last executing test programs: 5m54.285291648s ago: executing program 0 (id=266): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socketcall$auto(0xffe, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0300, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) io_uring_setup$auto(0x6, 0x0) ioctl$auto(0x3, 0xc008ae67, r0) 5m54.062185244s ago: executing program 0 (id=269): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x34, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x13, 0x2, ':\xbf*,\x8a}\x00\xfa\x88\xc7K\xf7\xff\xff\xff'}, @SMC_PNETID_ETHNAME={0xb, 0x2, ':\xbf+,\x8a}\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x8000) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000100)={0x7}) 5m53.832546325s ago: executing program 0 (id=272): mmap$auto(0x0, 0x6, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x5) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b4b", 0xfdef) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs1\x00', 0x20000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8}, 0x1) 5m52.569563967s ago: executing program 0 (id=279): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 5m52.154449848s ago: executing program 0 (id=282): unshare$auto(0x40000080) keyctl$auto(0x40001b, 0x1, 0x0, 0x3, 0x100010006) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1c9282, 0x0) mmap$auto(0x0, 0x1000, 0x7, 0xeb1, 0x404, 0x10008000) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 5m51.794979102s ago: executing program 0 (id=294): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xde, 0x400000000000eb1, 0x405, 0x80000000008000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 5m51.402169232s ago: executing program 32 (id=294): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xde, 0x400000000000eb1, 0x405, 0x80000000008000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 3m4.091423762s ago: executing program 3 (id=1504): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x2102, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) socket(0x1d, 0x2, 0x6) r1 = socket(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/resend_igmp\x00', 0x1e2142, 0x0) sendfile$auto(r0, r3, 0x0, 0x9) 3m3.881886357s ago: executing program 3 (id=1506): mmap$auto(0x7, 0x7, 0xdf, 0x30, 0x69a5, 0x7) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f0000003900)='\t', 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) epoll_create$auto(0x4) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/cpuidle/current_governor\x00', 0xa42, 0x0) sendfile$auto(r1, r0, 0x0, 0x1) 3m3.579977567s ago: executing program 3 (id=1508): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0xb5f0, 0x7352, 0x32, 0x65f, 0x80000001, 0x7, 0x3, 0x2, 0x7, 0x7, 0x0, 0x4, 0xb4, 0x3, 0x9, 0x10003, 0x80, 0x8, 0x0, 0x7, 0x2000, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, [0xc, 0x0, 0x4, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0x5) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000080), 0x208800, 0x0) socket(0x2, 0x3, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x1f, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 3m3.379442533s ago: executing program 3 (id=1510): sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="01002dbd7000ffdbdf25200000000c00038008000200b40300001800028014000200766c616e0000000000000000000000006556e2734ce96265af1b0f78efb3dd15baa4c1c33ccc2fd6c3a5d2a9ebc1"], 0x38}, 0x1, 0x0, 0x0, 0x4000844}, 0x4) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="000326bd7000fcdbdf2503000000790008805b4f2525b2dc3a73ec37e7122e6f0d55382854d419b883b7ed64bd3c7b9fb15273e787030718751e0a22cc6cabcae114aa6448d0356183e1ca7c01536c5c6f37915b26a3e75515ab02807fe932b8a415a581dcdc7800f91e231c001d800400d3800c002000f3000000002b3c0c7e9b"], 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x42) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3m3.248904645s ago: executing program 3 (id=1511): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 3m2.985646723s ago: executing program 3 (id=1513): open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x80000000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x5) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638929210, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x88882, 0x0) 2m47.679855772s ago: executing program 33 (id=1513): open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x80000000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x5) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638929210, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x88882, 0x0) 4.188071556s ago: executing program 1 (id=2691): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) ioctl$auto(r1, 0x2, r0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) close_range$auto(0x2, 0x8, 0x0) 3.268754367s ago: executing program 1 (id=2692): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x29, 0x2, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000000040)="03", 0x1) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/module/kernel/parameters/panic_print\x00', 0x80862, 0x0) sendfile$auto(0x2, 0x3, 0x0, 0xc3e0) sendfile$auto(r1, 0x3, 0x0, 0x2) 3.267873293s ago: executing program 2 (id=2693): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 2.819040841s ago: executing program 1 (id=2696): mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff) 2.54451241s ago: executing program 4 (id=2698): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c000}, 0x20040884) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) 2.286836765s ago: executing program 2 (id=2699): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r0) read$auto(r0, &(0x7f0000000040)='nl80211\x00', 0xbe62) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB="0c001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000080)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 2.069298668s ago: executing program 2 (id=2700): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x2008000) close_range$auto(0x0, 0x5, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/domainname\x00', 0x1c9442, 0x0) epoll_create$auto(0x8) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/controlC2\x00', 0x80, 0x0) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd41, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x341, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x8, 0x400]}, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, 0x0, 0x0) 1.955832447s ago: executing program 1 (id=2702): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff) mprotect$auto(0x8000, 0x8, 0x8) 1.912543877s ago: executing program 4 (id=2703): mmap$auto(0x0, 0x800400007, 0x65d, 0xffff, 0xffffffffffffffff, 0x20000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram6\x00', 0xc6fc1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) r0 = epoll_create$auto(0x5) fremovexattr$auto(r0, &(0x7f0000000000)='&\x00') read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000280)=""/54, 0x36) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x2, 0x88) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xbff) 1.838257473s ago: executing program 2 (id=2704): mmap$auto(0x0, 0x8000, 0x3, 0xeb1, 0xfffffffffffffffa, 0x10000000008000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x10, &(0x7f0000000000)={0x0, 0x10}, 0x2, 0x0, 0xe, 0x4}, 0x8}, 0x200, 0xb07e) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x119) r0 = socket(0x2, 0x80802, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.743983738s ago: executing program 5 (id=2705): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0x5, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/statistics/tx_compressed\x00', 0x80000, 0x0) socket(0x2, 0x1, 0x106) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages_mempolicy\x00', 0xa001, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xc048aec8, r0) 1.70223123s ago: executing program 4 (id=2706): openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x208840, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x60980, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) sendmsg$auto_NL80211_CMD_SET_MPATH(0xffffffffffffffff, 0x0, 0x800) ioctl$auto(0x3, 0xae41, r3) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000003c0)={0x2, 0x0, [{0x4b564d06, 0xe3, 0xe}]}) 1.670338496s ago: executing program 2 (id=2707): openat$auto_regulator_summary_fops_(0xffffffffffffff9c, 0x0, 0x40000, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_MACSEC_CMD_GET_TXSC(r0, 0x0, 0x40080c4) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x2, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x141000, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, &(0x7f0000000000)={0x3, 0x1, 0x80000000, 0x70, 0x9, 0x1}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) 1.407953178s ago: executing program 4 (id=2708): socket(0x2, 0x2, 0x88) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7ffff7ffefff}, 0x8000000000000001) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r0, 0xae03, 0xdb) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/trace\x00', 0x705040, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0xffd8) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) 1.407853986s ago: executing program 5 (id=2709): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0xa, 0x0) socket(0x2, 0x5, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="00f772", @ANYBLOB="5de1"], 0x1ac}}, 0x4) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.128652398s ago: executing program 5 (id=2710): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0xfffffffd, &(0x7f0000000080)={0x0, 0x1}, 0xa, 0x0, 0x4, 0x401}, 0xed7138c}, 0xfffffffd, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000025c0)={0x14, 0x0, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfd}, 0x14}}, 0x8040) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x5ac, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0xe000) 929.712453ms ago: executing program 2 (id=2711): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x22, 0x3, 0x0) ioctl$auto(0xffffffffffffffff, 0x40104d01, 0xffffffffffffffff) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002dc0)='/dev/adsp1\x00', 0x2401, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) write$auto(r0, 0x0, 0x6051) 929.024865ms ago: executing program 1 (id=2719): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0x11, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x9, 0x1, 0xffffffffffffffff, 0xa, 0x6}, 0xcf) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0xfffffffd, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) r2 = setfsuid$auto(0xee00) r3 = setfsuid$auto(0xee01) setresuid$auto(r2, r3, r2) ioctl$auto(r0, 0x89f2, 0x24) 789.211608ms ago: executing program 4 (id=2712): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000000)=@can={0x1d, r2}, 0x6a) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x28, 0x0, 0x808) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) write$auto(0x3, 0x0, 0x800) 742.462075ms ago: executing program 5 (id=2713): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) epoll_create$auto(0x3e) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, 0xffffffffffffffff, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0xa200, 0x0) ioctl$auto(r1, 0xc058560f, r1) 447.734931ms ago: executing program 4 (id=2714): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) r1 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x24, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) poll$auto(&(0x7f0000000080)={0x3, 0x1, 0xa}, 0x5, 0x108) 300.782276ms ago: executing program 5 (id=2715): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000140), 0xffffffffffffffff) msgctl$auto_MSG_INFO(0x8, 0xc, &(0x7f0000000380)={{0xfffffff7, 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x2, 0x1}, &(0x7f0000000100)=0x1b, &(0x7f0000000340), 0x7, 0x8, 0x1, 0x254, 0x2, 0x3, 0x7fff, 0x5, @inferred, @raw=0x3}) sendmsg$auto_NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, 0x0, 0x4005) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000000081, 0x8, 0x2, 0xfffffffffffffff8}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0) io_uring_setup$auto(0xdd4, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="7201", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) 43.729586ms ago: executing program 5 (id=2716): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) r1 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x7fff, 0x1}, 0x80000b}, 0x5, 0x20000000) 0s ago: executing program 1 (id=2717): r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) socket(0x10, 0x2, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x28000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) open(0x0, 0x163340, 0x6a) socket(0xa, 0x2, 0x88) setsockopt$auto(0xffffffffffffffff, 0x1, 0x6, 0x0, 0xc089) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x40200, 0x0) clone$auto(0x7fff, 0x200, 0x0, 0x0, 0xf) fremovexattr$auto(r0, &(0x7f0000000000)='system.posix_acl_access\x00') kernel console output (not intermixed with test programs): 9][ T9950] ? do_getname+0x35/0x390 [ 267.116518][ T9950] do_file_open+0x20e/0x430 [ 267.116534][ T9950] ? __pfx_do_file_open+0x10/0x10 [ 267.116564][ T9950] ? find_held_lock+0x2b/0x80 [ 267.116576][ T9950] ? __might_fault+0xc5/0x140 [ 267.116595][ T9950] ? __might_fault+0xc5/0x140 [ 267.116617][ T9950] file_open_name+0x198/0x3b0 [ 267.116643][ T9950] ? __pfx_file_open_name+0x10/0x10 [ 267.116666][ T9950] ? do_getname+0x191/0x390 [ 267.116686][ T9950] acct_on+0xa4/0x9e0 [ 267.116707][ T9950] ? __pfx_acct_on+0x10/0x10 [ 267.116728][ T9950] ? bpf_lsm_capable+0x9/0x10 [ 267.116744][ T9950] ? security_capable+0x80/0x260 [ 267.116768][ T9950] __x64_sys_acct+0x81/0x1e0 [ 267.116787][ T9950] ? lockdep_hardirqs_on+0x78/0x100 [ 267.116807][ T9950] do_syscall_64+0x106/0xf80 [ 267.116825][ T9950] ? clear_bhb_loop+0x40/0x90 [ 267.116844][ T9950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.116859][ T9950] RIP: 0033:0x7f355339c799 [ 267.116872][ T9950] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 267.116887][ T9950] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 267.116902][ T9950] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 267.116912][ T9950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100 [ 267.116922][ T9950] RBP: 00007f3553432c99 R08: 0000000000000000 R09: 0000000000000000 [ 267.116931][ T9950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 267.116940][ T9950] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 267.116959][ T9950] [ 267.871723][ T9972] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1385'. [ 267.910236][ T9972] netlink: 154 bytes leftover after parsing attributes in process `syz.3.1385'. [ 268.179378][ T9981] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1389'. [ 269.027182][ T9999] zswap: compressor not available [ 269.651263][T10009] zswap: compressor not available [ 269.711447][T10016] netlink: 186 bytes leftover after parsing attributes in process `syz.4.1402'. [ 271.292418][T10050] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1413'. [ 271.539221][T10045] zswap: compressor not available [ 273.032989][T10078] FAULT_INJECTION: forcing a failure. [ 273.032989][T10078] name failslab, interval 1, probability 0, space 0, times 0 [ 273.113698][T10078] CPU: 0 UID: 0 PID: 10078 Comm: syz.1.1422 Tainted: G L syzkaller #0 PREEMPT(full) [ 273.113725][T10078] Tainted: [L]=SOFTLOCKUP [ 273.113731][T10078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 273.113741][T10078] Call Trace: [ 273.113746][T10078] [ 273.113752][T10078] dump_stack_lvl+0x100/0x190 [ 273.113779][T10078] should_fail_ex.cold+0x5/0xa [ 273.113797][T10078] should_failslab+0xc2/0x120 [ 273.113813][T10078] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 273.113833][T10078] ? kvm_vm_ioctl+0x390/0x4080 [ 273.113848][T10078] ? kasan_save_stack+0x30/0x50 [ 273.113869][T10078] ? vmx_vcpu_precreate+0xc8/0x220 [ 273.113894][T10078] kvm_vm_ioctl+0x390/0x4080 [ 273.113915][T10078] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 273.113940][T10078] ? tomoyo_path_number_perm+0x46d/0x580 [ 273.113958][T10078] ? kasan_quarantine_put+0x104/0x240 [ 273.113978][T10078] ? lockdep_hardirqs_on+0x78/0x100 [ 273.114000][T10078] ? find_held_lock+0x2b/0x80 [ 273.114013][T10078] ? tomoyo_path_number_perm+0x28f/0x580 [ 273.114028][T10078] ? tomoyo_path_number_perm+0x28f/0x580 [ 273.114047][T10078] ? tomoyo_path_number_perm+0x188/0x580 [ 273.114064][T10078] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 273.114080][T10078] ? futex_wait+0x125/0x380 [ 273.114106][T10078] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 273.114131][T10078] ? do_vfs_ioctl+0x226/0x13e0 [ 273.114150][T10078] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 273.114175][T10078] ? find_held_lock+0x2b/0x80 [ 273.114188][T10078] ? __fget_files+0x215/0x3d0 [ 273.114200][T10078] ? hook_file_ioctl_common+0x146/0x410 [ 273.114221][T10078] ? __fget_files+0x21f/0x3d0 [ 273.114236][T10078] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 273.114252][T10078] __x64_sys_ioctl+0x18e/0x210 [ 273.114273][T10078] do_syscall_64+0x106/0xf80 [ 273.114292][T10078] ? clear_bhb_loop+0x40/0x90 [ 273.114309][T10078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.114324][T10078] RIP: 0033:0x7f6a2339c799 [ 273.114337][T10078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 273.114351][T10078] RSP: 002b:00007f6a241d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.114366][T10078] RAX: ffffffffffffffda RBX: 00007f6a23615fa0 RCX: 00007f6a2339c799 [ 273.114375][T10078] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000003 [ 273.114384][T10078] RBP: 00007f6a23432c99 R08: 0000000000000000 R09: 0000000000000000 [ 273.114392][T10078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.114401][T10078] R13: 00007f6a23616038 R14: 00007f6a23615fa0 R15: 00007ffeac590b28 [ 273.114420][T10078] [ 274.957435][T10100] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1431'. [ 275.063977][T10100] ipvlan0: entered promiscuous mode [ 275.069206][T10100] ipvlan0: entered allmulticast mode [ 275.111839][T10100] veth0_vlan: entered allmulticast mode [ 275.184585][T10102] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1432'. [ 275.510750][T10112] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1437'. [ 276.189381][T10127] bridge0: port 3(batadv0) entered blocking state [ 276.223728][T10127] bridge0: port 3(batadv0) entered disabled state [ 276.251531][T10127] batadv0: entered allmulticast mode [ 276.276836][T10127] batadv0: entered promiscuous mode [ 276.295990][ T13] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 276.305289][ T13] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 278.072162][T10160] netlink: 'syz.2.1453': attribute type 33 has an invalid length. [ 278.709480][T10169] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 278.836367][T10177] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1458'. [ 278.984674][T10179] netlink: 186 bytes leftover after parsing attributes in process `syz.4.1459'. [ 279.440629][T10183] netlink: 'syz.1.1461': attribute type 33 has an invalid length. [ 279.637865][T10195] FAULT_INJECTION: forcing a failure. [ 279.637865][T10195] name failslab, interval 1, probability 0, space 0, times 0 [ 279.715001][T10195] CPU: 0 UID: 0 PID: 10195 Comm: syz.4.1466 Tainted: G L syzkaller #0 PREEMPT(full) [ 279.715028][T10195] Tainted: [L]=SOFTLOCKUP [ 279.715033][T10195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 279.715042][T10195] Call Trace: [ 279.715048][T10195] [ 279.715055][T10195] dump_stack_lvl+0x100/0x190 [ 279.715082][T10195] should_fail_ex.cold+0x5/0xa [ 279.715100][T10195] ? tracing_open+0x303/0xef0 [ 279.715116][T10195] should_failslab+0xc2/0x120 [ 279.715132][T10195] __kmalloc_noprof+0xe0/0x850 [ 279.715155][T10195] ? seq_open+0x116/0x170 [ 279.715175][T10195] tracing_open+0x303/0xef0 [ 279.715195][T10195] do_dentry_open+0x6d8/0x1660 [ 279.715209][T10195] ? __pfx_tracing_open+0x10/0x10 [ 279.715230][T10195] vfs_open+0x82/0x3f0 [ 279.715250][T10195] path_openat+0x208c/0x31a0 [ 279.715271][T10195] ? __pfx_path_openat+0x10/0x10 [ 279.715293][T10195] do_file_open+0x20e/0x430 [ 279.715309][T10195] ? __pfx_do_file_open+0x10/0x10 [ 279.715337][T10195] ? alloc_fd+0x476/0x790 [ 279.715353][T10195] ? do_getname+0x191/0x390 [ 279.715372][T10195] do_sys_openat2+0x10d/0x1e0 [ 279.715391][T10195] ? __pfx_do_sys_openat2+0x10/0x10 [ 279.715411][T10195] ? __fget_files+0x21f/0x3d0 [ 279.715434][T10195] __x64_sys_openat+0x12d/0x210 [ 279.715454][T10195] ? __pfx___x64_sys_openat+0x10/0x10 [ 279.715482][T10195] do_syscall_64+0x106/0xf80 [ 279.715502][T10195] ? clear_bhb_loop+0x40/0x90 [ 279.715521][T10195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.715536][T10195] RIP: 0033:0x7f355339c799 [ 279.715550][T10195] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 279.715564][T10195] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 279.715579][T10195] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 279.715589][T10195] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 279.715599][T10195] RBP: 00007f3553432c99 R08: 0000000000000000 R09: 0000000000000000 [ 279.715608][T10195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 279.715616][T10195] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 279.715635][T10195] [ 280.008553][T10189] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1463'. [ 280.369661][T10209] netlink: 504 bytes leftover after parsing attributes in process `syz.4.1472'. [ 280.399014][T10209] netlink: 504 bytes leftover after parsing attributes in process `syz.4.1472'. [ 280.477813][T10211] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1474'. [ 280.958459][T10238] netlink: 'syz.4.1481': attribute type 1 has an invalid length. [ 280.958478][T10238] netlink: 306 bytes leftover after parsing attributes in process `syz.4.1481'. [ 280.958620][T10238] netlink: 'syz.4.1481': attribute type 1 has an invalid length. [ 280.958631][T10238] netlink: 306 bytes leftover after parsing attributes in process `syz.4.1481'. [ 283.192420][T10291] warning: `syz.2.1502' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 283.615848][T10294] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1503'. [ 284.193468][T10306] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1508'. [ 284.388114][T10311] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1510'. [ 285.629197][T10331] netlink: 86 bytes leftover after parsing attributes in process `syz.2.1519'. [ 287.848100][T10373] page: refcount:5 mapcount:4 mapping:0000000000000000 index:0x7fcb6ce43 pfn:0x79000 [ 287.928494][T10373] flags: 0xfff18000000214(referenced|dirty|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 288.044415][T10373] raw: 00fff18000000214 0000000000000000 dead000000000122 0000000000000000 [ 288.129371][T10373] raw: 00000007fcb6ce43 0000000000000000 0000000500000003 0000000000000000 [ 288.224026][T10373] page dumped because: unmovable page [ 288.269580][T10373] page_owner tracks the page as allocated [ 288.312699][T10373] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x29c2(GFP_NOWAIT|__GFP_HIGHMEM|__GFP_IO|__GFP_FS|__GFP_ZERO), pid 5820, tgid 5820 (syz-executor), ts 74042926790, free_ts 70391450090 [ 288.374391][T10373] post_alloc_hook+0x153/0x170 [ 288.393712][T10373] get_page_from_freelist+0x111d/0x3140 [ 288.402990][T10373] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 288.425243][T10373] alloc_pages_mpol+0x1fb/0x550 [ 288.444953][T10373] alloc_pages_noprof+0x131/0x390 [ 288.497455][T10373] __vmalloc_node_range_noprof+0xe5c/0x1530 [ 288.519505][T10373] vmalloc_user_noprof+0x9e/0xe0 [ 288.537006][T10373] kcov_ioctl+0x4c/0x720 [ 288.551490][T10373] __x64_sys_ioctl+0x18e/0x210 [ 288.568955][T10373] do_syscall_64+0x106/0xf80 [ 288.584322][T10373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.603387][T10373] page last free pid 5811 tgid 5811 stack trace: [ 288.623306][T10373] free_unref_folios+0xaea/0x1790 [ 288.651981][T10373] folios_put_refs+0x53c/0x840 [ 288.666699][T10373] free_pages_and_swap_cache+0x242/0x480 [ 288.685564][T10373] __tlb_batch_free_encoded_pages+0xe9/0x280 [ 288.707280][T10373] tlb_finish_mmu+0x1b0/0x810 [ 288.713754][T10373] unmap_region+0x2d9/0x3b0 [ 288.723858][T10373] vms_complete_munmap_vmas+0xa4b/0xdd0 [ 288.737336][T10373] do_vmi_align_munmap+0x44f/0x5f0 [ 288.750284][T10373] do_vmi_munmap+0x1f8/0x3e0 [ 288.769142][T10373] __vm_munmap+0x196/0x390 [ 288.782455][T10373] __x64_sys_munmap+0x59/0x80 [ 288.801235][T10373] do_syscall_64+0x106/0xf80 [ 288.814507][T10373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.000111][T10418] netlink: 'syz.4.1550': attribute type 10 has an invalid length. [ 290.034284][T10418] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1550'. [ 291.844758][T10452] vivid-007: ================= START STATUS ================= [ 291.852421][T10452] vivid-007: Generate PTS: true [ 291.891778][T10452] vivid-007: Generate SCR: true [ 291.920380][T10452] tpg source WxH: 320x240 (Y'CbCr) [ 291.936255][T10452] tpg field: 1 [ 291.956290][T10452] tpg crop: (0,0)/320x240 [ 291.972939][T10452] tpg compose: (0,0)/320x240 [ 291.986361][T10458] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1564'. [ 292.003775][T10452] tpg colorspace: 8 [ 292.008479][T10452] tpg transfer function: 0/0 [ 292.020421][T10452] tpg Y'CbCr encoding: 0/0 [ 292.035205][T10452] tpg quantization: 0/0 [ 292.049352][T10452] tpg RGB range: 0/2 [ 292.088304][T10452] vivid-007: ================== END STATUS ================== [ 293.468019][T10488] ima: policy update failed [ 293.472791][ T29] audit: type=1802 audit(1773518785.105:5): pid=10488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1582" res=0 errno=0 [ 294.181169][T10499] zswap: compressor not available [ 295.330700][T10516] netlink: 'syz.1.1584': attribute type 5 has an invalid length. [ 295.356907][T10516] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1584'. [ 295.734888][T10526] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1588'. [ 296.587713][T10544] mkiss: ax0: crc mode is auto. [ 296.969910][T10550] zram: Added device: zram0 [ 298.372754][T10572] FAULT_INJECTION: forcing a failure. [ 298.372754][T10572] name fail_futex, interval 1, probability 0, space 0, times 1 [ 298.443672][T10572] CPU: 0 UID: 0 PID: 10572 Comm: syz.4.1601 Tainted: G L syzkaller #0 PREEMPT(full) [ 298.443700][T10572] Tainted: [L]=SOFTLOCKUP [ 298.443706][T10572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 298.443715][T10572] Call Trace: [ 298.443720][T10572] [ 298.443726][T10572] dump_stack_lvl+0x100/0x190 [ 298.443752][T10572] should_fail_ex.cold+0x5/0xa [ 298.443771][T10572] get_futex_key+0x295/0x1620 [ 298.443792][T10572] ? __pfx_get_futex_key+0x10/0x10 [ 298.443812][T10572] ? kasan_save_track+0x14/0x30 [ 298.443835][T10572] ? __kasan_kmalloc+0xaa/0xb0 [ 298.443859][T10572] futex_lock_pi+0x1d3/0x7b0 [ 298.443882][T10572] ? __pfx_futex_lock_pi+0x10/0x10 [ 298.443904][T10572] ? __pfx___futex_wait+0x10/0x10 [ 298.443941][T10572] ? __pfx_futex_wake_mark+0x10/0x10 [ 298.443966][T10572] ? __lock_acquire+0x4a5/0x2630 [ 298.443989][T10572] do_futex+0x18a/0x350 [ 298.444007][T10572] ? __pfx_do_futex+0x10/0x10 [ 298.444026][T10572] ? find_held_lock+0x2b/0x80 [ 298.444042][T10572] __x64_sys_futex+0x34f/0x4d0 [ 298.444062][T10572] ? __pfx___x64_sys_futex+0x10/0x10 [ 298.444087][T10572] do_syscall_64+0x106/0xf80 [ 298.444107][T10572] ? clear_bhb_loop+0x40/0x90 [ 298.444125][T10572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.444139][T10572] RIP: 0033:0x7f355339c799 [ 298.444153][T10572] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 298.444167][T10572] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 298.444182][T10572] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 298.444191][T10572] RDX: 0000000000000001 RSI: 0000000000000006 RDI: 0000000000000000 [ 298.444200][T10572] RBP: 00007f3553432c99 R08: 0000000000000000 R09: 00000000fffffffa [ 298.444209][T10572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 298.444217][T10572] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 298.444236][T10572] [ 300.502312][ T5830] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 300.522921][ T5830] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 300.533706][ T5830] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 300.541298][ T5830] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 300.548987][ T5830] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 301.316283][ T1109] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.398914][T10592] chnl_net:caif_netlink_parms(): no params data found [ 301.579345][ T1109] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.879381][ T1109] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.007088][T10625] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1621'. [ 302.020824][ T1109] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.131913][T10592] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.158390][T10592] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.188261][T10592] bridge_slave_0: entered allmulticast mode [ 302.210752][T10592] bridge_slave_0: entered promiscuous mode [ 302.240372][T10592] bridge0: port 2(bridge_slave_1) entered blocking state [ 302.271078][T10592] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.295968][T10592] bridge_slave_1: entered allmulticast mode [ 302.320036][T10592] bridge_slave_1: entered promiscuous mode [ 302.413035][T10633] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1624'. [ 302.467392][T10592] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 302.528290][T10592] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 302.643637][ T5830] Bluetooth: hci5: command tx timeout [ 302.691070][T10592] team0: Port device team_slave_0 added [ 302.721027][T10637] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1625'. [ 302.742994][T10592] team0: Port device team_slave_1 added [ 302.926372][T10592] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 302.977126][T10592] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 303.065915][T10639] zswap: compressor  not available [ 303.133092][T10592] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 303.208697][ T1109] batadv0: left allmulticast mode [ 303.245104][ T1109] batadv0: left promiscuous mode [ 303.264406][ T1109] bridge0: port 3(batadv0) entered disabled state [ 303.277841][T10653] FAULT_INJECTION: forcing a failure. [ 303.277841][T10653] name failslab, interval 1, probability 0, space 0, times 0 [ 303.339856][T10653] CPU: 0 UID: 0 PID: 10653 Comm: syz.4.1631 Tainted: G L syzkaller #0 PREEMPT(full) [ 303.339883][T10653] Tainted: [L]=SOFTLOCKUP [ 303.339889][T10653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 303.339900][T10653] Call Trace: [ 303.339906][T10653] [ 303.339912][T10653] dump_stack_lvl+0x100/0x190 [ 303.339940][T10653] should_fail_ex.cold+0x5/0xa [ 303.339959][T10653] should_failslab+0xc2/0x120 [ 303.339976][T10653] __kmalloc_node_noprof+0xe6/0x850 [ 303.339998][T10653] ? alloc_slab_obj_exts+0xae/0x260 [ 303.340021][T10653] alloc_slab_obj_exts+0xae/0x260 [ 303.340042][T10653] __memcg_slab_post_alloc_hook+0x246/0x990 [ 303.340063][T10653] ? kasan_save_track+0x14/0x30 [ 303.340087][T10653] kmem_cache_alloc_noprof+0x58a/0x6e0 [ 303.340107][T10653] ? ep_ptable_queue_proc+0x5b/0x280 [ 303.340132][T10653] ep_ptable_queue_proc+0x5b/0x280 [ 303.340154][T10653] ? __pfx_ep_ptable_queue_proc+0x10/0x10 [ 303.340176][T10653] snd_seq_oss_readq_poll+0x56/0xb0 [ 303.340207][T10653] snd_seq_oss_poll+0x122/0x1d0 [ 303.340224][T10653] ? __pfx_odev_poll+0x10/0x10 [ 303.340238][T10653] odev_poll+0x4a/0x90 [ 303.340251][T10653] ep_item_poll+0x141/0x1f0 [ 303.340267][T10653] do_epoll_ctl+0x1f33/0x36a0 [ 303.340291][T10653] ? __pfx_do_epoll_ctl+0x10/0x10 [ 303.340304][T10653] ? find_held_lock+0x2b/0x80 [ 303.340318][T10653] ? __might_fault+0xc5/0x140 [ 303.340337][T10653] ? __might_fault+0xc5/0x140 [ 303.340355][T10653] ? __pfx_ep_ptable_queue_proc+0x10/0x10 [ 303.340383][T10653] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 303.340398][T10653] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 303.340414][T10653] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 303.340437][T10653] do_syscall_64+0x106/0xf80 [ 303.340456][T10653] ? clear_bhb_loop+0x40/0x90 [ 303.340474][T10653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.340489][T10653] RIP: 0033:0x7f355339c799 [ 303.340503][T10653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 303.340517][T10653] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 303.340536][T10653] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 303.340546][T10653] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000005 [ 303.340555][T10653] RBP: 00007f3553432c99 R08: 0000000000000000 R09: 0000000000000000 [ 303.340565][T10653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.340574][T10653] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 303.340594][T10653] [ 303.989271][ T1109] bridge_slave_1: left allmulticast mode [ 304.004311][ T1109] bridge_slave_1: left promiscuous mode [ 304.017519][ T1109] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.186036][ T1109] bridge_slave_0: left allmulticast mode [ 304.212658][ T1109] bridge_slave_0: left promiscuous mode [ 304.242967][ T1109] bridge0: port 1(bridge_slave_0) entered disabled state [ 304.724466][ T5830] Bluetooth: hci5: command tx timeout [ 304.869015][ T1109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 304.911936][ T1109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 304.948219][ T1109] bond0 (unregistering): Released all slaves [ 304.973055][T10592] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 305.003455][T10592] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 305.084054][T10592] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 305.363191][T10592] hsr_slave_0: entered promiscuous mode [ 305.394397][T10592] hsr_slave_1: entered promiscuous mode [ 305.432844][T10592] debugfs: 'hsr0' already exists in 'hsr' [ 305.468326][T10592] Cannot create hsr debugfs directory [ 305.501986][T10686] FAULT_INJECTION: forcing a failure. [ 305.501986][T10686] name fail_futex, interval 1, probability 0, space 0, times 0 [ 305.562984][T10686] CPU: 0 UID: 0 PID: 10686 Comm: syz.2.1637 Tainted: G L syzkaller #0 PREEMPT(full) [ 305.563013][T10686] Tainted: [L]=SOFTLOCKUP [ 305.563018][T10686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 305.563027][T10686] Call Trace: [ 305.563032][T10686] [ 305.563039][T10686] dump_stack_lvl+0x100/0x190 [ 305.563066][T10686] should_fail_ex.cold+0x5/0xa [ 305.563085][T10686] get_futex_key+0x295/0x1620 [ 305.563106][T10686] ? __pfx_get_futex_key+0x10/0x10 [ 305.563124][T10686] ? kasan_save_track+0x14/0x30 [ 305.563146][T10686] ? __kasan_kmalloc+0xaa/0xb0 [ 305.563171][T10686] futex_lock_pi+0x1d3/0x7b0 [ 305.563193][T10686] ? __pfx_futex_lock_pi+0x10/0x10 [ 305.563215][T10686] ? __pfx___futex_wait+0x10/0x10 [ 305.563236][T10686] ? lockdep_hardirqs_on+0x78/0x100 [ 305.563272][T10686] ? __pfx_futex_wake_mark+0x10/0x10 [ 305.563297][T10686] ? __lock_acquire+0x4a5/0x2630 [ 305.563319][T10686] do_futex+0x18a/0x350 [ 305.563338][T10686] ? __pfx_do_futex+0x10/0x10 [ 305.563357][T10686] ? find_held_lock+0x2b/0x80 [ 305.563373][T10686] __x64_sys_futex+0x34f/0x4d0 [ 305.563394][T10686] ? __pfx___x64_sys_futex+0x10/0x10 [ 305.563426][T10686] do_syscall_64+0x106/0xf80 [ 305.563446][T10686] ? clear_bhb_loop+0x40/0x90 [ 305.563464][T10686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.563479][T10686] RIP: 0033:0x7fc4b479c799 [ 305.563492][T10686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 305.563510][T10686] RSP: 