042] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 239.496956][ T9042] ? do_raw_spin_lock+0x128/0x260 [ 239.496985][ T9042] ? path_get+0x61/0x80 [ 239.497008][ T9042] tomoyo_file_open+0x6b/0x90 [ 239.497037][ T9042] security_file_open+0xb5/0x1e0 [ 239.497059][ T9042] do_dentry_open+0x5aa/0x1660 [ 239.497079][ T9042] ? security_inode_permission+0xbf/0x250 [ 239.497103][ T9042] vfs_open+0x82/0x3f0 [ 239.497128][ T9042] path_openat+0x208c/0x31a0 [ 239.497154][ T9042] ? __pfx_path_openat+0x10/0x10 [ 239.497182][ T9042] do_file_open+0x20e/0x430 [ 239.497202][ T9042] ? __pfx_do_file_open+0x10/0x10 [ 239.497237][ T9042] ? alloc_fd+0x476/0x790 [ 239.497257][ T9042] ? do_getname+0x191/0x390 [ 239.497281][ T9042] do_sys_openat2+0x10d/0x1e0 [ 239.497305][ T9042] ? __pfx_do_sys_openat2+0x10/0x10 [ 239.497337][ T9042] __x64_sys_openat+0x12d/0x210 [ 239.497362][ T9042] ? __pfx___x64_sys_openat+0x10/0x10 [ 239.497395][ T9042] do_syscall_64+0x106/0xf80 [ 239.497420][ T9042] ? clear_bhb_loop+0x40/0x90 [ 239.497442][ T9042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.497460][ T9042] RIP: 0033:0x7f7f5a99c799 [ 239.497475][ T9042] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 239.497492][ T9042] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 239.497510][ T9042] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 239.497521][ T9042] RDX: 0000000000002400 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 239.497532][ T9042] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 239.497543][ T9042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.497553][ T9042] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 239.497578][ T9042] [ 239.497615][ T9042] ERROR: Out of memory at tomoyo_realpath_from_path. [ 240.299761][ T9058] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1190'. [ 241.025004][ T9071] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1193'. [ 241.079063][ T9071] netlink: 'syz.2.1193': attribute type 7 has an invalid length. [ 241.968910][ T9079] netlink: 86 bytes leftover after parsing attributes in process `syz.2.1197'. [ 242.859160][ T9113] netlink: 'syz.2.1211': attribute type 29 has an invalid length. [ 242.900284][ T9113] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1211'. [ 243.334085][ T9127] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 243.637374][ T9133] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1218'. [ 245.021959][ T9155] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1225'. [ 245.089674][ T9155] netlink: 'syz.0.1225': attribute type 7 has an invalid length. [ 246.224554][ T9185] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 246.674442][ T9196] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1239'. [ 246.732271][ T9196] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1239'. [ 246.783141][ T9196] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1239'. [ 247.305539][ T9174] kexec: Could not allocate control_code_buffer [ 247.642365][ T9213] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1246'. [ 248.859358][ T9233] mkiss: ax0: crc mode is auto. [ 249.557426][ T9254] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1262'. [ 250.967733][ T9283] FAULT_INJECTION: forcing a failure. [ 250.967733][ T9283] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 251.118637][ T9283] CPU: 0 UID: 0 PID: 9283 Comm: syz.1.1270 Tainted: G L syzkaller #0 PREEMPT(full) [ 251.118669][ T9283] Tainted: [L]=SOFTLOCKUP [ 251.118675][ T9283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 251.118685][ T9283] Call Trace: [ 251.118692][ T9283] [ 251.118699][ T9283] dump_stack_lvl+0x100/0x190 [ 251.118730][ T9283] should_fail_ex.cold+0x5/0xa [ 251.118751][ T9283] strncpy_from_user+0x3b/0x2d0 [ 251.118775][ T9283] __do_sys_memfd_create+0x1a7/0x3d0 [ 251.118802][ T9283] do_syscall_64+0x106/0xf80 [ 251.118827][ T9283] ? clear_bhb_loop+0x40/0x90 [ 251.118849][ T9283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.118868][ T9283] RIP: 0033:0x7f7f5a99c799 [ 251.118884][ T9283] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 251.118901][ T9283] RSP: 002b:00007f7f5b77b028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 251.118918][ T9283] RAX: ffffffffffffffda RBX: 00007f7f5ac16090 RCX: 00007f7f5a99c799 [ 251.118929][ T9283] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000000 [ 251.118939][ T9283] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 251.118949][ T9283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 251.118959][ T9283] R13: 00007f7f5ac16128 R14: 00007f7f5ac16090 R15: 00007fff915e8948 [ 251.118981][ T9283] [ 252.558328][ T9312] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1284'. [ 252.598843][ T9314] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 252.999913][ T9328] FAULT_INJECTION: forcing a failure. [ 252.999913][ T9328] name failslab, interval 1, probability 0, space 0, times 0 [ 253.055146][ T9328] CPU: 0 UID: 0 PID: 9328 Comm: syz.1.1289 Tainted: G L syzkaller #0 PREEMPT(full) [ 253.055177][ T9328] Tainted: [L]=SOFTLOCKUP [ 253.055184][ T9328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 253.055194][ T9328] Call Trace: [ 253.055200][ T9328] [ 253.055207][ T9328] dump_stack_lvl+0x100/0x190 [ 253.055238][ T9328] should_fail_ex.cold+0x5/0xa [ 253.055259][ T9328] should_failslab+0xc2/0x120 [ 253.055280][ T9328] __kmalloc_cache_noprof+0x7a/0x6f0 [ 253.055305][ T9328] ? __do_sys_memfd_create+0x170/0x3d0 [ 253.055334][ T9328] __do_sys_memfd_create+0x170/0x3d0 [ 253.055365][ T9328] do_syscall_64+0x106/0xf80 [ 253.055390][ T9328] ? clear_bhb_loop+0x40/0x90 [ 253.055411][ T9328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.055429][ T9328] RIP: 0033:0x7f7f5a99c799 [ 253.055444][ T9328] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 253.055461][ T9328] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 253.055479][ T9328] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 253.055490][ T9328] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 253.055500][ T9328] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 253.055509][ T9328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 253.055519][ T9328] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 253.055541][ T9328] [ 253.948801][ T9345] netlink: 'syz.2.1295': attribute type 28 has an invalid length. [ 254.054778][ T9345] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1295'. [ 254.172681][ T9351] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1299'. [ 255.854643][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.863523][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.271562][ T9415] netlink: 'syz.3.1323': attribute type 4 has an invalid length. [ 259.944135][ T9478] ubi0: attaching mtd0 [ 259.950119][ T9478] ubi0: scanning is finished [ 259.995403][ T9478] ubi0: empty MTD device detected [ 260.202711][ T9478] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 260.237749][ T9478] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 260.268289][ T9478] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 260.303875][ T9478] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 260.342579][ T9478] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 260.379823][ T9478] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 260.423433][ T9478] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1537717847 [ 260.468159][ T9478] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 260.513463][ T9487] ubi0: background thread "ubi_bgt0d" started, PID 9487 [ 260.530828][ T9486] ubi0: detaching mtd0 [ 260.619218][ T9486] ubi0: mtd0 is detached [ 260.892796][ T9499] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1345'. [ 262.887471][ T9538] FAULT_INJECTION: forcing a failure. [ 262.887471][ T9538] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 263.003578][ T9538] CPU: 0 UID: 0 PID: 9538 Comm: syz.3.1358 Tainted: G L syzkaller #0 PREEMPT(full) [ 263.003611][ T9538] Tainted: [L]=SOFTLOCKUP [ 263.003617][ T9538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 263.003628][ T9538] Call Trace: [ 263.003639][ T9538] [ 263.003646][ T9538] dump_stack_lvl+0x100/0x190 [ 263.003677][ T9538] should_fail_ex.cold+0x5/0xa [ 263.003699][ T9538] strncpy_from_user+0x3b/0x2d0 [ 263.003721][ T9538] __do_sys_memfd_create+0x1a7/0x3d0 [ 263.003749][ T9538] do_syscall_64+0x106/0xf80 [ 263.003775][ T9538] ? clear_bhb_loop+0x40/0x90 [ 263.003797][ T9538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.003815][ T9538] RIP: 0033:0x7f6f0f19c799 [ 263.003831][ T9538] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 263.003848][ T9538] RSP: 002b:00007f6f0ffde028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 263.003865][ T9538] RAX: ffffffffffffffda RBX: 00007f6f0f416090 RCX: 00007f6f0f19c799 [ 263.003876][ T9538] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000000 [ 263.003886][ T9538] RBP: 