last executing test programs: 3m58.544852621s ago: executing program 3 (id=2014): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.4/usb5/power/wakeup_active_count\x00', 0x6ab283, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000000000000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram8\x00', 0x81, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x101080, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video52\x00', 0x6aa01, 0x0) ioctl$auto(r1, 0xc0585611, r1) 3m58.340011423s ago: executing program 3 (id=2016): mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x7ff) r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x10000, 0x6) openat$auto(r0, &(0x7f00000000c0)='./file0\x00', 0x7fff, 0x7ff) unlinkat$auto(r0, &(0x7f00000001c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x10000, 0x6) openat$auto(r1, &(0x7f00000000c0)='./file0\x00', 0x7fff, 0x7ff) unlinkat$auto(r1, &(0x7f00000001c0)='./file0\x00', 0x0) rmdir$auto(&(0x7f0000000040)='./file0\x00') 3m58.185613525s ago: executing program 3 (id=2017): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000081) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="24051c27c100dedbdf250307cc0008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000006000700050000000a00050000000000000000000a00010000000000000000000a0001000000000000000000060006000d0000000600"], 0x6c}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3m57.833567965s ago: executing program 3 (id=2019): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 3m57.323725404s ago: executing program 3 (id=2022): r0 = socket(0x2, 0x801, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020209, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x2, 0x4}, 0x8}, 0x5, 0x20000000) sendmsg$auto_ETHTOOL_MSG_TSCONFIG_SET(r0, 0x0, 0x24044010) close_range$auto(0x2, 0x8, 0x0) 3m55.315667341s ago: executing program 3 (id=2030): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_size_kb\x00', 0x8082, 0x0) r0 = socket(0x1d, 0x2, 0x7) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x20008041) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xd}, 0x2}, 0x3, 0x0) 3m54.767766002s ago: executing program 32 (id=2030): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_size_kb\x00', 0x8082, 0x0) r0 = socket(0x1d, 0x2, 0x7) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x20008041) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xd}, 0x2}, 0x3, 0x0) 3m34.201449795s ago: executing program 1 (id=2134): r0 = prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(&(0x7f0000000000)='.\x00', 0x4) umount2$auto(&(0x7f0000000040)='.\x00', 0xc) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000100)={"6c67ddc404904d0d46da757847a4e2d556e9fd514333931a2139b428622aa45d", 0x40, 0x7, 0x8, 0x9, 0x8, 0x0}) prctl$auto(0x41, 0x3, r1, 0x0, 0x0) mprotect$auto(0x110c238000, 0x1, 0x3) madvise$auto(0x110c230000, 0x8031ca, 0x9) 3m33.4351734s ago: executing program 1 (id=2137): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/thread-self/net/ip6_tables_matches\x00', 0x2000, 0x0) preadv$auto(r1, &(0x7f00000002c0)={0x0, 0xbe78}, 0x5, 0x800000fb, 0x8100000001) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), r0) r3 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_rfkill_fops_core(r3, 0x0, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000040)={0x1c, r2, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@HWSIM_ATTR_REG_CUSTOM_REG={0x8, 0xc, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404c0c1}, 0x40000) ioctl$auto(0xffffffffffffffff, 0x5608, 0x1) 3m32.119307066s ago: executing program 1 (id=2145): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x301040, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x2000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_SUPPORTED_HV_CPUID(r0, 0xc008aec1, &(0x7f0000000040)={0x1}) 3m31.402547237s ago: executing program 1 (id=2151): clone$auto(0x40100000100023, 0x8000002000000000, 0xfffffffffffffffe, 0xfffffffffffffffd, 0xfffffffffffffbff) socket(0x2b, 0x1, 0x40) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0) sysfs$auto(0x2, 0x10000000000002d, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, 0x0) ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, 0x0) 3m30.006362862s ago: executing program 1 (id=2160): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 3m29.505077603s ago: executing program 1 (id=2162): close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101080, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae90, &(0x7f0000000440)={0x3, 0x0, [{0x1, 0x7ff, 0x8}, {0x10002, 0x30, 0x800}]}) 3m14.263684532s ago: executing program 33 (id=2162): close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101080, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae90, &(0x7f0000000440)={0x3, 0x0, [{0x1, 0x7ff, 0x8}, {0x10002, 0x30, 0x800}]}) 5.673824719s ago: executing program 2 (id=3342): setsockopt$auto(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x8001) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) r0 = socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x54) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) getsockopt$auto(r0, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x1000c0) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) 5.410515786s ago: executing program 2 (id=3343): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f0000000140)={"20a30e6290d03dd0a620b6be512e797c134e31c4aba23f048cf0184ec0656c33", 0x1000, 0x4, 0x80000001, 0x0, 0x8, 0xffffffffffffffff}) process_vm_writev$auto(r0, 0x0, 0x1, &(0x7f00000000c0)={&(0x7f0000000240)="0f1b81d01a2c4ec3d364c164c3509d05b96a4d0c42c4cb5b70791a1d28dfbe08794874217195656741f0195cd972f33fd3b64c96bc7f5784fb4341b266ff6660a4239ac8ee41e2762c19", 0xfffffffffffffff9}, 0xfffffffffffffff8, 0x15ac) ioctl$auto(0x3, 0x541b, 0x10000000000402) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 4.423300366s ago: executing program 2 (id=3347): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, 0x0, 0x73, 0x0, 0x0, 0x29}, 0x7}, 0x400003, 0x0) 3.877634856s ago: executing program 5 (id=3353): bpf$auto(0x5, &(0x7f0000000000)=@test={0x12, 0x1, 0xa93f, 0x9, 0x3, 0x3, 0x3da1, 0x0, 0xb4, 0x5, 0x140000000000, 0x0, 0x7fffffff, 0x9, 0x1}, 0x171) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 3.668667699s ago: executing program 0 (id=3354): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0x28, 0x1, 0x0) socket(0x2, 0x5, 0x0) sysfs$auto(0x2, 0x0, 0x0) epoll_create$auto(0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) epoll_ctl$auto(0x5, 0x3, r0, 0x0) 3.577662221s ago: executing program 4 (id=3355): mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) io_uring_setup$auto(0x1ff, 0x0) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x9) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 3.321354827s ago: executing program 5 (id=3356): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) getsockname$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@name={0x1e, 0x2, 0x2, {{0x42}, 0x103}}, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x11) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x101d0, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.052837799s ago: executing program 0 (id=3357): epoll_create$auto(0x4) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video48\x00', 0x18a041, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r0 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000100)={0x0, 0xa}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.966275329s ago: executing program 2 (id=3358): mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0xffffffffffffffff, 0x8000) socket(0x2a, 0x2, 0x6) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) listen$auto(0x3, 0x83) getrandom$auto(0x0, 0x6000000, 0x3) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) 2.632713709s ago: executing program 0 (id=3359): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/route/flush\x00', 0x80401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) settimeofday$auto(&(0x7f0000000080)={0x7fffffff, 0x5}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x110) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) arch_prctl$auto_ARCH_MAP_VDSO_32(0x2002, 0x3) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x24000, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 2.553839995s ago: executing program 2 (id=3360): mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) madvise$auto(0x0, 0x200007, 0x8) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) ioctl$auto_KVM_CREATE_VM(r0, 0xc008ae88, 0x88) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000008008000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x1, 0x84) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x22000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f0000000080)={0xdf, 0x8, [0x8]}) 2.495997319s ago: executing program 4 (id=3361): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_VPORT_CMD_DEL(r0, 0x0, 0x44000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0x1, 0xfffffaf0, 0x5, 0x0, 0x4) 2.215199135s ago: executing program 5 (id=3362): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) socket(0x2, 0x5, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x800006, 0x7) io_uring_setup$auto(0x2, 0x0) connect$auto(0x3, 0x0, 0x55) close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x2, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) 2.029372432s ago: executing program 4 (id=3363): socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x261c2, 0x84) r0 = socket(0x18, 0x2, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000007c0), r0) sendmsg$auto_SMC_NETLINK_FLUSH_UEID(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000800)={0x14, r1, 0x1, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20008041}, 0x80) 1.818029723s ago: executing program 4 (id=3364): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0x2, 0x1, 0x0) socket(0x2, 0x5, 0x0) epoll_create$auto(0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = userfaultfd$auto(0x1) statx$auto(r1, 0x0, 0x1000, 0x8, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) epoll_ctl$auto(0x5, 0x3, r0, 0x0) 1.486093488s ago: executing program 5 (id=3365): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x5, 0x84) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x27) setsockopt$auto(r0, 0x10000000084, 0x23, 0x0, 0x8) 1.46011138s ago: executing program 4 (id=3366): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0xffffffffffffffff, 0x8, 0x2) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) unshare$auto(0x40000080) write$auto(0xca, 0x0, 0x7f) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x282, 0x0) r0 = socket(0x11, 0x3, 0x3a) ioctl$auto(r0, 0x8912, 0x1) 1.162795302s ago: executing program 2 (id=3367): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) open(&(0x7f0000000100)='.\x00', 0x0, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000100)='.\x00', 0x595082, 0x0) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) fsetxattr$auto(r0, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1) mprotect$auto(0x0, 0x8000000000000001, 0x8) 980.549785ms ago: executing program 0 (id=3368): close_range$auto(0x0, 0xffffeffe, 0x2) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) r0 = socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(r0, &(0x7f00000001c0)='nl80211\x00', 0x1fff8) shutdown$auto(0x200000003, 0x2) 904.268669ms ago: executing program 5 (id=3369): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_size_kb\x00', 0x8082, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48802, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/event1\x00', 0x200000, 0x0) socket(0x18, 0x5, 0x2) r0 = socket(0x1d, 0x2, 0x7) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x20008041) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x20001c03, &(0x7f00000002c0)={0x0, 0x4}, 0x1, 0x0, 0x0, 0xd}, 0x2}, 0x400003, 0x0) 517.505791ms ago: executing program 0 (id=3370): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r0 = socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10000, 0x0, 0x9, 0x0, 0x1000, 0xb}, 0x800008}, 0x5, 0x20000000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x400c00, 0x0) sendfile$auto(0x3, r1, 0x0, 0x400000000006) bind$auto(0x3, 0x0, 0x6a) sendmsg$auto(0xffffffffffffffff, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x254, 0x0) 270.118154ms ago: executing program 5 (id=3371): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0) write$auto(r0, &(0x7f0000001580)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) 111.034791ms ago: executing program 4 (id=3372): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x48840, 0x0) r1 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) r2 = epoll_create$auto(0x5a5d) move_mount$auto(r1, 0x0, r2, 0x0, 0x176) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x2000000, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0xb0202, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x84) 0s ago: executing program 0 (id=3373): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/rawdata_compression_level\x00', 0x80, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x9) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vbi3\x00', 0x2af01, 0x0) ioctl$auto(r1, 0xc0585611, r1) kernel console output (not intermixed with test programs): cast mode [ 433.025392][T12276] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 434.018772][T12294] bond0: invalid ARP target specified [ 434.415979][T12302] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2215'. [ 434.459478][T12302] –õ\­: renamed from lo (while UP) [ 434.758183][T12308] FAULT_INJECTION: forcing a failure. [ 434.758183][T12308] name failslab, interval 1, probability 0, space 0, times 0 [ 434.822081][T12308] CPU: 0 UID: 0 PID: 12308 Comm: syz.2.2219 Tainted: G L syzkaller #0 PREEMPT(full) [ 434.822120][T12308] Tainted: [L]=SOFTLOCKUP [ 434.822127][T12308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 434.822142][T12308] Call Trace: [ 434.822148][T12308] [ 434.822159][T12308] dump_stack_lvl+0x100/0x190 [ 434.822207][T12308] should_fail_ex.cold+0x5/0xa [ 434.822241][T12308] should_failslab+0xc2/0x120 [ 434.822266][T12308] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 434.822295][T12308] ? security_inode_alloc+0x3b/0x2c0 [ 434.822314][T12308] ? lockdep_init_map_type+0x5c/0x250 [ 434.822343][T12308] security_inode_alloc+0x3b/0x2c0 [ 434.822370][T12308] inode_init_always_gfp+0xced/0x1040 [ 434.822392][T12308] alloc_inode+0x8e/0x250 [ 434.822418][T12308] path_from_stashed+0x25b/0x750 [ 434.822438][T12308] ? do_raw_spin_unlock+0x145/0x1e0 [ 434.822470][T12308] ns_get_path+0x60/0x80 [ 434.822490][T12308] proc_ns_get_link+0x121/0x230 [ 434.822515][T12308] ? __pfx_proc_ns_get_link+0x10/0x10 [ 434.822544][T12308] ? atime_needs_update+0x8b/0x6b0 [ 434.822573][T12308] pick_link+0xd17/0x13c0 [ 434.822598][T12308] ? __pfx_proc_ns_get_link+0x10/0x10 [ 434.822628][T12308] step_into_slowpath+0x9ba/0xf90 [ 434.822660][T12308] ? __pfx_step_into_slowpath+0x10/0x10 [ 434.822688][T12308] ? find_held_lock+0x2b/0x80 [ 434.822713][T12308] path_openat+0xf95/0x31a0 [ 434.822740][T12308] ? __pfx_path_openat+0x10/0x10 [ 434.822767][T12308] do_file_open+0x20e/0x430 [ 434.822788][T12308] ? __pfx_do_file_open+0x10/0x10 [ 434.822824][T12308] ? alloc_fd+0x476/0x790 [ 434.822845][T12308] ? do_getname+0x191/0x390 [ 434.822870][T12308] do_sys_openat2+0x10d/0x1e0 [ 434.822895][T12308] ? __pfx_do_sys_openat2+0x10/0x10 [ 434.822927][T12308] __x64_sys_openat+0x12d/0x210 [ 434.822953][T12308] ? __pfx___x64_sys_openat+0x10/0x10 [ 434.822987][T12308] do_syscall_64+0x106/0xf80 [ 434.823013][T12308] ? clear_bhb_loop+0x40/0x90 [ 434.823035][T12308] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.823054][T12308] RIP: 0033:0x7fe5fdb5cfce [ 434.823070][T12308] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 434.823087][T12308] RSP: 002b:00007fe5feb06ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 434.823105][T12308] RAX: ffffffffffffffda RBX: 00007fe5feb076c0 RCX: 00007fe5fdb5cfce [ 434.823136][T12308] RDX: 0000000000000002 RSI: 00007fe5feb06f90 RDI: ffffffffffffff9c [ 434.823147][T12308] RBP: 00007fe5fdc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 434.823157][T12308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 434.823168][T12308] R13: 00007fe5fde16038 R14: 00007fe5fde15fa0 R15: 00007ffd62ee8128 [ 434.823191][T12308] [ 435.975752][T12316] netlink: 314 bytes leftover after parsing attributes in process `syz.0.2223'. [ 436.221581][T12318] FAULT_INJECTION: forcing a failure. [ 436.221581][T12318] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 436.277481][T12318] CPU: 0 UID: 0 PID: 12318 Comm: syz.0.2224 Tainted: G L syzkaller #0 PREEMPT(full) [ 436.277513][T12318] Tainted: [L]=SOFTLOCKUP [ 436.277520][T12318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 436.277531][T12318] Call Trace: [ 436.277537][T12318] [ 436.277544][T12318] dump_stack_lvl+0x100/0x190 [ 436.277577][T12318] should_fail_ex.cold+0x5/0xa [ 436.277596][T12318] ? prepare_alloc_pages+0x16d/0x5f0 [ 436.277620][T12318] should_fail_alloc_page+0xeb/0x140 [ 436.277643][T12318] prepare_alloc_pages+0x1f0/0x5f0 [ 436.277669][T12318] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 436.277699][T12318] ? __lock_acquire+0x4a5/0x2630 [ 436.277727][T12318] ? stack_trace_save+0x8e/0xc0 [ 436.277749][T12318] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 436.277778][T12318] ? css_rstat_updated+0x1ce/0x5a0 [ 436.277799][T12318] ? __pfx_css_rstat_updated+0x10/0x10 [ 436.277820][T12318] ? __lock_acquire+0x4a5/0x2630 [ 436.277848][T12318] ? __lock_acquire+0x4a5/0x2630 [ 436.277871][T12318] ? mod_memcg_lruvec_state+0x1a6/0x630 [ 436.277899][T12318] ? find_held_lock+0x2b/0x80 [ 436.277916][T12318] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 436.277936][T12318] ? policy_nodemask+0xed/0x4f0 [ 436.277958][T12318] alloc_pages_mpol+0x1fb/0x550 [ 436.277979][T12318] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 436.277998][T12318] ? obj_cgroup_charge_account+0x46d/0x640 [ 436.278024][T12318] alloc_pages_noprof+0x131/0x390 [ 436.278046][T12318] pgd_alloc+0x4d/0x630 [ 436.278065][T12318] ? mutex_init_lockep+0x110/0x150 [ 436.278092][T12318] mm_init+0x6da/0x10d0 [ 436.278114][T12318] mm_alloc+0x97/0xd0 [ 436.278133][T12318] alloc_bprm+0x2af/0x710 [ 436.278162][T12318] do_execveat_common.isra.0+0x19c/0x580 [ 436.278193][T12318] ? do_getname+0x191/0x390 [ 436.278217][T12318] __x64_sys_execve+0x93/0xd0 [ 436.278248][T12318] do_syscall_64+0x106/0xf80 [ 436.278282][T12318] ? clear_bhb_loop+0x40/0x90 [ 436.278304][T12318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.278323][T12318] RIP: 0033:0x7fc72e79c799 [ 436.278338][T12318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 436.278357][T12318] RSP: 002b:00007fc72f5f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 436.278375][T12318] RAX: ffffffffffffffda RBX: 00007fc72ea15fa0 RCX: 00007fc72e79c799 [ 436.278386][T12318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 436.278397][T12318] RBP: 00007fc72e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 436.278408][T12318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 436.278418][T12318] R13: 00007fc72ea16038 R14: 00007fc72ea15fa0 R15: 00007ffc2c856588 [ 436.278442][T12318] [ 440.299049][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.305900][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.775342][ T5825] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 441.786476][ T5825] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 441.796247][ T5825] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 441.804221][ T5825] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 441.813968][ T5825] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 442.031390][T12405] random: crng reseeded on system resumption [ 442.107020][T12405] FAULT_INJECTION: forcing a failure. [ 442.107020][T12405] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 442.184725][T12405] CPU: 0 UID: 0 PID: 12405 Comm: syz.4.2256 Tainted: G L syzkaller #0 PREEMPT(full) [ 442.184758][T12405] Tainted: [L]=SOFTLOCKUP [ 442.184764][T12405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 442.184774][T12405] Call Trace: [ 442.184781][T12405] [ 442.184788][T12405] dump_stack_lvl+0x100/0x190 [ 442.184822][T12405] should_fail_ex.cold+0x5/0xa [ 442.184841][T12405] ? prepare_alloc_pages+0x16d/0x5f0 [ 442.184865][T12405] should_fail_alloc_page+0xeb/0x140 [ 442.184888][T12405] prepare_alloc_pages+0x1f0/0x5f0 [ 442.184914][T12405] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 442.184952][T12405] ? stack_trace_save+0x8e/0xc0 [ 442.184972][T12405] ? __pfx_stack_trace_save+0x10/0x10 [ 442.184989][T12405] ? arch_stack_walk+0xa6/0xf0 [ 442.185008][T12405] ? stack_depot_save_flags+0x27/0x9d0 [ 442.185032][T12405] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 442.185064][T12405] ? kasan_save_stack+0x3f/0x50 [ 442.185090][T12405] ? kasan_save_stack+0x30/0x50 [ 442.185117][T12405] ? kasan_save_track+0x14/0x30 [ 442.185132][T12405] ? __kasan_kmalloc+0xaa/0xb0 [ 442.185159][T12405] ? memory_bm_create+0x14d/0xba0 [ 442.185175][T12405] ? create_basic_memory_bitmaps+0x10b/0x350 [ 442.185193][T12405] ? snapshot_open+0x230/0x2a0 [ 442.185214][T12405] ? misc_open+0x26d/0x450 [ 442.185236][T12405] ? do_sys_openat2+0x10d/0x1e0 [ 442.185267][T12405] ? __x64_sys_openat+0x12d/0x210 [ 442.185291][T12405] ? do_syscall_64+0x106/0xf80 [ 442.185317][T12405] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.185341][T12405] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 442.185361][T12405] ? policy_nodemask+0xed/0x4f0 [ 442.185383][T12405] alloc_pages_mpol+0x1fb/0x550 [ 442.185403][T12405] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 442.185430][T12405] alloc_pages_noprof+0x131/0x390 [ 442.185453][T12405] get_zeroed_page_noprof+0x18/0xb0 [ 442.185474][T12405] get_image_page+0x18/0x1a0 [ 442.185504][T12405] memory_bm_create+0x9bd/0xba0 [ 442.185532][T12405] create_basic_memory_bitmaps+0x10b/0x350 [ 442.185555][T12405] snapshot_open+0x230/0x2a0 [ 442.185576][T12405] ? __pfx_snapshot_open+0x10/0x10 [ 442.185598][T12405] misc_open+0x26d/0x450 [ 442.185620][T12405] ? __pfx_misc_open+0x10/0x10 [ 442.185640][T12405] chrdev_open+0x234/0x6a0 [ 442.185659][T12405] ? __pfx_apparmor_file_open+0x10/0x10 [ 442.185678][T12405] ? __pfx_chrdev_open+0x10/0x10 [ 442.185699][T12405] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 442.185734][T12405] do_dentry_open+0x6d8/0x1660 [ 442.185752][T12405] ? __pfx_chrdev_open+0x10/0x10 [ 442.185777][T12405] vfs_open+0x82/0x3f0 [ 442.185804][T12405] path_openat+0x208c/0x31a0 [ 442.185832][T12405] ? __pfx_path_openat+0x10/0x10 [ 442.185860][T12405] do_file_open+0x20e/0x430 [ 442.185883][T12405] ? __pfx_do_file_open+0x10/0x10 [ 442.185919][T12405] ? alloc_fd+0x476/0x790 [ 442.185941][T12405] ? do_getname+0x191/0x390 [ 442.185967][T12405] do_sys_openat2+0x10d/0x1e0 [ 442.185993][T12405] ? __pfx_do_sys_openat2+0x10/0x10 [ 442.186020][T12405] ? find_held_lock+0x2b/0x80 [ 442.186043][T12405] __x64_sys_openat+0x12d/0x210 [ 442.186069][T12405] ? __pfx___x64_sys_openat+0x10/0x10 [ 442.186103][T12405] do_syscall_64+0x106/0xf80 [ 442.186130][T12405] ? clear_bhb_loop+0x40/0x90 [ 442.186152][T12405] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.186170][T12405] RIP: 0033:0x7f2c0799c799 [ 442.186187][T12405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 442.186205][T12405] RSP: 002b:00007f2c08845028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 442.186223][T12405] RAX: ffffffffffffffda RBX: 00007f2c07c15fa0 RCX: 00007f2c0799c799 [ 442.186234][T12405] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 442.186245][T12405] RBP: 00007f2c07a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 442.186317][T12405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 442.186328][T12405] R13: 00007f2c07c16038 R14: 00007f2c07c15fa0 R15: 00007ffc1ad3c948 [ 442.186352][T12405] [ 443.892905][ T5142] Bluetooth: hci4: command tx timeout [ 443.981123][T12420] netlink: 'syz.0.2261': attribute type 33 has an invalid length. [ 443.996058][T12420] netlink: 322 bytes leftover after parsing attributes in process `syz.0.2261'. [ 444.331975][ T78] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.479828][T12402] chnl_net:caif_netlink_parms(): no params data found [ 444.671327][T12377] Process accounting paused [ 444.701733][ T78] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.939653][ T78] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.052135][T12438] zswap: compressor not available [ 445.125710][ T78] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.267558][T12450] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2267'. [ 445.315132][T12402] bridge0: port 1(bridge_slave_0) entered blocking state [ 445.342304][T12402] bridge0: port 1(bridge_slave_0) entered disabled state [ 445.361174][T12402] bridge_slave_0: entered allmulticast mode [ 445.379176][T12402] bridge_slave_0: entered promiscuous mode [ 445.412073][T12402] bridge0: port 2(bridge_slave_1) entered blocking state [ 445.456381][T12402] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.476113][T12402] bridge_slave_1: entered allmulticast mode [ 445.493841][T12402] bridge_slave_1: entered promiscuous mode [ 445.617911][T12402] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 445.874550][T12402] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 445.973942][ T5142] Bluetooth: hci4: command tx timeout [ 446.088353][T12402] team0: Port device team_slave_0 added [ 446.116127][ T78] bridge_slave_1: left allmulticast mode [ 446.142873][ T78] bridge_slave_1: left promiscuous mode [ 446.176957][ T78] bridge0: port 2(bridge_slave_1) entered disabled state [ 446.240123][ T78] bridge_slave_0: left allmulticast mode [ 446.263088][ T78] bridge_slave_0: left promiscuous mode [ 446.281244][ T78] bridge0: port 1(bridge_slave_0) entered disabled state [ 447.007510][T12402] team0: Port device team_slave_1 added [ 447.472406][T12484] netlink: 'syz.4.2277': attribute type 1 has an invalid length. [ 447.510970][T12484] netlink: 314 bytes leftover after parsing attributes in process `syz.4.2277'. [ 447.546494][T12402] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 447.564667][T12402] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 447.691483][T12402] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 447.785841][T12402] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 447.820912][T12402] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 447.950037][T12402] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 448.053210][ T5142] Bluetooth: hci4: command tx timeout [ 448.474752][T12402] hsr_slave_0: entered promiscuous mode [ 448.499509][T12402] hsr_slave_1: entered promiscuous mode [ 448.520028][T12402] debugfs: 'hsr0' already exists in 'hsr' [ 448.545212][T12402] Cannot create hsr debugfs directory [ 448.688815][ T78] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 448.730043][ T78] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 448.780667][ T78] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 448.817645][ T78] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 448.851404][ T78] veth1_macvtap: left promiscuous mode [ 448.862917][ T78] veth0_macvtap: left promiscuous mode [ 448.878784][ T78] veth1_vlan: left promiscuous mode [ 448.891082][ T78] veth0_vlan: left promiscuous mode [ 449.280575][ T78] team0 (unregistering): Port device team_slave_1 removed [ 449.318870][ T78] team0 (unregistering): Port device team_slave_0 removed [ 449.666258][T12516] mkiss: ax0: crc mode is auto. [ 450.132813][ T5142] Bluetooth: hci4: command tx timeout [ 450.386060][T12527] FAULT_INJECTION: forcing a failure. [ 450.386060][T12527] name fail_futex, interval 1, probability 0, space 0, times 1 [ 450.531052][T12527] CPU: 0 UID: 0 PID: 12527 Comm: syz.2.2285 Tainted: G L syzkaller #0 PREEMPT(full) [ 450.531086][T12527] Tainted: [L]=SOFTLOCKUP [ 450.531093][T12527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 450.531103][T12527] Call Trace: [ 450.531110][T12527] [ 450.531116][T12527] dump_stack_lvl+0x100/0x190 [ 450.531150][T12527] should_fail_ex.cold+0x5/0xa [ 450.531172][T12527] get_futex_key+0x295/0x1620 [ 450.531198][T12527] ? __pfx_get_futex_key+0x10/0x10 [ 450.531230][T12527] ? kasan_save_track+0x14/0x30 [ 450.531248][T12527] ? __kasan_kmalloc+0xaa/0xb0 [ 450.531278][T12527] futex_lock_pi+0x1d3/0x7b0 [ 450.531309][T12527] ? __pfx_futex_lock_pi+0x10/0x10 [ 450.531339][T12527] ? __pfx___futex_wait+0x10/0x10 [ 450.531368][T12527] ? lockdep_hardirqs_on+0x78/0x100 [ 450.531414][T12527] ? __pfx_futex_wake_mark+0x10/0x10 [ 450.531448][T12527] ? __lock_acquire+0x4a5/0x2630 [ 450.531477][T12527] do_futex+0x18a/0x350 [ 450.531501][T12527] ? __pfx_do_futex+0x10/0x10 [ 450.531527][T12527] ? find_held_lock+0x2b/0x80 [ 450.531547][T12527] __x64_sys_futex+0x34f/0x4d0 [ 450.531574][T12527] ? __pfx___x64_sys_futex+0x10/0x10 [ 450.531608][T12527] do_syscall_64+0x106/0xf80 [ 450.531635][T12527] ? clear_bhb_loop+0x40/0x90 [ 450.531657][T12527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 450.531676][T12527] RIP: 0033:0x7fe5fdb9c799 [ 450.531691][T12527] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 450.531708][T12527] RSP: 002b:00007fe5feb07028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 450.531726][T12527] RAX: ffffffffffffffda RBX: 00007fe5fde15fa0 RCX: 00007fe5fdb9c799 [ 450.531738][T12527] RDX: 0000000000000001 RSI: 0000000000000006 RDI: 0000000000000000 [ 450.531748][T12527] RBP: 00007fe5fdc32c99 R08: 0000000000000000 R09: 00000000fffffffa [ 450.531758][T12527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 450.531768][T12527] R13: 00007fe5fde16038 R14: 00007fe5fde15fa0 R15: 00007ffd62ee8128 [ 