002b:00007fc4b563c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 305.563524][T10686] RAX: ffffffffffffffda RBX: 00007fc4b4a15fa0 RCX: 00007fc4b479c799 [ 305.563534][T10686] RDX: 0000000000000001 RSI: 0000000000000006 RDI: 0000000000000000 [ 305.563543][T10686] RBP: 00007fc4b4832c99 R08: 0000000000000000 R09: 00000000fffffffa [ 305.563551][T10686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 305.563560][T10686] R13: 00007fc4b4a16038 R14: 00007fc4b4a15fa0 R15: 00007ffe182c26e8 [ 305.563579][T10686] [ 306.446160][ T1109] hsr_slave_0: left promiscuous mode [ 306.514517][ T1109] hsr_slave_1: left promiscuous mode [ 306.528984][ T1109] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 306.576568][ T1109] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 306.664651][ T1109] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 306.682278][ T1109] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 306.738189][ T1109] veth0_macvtap: left promiscuous mode [ 306.792572][ T1109] veth1_vlan: left promiscuous mode [ 306.803585][ T5830] Bluetooth: hci5: command tx timeout [ 306.820656][ T1109] veth0_vlan: left promiscuous mode [ 307.333397][ T1109] team0 (unregistering): Port device team_slave_1 removed [ 307.395841][ T1109] team0 (unregistering): Port device team_slave_0 removed [ 307.758384][T10731] serio: Serial port pty6 [ 308.495851][T10592] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 308.558617][T10592] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 308.676573][T10592] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 308.803015][T10592] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 308.885421][ T5830] Bluetooth: hci5: command tx timeout [ 309.502098][T10592] 8021q: adding VLAN 0 to HW filter on device bond0 [ 309.537066][T10780] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1659'. [ 309.587222][T10780] –õ\­: renamed from lo (while UP) [ 309.621427][T10592] 8021q: adding VLAN 0 to HW filter on device team0 [ 309.774043][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 309.781195][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 309.833341][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 309.840476][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 310.439651][T10798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1664'. [ 310.531260][T10798] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1664'. [ 310.623455][T10592] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 310.727075][T10807] FAULT_INJECTION: forcing a failure. [ 310.727075][T10807] name failslab, interval 1, probability 0, space 0, times 0 [ 310.907530][T10807] CPU: 0 UID: 0 PID: 10807 Comm: syz.2.1665 Tainted: G L syzkaller #0 PREEMPT(full) [ 310.907558][T10807] Tainted: [L]=SOFTLOCKUP [ 310.907564][T10807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 310.907574][T10807] Call Trace: [ 310.907579][T10807] [ 310.907585][T10807] dump_stack_lvl+0x100/0x190 [ 310.907614][T10807] should_fail_ex.cold+0x5/0xa [ 310.907632][T10807] should_failslab+0xc2/0x120 [ 310.907648][T10807] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 310.907670][T10807] ? ep_ptable_queue_proc+0x5b/0x280 [ 310.907696][T10807] ep_ptable_queue_proc+0x5b/0x280 [ 310.907718][T10807] ? __pfx_ep_ptable_queue_proc+0x10/0x10 [ 310.907743][T10807] snd_seq_pool_poll_wait+0x5b/0x190 [ 310.907763][T10807] snd_seq_kernel_client_write_poll+0xa5/0x110 [ 310.907788][T10807] snd_seq_oss_poll+0x17d/0x1d0 [ 310.907805][T10807] ? __pfx_odev_poll+0x10/0x10 [ 310.907818][T10807] odev_poll+0x4a/0x90 [ 310.907832][T10807] ep_item_poll+0x141/0x1f0 [ 310.907848][T10807] do_epoll_ctl+0x1f33/0x36a0 [ 310.907870][T10807] ? __pfx_do_epoll_ctl+0x10/0x10 [ 310.907884][T10807] ? find_held_lock+0x2b/0x80 [ 310.907897][T10807] ? __might_fault+0xc5/0x140 [ 310.907916][T10807] ? __might_fault+0xc5/0x140 [ 310.907934][T10807] ? __pfx_ep_ptable_queue_proc+0x10/0x10 [ 310.907963][T10807] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 310.907977][T10807] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 310.907993][T10807] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 310.908014][T10807] do_syscall_64+0x106/0xf80 [ 310.908033][T10807] ? clear_bhb_loop+0x40/0x90 [ 310.908051][T10807] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.908065][T10807] RIP: 0033:0x7fc4b479c799 [ 310.908078][T10807] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 310.908093][T10807] RSP: 002b:00007fc4b563c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 310.908107][T10807] RAX: ffffffffffffffda RBX: 00007fc4b4a15fa0 RCX: 00007fc4b479c799 [ 310.908117][T10807] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000005 [ 310.908126][T10807] RBP: 00007fc4b4832c99 R08: 0000000000000000 R09: 0000000000000000 [ 310.908134][T10807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 310.908143][T10807] R13: 00007fc4b4a16038 R14: 00007fc4b4a15fa0 R15: 00007ffe182c26e8 [ 310.908162][T10807] [ 311.546035][T10816] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1668'. [ 312.098304][T10592] veth0_vlan: entered promiscuous mode [ 312.158050][T10592] veth1_vlan: entered promiscuous mode [ 312.291434][T10592] veth0_macvtap: entered promiscuous mode [ 312.367393][T10592] veth1_macvtap: entered promiscuous mode [ 312.454420][T10592] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 312.537500][T10592] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 312.612641][ T1109] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.652956][ T1109] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.705980][ T1109] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.794150][ T1109] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.966944][ T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 313.012564][ T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 313.102803][ T1109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 313.157641][ T1109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 313.489267][T10860] netlink: 290 bytes leftover after parsing attributes in process `syz.5.1607'. [ 314.431814][T10882] netlink: 'syz.5.1688': attribute type 4 has an invalid length. [ 314.472743][T10882] netlink: 314 bytes leftover after parsing attributes in process `syz.5.1688'. [ 314.500234][T10882] IPv6: NLM_F_CREATE should be specified when creating new route [ 315.239346][T10893] zswap: compressor not available [ 315.914868][T10929] netlink: 'syz.5.1705': attribute type 1 has an invalid length. [ 315.953769][T10929] netlink: 306 bytes leftover after parsing attributes in process `syz.5.1705'. [ 316.188967][T10937] netlink: 25 bytes leftover after parsing attributes in process `syz.5.1709'. [ 316.596567][T10950] mkiss: ax0: crc mode is auto. [ 317.128818][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.135359][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.509729][T10973] FAULT_INJECTION: forcing a failure. [ 317.509729][T10973] name failslab, interval 1, probability 0, space 0, times 0 [ 317.568358][T10973] CPU: 0 UID: 0 PID: 10973 Comm: syz.4.1724 Tainted: G L syzkaller #0 PREEMPT(full) [ 317.568385][T10973] Tainted: [L]=SOFTLOCKUP [ 317.568391][T10973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 317.568400][T10973] Call Trace: [ 317.568406][T10973] [ 317.568412][T10973] dump_stack_lvl+0x100/0x190 [ 317.568438][T10973] should_fail_ex.cold+0x5/0xa [ 317.568457][T10973] should_failslab+0xc2/0x120 [ 317.568473][T10973] __kmalloc_cache_noprof+0x7a/0x6f0 [ 317.568492][T10973] ? tipc_conn_alloc+0x48/0x590 [ 317.568509][T10973] ? net_generic+0xea/0x2a0 [ 317.568524][T10973] ? net_generic+0xea/0x2a0 [ 317.568543][T10973] tipc_conn_alloc+0x48/0x590 [ 317.568561][T10973] tipc_topsrv_kern_subscr+0x11c/0x3c0 [ 317.568580][T10973] ? __pfx_tipc_topsrv_kern_subscr+0x10/0x10 [ 317.568601][T10973] ? net_generic+0xea/0x2a0 [ 317.568623][T10973] tipc_group_create+0x4ab/0x660 [ 317.568644][T10973] tipc_setsockopt+0x611/0xe30 [ 317.568668][T10973] ? __pfx_tipc_setsockopt+0x10/0x10 [ 317.568697][T10973] ? __pfx_tipc_setsockopt+0x10/0x10 [ 317.568720][T10973] do_sock_setsockopt+0xf3/0x1d0 [ 317.568745][T10973] __sys_setsockopt+0x119/0x190 [ 317.568768][T10973] __x64_sys_setsockopt+0xbd/0x160 [ 317.568787][T10973] ? do_syscall_64+0x95/0xf80 [ 317.568806][T10973] ? lockdep_hardirqs_on+0x78/0x100 [ 317.568835][T10973] do_syscall_64+0x106/0xf80 [ 317.568855][T10973] ? clear_bhb_loop+0x40/0x90 [ 317.568873][T10973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.568888][T10973] RIP: 0033:0x7f355339c799 [ 317.568902][T10973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 317.568916][T10973] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 317.568931][T10973] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 317.568940][T10973] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 317.568949][T10973] RBP: 00007f3553432c99 R08: 0000000000000014 R09: 0000000000000000 [ 317.568958][T10973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.568966][T10973] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 317.568985][T10973] [ 318.911550][T11002] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1737'. [ 320.436743][T11047] netlink: 346 bytes leftover after parsing attributes in process `syz.5.1749'. [ 320.958393][T11067] FAULT_INJECTION: forcing a failure. [ 320.958393][T11067] name failslab, interval 1, probability 0, space 0, times 0 [ 321.063771][T11067] CPU: 0 UID: 0 PID: 11067 Comm: syz.1.1754 Tainted: G L syzkaller #0 PREEMPT(full) [ 321.063801][T11067] Tainted: [L]=SOFTLOCKUP [ 321.063806][T11067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 321.063815][T11067] Call Trace: [ 321.063821][T11067] [ 321.063827][T11067] dump_stack_lvl+0x100/0x190 [ 321.063854][T11067] should_fail_ex.cold+0x5/0xa [ 321.063873][T11067] ? process_preds+0x4c2/0x1d90 [ 321.063893][T11067] should_failslab+0xc2/0x120 [ 321.063909][T11067] __kmalloc_noprof+0xe0/0x850 [ 321.063935][T11067] process_preds+0x4c2/0x1d90 [ 321.063960][T11067] ? create_filter_start.constprop.0+0x134/0x310 [ 321.063984][T11067] create_filter+0x140/0x210 [ 321.064006][T11067] ? __pfx_create_filter+0x10/0x10 [ 321.064029][T11067] ? find_held_lock+0x2b/0x80 [ 321.064045][T11067] apply_event_filter+0x220/0x500 [ 321.064067][T11067] ? __pfx_apply_event_filter+0x10/0x10 [ 321.064094][T11067] event_filter_write+0x16d/0x290 [ 321.064112][T11067] vfs_write+0x2aa/0x1070 [ 321.064134][T11067] ? __pfx_event_filter_write+0x10/0x10 [ 321.064153][T11067] ? __pfx_vfs_write+0x10/0x10 [ 321.064174][T11067] ? __fget_files+0x215/0x3d0 [ 321.064192][T11067] ? __fget_files+0x21f/0x3d0 [ 321.064211][T11067] ksys_write+0x12a/0x250 [ 321.064224][T11067] ? __pfx_ksys_write+0x10/0x10 [ 321.064242][T11067] do_syscall_64+0x106/0xf80 [ 321.064262][T11067] ? clear_bhb_loop+0x40/0x90 [ 321.064280][T11067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.064295][T11067] RIP: 0033:0x7f6a2339c799 [ 321.064308][T11067] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 321.064321][T11067] RSP: 002b:00007f6a241d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 321.064335][T11067] RAX: ffffffffffffffda RBX: 00007f6a23615fa0 RCX: 00007f6a2339c799 [ 321.064345][T11067] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 321.064353][T11067] RBP: 00007f6a23432c99 R08: 0000000000000000 R09: 0000000000000000 [ 321.064362][T11067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 321.064379][T11067] R13: 00007f6a23616038 R14: 00007f6a23615fa0 R15: 00007ffeac590b28 [ 321.064400][T11067] [ 321.570146][T11063] mkiss: ax0: crc mode is auto. [ 322.781346][T11099] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1763'. [ 324.577705][ T29] audit: type=1800 audit(1773518816.215:6): pid=11143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1779" name="dbroot" dev="configfs" ino=43933 res=0 errno=0 [ 324.668602][T11139] mkiss: ax0: crc mode is auto. [ 325.302863][T11166] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1787'. [ 325.407323][T11163] zswap: compressor not available [ 325.954285][T11186] netlink: 'syz.2.1790': attribute type 1 has an invalid length. [ 326.072583][T11186] netlink: 314 bytes leftover after parsing attributes in process `syz.2.1790'. [ 326.874300][T11199] mkiss: ax0: crc mode is auto. [ 328.001480][T11243] netlink: 202 bytes leftover after parsing attributes in process `syz.5.1806'. [ 330.598434][T11292] FAULT_INJECTION: forcing a failure. [ 330.598434][T11292] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 330.684214][T11292] CPU: 0 UID: 0 PID: 11292 Comm: syz.5.1819 Tainted: G L syzkaller #0 PREEMPT(full) [ 330.684242][T11292] Tainted: [L]=SOFTLOCKUP [ 330.684247][T11292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 330.684256][T11292] Call Trace: [ 330.684262][T11292] [ 330.684268][T11292] dump_stack_lvl+0x100/0x190 [ 330.684295][T11292] should_fail_ex.cold+0x5/0xa [ 330.684311][T11292] ? prepare_alloc_pages+0x16d/0x5f0 [ 330.684330][T11292] should_fail_alloc_page+0xeb/0x140 [ 330.684347][T11292] prepare_alloc_pages+0x1f0/0x5f0 [ 330.684367][T11292] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 330.684389][T11292] ? xa_load+0x153/0x2c0 [ 330.684411][T11292] ? __pfx_xa_load+0x10/0x10 [ 330.684435][T11292] ? __lock_acquire+0x4a5/0x2630 [ 330.684495][T11292] ? workingset_refault+0x477/0xf60 [ 330.684518][T11292] ? workingset_refault+0x477/0xf60 [ 330.684541][T11292] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 330.684568][T11292] ? __lock_acquire+0x4a5/0x2630 [ 330.684593][T11292] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 330.684617][T11292] ? policy_nodemask+0xed/0x4f0 [ 330.684634][T11292] alloc_pages_mpol+0x1fb/0x550 [ 330.684650][T11292] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 330.684666][T11292] ? swap_entry_swapped+0x1ff/0x2b0 [ 330.684681][T11292] ? __pfx_swap_entry_swapped+0x10/0x10 [ 330.684698][T11292] folio_alloc_mpol_noprof+0x36/0x340 [ 330.684716][T11292] swap_cache_alloc_folio+0x1a8/0x300 [ 330.684737][T11292] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 330.684756][T11292] ? __pfx_get_swap_device+0x10/0x10 [ 330.684770][T11292] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 330.684795][T11292] read_swap_cache_async+0xd9/0x480 [ 330.684816][T11292] ? __pfx_read_swap_cache_async+0x10/0x10 [ 330.684836][T11292] ? find_held_lock+0x2b/0x80 [ 330.684848][T11292] ? find_held_lock+0x2b/0x80 [ 330.684861][T11292] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 330.684877][T11292] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 330.684896][T11292] swapin_walk_pmd_entry+0x2fd/0x640 [ 330.684916][T11292] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 330.684932][T11292] ? __lock_acquire+0x4a5/0x2630 [ 330.684950][T11292] ? tomoyo_path_perm+0x29c/0x460 [ 330.684965][T11292] ? kasan_save_stack+0x3f/0x50 [ 330.684986][T11292] ? kasan_save_stack+0x30/0x50 [ 330.685007][T11292] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 330.685024][T11292] walk_pgd_range+0xc04/0x1eb0 [ 330.685060][T11292] ? __pfx_walk_pgd_range+0x10/0x10 [ 330.685087][T11292] __walk_page_range+0x163/0x820 [ 330.685117][T11292] walk_page_range_vma_unsafe+0x209/0x8f0 [ 330.685142][T11292] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 330.685165][T11292] ? lock_acquire+0x1cf/0x380 [ 330.685184][T11292] ? finish_task_switch.isra.0+0x200/0xb80 [ 330.685202][T11292] ? rcu_is_watching+0x12/0xc0 [ 330.685225][T11292] walk_page_range_vma+0x63/0x90 [ 330.685249][T11292] madvise_vma_behavior+0x1e14/0x3050 [ 330.685268][T11292] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 330.685285][T11292] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 330.685309][T11292] ? mas_prev+0x9b/0xf0 [ 330.685329][T11292] ? __pfx_mas_prev+0x10/0x10 [ 330.685354][T11292] ? find_vma_prev+0xd8/0x150 [ 330.685368][T11292] ? futex_unqueue+0x133/0x2c0 [ 330.685386][T11292] ? __pfx_find_vma_prev+0x10/0x10 [ 330.685407][T11292] ? __futex_wait+0x256/0x300 [ 330.685432][T11292] madvise_walk_vmas+0x2fe/0xa90 [ 330.685461][T11292] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 330.685484][T11292] madvise_do_behavior+0x1ea/0x510 [ 330.685504][T11292] ? __pfx_madvise_do_behavior+0x10/0x10 [ 330.685523][T11292] ? down_read+0x13b/0x460 [ 330.685555][T11292] do_madvise+0x195/0x240 [ 330.685571][T11292] ? __pfx_do_madvise+0x10/0x10 [ 330.685587][T11292] ? do_futex+0x192/0x350 [ 330.685608][T11292] ? __fget_files+0x21f/0x3d0 [ 330.685634][T11292] __x64_sys_madvise+0xa9/0x110 [ 330.685650][T11292] ? lockdep_hardirqs_on+0x78/0x100 [ 330.685670][T11292] do_syscall_64+0x106/0xf80 [ 330.685689][T11292] ? clear_bhb_loop+0x40/0x90 [ 330.685708][T11292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.685723][T11292] RIP: 0033:0x7fe60239c799 [ 330.685737][T11292] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 330.685751][T11292] RSP: 002b:00007fe60333e028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 330.685766][T11292] RAX: ffffffffffffffda RBX: 00007fe602615fa0 RCX: 00007fe60239c799 [ 330.685777][T11292] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 330.685786][T11292] RBP: 00007fe602432c99 R08: 0000000000000000 R09: 0000000000000000 [ 330.685795][T11292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.685804][T11292] R13: 00007fe602616038 R14: 00007fe602615fa0 R15: 00007ffe66bdb3b8 [ 330.685824][T11292] [ 331.304070][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880381f8800: rx timeout, send abort [ 331.812268][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880381f8800: abort rx timeout. Force session deactivation [ 334.084295][T11378] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1852'. [ 335.362345][T11408] mkiss: ax0: crc mode is auto. [ 336.164886][T11428] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1862'. [ 337.244470][T11448] FAULT_INJECTION: forcing a failure. [ 337.244470][T11448] name failslab, interval 1, probability 0, space 