00007f6f0f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 263.003896][ T9538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 263.003906][ T9538] R13: 00007f6f0f416128 R14: 00007f6f0f416090 R15: 00007ffc5ce1c268 [ 263.003929][ T9538] [ 268.563370][ T9649] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1401'. [ 269.091602][ T9661] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1405'. [ 269.164887][ T9661] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1405'. [ 270.645999][ T9681] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1411'. [ 271.292470][ T9686] FAULT_INJECTION: forcing a failure. [ 271.292470][ T9686] name failslab, interval 1, probability 0, space 0, times 0 [ 271.380965][ T9686] CPU: 0 UID: 0 PID: 9686 Comm: syz.2.1413 Tainted: G L syzkaller #0 PREEMPT(full) [ 271.381000][ T9686] Tainted: [L]=SOFTLOCKUP [ 271.381007][ T9686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 271.381017][ T9686] Call Trace: [ 271.381023][ T9686] [ 271.381032][ T9686] dump_stack_lvl+0x100/0x190 [ 271.381064][ T9686] should_fail_ex.cold+0x5/0xa [ 271.381085][ T9686] should_failslab+0xc2/0x120 [ 271.381104][ T9686] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 271.381132][ T9686] ? security_inode_alloc+0x3b/0x2c0 [ 271.381151][ T9686] ? lockdep_init_map_type+0x5c/0x250 [ 271.381179][ T9686] security_inode_alloc+0x3b/0x2c0 [ 271.381199][ T9686] inode_init_always_gfp+0xced/0x1040 [ 271.381222][ T9686] alloc_inode+0x8e/0x250 [ 271.381247][ T9686] path_from_stashed+0x25b/0x750 [ 271.381271][ T9686] ns_get_path+0x60/0x80 [ 271.381290][ T9686] proc_ns_get_link+0x121/0x230 [ 271.381316][ T9686] ? __pfx_proc_ns_get_link+0x10/0x10 [ 271.381344][ T9686] ? atime_needs_update+0x8b/0x6b0 [ 271.381371][ T9686] pick_link+0xd17/0x13c0 [ 271.381404][ T9686] ? __pfx_proc_ns_get_link+0x10/0x10 [ 271.381432][ T9686] step_into_slowpath+0x9ba/0xf90 [ 271.381464][ T9686] ? __pfx_step_into_slowpath+0x10/0x10 [ 271.381490][ T9686] ? find_held_lock+0x2b/0x80 [ 271.381514][ T9686] path_openat+0xf95/0x31a0 [ 271.381540][ T9686] ? __pfx_path_openat+0x10/0x10 [ 271.381567][ T9686] do_file_open+0x20e/0x430 [ 271.381588][ T9686] ? __pfx_do_file_open+0x10/0x10 [ 271.381622][ T9686] ? alloc_fd+0x476/0x790 [ 271.381643][ T9686] ? do_getname+0x191/0x390 [ 271.381668][ T9686] do_sys_openat2+0x10d/0x1e0 [ 271.381694][ T9686] ? __pfx_do_sys_openat2+0x10/0x10 [ 271.381719][ T9686] ? __fget_files+0x21f/0x3d0 [ 271.381740][ T9686] __x64_sys_openat+0x12d/0x210 [ 271.381765][ T9686] ? __pfx___x64_sys_openat+0x10/0x10 [ 271.381798][ T9686] do_syscall_64+0x106/0xf80 [ 271.381823][ T9686] ? clear_bhb_loop+0x40/0x90 [ 271.381845][ T9686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.381864][ T9686] RIP: 0033:0x7f66a2d5cfce [ 271.381881][ T9686] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 271.381898][ T9686] RSP: 002b:00007f66a3c13ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 271.381917][ T9686] RAX: ffffffffffffffda RBX: 00007f66a3c146c0 RCX: 00007f66a2d5cfce [ 271.381929][ T9686] RDX: 0000000000000002 RSI: 00007f66a3c13f90 RDI: ffffffffffffff9c [ 271.381940][ T9686] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 271.381951][ T9686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 271.381960][ T9686] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 271.381984][ T9686] [ 272.486106][ T9697] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1418'. [ 272.868778][ T9706] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1422'. [ 274.302992][ T9730] zswap: compressor not available [ 274.658450][ T9750] FAULT_INJECTION: forcing a failure. [ 274.658450][ T9750] name failslab, interval 1, probability 0, space 0, times 0 [ 274.748483][ T9750] CPU: 0 UID: 0 PID: 9750 Comm: syz.2.1436 Tainted: G L syzkaller #0 PREEMPT(full) [ 274.748516][ T9750] Tainted: [L]=SOFTLOCKUP [ 274.748523][ T9750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 274.748534][ T9750] Call Trace: [ 274.748540][ T9750] [ 274.748548][ T9750] dump_stack_lvl+0x100/0x190 [ 274.748581][ T9750] should_fail_ex.cold+0x5/0xa [ 274.748602][ T9750] should_failslab+0xc2/0x120 [ 274.748622][ T9750] __kmalloc_cache_noprof+0x7a/0x6f0 [ 274.748646][ T9750] ? snd_seq_prioq_new+0x3f/0x110 [ 274.748672][ T9750] ? lockdep_init_map_type+0x5c/0x250 [ 274.748700][ T9750] snd_seq_prioq_new+0x3f/0x110 [ 274.748726][ T9750] snd_seq_queue_alloc+0x153/0x590 [ 274.748752][ T9750] snd_seq_ioctl_create_queue+0xa9/0x370 [ 274.748782][ T9750] call_seq_client_ctl+0xa3/0x130 [ 274.748813][ T9750] snd_seq_kernel_client_ctl+0x77/0xd0 [ 274.748845][ T9750] alloc_seq_queue+0xdb/0x180 [ 274.748863][ T9750] ? __pfx_alloc_seq_queue+0x10/0x10 [ 274.748893][ T9750] ? mark_held_locks+0x40/0x70 [ 274.748914][ T9750] ? _raw_spin_unlock_irq+0x23/0x50 [ 274.748937][ T9750] ? lockdep_hardirqs_on+0x78/0x100 [ 274.748965][ T9750] snd_seq_oss_open+0x2b2/0xa10 [ 274.748988][ T9750] odev_open+0x79/0xc0 [ 274.749003][ T9750] ? __pfx_odev_open+0x10/0x10 [ 274.749019][ T9750] soundcore_open+0x2e3/0x5a0 [ 274.749039][ T9750] ? __pfx_soundcore_open+0x10/0x10 [ 274.749056][ T9750] chrdev_open+0x234/0x6a0 [ 274.749075][ T9750] ? __pfx_apparmor_file_open+0x10/0x10 [ 274.749104][ T9750] ? __pfx_chrdev_open+0x10/0x10 [ 274.749124][ T9750] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 274.749148][ T9750] do_dentry_open+0x6d8/0x1660 [ 274.749166][ T9750] ? __pfx_chrdev_open+0x10/0x10 [ 274.749190][ T9750] vfs_open+0x82/0x3f0 [ 274.749215][ T9750] path_openat+0x208c/0x31a0 [ 274.749242][ T9750] ? __pfx_path_openat+0x10/0x10 [ 274.749268][ T9750] do_file_open+0x20e/0x430 [ 274.749289][ T9750] ? __pfx_do_file_open+0x10/0x10 [ 274.749323][ T9750] ? alloc_fd+0x476/0x790 [ 274.749343][ T9750] ? do_getname+0x191/0x390 [ 274.749367][ T9750] do_sys_openat2+0x10d/0x1e0 [ 274.749400][ T9750] ? __pfx_do_sys_openat2+0x10/0x10 [ 274.749426][ T9750] ? find_held_lock+0x2b/0x80 [ 274.749449][ T9750] __x64_sys_openat+0x12d/0x210 [ 274.749475][ T9750] ? __pfx___x64_sys_openat+0x10/0x10 [ 274.749512][ T9750] do_syscall_64+0x106/0xf80 [ 274.749536][ T9750] ? clear_bhb_loop+0x40/0x90 [ 274.749560][ T9750] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.749580][ T9750] RIP: 0033:0x7f66a2d9c799 [ 274.749597][ T9750] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 274.749614][ T9750] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 274.749633][ T9750] RAX: ffffffffffffffda RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 274.749645][ T9750] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 274.749655][ T9750] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 274.749666][ T9750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 274.749676][ T9750] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 274.749700][ T9750] [ 275.831835][ T9765] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1441'. [ 276.405737][ T9780] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1446'. [ 276.914270][ T9792] netlink: 206 bytes leftover after parsing attributes in process `syz.3.1453'. [ 277.685310][ T9803] : renamed from bond0 (while UP) [ 279.147772][ T9835] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1471'. [ 280.479049][ T9855] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1479'. [ 280.522914][ T9855] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1479'. [ 281.046323][ T9864] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1482'. [ 281.640723][ T9875] FAULT_INJECTION: forcing a failure. [ 281.640723][ T9875] name failslab, interval 1, probability 0, space 0, times 0 [ 281.828725][ T9875] CPU: 0 UID: 0 PID: 9875 Comm: syz.2.1486 Tainted: G L syzkaller #0 PREEMPT(full) [ 281.828757][ T9875] Tainted: [L]=SOFTLOCKUP [ 281.828764][ T9875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 281.828775][ T9875] Call Trace: [ 281.828782][ T9875] [ 281.828789][ T9875] dump_stack_lvl+0x100/0x190 [ 281.828822][ T9875] should_fail_ex.cold+0x5/0xa [ 281.828844][ T9875] should_failslab+0xc2/0x120 [ 281.828864][ T9875] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 281.828895][ T9875] ? kasprintf+0xc7/0x100 [ 281.828921][ T9875] kvasprintf+0xbc/0x150 [ 281.828943][ T9875] ? __pfx_kvasprintf+0x10/0x10 [ 281.828966][ T9875] ? __pfx_vsnprintf+0x10/0x10 [ 281.828989][ T9875] ? kasan_save_stack+0x30/0x50 [ 281.829016][ T9875] ? kasan_save_track+0x14/0x30 [ 281.829044][ T9875] ? __kasan_kmalloc+0xaa/0xb0 [ 281.829070][ T9875] ? uevent_show+0x166/0x3a0 [ 281.829100][ T9875] kasprintf+0xc7/0x100 [ 281.829122][ T9875] ? __pfx_kasprintf+0x10/0x10 [ 281.829144][ T9875] ? __pfx_add_uevent_var+0x10/0x10 [ 281.829170][ T9875] ? __pfx_dvb_devnode+0x10/0x10 [ 281.829197][ T9875] device_get_devnode+0x166/0x2c0 [ 281.829229][ T9875] dev_uevent+0x4c6/0x8a0 [ 281.829257][ T9875] ? __pfx_dev_uevent+0x10/0x10 [ 281.829289][ T9875] ? __pfx_uevent_show+0x10/0x10 [ 281.829316][ T9875] uevent_show+0x1ca/0x3a0 [ 281.829346][ T9875] ? __pfx_uevent_show+0x10/0x10 [ 281.829373][ T9875] dev_attr_show+0x52/0xa0 [ 281.829395][ T9875] ? __pfx_dev_attr_show+0x10/0x10 [ 281.829415][ T9875] sysfs_kf_seq_show+0x217/0x3a0 [ 281.829443][ T9875] seq_read_iter+0x32f/0x1270 [ 281.829482][ T9875] kernfs_fop_read_iter+0x46c/0x610 [ 281.829503][ T9875] ? rw_verify_area+0xce/0x6d0 [ 281.829528][ T9875] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 281.829551][ T9875] vfs_read+0x825/0xb30 [ 281.829582][ T9875] ? __pfx_vfs_read+0x10/0x10 [ 281.829626][ T9875] ksys_read+0x12a/0x250 [ 281.829642][ T9875] ? __pfx_ksys_read+0x10/0x10 [ 281.829665][ T9875] do_syscall_64+0x106/0xf80 [ 281.829690][ T9875] ? clear_bhb_loop+0x40/0x90 [ 281.829712][ T9875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.829731][ T9875] RIP: 0033:0x7f66a2d9c799 [ 281.829752][ T9875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 281.829769][ T9875] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 281.829787][ T9875] RAX: ffffffffffffffda RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 281.829798][ T9875] RDX: 0000000000000086 RSI: 00002000000003c0 RDI: 0000000000000005 [ 281.829808][ T9875] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 281.829818][ T9875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 281.829828][ T9875] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 281.829851][ T9875] [ 283.435973][ T9906] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1500'. [ 283.765730][ T9913] delete_channel: no stack [ 283.843912][ T9911] Process accounting resumed [ 284.017209][ T9923] FAULT_INJECTION: forcing a failure. [ 284.017209][ T9923] name failslab, interval 1, probability 0, space 0, times 0 [ 284.081356][ T9923] CPU: 0 UID: 0 PID: 9923 Comm: syz.3.1507 Tainted: G L syzkaller #0 PREEMPT(full) [ 284.081388][ T9923] Tainted: [L]=SOFTLOCKUP [ 284.081394][ T9923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 284.081405][ T9923] Call Trace: [ 284.081412][ T9923] [ 284.081419][ T9923] dump_stack_lvl+0x100/0x190 [ 284.081451][ T9923] should_fail_ex.cold+0x5/0xa [ 284.081473][ T9923] should_failslab+0xc2/0x120 [ 284.081492][ T9923] __kmalloc_cache_noprof+0x7a/0x6f0 [ 284.081517][ T9923] ? rfkill_fop_open+0x1b6/0x750 [ 284.081536][ T9923] ? mark_held_locks+0x40/0x70 [ 284.081562][ T9923] rfkill_fop_open+0x1b6/0x750 [ 284.081586][ T9923] ? __pfx_rfkill_fop_open+0x10/0x10 [ 284.081608][ T9923] misc_open+0x26d/0x450 [ 284.081629][ T9923] ? __pfx_misc_open+0x10/0x10 [ 284.081648][ T9923] chrdev_open+0x234/0x6a0 [ 284.081667][ T9923] ? __pfx_apparmor_file_open+0x10/0x10 [ 284.081696][ T9923] ? __pfx_chrdev_open+0x10/0x10 [ 284.081716][ T9923] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 284.081742][ T9923] do_dentry_open+0x6d8/0x1660 [ 284.081760][ T9923] ? __pfx_chrdev_open+0x10/0x10 [ 284.081784][ T9923] vfs_open+0x82/0x3f0 [ 284.081809][ T9923] path_openat+0x208c/0x31a0 [ 284.081835][ T9923] ? __pfx_path_openat+0x10/0x10 [ 284.081862][ T9923] do_file_open+0x20e/0x430 [ 284.081884][ T9923] ? __pfx_do_file_open+0x10/0x10 [ 284.081919][ T9923] ? alloc_fd+0x476/0x790 [ 284.081940][ T9923] ? do_getname+0x191/0x390 [ 284.081965][ T9923] do_sys_openat2+0x10d/0x1e0 [ 284.081989][ T9923] ? __pfx_do_sys_openat2+0x10/0x10 [ 284.082014][ T9923] ? __fget_files+0x21f/0x3d0 [ 284.082036][ T9923] __x64_sys_openat+0x12d/0x210 [ 284.082060][ T9923] ? __pfx___x64_sys_openat+0x10/0x10 [ 284.082093][ T9923] do_syscall_64+0x106/0xf80 [ 284.082118][ T9923] ? clear_bhb_loop+0x40/0x90 [ 284.082140][ T9923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.082159][ T9923] RIP: 0033:0x7f6f0f19c799 [ 284.082174][ T9923] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 284.082192][ T9923] RSP: 002b:00007f6f0ffff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 284.082210][ T9923] RAX: ffffffffffffffda RBX: 00007f6f0f415fa0 RCX: 00007f6f0f19c799 [ 284.082222][ T9923] RDX: 0000000000000382 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 284.082233][ T9923] RBP: 00007f6f0f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 284.082243][ T9923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 284.082253][ T9923] R13: 00007f6f0f416038 R14: 00007f6f0f415fa0 R15: 00007ffc5ce1c268 [ 284.082282][ T9923] [ 284.604290][ T9935] sd 0:0:1:0: PR command failed: 1026 [ 284.609983][ T9935] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 284.618157][ T9935] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 284.952510][ T9943] netlink: 'syz.3.1515': attribute type 14 has an invalid length. [ 284.965059][ T9943] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1515'. [ 285.234575][ T9950] UHID_CREATE from different security context by process 936 (syz.2.1518), this is not allowed. [ 285.374926][ T9954] FAULT_INJECTION: forcing a failure. [ 285.374926][ T9954] name failslab, interval 1, probability 0, space 0, times 0 [ 285.447088][ T9954] CPU: 0 UID: 0 PID: 9954 Comm: syz.3.1520 Tainted: G L syzkaller #0 PREEMPT(full) [ 285.447121][ T9954] Tainted: [L]=SOFTLOCKUP [ 285.447127][ T9954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 285.447138][ T9954] Call Trace: [ 285.447145][ T9954] [ 285.447153][ T9954] dump_stack_lvl+0x100/0x190 [ 285.447185][ T9954] should_fail_ex.cold+0x5/0xa [ 285.447207][ T9954] should_failslab+0xc2/0x120 [ 285.447230][ T9954] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 285.447260][ T9954] ? do_epoll_ctl+0xc6c/0x36a0 [ 285.447279][ T9954] ? percpu_counter_add_batch+0xb9/0x230 [ 285.447311][ T9954] do_epoll_ctl+0xc6c/0x36a0 [ 285.447332][ T9954] ? ksys_write+0x190/0x250 [ 285.447349][ T9954] ? ksys_write+0x190/0x250 [ 285.447372][ T9954] ? __pfx_do_epoll_ctl+0x10/0x10 [ 285.447391][ T9954] ? find_held_lock+0x2b/0x80 [ 285.447408][ T9954] ? __might_fault+0xc5/0x140 [ 285.447434][ T9954] ? __might_fault+0xc5/0x140 [ 285.447468][ T9954] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 285.447487][ T9954] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 285.447508][ T9954] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 285.447534][ T9954] do_syscall_64+0x106/0xf80 [ 285.447560][ T9954] ? clear_bhb_loop+0x40/0x90 [ 285.447591][ T9954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.447610][ T9954] RIP: 0033:0x7f6f0f19c799 [ 285.447626][ T9954] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 285.447643][ T9954] RSP: 002b:00007f6f0ffff028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 285.447662][ T9954] RAX: ffffffffffffffda RBX: 00007f6f0f415fa0 RCX: 00007f6f0f19c799 [ 285.447674][ T9954] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 285.447685][ T9954] RBP: 00007f6f0f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 285.447696][ T9954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.447707][ T9954] R13: 00007f6f0f416038 R14: 00007f6f0f415fa0 R15: 00007ffc5ce1c268 [ 285.447730][ T9954] [ 286.823905][ T9977] vivid-007: ================= START STATUS ================= [ 286.840811][ T9977] vivid-007: Generate PTS: true [ 286.852777][ T9977] vivid-007: Generate SCR: true [ 286.866144][ T9977] tpg source WxH: 320x240 (Y'CbCr) [ 286.877100][ T9977] tpg field: 1 [ 286.924357][ T9977] tpg crop: (0,0)/320x240 [ 286.941931][ T9977] tpg compose: (0,0)/320x240 [ 286.969343][ T9977] tpg colorspace: 8 [ 287.009914][ T9977] tpg transfer function: 0/0 [ 287.018815][ T9977] tpg Y'CbCr encoding: 0/0 [ 287.035686][ T9977] tpg quantization: 0/0 [ 287.057282][ T9977] tpg RGB range: 0/2 [ 287.131479][ T9977] vivid-007: ================== END STATUS ================== [ 288.128119][T10001] FAULT_INJECTION: forcing a failure. [ 288.128119][T10001] name failslab, interval 1, probability 0, space 0, times 0 [ 288.180129][T10001] CPU: 0 UID: 0 PID: 10001 Comm: syz.3.1534 Tainted: G L syzkaller #0 PREEMPT(full) [ 288.180179][T10001] Tainted: [L]=SOFTLOCKUP [ 288.180186][T10001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 288.180197][T10001] Call Trace: [ 288.180203][T10001] [ 288.180211][T10001] dump_stack_lvl+0x100/0x190 [ 288.180247][T10001] should_fail_ex.cold+0x5/0xa [ 288.180268][T10001] ? alloc_pipe_info+0x1ec/0x590 [ 288.180287][T10001] should_failslab+0xc2/0x120 [ 288.180307][T10001] __kmalloc_noprof+0xe0/0x850 [ 288.180339][T10001] alloc_pipe_info+0x1ec/0x590 [ 288.180360][T10001] create_pipe_files+0x8c/0x970 [ 288.180382][T10001] do_pipe2+0xbd/0x1e0 [ 288.180402][T10001] ? __pfx_do_pipe2+0x10/0x10 [ 288.180429][T10001] __x64_sys_pipe+0x33/0x50 [ 288.180448][T10001] do_syscall_64+0x106/0xf80 [ 288.180473][T10001] ? clear_bhb_loop+0x40/0x90 [ 288.180496][T10001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.180514][T10001] RIP: 0033:0x7f6f0f19c799 [ 288.180530][T10001] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 288.180547][T10001] RSP: 002b:00007f6f0ffff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 288.180565][T10001] RAX: ffffffffffffffda RBX: 00007f6f0f415fa0 RCX: 00007f6f0f19c799 [ 