450.531790][T12527] [ 451.363858][T12545] netlink: 25 bytes leftover after parsing attributes in process `syz.4.2291'. [ 451.622484][T12552] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2293'. [ 451.902505][T12402] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 451.950776][T12402] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 452.005164][T12402] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 452.082256][T12402] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 452.617465][T12402] 8021q: adding VLAN 0 to HW filter on device bond0 [ 452.743755][T12402] 8021q: adding VLAN 0 to HW filter on device team0 [ 452.813425][T12584] binder: 12583:12584 ioctl 40046210 0 returned -14 [ 452.835860][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 452.843178][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 452.912346][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 452.919660][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 453.153830][ T5142] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 454.048340][T12402] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 454.508148][T12402] veth0_vlan: entered promiscuous mode [ 454.528319][T12402] veth1_vlan: entered promiscuous mode [ 454.604932][T12402] veth0_macvtap: entered promiscuous mode [ 454.634820][T12402] veth1_macvtap: entered promiscuous mode [ 454.676410][T12402] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 454.701956][T12402] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 454.743143][ T36] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.752045][ T36] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.786470][ T36] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.812031][ T36] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.917307][ T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 454.947250][ T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 455.020985][T12429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 455.032274][T12429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 455.247024][T12639] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2316'. [ 455.764596][T12655] netlink: 146 bytes leftover after parsing attributes in process `syz.0.2310'. [ 455.997919][T12651] zswap: compressor not available [ 457.148907][T12683] netlink: 504 bytes leftover after parsing attributes in process `syz.5.2322'. [ 457.217680][T12683] netlink: 504 bytes leftover after parsing attributes in process `syz.5.2322'. [ 457.408146][T12689] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 458.150344][T12700] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2328'. [ 459.627894][T12731] netlink: 146 bytes leftover after parsing attributes in process `syz.2.2338'. [ 460.274646][T12742] mkiss: ax0: crc mode is auto. [ 463.135048][T12817] netlink: 290 bytes leftover after parsing attributes in process `syz.2.2360'. [ 463.160157][T12808] Process accounting resumed [ 463.508551][T12816] FAULT_INJECTION: forcing a failure. [ 463.508551][T12816] name failslab, interval 1, probability 0, space 0, times 0 [ 463.576083][T12816] CPU: 0 UID: 0 PID: 12816 Comm: syz.5.2361 Tainted: G L syzkaller #0 PREEMPT(full) [ 463.576116][T12816] Tainted: [L]=SOFTLOCKUP [ 463.576122][T12816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 463.576133][T12816] Call Trace: [ 463.576139][T12816] [ 463.576147][T12816] dump_stack_lvl+0x100/0x190 [ 463.576188][T12816] should_fail_ex.cold+0x5/0xa [ 463.576211][T12816] should_failslab+0xc2/0x120 [ 463.576232][T12816] __kmalloc_cache_noprof+0x7a/0x6f0 [ 463.576257][T12816] ? __debugfs_file_get+0x2ac/0x860 [ 463.576288][T12816] __debugfs_file_get+0x2ac/0x860 [ 463.576314][T12816] ? __pfx___debugfs_file_get+0x10/0x10 [ 463.576340][T12816] ? do_raw_spin_lock+0x128/0x260 [ 463.576368][T12816] ? __pfx_apparmor_file_open+0x10/0x10 [ 463.576386][T12816] ? path_get+0x61/0x80 [ 463.576409][T12816] open_proxy_open+0x7e/0x330 [ 463.576440][T12816] do_dentry_open+0x6d8/0x1660 [ 463.576458][T12816] ? __pfx_open_proxy_open+0x10/0x10 [ 463.576492][T12816] vfs_open+0x82/0x3f0 [ 463.576518][T12816] path_openat+0x208c/0x31a0 [ 463.576545][T12816] ? __pfx_path_openat+0x10/0x10 [ 463.576573][T12816] do_file_open+0x20e/0x430 [ 463.576594][T12816] ? __pfx_do_file_open+0x10/0x10 [ 463.576629][T12816] ? alloc_fd+0x476/0x790 [ 463.576650][T12816] ? do_getname+0x191/0x390 [ 463.576676][T12816] do_sys_openat2+0x10d/0x1e0 [ 463.576701][T12816] ? __pfx_do_sys_openat2+0x10/0x10 [ 463.576734][T12816] __x64_sys_openat+0x12d/0x210 [ 463.576759][T12816] ? __pfx___x64_sys_openat+0x10/0x10 [ 463.576793][T12816] do_syscall_64+0x106/0xf80 [ 463.576820][T12816] ? clear_bhb_loop+0x40/0x90 [ 463.576841][T12816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.576860][T12816] RIP: 0033:0x7fbd7e59c799 [ 463.576876][T12816] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 463.576893][T12816] RSP: 002b:00007fbd7f521028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 463.576911][T12816] RAX: ffffffffffffffda RBX: 00007fbd7e815fa0 RCX: 00007fbd7e59c799 [ 463.576923][T12816] RDX: 0000000000000080 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 463.576934][T12816] RBP: 00007fbd7e632c99 R08: 0000000000000000 R09: 0000000000000000 [ 463.576945][T12816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 463.576955][T12816] R13: 00007fbd7e816038 R14: 00007fbd7e815fa0 R15: 00007ffdea5cb598 [ 463.576978][T12816] [ 465.699877][T12852] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2371'. [ 465.783199][T12852] netlink: 154 bytes leftover after parsing attributes in process `syz.0.2371'. [ 467.098720][T12885] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2379'. [ 467.441046][T12888] netlink: 346 bytes leftover after parsing attributes in process `syz.5.2380'. [ 467.453809][T12890] netlink: 146 bytes leftover after parsing attributes in process `syz.0.2381'. [ 467.799312][T12902] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2384'. [ 467.872754][T12902] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2384'. [ 467.926199][T12906] netlink: 134 bytes leftover after parsing attributes in process `syz.5.2384'. [ 470.433333][T12967] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2409'. [ 470.495767][T12967] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2409'. [ 471.551777][T12998] netlink: 'syz.0.2410': attribute type 1 has an invalid length. [ 471.611067][T12998] netlink: 'syz.0.2410': attribute type 6 has an invalid length. [ 472.412957][T13012] FAULT_INJECTION: forcing a failure. [ 472.412957][T13012] name failslab, interval 1, probability 0, space 0, times 0 [ 472.496215][T13012] CPU: 0 UID: 0 PID: 13012 Comm: syz.0.2412 Tainted: G L syzkaller #0 PREEMPT(full) [ 472.496247][T13012] Tainted: [L]=SOFTLOCKUP [ 472.496254][T13012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 472.496264][T13012] Call Trace: [ 472.496271][T13012] [ 472.496278][T13012] dump_stack_lvl+0x100/0x190 [ 472.496312][T13012] should_fail_ex.cold+0x5/0xa [ 472.496335][T13012] should_failslab+0xc2/0x120 [ 472.496356][T13012] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 472.496385][T13012] ? proc_alloc_inode+0x25/0x200 [ 472.496415][T13012] ? __pfx_proc_alloc_inode+0x10/0x10 [ 472.496444][T13012] proc_alloc_inode+0x25/0x200 [ 472.496470][T13012] alloc_inode+0x68/0x250 [ 472.496494][T13012] new_inode+0x22/0x1c0 [ 472.496521][T13012] proc_pid_make_inode+0x22/0x160 [ 472.496549][T13012] proc_pident_instantiate+0x85/0x310 [ 472.496581][T13012] proc_pident_lookup+0x1e3/0x270 [ 472.496615][T13012] __lookup_slow+0x251/0x460 [ 472.496639][T13012] ? __pfx___lookup_slow+0x10/0x10 [ 472.496682][T13012] lookup_slow+0x50/0x70 [ 472.496707][T13012] link_path_walk+0x1377/0x1cc0 [ 472.496752][T13012] path_openat+0x1be/0x31a0 [ 472.496770][T13012] ? kasan_save_stack+0x3f/0x50 [ 472.496797][T13012] ? kasan_save_stack+0x30/0x50 [ 472.496824][T13012] ? kasan_save_track+0x14/0x30 [ 472.496840][T13012] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 472.496874][T13012] ? __pfx_path_openat+0x10/0x10 [ 472.496902][T13012] do_file_open+0x20e/0x430 [ 472.496923][T13012] ? __pfx_do_file_open+0x10/0x10 [ 472.496951][T13012] ? __pfx_kfree_link+0x10/0x10 [ 472.496985][T13012] ? alloc_fd+0x476/0x790 [ 472.497008][T13012] ? do_getname+0x191/0x390 [ 472.497034][T13012] do_sys_openat2+0x10d/0x1e0 [ 472.497059][T13012] ? __pfx_do_sys_openat2+0x10/0x10 [ 472.497098][T13012] __x64_sys_openat+0x12d/0x210 [ 472.497124][T13012] ? __pfx___x64_sys_openat+0x10/0x10 [ 472.497169][T13012] do_syscall_64+0x106/0xf80 [ 472.497197][T13012] ? clear_bhb_loop+0x40/0x90 [ 472.497219][T13012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.497238][T13012] RIP: 0033:0x7fc72e75cfce [ 472.497255][T13012] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 472.497272][T13012] RSP: 002b:00007fc72f5f3ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 472.497291][T13012] RAX: ffffffffffffffda RBX: 00007fc72f5f46c0 RCX: 00007fc72e75cfce [ 472.497303][T13012] RDX: 0000000000000002 RSI: 00007fc72f5f3f90 RDI: ffffffffffffff9c [ 472.497314][T13012] RBP: 00007fc72e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 472.497324][T13012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 472.497334][T13012] R13: 00007fc72ea16038 R14: 00007fc72ea15fa0 R15: 00007ffc2c856588 [ 472.497357][T13012] [ 473.161632][T13028] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2418'. [ 474.016323][T13041] zswap: compressor not available [ 474.116519][T13052] netlink: 'syz.2.2426': attribute type 33 has an invalid length. [ 474.940561][T13067] Process accounting resumed [ 476.791516][T13117] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2444'. [ 480.261348][T13195] netlink: 346 bytes leftover after parsing attributes in process `syz.4.2463'. [ 482.545472][T13247] sp0: Synchronizing with TNC [ 483.956314][T13271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2482'. [ 484.034195][T13273] netlink: 25 bytes leftover after parsing attributes in process `syz.4.2482'. [ 486.650108][T13304] netlink: 'syz.2.2493': attribute type 5 has an invalid length. [ 486.774166][T13304] netlink: 314 bytes leftover after parsing attributes in process `syz.2.2493'. [ 487.672974][T13320] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2499'. [ 488.674368][T13344] binder: 13343:13344 ioctl c0046209 9 returned -22 [ 489.060773][T13352] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 489.460314][T13358] FAULT_INJECTION: forcing a failure. [ 489.460314][T13358] name failslab, interval 1, probability 0, space 0, times 0 [ 489.522735][T13358] CPU: 0 UID: 0 PID: 13358 Comm: syz.0.2511 Tainted: G L syzkaller #0 PREEMPT(full) [ 489.522767][T13358] Tainted: [L]=SOFTLOCKUP [ 489.522774][T13358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 489.522785][T13358] Call Trace: [ 489.522791][T13358] [ 489.522798][T13358] dump_stack_lvl+0x100/0x190 [ 489.522831][T13358] should_fail_ex.cold+0x5/0xa [ 489.522853][T13358] should_failslab+0xc2/0x120 [ 489.522874][T13358] __kmalloc_cache_noprof+0x7a/0x6f0 [ 489.522898][T13358] ? io_uring_alloc_task_context+0xa7/0x54b [ 489.522953][T13358] io_uring_alloc_task_context+0xa7/0x54b [ 489.522982][T13358] ? file_init_path+0x48e/0x670 [ 489.523004][T13358] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 489.523036][T13358] ? alloc_file_pseudo+0x1a5/0x230 [ 489.523064][T13358] __io_uring_add_tctx_node.cold+0x10/0x195 [ 489.523101][T13358] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 489.523124][T13358] ? __anon_inode_getfile+0x17c/0x280 [ 489.523148][T13358] io_uring_setup.cold+0x1a83/0x1d79 [ 489.523180][T13358] ? __pfx_io_uring_setup+0x10/0x10 [ 489.523209][T13358] ? __pfx_do_futex+0x10/0x10 [ 489.523244][T13358] ? xfd_validate_state+0x129/0x190 [ 489.523278][T13358] __x64_sys_io_uring_setup+0xc2/0x170 [ 489.523304][T13358] do_syscall_64+0x106/0xf80 [ 489.523331][T13358] ? clear_bhb_loop+0x40/0x90 [ 489.523353][T13358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 489.523372][T13358] RIP: 0033:0x7fc72e79c799 [ 489.523387][T13358] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 489.523404][T13358] RSP: 002b:00007fc72f5f4028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 489.523422][T13358] RAX: ffffffffffffffda RBX: 00007fc72ea15fa0 RCX: 00007fc72e79c799 [ 489.523433][T13358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 489.523444][T13358] RBP: 00007fc72e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 489.523454][T13358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 489.523465][T13358] R13: 00007fc72ea16038 R14: 00007fc72ea15fa0 R15: 00007ffc2c856588 [ 489.523488][T13358] [ 490.747723][T13360] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2512'. [ 492.509862][T13388] serio: Serial port pty6 [ 493.231213][T13402] Process accounting paused [ 493.712894][T13415] netlink: 25 bytes leftover after parsing attributes in process `syz.5.2534'. [ 495.152989][T13442] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2546'. [ 498.280100][T13491] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2561'. [ 498.863186][T13499] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2561'. [ 499.516918][T13507] mkiss: ax0: crc mode is auto. [ 500.269589][T13515] netlink: 146 bytes leftover after parsing attributes in process `syz.0.2571'. [ 501.035473][T13530] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2576'. [ 501.736648][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.744451][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.371426][T13550] mkiss: ax0: crc mode is auto. [ 504.705347][T13600] random: crng reseeded on system resumption [ 505.099411][T13604] mkiss: ax0: crc mode is auto. [ 505.117666][T13608] Process accounting paused [ 506.549722][T13640] FAULT_INJECTION: forcing a failure. [ 506.549722][T13640] name failslab, interval 1, probability 0, space 0, times 0 [ 506.621542][T13640] CPU: 0 UID: 0 PID: 13640 Comm: syz.2.2614 Tainted: G L syzkaller #0 PREEMPT(full) [ 506.621574][T13640] Tainted: [L]=SOFTLOCKUP [ 506.621580][T13640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 506.621590][T13640] Call Trace: [ 506.621597][T13640] [ 506.621604][T13640] dump_stack_lvl+0x100/0x190 [ 506.621637][T13640] should_fail_ex.cold+0x5/0xa [ 506.621659][T13640] ? __register_sysctl_table+0xbe4/0x1650 [ 506.621677][T13640] should_failslab+0xc2/0x120 [ 506.621697][T13640] __kmalloc_noprof+0xe0/0x850 [ 506.621730][T13640] __register_sysctl_table+0xbe4/0x1650 [ 506.621754][T13640] ? __pfx___register_sysctl_table+0x10/0x10 [ 506.621777][T13640] ? is_module_address+0x69/0xf0 [ 506.621802][T13640] ? register_net_sysctl_sz+0x222/0x430 [ 506.621828][T13640] __devinet_sysctl_register+0x1b9/0x360 [ 506.621849][T13640] ? trace_kmalloc+0x101/0x130 [ 506.621869][T13640] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 506.621891][T13640] ? __asan_memcpy+0x3c/0x60 [ 506.621920][T13640] devinet_init_net+0x334/0x8d0 [ 