0, times 0 [ 337.363853][T11448] CPU: 0 UID: 0 PID: 11448 Comm: syz.1.1865 Tainted: G L syzkaller #0 PREEMPT(full) [ 337.363880][T11448] Tainted: [L]=SOFTLOCKUP [ 337.363886][T11448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 337.363895][T11448] Call Trace: [ 337.363900][T11448] [ 337.363907][T11448] dump_stack_lvl+0x100/0x190 [ 337.363935][T11448] should_fail_ex.cold+0x5/0xa [ 337.363954][T11448] should_failslab+0xc2/0x120 [ 337.363970][T11448] __kmalloc_cache_noprof+0x7a/0x6f0 [ 337.363989][T11448] ? madvise_collapse+0x1b5/0xbe0 [ 337.364011][T11448] madvise_collapse+0x1b5/0xbe0 [ 337.364031][T11448] ? find_held_lock+0x2b/0x80 [ 337.364045][T11448] ? finish_task_switch.isra.0+0x200/0xb80 [ 337.364061][T11448] ? __pfx_madvise_collapse+0x10/0x10 [ 337.364079][T11448] ? rcu_is_cpu_rrupt_from_idle+0x231/0x270 [ 337.364106][T11448] madvise_vma_behavior+0x1987/0x3050 [ 337.364126][T11448] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 337.364143][T11448] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 337.364166][T11448] ? mas_prev+0x9b/0xf0 [ 337.364186][T11448] ? __pfx_mas_prev+0x10/0x10 [ 337.364210][T11448] ? find_vma_prev+0xd8/0x150 [ 337.364225][T11448] ? futex_unqueue+0x133/0x2c0 [ 337.364243][T11448] ? __pfx_find_vma_prev+0x10/0x10 [ 337.364264][T11448] ? __futex_wait+0x256/0x300 [ 337.364290][T11448] madvise_walk_vmas+0x2fe/0xa90 [ 337.364310][T11448] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 337.364332][T11448] madvise_do_behavior+0x1ea/0x510 [ 337.364350][T11448] ? __pfx_madvise_do_behavior+0x10/0x10 [ 337.364368][T11448] ? down_read+0x13b/0x460 [ 337.364407][T11448] do_madvise+0x195/0x240 [ 337.364424][T11448] ? __pfx_do_madvise+0x10/0x10 [ 337.364441][T11448] ? do_futex+0x192/0x350 [ 337.364473][T11448] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 337.364495][T11448] __x64_sys_madvise+0xa9/0x110 [ 337.364512][T11448] ? lockdep_hardirqs_on+0x78/0x100 [ 337.364531][T11448] do_syscall_64+0x106/0xf80 [ 337.364550][T11448] ? clear_bhb_loop+0x40/0x90 [ 337.364568][T11448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.364583][T11448] RIP: 0033:0x7f6a2339c799 [ 337.364596][T11448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 337.364610][T11448] RSP: 002b:00007f6a241d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 337.364625][T11448] RAX: ffffffffffffffda RBX: 00007f6a23615fa0 RCX: 00007f6a2339c799 [ 337.364634][T11448] RDX: 0000000000000019 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 337.364643][T11448] RBP: 00007f6a23432c99 R08: 0000000000000000 R09: 0000000000000000 [ 337.364652][T11448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 337.364661][T11448] R13: 00007f6a23616038 R14: 00007f6a23615fa0 R15: 00007ffeac590b28 [ 337.364682][T11448] [ 339.392527][T11495] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1884'. [ 339.437041][T11499] netlink: 266 bytes leftover after parsing attributes in process `syz.1.1886'. [ 339.447857][T11495] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1884'. [ 339.499202][T11499] IPv6: NLM_F_CREATE should be specified when creating new route [ 339.508332][T11501] netlink: 302 bytes leftover after parsing attributes in process `syz.5.1884'. [ 339.542549][T11495] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1884'. [ 339.754121][T11504] FAULT_INJECTION: forcing a failure. [ 339.754121][T11504] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 339.793748][T11504] CPU: 0 UID: 0 PID: 11504 Comm: syz.1.1888 Tainted: G L syzkaller #0 PREEMPT(full) [ 339.793775][T11504] Tainted: [L]=SOFTLOCKUP [ 339.793781][T11504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 339.793790][T11504] Call Trace: [ 339.793795][T11504] [ 339.793801][T11504] dump_stack_lvl+0x100/0x190 [ 339.793828][T11504] should_fail_ex.cold+0x5/0xa [ 339.793843][T11504] ? prepare_alloc_pages+0x16d/0x5f0 [ 339.793863][T11504] should_fail_alloc_page+0xeb/0x140 [ 339.793879][T11504] prepare_alloc_pages+0x1f0/0x5f0 [ 339.793899][T11504] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 339.793922][T11504] ? xa_load+0x153/0x2c0 [ 339.793942][T11504] ? __pfx_xa_load+0x10/0x10 [ 339.793968][T11504] ? __lock_acquire+0x4a5/0x2630 [ 339.793986][T11504] ? workingset_refault+0x477/0xf60 [ 339.794009][T11504] ? workingset_refault+0x477/0xf60 [ 339.794031][T11504] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 339.794057][T11504] ? __lock_acquire+0x4a5/0x2630 [ 339.794081][T11504] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 339.794106][T11504] ? policy_nodemask+0xed/0x4f0 [ 339.794122][T11504] alloc_pages_mpol+0x1fb/0x550 [ 339.794139][T11504] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 339.794161][T11504] ? swap_entry_swapped+0x1ff/0x2b0 [ 339.794176][T11504] ? __pfx_swap_entry_swapped+0x10/0x10 [ 339.794193][T11504] folio_alloc_mpol_noprof+0x36/0x340 [ 339.794212][T11504] swap_cache_alloc_folio+0x1a8/0x300 [ 339.794235][T11504] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 339.794254][T11504] ? __pfx_get_swap_device+0x10/0x10 [ 339.794269][T11504] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 339.794292][T11504] read_swap_cache_async+0xd9/0x480 [ 339.794314][T11504] ? __pfx_read_swap_cache_async+0x10/0x10 [ 339.794334][T11504] ? find_held_lock+0x2b/0x80 [ 339.794347][T11504] ? find_held_lock+0x2b/0x80 [ 339.794359][T11504] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 339.794375][T11504] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 339.794395][T11504] swapin_walk_pmd_entry+0x2fd/0x640 [ 339.794414][T11504] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 339.794430][T11504] ? __lock_acquire+0x4a5/0x2630 [ 339.794449][T11504] ? tomoyo_path_perm+0x29c/0x460 [ 339.794464][T11504] ? kasan_save_stack+0x3f/0x50 [ 339.794484][T11504] ? kasan_save_stack+0x30/0x50 [ 339.794505][T11504] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 339.794523][T11504] walk_pgd_range+0xc04/0x1eb0 [ 339.794558][T11504] ? __pfx_walk_pgd_range+0x10/0x10 [ 339.794584][T11504] __walk_page_range+0x163/0x820 [ 339.794615][T11504] walk_page_range_vma_unsafe+0x209/0x8f0 [ 339.794640][T11504] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 339.794662][T11504] ? lock_acquire+0x1cf/0x380 [ 339.794681][T11504] ? finish_task_switch.isra.0+0x200/0xb80 [ 339.794698][T11504] ? rcu_is_watching+0x12/0xc0 [ 339.794722][T11504] walk_page_range_vma+0x63/0x90 [ 339.794745][T11504] madvise_vma_behavior+0x1e14/0x3050 [ 339.794765][T11504] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 339.794782][T11504] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 339.794805][T11504] ? mas_prev+0x9b/0xf0 [ 339.794825][T11504] ? __pfx_mas_prev+0x10/0x10 [ 339.794850][T11504] ? find_vma_prev+0xd8/0x150 [ 339.794864][T11504] ? futex_unqueue+0x133/0x2c0 [ 339.794881][T11504] ? __pfx_find_vma_prev+0x10/0x10 [ 339.794902][T11504] ? __futex_wait+0x256/0x300 [ 339.794926][T11504] madvise_walk_vmas+0x2fe/0xa90 [ 339.794946][T11504] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 339.794969][T11504] madvise_do_behavior+0x1ea/0x510 [ 339.794987][T11504] ? __pfx_madvise_do_behavior+0x10/0x10 [ 339.795005][T11504] ? down_read+0x13b/0x460 [ 339.795035][T11504] do_madvise+0x195/0x240 [ 339.795051][T11504] ? __pfx_do_madvise+0x10/0x10 [ 339.795067][T11504] ? do_futex+0x192/0x350 [ 339.795087][T11504] ? __fget_files+0x21f/0x3d0 [ 339.795114][T11504] __x64_sys_madvise+0xa9/0x110 [ 339.795130][T11504] ? lockdep_hardirqs_on+0x78/0x100 [ 339.795156][T11504] do_syscall_64+0x106/0xf80 [ 339.795176][T11504] ? clear_bhb_loop+0x40/0x90 [ 339.795195][T11504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.795211][T11504] RIP: 0033:0x7f6a2339c799 [ 339.795225][T11504] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 339.795240][T11504] RSP: 002b:00007f6a241d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 339.795255][T11504] RAX: ffffffffffffffda RBX: 00007f6a23615fa0 RCX: 00007f6a2339c799 [ 339.795265][T11504] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 339.795275][T11504] RBP: 00007f6a23432c99 R08: 0000000000000000 R09: 0000000000000000 [ 339.795284][T11504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.795293][T11504] R13: 00007f6a23616038 R14: 00007f6a23615fa0 R15: 00007ffeac590b28 [ 339.795313][T11504] [ 343.236888][ T29] audit: type=1326 audit(1773518834.875:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11559 comm="syz.5.1908" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe60239c799 code=0x0 [ 343.407953][T11566] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1910'. [ 343.541728][T11568] netlink: 'syz.4.1911': attribute type 1 has an invalid length. [ 343.559253][T11568] netlink: 'syz.4.1911': attribute type 6 has an invalid length. [ 343.768361][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802d689c00: rx timeout, send abort [ 343.776726][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802d68b400: rx timeout, send abort [ 343.785058][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802d689c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 343.799387][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802d68b400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 344.064317][T11576] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1914'. [ 344.558734][T11586] FAULT_INJECTION: forcing a failure. [ 344.558734][T11586] name failslab, interval 1, probability 0, space 0, times 0 [ 344.572048][T11586] CPU: 0 UID: 0 PID: 11586 Comm: syz.4.1917 Tainted: G L syzkaller #0 PREEMPT(full) [ 344.572074][T11586] Tainted: [L]=SOFTLOCKUP [ 344.572080][T11586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 344.572089][T11586] Call Trace: [ 344.572094][T11586] [ 344.572100][T11586] dump_stack_lvl+0x100/0x190 [ 344.572127][T11586] should_fail_ex.cold+0x5/0xa [ 344.572145][T11586] should_failslab+0xc2/0x120 [ 344.572170][T11586] __kmalloc_cache_noprof+0x7a/0x6f0 [ 344.572190][T11586] ? alloc_mnt_ns+0xce/0x520 [ 344.572215][T11586] alloc_mnt_ns+0xce/0x520 [ 344.572236][T11586] copy_mnt_ns+0x220/0xc30 [ 344.572253][T11586] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 344.572273][T11586] ? create_new_namespaces+0x30/0xac0 [ 344.572288][T11586] ? rcu_is_watching+0x12/0xc0 [ 344.572312][T11586] create_new_namespaces+0xd3/0xac0 [ 344.572326][T11586] ? bpf_lsm_capable+0x9/0x10 [ 344.572340][T11586] ? security_capable+0x80/0x260 [ 344.572364][T11586] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 344.572384][T11586] ksys_unshare+0x473/0xad0 [ 344.572403][T11586] ? __pfx_ksys_unshare+0x10/0x10 [ 344.572428][T11586] __x64_sys_unshare+0x31/0x40 [ 344.572445][T11586] do_syscall_64+0x106/0xf80 [ 344.572464][T11586] ? clear_bhb_loop+0x40/0x90 [ 344.572481][T11586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.572496][T11586] RIP: 0033:0x7f355339c799 [ 344.572511][T11586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 344.572525][T11586] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 344.572540][T11586] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 344.572549][T11586] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 344.572558][T11586] RBP: 00007f3553432c99 R08: 0000000000000000 R09: 0000000000000000 [ 344.572567][T11586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 344.572576][T11586] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 344.572596][T11586] [ 345.221683][T11601] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1922'. [ 345.268798][T11601] veth1_vlan: entered allmulticast mode [ 346.443959][T11625] FAULT_INJECTION: forcing a failure. [ 346.443959][T11625] name failslab, interval 1, probability 0, space 0, times 0 [ 346.502583][T11625] CPU: 0 UID: 0 PID: 11625 Comm: syz.2.1929 Tainted: G L syzkaller #0 PREEMPT(full) [ 346.502610][T11625] Tainted: [L]=SOFTLOCKUP [ 346.502616][T11625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 346.502625][T11625] Call Trace: [ 346.502630][T11625] [ 346.502636][T11625] dump_stack_lvl+0x100/0x190 [ 346.502664][T11625] should_fail_ex.cold+0x5/0xa [ 346.502683][T11625] should_failslab+0xc2/0x120 [ 346.502699][T11625] __kmalloc_cache_noprof+0x7a/0x6f0 [ 346.502718][T11625] ? alloc_mnt_ns+0xce/0x520 [ 346.502741][T11625] alloc_mnt_ns+0xce/0x520 [ 346.502766][T11625] copy_mnt_ns+0x220/0xc30 [ 346.502781][T11625] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 346.502801][T11625] ? create_new_namespaces+0x30/0xac0 [ 346.502817][T11625] ? rcu_is_watching+0x12/0xc0 [ 346.502840][T11625] create_new_namespaces+0xd3/0xac0 [ 346.502855][T11625] ? bpf_lsm_capable+0x9/0x10 [ 346.502869][T11625] ? security_capable+0x80/0x260 [ 346.502894][T11625] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 346.502918][T11625] ksys_unshare+0x473/0xad0 [ 346.502938][T11625] ? __pfx_ksys_unshare+0x10/0x10 [ 346.502964][T11625] __x64_sys_unshare+0x31/0x40 [ 346.502982][T11625] do_syscall_64+0x106/0xf80 [ 346.503002][T11625] ? clear_bhb_loop+0x40/0x90 [ 346.503020][T11625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.503036][T11625] RIP: 0033:0x7fc4b479c799 [ 346.503049][T11625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 346.503064][T11625] RSP: 002b:00007fc4b563c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 346.503080][T11625] RAX: ffffffffffffffda RBX: 00007fc4b4a15fa0 RCX: 00007fc4b479c799 [ 346.503089][T11625] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 346.503098][T11625] RBP: 00007fc4b4832c99 R08: 0000000000000000 R09: 0000000000000000 [ 346.503106][T11625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 346.503114][T11625] R13: 00007fc4b4a16038 R14: 00007fc4b4a15fa0 R15: 00007ffe182c26e8 [ 346.503133][T11625] [ 347.016180][T11637] netlink: 'syz.1.1935': attribute type 1 has an invalid length. [ 347.051214][T11637] netlink: 'syz.1.1935': attribute type 6 has an invalid length. [ 347.329561][T11640] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1936'. [ 348.102037][T11661] zswap: compressor û not available [ 349.987720][T11704] netlink: 306 bytes leftover after parsing attributes in process `syz.5.1954'. [ 350.494256][T11717] netlink: 266 bytes leftover after parsing attributes in process `syz.4.1959'. [ 350.503311][T11717] IPv6: NLM_F_CREATE should be specified when creating new route [ 350.956640][T11728] FAULT_INJECTION: forcing a failure. [ 350.956640][T11728] name failslab, interval 1, probability 0, space 0, times 0 [ 351.138483][T11728] CPU: 0 UID: 0 PID: 11728 Comm: syz.1.1962 Tainted: G L syzkaller #0 PREEMPT(full) [ 351.138510][T11728] Tainted: [L]=SOFTLOCKUP [ 351.138515][T11728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 351.138524][T11728] Call Trace: [ 351.138530][T11728] [ 351.138536][T11728] dump_stack_lvl+0x100/0x190 [ 351.138564][T11728] should_fail_ex.cold+0x5/0xa [ 351.138583][T11728] ? ima_alloc_init_template+0x19d/0x6d0 [ 351.138599][T11728] should_failslab+0xc2/0x120 [ 351.138615][T11728] __kmalloc_noprof+0xe0/0x850 [ 351.138638][T11728] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 351.138661][T11728] ima_alloc_init_template+0x19d/0x6d0 [ 351.138677][T11728] ? take_dentry_name_snapshot+0x310/0x7c0 [ 351.138699][T11728] ima_store_measurement+0x1e3/0x5b0 [ 351.138715][T11728] ? __pfx_ima_store_measurement+0x10/0x10 [ 351.138738][T11728] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 351.138762][T11728] process_measurement+0x19cc/0x2350 [ 351.138789][T11728] ? stack_trace_save+0x8e/0xc0 [ 351.138804][T11728] ? __pfx_process_measurement+0x10/0x10 [ 351.138826][T11728] ? __lock_acquire+0x4a5/0x2630 [ 351.138844][T11728] ? __kasan_slab_alloc+0x89/0x90 [ 351.138857][T11728] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 351.138878][T11728] ? init_file+0x95/0x480 [ 351.138892][T11728] ? alloc_empty_file+0x73/0x1c0 [ 351.138908][T11728] ? alloc_file_pseudo+0x13a/0x230 [ 351.138925][T11728] ? ksys_mmap_pgoff+0x232/0x650 [ 351.138939][T11728] ? __x64_sys_mmap+0x125/0x190 [ 351.138959][T11728] ? do_syscall_64+0x106/0xf80 [ 351.138995][T11728] ? __pfx_aa_file_perm+0x10/0x10 [ 351.139020][T11728] ima_file_mmap+0x1c4/0x1f0 [ 351.139042][T11728] ? __pfx_ima_file_mmap+0x10/0x10 [ 351.139068][T11728] security_mmap_file+0x278/0x9b0 [ 351.139087][T11728] vm_mmap_pgoff+0xec/0x470 [ 351.139105][T11728] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 351.139120][T11728] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 351.139139][T11728] ? hugetlbfs_get_inode+0x36e/0x750 [ 351.139160][T11728] ksys_mmap_pgoff+0x273/0x650 [ 351.139176][T11728] ? __x64_sys_futex+0x358/0x4d0 [ 351.139195][T11728] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 351.139210][T11728] ? xfd_validate_state+0x129/0x190 [ 351.139234][T11728] __x64_sys_mmap+0x125/0x190 [ 351.139256][T11728] do_syscall_64+0x106/0xf80 [ 351.139275][T11728] ? clear_bhb_loop+0x40/0x90 [ 351.139293][T11728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.139308][T11728] RIP: 0033:0x7f6a2339c799 [ 351.139321][T11728] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 351.139336][T11728] RSP: 002b:00007f6a24193028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 351.139350][T11728] RAX: ffffffffffffffda RBX: 00007f6a23616180 RCX: 00007f6a2339c799 [ 351.139360][T11728] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 351.139369][T11728] RBP: 00007f6a23432c99 R08: ffffffffffffffff R09: 0000300000020000 [ 351.139378][T11728] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 351.139387][T11728] R13: 00007f6a23616218 R14: 00007f6a23616180 R15: 00007ffeac590b28 [ 351.139406][T11728] [ 351.867628][ T29] audit: type=1804 audit(1773518842.775:8): pid=11728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.1.1962" name="anon_hugepage" dev="hugetlbfs" ino=46985 res=0 errno=0 [ 353.941400][T11782] openvswitch: netlink: IP tunnel dst address not specified [ 354.115412][T11787] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1985'. [ 354.209831][T11790] FAULT_INJECTION: forcing a failure. [ 