288.180577][T10001] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 288.180588][T10001] RBP: 00007f6f0f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 288.180599][T10001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 288.180609][T10001] R13: 00007f6f0f416038 R14: 00007f6f0f415fa0 R15: 00007ffc5ce1c268 [ 288.180631][T10001] [ 288.952866][T10014] FAULT_INJECTION: forcing a failure. [ 288.952866][T10014] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 288.952903][T10014] CPU: 0 UID: 0 PID: 10014 Comm: syz.1.1540 Tainted: G L syzkaller #0 PREEMPT(full) [ 288.952930][T10014] Tainted: [L]=SOFTLOCKUP [ 288.952936][T10014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 288.952947][T10014] Call Trace: [ 288.952953][T10014] [ 288.952959][T10014] dump_stack_lvl+0x100/0x190 [ 288.952990][T10014] should_fail_ex.cold+0x5/0xa [ 288.953007][T10014] ? prepare_alloc_pages+0x16d/0x5f0 [ 288.953030][T10014] should_fail_alloc_page+0xeb/0x140 [ 288.953051][T10014] prepare_alloc_pages+0x1f0/0x5f0 [ 288.953076][T10014] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 288.953106][T10014] ? rcu_is_watching+0x12/0xc0 [ 288.953134][T10014] ? trace_mm_page_alloc+0x17a/0x1d0 [ 288.953155][T10014] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 288.953183][T10014] ? stack_depot_save_flags+0x479/0x9d0 [ 288.953207][T10014] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 288.953235][T10014] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 288.953262][T10014] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 288.953286][T10014] ? stack_depot_save_flags+0x479/0x9d0 [ 288.953314][T10014] ? kasan_save_stack+0x3f/0x50 [ 288.953341][T10014] ? kasan_save_track+0x14/0x30 [ 288.953368][T10014] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 288.953394][T10014] ? alloc_vmap_area+0x640/0x2bd0 [ 288.953411][T10014] ? __get_vm_area_node+0x1ca/0x330 [ 288.953429][T10014] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 288.953451][T10014] ? __kvmalloc_node_noprof+0x3de/0xa00 [ 288.953485][T10014] ? __do_sys_listmount+0x289/0xee0 [ 288.953512][T10014] ? do_syscall_64+0x106/0xf80 [ 288.953535][T10014] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.953560][T10014] alloc_pages_bulk_noprof+0x782/0x1490 [ 288.953596][T10014] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 288.953633][T10014] ? alloc_pages_noprof+0x233/0x390 [ 288.953655][T10014] __kasan_populate_vmalloc+0xf0/0x210 [ 288.953687][T10014] alloc_vmap_area+0x95d/0x2bd0 [ 288.953714][T10014] ? __pfx_alloc_vmap_area+0x10/0x10 [ 288.953743][T10014] __get_vm_area_node+0x1ca/0x330 [ 288.953768][T10014] __vmalloc_node_range_noprof+0x213/0x1530 [ 288.953791][T10014] ? __do_sys_listmount+0x289/0xee0 [ 288.953824][T10014] ? __do_sys_listmount+0x289/0xee0 [ 288.953858][T10014] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 288.953886][T10014] ? rcu_is_watching+0x12/0xc0 [ 288.953918][T10014] __kvmalloc_node_noprof+0x3de/0xa00 [ 288.953947][T10014] ? __do_sys_listmount+0x289/0xee0 [ 288.953974][T10014] ? __do_sys_listmount+0x289/0xee0 [ 288.953999][T10014] ? _copy_from_user+0x59/0xd0 [ 288.954031][T10014] ? copy_mnt_id_req+0x1b1/0x350 [ 288.954058][T10014] __do_sys_listmount+0x289/0xee0 [ 288.954086][T10014] ? __pfx_do_futex+0x10/0x10 [ 288.954112][T10014] ? __fget_files+0x21f/0x3d0 [ 288.954129][T10014] ? __pfx___do_sys_listmount+0x10/0x10 [ 288.954173][T10014] do_syscall_64+0x106/0xf80 [ 288.954197][T10014] ? clear_bhb_loop+0x40/0x90 [ 288.954221][T10014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.954240][T10014] RIP: 0033:0x7f7f5a99c799 [ 288.954256][T10014] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 288.954274][T10014] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 288.954291][T10014] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 288.954303][T10014] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 288.954314][T10014] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 288.954325][T10014] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 288.954335][T10014] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 288.954358][T10014] [ 288.956340][T10014] syz.1.1540: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 288.956474][T10014] CPU: 0 UID: 0 PID: 10014 Comm: syz.1.1540 Tainted: G L syzkaller #0 PREEMPT(full) [ 288.956508][T10014] Tainted: [L]=SOFTLOCKUP [ 288.956515][T10014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 288.956526][T10014] Call Trace: [ 288.956532][T10014] [ 288.956539][T10014] dump_stack_lvl+0x100/0x190 [ 288.956572][T10014] warn_alloc.cold+0x95/0x1c1 [ 288.956603][T10014] ? __pfx_warn_alloc+0x10/0x10 [ 288.956628][T10014] ? lockdep_hardirqs_on+0x78/0x100 [ 288.956656][T10014] ? __get_vm_area_node+0x2c5/0x330 [ 288.956681][T10014] ? __get_vm_area_node+0x208/0x330 [ 288.956705][T10014] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 288.956739][T10014] ? __do_sys_listmount+0x289/0xee0 [ 288.956773][T10014] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 288.956801][T10014] ? rcu_is_watching+0x12/0xc0 [ 288.956833][T10014] __kvmalloc_node_noprof+0x3de/0xa00 [ 288.956862][T10014] ? __do_sys_listmount+0x289/0xee0 [ 288.956889][T10014] ? __do_sys_listmount+0x289/0xee0 [ 288.956915][T10014] ? _copy_from_user+0x59/0xd0 [ 288.956935][T10014] ? copy_mnt_id_req+0x1b1/0x350 [ 288.956962][T10014] __do_sys_listmount+0x289/0xee0 [ 288.956988][T10014] ? __pfx_do_futex+0x10/0x10 [ 288.957014][T10014] ? __fget_files+0x21f/0x3d0 [ 288.957031][T10014] ? __pfx___do_sys_listmount+0x10/0x10 [ 288.957073][T10014] do_syscall_64+0x106/0xf80 [ 288.957097][T10014] ? clear_bhb_loop+0x40/0x90 [ 288.957119][T10014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.957137][T10014] RIP: 0033:0x7f7f5a99c799 [ 288.957152][T10014] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 288.957169][T10014] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 288.957185][T10014] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 288.957198][T10014] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 288.957209][T10014] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 288.957219][T10014] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 288.957230][T10014] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 288.957253][T10014] [ 288.959507][T10014] Mem-Info: [ 288.959519][T10014] active_anon:9712 inactive_anon:1 isolated_anon:0 [ 288.959519][T10014] active_file:18478 inactive_file:40363 isolated_file:0 [ 288.959519][T10014] unevictable:768 dirty:502 writeback:0 [ 288.959519][T10014] slab_reclaimable:10925 slab_unreclaimable:90688 [ 288.959519][T10014] mapped:25232 shmem:2798 pagetables:1235 [ 288.959519][T10014] sec_pagetables:0 bounce:0 [ 288.959519][T10014] kernel_misc_reclaimable:0 [ 288.959519][T10014] free:1327422 free_pcp:8837 free_cma:0 [ 288.959566][T10014] Node 0 active_anon:38848kB inactive_anon:4kB active_file:73876kB inactive_file:161244kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100892kB dirty:1988kB writeback:0kB shmem:9656kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11488kB pagetables:4780kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 288.959611][T10014] Node 1 active_anon:0kB inactive_anon:0kB active_file:36kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:36kB dirty:20kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 288.959655][T10014] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 288.959708][T10014] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 288.959745][T10014] Node 0 DMA32 free:1361608kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:38848kB inactive_anon:4kB active_file:73876kB inactive_file:161244kB unevictable:1536kB writepending:1988kB zspages:0kB present:3129332kB managed:2537380kB mlocked:0kB bounce:0kB free_pcp:35336kB local_pcp:35336kB free_cma:0kB [ 288.959800][T10014] lowmem_reserve[]: 0 0 1 1 1 [ 288.959834][T10014] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 288.959933][T10014] lowmem_reserve[]: 0 0 0 0 0 [ 288.959969][T10014] Node 1 Normal free:3932708kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:36kB inactive_file:208kB unevictable:1536kB writepending:20kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 288.960021][T10014] lowmem_reserve[]: 0 0 0 0 0 [ 288.960055][T10014] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 288.970114][T10014] Node 0 DMA32: 2170*4kB (UME) 1749*8kB (UE) 1445*16kB (UME) 836*32kB (UME) 515*64kB (UME) 311*128kB (UME) 155*256kB (UME) 58*512kB (UME) 20*1024kB (UM) 10*2048kB (UM) 270*4096kB (UM) = 1361568kB [ 288.970282][T10014] Node 0 Normal: 1*4kB (U) 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 288.970393][T10014] Node 1 Normal: 1*4kB (M) 8*8kB (UM) 10*16kB (UM) 8*32kB (UM) 7*64kB (UM) 7*128kB (U) 3*256kB (UM) 4*512kB (UM) 2*1024kB (UM) 1*2048kB (U) 958*4096kB (M) = 3932708kB [ 288.970560][T10014] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 