506.621941][T13640] ? __pfx_devinet_init_net+0x10/0x10 [ 506.621959][T13640] ops_init+0x1e2/0x5f0 [ 506.621989][T13640] setup_net+0x118/0x3a0 [ 506.622018][T13640] ? __pfx_setup_net+0x10/0x10 [ 506.622046][T13640] ? lockdep_init_map_type+0x5c/0x250 [ 506.622071][T13640] ? mutex_init_lockep+0x110/0x150 [ 506.622100][T13640] copy_net_ns+0x46f/0x7c0 [ 506.622121][T13640] create_new_namespaces+0x3ea/0xac0 [ 506.622147][T13640] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 506.622170][T13640] ksys_unshare+0x473/0xad0 [ 506.622194][T13640] ? __pfx_ksys_unshare+0x10/0x10 [ 506.622227][T13640] __x64_sys_unshare+0x31/0x40 [ 506.622249][T13640] do_syscall_64+0x106/0xf80 [ 506.622276][T13640] ? clear_bhb_loop+0x40/0x90 [ 506.622306][T13640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.622325][T13640] RIP: 0033:0x7fe5fdb9c799 [ 506.622340][T13640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 506.622357][T13640] RSP: 002b:00007fe5feb07028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 506.622375][T13640] RAX: ffffffffffffffda RBX: 00007fe5fde15fa0 RCX: 00007fe5fdb9c799 [ 506.622388][T13640] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 506.622398][T13640] RBP: 00007fe5fdc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 506.622409][T13640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 506.622419][T13640] R13: 00007fe5fde16038 R14: 00007fe5fde15fa0 R15: 00007ffd62ee8128 [ 506.622443][T13640] [ 506.622504][T13640] sysctl could not get directory: /net/ipv4/conf/default -12 [ 506.952475][T13642] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2616'. [ 506.979889][T13642] bridge0: port 2(bridge_slave_1) entered disabled state [ 506.987502][T13642] bridge0: port 1(bridge_slave_0) entered disabled state [ 508.818385][T13674] [U] [ 508.821491][T13674] [U] [ 508.824272][T13674] [U] [ 508.826956][T13674] [U] [ 508.876178][T13674] [U] [ 508.878934][T13674] [U] [ 508.881644][T13674] [U] [ 508.884434][T13674] [U] [ 508.923384][T13674] [U] [ 508.926199][T13674] [U] [ 508.928888][T13674] [U] [ 508.931587][T13674] [U] [ 508.987406][T13674] [U] [ 508.990277][T13674] [U] [ 508.993197][T13674] [U] [ 508.995906][T13674] [U] [ 509.027235][T13674] [U] [ 509.304841][T13686] netlink: 252 bytes leftover after parsing attributes in process `syz.5.2631'. [ 509.371022][T13686] unsupported nla_type 65535 [ 509.913760][T13692] zswap: compressor not available [ 510.211490][T13705] FAULT_INJECTION: forcing a failure. [ 510.211490][T13705] name failslab, interval 1, probability 0, space 0, times 0 [ 510.272535][T13705] CPU: 0 UID: 0 PID: 13705 Comm: syz.5.2636 Tainted: G L syzkaller #0 PREEMPT(full) [ 510.272573][T13705] Tainted: [L]=SOFTLOCKUP [ 510.272580][T13705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 510.272591][T13705] Call Trace: [ 510.272598][T13705] [ 510.272605][T13705] dump_stack_lvl+0x100/0x190 [ 510.272640][T13705] should_fail_ex.cold+0x5/0xa [ 510.272663][T13705] should_failslab+0xc2/0x120 [ 510.272684][T13705] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 510.272712][T13705] ? security_inode_alloc+0x3b/0x2c0 [ 510.272731][T13705] ? lockdep_init_map_type+0x5c/0x250 [ 510.272760][T13705] security_inode_alloc+0x3b/0x2c0 [ 510.272779][T13705] inode_init_always_gfp+0xced/0x1040 [ 510.272802][T13705] alloc_inode+0x8e/0x250 [ 510.272828][T13705] path_from_stashed+0x25b/0x750 [ 510.272848][T13705] ? do_raw_spin_unlock+0x145/0x1e0 [ 510.272880][T13705] ns_get_path+0x60/0x80 [ 510.272899][T13705] proc_ns_get_link+0x121/0x230 [ 510.272926][T13705] ? __pfx_proc_ns_get_link+0x10/0x10 [ 510.272954][T13705] ? atime_needs_update+0x8b/0x6b0 [ 510.272983][T13705] pick_link+0xd17/0x13c0 [ 510.273009][T13705] ? __pfx_proc_ns_get_link+0x10/0x10 [ 510.273038][T13705] step_into_slowpath+0x9ba/0xf90 [ 510.273080][T13705] ? __pfx_step_into_slowpath+0x10/0x10 [ 510.273107][T13705] ? find_held_lock+0x2b/0x80 [ 510.273133][T13705] path_openat+0xf95/0x31a0 [ 510.273159][T13705] ? __pfx_path_openat+0x10/0x10 [ 510.273188][T13705] do_file_open+0x20e/0x430 [ 510.273210][T13705] ? __pfx_do_file_open+0x10/0x10 [ 510.273247][T13705] ? alloc_fd+0x476/0x790 [ 510.273268][T13705] ? do_getname+0x191/0x390 [ 510.273294][T13705] do_sys_openat2+0x10d/0x1e0 [ 510.273320][T13705] ? __pfx_do_sys_openat2+0x10/0x10 [ 510.273347][T13705] ? __fget_files+0x21f/0x3d0 [ 510.273369][T13705] __x64_sys_openat+0x12d/0x210 [ 510.273394][T13705] ? __pfx___x64_sys_openat+0x10/0x10 [ 510.273429][T13705] do_syscall_64+0x106/0xf80 [ 510.273456][T13705] ? clear_bhb_loop+0x40/0x90 [ 510.273478][T13705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 510.273496][T13705] RIP: 0033:0x7fbd7e55cfce [ 510.273512][T13705] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 510.273531][T13705] RSP: 002b:00007fbd7f520ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 510.273549][T13705] RAX: ffffffffffffffda RBX: 00007fbd7f5216c0 RCX: 00007fbd7e55cfce [ 510.273561][T13705] RDX: 0000000000000002 RSI: 00007fbd7f520f90 RDI: ffffffffffffff9c [ 510.273572][T13705] RBP: 00007fbd7e632c99 R08: 0000000000000000 R09: 0000000000000000 [ 510.273583][T13705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 510.273594][T13705] R13: 00007fbd7e816038 R14: 00007fbd7e815fa0 R15: 00007ffdea5cb598 [ 510.273617][T13705] [ 511.377556][T13731] netlink: 146 bytes leftover after parsing attributes in process `syz.4.2645'. [ 512.141445][T13746] netlink: 354 bytes leftover after parsing attributes in process `syz.4.2650'. [ 512.911796][T13762] KVM: debugfs: duplicate directory 13762-3 [ 513.240603][T13773] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input10 [ 513.609339][T13785] FAULT_INJECTION: forcing a failure. [ 513.609339][T13785] name failslab, interval 1, probability 0, space 0, times 0 [ 513.657076][T13785] CPU: 0 UID: 0 PID: 13785 Comm: syz.4.2664 Tainted: G L syzkaller #0 PREEMPT(full) [ 513.657108][T13785] Tainted: [L]=SOFTLOCKUP [ 513.657115][T13785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 513.657127][T13785] Call Trace: [ 513.657133][T13785] [ 513.657140][T13785] dump_stack_lvl+0x100/0x190 [ 513.657173][T13785] should_fail_ex.cold+0x5/0xa [ 513.657197][T13785] should_failslab+0xc2/0x120 [ 513.657219][T13785] __kmalloc_cache_noprof+0x7a/0x6f0 [ 513.657243][T13785] ? io_uring_alloc_task_context+0x1a6/0x54b [ 513.657270][T13785] ? __percpu_counter_init_many+0x2c1/0x3b0 [ 513.657297][T13785] io_uring_alloc_task_context+0x1a6/0x54b [ 513.657330][T13785] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 513.657361][T13785] ? alloc_file_pseudo+0x1a5/0x230 [ 513.657389][T13785] __io_uring_add_tctx_node.cold+0x10/0x195 [ 513.657419][T13785] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 513.657441][T13785] ? __anon_inode_getfile+0x17c/0x280 [ 513.657466][T13785] io_uring_setup.cold+0x1a83/0x1d79 [ 513.657498][T13785] ? __pfx_io_uring_setup+0x10/0x10 [ 513.657527][T13785] ? __pfx_do_futex+0x10/0x10 [ 513.657563][T13785] ? xfd_validate_state+0x129/0x190 [ 513.657596][T13785] __x64_sys_io_uring_setup+0xc2/0x170 [ 513.657623][T13785] do_syscall_64+0x106/0xf80 [ 513.657650][T13785] ? clear_bhb_loop+0x40/0x90 [ 513.657673][T13785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.657692][T13785] RIP: 0033:0x7f2c0799c799 [ 513.657708][T13785] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 513.657725][T13785] RSP: 002b:00007f2c08845028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 513.657745][T13785] RAX: ffffffffffffffda RBX: 00007f2c07c15fa0 RCX: 00007f2c0799c799 [ 513.657757][T13785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 513.657767][T13785] RBP: 00007f2c07a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 513.657777][T13785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 513.657787][T13785] R13: 00007f2c07c16038 R14: 00007f2c07c15fa0 R15: 00007ffc1ad3c948 [ 513.657811][T13785] [ 514.059491][T13790] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2665'. [ 515.029911][T13810] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input11 [ 518.585694][T13867] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2691'. [ 518.641648][T13867] unsupported nlmsg_type 40 [ 519.153591][T13874] binder: 13873:13874 ioctl c0306201 2000000000c0 returned -14 [ 519.278955][T13876] netlink: 54 bytes leftover after parsing attributes in process `syz.2.2695'. [ 519.476359][T13881] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 520.039888][T13893] netlink: 'syz.5.2700': attribute type 33 has an invalid length. [ 520.566060][T13907] FAULT_INJECTION: forcing a failure. [ 520.566060][T13907] name failslab, interval 1, probability 0, space 0, times 0 [ 520.620822][T13907] CPU: 0 UID: 0 PID: 13907 Comm: syz.2.2705 Tainted: G L syzkaller #0 PREEMPT(full) [ 520.620854][T13907] Tainted: [L]=SOFTLOCKUP [ 520.620861][T13907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 520.620872][T13907] Call Trace: [ 520.620879][T13907] [ 520.620886][T13907] dump_stack_lvl+0x100/0x190 [ 520.620919][T13907] should_fail_ex.cold+0x5/0xa [ 520.620942][T13907] should_failslab+0xc2/0x120 [ 520.620963][T13907] __kmalloc_cache_noprof+0x7a/0x6f0 [ 520.620988][T13907] ? p9_client_create+0xaf/0xd40 [ 520.621030][T13907] p9_client_create+0xaf/0xd40 [ 520.621060][T13907] ? __pfx_p9_client_create+0x10/0x10 [ 520.621095][T13907] ? lockdep_init_map_type+0x5c/0x250 [ 520.621122][T13907] ? __raw_spin_lock_init+0x3a/0x110 [ 520.621153][T13907] v9fs_session_init+0x40/0xce0 [ 520.621180][T13907] ? kasan_save_track+0x14/0x30 [ 520.621199][T13907] v9fs_get_tree+0xb8/0xb50 [ 520.621214][T13907] ? rcu_is_watching+0x12/0xc0 [ 520.621264][T13907] ? __pfx_v9fs_get_tree+0x10/0x10 [ 520.621283][T13907] ? bpf_lsm_capable+0x9/0x10 [ 520.621304][T13907] ? security_capable+0x80/0x260 [ 520.621335][T13907] vfs_get_tree+0x92/0x320 [ 520.621362][T13907] vfs_cmd_create+0xd7/0x2a0 [ 520.621387][T13907] __do_sys_fsconfig+0x55a/0xcb0 [ 520.621413][T13907] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 520.621449][T13907] do_syscall_64+0x106/0xf80 [ 520.621477][T13907] ? clear_bhb_loop+0x40/0x90 [ 520.621500][T13907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 520.621519][T13907] RIP: 0033:0x7fe5fdb9c799 [ 520.621535][T13907] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 520.621553][T13907] RSP: 002b:00007fe5feb07028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 520.621572][T13907] RAX: ffffffffffffffda RBX: 00007fe5fde15fa0 RCX: 00007fe5fdb9c799 [ 520.621583][T13907] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003 [ 520.621594][T13907] RBP: 00007fe5fdc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 520.621605][T13907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 520.621615][T13907] R13: 00007fe5fde16038 R14: 00007fe5fde15fa0 R15: 00007ffd62ee8128 [ 520.621639][T13907] [ 521.008606][T13911] FAULT_INJECTION: forcing a failure. [ 521.008606][T13911] name failslab, interval 1, probability 0, space 0, times 0 [ 521.021659][T13911] CPU: 0 UID: 0 PID: 13911 Comm: syz.4.2709 Tainted: G L syzkaller #0 PREEMPT(full) [ 521.021690][T13911] Tainted: [L]=SOFTLOCKUP [ 521.021697][T13911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 521.021708][T13911] Call Trace: [ 521.021715][T13911] [ 521.021722][T13911] dump_stack_lvl+0x100/0x190 [ 521.021754][T13911] should_fail_ex.cold+0x5/0xa [ 521.021776][T13911] ? lsm_blob_alloc+0x68/0x90 [ 521.021801][T13911] should_failslab+0xc2/0x120 [ 521.021821][T13911] __kmalloc_noprof+0xe0/0x850 [ 521.021849][T13911] ? trace_kmalloc+0x101/0x130 [ 521.021872][T13911] lsm_blob_alloc+0x68/0x90 [ 521.021899][T13911] security_sk_alloc+0x2d/0x290 [ 521.021919][T13911] sk_prot_alloc+0x12a/0x2a0 [ 521.021941][T13911] sk_alloc+0x36/0xe80 [ 521.021966][T13911] packet_create+0x127/0x8e0 [ 521.021989][T13911] __sock_create+0x339/0x860 [ 521.022020][T13911] __sys_socket+0x14d/0x260 [ 521.022042][T13911] ? __pfx___sys_socket+0x10/0x10 [ 521.022070][T13911] __x64_sys_socket+0x72/0xb0 [ 521.022091][T13911] ? lockdep_hardirqs_on+0x78/0x100 [ 521.022118][T13911] do_syscall_64+0x106/0xf80 [ 521.022144][T13911] ? clear_bhb_loop+0x40/0x90 [ 521.022167][T13911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 521.022186][T13911] RIP: 0033:0x7f2c0799c799 [ 521.022202][T13911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 521.022220][T13911] RSP: 002b:00007f2c08845028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 521.022238][T13911] RAX: ffffffffffffffda RBX: 00007f2c07c15fa0 RCX: 00007f2c0799c799 [ 521.022249][T13911] RDX: 00000000000000ab RSI: 0000000000080003 RDI: 0000000000000011 [ 521.022260][T13911] RBP: 00007f2c07a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 521.022271][T13911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 521.022281][T13911] R13: 00007f2c07c16038 R14: 00007f2c07c15fa0 R15: 00007ffc1ad3c948 [ 521.022304][T13911] [ 522.152537][T13934] netlink: 18 bytes leftover after parsing attributes in process `syz.5.2716'. [ 523.017003][T13946] FAULT_INJECTION: forcing a failure. [ 523.017003][T13946] name failslab, interval 1, probability 0, space 0, times 0 [ 523.055357][T13946] CPU: 0 UID: 0 PID: 13946 Comm: syz.0.2720 Tainted: G L syzkaller #0 PREEMPT(full) [ 523.055389][T13946] Tainted: [L]=SOFTLOCKUP [ 523.055396][T13946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 523.055408][T13946] Call Trace: [ 523.055414][T13946] [ 523.055421][T13946] dump_stack_lvl+0x100/0x190 [ 523.055454][T13946] should_fail_ex.cold+0x5/0xa [ 523.055477][T13946] should_failslab+0xc2/0x120 [ 523.055497][T13946] __kmalloc_cache_noprof+0x7a/0x6f0 [ 523.055523][T13946] ? tipc_conn_alloc+0x48/0x590 [ 523.055545][T13946] ? net_generic+0xea/0x2a0 [ 523.055569][T13946] ? net_generic+0xea/0x2a0 [ 523.055595][T13946] tipc_conn_alloc+0x48/0x590 [ 523.055620][T13946] tipc_topsrv_kern_subscr+0x11c/0x3c0 [ 523.055647][T13946] ? __pfx_tipc_topsrv_kern_subscr+0x10/0x10 [ 523.055675][T13946] ? net_generic+0xea/0x2a0 [ 523.055706][T13946] tipc_group_create+0x4ab/0x660 [ 523.055735][T13946] tipc_setsockopt+0x611/0xe30 [ 523.055762][T13946] ? __pfx_tipc_setsockopt+0x10/0x10 [ 523.055791][T13946] ? __pfx_tipc_setsockopt+0x10/0x10 [ 523.055810][T13946] do_sock_setsockopt+0xf3/0x1d0 [ 523.055832][T13946] __sys_setsockopt+0x119/0x190 [ 523.055863][T13946] __x64_sys_setsockopt+0xbd/0x160 [ 523.055888][T13946] ? do_syscall_64+0x95/0xf80 [ 523.055916][T13946] ? lockdep_hardirqs_on+0x78/0x100 [ 523.055943][T13946] do_syscall_64+0x106/0xf80 [ 523.055969][T13946] ? clear_bhb_loop+0x40/0x90 [ 523.055992][T13946] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.056011][T13946] RIP: 0033:0x7fc72e79c799 [ 523.056027][T13946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 523.056052][T13946] RSP: 002b:00007fc72f5f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 523.056070][T13946] RAX: ffffffffffffffda RBX: 00007fc72ea15fa0 RCX: 00007fc72e79c799 [ 523.056084][T13946] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 523.056095][T13946] RBP: 00007fc72e832c99 