354.209831][T11790] name fail_futex, interval 1, probability 0, space 0, times 0 [ 354.317358][T11790] CPU: 0 UID: 0 PID: 11790 Comm: syz.1.1986 Tainted: G L syzkaller #0 PREEMPT(full) [ 354.317385][T11790] Tainted: [L]=SOFTLOCKUP [ 354.317391][T11790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 354.317434][T11790] Call Trace: [ 354.317441][T11790] [ 354.317447][T11790] dump_stack_lvl+0x100/0x190 [ 354.317475][T11790] should_fail_ex.cold+0x5/0xa [ 354.317494][T11790] get_futex_key+0x1d2/0x1620 [ 354.317515][T11790] ? __pfx_get_futex_key+0x10/0x10 [ 354.317538][T11790] futex_wait_setup+0x83/0x510 [ 354.317564][T11790] __futex_wait+0x19f/0x300 [ 354.317588][T11790] ? __pfx___futex_wait+0x10/0x10 [ 354.317613][T11790] ? __pfx_futex_wake_mark+0x10/0x10 [ 354.317637][T11790] ? find_held_lock+0x2b/0x80 [ 354.317650][T11790] ? futex_wake+0x456/0x530 [ 354.317675][T11790] futex_wait+0xed/0x380 [ 354.317695][T11790] ? __pfx_futex_wait+0x10/0x10 [ 354.317726][T11790] do_futex+0x1ef/0x350 [ 354.317744][T11790] ? __pfx_do_futex+0x10/0x10 [ 354.317767][T11790] __x64_sys_futex+0x34f/0x4d0 [ 354.317787][T11790] ? __pfx___x64_sys_futex+0x10/0x10 [ 354.317812][T11790] do_syscall_64+0x106/0xf80 [ 354.317831][T11790] ? clear_bhb_loop+0x40/0x90 [ 354.317849][T11790] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.317864][T11790] RIP: 0033:0x7f6a2339c799 [ 354.317877][T11790] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 354.317892][T11790] RSP: 002b:00007f6a241b40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 354.317911][T11790] RAX: ffffffffffffffda RBX: 00007f6a23616098 RCX: 00007f6a2339c799 [ 354.317921][T11790] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6a23616098 [ 354.317930][T11790] RBP: 00007f6a23616090 R08: 0000000000000000 R09: 0000000000000000 [ 354.317939][T11790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 354.317948][T11790] R13: 00007f6a23616128 R14: 00007ffeac590a40 R15: 00007ffeac590b28 [ 354.317967][T11790] [ 355.166411][T11813] FAULT_INJECTION: forcing a failure. [ 355.166411][T11813] name failslab, interval 1, probability 0, space 0, times 0 [ 355.232924][T11813] CPU: 0 UID: 0 PID: 11813 Comm: syz.2.1997 Tainted: G L syzkaller #0 PREEMPT(full) [ 355.232952][T11813] Tainted: [L]=SOFTLOCKUP [ 355.232958][T11813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 355.232968][T11813] Call Trace: [ 355.232973][T11813] [ 355.232979][T11813] dump_stack_lvl+0x100/0x190 [ 355.233005][T11813] should_fail_ex.cold+0x5/0xa [ 355.233024][T11813] should_failslab+0xc2/0x120 [ 355.233047][T11813] __kmalloc_cache_noprof+0x7a/0x6f0 [ 355.233067][T11813] ? single_open+0x4d/0x1d0 [ 355.233085][T11813] ? __pfx___debugfs_file_get+0x10/0x10 [ 355.233107][T11813] ? __pfx_transactions_show+0x10/0x10 [ 355.233131][T11813] ? __pfx_transactions_open+0x10/0x10 [ 355.233151][T11813] single_open+0x4d/0x1d0 [ 355.233179][T11813] full_proxy_open_regular+0x1b6/0x370 [ 355.233202][T11813] do_dentry_open+0x6d8/0x1660 [ 355.233216][T11813] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 355.233243][T11813] vfs_open+0x82/0x3f0 [ 355.233262][T11813] path_openat+0x208c/0x31a0 [ 355.233288][T11813] ? __pfx_path_openat+0x10/0x10 [ 355.233309][T11813] do_file_open+0x20e/0x430 [ 355.233325][T11813] ? __pfx_do_file_open+0x10/0x10 [ 355.233353][T11813] ? alloc_fd+0x476/0x790 [ 355.233369][T11813] ? do_getname+0x191/0x390 [ 355.233387][T11813] do_sys_openat2+0x10d/0x1e0 [ 355.233406][T11813] ? __pfx_do_sys_openat2+0x10/0x10 [ 355.233430][T11813] __x64_sys_openat+0x12d/0x210 [ 355.233449][T11813] ? __pfx___x64_sys_openat+0x10/0x10 [ 355.233475][T11813] do_syscall_64+0x106/0xf80 [ 355.233496][T11813] ? clear_bhb_loop+0x40/0x90 [ 355.233514][T11813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.233529][T11813] RIP: 0033:0x7fc4b479c799 [ 355.233544][T11813] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 355.233558][T11813] RSP: 002b:00007fc4b563c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 355.233573][T11813] RAX: ffffffffffffffda RBX: 00007fc4b4a15fa0 RCX: 00007fc4b479c799 [ 355.233582][T11813] RDX: 0000000000000040 RSI: 0000200000001100 RDI: ffffffffffffff9c [ 355.233591][T11813] RBP: 00007fc4b4832c99 R08: 0000000000000000 R09: 0000000000000000 [ 355.233600][T11813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 355.233609][T11813] R13: 00007fc4b4a16038 R14: 00007fc4b4a15fa0 R15: 00007ffe182c26e8 [ 355.233628][T11813] [ 355.674541][T11818] Invalid ELF header magic: != ELF [ 355.785510][T11823] FAULT_INJECTION: forcing a failure. [ 355.785510][T11823] name failslab, interval 1, probability 0, space 0, times 0 [ 355.811978][T11823] CPU: 0 UID: 0 PID: 11823 Comm: syz.4.1999 Tainted: G L syzkaller #0 PREEMPT(full) [ 355.812005][T11823] Tainted: [L]=SOFTLOCKUP [ 355.812011][T11823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 355.812020][T11823] Call Trace: [ 355.812025][T11823] [ 355.812031][T11823] dump_stack_lvl+0x100/0x190 [ 355.812058][T11823] should_fail_ex.cold+0x5/0xa [ 355.812076][T11823] ? process_preds+0x452/0x1d90 [ 355.812096][T11823] should_failslab+0xc2/0x120 [ 355.812123][T11823] __kmalloc_noprof+0xe0/0x850 [ 355.812149][T11823] process_preds+0x452/0x1d90 [ 355.812176][T11823] ? create_filter_start.constprop.0+0x134/0x310 [ 355.812200][T11823] create_filter+0x140/0x210 [ 355.812221][T11823] ? __pfx_create_filter+0x10/0x10 [ 355.812244][T11823] ? find_held_lock+0x2b/0x80 [ 355.812260][T11823] apply_event_filter+0x220/0x500 [ 355.812283][T11823] ? __pfx_apply_event_filter+0x10/0x10 [ 355.812310][T11823] event_filter_write+0x16d/0x290 [ 355.812328][T11823] vfs_write+0x2aa/0x1070 [ 355.812351][T11823] ? __pfx_event_filter_write+0x10/0x10 [ 355.812370][T11823] ? __pfx_vfs_write+0x10/0x10 [ 355.812391][T11823] ? __fget_files+0x215/0x3d0 [ 355.812409][T11823] ? __fget_files+0x21f/0x3d0 [ 355.812428][T11823] ksys_write+0x12a/0x250 [ 355.812441][T11823] ? __pfx_ksys_write+0x10/0x10 [ 355.812460][T11823] do_syscall_64+0x106/0xf80 [ 355.812480][T11823] ? clear_bhb_loop+0x40/0x90 [ 355.812498][T11823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.812513][T11823] RIP: 0033:0x7f355339c799 [ 355.812525][T11823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 355.812539][T11823] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 355.812555][T11823] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 355.812565][T11823] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 355.812574][T11823] RBP: 00007f3553432c99 R08: 0000000000000000 R09: 0000000000000000 [ 355.812582][T11823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 355.812591][T11823] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 355.812611][T11823] [ 356.594948][T11833] FAULT_INJECTION: forcing a failure. [ 356.594948][T11833] name failslab, interval 1, probability 0, space 0, times 0 [ 356.636568][T11833] CPU: 0 UID: 0 PID: 11833 Comm: syz.2.2005 Tainted: G L syzkaller #0 PREEMPT(full) [ 356.636594][T11833] Tainted: [L]=SOFTLOCKUP [ 356.636599][T11833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 356.636608][T11833] Call Trace: [ 356.636613][T11833] [ 356.636619][T11833] dump_stack_lvl+0x100/0x190 [ 356.636646][T11833] should_fail_ex.cold+0x5/0xa [ 356.636664][T11833] ? acpi_ns_get_normalized_pathname+0x95/0x250 [ 356.636725][T11833] should_failslab+0xc2/0x120 [ 356.636742][T11833] __kmalloc_noprof+0xe0/0x850 [ 356.636768][T11833] acpi_ns_get_normalized_pathname+0x95/0x250 [ 356.636791][T11833] acpi_ds_call_control_method+0x5d4/0xab0 [ 356.636816][T11833] acpi_ps_parse_aml+0xacd/0x1120 [ 356.636836][T11833] acpi_ps_execute_method+0x5c4/0xe90 [ 356.636858][T11833] acpi_ns_evaluate+0x640/0x1670 [ 356.636881][T11833] acpi_evaluate_object+0x420/0xe00 [ 356.636895][T11833] ? kasan_save_stack+0x30/0x50 [ 356.636915][T11833] ? kasan_save_track+0x14/0x30 [ 356.636940][T11833] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 356.636960][T11833] acpi_evaluate_integer+0xdf/0x220 [ 356.636981][T11833] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 356.637009][T11833] ? __pfx_status_show+0x10/0x10 [ 356.637029][T11833] status_show+0xa0/0x120 [ 356.637043][T11833] ? __pfx_status_show+0x10/0x10 [ 356.637062][T11833] dev_attr_show+0x52/0xa0 [ 356.637081][T11833] ? __pfx_dev_attr_show+0x10/0x10 [ 356.637097][T11833] sysfs_kf_seq_show+0x217/0x3a0 [ 356.637119][T11833] seq_read_iter+0x32f/0x1270 [ 356.637151][T11833] kernfs_fop_read_iter+0x46c/0x610 [ 356.637167][T11833] ? rw_verify_area+0xce/0x6d0 [ 356.637187][T11833] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 356.637204][T11833] vfs_read+0x825/0xb30 [ 356.637228][T11833] ? __pfx_vfs_read+0x10/0x10 [ 356.637262][T11833] ksys_read+0x12a/0x250 [ 356.637284][T11833] ? __pfx_ksys_read+0x10/0x10 [ 356.637311][T11833] do_syscall_64+0x106/0xf80 [ 356.637330][T11833] ? clear_bhb_loop+0x40/0x90 [ 356.637347][T11833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.637363][T11833] RIP: 0033:0x7fc4b479c799 [ 356.637377][T11833] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 356.637392][T11833] RSP: 002b:00007fc4b563c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 356.637406][T11833] RAX: ffffffffffffffda RBX: 00007fc4b4a15fa0 RCX: 00007fc4b479c799 [ 356.637416][T11833] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 356.637425][T11833] RBP: 00007fc4b4832c99 R08: 0000000000000000 R09: 0000000000000000 [ 356.637433][T11833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.637442][T11833] R13: 00007fc4b4a16038 R14: 00007fc4b4a15fa0 R15: 00007ffe182c26e8 [ 356.637463][T11833] [ 356.637545][T11833] ACPI Error: [ 357.433193][ T29] audit: type=1800 audit(1773518849.065:9): pid=11844 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2009" name="trace_marker" dev="tracefs" ino=435 res=0 errno=0 [ 357.603830][T11833] Could not allocate 10 bytes (20251212/nsnames-308) [ 358.319765][T11860] zswap: compressor û not available [ 359.906687][T11901] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 360.146047][T11899] netlink: 74 bytes leftover after parsing attributes in process `syz.4.2034'. [ 360.205634][T11899] random: crng reseeded on system resumption [ 360.715375][T11915] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2031'. [ 361.470075][T11929] zswap: compressor 000 not available [ 361.910338][T11944] FAULT_INJECTION: forcing a failure. [ 361.910338][T11944] name failslab, interval 1, probability 0, space 0, times 0 [ 361.981013][T11944] CPU: 0 UID: 0 PID: 11944 Comm: syz.4.2041 Tainted: G L syzkaller #0 PREEMPT(full) [ 361.981040][T11944] Tainted: [L]=SOFTLOCKUP [ 361.981046][T11944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 361.981055][T11944] Call Trace: [ 361.981060][T11944] [ 361.981066][T11944] dump_stack_lvl+0x100/0x190 [ 361.981093][T11944] should_fail_ex.cold+0x5/0xa [ 361.981112][T11944] ? sk_prot_alloc+0x10b/0x2a0 [ 361.981125][T11944] should_failslab+0xc2/0x120 [ 361.981141][T11944] __kmalloc_noprof+0xe0/0x850 [ 361.981163][T11944] ? lockdep_init_map_type+0x5c/0x250 [ 361.981186][T11944] sk_prot_alloc+0x10b/0x2a0 [ 361.981201][T11944] sk_alloc+0x36/0xe80 [ 361.981220][T11944] pppoe_create+0x32/0x360 [ 361.981238][T11944] pppox_create+0x15c/0x2c0 [ 361.981254][T11944] __sock_create+0x339/0x860 [ 361.981273][T11944] __sys_socket+0x14d/0x260 [ 361.981289][T11944] ? __pfx___sys_socket+0x10/0x10 [ 361.981310][T11944] __x64_sys_socket+0x72/0xb0 [ 361.981325][T11944] ? lockdep_hardirqs_on+0x78/0x100 [ 361.981345][T11944] do_syscall_64+0x106/0xf80 [ 361.981364][T11944] ? clear_bhb_loop+0x40/0x90 [ 361.981381][T11944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 361.981404][T11944] RIP: 0033:0x7f355339c799 [ 361.981418][T11944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 361.981434][T11944] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 361.981448][T11944] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 361.981457][T11944] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000018 [ 361.981466][T11944] RBP: 00007f3553432c99 R08: 0000000000000000 R09: 0000000000000000 [ 361.981475][T11944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 361.981484][T11944] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 361.981504][T11944] [ 363.464305][T11979] zswap: compressor û not available [ 364.292383][T12000] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2059'. [ 365.110570][T12012] netlink: 17 bytes leftover after parsing attributes in process `syz.5.2062'. [ 366.472582][T12039] random: crng reseeded on system resumption [ 366.560966][T12039] Restarting kernel threads ... [ 366.614547][T12039] Done restarting kernel threads. [ 366.694825][T12041] sp0: Synchronizing with TNC [ 366.906217][T12042] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2071'. [ 366.931147][T12042] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2071'. [ 367.313603][T12065] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2078'. [ 368.278754][T12091] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 370.323622][ T5830] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 370.820399][T12149] netlink: 18 bytes leftover after parsing attributes in process `syz.4.2105'. [ 371.115087][T12154] mkiss: ax0: crc mode is auto. [ 371.812316][T12167] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2112'. [ 371.915851][T12167] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2112'. [ 372.009989][T12174] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2114'. [ 372.593745][T12183] zswap: compressor û not available [ 373.275685][T12199] netlink: 'syz.4.2119': attribute type 21 has an invalid length. [ 373.341793][T12199] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2119'. [ 373.664807][T12203] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2120'. [ 374.065540][T12213] netlink: 'syz.4.2124': attribute type 27 has an invalid length. [ 374.073376][T12213] netlink: 'syz.4.2124': attribute type 28 has an invalid length. [ 374.211718][T12213] netlink: 'syz.4.2124': attribute type 29 has an invalid length. [ 374.297803][T12213] netlink: 'syz.4.2124': attribute type 30 has an invalid length. [ 374.370404][T12213] netlink: 'syz.4.2124': attribute type 31 has an invalid length. [ 374.462815][T12213] netlink: 'syz.4.2124': attribute type 32 has an invalid length. [ 374.538226][T12213] netlink: 'syz.4.2124': attribute type 33 has an invalid length. [ 374.628243][T12213] netlink: 'syz.4.2124': attribute type 35 has an invalid length. [ 374.725831][T12213] netlink: 'syz.4.2124': attribute type 37 has an invalid length. [ 374.850387][T12213] netlink: 18 bytes leftover after parsing attributes in process `syz.4.2124'. [ 375.621319][T12245] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2133'. [ 377.497108][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805fc31000: rx timeout, send abort [ 377.505482][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805fc33800: rx timeout, send abort [ 377.513991][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805fc31000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 377.528520][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805fc33800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 377.884791][T12269] netlink: 266 bytes leftover after parsing attributes in process `syz.1.2142'. [ 378.573156][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.579547][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.175362][T12303] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2156'. [ 380.582954][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805fe8a400: rx timeout, send abort [ 380.747534][T12322] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 380.903284][T12331] netlink: 244 bytes leftover after parsing attributes in process `syz.5.2168'. [ 381.025214][T12335] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2170'. [ 381.053390][T12335] bond_slave_0: entered allmulticast mode [ 381.091312][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805fe8a400: abort rx timeout. Force session deactivation [ 382.046485][T12364] netlink: 25 bytes leftover after parsing attributes in process `syz.5.2182'. [ 382.726872][T12380] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2186'. [ 383.349781][T12394] random: crng reseeded on system resumption [ 384.567420][T12429] netlink: 138 bytes leftover after parsing attributes in process `syz.1.2204'. [ 384.669264][T12431] validate_nla: 1 callbacks suppressed [ 384.669280][T12431] netlink: 'syz.1.2205': attribute type 21 has an invalid length. [ 384.700245][T12431] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2205'. [ 385.296493][T12440] zswap: compressor not available [ 385.344509][ T29] audit: type=1800 audit(1773518876.985:10): pid=12450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2211" name="dbroot" dev="configfs" ino=50612 res=0 errno=0 [ 387.427254][T12481] FAULT_INJECTION: forcing a failure. [ 387.427254][T12481] name failslab, interval 1, probability 0, space 0, times 0 [ 387.455289][T12481] CPU: 0 UID: 0 PID: 12481 Comm: syz.1.2218 Tainted: G L syzkaller #0 PREEMPT(full) [ 387.455318][T12481] Tainted: [L]=SOFTLOCKUP [ 387.455323][T12481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 387.455333][T12481] Call Trace: [ 387.455339][T12481] [ 387.455345][T12481] dump_stack_lvl+0x100/0x190 [ 387.455373][T12481] should_fail_ex.cold+0x5/0xa [ 387.455392][T12481] should_failslab+0xc2/0x120 [ 387.455408][T12481] __kmalloc_cache_noprof+0x7a/0x6f0 [ 387.455426][T12481] ? fscontext_alloc_log+0x4a/0x1b0 [ 387.455449][T12481] fscontext_alloc_log+0x4a/0x1b0 [ 387.455469][T12481] __x64_sys_fsopen+0x159/0x220 [ 387.455488][T12481] do_syscall_64+0x106/0xf80 [ 387.455508][T12481] ? clear_bhb_loop+0x40/0x90 [ 387.455526][T12481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 387.455541][T12481] RIP: 0033:0x7f6a2339c799 [ 387.455559][T12481] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 387.455574][T12481] RSP: 