288.970575][T10014] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 288.970589][T10014] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 288.970604][T10014] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 288.970618][T10014] 61623 total pagecache pages [ 288.970626][T10014] 6 pages in swap cache [ 288.970632][T10014] Free swap = 114404kB [ 288.970639][T10014] Total swap = 124996kB [ 288.970647][T10014] 2097051 pages RAM [ 288.970654][T10014] 0 pages HighMem/MovableOnly [ 288.970661][T10014] 430826 pages reserved [ 288.970668][T10014] 0 pages cma reserved [ 289.919675][T10028] FAULT_INJECTION: forcing a failure. [ 289.919675][T10028] name failslab, interval 1, probability 0, space 0, times 0 [ 289.919712][T10028] CPU: 0 UID: 0 PID: 10028 Comm: syz.2.1545 Tainted: G L syzkaller #0 PREEMPT(full) [ 289.919739][T10028] Tainted: [L]=SOFTLOCKUP [ 289.919745][T10028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 289.919756][T10028] Call Trace: [ 289.919762][T10028] [ 289.919770][T10028] dump_stack_lvl+0x100/0x190 [ 289.919800][T10028] should_fail_ex.cold+0x5/0xa [ 289.919821][T10028] should_failslab+0xc2/0x120 [ 289.919841][T10028] __kmalloc_cache_noprof+0x7a/0x6f0 [ 289.919864][T10028] ? syslog_print+0xf8/0x620 [ 289.919892][T10028] syslog_print+0xf8/0x620 [ 289.919916][T10028] ? __pfx_syslog_print+0x10/0x10 [ 289.919942][T10028] ? __pfx_futex_wait+0x10/0x10 [ 289.919980][T10028] ? bpf_lsm_capable+0x9/0x10 [ 289.919999][T10028] ? security_capable+0x80/0x260 [ 289.920030][T10028] do_syslog+0x5bd/0x6d0 [ 289.920057][T10028] ? __pfx_do_syslog+0x10/0x10 [ 289.920096][T10028] __x64_sys_syslog+0x74/0xb0 [ 289.920122][T10028] ? lockdep_hardirqs_on+0x78/0x100 [ 289.920148][T10028] do_syscall_64+0x106/0xf80 [ 289.920182][T10028] ? clear_bhb_loop+0x40/0x90 [ 289.920205][T10028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.920224][T10028] RIP: 0033:0x7f66a2d9c799 [ 289.920239][T10028] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 289.920258][T10028] RSP: 002b:00007f66a3bf3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000067 [ 289.920276][T10028] RAX: ffffffffffffffda RBX: 00007f66a3016090 RCX: 00007f66a2d9c799 [ 289.920287][T10028] RDX: 00000000000008f7 RSI: 0000200000000340 RDI: 0000000000000002 [ 289.920299][T10028] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 289.920309][T10028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.920320][T10028] R13: 00007f66a3016128 R14: 00007f66a3016090 R15: 00007fffabe9a048 [ 289.920343][T10028] [ 290.519277][T10034] ima: policy update failed [ 290.524380][ T29] audit: type=1802 audit(1773805387.129:5): pid=10034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1548" res=0 errno=0 [ 290.927605][T10043] FAULT_INJECTION: forcing a failure. [ 290.927605][T10043] name failslab, interval 1, probability 0, space 0, times 0 [ 290.927639][T10043] CPU: 0 UID: 0 PID: 10043 Comm: syz.1.1552 Tainted: G L syzkaller #0 PREEMPT(full) [ 290.927665][T10043] Tainted: [L]=SOFTLOCKUP [ 290.927672][T10043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 290.927685][T10043] Call Trace: [ 290.927691][T10043] [ 290.927698][T10043] dump_stack_lvl+0x100/0x190 [ 290.927730][T10043] should_fail_ex.cold+0x5/0xa [ 290.927753][T10043] should_failslab+0xc2/0x120 [ 290.927773][T10043] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 290.927801][T10043] ? fcntl_setlk+0xaa/0xe40 [ 290.927819][T10043] ? __lock_acquire+0x4a5/0x2630 [ 290.927846][T10043] fcntl_setlk+0xaa/0xe40 [ 290.927867][T10043] ? __pfx_fcntl_setlk+0x10/0x10 [ 290.927889][T10043] ? find_held_lock+0x2b/0x80 [ 290.927905][T10043] ? __might_fault+0xc5/0x140 [ 290.927930][T10043] ? __might_fault+0xc5/0x140 [ 290.927964][T10043] do_fcntl+0xf39/0x1670 [ 290.927989][T10043] ? __pfx_do_fcntl+0x10/0x10 [ 290.928010][T10043] ? __fget_files+0x215/0x3d0 [ 290.928033][T10043] ? tomoyo_file_fcntl+0x6c/0xc0 [ 290.928064][T10043] __x64_sys_fcntl+0x163/0x200 [ 290.928090][T10043] do_syscall_64+0x106/0xf80 [ 290.928115][T10043] ? clear_bhb_loop+0x40/0x90 [ 290.928137][T10043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.928156][T10043] RIP: 0033:0x7f7f5a99c799 [ 290.928172][T10043] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 290.928190][T10043] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 290.928207][T10043] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 290.928228][T10043] RDX: 0000000000000004 RSI: 0000000000000026 RDI: 0000000000000003 [ 290.928238][T10043] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 290.928249][T10043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 290.928259][T10043] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 290.928282][T10043] [ 293.369075][T10078] netlink: 21 bytes leftover after parsing attributes in process `syz.3.1563'. [ 293.807224][T10082] FAULT_INJECTION: forcing a failure. [ 293.807224][T10082] name failslab, interval 1, probability 0, space 0, times 0 [ 293.807274][T10082] CPU: 0 UID: 0 PID: 10082 Comm: syz.1.1566 Tainted: G L syzkaller #0 PREEMPT(full) [ 293.807301][T10082] Tainted: [L]=SOFTLOCKUP [ 293.807307][T10082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 293.807319][T10082] Call Trace: [ 293.807325][T10082] [ 293.807332][T10082] dump_stack_lvl+0x100/0x190 [ 293.807364][T10082] should_fail_ex.cold+0x5/0xa [ 293.807385][T10082] should_failslab+0xc2/0x120 [ 293.807406][T10082] __kmalloc_cache_noprof+0x7a/0x6f0 [ 293.807430][T10082] ? mon_text_open+0x1d9/0x510 [ 293.807448][T10082] ? lockdep_init_map_type+0x5c/0x250 [ 293.807476][T10082] ? __pfx_mon_text_open+0x10/0x10 [ 293.807492][T10082] mon_text_open+0x1d9/0x510 [ 293.807509][T10082] ? __pfx_mon_text_open+0x10/0x10 [ 293.807527][T10082] ? __debugfs_file_get+0x1fc/0x860 [ 293.807553][T10082] ? __pfx___debugfs_file_get+0x10/0x10 [ 293.807579][T10082] ? __pfx_apparmor_file_open+0x10/0x10 [ 293.807608][T10082] ? lockdown_is_locked_down+0x3d/0x140 [ 293.807634][T10082] ? bpf_lsm_locked_down+0x9/0x10 [ 293.807656][T10082] ? __pfx_mon_text_open+0x10/0x10 [ 293.807672][T10082] full_proxy_open_regular+0x1b6/0x370 [ 293.807702][T10082] do_dentry_open+0x6d8/0x1660 [ 293.807720][T10082] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 293.807759][T10082] vfs_open+0x82/0x3f0 [ 293.807785][T10082] path_openat+0x208c/0x31a0 [ 293.807811][T10082] ? __pfx_path_openat+0x10/0x10 [ 293.807838][T10082] do_file_open+0x20e/0x430 [ 293.807859][T10082] ? __pfx_do_file_open+0x10/0x10 [ 293.807894][T10082] ? alloc_fd+0x476/0x790 [ 293.807914][T10082] ? do_getname+0x191/0x390 [ 293.807939][T10082] do_sys_openat2+0x10d/0x1e0 [ 293.807963][T10082] ? __pfx_do_sys_openat2+0x10/0x10 [ 293.807989][T10082] ? __fget_files+0x21f/0x3d0 [ 293.808010][T10082] __x64_sys_openat+0x12d/0x210 [ 293.808035][T10082] ? __pfx___x64_sys_openat+0x10/0x10 [ 293.808068][T10082] do_syscall_64+0x106/0xf80 [ 293.808093][T10082] ? clear_bhb_loop+0x40/0x90 [ 293.808115][T10082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.808134][T10082] RIP: 0033:0x7f7f5a99c799 [ 293.808150][T10082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 293.808167][T10082] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 293.808193][T10082] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 293.808205][T10082] RDX: 0000000000080080 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 293.808216][T10082] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 293.808227][T10082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.808237][T10082] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 293.808261][T10082] [ 294.059455][T10075] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 294.059759][T10075] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 294.059902][T10075] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 294.060003][T10075] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 295.371289][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 296.092450][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 296.092485][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 296.092507][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 297.707446][T10144] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1585'. [ 297.924288][T10157] FAULT_INJECTION: forcing a failure. [ 297.924288][T10157] name failslab, interval 1, probability 0, space 0, times 0 [ 297.953946][T10157] CPU: 0 UID: 0 PID: 10157 Comm: syz.3.1591 Tainted: G L syzkaller #0 PREEMPT(full) [ 297.953980][T10157] Tainted: [L]=SOFTLOCKUP [ 297.953987][T10157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 297.953997][T10157] Call Trace: [ 297.954004][T10157] [ 297.954012][T10157] dump_stack_lvl+0x100/0x190 [ 297.954057][T10157] should_fail_ex.cold+0x5/0xa [ 297.954080][T10157] should_failslab+0xc2/0x120 [ 297.954166][T10157] __kmalloc_cache_noprof+0x7a/0x6f0 [ 297.954205][T10157] ? shrinker_alloc+0xf5/0xbc0 [ 297.954228][T10157] shrinker_alloc+0xf5/0xbc0 [ 