R08: 0000000000000014 R09: 0000000000000000 [ 523.056106][T13946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 523.056116][T13946] R13: 00007fc72ea16038 R14: 00007fc72ea15fa0 R15: 00007ffc2c856588 [ 523.056139][T13946] [ 523.305841][T13946] Process accounting resumed [ 524.295308][ T5825] Bluetooth: hci1: command 0x0406 tx timeout [ 529.597411][T14080] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2763'. [ 529.930006][T14089] netlink: 86 bytes leftover after parsing attributes in process `syz.0.2768'. [ 530.229893][T14093] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2770'. [ 530.772746][T14105] FAULT_INJECTION: forcing a failure. [ 530.772746][T14105] name failslab, interval 1, probability 0, space 0, times 0 [ 530.836616][T14105] CPU: 0 UID: 0 PID: 14105 Comm: syz.5.2775 Tainted: G L syzkaller #0 PREEMPT(full) [ 530.836649][T14105] Tainted: [L]=SOFTLOCKUP [ 530.836656][T14105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 530.836667][T14105] Call Trace: [ 530.836673][T14105] [ 530.836680][T14105] dump_stack_lvl+0x100/0x190 [ 530.836713][T14105] should_fail_ex.cold+0x5/0xa [ 530.836737][T14105] should_failslab+0xc2/0x120 [ 530.836758][T14105] __kmalloc_cache_noprof+0x7a/0x6f0 [ 530.836783][T14105] ? create_filter_start.constprop.0+0x1c4/0x310 [ 530.836821][T14105] ? __asan_memcpy+0x3c/0x60 [ 530.836851][T14105] create_filter_start.constprop.0+0x1c4/0x310 [ 530.836884][T14105] create_filter+0xb5/0x210 [ 530.836913][T14105] ? __pfx_create_filter+0x10/0x10 [ 530.836944][T14105] ? find_held_lock+0x2b/0x80 [ 530.836965][T14105] apply_event_filter+0x220/0x500 [ 530.837003][T14105] ? __pfx_apply_event_filter+0x10/0x10 [ 530.837041][T14105] event_filter_write+0x16d/0x290 [ 530.837065][T14105] vfs_write+0x2aa/0x1070 [ 530.837084][T14105] ? __pfx_event_filter_write+0x10/0x10 [ 530.837110][T14105] ? __pfx_vfs_write+0x10/0x10 [ 530.837127][T14105] ? __fget_files+0x215/0x3d0 [ 530.837151][T14105] ? __fget_files+0x21f/0x3d0 [ 530.837176][T14105] ksys_write+0x12a/0x250 [ 530.837194][T14105] ? __pfx_ksys_write+0x10/0x10 [ 530.837219][T14105] do_syscall_64+0x106/0xf80 [ 530.837247][T14105] ? clear_bhb_loop+0x40/0x90 [ 530.837269][T14105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.837288][T14105] RIP: 0033:0x7fbd7e59c799 [ 530.837304][T14105] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 530.837321][T14105] RSP: 002b:00007fbd7f521028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 530.837339][T14105] RAX: ffffffffffffffda RBX: 00007fbd7e815fa0 RCX: 00007fbd7e59c799 [ 530.837351][T14105] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 530.837362][T14105] RBP: 00007fbd7e632c99 R08: 0000000000000000 R09: 0000000000000000 [ 530.837373][T14105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 530.837383][T14105] R13: 00007fbd7e816038 R14: 00007fbd7e815fa0 R15: 00007ffdea5cb598 [ 530.837407][T14105] [ 531.127715][T14102] serio: Serial port pty6 [ 531.322849][T14108] zswap: compressor not available [ 531.415319][T14117] netlink: 266 bytes leftover after parsing attributes in process `syz.5.2778'. [ 531.455419][T14117] IPv6: NLM_F_CREATE should be specified when creating new route [ 531.950255][T14126] mkiss: ax0: crc mode is auto. [ 533.746706][T14163] netlink: 'syz.5.2796': attribute type 1 has an invalid length. [ 533.791294][T14163] netlink: 'syz.5.2796': attribute type 6 has an invalid length. [ 534.022940][T14168] FAULT_INJECTION: forcing a failure. [ 534.022940][T14168] name failslab, interval 1, probability 0, space 0, times 0 [ 534.086421][T14168] CPU: 0 UID: 0 PID: 14168 Comm: syz.2.2798 Tainted: G L syzkaller #0 PREEMPT(full) [ 534.086453][T14168] Tainted: [L]=SOFTLOCKUP [ 534.086460][T14168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 534.086471][T14168] Call Trace: [ 534.086477][T14168] [ 534.086485][T14168] dump_stack_lvl+0x100/0x190 [ 534.086518][T14168] should_fail_ex.cold+0x5/0xa [ 534.086540][T14168] ? sk_prot_alloc+0x10b/0x2a0 [ 534.086560][T14168] should_failslab+0xc2/0x120 [ 534.086580][T14168] __kmalloc_noprof+0xe0/0x850 [ 534.086608][T14168] ? lockdep_init_map_type+0x5c/0x250 [ 534.086637][T14168] sk_prot_alloc+0x10b/0x2a0 [ 534.086658][T14168] sk_alloc+0x36/0xe80 [ 534.086684][T14168] pppoe_create+0x32/0x360 [ 534.086708][T14168] pppox_create+0x15c/0x2c0 [ 534.086731][T14168] __sock_create+0x339/0x860 [ 534.086756][T14168] __sys_socket+0x14d/0x260 [ 534.086777][T14168] ? __pfx___sys_socket+0x10/0x10 [ 534.086805][T14168] __x64_sys_socket+0x72/0xb0 [ 534.086826][T14168] ? lockdep_hardirqs_on+0x78/0x100 [ 534.086854][T14168] do_syscall_64+0x106/0xf80 [ 534.086880][T14168] ? clear_bhb_loop+0x40/0x90 [ 534.086901][T14168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.086920][T14168] RIP: 0033:0x7fe5fdb9c799 [ 534.086942][T14168] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 534.086959][T14168] RSP: 002b:00007fe5feb07028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 534.086977][T14168] RAX: ffffffffffffffda RBX: 00007fe5fde15fa0 RCX: 00007fe5fdb9c799 [ 534.086988][T14168] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000018 [ 534.086999][T14168] RBP: 00007fe5fdc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 534.087010][T14168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 534.087021][T14168] R13: 00007fe5fde16038 R14: 00007fe5fde15fa0 R15: 00007ffd62ee8128 [ 534.087045][T14168] [ 535.279825][T14182] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2805'. [ 535.306895][T14167] Process accounting resumed [ 536.397591][T14203] FAULT_INJECTION: forcing a failure. [ 536.397591][T14203] name failslab, interval 1, probability 0, space 0, times 0 [ 536.455899][T14203] CPU: 0 UID: 0 PID: 14203 Comm: syz.5.2811 Tainted: G L syzkaller #0 PREEMPT(full) [ 536.455931][T14203] Tainted: [L]=SOFTLOCKUP [ 536.455938][T14203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 536.455949][T14203] Call Trace: [ 536.455955][T14203] [ 536.455962][T14203] dump_stack_lvl+0x100/0x190 [ 536.455995][T14203] should_fail_ex.cold+0x5/0xa [ 536.456017][T14203] should_failslab+0xc2/0x120 [ 536.456038][T14203] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 536.456066][T14203] ? dup_fd+0x4d/0xd10 [ 536.456084][T14203] ? do_futex+0x192/0x350 [ 536.456110][T14203] dup_fd+0x4d/0xd10 [ 536.456127][T14203] ? bpf_lsm_capable+0x9/0x10 [ 536.456147][T14203] ? security_capable+0x80/0x260 [ 536.456181][T14203] __x64_sys_close_range+0x405/0x5d0 [ 536.456204][T14203] ? __pfx___x64_sys_close_range+0x10/0x10 [ 536.456231][T14203] do_syscall_64+0x106/0xf80 [ 536.456258][T14203] ? clear_bhb_loop+0x40/0x90 [ 536.456285][T14203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 536.456303][T14203] RIP: 0033:0x7fbd7e59c799 [ 536.456318][T14203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 536.456335][T14203] RSP: 002b:00007fbd7f521028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 536.456352][T14203] RAX: ffffffffffffffda RBX: 00007fbd7e815fa0 RCX: 00007fbd7e59c799 [ 536.456364][T14203] RDX: 0000000000000002 RSI: fffffffffffff001 RDI: 0000000000000000 [ 536.456375][T14203] RBP: 00007fbd7e632c99 R08: 0000000000000000 R09: 0000000000000000 [ 536.456385][T14203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 536.456396][T14203] R13: 00007fbd7e816038 R14: 00007fbd7e815fa0 R15: 00007ffdea5cb598 [ 536.456418][T14203] [ 537.018809][T14210] mkiss: ax0: crc mode is auto. [ 537.366965][T14215] random: crng reseeded on system resumption [ 537.656685][T14225] random: crng reseeded on system resumption [ 538.537174][T14244] FAULT_INJECTION: forcing a failure. [ 538.537174][T14244] name failslab, interval 1, probability 0, space 0, times 0 [ 538.618512][T14244] CPU: 0 UID: 0 PID: 14244 Comm: syz.5.2828 Tainted: G L syzkaller #0 PREEMPT(full) [ 538.618543][T14244] Tainted: [L]=SOFTLOCKUP [ 538.618550][T14244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 538.618561][T14244] Call Trace: [ 538.618568][T14244] [ 538.618575][T14244] dump_stack_lvl+0x100/0x190 [ 538.618608][T14244] should_fail_ex.cold+0x5/0xa [ 538.618632][T14244] should_failslab+0xc2/0x120 [ 538.618653][T14244] __kmalloc_cache_noprof+0x7a/0x6f0 [ 538.618678][T14244] ? ring_buffer_read_start+0x149/0x460 [ 538.618711][T14244] ring_buffer_read_start+0x149/0x460 [ 538.618739][T14244] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 538.618765][T14244] ? lockdep_init_map_type+0x5c/0x250 [ 538.618795][T14244] ? ring_buffer_overruns+0x14e/0x1a0 [ 538.618820][T14244] tracing_open+0x9cd/0xef0 [ 538.618847][T14244] do_dentry_open+0x6d8/0x1660 [ 538.618866][T14244] ? __pfx_tracing_open+0x10/0x10 [ 538.618910][T14244] vfs_open+0x82/0x3f0 [ 538.618937][T14244] path_openat+0x208c/0x31a0 [ 538.618965][T14244] ? __pfx_path_openat+0x10/0x10 [ 538.618994][T14244] do_file_open+0x20e/0x430 [ 538.619016][T14244] ? __pfx_do_file_open+0x10/0x10 [ 538.619052][T14244] ? alloc_fd+0x476/0x790 [ 538.619081][T14244] ? do_getname+0x191/0x390 [ 538.619106][T14244] do_sys_openat2+0x10d/0x1e0 [ 538.619131][T14244] ? __pfx_do_sys_openat2+0x10/0x10 [ 538.619158][T14244] ? __fget_files+0x21f/0x3d0 [ 538.619181][T14244] __x64_sys_openat+0x12d/0x210 [ 538.619207][T14244] ? __pfx___x64_sys_openat+0x10/0x10 [ 538.619241][T14244] do_syscall_64+0x106/0xf80 [ 538.619268][T14244] ? clear_bhb_loop+0x40/0x90 [ 538.619292][T14244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.619312][T14244] RIP: 0033:0x7fbd7e59c799 [ 538.619328][T14244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 538.619345][T14244] RSP: 002b:00007fbd7f500028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 538.619362][T14244] RAX: ffffffffffffffda RBX: 00007fbd7e816090 RCX: 00007fbd7e59c799 [ 538.619373][T14244] RDX: 0000000000127400 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 538.619384][T14244] RBP: 00007fbd7e632c99 R08: 0000000000000000 R09: 0000000000000000 [ 538.619395][T14244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 538.619405][T14244] R13: 00007fbd7e816128 R14: 00007fbd7e816090 R15: 00007ffdea5cb598 [ 538.619428][T14244] [ 541.219611][T14282] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2841'. [ 543.314802][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807e874c00: rx timeout, send abort [ 543.323304][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807b86b800: rx timeout, send abort [ 543.331686][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88807e874c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 543.346338][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88807b86b800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 543.815205][T14304] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2848'. [ 543.882946][T14304] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2848'. [ 544.164478][T14317] mkiss: ax0: crc mode is auto. [ 544.294150][T14321] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2853'. [ 544.961438][T14334] netlink: 266 bytes leftover after parsing attributes in process `syz.5.2858'. [ 546.932687][ T5825] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 546.979645][T14362] zswap: compressor  not available [ 548.953244][T14405] FAULT_INJECTION: forcing a failure. [ 548.953244][T14405] name failslab, interval 1, probability 0, space 0, times 0 [ 549.016322][T14405] CPU: 0 UID: 0 PID: 14405 Comm: syz.2.2878 Tainted: G L syzkaller #0 PREEMPT(full) [ 549.016353][T14405] Tainted: [L]=SOFTLOCKUP [ 549.016359][T14405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 549.016370][T14405] Call Trace: [ 549.016376][T14405] [ 549.016384][T14405] dump_stack_lvl+0x100/0x190 [ 549.016417][T14405] should_fail_ex.cold+0x5/0xa [ 549.016439][T14405] should_failslab+0xc2/0x120 [ 549.016461][T14405] __kmalloc_cache_noprof+0x7a/0x6f0 [ 549.016486][T14405] ? madvise_collapse+0x1b5/0xbe0 [ 549.016520][T14405] madvise_collapse+0x1b5/0xbe0 [ 549.016548][T14405] ? find_held_lock+0x2b/0x80 [ 549.016567][T14405] ? finish_task_switch.isra.0+0x200/0xb80 [ 549.016587][T14405] ? __pfx_madvise_collapse+0x10/0x10 [ 549.016611][T14405] ? rcu_is_cpu_rrupt_from_idle+0x231/0x270 [ 549.016649][T14405] madvise_vma_behavior+0x1987/0x3050 [ 549.016675][T14405] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 549.016698][T14405] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 549.016729][T14405] ? mas_prev+0x9b/0xf0 [ 549.016745][T14405] ? __pfx_mas_prev+0x10/0x10 [ 549.016767][T14405] ? find_vma_prev+0xd8/0x150 [ 549.016786][T14405] ? futex_unqueue+0x133/0x2c0 [ 549.016808][T14405] ? __pfx_find_vma_prev+0x10/0x10 [ 549.016836][T14405] ? __futex_wait+0x256/0x300 [ 549.016869][T14405] madvise_walk_vmas+0x2fe/0xa90 [ 549.016894][T14405] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 549.016923][T14405] madvise_do_behavior+0x1ea/0x510 [ 549.016948][T14405] ? __pfx_madvise_do_behavior+0x10/0x10 [ 549.016971][T14405] ? down_read+0x13b/0x460 [ 549.017000][T14405] do_madvise+0x195/0x240 [ 549.017021][T14405] ? __pfx_do_madvise+0x10/0x10 [ 549.017043][T14405] ? do_futex+0x192/0x350 [ 549.017083][T14405] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 549.017117][T14405] __x64_sys_madvise+0xa9/0x110 [ 549.017139][T14405] ? lockdep_hardirqs_on+0x78/0x100 [ 549.017166][T14405] do_syscall_64+0x106/0xf80 [ 549.017192][T14405] ? clear_bhb_loop+0x40/0x90 [ 549.017214][T14405] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 549.017233][T14405] RIP: 0033:0x7fe5fdb9c799 [ 549.017248][T14405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 549.017265][T14405] RSP: 002b:00007fe5feb07028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 549.017283][T14405] RAX: ffffffffffffffda RBX: 00007fe5fde15fa0 RCX: 00007fe5fdb9c799 [ 549.017295][T14405] RDX: 0000000000000019 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 549.017306][T14405] RBP: 00007fe5fdc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 549.017316][T14405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 549.017327][T14405] R13: 00007fe5fde16038 R14: 00007fe5fde15fa0 R15: 00007ffd62ee8128 [ 549.017350][T14405] [ 549.740655][T14410] netlink: 'syz.4.2881': attribute type 33 has an invalid length. [ 549.774420][T14410] netlink: 322 bytes leftover after parsing attributes in process `syz.4.2881'. [ 550.036052][T14415] FAULT_INJECTION: forcing a failure. [ 550.036052][T14415] name failslab, interval 1, probability 0, space 0, times 0 [ 550.072802][T14417] netlink: 186 bytes leftover after parsing attributes in process `syz.5.2885'. [ 550.102741][T14415] CPU: 0 UID: 0 PID: 14415 Comm: syz.4.2884 Tainted: G L syzkaller #0 PREEMPT(full) [ 550.102773][T14415] Tainted: [L]=SOFTLOCKUP [ 550.102779][T14415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 550.102790][T14415] Call Trace: [ 550.102797][T14415] [ 550.102805][T14415] dump_stack_lvl+0x100/0x190 [ 550.102838][T14415] should_fail_ex.cold+0x5/0xa [ 550.102861][T14415] should_failslab+0xc2/0x120 [ 550.102882][T14415] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 