002b:00007f6a241d5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 387.455589][T12481] RAX: ffffffffffffffda RBX: 00007f6a23615fa0 RCX: 00007f6a2339c799 [ 387.455599][T12481] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 387.455608][T12481] RBP: 00007f6a23432c99 R08: 0000000000000000 R09: 0000000000000000 [ 387.455617][T12481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 387.455626][T12481] R13: 00007f6a23616038 R14: 00007f6a23615fa0 R15: 00007ffeac590b28 [ 387.455646][T12481] [ 387.803961][ T5830] Bluetooth: hci3: unexpected event 0x20 length: 123 > 7 [ 388.008878][T12494] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2223'. [ 388.065651][T12496] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2225'. [ 388.240250][T12498] FAULT_INJECTION: forcing a failure. [ 388.240250][T12498] name fail_futex, interval 1, probability 0, space 0, times 0 [ 388.300309][T12498] CPU: 0 UID: 7 PID: 12498 Comm: syz.4.2226 Tainted: G L syzkaller #0 PREEMPT(full) [ 388.300336][T12498] Tainted: [L]=SOFTLOCKUP [ 388.300342][T12498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 388.300352][T12498] Call Trace: [ 388.300357][T12498] [ 388.300363][T12498] dump_stack_lvl+0x100/0x190 [ 388.300390][T12498] should_fail_ex.cold+0x5/0xa [ 388.300409][T12498] get_futex_key+0x1d2/0x1620 [ 388.300429][T12498] ? __pfx_get_futex_key+0x10/0x10 [ 388.300445][T12498] ? __lock_acquire+0x4a5/0x2630 [ 388.300470][T12498] futex_wake+0xea/0x530 [ 388.300490][T12498] ? lock_acquire+0x1cf/0x380 [ 388.300509][T12498] ? __pfx_futex_wake+0x10/0x10 [ 388.300533][T12498] ? proc_id_connector+0x2ed/0x650 [ 388.300555][T12498] do_futex+0x32b/0x350 [ 388.300574][T12498] ? __pfx_do_futex+0x10/0x10 [ 388.300597][T12498] __x64_sys_futex+0x34f/0x4d0 [ 388.300618][T12498] ? __pfx___x64_sys_futex+0x10/0x10 [ 388.300643][T12498] do_syscall_64+0x106/0xf80 [ 388.300662][T12498] ? clear_bhb_loop+0x40/0x90 [ 388.300680][T12498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.300695][T12498] RIP: 0033:0x7f355339c799 [ 388.300708][T12498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 388.300723][T12498] RSP: 002b:00007f35541b50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 388.300738][T12498] RAX: ffffffffffffffda RBX: 00007f3553615fa8 RCX: 00007f355339c799 [ 388.300747][T12498] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3553615fac [ 388.300757][T12498] RBP: 00007f3553615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 388.300765][T12498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 388.300774][T12498] R13: 00007f3553616038 R14: 00007ffc95789390 R15: 00007ffc95789478 [ 388.300793][T12498] [ 388.906917][T12504] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2228'. [ 388.969967][T12504] netlink: 354 bytes leftover after parsing attributes in process `syz.4.2228'. [ 389.216791][T12511] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2232'. [ 389.667996][T12514] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2233'. [ 389.717389][T12514] gretap0: refused to change device tx_queue_len [ 390.586286][ T5830] Bluetooth: hci5: unexpected event 0x06 length: 435 > 3 [ 391.586468][T12557] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2245'. [ 392.174761][T12566] netlink: 'syz.1.2249': attribute type 7 has an invalid length. [ 392.211455][T12566] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2249'. [ 392.486040][T12569] netlink: 146 bytes leftover after parsing attributes in process `syz.1.2251'. [ 393.094773][T12582] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2256'. [ 393.812844][T12601] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2261'. [ 395.611023][T12645] zswap: compressor not available [ 395.634418][T12652] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 396.887132][T12682] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2279'. [ 396.942017][T12682] –õ\­: renamed from lo (while UP) [ 398.078918][T12713] FAULT_INJECTION: forcing a failure. [ 398.078918][T12713] name failslab, interval 1, probability 0, space 0, times 0 [ 398.152372][T12713] CPU: 0 UID: 0 PID: 12713 Comm: syz.1.2288 Tainted: G L syzkaller #0 PREEMPT(full) [ 398.152400][T12713] Tainted: [L]=SOFTLOCKUP [ 398.152405][T12713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 398.152414][T12713] Call Trace: [ 398.152419][T12713] [ 398.152425][T12713] dump_stack_lvl+0x100/0x190 [ 398.152453][T12713] should_fail_ex.cold+0x5/0xa [ 398.152472][T12713] should_failslab+0xc2/0x120 [ 398.152487][T12713] __kmalloc_cache_noprof+0x7a/0x6f0 [ 398.152506][T12713] ? sctp_add_bind_addr+0xae/0x3e0 [ 398.152524][T12713] ? __sctp_v6_cmp_addr+0x206/0x530 [ 398.152547][T12713] sctp_add_bind_addr+0xae/0x3e0 [ 398.152568][T12713] sctp_copy_local_addr_list+0x349/0x550 [ 398.152592][T12713] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 398.152614][T12713] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 398.152636][T12713] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 398.152662][T12713] sctp_bind_addr_copy+0xe0/0x530 [ 398.152685][T12713] sctp_connect_new_asoc+0x1c9/0x770 [ 398.152701][T12713] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 398.152717][T12713] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 398.152744][T12713] __sctp_connect+0x3e7/0xc70 [ 398.152768][T12713] ? __pfx___sctp_connect+0x10/0x10 [ 398.152784][T12713] ? __pfx_sctp_inet_connect+0x10/0x10 [ 398.152799][T12713] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 398.152824][T12713] ? __pfx_sctp_inet_connect+0x10/0x10 [ 398.152838][T12713] sctp_inet_connect+0x15f/0x220 [ 398.152854][T12713] __sys_connect_file+0x141/0x1a0 [ 398.152875][T12713] __sys_connect+0x141/0x170 [ 398.152892][T12713] ? __pfx___sys_connect+0x10/0x10 [ 398.152928][T12713] __x64_sys_connect+0x72/0xb0 [ 398.152945][T12713] ? lockdep_hardirqs_on+0x78/0x100 [ 398.152967][T12713] do_syscall_64+0x106/0xf80 [ 398.152987][T12713] ? clear_bhb_loop+0x40/0x90 [ 398.153005][T12713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.153020][T12713] RIP: 0033:0x7f6a2339c799 [ 398.153032][T12713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 398.153047][T12713] RSP: 002b:00007f6a241d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 398.153061][T12713] RAX: ffffffffffffffda RBX: 00007f6a23615fa0 RCX: 00007f6a2339c799 [ 398.153072][T12713] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 398.153080][T12713] RBP: 00007f6a23432c99 R08: 0000000000000000 R09: 0000000000000000 [ 398.153089][T12713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 398.153098][T12713] R13: 00007f6a23616038 R14: 00007f6a23615fa0 R15: 00007ffeac590b28 [ 398.153119][T12713] [ 399.795161][T12743] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2301'. [ 399.924859][T12746] usb usb24: usbfs: process 12746 (syz.1.2302) did not claim interface 0 before use [ 400.771069][T12765] FAULT_INJECTION: forcing a failure. [ 400.771069][T12765] name fail_futex, interval 1, probability 0, space 0, times 0 [ 400.839789][T12765] CPU: 0 UID: 0 PID: 12765 Comm: syz.2.2309 Tainted: G L syzkaller #0 PREEMPT(full) [ 400.839819][T12765] Tainted: [L]=SOFTLOCKUP [ 400.839825][T12765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 400.839834][T12765] Call Trace: [ 400.839840][T12765] [ 400.839846][T12765] dump_stack_lvl+0x100/0x190 [ 400.839873][T12765] should_fail_ex.cold+0x5/0xa [ 400.839891][T12765] get_futex_key+0x1d2/0x1620 [ 400.839912][T12765] ? __pfx_get_futex_key+0x10/0x10 [ 400.839935][T12765] futex_wake+0xea/0x530 [ 400.839958][T12765] ? __pfx_futex_wake+0x10/0x10 [ 400.839984][T12765] ? proc_id_connector+0x2ed/0x650 [ 400.840006][T12765] do_futex+0x32b/0x350 [ 400.840025][T12765] ? __pfx_do_futex+0x10/0x10 [ 400.840042][T12765] ? find_held_lock+0x2b/0x80 [ 400.840061][T12765] __x64_sys_futex+0x34f/0x4d0 [ 400.840082][T12765] ? __pfx___x64_sys_futex+0x10/0x10 [ 400.840109][T12765] do_syscall_64+0x106/0xf80 [ 400.840128][T12765] ? clear_bhb_loop+0x40/0x90 [ 400.840146][T12765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.840161][T12765] RIP: 0033:0x7fc4b479c799 [ 400.840174][T12765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 400.840188][T12765] RSP: 002b:00007fc4b563c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 400.840203][T12765] RAX: ffffffffffffffda RBX: 00007fc4b4a15fa8 RCX: 00007fc4b479c799 [ 400.840213][T12765] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc4b4a15fac [ 400.840222][T12765] RBP: 00007fc4b4a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 400.840230][T12765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 400.840239][T12765] R13: 00007fc4b4a16038 R14: 00007ffe182c2600 R15: 00007ffe182c26e8 [ 400.840258][T12765] [ 401.340185][T12773] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2311'. [ 401.364047][T12773] netlink: 302 bytes leftover after parsing attributes in process `syz.5.2311'. [ 402.046322][T12785] usb usb24: usbfs: process 12785 (syz.4.2315) did not claim interface 0 before use [ 402.136166][T12789] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2316'. [ 402.190273][T12789] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2316'. [ 403.994179][T12809] FAULT_INJECTION: forcing a failure. [ 403.994179][T12809] name fail_futex, interval 1, probability 0, space 0, times 0 [ 404.104956][T12809] CPU: 0 UID: 0 PID: 12809 Comm: syz.4.2323 Tainted: G L syzkaller #0 PREEMPT(full) [ 404.104981][T12809] Tainted: [L]=SOFTLOCKUP [ 404.104986][T12809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 404.104994][T12809] Call Trace: [ 404.104999][T12809] [ 404.105005][T12809] dump_stack_lvl+0x100/0x190 [ 404.105030][T12809] should_fail_ex.cold+0x5/0xa [ 404.105047][T12809] get_futex_key+0x1d2/0x1620 [ 404.105067][T12809] ? __pfx_get_futex_key+0x10/0x10 [ 404.105081][T12809] ? lock_acquire+0x1cf/0x380 [ 404.105104][T12809] futex_wake+0xea/0x530 [ 404.105125][T12809] ? __pfx_futex_wake+0x10/0x10 [ 404.105145][T12809] ? exit_mm_release+0x19/0x30 [ 404.105166][T12809] do_futex+0x32b/0x350 [ 404.105184][T12809] ? __pfx_do_futex+0x10/0x10 [ 404.105199][T12809] ? __might_fault+0xc5/0x140 [ 404.105223][T12809] mm_release+0x24a/0x2f0 [ 404.105237][T12809] do_exit+0x704/0x2b60 [ 404.105257][T12809] ? __pfx_do_exit+0x10/0x10 [ 404.105274][T12809] ? do_raw_spin_lock+0x128/0x260 [ 404.105293][T12809] ? find_held_lock+0x2b/0x80 [ 404.105305][T12809] ? get_signal+0x7e0/0x21e0 [ 404.105321][T12809] do_group_exit+0xd5/0x2a0 [ 404.105340][T12809] get_signal+0x1ec7/0x21e0 [ 404.105361][T12809] ? __pfx_get_signal+0x10/0x10 [ 404.105376][T12809] ? do_futex+0x192/0x350 [ 404.105395][T12809] arch_do_signal_or_restart+0x91/0x770 [ 404.105422][T12809] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 404.105444][T12809] ? __pfx___x64_sys_futex+0x10/0x10 [ 404.105466][T12809] exit_to_user_mode_loop+0x86/0x4a0 [ 404.105485][T12809] do_syscall_64+0x668/0xf80 [ 404.105504][T12809] ? clear_bhb_loop+0x40/0x90 [ 404.105520][T12809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.105534][T12809] RIP: 0033:0x7f355339c799 [ 404.105547][T12809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 404.105561][T12809] RSP: 002b:00007f35541940e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 404.105575][T12809] RAX: fffffffffffffe00 RBX: 00007f3553616098 RCX: 00007f355339c799 [ 404.105584][T12809] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3553616098 [ 404.105592][T12809] RBP: 00007f3553616090 R08: 0000000000000000 R09: 0000000000000000 [ 404.105601][T12809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 404.105608][T12809] R13: 00007f3553616128 R14: 00007ffc95789390 R15: 00007ffc95789478 [ 404.105627][T12809] [ 404.843988][T12831] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2331'. [ 404.883808][T12831] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2331'. [ 404.929649][T12831] netlink: 134 bytes leftover after parsing attributes in process `syz.5.2331'. [ 405.179582][T12839] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2333'. [ 405.244659][T12844] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2333'. [ 405.328137][T12839] netlink: 302 bytes leftover after parsing attributes in process `syz.4.2333'. [ 406.316122][T12862] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2339'. [ 406.333934][T12860] FAULT_INJECTION: forcing a failure. [ 406.333934][T12860] name failslab, interval 1, probability 0, space 0, times 0 [ 406.416968][T12860] CPU: 0 UID: 0 PID: 12860 Comm: syz.2.2337 Tainted: G L syzkaller #0 PREEMPT(full) [ 406.416998][T12860] Tainted: [L]=SOFTLOCKUP [ 406.417004][T12860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 406.417013][T12860] Call Trace: [ 406.417019][T12860] [ 406.417025][T12860] dump_stack_lvl+0x100/0x190 [ 406.417059][T12860] should_fail_ex.cold+0x5/0xa [ 406.417078][T12860] should_failslab+0xc2/0x120 [ 406.417094][T12860] __kmalloc_cache_noprof+0x7a/0x6f0 [ 406.417113][T12860] ? alloc_super+0x52/0xd20 [ 406.417138][T12860] alloc_super+0x52/0xd20 [ 406.417162][T12860] ? __pfx_mqueue_fill_super+0x10/0x10 [ 406.417182][T12860] sget_fc+0x117/0xc70 [ 406.417203][T12860] ? __pfx_set_anon_super_fc+0x10/0x10 [ 406.417224][T12860] ? __pfx_mqueue_fill_super+0x10/0x10 [ 406.417244][T12860] get_tree_nodev+0x28/0x190 [ 406.417267][T12860] mqueue_get_tree+0xf1/0x130 [ 406.417288][T12860] vfs_get_tree+0x92/0x320 [ 406.417308][T12860] fc_mount_longterm+0x1a/0x270 [ 406.417329][T12860] mq_init_ns+0x482/0x820 [ 406.417345][T12860] copy_ipcs+0x3dd/0x7e0 [ 406.417361][T12860] create_new_namespaces+0x20a/0xac0 [ 406.417377][T12860] ? security_capable+0x80/0x260 [ 406.417400][T12860] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 406.417418][T12860] ksys_unshare+0x473/0xad0 [ 406.417437][T12860] ? __pfx_ksys_unshare+0x10/0x10 [ 406.417462][T12860] __x64_sys_unshare+0x31/0x40 [ 406.417480][T12860] do_syscall_64+0x106/0xf80 [ 406.417500][T12860] ? clear_bhb_loop+0x40/0x90 [ 406.417518][T12860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.417534][T12860] RIP: 0033:0x7fc4b479c799 [ 406.417547][T12860] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 406.417562][T12860] RSP: 002b:00007fc4b563c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 406.417578][T12860] RAX: ffffffffffffffda RBX: 00007fc4b4a15fa0 RCX: 00007fc4b479c799 [ 406.417587][T12860] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 406.417596][T12860] RBP: 00007fc4b4832c99 R08: 0000000000000000 R09: 0000000000000000 [ 406.417605][T12860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 406.417613][T12860] R13: 00007fc4b4a16038 R14: 00007fc4b4a15fa0 R15: 00007ffe182c26e8 [ 406.417632][T12860] [ 406.960687][T12876] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2345'. [ 410.049535][T12932] random: crng reseeded on system resumption [ 410.183103][T12941] __nla_validate_parse: 2 callbacks suppressed [ 410.183119][T12941] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2364'. [ 413.219843][T13016] netlink: 54 bytes leftover after parsing attributes in process `syz.5.2388'. [ 413.395732][T13018] input: f¬ as /devices/virtual/input/input11 [ 413.718846][T13026] [U]  [ 413.721649][T13026] [U] [ 413.724322][T13026] [U] [ 413.726991][T13026] [U] [ 413.762530][T13026] [U] [ 413.765250][T13026] [U] [ 413.767924][T13026] [U] [ 413.770595][T13026] [U] [ 413.838939][T13026] [U] [ 413.841655][T13026] [U] [ 413.844351][T13026] [U] [ 413.847021][T13026] [U] [ 413.895755][T13026] [U] [ 413.898466][T13026] [U] [ 413.901136][T13026] [U] [ 413.903827][T13026] [U] [ 413.944774][T13026] [U] [ 413.947491][T13026] [U] [ 413.950163][T13026] [U] [ 413.952851][T13026] [U] [ 413.986807][T13026] [U] [ 413.989520][T13026] [U] [ 413.992188][T13026] [U] [ 413.994887][T13026] [U] [ 414.032416][T13026] [U] [ 414.035128][T13026] [U] [ 414.037800][T13026] [U] [ 414.040468][T13026] [U] [ 414.075945][T13026] [U] [ 414.078665][T13026] [U] [ 414.081344][T13026] [U] [ 414.084012][T13026] [U] [ 414.145155][T13026] [U] [ 414.147870][T13026] [U] [ 414.150538][T13026] [U] [ 414.153242][T13026] [U] [ 414.231456][T13026] [U] [ 414.234174][T13026] [U] [ 414.236846][T13026] [U] [ 414.239515][T13026] [U] [ 414.271478][T13026] [U] [ 414.274190][T13026] [U] [ 414.276891][T13026] [U] [ 414.279559][T13026] [U] [ 414.313448][T13026] [U] [ 414.316198][T13026] [U] [ 414.318880][T13026] [U] [ 414.321552][T13026] [U] [ 414.369297][T13026] [U] [ 414.372013][T13026] [U] [ 414.374684][T13026] [U] [ 414.377351][T13026] [U] [ 414.419552][T13026] [U] [ 414.422265][T13026] [U] [ 414.424939][T13026] [U] [ 414.427613][T13026] [U] [ 414.473207][T13026] [U] [ 414.475928][T13026] [U] [ 414.478598][T13026] [U] [ 414.481287][T13026] [U] [ 414.565222][T13026] [U] [ 414.567940][T13026] [U] [ 414.570613][T13026] [U] [ 414.573285][T13026] [U] [ 414.672347][T13026] [U] [ 414.675062][T13026] [U] [ 414.677751][T13026] [U] [ 414.680420][T13026] [U] [ 414.742445][T13026] [U] [ 414.745155][T13026] [U] [ 414.747853][T13026] [U] [ 414.750520][T13026] [U] [ 414.794283][T13026] [U] [ 414.796994][T13026] [U] [ 414.799669][T13026] [U] [ 414.802338][T13026] [U] [ 414.833929][T13026] [U] [ 414.836670][T13026] [U] [ 414.839340][T13026] [U] [ 414.842025][T13026] [U] [ 414.875740][T13026] [U] [ 414.878501][T13026] [U] [ 414.881175][T13026] [U] [ 414.883867][T13026] [U] [ 414.925026][T13026] [U] [ 415.723130][T13057] raw_sendmsg: syz.2.2400 forgot to set AF_INET. Fix it! [ 416.061270][T13061] netlink: zone id is out of range [ 416.179846][T13064] sp0: Synchronizing with TNC [ 416.704484][T13075] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2408'. [ 419.075876][T13127] FAULT_INJECTION: forcing a failure. [ 419.075876][T13127] name failslab, interval 1, probability 0, space 0, times 0 [ 419.187809][T13127] CPU: 0 UID: 0 PID: 13127 Comm: syz.4.2424 Tainted: G L syzkaller #0 PREEMPT(full) [ 419.187835][T13127] Tainted: [L]=SOFTLOCKUP [ 419.187841][T13127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 