297.954248][T10157] ? mark_held_locks+0x40/0x70 [ 297.954271][T10157] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 297.954298][T10157] ? rcu_is_watching+0x12/0xc0 [ 297.954326][T10157] ? __pfx_shrinker_alloc+0x10/0x10 [ 297.954346][T10157] ? lockdep_init_map_type+0x5c/0x250 [ 297.954370][T10157] ? lockdep_init_map_type+0x5c/0x250 [ 297.954394][T10157] ? __raw_spin_lock_init+0x3a/0x110 [ 297.954421][T10157] ? __init_rwsem+0x12d/0x1b0 [ 297.954448][T10157] alloc_super+0x7c7/0xd20 [ 297.954478][T10157] ? __pfx_mqueue_fill_super+0x10/0x10 [ 297.954505][T10157] sget_fc+0x117/0xc70 [ 297.954532][T10157] ? __pfx_set_anon_super_fc+0x10/0x10 [ 297.954560][T10157] ? __pfx_mqueue_fill_super+0x10/0x10 [ 297.954587][T10157] get_tree_nodev+0x28/0x190 [ 297.954616][T10157] mqueue_get_tree+0xf1/0x130 [ 297.954643][T10157] vfs_get_tree+0x92/0x320 [ 297.954669][T10157] fc_mount_longterm+0x1a/0x270 [ 297.954698][T10157] mq_init_ns+0x482/0x820 [ 297.954719][T10157] copy_ipcs+0x3dd/0x7e0 [ 297.954738][T10157] create_new_namespaces+0x20a/0xac0 [ 297.954758][T10157] ? security_capable+0x80/0x260 [ 297.954789][T10157] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 297.954811][T10157] ksys_unshare+0x473/0xad0 [ 297.954835][T10157] ? __pfx_ksys_unshare+0x10/0x10 [ 297.954866][T10157] __x64_sys_unshare+0x31/0x40 [ 297.954889][T10157] do_syscall_64+0x106/0xf80 [ 297.954921][T10157] ? clear_bhb_loop+0x40/0x90 [ 297.954944][T10157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.954964][T10157] RIP: 0033:0x7f6f0f19c799 [ 297.954981][T10157] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 297.955000][T10157] RSP: 002b:00007f6f0ffff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 297.955019][T10157] RAX: ffffffffffffffda RBX: 00007f6f0f415fa0 RCX: 00007f6f0f19c799 [ 297.955032][T10157] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 297.955043][T10157] RBP: 00007f6f0f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 297.955054][T10157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 297.955066][T10157] R13: 00007f6f0f416038 R14: 00007f6f0f415fa0 R15: 00007ffc5ce1c268 [ 297.955090][T10157] [ 298.499055][T10165] random: crng reseeded on system resumption [ 298.508094][T10165] FAULT_INJECTION: forcing a failure. [ 298.508094][T10165] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 298.521687][T10165] CPU: 0 UID: 0 PID: 10165 Comm: syz.1.1594 Tainted: G L syzkaller #0 PREEMPT(full) [ 298.521719][T10165] Tainted: [L]=SOFTLOCKUP [ 298.521726][T10165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 298.521737][T10165] Call Trace: [ 298.521744][T10165] [ 298.521750][T10165] dump_stack_lvl+0x100/0x190 [ 298.521787][T10165] should_fail_ex.cold+0x5/0xa [ 298.521805][T10165] ? prepare_alloc_pages+0x16d/0x5f0 [ 298.521829][T10165] should_fail_alloc_page+0xeb/0x140 [ 298.521850][T10165] prepare_alloc_pages+0x1f0/0x5f0 [ 298.521875][T10165] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 298.521906][T10165] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 298.521942][T10165] ? stack_trace_save+0x8e/0xc0 [ 298.521962][T10165] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 298.521992][T10165] ? stack_depot_save_flags+0x27/0x9d0 [ 298.522014][T10165] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 298.522045][T10165] ? kasan_save_stack+0x3f/0x50 [ 298.522072][T10165] ? kasan_save_stack+0x30/0x50 [ 298.522098][T10165] ? kasan_save_track+0x14/0x30 [ 298.522141][T10165] ? do_sys_openat2+0x10d/0x1e0 [ 298.522164][T10165] ? __x64_sys_openat+0x12d/0x210 [ 298.522186][T10165] ? do_syscall_64+0x106/0xf80 [ 298.522211][T10165] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.522232][T10165] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 298.522265][T10165] ? policy_nodemask+0xed/0x4f0 [ 298.522286][T10165] alloc_pages_mpol+0x1fb/0x550 [ 298.522306][T10165] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 298.522326][T10165] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 298.522349][T10165] alloc_pages_noprof+0x131/0x390 [ 298.522369][T10165] get_zeroed_page_noprof+0x18/0xb0 [ 298.522389][T10165] get_image_page+0x18/0x1a0 [ 298.522419][T10165] alloc_rtree_node+0x3c/0xb0 [ 298.522448][T10165] memory_bm_create+0x65e/0xba0 [ 298.522487][T10165] create_basic_memory_bitmaps+0x10b/0x350 [ 298.522509][T10165] snapshot_open+0x230/0x2a0 [ 298.522529][T10165] ? __pfx_snapshot_open+0x10/0x10 [ 298.522550][T10165] misc_open+0x26d/0x450 [ 298.522571][T10165] ? __pfx_misc_open+0x10/0x10 [ 298.522591][T10165] chrdev_open+0x234/0x6a0 [ 298.522609][T10165] ? __pfx_apparmor_file_open+0x10/0x10 [ 298.522638][T10165] ? __pfx_chrdev_open+0x10/0x10 [ 298.522658][T10165] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 298.522682][T10165] do_dentry_open+0x6d8/0x1660 [ 298.522699][T10165] ? __pfx_chrdev_open+0x10/0x10 [ 298.522724][T10165] vfs_open+0x82/0x3f0 [ 298.522750][T10165] path_openat+0x208c/0x31a0 [ 298.522777][T10165] ? __pfx_path_openat+0x10/0x10 [ 298.522804][T10165] do_file_open+0x20e/0x430 [ 298.522824][T10165] ? __pfx_do_file_open+0x10/0x10 [ 298.522859][T10165] ? alloc_fd+0x476/0x790 [ 298.522879][T10165] ? do_getname+0x191/0x390 [ 298.522904][T10165] do_sys_openat2+0x10d/0x1e0 [ 298.522928][T10165] ? __pfx_do_sys_openat2+0x10/0x10 [ 298.522953][T10165] ? find_held_lock+0x2b/0x80 [ 298.522975][T10165] __x64_sys_openat+0x12d/0x210 [ 298.523000][T10165] ? __pfx___x64_sys_openat+0x10/0x10 [ 298.523032][T10165] do_syscall_64+0x106/0xf80 [ 298.523057][T10165] ? clear_bhb_loop+0x40/0x90 [ 298.523079][T10165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.523098][T10165] RIP: 0033:0x7f7f5a99c799 [ 298.523115][T10165] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 298.523140][T10165] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 298.523159][T10165] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 298.523171][T10165] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 298.523183][T10165] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 298.523195][T10165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 298.523206][T10165] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 298.523229][T10165] [ 300.925057][T10193] syz_tun: refused to change device tx_queue_len [ 303.214643][T10245] FAULT_INJECTION: forcing a failure. [ 303.214643][T10245] name failslab, interval 1, probability 0, space 0, times 0 [ 303.244805][T10245] CPU: 0 UID: 0 PID: 10245 Comm: syz.0.1623 Tainted: G L syzkaller #0 PREEMPT(full) [ 303.244838][T10245] Tainted: [L]=SOFTLOCKUP [ 303.244844][T10245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 303.244855][T10245] Call Trace: [ 303.244862][T10245] [ 303.244870][T10245] dump_stack_lvl+0x100/0x190 [ 303.244902][T10245] should_fail_ex.cold+0x5/0xa [ 303.244923][T10245] should_failslab+0xc2/0x120 [ 303.244943][T10245] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 303.244971][T10245] ? seq_open+0x55/0x170 [ 303.244999][T10245] seq_open+0x55/0x170 [ 303.245031][T10245] __seq_open_private+0x3e/0xd0 [ 303.245058][T10245] tracing_open+0x2a8/0xef0 [ 303.245084][T10245] do_dentry_open+0x6d8/0x1660 [ 303.245102][T10245] ? __pfx_tracing_open+0x10/0x10 [ 303.245130][T10245] vfs_open+0x82/0x3f0 [ 303.245156][T10245] path_openat+0x208c/0x31a0 [ 303.245182][T10245] ? __pfx_path_openat+0x10/0x10 [ 303.245209][T10245] do_file_open+0x20e/0x430 [ 303.245230][T10245] ? __pfx_do_file_open+0x10/0x10 [ 303.245264][T10245] ? alloc_fd+0x476/0x790 [ 303.245284][T10245] ? do_getname+0x191/0x390 [ 303.245309][T10245] do_sys_openat2+0x10d/0x1e0 [ 303.245333][T10245] ? __pfx_do_sys_openat2+0x10/0x10 [ 303.245365][T10245] __x64_sys_openat+0x12d/0x210 [ 303.245390][T10245] ? __pfx___x64_sys_openat+0x10/0x10 [ 303.245423][T10245] do_syscall_64+0x106/0xf80 [ 303.245449][T10245] ? clear_bhb_loop+0x40/0x90 [ 303.245471][T10245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.245490][T10245] RIP: 0033:0x7f9decd9c799 [ 303.245506][T10245] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 303.245524][T10245] RSP: 002b:00007f9deaff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 303.245543][T10245] RAX: ffffffffffffffda RBX: 00007f9ded015fa0 RCX: 00007f9decd9c799 [ 303.245555][T10245] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 303.245566][T10245] RBP: 00007f9dece32c99 R08: 0000000000000000 R09: 0000000000000000 [ 303.245577][T10245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.245588][T10245] R13: 00007f9ded016038 R14: 00007f9ded015fa0 R15: 00007ffce7e9e598 [ 303.245610][T10245] [ 303.553061][T10248] vivid-007: ================= START STATUS ================= [ 303.560842][T10248] vivid-007: Generate PTS: true [ 303.565769][T10248] vivid-007: Generate SCR: true [ 303.570679][T10248] tpg source WxH: 320x240 (Y'CbCr) [ 303.575913][T10248] tpg field: 1 [ 303.579367][T10248] tpg crop: (0,0)/320x240 [ 303.583875][T10248] tpg compose: (0,0)/320x240 [ 303.588520][T10248] tpg