550.102917][T14415] ? acpi_ut_create_generic_state+0x61/0xc0 [ 550.102940][T14415] ? __pfx_acpi_ut_trace+0x10/0x10 [ 550.102967][T14415] acpi_ut_create_generic_state+0x61/0xc0 [ 550.102988][T14415] acpi_ps_init_scope+0x3a/0x240 [ 550.103012][T14415] acpi_ds_init_aml_walk+0x1f6/0x680 [ 550.103039][T14415] acpi_ds_call_control_method+0x3a2/0xab0 [ 550.103080][T14415] acpi_ps_parse_aml+0xacd/0x1120 [ 550.103108][T14415] acpi_ps_execute_method+0x5c4/0xe90 [ 550.103137][T14415] acpi_ns_evaluate+0x640/0x1670 [ 550.103168][T14415] acpi_evaluate_object+0x420/0xe00 [ 550.103186][T14415] ? kasan_save_stack+0x30/0x50 [ 550.103213][T14415] ? kasan_save_track+0x14/0x30 [ 550.103234][T14415] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 550.103260][T14415] acpi_evaluate_integer+0xdf/0x220 [ 550.103289][T14415] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 550.103326][T14415] ? __pfx_status_show+0x10/0x10 [ 550.103343][T14415] status_show+0xa0/0x120 [ 550.103361][T14415] ? __pfx_status_show+0x10/0x10 [ 550.103386][T14415] dev_attr_show+0x52/0xa0 [ 550.103409][T14415] ? __pfx_dev_attr_show+0x10/0x10 [ 550.103431][T14415] sysfs_kf_seq_show+0x217/0x3a0 [ 550.103460][T14415] seq_read_iter+0x32f/0x1270 [ 550.103500][T14415] kernfs_fop_read_iter+0x46c/0x610 [ 550.103522][T14415] ? rw_verify_area+0xce/0x6d0 [ 550.103554][T14415] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 550.103577][T14415] vfs_read+0x825/0xb30 [ 550.103597][T14415] ? __pfx_vfs_read+0x10/0x10 [ 550.103630][T14415] ksys_read+0x12a/0x250 [ 550.103646][T14415] ? __pfx_ksys_read+0x10/0x10 [ 550.103671][T14415] do_syscall_64+0x106/0xf80 [ 550.103698][T14415] ? clear_bhb_loop+0x40/0x90 [ 550.103721][T14415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.103740][T14415] RIP: 0033:0x7f2c0799c799 [ 550.103756][T14415] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 550.103774][T14415] RSP: 002b:00007f2c08845028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 550.103791][T14415] RAX: ffffffffffffffda RBX: 00007f2c07c15fa0 RCX: 00007f2c0799c799 [ 550.103803][T14415] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 550.103814][T14415] RBP: 00007f2c07a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 550.103824][T14415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 550.103834][T14415] R13: 00007f2c07c16038 R14: 00007f2c07c15fa0 R15: 00007ffc1ad3c948 [ 550.103859][T14415] [ 550.104023][T14415] ACPI Error: [ 550.987210][T14434] [U] [ 550.993663][T14434] [U] [ 550.996349][T14434] [U] [ 550.999123][T14434] [U] [ 551.184614][T14434] [U] [ 551.187367][T14434] [U] [ 551.190061][T14434] [U] [ 551.192743][T14434] [U] [ 551.302819][T14415] Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 551.329565][T14434] [U] [ 551.332303][T14434] [U] [ 551.335126][T14434] [U] [ 551.337830][T14434] [U] [ 551.464993][T14434] [U] [ 551.467892][T14434] [U] [ 551.470794][T14434] [U] [ 551.473550][T14434] [U] [ 551.635416][T14434] [U] [ 551.638154][T14434] [U] [ 551.640959][T14434] [U] [ 551.643646][T14434] [U] [ 551.908692][T14434] [U] [ 552.081886][T14446] kvm_intel: kvm [14445]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xfffffffffffffffe [ 553.469295][T14450] Process accounting paused [ 554.332999][T14492] FAULT_INJECTION: forcing a failure. [ 554.332999][T14492] name failslab, interval 1, probability 0, space 0, times 0 [ 554.396334][T14492] CPU: 0 UID: 0 PID: 14492 Comm: syz.5.2907 Tainted: G L syzkaller #0 PREEMPT(full) [ 554.396366][T14492] Tainted: [L]=SOFTLOCKUP [ 554.396373][T14492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 554.396384][T14492] Call Trace: [ 554.396392][T14492] [ 554.396399][T14492] dump_stack_lvl+0x100/0x190 [ 554.396432][T14492] should_fail_ex.cold+0x5/0xa [ 554.396455][T14492] should_failslab+0xc2/0x120 [ 554.396475][T14492] __kmalloc_cache_noprof+0x7a/0x6f0 [ 554.396501][T14492] ? mqueue_init_fs_context+0x4b/0x690 [ 554.396525][T14492] mqueue_init_fs_context+0x4b/0x690 [ 554.396545][T14492] alloc_fs_context+0x60c/0xf40 [ 554.396571][T14492] mq_init_ns+0x16e/0x820 [ 554.396592][T14492] copy_ipcs+0x3dd/0x7e0 [ 554.396612][T14492] create_new_namespaces+0x20a/0xac0 [ 554.396633][T14492] ? security_capable+0x80/0x260 [ 554.396665][T14492] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 554.396687][T14492] ksys_unshare+0x473/0xad0 [ 554.396716][T14492] ? __pfx_ksys_unshare+0x10/0x10 [ 554.396748][T14492] __x64_sys_unshare+0x31/0x40 [ 554.396771][T14492] do_syscall_64+0x106/0xf80 [ 554.396797][T14492] ? clear_bhb_loop+0x40/0x90 [ 554.396819][T14492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.396838][T14492] RIP: 0033:0x7fbd7e59c799 [ 554.396853][T14492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 554.396870][T14492] RSP: 002b:00007fbd7f521028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 554.396889][T14492] RAX: ffffffffffffffda RBX: 00007fbd7e815fa0 RCX: 00007fbd7e59c799 [ 554.396901][T14492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 554.396911][T14492] RBP: 00007fbd7e632c99 R08: 0000000000000000 R09: 0000000000000000 [ 554.396930][T14492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 554.396940][T14492] R13: 00007fbd7e816038 R14: 00007fbd7e815fa0 R15: 00007ffdea5cb598 [ 554.396963][T14492] [ 557.751078][T14528] FAULT_INJECTION: forcing a failure. [ 557.751078][T14528] name failslab, interval 1, probability 0, space 0, times 0 [ 557.934255][T14534] bridge0: port 3(bond0) entered blocking state [ 557.940714][T14534] bridge0: port 3(bond0) entered disabled state [ 557.995555][T14528] CPU: 0 UID: 0 PID: 14528 Comm: syz.0.2918 Tainted: G L syzkaller #0 PREEMPT(full) [ 557.995588][T14528] Tainted: [L]=SOFTLOCKUP [ 557.995594][T14528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 557.995606][T14528] Call Trace: [ 557.995612][T14528] [ 557.995620][T14528] dump_stack_lvl+0x100/0x190 [ 557.995654][T14528] should_fail_ex.cold+0x5/0xa [ 557.995677][T14528] should_failslab+0xc2/0x120 [ 557.995698][T14528] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 557.995726][T14528] ? __kernfs_new_node+0xd2/0x960 [ 557.995760][T14528] __kernfs_new_node+0xd2/0x960 [ 557.995792][T14528] ? __pfx___kernfs_new_node+0x10/0x10 [ 557.995826][T14528] ? find_held_lock+0x2b/0x80 [ 557.995845][T14528] ? kernfs_root+0xee/0x2a0 [ 557.995875][T14528] ? kernfs_root+0xee/0x2a0 [ 557.995907][T14528] kernfs_new_node+0x11b/0x1a0 [ 557.995929][T14528] __kernfs_create_file+0x53/0x350 [ 557.995954][T14528] sysfs_add_file_mode_ns+0x207/0x3c0 [ 557.995986][T14528] sysfs_merge_group+0x194/0x340 [ 557.996014][T14528] ? __pfx_sysfs_merge_group+0x10/0x10 [ 557.996041][T14528] ? bus_add_device+0x368/0x6b0 [ 557.996071][T14528] ? __pfx_bus_add_device+0x10/0x10 [ 557.996098][T14528] ? __pfx_dev_add_physical_location+0x10/0x10 [ 557.996125][T14528] dpm_sysfs_add+0x237/0x280 [ 557.996147][T14528] device_add+0x9ef/0x1950 [ 557.996173][T14528] ? __pfx_device_add+0x10/0x10 [ 557.996203][T14528] nfc_register_device+0x41/0x3e0 [ 557.996233][T14528] nci_register_device+0x7f1/0xb80 [ 557.996257][T14528] ? __pfx_nci_register_device+0x10/0x10 [ 557.996282][T14528] ? lockdep_init_map_type+0x5c/0x250 [ 557.996312][T14528] virtual_ncidev_open+0x141/0x220 [ 557.996339][T14528] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 557.996365][T14528] misc_open+0x26d/0x450 [ 557.996387][T14528] ? __pfx_misc_open+0x10/0x10 [ 557.996408][T14528] chrdev_open+0x234/0x6a0 [ 557.996427][T14528] ? __pfx_apparmor_file_open+0x10/0x10 [ 557.996447][T14528] ? __pfx_chrdev_open+0x10/0x10 [ 557.996467][T14528] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 557.996492][T14528] do_dentry_open+0x6d8/0x1660 [ 557.996512][T14528] ? __pfx_chrdev_open+0x10/0x10 [ 557.996537][T14528] vfs_open+0x82/0x3f0 [ 557.996563][T14528] path_openat+0x208c/0x31a0 [ 557.996595][T14528] ? __pfx_path_openat+0x10/0x10 [ 557.996624][T14528] do_file_open+0x20e/0x430 [ 557.996645][T14528] ? __pfx_do_file_open+0x10/0x10 [ 557.996682][T14528] ? alloc_fd+0x476/0x790 [ 557.996703][T14528] ? do_getname+0x191/0x390 [ 557.996730][T14528] do_sys_openat2+0x10d/0x1e0 [ 557.996755][T14528] ? __pfx_do_sys_openat2+0x10/0x10 [ 557.996781][T14528] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 557.996816][T14528] __x64_sys_openat+0x12d/0x210 [ 557.996842][T14528] ? __pfx___x64_sys_openat+0x10/0x10 [ 557.996883][T14528] do_syscall_64+0x106/0xf80 [ 557.996909][T14528] ? clear_bhb_loop+0x40/0x90 [ 557.996932][T14528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.996951][T14528] RIP: 0033:0x7fc72e79c799 [ 557.996968][T14528] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 557.996987][T14528] RSP: 002b:00007fc72f5f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 557.997008][T14528] RAX: ffffffffffffffda RBX: 00007fc72ea15fa0 RCX: 00007fc72e79c799 [ 557.997019][T14528] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 557.997030][T14528] RBP: 00007fc72e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 557.997040][T14528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.997051][T14528] R13: 00007fc72ea16038 R14: 00007fc72ea15fa0 R15: 00007ffc2c856588 [ 557.997075][T14528] [ 558.581644][T14534] bond0: entered allmulticast mode [ 558.587085][T14534] bond_slave_0: entered allmulticast mode [ 558.593076][T14534] bond_slave_1: entered allmulticast mode [ 558.600633][T14534] bond0: entered promiscuous mode [ 558.605935][T14534] bond_slave_0: entered promiscuous mode [ 558.611954][T14534] bond_slave_1: entered promiscuous mode [ 560.873603][T14572] netlink: 'syz.2.2932': attribute type 21 has an invalid length. [ 560.931202][T14572] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2932'. [ 561.044571][T14572] IPv6: NLM_F_CREATE should be specified when creating new route [ 561.449703][T14582] FAULT_INJECTION: forcing a failure. [ 561.449703][T14582] name failslab, interval 1, probability 0, space 0, times 0 [ 561.531706][T14582] CPU: 0 UID: 0 PID: 14582 Comm: syz.5.2935 Tainted: G L syzkaller #0 PREEMPT(full) [ 561.531740][T14582] Tainted: [L]=SOFTLOCKUP [ 561.531747][T14582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 561.531758][T14582] Call Trace: [ 561.531765][T14582] [ 561.531772][T14582] dump_stack_lvl+0x100/0x190 [ 561.531812][T14582] should_fail_ex.cold+0x5/0xa [ 561.531836][T14582] should_failslab+0xc2/0x120 [ 561.531857][T14582] __kmalloc_cache_noprof+0x7a/0x6f0 [ 561.531882][T14582] ? append_filter_err+0xb8/0x620 [ 561.531909][T14582] ? process_preds+0x93d/0x1d90 [ 561.531939][T14582] append_filter_err+0xb8/0x620 [ 561.531966][T14582] ? create_filter_start.constprop.0+0x134/0x310 [ 561.531999][T14582] create_filter+0x1a6/0x210 [ 561.532028][T14582] ? __pfx_create_filter+0x10/0x10 [ 561.532066][T14582] ? find_held_lock+0x2b/0x80 [ 561.532087][T14582] apply_event_filter+0x220/0x500 [ 561.532117][T14582] ? __pfx_apply_event_filter+0x10/0x10 [ 561.532152][T14582] event_filter_write+0x16d/0x290 [ 561.532177][T14582] vfs_write+0x2aa/0x1070 [ 561.532195][T14582] ? __pfx_event_filter_write+0x10/0x10 [ 561.532219][T14582] ? __pfx_vfs_write+0x10/0x10 [ 561.532238][T14582] ? __fget_files+0x215/0x3d0 [ 561.532261][T14582] ? __fget_files+0x21f/0x3d0 [ 561.532286][T14582] ksys_write+0x12a/0x250 [ 561.532303][T14582] ? __pfx_ksys_write+0x10/0x10 [ 561.532327][T14582] do_syscall_64+0x106/0xf80 [ 561.532354][T14582] ? clear_bhb_loop+0x40/0x90 [ 561.532376][T14582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.532395][T14582] RIP: 0033:0x7fbd7e59c799 [ 561.532410][T14582] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 561.532427][T14582] RSP: 002b:00007fbd7f500028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 561.532445][T14582] RAX: ffffffffffffffda RBX: 00007fbd7e816090 RCX: 00007fbd7e59c799 [ 561.532456][T14582] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 561.532467][T14582] RBP: 00007fbd7e632c99 R08: 0000000000000000 R09: 0000000000000000 [ 561.532476][T14582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 561.532486][T14582] R13: 00007fbd7e816128 R14: 00007fbd7e816090 R15: 00007ffdea5cb598 [ 561.532510][T14582] [ 562.236378][T14590] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2939'. [ 562.633443][T14597] FAULT_INJECTION: forcing a failure. [ 562.633443][T14597] name failslab, interval 1, probability 0, space 0, times 0 [ 562.683428][T14597] CPU: 0 UID: 0 PID: 14597 Comm: syz.0.2941 Tainted: G L syzkaller #0 PREEMPT(full) [ 562.683460][T14597] Tainted: [L]=SOFTLOCKUP [ 562.683466][T14597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 562.683477][T14597] Call Trace: [ 562.683483][T14597] [ 562.683491][T14597] dump_stack_lvl+0x100/0x190 [ 562.683524][T14597] should_fail_ex.cold+0x5/0xa [ 562.683548][T14597] should_failslab+0xc2/0x120 [ 562.683568][T14597] __kmalloc_cache_noprof+0x7a/0x6f0 [ 562.683593][T14597] ? alloc_ucounts+0x13d/0x5c0 [ 562.683621][T14597] alloc_ucounts+0x13d/0x5c0 [ 562.683645][T14597] ? __pfx_alloc_ucounts+0x10/0x10 [ 562.683675][T14597] set_cred_ucounts+0xcd/0x200 [ 562.683706][T14597] __sys_setresuid+0x666/0x1280 [ 562.683730][T14597] do_syscall_64+0x106/0xf80 [ 562.683756][T14597] ? clear_bhb_loop+0x40/0x90 [ 562.683778][T14597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 562.683796][T14597] RIP: 0033:0x7fc72e79c799 [ 562.683811][T14597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 562.683828][T14597] RSP: 002b:00007fc72f5f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 562.683846][T14597] RAX: ffffffffffffffda RBX: 00007fc72ea15fa0 RCX: 00007fc72e79c799 [ 562.683857][T14597] RDX: 0000000000008080 RSI: 0000000000000007 RDI: 0000000000000002 [ 562.683868][T14597] RBP: 00007fc72e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 562.683878][T14597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 562.683888][T14597] R13: 00007fc72ea16038 R14: 00007fc72ea15fa0 R15: 00007ffc2c856588 [ 562.683910][T14597] [ 563.171609][T14602] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2943'. [ 563.231925][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.250828][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.258539][ T5142] Bluetooth: hci4: command 0x0406 tx timeout [ 565.418283][T14638] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2956'. [ 565.840972][T14634] Process accounting paused [ 566.024274][T14649] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2959'. [ 567.552385][T14674] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 569.589954][T14714] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2979'. [ 569.652769][T14714] veth1_vlan: entered allmulticast mode [ 570.206977][T14713] FAULT_INJECTION: forcing a failure. [ 570.206977][T14713] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 570.295039][T14713] CPU: 0 UID: 0 PID: 14713 Comm: syz.4.2981 Tainted: G L syzkaller #0 PREEMPT(full) [ 570.295070][T14713] Tainted: [L]=SOFTLOCKUP [ 570.295077][T14713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 570.295088][T14713] Call Trace: [ 570.295094][T14713] [ 570.295101][T14713] dump_stack_lvl+0x100/0x190 [ 570.295135][T14713] should_fail_ex.cold+0x5/0xa [ 570.295154][T14713] ? prepare_alloc_pages+0x16d/0x5f0 [ 570.295180][T14713] should_fail_alloc_page+0xeb/0x140 [ 570.295201][T14713] prepare_alloc_pages+0x1f0/0x5f0 [ 570.295222][T14713] ? __pfx_stack_trace_save+0x10/0x10 [ 570.295245][T14713] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 570.295281][T14713] ? __lock_acquire+0x4a5/0x2630 [ 570.295310][T14713] ? __update_page_owner_handle+0x3c7/0x550 [ 570.295331][T14713] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 570.295365][T14713] ? __lock_acquire+0x4a5/0x2630 [ 570.295393][T14713] ? __lock_acquire+0x4a5/0x2630 [ 570.295419][T14713] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 570.295440][T14713] ? policy_nodemask+0xed/0x4f0 [ 570.295462][T14713] alloc_pages_mpol+0x1fb/0x550 [ 570.295483][T14713] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 570.295509][T14713] alloc_pages_noprof+0x131/0x390 [ 570.295531][T14713] __pmd_alloc+0x3b/0x950 [ 570.295555][T14713] __handle_mm_fault+0xa99/0x2b60 [ 570.295584][T14713] ? mt_find+0x45e/0x8e0 [ 570.295602][T14713] ? __pfx___handle_mm_fault+0x10/0x10 [ 570.295626][T14713] ? __pfx_mt_find+0x10/0x10 [ 570.295655][T14713] ? find_vma+0xbf/0x140 [ 570.295672][T14713] ? __pfx_find_vma+0x10/0x10 [ 570.295692][T14713] handle_mm_fault+0x36d/0xa20 [ 570.295723][T14713] do_user_addr_fault+0x74c/0x12f0 [ 570.295747][T14713] exc_page_fault+0x6f/0xd0 [ 570.295789][T14713] asm_exc_page_fault+0x26/0x30 [ 570.295808][T14713] RIP: 0010:strncpy_from_user+0xfd/0x2d0 [ 570.295830][T14713] Code: 00 4d 89 64 1d 00 48 83 ed 08 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 f2 8b df fc 48 83 fd 07 0f 86 bb 00 00 00 e8 03 91 df fc <4d> 8b 24 1e e8 fa 90 df fc 4c 89 e2 31 ff 4d 8d 7c 1d 00 48 b8 ff [ 570.295848][T14713] RSP: 0018:ffffc90004f97d08 EFLAGS: 00050283 [ 570.295864][T14713] RAX: 00000000000000e9 RBX: 0000000000000000 RCX: ffffc9000ebd1000 [ 570.295876][T14713] RDX: 0000000000080000 RSI: ffffffff85289c1d RDI: ffff88802f783d00 [ 570.295886][T14713] RBP: 00000000000000a8 R08: 0000000000000007 R09: 0000000000000007 [ 570.295897][T14713] R10: 00000000000000a8 R11: 0000000000000000 R12: 0000000000000000 [ 570.295907][T14713] R13: ffff888075cc0118 R14: 0000000000000000 R15: 00000000000000a8 [ 570.295925][T14713] ? strncpy_from_user+0xfd/0x2d0 [ 570.295949][T14713] ? strncpy_from_user+0xfd/0x2d0 [ 570.295972][T14713] do_getname+0x78/0x390 [ 570.295998][T14713] do_sys_openat2+0xc5/0x1e0 [ 570.296025][T14713] ? __pfx_do_sys_openat2+0x10/0x10 [ 570.296059][T14713] __x64_sys_open+0xfe/0x1d0 [ 570.296083][T14713] ? __pfx___x64_sys_open+0x10/0x10 [ 570.296116][T14713] do_syscall_64+0x106/0xf80 [ 570.296142][T14713] ? clear_bhb_loop+0x40/0x90 [ 570.296164][T14713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.296182][T14713] RIP: 0033:0x7f2c0799c799 [ 570.296197][T14713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 570.296213][T14713] RSP: 002b:00007f2c08845028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 570.296237][T14713] RAX: ffffffffffffffda RBX: 00007f2c07c15fa0 RCX: 00007f2c0799c799 [ 570.296252][T14713] RDX: e1d2b27bdc14aabc RSI: 0000000000004242 RDI: 0000000000000000 [ 570.296271][T14713] RBP: 00007f2c07a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 570.296281][T14713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 570.296292][T14713] R13: 00007f2c07c16038 R14: 00007f2c07c15fa0 R15: 00007ffc1ad3c948 [ 570.296316][T14713] [ 570.776727][T14724] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2986'. [ 570.944927][T14730] FAULT_INJECTION: forcing a failure. [ 570.944927][T14730] name failslab, interval 1, probability 0, space 0, times 0 [ 570.958230][T14730] CPU: 0 UID: 0 PID: 14730 Comm: syz.4.2988 Tainted: G L syzkaller #0 PREEMPT(full) [ 570.958261][T14730] Tainted: [L]=SOFTLOCKUP [ 570.958268][T14730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 570.958280][T14730] Call Trace: [ 570.958286][T14730] [ 570.958293][T14730] dump_stack_lvl+0x100/0x190 [ 570.958327][T14730] should_fail_ex.cold+0x5/0xa [ 570.958349][T14730] should_failslab+0xc2/0x120 [ 570.958370][T14730] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 570.958397][T14730] ? __kernfs_new_node+0xd2/0x960 [ 570.958428][T14730] __kernfs_new_node+0xd2/0x960 [ 570.958457][T14730] ? __pfx___kernfs_new_node+0x10/0x10 [ 570.958490][T14730] ? find_held_lock+0x2b/0x80 [ 570.958507][T14730] ? kernfs_root+0xee/0x2a0 [ 570.958532][T14730] ? kernfs_root+0xee/0x2a0 [ 570.958563][T14730] kernfs_new_node+0x11b/0x1a0 [ 570.958585][T14730] __kernfs_create_file+0x53/0x350 [ 570.958610][T14730] sysfs_add_file_mode_ns+0x207/0x3c0 [ 570.958652][T14730] sysfs_merge_group+0x194/0x340 [ 570.958681][T14730] ? __pfx_sysfs_merge_group+0x10/0x10 [ 570.958709][T14730] ? bus_add_device+0x368/0x6b0 [ 570.958738][T14730] ? __pfx_bus_add_device+0x10/0x10 [ 570.958766][T14730] ? __pfx_dev_add_physical_location+0x10/0x10 [ 570.958793][T14730] dpm_sysfs_add+0x237/0x280 [ 570.958815][T14730] device_add+0x9ef/0x1950 [ 570.958862][T14730] ? __pfx_device_add+0x10/0x10 [ 570.958894][T14730] nfc_register_device+0x41/0x3e0 [ 570.958923][T14730] nci_register_device+0x7f1/0xb80 [ 570.958948][T14730] ? __pfx_nci_register_device+0x10/0x10 [ 570.958974][T14730] ? lockdep_init_map_type+0x5c/0x250 [ 570.959004][T14730] virtual_ncidev_open+0x141/0x220 [ 570.959031][T14730] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 570.959056][T14730] misc_open+0x26d/0x450 [ 570.959078][T14730] ? __pfx_misc_open+0x10/0x10 [ 570.959099][T14730] chrdev_open+0x234/0x6a0 [ 570.959118][T14730] ? __pfx_apparmor_file_open+0x10/0x10 [ 570.959138][T14730] ? __pfx_chrdev_open+0x10/0x10 [ 570.959158][T14730] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 570.959183][T14730] do_dentry_open+0x6d8/0x1660 [ 570.959201][T14730] ? __pfx_chrdev_open+0x10/0x10 [ 570.959227][T14730] vfs_open+0x82/0x3f0 [ 570.959253][T14730] path_openat+0x208c/0x31a0 [ 570.959280][T14730] ? __pfx_path_openat+0x10/0x10 [ 570.959308][T14730] do_file_open+0x20e/0x430 [ 570.959329][T14730] ? __pfx_do_file_open+0x10/0x10 [ 570.959366][T14730] ? alloc_fd+0x476/0x790 [ 570.959387][T14730] ? do_getname+0x191/0x390 [ 570.959413][T14730] do_sys_openat2+0x10d/0x1e0 [ 570.959438][T14730] ? __pfx_do_sys_openat2+0x10/0x10 [ 570.959464][T14730] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 570.959498][T14730] __x64_sys_openat+0x12d/0x210 [ 570.959524][T14730] ? __pfx___x64_sys_openat+0x10/0x10 [ 570.959558][T14730] do_syscall_64+0x106/0xf80 [ 570.959584][T14730] ? clear_bhb_loop+0x40/0x90 [ 570.959607][T14730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.959625][T14730] RIP: 0033:0x7f2c0799c799 [ 570.959641][T14730] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 570.959659][T14730] RSP: 002b:00007f2c08845028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 570.959677][T14730] RAX: ffffffffffffffda RBX: 00007f2c07c15fa0 RCX: 00007f2c0799c799 [ 570.959688][T14730] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 570.959699][T14730] RBP: 00007f2c07a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 570.959710][T14730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 570.959720][T14730] R13: 00007f2c07c16038 R14: 00007f2c07c15fa0 R15: 00007ffc1ad3c948 [ 570.959744][T14730] [ 572.597817][T14765] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2998'. [ 572.675211][T14765] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2998'. [ 572.723391][T14767] netlink: 'syz.0.2999': attribute type 21 has an invalid length. [ 572.745989][T14768] netlink: 134 bytes leftover after parsing attributes in process `syz.5.2998'. [ 572.777663][T14767] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2999'. [ 575.592481][T14813] mkiss: ax0: crc mode is auto. [ 576.130342][T14825] netlink: 146 bytes leftover after parsing attributes in process `syz.2.3019'. [ 576.317733][T14831] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3021'. [ 576.420575][T14831] bridge_slave_1 (unregistering): left allmulticast mode [ 576.453137][T14831] bridge_slave_1 (unregistering): left promiscuous mode [ 576.485772][T14831] bridge0: port 2(bridge_slave_1) entered disabled state [ 577.043136][ T5825] Bluetooth: hci0: unexpected event 0x08 length: 435 > 4 [ 578.671634][T14889] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3043'. [ 580.644701][T14933] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 580.858338][T14935] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3060'. [ 581.821023][T14963] FAULT_INJECTION: forcing a failure. [ 581.821023][T14963] name failslab, interval 1, probability 0, space 0, times 0 [ 581.918040][T14963] CPU: 0 UID: 0 PID: 14963 Comm: syz.2.3069 Tainted: G L syzkaller #0 PREEMPT(full) [ 581.918073][T14963] Tainted: [L]=SOFTLOCKUP [ 581.918081][T14963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 581.918092][T14963] Call Trace: [ 581.918098][T14963] [ 581.918106][T14963] dump_stack_lvl+0x100/0x190 [ 581.918138][T14963] should_fail_ex.cold+0x5/0xa [ 581.918161][T14963] should_failslab+0xc2/0x120 [ 581.918182][T14963] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 581.918211][T14963] ? __kernfs_new_node+0xd2/0x960 [ 581.918242][T14963] __kernfs_new_node+0xd2/0x960 [ 581.918272][T14963] ? __pfx___kernfs_new_node+0x10/0x10 [ 581.918305][T14963] ? find_held_lock+0x2b/0x80 [ 581.918323][T14963] ? kernfs_root+0xee/0x2a0 [ 581.918347][T14963] ? kernfs_root+0xee/0x2a0 [ 581.918378][T14963] kernfs_new_node+0x11b/0x1a0 [ 581.918400][T14963] __kernfs_create_file+0x53/0x350 [ 581.918424][T14963] sysfs_add_file_mode_ns+0x207/0x3c0 [ 581.918455][T14963] internal_create_group+0x593/0xf40 [ 581.918488][T14963] ? __pfx_internal_create_group+0x10/0x10 [ 581.918520][T14963] ? kernfs_create_link+0x1bd/0x240 [ 581.918545][T14963] internal_create_groups+0x9d/0x150 [ 581.918575][T14963] device_add+0x77a/0x1950 [ 581.918600][T14963] ? __pfx_device_add+0x10/0x10 [ 581.918620][T14963] ? __pfx___might_resched+0x10/0x10 [ 581.918646][T14963] ? lockdep_hardirqs_on+0x78/0x100 [ 581.918682][T14963] __add_disk+0x518/0xe40 [ 581.918706][T14963] add_disk_fwnode+0x118/0x5c0 [ 581.918736][T14963] loop_add+0x90b/0xb60 [ 581.918762][T14963] ? __pfx_loop_add+0x10/0x10 [ 581.918802][T14963] ? find_held_lock+0x2b/0x80 [ 581.918819][T14963] ? __fget_files+0x215/0x3d0 [ 581.918839][T14963] loop_control_ioctl+0xae/0x620 [ 581.918867][T14963] ? __pfx_loop_control_ioctl+0x10/0x10 [ 581.918897][T14963] ? __pfx_loop_control_ioctl+0x10/0x10 [ 581.918926][T14963] __x64_sys_ioctl+0x18e/0x210 [ 581.918955][T14963] do_syscall_64+0x106/0xf80 [ 581.918981][T14963] ? clear_bhb_loop+0x40/0x90 [ 581.919003][T14963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 581.919022][T14963] RIP: 0033:0x7fe5fdb9c799 [ 581.919043][T14963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 581.919060][T14963] RSP: 002b:00007fe5feb07028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 581.919078][T14963] RAX: ffffffffffffffda RBX: 00007fe5fde15fa0 RCX: 00007fe5fdb9c799 [ 581.919089][T14963] RDX: 00000000000007ed RSI: 0000000000004c80 RDI: 0000000000000005 [ 581.919099][T14963] RBP: 00007fe5fdc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 581.919109][T14963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 581.919120][T14963] R13: 00007fe5fde16038 R14: 00007fe5fde15fa0 R15: 00007ffd62ee8128 [ 581.919143][T14963] [ 583.489730][T14978] FAULT_INJECTION: forcing a failure. [ 583.489730][T14978] name failslab, interval 1, probability 0, space 0, times 0 [ 583.577345][T14978] CPU: 0 UID: 0 PID: 14978 Comm: syz.0.3070 Tainted: G L syzkaller #0 PREEMPT(full) [ 583.577377][T14978] Tainted: [L]=SOFTLOCKUP [ 583.577385][T14978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 583.577395][T14978] Call Trace: [ 583.577402][T14978] [ 583.577410][T14978] dump_stack_lvl+0x100/0x190 [ 583.577452][T14978] should_fail_ex.cold+0x5/0xa [ 583.577481][T14978] should_failslab+0xc2/0x120 [ 583.577502][T14978] __kmalloc_cache_noprof+0x7a/0x6f0 [ 583.577527][T14978] ? acpi_ds_create_walk_state+0x95/0x300 [ 583.577551][T14978] ? acpi_ut_status_exit+0x111/0x1c0 [ 583.577579][T14978] acpi_ds_create_walk_state+0x95/0x300 [ 583.577603][T14978] acpi_ds_call_control_method+0x226/0xab0 [ 583.577637][T14978] acpi_ps_parse_aml+0xacd/0x1120 [ 583.577664][T14978] acpi_ps_execute_method+0x5c4/0xe90 [ 583.577695][T14978] acpi_ns_evaluate+0x640/0x1670 [ 583.577726][T14978] acpi_evaluate_object+0x420/0xe00 [ 583.577754][T14978] ? kasan_save_stack+0x30/0x50 [ 583.577781][T14978] ? kasan_save_track+0x14/0x30 [ 583.577802][T14978] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 583.577830][T14978] acpi_evaluate_integer+0xdf/0x220 [ 583.577860][T14978] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 583.577898][T14978] ? __pfx_status_show+0x10/0x10 [ 583.577916][T14978] status_show+0xa0/0x120 [ 583.577935][T14978] ? __pfx_status_show+0x10/0x10 [ 583.577963][T14978] dev_attr_show+0x52/0xa0 [ 583.577995][T14978] ? __pfx_dev_attr_show+0x10/0x10 [ 583.578025][T14978] sysfs_kf_seq_show+0x217/0x3a0 [ 583.578062][T14978] seq_read_iter+0x32f/0x1270 [ 583.578102][T14978] kernfs_fop_read_iter+0x46c/0x610 [ 583.578129][T14978] ? rw_verify_area+0xce/0x6d0 [ 583.578155][T14978] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 583.578179][T14978] vfs_read+0x825/0xb30 [ 583.578199][T14978] ? __pfx_vfs_read+0x10/0x10 [ 583.578232][T14978] ksys_read+0x12a/0x250 [ 583.578249][T14978] ? __pfx_ksys_read+0x10/0x10 [ 583.578273][T14978] do_syscall_64+0x106/0xf80 [ 583.578300][T14978] ? clear_bhb_loop+0x40/0x90 [ 583.578323][T14978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.578342][T14978] RIP: 0033:0x7fc72e79c799 [ 583.578360][T14978] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 583.578377][T14978] RSP: 002b:00007fc72f5f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 583.578395][T14978] RAX: ffffffffffffffda RBX: 00007fc72ea15fa0 RCX: 00007fc72e79c799 [ 583.578406][T14978] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000004 [ 583.578417][T14978] RBP: 00007fc72e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 583.578427][T14978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.578437][T14978] R13: 00007fc72ea16038 R14: 00007fc72ea15fa0 R15: 00007ffc2c856588 [ 583.578462][T14978] [ 583.578575][T14978] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 584.726795][T14978] Process accounting resumed [ 585.101298][T14998] netlink: 266 bytes leftover after parsing attributes in process `syz.5.3079'. [ 585.420736][T15013] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3085'. [ 587.469700][T15048] zswap: compressor not available [ 587.500803][T15058] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3099'. [ 587.585101][T15058] gretap0: refused to change device tx_queue_len [ 588.151009][T15074] FAULT_INJECTION: forcing a failure. [ 588.151009][T15074] name failslab, interval 