419.187850][T13127] Call Trace: [ 419.187856][T13127] [ 419.187862][T13127] dump_stack_lvl+0x100/0x190 [ 419.187891][T13127] should_fail_ex.cold+0x5/0xa [ 419.187910][T13127] should_failslab+0xc2/0x120 [ 419.187971][T13127] __kmalloc_cache_noprof+0x7a/0x6f0 [ 419.187992][T13127] ? cec_open+0xdb/0x690 [ 419.188011][T13127] ? __lock_acquire+0x4a5/0x2630 [ 419.188033][T13127] cec_open+0xdb/0x690 [ 419.188053][T13127] ? __pfx_cec_open+0x10/0x10 [ 419.188074][T13127] ? kobject_get_unless_zero+0x156/0x200 [ 419.188095][T13127] ? find_held_lock+0x2b/0x80 [ 419.188108][T13127] ? chrdev_open+0x10b/0x6a0 [ 419.188122][T13127] ? chrdev_open+0x10b/0x6a0 [ 419.188138][T13127] ? __pfx_cec_open+0x10/0x10 [ 419.188156][T13127] chrdev_open+0x234/0x6a0 [ 419.188170][T13127] ? __pfx_apparmor_file_open+0x10/0x10 [ 419.188193][T13127] ? __pfx_chrdev_open+0x10/0x10 [ 419.188209][T13127] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 419.188228][T13127] do_dentry_open+0x6d8/0x1660 [ 419.188242][T13127] ? __pfx_chrdev_open+0x10/0x10 [ 419.188262][T13127] vfs_open+0x82/0x3f0 [ 419.188282][T13127] path_openat+0x208c/0x31a0 [ 419.188303][T13127] ? __pfx_path_openat+0x10/0x10 [ 419.188324][T13127] do_file_open+0x20e/0x430 [ 419.188340][T13127] ? __pfx_do_file_open+0x10/0x10 [ 419.188367][T13127] ? alloc_fd+0x476/0x790 [ 419.188383][T13127] ? do_getname+0x191/0x390 [ 419.188402][T13127] do_sys_openat2+0x10d/0x1e0 [ 419.188420][T13127] ? __pfx_do_sys_openat2+0x10/0x10 [ 419.188439][T13127] ? __fget_files+0x21f/0x3d0 [ 419.188457][T13127] __x64_sys_openat+0x12d/0x210 [ 419.188475][T13127] ? __pfx___x64_sys_openat+0x10/0x10 [ 419.188501][T13127] do_syscall_64+0x106/0xf80 [ 419.188520][T13127] ? clear_bhb_loop+0x40/0x90 [ 419.188538][T13127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.188553][T13127] RIP: 0033:0x7f355339c799 [ 419.188566][T13127] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 419.188581][T13127] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 419.188596][T13127] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 419.188606][T13127] RDX: 0000000000101901 RSI: 0000200000002c00 RDI: ffffffffffffff9c [ 419.188615][T13127] RBP: 00007f3553432c99 R08: 0000000000000000 R09: 0000000000000000 [ 419.188624][T13127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 419.188632][T13127] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 419.188652][T13127] [ 420.244198][T13140] netlink: 'syz.4.2431': attribute type 33 has an invalid length. [ 420.314384][T13141] netlink: 'syz.4.2431': attribute type 33 has an invalid length. [ 422.136061][T13161] syz.1.2439 (13161) used greatest stack depth: 19608 bytes left [ 422.625090][T13182] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2443'. [ 422.880801][T13187] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2444'. [ 422.965955][T13187] team_slave_0: entered allmulticast mode [ 424.338892][T13204] busy [ 424.714819][T13217] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2457'. [ 424.795974][T13217] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 425.007540][T13217] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 425.153939][T13221] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 425.177420][T13221] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 425.205701][T13221] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 425.243014][T13221] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 425.266170][T13221] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 425.532297][T13235] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2465'. [ 425.727191][T13240] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2466'. [ 425.764309][T13242] netlink: 'syz.1.2467': attribute type 27 has an invalid length. [ 425.788545][T13240] netlink: 'syz.4.2466': attribute type 1 has an invalid length. [ 425.803956][T13242] netlink: 146 bytes leftover after parsing attributes in process `syz.1.2467'. [ 425.823598][T13240] netlink: 13 bytes leftover after parsing attributes in process `syz.4.2466'. [ 425.988885][T13244] bond0: no command found in slaves file - use +ifname or -ifname [ 426.616876][T13264] netlink: 62 bytes leftover after parsing attributes in process `syz.1.2476'. [ 427.206755][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 427.213313][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout [ 427.283749][ T5830] Bluetooth: hci5: command 0x0406 tx timeout [ 427.292205][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout [ 428.277730][T13295] ptp ptp0: delete virtual clock ptp1 [ 428.339808][T13295] ptp ptp0: only physical clock in use now [ 428.701698][T13302] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2489'. [ 429.097073][T13312] FAULT_INJECTION: forcing a failure. [ 429.097073][T13312] name failslab, interval 1, probability 0, space 0, times 0 [ 429.231568][T13312] CPU: 0 UID: 0 PID: 13312 Comm: syz.1.2493 Tainted: G L syzkaller #0 PREEMPT(full) [ 429.231596][T13312] Tainted: [L]=SOFTLOCKUP [ 429.231602][T13312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 429.231612][T13312] Call Trace: [ 429.231618][T13312] [ 429.231624][T13312] dump_stack_lvl+0x100/0x190 [ 429.231652][T13312] should_fail_ex.cold+0x5/0xa [ 429.231671][T13312] should_failslab+0xc2/0x120 [ 429.231687][T13312] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 429.231708][T13312] ? __kernfs_new_node+0xd2/0x960 [ 429.231732][T13312] __kernfs_new_node+0xd2/0x960 [ 429.231754][T13312] ? __pfx___kernfs_new_node+0x10/0x10 [ 429.231778][T13312] ? find_held_lock+0x2b/0x80 [ 429.231792][T13312] ? kernfs_root+0xee/0x2a0 [ 429.231809][T13312] ? kernfs_root+0xee/0x2a0 [ 429.231833][T13312] kernfs_new_node+0x11b/0x1a0 [ 429.231858][T13312] __kernfs_create_file+0x53/0x350 [ 429.231877][T13312] sysfs_add_file_mode_ns+0x207/0x3c0 [ 429.231909][T13312] internal_create_group+0x593/0xf40 [ 429.231935][T13312] ? __pfx_internal_create_group+0x10/0x10 [ 429.231960][T13312] ? kernfs_create_link+0x1bd/0x240 [ 429.231980][T13312] internal_create_groups+0x9d/0x150 [ 429.232002][T13312] device_add+0x71a/0x1950 [ 429.232020][T13312] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 429.232044][T13312] ? __pfx_device_add+0x10/0x10 [ 429.232060][T13312] ? lockdep_init_map_type+0x5c/0x250 [ 429.232079][T13312] ? __init_waitqueue_head+0xca/0x150 [ 429.232106][T13312] netdev_register_kobject+0x1a9/0x3d0 [ 429.232132][T13312] register_netdevice+0x12e0/0x2210 [ 429.232157][T13312] ? __pfx_register_netdevice+0x10/0x10 [ 429.232182][T13312] ? __pfx_loopback_net_init+0x10/0x10 [ 429.232198][T13312] register_netdev+0x34/0x50 [ 429.232218][T13312] loopback_net_init+0x7a/0x170 [ 429.232234][T13312] ? __pfx_loopback_net_init+0x10/0x10 [ 429.232247][T13312] ops_init+0x1e2/0x5f0 [ 429.232270][T13312] setup_net+0x118/0x3a0 [ 429.232291][T13312] ? __pfx_setup_net+0x10/0x10 [ 429.232310][T13312] ? lockdep_init_map_type+0x5c/0x250 [ 429.232329][T13312] ? mutex_init_lockep+0x110/0x150 [ 429.232351][T13312] copy_net_ns+0x46f/0x7c0 [ 429.232374][T13312] create_new_namespaces+0x3ea/0xac0 [ 429.232395][T13312] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 429.232412][T13312] ksys_unshare+0x473/0xad0 [ 429.232431][T13312] ? __pfx_ksys_unshare+0x10/0x10 [ 429.232456][T13312] __x64_sys_unshare+0x31/0x40 [ 429.232473][T13312] do_syscall_64+0x106/0xf80 [ 429.232493][T13312] ? clear_bhb_loop+0x40/0x90 [ 429.232511][T13312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 429.232525][T13312] RIP: 0033:0x7f6a2339c799 [ 429.232539][T13312] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 429.232553][T13312] RSP: 002b:00007f6a241d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 429.232568][T13312] RAX: ffffffffffffffda RBX: 00007f6a23615fa0 RCX: 00007f6a2339c799 [ 429.232578][T13312] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 429.232587][T13312] RBP: 00007f6a23432c99 R08: 0000000000000000 R09: 0000000000000000 [ 429.232599][T13312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 429.232608][T13312] R13: 00007f6a23616038 R14: 00007f6a23615fa0 R15: 00007ffeac590b28 [ 429.232627][T13312] [ 430.023617][ T5830] Bluetooth: hci5: command 0x0406 tx timeout [ 430.427231][T13327] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2498'. [ 433.350369][T13371] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2513'. [ 433.373037][T13374] bond0: no command found in slaves file - use +ifname or -ifname [ 434.439873][T13402] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2525'. [ 435.946927][T13429] zswap: compressor not available [ 436.127791][T13442] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2537'. [ 436.174702][T13442] netlink: 25 bytes leftover after parsing attributes in process `syz.4.2537'. [ 437.487637][T13471] mkiss: ax0: crc mode is auto. [ 437.502264][T13473] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2547'. [ 437.891504][T13481] random: crng reseeded on system resumption [ 438.416135][T13497] netlink: 252 bytes leftover after parsing attributes in process `syz.5.2555'. [ 438.465213][T13497] netlink: 252 bytes leftover after parsing attributes in process `syz.5.2555'. [ 439.463366][T13509] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2560'. [ 439.539805][T13509] FAULT_INJECTION: forcing a failure. [ 439.539805][T13509] name failslab, interval 1, probability 0, space 0, times 0 [ 439.664748][T13509] CPU: 0 UID: 0 PID: 13509 Comm: syz.4.2560 Tainted: G L syzkaller #0 PREEMPT(full) [ 439.664777][T13509] Tainted: [L]=SOFTLOCKUP [ 439.664782][T13509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 439.664791][T13509] Call Trace: [ 439.664796][T13509] [ 439.664803][T13509] dump_stack_lvl+0x100/0x190 [ 439.664830][T13509] should_fail_ex.cold+0x5/0xa [ 439.664854][T13509] ? x509_fabricate_name.isra.0+0x5ea/0xa10 [ 439.664875][T13509] should_failslab+0xc2/0x120 [ 439.664891][T13509] __kmalloc_noprof+0xe0/0x850 [ 439.664913][T13509] ? __kmalloc_noprof+0x320/0x850 [ 439.664936][T13509] x509_fabricate_name.isra.0+0x5ea/0xa10 [ 439.664959][T13509] x509_note_issuer+0xf9/0x210 [ 439.664978][T13509] asn1_ber_decoder+0xd0c/0x2170 [ 439.665006][T13509] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 439.665038][T13509] x509_cert_parse+0x1c9/0x910 [ 439.665054][T13509] ? kasan_save_stack+0x3f/0x50 [ 439.665074][T13509] ? kasan_save_stack+0x30/0x50 [ 439.665094][T13509] ? kasan_save_track+0x14/0x30 [ 439.665116][T13509] pkcs7_extract_cert+0xa4/0x380 [ 439.665138][T13509] asn1_ber_decoder+0x12b3/0x2170 [ 439.665165][T13509] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 439.665196][T13509] pkcs7_parse_message+0x289/0x870 [ 439.665219][T13509] verify_pkcs7_signature+0x30/0xa0 [ 439.665244][T13509] valid_regdb+0x211/0x590 [ 439.665266][T13509] ? __pfx___nla_validate_parse+0x10/0x10 [ 439.665288][T13509] ? __pfx_valid_regdb+0x10/0x10 [ 439.665306][T13509] ? rcu_is_watching+0x12/0xc0 [ 439.665333][T13509] reg_reload_regdb+0x11a/0x460 [ 439.665356][T13509] ? __pfx_reg_reload_regdb+0x10/0x10 [ 439.665379][T13509] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 439.665395][T13509] ? nl80211_pre_doit+0x19a/0xae0 [ 439.665414][T13509] genl_family_rcv_msg_doit+0x214/0x300 [ 439.665432][T13509] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 439.665447][T13509] ? genl_get_cmd+0x3ef/0x720 [ 439.665474][T13509] ? bpf_lsm_capable+0x9/0x10 [ 439.665489][T13509] ? security_capable+0x80/0x260 [ 439.665515][T13509] genl_rcv_msg+0x560/0x800 [ 439.665532][T13509] ? __pfx_genl_rcv_msg+0x10/0x10 [ 439.665547][T13509] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 439.665562][T13509] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 439.665583][T13509] ? __pfx_nl80211_post_doit+0x10/0x10 [ 439.665606][T13509] netlink_rcv_skb+0x159/0x420 [ 439.665627][T13509] ? __pfx_genl_rcv_msg+0x10/0x10 [ 439.665643][T13509] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 439.665672][T13509] ? netlink_deliver_tap+0x1ae/0xcc0 [ 439.665695][T13509] genl_rcv+0x28/0x40 [ 439.665707][T13509] netlink_unicast+0x5aa/0x870 [ 439.665731][T13509] ? __pfx_netlink_unicast+0x10/0x10 [ 439.665752][T13509] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 439.665782][T13509] netlink_sendmsg+0x8b0/0xda0 [ 439.665807][T13509] ? __pfx_netlink_sendmsg+0x10/0x10 [ 439.665827][T13509] ? __import_iovec+0x1d2/0x640 [ 439.665845][T13509] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 439.665878][T13509] ____sys_sendmsg+0x9e1/0xb70 [ 439.665893][T13509] ? __pfx_netlink_sendmsg+0x10/0x10 [ 439.665916][T13509] ? __pfx_____sys_sendmsg+0x10/0x10 [ 439.665934][T13509] ? try_to_wake_up+0x644/0x1a80 [ 439.665952][T13509] ___sys_sendmsg+0x190/0x1e0 [ 439.665969][T13509] ? __pfx____sys_sendmsg+0x10/0x10 [ 439.665985][T13509] ? futex_private_hash_put+0x107/0x1c0 [ 439.666024][T13509] __sys_sendmsg+0x170/0x220 [ 439.666044][T13509] ? __pfx___sys_sendmsg+0x10/0x10 [ 439.666063][T13509] ? __x64_sys_futex+0x34f/0x4d0 [ 439.666092][T13509] do_syscall_64+0x106/0xf80 [ 439.666112][T13509] ? clear_bhb_loop+0x40/0x90 [ 439.666130][T13509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.666146][T13509] RIP: 0033:0x7f355339c799 [ 439.666159][T13509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 439.666173][T13509] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 439.666189][T13509] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 439.666199][T13509] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000005 [ 439.666209][T13509] RBP: 00007f3553432c99 R08: 0000000000000000 R09: 0000000000000000 [ 439.666218][T13509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 439.666227][T13509] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 439.666246][T13509] [ 440.768121][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.774893][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.174392][T13527] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2566'. [ 441.211001][T13527] netlink: 274 bytes leftover after parsing attributes in process `syz.5.2566'. [ 441.594445][T13533] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2569'. [ 442.059838][T13544] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2573'. [ 444.077480][T13570] futex_wake_op: syz.5.2581 tries to shift op by -2048; fix this program [ 444.124419][T13570] futex_wake_op: syz.5.2581 tries to shift op by -2048; fix this program [ 444.167941][T13572] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2580'. [ 444.263679][T13572] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 444.445571][T13572] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 444.693074][T13581] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2585'. [ 444.773349][T13582] netlink: 13 bytes leftover after parsing attributes in process `syz.4.2585'. [ 446.646719][T13607] netlink: 318 bytes leftover after parsing attributes in process `syz.1.2592'. [ 447.545960][T13630] netlink: 'syz.5.2598': attribute type 33 has an invalid length. [ 447.546010][T13630] netlink: 322 bytes leftover after parsing attributes in process `syz.5.2598'. [ 448.805324][T13653] sp0: Synchronizing with TNC [ 448.985295][T13651] FAULT_INJECTION: forcing a failure. [ 448.985295][T13651] name fail_futex, interval 1, probability 0, space 0, times 0 [ 449.186429][T13651] CPU: 0 UID: 0 PID: 13651 Comm: syz.2.2604 Tainted: G L syzkaller #0 PREEMPT(full) [ 449.186458][T13651] Tainted: [L]=SOFTLOCKUP [ 449.186463][T13651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 449.186473][T13651] Call Trace: [ 449.186479][T13651] [ 449.186485][T13651] dump_stack_lvl+0x100/0x190 [ 449.186512][T13651] should_fail_ex.cold+0x5/0xa [ 449.186527][T13651] ? generic_pipe_buf_release+0x239/0x2a0 [ 449.186545][T13651] get_futex_key+0x1d2/0x1620 [ 449.186565][T13651] ? __pfx_get_futex_key+0x10/0x10 [ 449.186582][T13651] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 449.186604][T13651] futex_wake+0xea/0x530 [ 449.186623][T13651] ? do_splice_direct+0x1b4/0x240 [ 449.186638][T13651] ? __pfx_do_splice_direct+0x10/0x10 [ 449.186652][T13651] ? __pfx_futex_wake+0x10/0x10 [ 449.186676][T13651] ? rw_verify_area+0xce/0x6d0 [ 449.186698][T13651] do_futex+0x32b/0x350 [ 449.186717][T13651] ? __pfx_do_futex+0x10/0x10 [ 449.186735][T13651] ? __pfx_do_sendfile+0x10/0x10 [ 449.186759][T13651] __x64_sys_futex+0x34f/0x4d0 [ 449.186780][T13651] ? __pfx___x64_sys_futex+0x10/0x10 [ 449.186804][T13651] do_syscall_64+0x106/0xf80 [ 449.186824][T13651] ? clear_bhb_loop+0x40/0x90 [ 449.186842][T13651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.186857][T13651] RIP: 0033:0x7fc4b479c799 [ 449.186870][T13651] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 449.186885][T13651] RSP: 002b:00007fc4b563c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 449.186899][T13651] RAX: ffffffffffffffda RBX: 00007fc4b4a15fa8 RCX: 00007fc4b479c799 [ 449.186909][T13651] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc4b4a15fac [ 449.186918][T13651] RBP: 00007fc4b4a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 449.186927][T13651] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 449.186936][T13651] R13: 00007fc4b4a16038 R14: 00007ffe182c2600 R15: 00007ffe182c26e8 [ 449.186955][T13651] [ 452.500179][T13684] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2615'. [ 455.499367][T13737] netlink: 50 bytes leftover after parsing attributes in process `syz.5.2634'. [ 456.089316][ T5830] Bluetooth: hci5: unexpected event 0x07 length: 435 > 255 [ 458.200952][T13793] netlink: 50 bytes leftover after parsing attributes in process `syz.2.2653'. [ 458.925713][T13812] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2661'. [ 458.974739][T13812] netlink: 'syz.2.2661': attribute type 1 has an invalid length. [ 458.982476][T13812] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2661'. [ 459.067195][T13817] FAULT_INJECTION: forcing a failure. [ 459.067195][T13817] name failslab, interval 1, probability 0, space 0, times 0 [ 