colorspace: 8 [ 303.592397][T10248] tpg transfer function: 0/0 [ 303.597073][T10248] tpg Y'CbCr encoding: 0/0 [ 303.601583][T10248] tpg quantization: 0/0 [ 303.606614][T10248] tpg RGB range: 0/2 [ 303.610613][T10248] vivid-007: ================== END STATUS ================== [ 305.487243][T10279] FAULT_INJECTION: forcing a failure. [ 305.487243][T10279] name failslab, interval 1, probability 0, space 0, times 0 [ 305.560814][T10279] CPU: 0 UID: 0 PID: 10279 Comm: syz.2.1635 Tainted: G L syzkaller #0 PREEMPT(full) [ 305.560845][T10279] Tainted: [L]=SOFTLOCKUP [ 305.560852][T10279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 305.560863][T10279] Call Trace: [ 305.560870][T10279] [ 305.560877][T10279] dump_stack_lvl+0x100/0x190 [ 305.560910][T10279] should_fail_ex.cold+0x5/0xa [ 305.560939][T10279] ? iter_file_splice_write+0x1d8/0x10a0 [ 305.560959][T10279] should_failslab+0xc2/0x120 [ 305.560983][T10279] __kmalloc_noprof+0xe0/0x850 [ 305.561010][T10279] ? __pfx___might_resched+0x10/0x10 [ 305.561041][T10279] iter_file_splice_write+0x1d8/0x10a0 [ 305.561072][T10279] ? __pfx_iter_file_splice_write+0x10/0x10 [ 305.561091][T10279] ? __lock_acquire+0x4a5/0x2630 [ 305.561115][T10279] ? shmem_file_splice_read+0x724/0xdd0 [ 305.561158][T10279] ? __pfx_iter_file_splice_write+0x10/0x10 [ 305.561178][T10279] direct_splice_actor+0x192/0x6c0 [ 305.561198][T10279] splice_direct_to_actor+0x345/0xa30 [ 305.561218][T10279] ? __pfx_direct_splice_actor+0x10/0x10 [ 305.561241][T10279] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 305.561266][T10279] do_splice_direct+0x174/0x240 [ 305.561285][T10279] ? __pfx_do_splice_direct+0x10/0x10 [ 305.561305][T10279] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 305.561339][T10279] ? rw_verify_area+0xce/0x6d0 [ 305.561368][T10279] do_sendfile+0xadc/0xe20 [ 305.561400][T10279] ? __pfx_do_sendfile+0x10/0x10 [ 305.561436][T10279] __x64_sys_sendfile64+0x154/0x220 [ 305.561459][T10279] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 305.561487][T10279] do_syscall_64+0x106/0xf80 [ 305.561512][T10279] ? clear_bhb_loop+0x40/0x90 [ 305.561534][T10279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.561553][T10279] RIP: 0033:0x7f66a2d9c799 [ 305.561569][T10279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 305.561587][T10279] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 305.561606][T10279] RAX: ffffffffffffffda RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 305.561617][T10279] RDX: 0000200000000000 RSI: 0000000000000005 RDI: 0000000000000005 [ 305.561628][T10279] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 305.561639][T10279] R10: 0000000000000b5d R11: 0000000000000246 R12: 0000000000000000 [ 305.561649][T10279] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 305.561672][T10279] [ 307.149393][T10305] FAULT_INJECTION: forcing a failure. [ 307.149393][T10305] name failslab, interval 1, probability 0, space 0, times 0 [ 307.200416][T10305] CPU: 0 UID: 0 PID: 10305 Comm: syz.2.1646 Tainted: G L syzkaller #0 PREEMPT(full) [ 307.200448][T10305] Tainted: [L]=SOFTLOCKUP [ 307.200455][T10305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 307.200465][T10305] Call Trace: [ 307.200471][T10305] [ 307.200479][T10305] dump_stack_lvl+0x100/0x190 [ 307.200510][T10305] should_fail_ex.cold+0x5/0xa [ 307.200532][T10305] should_failslab+0xc2/0x120 [ 307.200552][T10305] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 307.200579][T10305] ? create_new_namespaces+0x30/0xac0 [ 307.200602][T10305] create_new_namespaces+0x30/0xac0 [ 307.200626][T10305] __do_sys_setns+0x213/0x1f30 [ 307.200648][T10305] ? __pfx___do_sys_setns+0x10/0x10 [ 307.200675][T10305] do_syscall_64+0x106/0xf80 [ 307.200700][T10305] ? clear_bhb_loop+0x40/0x90 [ 307.200722][T10305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.200741][T10305] RIP: 0033:0x7f66a2d9c799 [ 307.200757][T10305] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 307.200774][T10305] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 307.200792][T10305] RAX: ffffffffffffffda RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 307.200803][T10305] RDX: 0000000000000000 RSI: 0000000060020000 RDI: 0000000000000004 [ 307.200814][T10305] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 307.200824][T10305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 307.200835][T10305] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 307.200856][T10305] [ 307.836212][T10322] MTRR 0 not used [ 307.841502][T10319] futex_wake_op: syz.1.1652 tries to shift op by -2048; fix this program [ 309.330615][T10352] netlink: 18 bytes leftover after parsing attributes in process `syz.2.1663'. [ 309.878043][T10366] FAULT_INJECTION: forcing a failure. [ 309.878043][T10366] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 309.912007][T10366] CPU: 0 UID: 0 PID: 10366 Comm: syz.1.1669 Tainted: G L syzkaller #0 PREEMPT(full) [ 309.912039][T10366] Tainted: [L]=SOFTLOCKUP [ 309.912045][T10366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 309.912056][T10366] Call Trace: [ 309.912062][T10366] [ 309.912069][T10366] dump_stack_lvl+0x100/0x190 [ 309.912101][T10366] should_fail_ex.cold+0x5/0xa [ 309.912119][T10366] ? prepare_alloc_pages+0x16d/0x5f0 [ 309.912142][T10366] should_fail_alloc_page+0xeb/0x140 [ 309.912163][T10366] prepare_alloc_pages+0x1f0/0x5f0 [ 309.912188][T10366] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 309.912227][T10366] ? cpa_flush+0x19c/0x980 [ 309.912244][T10366] ? __lock_acquire+0x4a5/0x2630 [ 309.912267][T10366] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 309.912296][T10366] ? pgprot2cachemode+0x9a/0x130 [ 309.912320][T10366] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 309.912358][T10366] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 309.912389][T10366] ? policy_nodemask+0xed/0x4f0 [ 309.912408][T10366] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 309.912440][T10366] ? policy_nodemask+0xed/0x4f0 [ 309.912460][T10366] alloc_pages_mpol+0x1fb/0x550 [ 309.912480][T10366] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 309.912500][T10366] ? alloc_pages_noprof+0x233/0x390 [ 309.912522][T10366] alloc_pages_noprof+0x131/0x390 [ 309.912542][T10366] kimage_alloc_pages+0x72/0x380 [ 309.912563][T10366] kimage_alloc_page+0x232/0x910 [ 309.912586][T10366] kimage_load_segment+0x507/0xde0 [ 309.912611][T10366] do_kexec_load+0x58d/0x810 [ 309.912632][T10366] ? __pfx_do_kexec_load+0x10/0x10 [ 309.912654][T10366] ? _copy_from_user+0x59/0xd0 [ 309.912676][T10366] __x64_sys_kexec_load+0x1bf/0x230 [ 309.912704][T10366] do_syscall_64+0x106/0xf80 [ 309.912729][T10366] ? clear_bhb_loop+0x40/0x90 [ 309.912751][T10366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.912769][T10366] RIP: 0033:0x7f7f5a99c799 [ 309.912785][T10366] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 309.912803][T10366] RSP: 002b:00007f7f5b79c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 309.912821][T10366] RAX: ffffffffffffffda RBX: 00007f7f5ac15fa0 RCX: 00007f7f5a99c799 [ 309.912833][T10366] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 00000000ffffffff [ 309.912843][T10366] RBP: 00007f7f5aa32c99 R08: 0000000000000000 R09: 0000000000000000 [ 309.912854][T10366] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 309.912865][T10366] R13: 00007f7f5ac16038 R14: 00007f7f5ac15fa0 R15: 00007fff915e8948 [ 309.912888][T10366] [ 310.986150][T10383] FAULT_INJECTION: forcing a failure. [ 310.986150][T10383] name failslab, interval 1, probability 0, space 0, times 0 [ 311.062966][T10383] CPU: 0 UID: 0 PID: 10383 Comm: syz.0.1675 Tainted: G L syzkaller #0 PREEMPT(full) [ 311.062998][T10383] Tainted: [L]=SOFTLOCKUP [ 311.063005][T10383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 311.063015][T10383] Call Trace: [ 311.063023][T10383] [ 311.063030][T10383] dump_stack_lvl+0x100/0x190 [ 311.063061][T10383] should_fail_ex.cold+0x5/0xa [ 311.063083][T10383] should_failslab+0xc2/0x120 [ 311.063103][T10383] __kmalloc_cache_noprof+0x7a/0x6f0 [ 311.063129][T10383] ? v4l2_fh_open+0x4c/0xa0 [ 311.063161][T10383] v4l2_fh_open+0x4c/0xa0 [ 311.063198][T10383] v4l2_open+0x1d2/0x490 [ 311.063226][T10383] ? __pfx_v4l2_open+0x10/0x10 [ 311.063259][T10383] chrdev_open+0x234/0x6a0 [ 311.063278][T10383] ? __pfx_apparmor_file_open+0x10/0x10 [ 311.063336][T10383] ? __pfx_chrdev_open+0x10/0x10 [ 311.063357][T10383] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 311.063383][T10383] do_dentry_open+0x6d8/0x1660 [ 311.063401][T10383] ? __pfx_chrdev_open+0x10/0x10 [ 311.063426][T10383] vfs_open+0x82/0x3f0 [ 311.063452][T10383] path_openat+0x208c/0x31a0 [ 311.063480][T10383] ? __pfx_path_openat+0x10/0x10 [ 311.063507][T10383] do_file_open+0x20e/0x430 [ 311.063528][T10383] ? __pfx_do_file_open+0x10/0x10 [ 311.063563][T10383] ? alloc_fd+0x476/0x790 [ 311.063584][T10383] ? do_getname+0x191/0x390 [ 311.063608][T10383] do_sys_openat2+0x10d/0x1e0 [ 311.063632][T10383] ? __pfx_do_sys_openat2+0x10/0x10 [ 311.063658][T10383] ? __fget_files+0x21f/0x3d0 [ 311.063679][T10383] __x64_sys_openat+0x12d/0x210 [ 311.063704][T10383] ? __pfx___x64_sys_openat+0x10/0x10 [ 311.063737][T10383] do_syscall_64+0x106/0xf80 [ 311.063762][T10383] ? clear_bhb_loop+0x40/0x90 [ 311.063784][T10383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.063803][T10383] RIP: 0033:0x7f9decd9c799 [ 311.063818][T10383] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 311.063836][T10383] RSP: 002b:00007f9deaff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 311.063855][T10383] RAX: ffffffffffffffda RBX: 00007f9ded015fa0 RCX: 00007f9decd9c799 [ 311.063866][T10383] RDX: 000000000008aa40 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 311.063877][T10383] RBP: 00007f9dece32c99 R08: 0000000000000000 R09: 0000000000000000 [ 311.063888][T10383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 311.063898][T10383] R13: 00007f9ded016038 R14: 00007f9ded015fa0 R15: 00007ffce7e9e598 [ 311.063921][T10383] [ 312.012380][T10402] pci 0000:00:00.0: MSI/MSI-X allowed for future drivers [ 312.415052][T10418] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 313.844459][T10437] sp0: Synchronizing with TNC [ 313.998060][T10451] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1697'. [ 314.039173][T10451] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1697'. [ 314.179855][T10436] Process accounting paused [ 314.375176][T10463] MTRR 0 not used [ 314.595748][T10467] ------------[ cut here ]------------ [ 314.601672][T10467] IS_ERR(old) [ 314.601686][T10467] WARNING: kernel/tracepoint.c:367 at tracepoint_probe_unregister+0x837/0xd10, CPU#0: syz.2.1704/10467 [ 314.616308][T10467] Modules linked in: [ 314.620396][T10467] CPU: 0 UID: 0 PID: 10467 Comm: syz.2.1704 Tainted: G L syzkaller #0 PREEMPT(full) [ 314.631536][T10467] Tainted: [L]=SOFTLOCKUP [ 314.635959][T10467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 314.646219][T10467] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10 [ 314.653519][T10467] Code: cc e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 20 dc 09 82 48 c7 c7 40 31 87 8e e8 e6 79 e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00 [ 314.674282][T10467] RSP: 0018:ffffc900026d78a8 EFLAGS: 00010283 [ 314.681019][T10467] RAX: 0000000000007467 RBX: 00000000fffffffe RCX: ffffc9000d6a1000 [ 314.689335][T10467] RDX: 0000000000080000 RSI: ffffffff8209ed16 RDI: ffff888027cf8000 [ 314.697630][T10467] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 314.705748][T10467] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff821007e0 [ 314.713770][T10467] R13: 0000000000000302 R14: 0000000000000002 R15: ffffffff8f786be0 [ 314.721830][T10467] FS: 00007f66a3c146c0(0000) GS:ffff88812434a000(0000) knlGS:0000000000000000 [ 314.730893][T10467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 314.737718][T10467] CR2: 0000001b30d1aff8 CR3: 000000007bc78000 CR4: 00000000003526f0 [ 314.746251][T10467] Call Trace: [ 314.749556][T10467] [ 314.752511][T10467] tracing_stop_cmdline_record+0x66/0xa0 [ 314.758747][T10467] __ftrace_event_enable_disable+0x5c4/0x6f0 [ 314.764780][T10467] ftrace_event_set_open+0x224/0x380 [ 314.770752][T10467] do_dentry_open+0x6d8/0x1660 [ 314.776073][T10467] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 314.781955][T10467] vfs_open+0x82/0x3f0 [ 314.786125][T10467] path_openat+0x208c/0x31a0 [ 314.790972][T10467] ? __pfx_path_openat+0x10/0x10 [ 314.796052][T10467] do_file_open+0x20e/0x430 [ 314.800672][T10467] ? __pfx_do_file_open+0x10/0x10 [ 314.805798][T10467] ? alloc_fd+0x476/0x790 [ 314.810157][T10467] ? do_getname+0x191/0x390 [ 314.814766][T10467] do_sys_openat2+0x10d/0x1e0 [ 314.819583][T10467] ? __pfx_do_sys_openat2+0x10/0x10 [ 314.825006][T10467] ? find_held_lock+0x2b/0x80 [ 314.829742][T10467] __x64_sys_openat+0x12d/0x210 [ 314.834778][T10467] ? __pfx___x64_sys_openat+0x10/0x10 [ 314.840236][T10467] do_syscall_64+0x106/0xf80 [ 314.844943][T10467] ? clear_bhb_loop+0x40/0x90 [ 314.849769][T10467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.855712][T10467] RIP: 0033:0x7f66a2d9c799 [ 314.860324][T10467] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 314.881005][T10467] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 314.890013][T10467] RAX: ffffffffffffffda RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 314.898339][T10467] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 314.906647][T10467] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 314.915085][T10467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 314.923440][T10467] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 314.931959][T10467] [ 314.935172][T10467] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 314.943077][T10467] CPU: 0 UID: 0 PID: 10467 Comm: syz.2.1704 Tainted: G L syzkaller #0 PREEMPT(full) [ 314.955169][T10467] Tainted: [L]=SOFTLOCKUP [ 314.959870][T10467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 314.970367][T10467] Call Trace: [ 314.973846][T10467] [ 314.976798][T10467] dump_stack_lvl+0x100/0x190 [ 314.981525][T10467] vpanic+0x552/0x970 [ 314.985600][T10467] ? __pfx_vpanic+0x10/0x10 [ 314.990284][T10467] panic+0xd1/0xe0 [ 314.994108][T10467] ? __pfx_panic+0x10/0x10 [ 314.998809][T10467] check_panic_on_warn.cold+0x19/0x34 [ 315.004274][T10467] ? tracepoint_probe_unregister+0x837/0xd10 [ 315.010270][T10467] __warn.cold+0x191/0x348 [ 315.014706][T10467] __report_bug+0x296/0x3d0 [ 315.019233][T10467] ? tracepoint_probe_unregister+0x837/0xd10 [ 315.025268][T10467] ? __pfx___report_bug+0x10/0x10 [ 315.030333][T10467] ? rcu_is_watching+0x12/0xc0 [ 315.035113][T10467] ? trace_contention_end+0x140/0x180 [ 315.040513][T10467] ? __mutex_lock+0x26a/0x1b90 [ 315.045305][T10467] ? tracepoint_probe_unregister+0x31/0xd10 [ 315.051467][T10467] ? tracepoint_probe_unregister+0x837/0xd10 [ 315.057453][T10467] report_bug+0xb2/0x220 [ 315.061702][T10467] ? tracepoint_probe_unregister+0x837/0xd10 [ 315.067777][T10467] handle_bug+0x16a/0x2a0 [ 315.072220][T10467] exc_invalid_op+0x17/0x50 [ 315.076835][T10467] asm_exc_invalid_op+0x1a/0x20 [ 315.081787][T10467] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10 [ 315.088382][T10467] Code: cc e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 20 dc 09 82 48 c7 c7 40 31 87 8e e8 e6 79 e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00 [ 315.108080][T10467] RSP: 0018:ffffc900026d78a8 EFLAGS: 00010283 [ 315.114175][T10467] RAX: 0000000000007467 RBX: 00000000fffffffe RCX: ffffc9000d6a1000 [ 315.122168][T10467] RDX: 0000000000080000 RSI: ffffffff8209ed16 RDI: ffff888027cf8000 [ 315.130250][T10467] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 315.138307][T10467] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff821007e0 [ 315.146365][T10467] R13: 0000000000000302 R14: 0000000000000002 R15: ffffffff8f786be0 [ 315.154344][T10467] ? __pfx_probe_sched_switch+0x10/0x10 [ 315.159898][T10467] ? tracepoint_probe_unregister+0x836/0xd10 [ 315.166163][T10467] ? tracepoint_probe_unregister+0x836/0xd10 [ 315.172178][T10467] tracing_stop_cmdline_record+0x66/0xa0 [ 315.178000][T10467] __ftrace_event_enable_disable+0x5c4/0x6f0 [ 315.184070][T10467] ftrace_event_set_open+0x224/0x380 [ 315.189358][T10467] do_dentry_open+0x6d8/0x1660 [ 315.194651][T10467] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 315.200475][T10467] vfs_open+0x82/0x3f0 [ 315.204636][T10467] path_openat+0x208c/0x31a0 [ 315.209415][T10467] ? __pfx_path_openat+0x10/0x10 [ 315.214447][T10467] do_file_open+0x20e/0x430 [ 315.218951][T10467] ? __pfx_do_file_open+0x10/0x10 [ 315.223991][T10467] ? alloc_fd+0x476/0x790 [ 315.228409][T10467] ? do_getname+0x191/0x390 [ 315.232946][T10467] do_sys_openat2+0x10d/0x1e0 [ 315.237876][T10467] ? __pfx_do_sys_openat2+0x10/0x10 [ 315.243234][T10467] ? find_held_lock+0x2b/0x80 [ 315.248050][T10467] __x64_sys_openat+0x12d/0x210 [ 315.253022][T10467] ? __pfx___x64_sys_openat+0x10/0x10 [ 315.258618][T10467] do_syscall_64+0x106/0xf80 [ 315.263413][T10467] ? clear_bhb_loop+0x40/0x90 [ 315.268204][T10467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.274211][T10467] RIP: 0033:0x7f66a2d9c799 [ 315.278729][T10467] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 315.298525][T10467] RSP: 002b:00007f66a3c14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 315.307042][T10467] RAX: ffffffffffffffda RBX: 00007f66a3015fa0 RCX: 00007f66a2d9c799 [ 315.315016][T10467] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 315.323241][T10467] RBP: 00007f66a2e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 315.331307][T10467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 315.339459][T10467] R13: 00007f66a3016038 R14: 00007f66a3015fa0 R15: 00007fffabe9a048 [ 315.347438][T10467] [ 315.350614][T10467] Kernel Offset: disabled [ 315.354962][T10467] Rebooting in 86400 seconds..