459.133650][T13817] CPU: 0 UID: 0 PID: 13817 Comm: syz.4.2663 Tainted: G L syzkaller #0 PREEMPT(full) [ 459.133677][T13817] Tainted: [L]=SOFTLOCKUP [ 459.133682][T13817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 459.133692][T13817] Call Trace: [ 459.133697][T13817] [ 459.133703][T13817] dump_stack_lvl+0x100/0x190 [ 459.133731][T13817] should_fail_ex.cold+0x5/0xa [ 459.133749][T13817] should_failslab+0xc2/0x120 [ 459.133765][T13817] __kmalloc_cache_noprof+0x7a/0x6f0 [ 459.133784][T13817] ? nci_hci_allocate+0x45/0x330 [ 459.133803][T13817] ? mutex_init_lockep+0x110/0x150 [ 459.133826][T13817] nci_hci_allocate+0x45/0x330 [ 459.133844][T13817] nci_allocate_device+0x26f/0x410 [ 459.133861][T13817] virtual_ncidev_open+0x6f/0x220 [ 459.133881][T13817] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 459.133899][T13817] misc_open+0x26d/0x450 [ 459.133916][T13817] ? __pfx_misc_open+0x10/0x10 [ 459.133932][T13817] chrdev_open+0x234/0x6a0 [ 459.133946][T13817] ? __pfx_apparmor_file_open+0x10/0x10 [ 459.133969][T13817] ? __pfx_chrdev_open+0x10/0x10 [ 459.133984][T13817] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 459.134004][T13817] do_dentry_open+0x6d8/0x1660 [ 459.134018][T13817] ? __pfx_chrdev_open+0x10/0x10 [ 459.134036][T13817] vfs_open+0x82/0x3f0 [ 459.134056][T13817] path_openat+0x208c/0x31a0 [ 459.134085][T13817] ? __pfx_path_openat+0x10/0x10 [ 459.134107][T13817] do_file_open+0x20e/0x430 [ 459.134124][T13817] ? __pfx_do_file_open+0x10/0x10 [ 459.134153][T13817] ? alloc_fd+0x476/0x790 [ 459.134170][T13817] ? do_getname+0x191/0x390 [ 459.134190][T13817] do_sys_openat2+0x10d/0x1e0 [ 459.134209][T13817] ? __pfx_do_sys_openat2+0x10/0x10 [ 459.134234][T13817] __x64_sys_openat+0x12d/0x210 [ 459.134253][T13817] ? __pfx___x64_sys_openat+0x10/0x10 [ 459.134279][T13817] do_syscall_64+0x106/0xf80 [ 459.134298][T13817] ? clear_bhb_loop+0x40/0x90 [ 459.134315][T13817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.134330][T13817] RIP: 0033:0x7f355339c799 [ 459.134343][T13817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 459.134357][T13817] RSP: 002b:00007f35541b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 459.134371][T13817] RAX: ffffffffffffffda RBX: 00007f3553615fa0 RCX: 00007f355339c799 [ 459.134380][T13817] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 459.134390][T13817] RBP: 00007f3553432c99 R08: 0000000000000000 R09: 0000000000000000 [ 459.134398][T13817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 459.134406][T13817] R13: 00007f3553616038 R14: 00007f3553615fa0 R15: 00007ffc95789478 [ 459.134425][T13817] [ 459.906670][ T5830] Bluetooth: hci4: Malformed LE Event: 0x1b [ 462.679473][T13881] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2683'. [ 463.602997][T13900] FAULT_INJECTION: forcing a failure. [ 463.602997][T13900] name failslab, interval 1, probability 0, space 0, times 0 [ 463.858009][T13900] CPU: 0 UID: 0 PID: 13900 Comm: syz.2.2690 Tainted: G L syzkaller #0 PREEMPT(full) [ 463.858037][T13900] Tainted: [L]=SOFTLOCKUP [ 463.858042][T13900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 463.858051][T13900] Call Trace: [ 463.858057][T13900] [ 463.858062][T13900] dump_stack_lvl+0x100/0x190 [ 463.858089][T13900] should_fail_ex.cold+0x5/0xa [ 463.858107][T13900] ? lsm_blob_alloc+0x68/0x90 [ 463.858126][T13900] should_failslab+0xc2/0x120 [ 463.858144][T13900] __kmalloc_noprof+0xe0/0x850 [ 463.858165][T13900] ? trace_kmem_cache_alloc+0xf3/0x120 [ 463.858184][T13900] lsm_blob_alloc+0x68/0x90 [ 463.858203][T13900] security_prepare_creds+0x2d/0x290 [ 463.858223][T13900] prepare_creds+0x5d6/0x950 [ 463.858246][T13900] lookup_user_key+0xfb2/0x1300 [ 463.858264][T13900] ? __pfx_lookup_user_key+0x10/0x10 [ 463.858281][T13900] ? do_raw_spin_lock+0x128/0x260 [ 463.858304][T13900] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 463.858323][T13900] ? _raw_spin_unlock_irq+0x2e/0x50 [ 463.858341][T13900] ? do_sigaltstack.constprop.0+0x4c0/0x670 [ 463.858364][T13900] keyctl_restrict_keyring+0x99/0x250 [ 463.858378][T13900] ? __pfx_keyctl_restrict_keyring+0x10/0x10 [ 463.858399][T13900] __do_sys_keyctl+0x2e8/0x5a0 [ 463.858414][T13900] do_syscall_64+0x106/0xf80 [ 463.858433][T13900] ? clear_bhb_loop+0x40/0x90 [ 463.858451][T13900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.858466][T13900] RIP: 0033:0x7fc4b479c799 [ 463.858478][T13900] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 463.858505][T13900] RSP: 002b:00007fc4b561b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 463.858522][T13900] RAX: ffffffffffffffda RBX: 00007fc4b4a16090 RCX: 00007fc4b479c799 [ 463.858532][T13900] RDX: 0000000000000002 RSI: fffffffffffffffd RDI: 000000000000001d [ 463.858541][T13900] RBP: 00007fc4b4832c99 R08: fffffffffffffffd R09: 0000000000000000 [ 463.858550][T13900] R10: 0000000000000628 R11: 0000000000000246 R12: 0000000000000000 [ 463.858559][T13900] R13: 00007fc4b4a16128 R14: 00007fc4b4a16090 R15: 00007ffe182c26e8 [ 463.858579][T13900] [ 464.741888][T13906] zswap: compressor  not available [ 464.760950][T13915] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 464.937675][T13894] netlink: 54 bytes leftover after parsing attributes in process `syz.5.2687'. [ 465.325067][T13927] netlink: 'syz.5.2697': attribute type 10 has an invalid length. [ 465.427607][T13927] netlink: 'syz.5.2697': attribute type 13 has an invalid length. [ 467.809854][T13975] [ 467.812204][T13975] ====================================================== [ 467.819290][T13975] WARNING: possible circular locking dependency detected [ 467.826287][T13975] syzkaller #0 Tainted: G L [ 467.832238][T13975] ------------------------------------------------------ [ 467.839229][T13975] syz.4.2714/13975 is trying to acquire lock: [ 467.845267][T13975] ffff888025e62fe8 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0 [ 467.856728][T13975] [ 467.856728][T13975] but task is already holding lock: [ 467.864104][T13975] ffff888025e64d60 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 467.873141][T13975] [ 467.873141][T13975] which lock already depends on the new lock. [ 467.873141][T13975] [ 467.883548][T13975] [ 467.883548][T13975] the existing dependency chain (in reverse order) is: [ 467.892540][T13975] [ 467.892540][T13975] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}: [ 467.900325][T13975] lock_sock_nested+0x41/0xf0 [ 467.905600][T13975] smc_listen_out+0x1f5/0x4b0 [ 467.910780][T13975] smc_listen_work+0x4c2/0x50e0 [ 467.916135][T13975] process_one_work+0xa23/0x19a0 [ 467.921575][T13975] worker_thread+0x5ef/0xe50 [ 467.926668][T13975] kthread+0x370/0x450 [ 467.931237][T13975] ret_from_fork+0x754/0xd80 [ 467.936332][T13975] ret_from_fork_asm+0x1a/0x30 [ 467.941597][T13975] [ 467.941597][T13975] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}: [ 467.951741][T13975] __lock_acquire+0x14b8/0x2630 [ 467.957093][T13975] lock_acquire+0x1cf/0x380 [ 467.962123][T13975] __flush_work+0x4de/0xcb0 [ 467.967154][T13975] cancel_work_sync+0xd1/0xf0 [ 467.972331][T13975] smc_clcsock_release+0x5f/0xe0 [ 467.977774][T13975] __smc_release+0x5c2/0x880 [ 467.982884][T13975] smc_close_non_accepted+0xda/0x200 [ 467.988671][T13975] smc_close_active+0x4ff/0x1070 [ 467.994131][T13975] __smc_release+0x634/0x880 [ 467.999225][T13975] smc_release+0x1fc/0x620 [ 468.004144][T13975] __sock_release+0xb3/0x260 [ 468.009246][T13975] sock_close+0x1c/0x30 [ 468.013906][T13975] __fput+0x3ff/0xb40 [ 468.018392][T13975] task_work_run+0x150/0x240 [ 468.023513][T13975] exit_to_user_mode_loop+0x100/0x4a0 [ 468.029389][T13975] do_syscall_64+0x668/0xf80 [ 468.034485][T13975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.040877][T13975] [ 468.040877][T13975] other info that might help us debug this: [ 468.040877][T13975] [ 468.051085][T13975] Possible unsafe locking scenario: [ 468.051085][T13975] [ 468.058509][T13975] CPU0 CPU1 [ 468.063862][T13975] ---- ---- [ 468.069216][T13975] lock(sk_lock-AF_SMC/1); [ 468.073715][T13975] lock((work_completion)(&new_smc->smc_listen_work)); [ 468.083151][T13975] lock(sk_lock-AF_SMC/1); [ 468.090159][T13975] lock((work_completion)(&new_smc->smc_listen_work)); [ 468.097076][T13975] [ 468.097076][T13975] *** DEADLOCK *** [ 468.097076][T13975] [ 468.105222][T13975] 3 locks held by syz.4.2714/13975: [ 468.110396][T13975] #0: ffff88807de3c148 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 468.120922][T13975] #1: ffff888025e64d60 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 468.130317][T13975] #2: ffffffff8e7e7420 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0 [ 468.139453][T13975] [ 468.139453][T13975] stack backtrace: [ 468.145324][T13975] CPU: 0 UID: 0 PID: 13975 Comm: syz.4.2714 Tainted: G L syzkaller #0 PREEMPT(full) [ 468.145345][T13975] Tainted: [L]=SOFTLOCKUP [ 468.145350][T13975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 468.145358][T13975] Call Trace: [ 468.145365][T13975] [ 468.145371][T13975] dump_stack_lvl+0x100/0x190 [ 468.145393][T13975] print_circular_bug.cold+0x178/0x1c7 [ 468.145415][T13975] check_noncircular+0x146/0x160 [ 468.145433][T13975] __lock_acquire+0x14b8/0x2630 [ 468.145452][T13975] lock_acquire+0x1cf/0x380 [ 468.145467][T13975] ? __flush_work+0x4ca/0xcb0 [ 468.145486][T13975] ? mark_held_locks+0x40/0x70 [ 468.145501][T13975] ? __flush_work+0x4ca/0xcb0 [ 468.145519][T13975] __flush_work+0x4de/0xcb0 [ 468.145537][T13975] ? __flush_work+0x4ca/0xcb0 [ 468.145556][T13975] ? __pfx___flush_work+0x10/0x10 [ 468.145574][T13975] ? __pfx_wq_barrier_func+0x10/0x10 [ 468.145591][T13975] ? __pfx___might_resched+0x10/0x10 [ 468.145611][T13975] cancel_work_sync+0xd1/0xf0 [ 468.145624][T13975] smc_clcsock_release+0x5f/0xe0 [ 468.145641][T13975] __smc_release+0x5c2/0x880 [ 468.145656][T13975] ? __pfx_sock_def_readable+0x10/0x10 [ 468.145672][T13975] smc_close_non_accepted+0xda/0x200 [ 468.145688][T13975] smc_close_active+0x4ff/0x1070 [ 468.145705][T13975] __smc_release+0x634/0x880 [ 468.145719][T13975] smc_release+0x1fc/0x620 [ 468.145734][T13975] __sock_release+0xb3/0x260 [ 468.145753][T13975] ? __pfx_sock_close+0x10/0x10 [ 468.145771][T13975] sock_close+0x1c/0x30 [ 468.145788][T13975] __fput+0x3ff/0xb40 [ 468.145804][T13975] task_work_run+0x150/0x240 [ 468.145822][T13975] ? __pfx_task_work_run+0x10/0x10 [ 468.145842][T13975] exit_to_user_mode_loop+0x100/0x4a0 [ 468.145860][T13975] do_syscall_64+0x668/0xf80 [ 468.145878][T13975] ? clear_bhb_loop+0x40/0x90 [ 468.145892][T13975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.145906][T13975] RIP: 0033:0x7f355339c799 [ 468.145919][T13975] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 468.145932][T13975] RSP: 002b:00007ffc957895d8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 468.145945][T13975] RAX: 0000000000000000 RBX: 00007f3553617da0 RCX: 00007f355339c799 [ 468.145954][T13975] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 468.145962][T13975] RBP: 00007f3553617da0 R08: 00007f3553616038 R09: 0000000000000000 [ 468.145971][T13975] R10: 00000000005d8064 R11: 0000000000000246 R12: 0000000000072498 [ 468.145979][T13975] R13: 00007f3553615fac R14: 000000000007229b R15: 00007ffc957896e0 [ 468.145992][T13975] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 469.371975][T13965] base_sock_release(ffff88806129a840) sk=ffff88806daea000 [ 469.828948][ T1083] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.877119][ T1083] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.945857][ T1083] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.010563][ T1083] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.164044][ T1083] bridge_slave_1: left allmulticast mode [ 470.169738][ T1083] bridge_slave_1: left promiscuous mode [ 470.206551][ T1083] bridge0: port 2(bridge_slave_1) entered disabled state [ 470.229333][ T1083] bridge_slave_0: left allmulticast mode [ 470.243963][ T1083] bridge_slave_0: left promiscuous mode [ 470.249620][ T1083] bridge0: port 1(bridge_slave_0) entered disabled state [ 470.427099][ T1083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 470.447042][ T1083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 470.465335][ T1083] bond0 (unregistering): Released all slaves [ 470.738626][ T1083] hsr_slave_0: left promiscuous mode [ 470.754378][ T1083] hsr_slave_1: left promiscuous mode [ 470.764626][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 470.772004][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 470.821713][ T1083] veth1_macvtap: left promiscuous mode [ 470.837935][ T1083] veth0_macvtap: left promiscuous mode [ 470.843444][ T1083] veth1_vlan: left promiscuous mode [ 470.863604][ T1083] veth0_vlan: left promiscuous mode [ 471.042825][ T1083] team0 (unregistering): Port device team_slave_1 removed [ 471.075699][ T1083] team0 (unregistering): Port device team_slave_0 removed [ 471.299458][ T1083] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.357258][ T1083] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.399306][ T1083] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.447004][ T1083] netdevsim netdevsim4 netdevsim0 (unregistering): left allmulticast mode [ 471.464221][ T1083] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.564850][ T1083] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.616466][ T1083] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.648462][ T1083] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.687651][ T1083] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.728949][ T1083] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.824570][ T1083] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.867331][ T1083] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.917988][ T1083] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.957692][ T1083] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.044811][ T1083] bridge_slave_1: left allmulticast mode [ 472.050466][ T1083] bridge_slave_1: left promiscuous mode [ 472.075295][ T1083] bridge0: port 2(bridge_slave_1) entered disabled state [ 472.093073][ T1083] bridge_slave_0: left allmulticast mode [ 472.101044][ T1083] bridge_slave_0: left promiscuous mode [ 472.125174][ T1083] bridge0: port 1(bridge_slave_0) entered disabled state [ 472.135305][ T1083] batadv0: left allmulticast mode [ 472.140333][ T1083] batadv0: left promiscuous mode [ 472.155178][ T1083] bridge0: port 3(batadv0) entered disabled state [ 472.170160][ T1083] bridge_slave_1: left allmulticast mode [ 472.183334][ T1083] bridge_slave_1: left promiscuous mode [ 472.205718][ T1083] bridge0: port 2(bridge_slave_1) entered disabled state [ 472.221601][ T1083] bridge_slave_0: left allmulticast mode [ 472.233638][ T1083] bridge_slave_0: left promiscuous mode [ 472.246009][ T1083] bridge0: port 1(bridge_slave_0) entered disabled state [ 472.265027][ T1083] bridge_slave_1: left allmulticast mode [ 472.284827][ T1083] bridge_slave_1: left promiscuous mode [ 472.290504][ T1083] bridge0: port 2(bridge_slave_1) entered disabled state [ 472.308629][ T1083] bridge_slave_0: left allmulticast mode [ 472.317718][ T1083] bridge_slave_0: left promiscuous mode [ 472.323355][ T1083] bridge0: port 1(bridge_slave_0) entered disabled state [ 472.418500][ T1083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 472.428950][ T1083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 472.440477][ T1083] bond0 (unregistering): Released all slaves [ 472.471598][ T1083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 472.481791][ T1083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 472.491410][ T1083] bond0 (unregistering): Released all slaves [ 472.545603][ T1083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 472.555301][ T1083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 472.565464][ T1083] bond0 (unregistering): Released all slaves [ 472.898145][ T1083] hsr_slave_0: left promiscuous mode [ 472.912202][ T1083] hsr_slave_1: left promiscuous mode [ 472.934198][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 472.941580][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 472.961717][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 472.983799][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 472.996611][ T1083] hsr_slave_0: left promiscuous mode [ 473.010575][ T1083] hsr_slave_1: left promiscuous mode [ 473.025837][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 473.033223][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 473.054722][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 473.062117][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 473.092837][ T1083] hsr_slave_0: left promiscuous mode [ 473.098742][ T1083] hsr_slave_1: left promiscuous mode [ 473.106428][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 473.114126][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 473.127408][ T1083] veth1_macvtap: left promiscuous mode [ 473.132975][ T1083] veth0_macvtap: left promiscuous mode [ 473.139131][ T1083] veth1_vlan: left promiscuous mode [ 473.144460][ T1083] veth0_vlan: left promiscuous mode [ 473.150018][ T1083] veth1_macvtap: left promiscuous mode [ 473.155976][ T1083] veth0_macvtap: left promiscuous mode [ 473.161479][ T1083] veth1_vlan: left promiscuous mode [ 473.167647][ T1083] veth0_vlan: left promiscuous mode [ 473.173172][ T1083] veth1_macvtap: left promiscuous mode [ 473.178904][ T1083] veth0_macvtap: left promiscuous mode [ 473.184601][ T1083] veth0_vlan: left promiscuous mode [ 473.332499][ T1083] team0 (unregistering): Port device team_slave_1 removed [ 473.346686][ T1083] team0 (unregistering): Port device team_slave_0 removed [ 473.432032][ T1083] team0 (unregistering): Port device team_slave_1 removed [ 473.450888][ T1083] team0 (unregistering): Port device team_slave_0 removed [ 473.539666][ T1083] team0 (unregistering): Port device team_slave_1 removed [ 473.550105][ T1083] team0 (unregistering): Port device team_slave_0 removed