1, probability 0, space 0, times 0 [ 588.151059][T15074] CPU: 0 UID: 0 PID: 15074 Comm: syz.4.3105 Tainted: G L syzkaller #0 PREEMPT(full) [ 588.151086][T15074] Tainted: [L]=SOFTLOCKUP [ 588.151095][T15074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 588.151107][T15074] Call Trace: [ 588.151113][T15074] [ 588.151120][T15074] dump_stack_lvl+0x100/0x190 [ 588.151151][T15074] should_fail_ex.cold+0x5/0xa [ 588.151173][T15074] should_failslab+0xc2/0x120 [ 588.151194][T15074] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 588.151224][T15074] ? kstrdup_const+0x63/0x80 [ 588.151241][T15074] ? find_held_lock+0x2b/0x80 [ 588.151258][T15074] ? is_bpf_text_address+0x8a/0x1a0 [ 588.151291][T15074] kstrdup+0x51/0xe0 [ 588.151309][T15074] kstrdup_const+0x63/0x80 [ 588.151327][T15074] __kernfs_new_node+0x9b/0x960 [ 588.151352][T15074] ? __kernel_text_address+0xd/0x30 [ 588.151381][T15074] ? arch_stack_walk+0xa6/0xf0 [ 588.151400][T15074] ? __pfx___kernfs_new_node+0x10/0x10 [ 588.151432][T15074] ? find_held_lock+0x2b/0x80 [ 588.151449][T15074] ? kernfs_root+0xee/0x2a0 [ 588.151474][T15074] ? kernfs_root+0xee/0x2a0 [ 588.151506][T15074] kernfs_new_node+0x11b/0x1a0 [ 588.151527][T15074] kernfs_create_dir_ns+0x4c/0x1a0 [ 588.151548][T15074] sysfs_create_dir_ns+0x13a/0x2b0 [ 588.151576][T15074] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 588.151601][T15074] ? find_held_lock+0x2b/0x80 [ 588.151617][T15074] ? kobject_add_internal+0x25f/0x930 [ 588.151636][T15074] ? kobject_add_internal+0x25f/0x930 [ 588.151658][T15074] ? class_dir_child_ns_type+0xd/0x60 [ 588.151688][T15074] kobject_add_internal+0x2c8/0x930 [ 588.151711][T15074] kobject_add+0x16a/0x1e0 [ 588.151730][T15074] ? __pfx_kobject_add+0x10/0x10 [ 588.151753][T15074] ? kobject_put+0xb9/0x640 [ 588.151777][T15074] device_add+0x294/0x1950 [ 588.151802][T15074] ? kfree_const+0x5a/0x70 [ 588.151819][T15074] ? __pfx_device_add+0x10/0x10 [ 588.151842][T15074] ? kfree_const+0x5a/0x70 [ 588.151858][T15074] ? kfree+0x2ec/0x6b0 [ 588.151889][T15074] device_create_groups_vargs+0x1f8/0x270 [ 588.151916][T15074] device_create+0xed/0x130 [ 588.151941][T15074] ? __pfx_device_create+0x10/0x10 [ 588.151975][T15074] ? is_console_locked+0x9/0x20 [ 588.151996][T15074] ? con_is_visible+0x65/0x150 [ 588.152018][T15074] ? csi_J+0x57e/0xad0 [ 588.152048][T15074] vcs_make_sysfs+0x32/0x80 [ 588.152071][T15074] vc_allocate+0x539/0x880 [ 588.152098][T15074] ? __pfx_vc_allocate+0x10/0x10 [ 588.152131][T15074] con_install+0xa1/0x620 [ 588.152159][T15074] ? __pfx_con_install+0x10/0x10 [ 588.152190][T15074] ? __pfx_con_install+0x10/0x10 [ 588.152217][T15074] tty_init_dev.part.0+0x9e/0x470 [ 588.152249][T15074] tty_open+0xa63/0xfa0 [ 588.152269][T15074] ? __pfx_tty_open+0x10/0x10 [ 588.152284][T15074] ? chrdev_open+0x589/0x6a0 [ 588.152302][T15074] ? chrdev_open+0x589/0x6a0 [ 588.152325][T15074] ? __pfx_tty_open+0x10/0x10 [ 588.152340][T15074] chrdev_open+0x234/0x6a0 [ 588.152360][T15074] ? __pfx_chrdev_open+0x10/0x10 [ 588.152381][T15074] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 588.152406][T15074] do_dentry_open+0x6d8/0x1660 [ 588.152424][T15074] ? __pfx_chrdev_open+0x10/0x10 [ 588.152449][T15074] vfs_open+0x82/0x3f0 [ 588.152476][T15074] path_openat+0x208c/0x31a0 [ 588.152504][T15074] ? __pfx_path_openat+0x10/0x10 [ 588.152532][T15074] do_file_open+0x20e/0x430 [ 588.152554][T15074] ? __pfx_do_file_open+0x10/0x10 [ 588.152591][T15074] ? alloc_fd+0x476/0x790 [ 588.152612][T15074] ? do_getname+0x191/0x390 [ 588.152639][T15074] do_sys_openat2+0x10d/0x1e0 [ 588.152663][T15074] ? __pfx_do_sys_openat2+0x10/0x10 [ 588.152691][T15074] ? __fget_files+0x21f/0x3d0 [ 588.152713][T15074] __x64_sys_openat+0x12d/0x210 [ 588.152739][T15074] ? __pfx___x64_sys_openat+0x10/0x10 [ 588.152774][T15074] do_syscall_64+0x106/0xf80 [ 588.152800][T15074] ? clear_bhb_loop+0x40/0x90 [ 588.152823][T15074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.152841][T15074] RIP: 0033:0x7f2c0799c799 [ 588.152858][T15074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 588.152875][T15074] RSP: 002b:00007f2c08845028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 588.152893][T15074] RAX: ffffffffffffffda RBX: 00007f2c07c15fa0 RCX: 00007f2c0799c799 [ 588.152904][T15074] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 588.152914][T15074] RBP: 00007f2c07a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 588.152924][T15074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 588.152935][T15074] R13: 00007f2c07c16038 R14: 00007f2c07c15fa0 R15: 00007ffc1ad3c948 [ 588.152966][T15074] [ 588.173655][T15074] kobject: kobject_add_internal failed for vcs16 (error: -12 parent: vc) [ 589.040686][T15088] FAULT_INJECTION: forcing a failure. [ 589.040686][T15088] name fail_futex, interval 1, probability 0, space 0, times 0 [ 589.040722][T15088] CPU: 0 UID: 0 PID: 15088 Comm: syz.0.3111 Tainted: G L syzkaller #0 PREEMPT(full) [ 589.040748][T15088] Tainted: [L]=SOFTLOCKUP [ 589.040755][T15088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 589.040765][T15088] Call Trace: [ 589.040779][T15088] [ 589.040787][T15088] dump_stack_lvl+0x100/0x190 [ 589.040819][T15088] should_fail_ex.cold+0x5/0xa [ 589.040842][T15088] get_futex_key+0x1d2/0x1620 [ 589.040869][T15088] ? __pfx_get_futex_key+0x10/0x10 [ 589.040901][T15088] futex_wait_setup+0x83/0x510 [ 589.040935][T15088] __futex_wait+0x19f/0x300 [ 589.040965][T15088] ? __pfx___futex_wait+0x10/0x10 [ 589.040997][T15088] ? __pfx_futex_wake_mark+0x10/0x10 [ 589.041030][T15088] ? find_held_lock+0x2b/0x80 [ 589.041049][T15088] ? futex_wake+0x456/0x530 [ 589.041082][T15088] futex_wait+0xed/0x380 [ 589.041111][T15088] ? __pfx_futex_wait+0x10/0x10 [ 589.041144][T15088] ? __lock_acquire+0x4a5/0x2630 [ 589.041173][T15088] do_futex+0x1ef/0x350 [ 589.041198][T15088] ? __pfx_do_futex+0x10/0x10 [ 589.041223][T15088] ? find_held_lock+0x2b/0x80 [ 589.041241][T15088] ? setid_policy_lookup+0x10c/0x350 [ 589.041270][T15088] __x64_sys_futex+0x34f/0x4d0 [ 589.041297][T15088] ? __pfx___x64_sys_futex+0x10/0x10 [ 589.041331][T15088] do_syscall_64+0x106/0xf80 [ 589.041357][T15088] ? clear_bhb_loop+0x40/0x90 [ 589.041380][T15088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.041399][T15088] RIP: 0033:0x7fc72e79c799 [ 589.041414][T15088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 589.041432][T15088] RSP: 002b:00007fc72f5d30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 589.041450][T15088] RAX: ffffffffffffffda RBX: 00007fc72ea16098 RCX: 00007fc72e79c799 [ 589.041461][T15088] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc72ea16098 [ 589.041471][T15088] RBP: 00007fc72ea16090 R08: 0000000000000000 R09: 0000000000000000 [ 589.041482][T15088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 589.041492][T15088] R13: 00007fc72ea16128 R14: 00007ffc2c8564a0 R15: 00007ffc2c856588 [ 589.041514][T15088] [ 594.462912][T15161] vivid-007: ================= START STATUS ================= [ 594.498209][T15161] vivid-007: Generate PTS: true [ 594.518393][T15161] vivid-007: Generate SCR: true [ 594.547324][T15161] tpg source WxH: 320x240 (Y'CbCr) [ 594.579017][T15161] tpg field: 1 [ 594.611726][T15161] tpg crop: (0,0)/320x240 [ 594.642247][T15161] tpg compose: (0,0)/320x240 [ 594.660083][T15161] tpg colorspace: 8 [ 594.679234][T15161] tpg transfer function: 0/0 [ 594.704822][T15161] tpg Y'CbCr encoding: 0/0 [ 594.727782][T15161] tpg quantization: 0/0 [ 594.750227][T15161] tpg RGB range: 0/2 [ 594.780192][T15161] vivid-007: ================== END STATUS ================== [ 595.152291][T15174] netlink: 'syz.5.3138': attribute type 27 has an invalid length. [ 595.188471][T15174] netlink: 'syz.5.3138': attribute type 28 has an invalid length. [ 595.214211][T15174] netlink: 'syz.5.3138': attribute type 29 has an invalid length. [ 595.245171][T15174] netlink: 'syz.5.3138': attribute type 30 has an invalid length. [ 595.273817][T15174] netlink: 'syz.5.3138': attribute type 31 has an invalid length. [ 595.304006][T15174] netlink: 'syz.5.3138': attribute type 32 has an invalid length. [ 595.345729][T15174] netlink: 'syz.5.3138': attribute type 33 has an invalid length. [ 595.375011][T15174] netlink: 'syz.5.3138': attribute type 35 has an invalid length. [ 595.405540][T15174] netlink: 'syz.5.3138': attribute type 37 has an invalid length. [ 595.435748][T15174] netlink: 18 bytes leftover after parsing attributes in process `syz.5.3138'. [ 595.473256][T15176] netlink: 'syz.0.3139': attribute type 1 has an invalid length. [ 595.481978][T15176] netlink: 198 bytes leftover after parsing attributes in process `syz.0.3139'. [ 596.007965][T15164] Process accounting resumed [ 596.250541][T15192] Invalid ELF header magic: != ELF [ 596.987536][T15200] vivid-007: ================= START STATUS ================= [ 597.032714][T15200] vivid-007: Generate PTS: true [ 597.057859][T15200] vivid-007: Generate SCR: true [ 597.094542][T15200] tpg source WxH: 320x240 (Y'CbCr) [ 597.099946][T15200] tpg field: 1 [ 597.164174][T15200] tpg crop: (0,0)/320x240 [ 597.182990][T15200] tpg compose: (0,0)/320x240 [ 597.202739][T15200] tpg colorspace: 8 [ 597.233029][T15200] tpg transfer function: 0/0 [ 597.256508][T15200] tpg Y'CbCr encoding: 0/0 [ 597.271303][T15200] tpg quantization: 0/0 [ 597.287391][T15200] tpg RGB range: 0/2 [ 597.307623][T15200] vivid-007: ================== END STATUS ================== [ 597.815114][T15214] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3151'. [ 597.867537][T15217] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3152'. [ 597.879729][T15214] netlink: 354 bytes leftover after parsing attributes in process `syz.0.3151'. [ 597.924116][T15217] netlink: 306 bytes leftover after parsing attributes in process `syz.2.3152'. [ 598.115702][T15222] FAULT_INJECTION: forcing a failure. [ 598.115702][T15222] name failslab, interval 1, probability 0, space 0, times 0 [ 598.186716][T15222] CPU: 0 UID: 0 PID: 15222 Comm: syz.0.3153 Tainted: G L syzkaller #0 PREEMPT(full) [ 598.186762][T15222] Tainted: [L]=SOFTLOCKUP [ 598.186769][T15222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 598.186780][T15222] Call Trace: [ 598.186787][T15222] [ 598.186796][T15222] dump_stack_lvl+0x100/0x190 [ 598.186828][T15222] should_fail_ex.cold+0x5/0xa [ 598.186851][T15222] should_failslab+0xc2/0x120 [ 598.186871][T15222] __kmalloc_cache_noprof+0x7a/0x6f0 [ 598.186897][T15222] ? alloc_super+0x52/0xd20 [ 598.186928][T15222] alloc_super+0x52/0xd20 [ 598.186958][T15222] ? __pfx_mqueue_fill_super+0x10/0x10 [ 598.186987][T15222] sget_fc+0x117/0xc70 [ 598.187015][T15222] ? __pfx_set_anon_super_fc+0x10/0x10 [ 598.187043][T15222] ? __pfx_mqueue_fill_super+0x10/0x10 [ 598.187071][T15222] get_tree_nodev+0x28/0x190 [ 598.187100][T15222] mqueue_get_tree+0xf1/0x130 [ 598.187128][T15222] vfs_get_tree+0x92/0x320 [ 598.187154][T15222] fc_mount_longterm+0x1a/0x270 [ 598.187183][T15222] mq_init_ns+0x482/0x820 [ 598.187203][T15222] copy_ipcs+0x3dd/0x7e0 [ 598.187224][T15222] create_new_namespaces+0x20a/0xac0 [ 598.187244][T15222] ? security_capable+0x80/0x260 [ 598.187275][T15222] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 598.187297][T15222] ksys_unshare+0x473/0xad0 [ 598.187322][T15222] ? __pfx_ksys_unshare+0x10/0x10 [ 598.187354][T15222] __x64_sys_unshare+0x31/0x40 [ 598.187377][T15222] do_syscall_64+0x106/0xf80 [ 598.187403][T15222] ? clear_bhb_loop+0x40/0x90 [ 598.187426][T15222] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.187444][T15222] RIP: 0033:0x7fc72e79c799 [ 598.187460][T15222] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 598.187477][T15222] RSP: 002b:00007fc72f5f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 598.187495][T15222] RAX: ffffffffffffffda RBX: 00007fc72ea15fa0 RCX: 00007fc72e79c799 [ 598.187506][T15222] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 598.187517][T15222] RBP: 00007fc72e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 598.187528][T15222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 598.187652][T15222] R13: 00007fc72ea16038 R14: 00007fc72ea15fa0 R15: 00007ffc2c856588 [ 598.187692][T15222] [ 598.973741][T15230] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3156'. [ 599.036948][T15230] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 599.080672][T15230] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 599.188802][T15230] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 599.216345][T15230] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 599.576219][T15234] nvme_fabrics: missing parameter 'transport=%s' [ 599.582936][T15234] nvme_fabrics: missing parameter 'nqn=%s' [ 600.341645][T15248] zswap: compressor not available [ 600.944177][ T30] audit: type=1800 audit(1774260224.586:7): pid=15260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3165" name="trace_marker" dev="tracefs" ino=520 res=0 errno=0 [ 602.873007][T15298] netlink: 342 bytes leftover after parsing attributes in process `syz.5.3177'. [ 602.965333][T15300] netlink: 342 bytes leftover after parsing attributes in process `syz.5.3177'. [ 603.060021][T15298] netlink: 302 bytes leftover after parsing attributes in process `syz.5.3177'. [ 604.413625][T15323] FAULT_INJECTION: forcing a failure. [ 604.413625][T15323] name failslab, interval 1, probability 0, space 0, times 0 [ 604.558971][T15323] CPU: 0 UID: 0 PID: 15323 Comm: syz.2.3184 Tainted: G L syzkaller #0 PREEMPT(full) [ 604.559005][T15323] Tainted: [L]=SOFTLOCKUP [ 604.559012][T15323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 604.559022][T15323] Call Trace: [ 604.559029][T15323] [ 604.559036][T15323] dump_stack_lvl+0x100/0x190 [ 604.559069][T15323] should_fail_ex.cold+0x5/0xa [ 604.559090][T15323] ? ima_alloc_init_template+0xb6/0x6d0 [ 604.559111][T15323] should_failslab+0xc2/0x120 [ 604.559131][T15323] __kmalloc_noprof+0xe0/0x850 [ 604.559157][T15323] ? find_held_lock+0x2b/0x80 [ 604.559175][T15323] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 604.559205][T15323] ima_alloc_init_template+0xb6/0x6d0 [ 604.559226][T15323] ? take_dentry_name_snapshot+0x310/0x7c0 [ 604.559255][T15323] ima_store_measurement+0x1e3/0x5b0 [ 604.559277][T15323] ? __pfx_ima_store_measurement+0x10/0x10 [ 604.559307][T15323] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 604.559340][T15323] process_measurement+0x19cc/0x2350 [ 604.559376][T15323] ? stack_trace_save+0x8e/0xc0 [ 604.559395][T15323] ? __pfx_process_measurement+0x10/0x10 [ 604.559425][T15323] ? __lock_acquire+0x4a5/0x2630 [ 604.559448][T15323] ? __kasan_slab_alloc+0x89/0x90 [ 604.559465][T15323] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 604.559493][T15323] ? init_file+0x95/0x480 [ 604.559517][T15323] ? alloc_empty_file+0x73/0x1c0 [ 604.559539][T15323] ? alloc_file_pseudo+0x13a/0x230 [ 604.559562][T15323] ? ksys_mmap_pgoff+0x232/0x650 [ 604.559580][T15323] ? __x64_sys_mmap+0x125/0x190 [ 604.559605][T15323] ? do_syscall_64+0x106/0xf80 [ 604.559671][T15323] ? __pfx_aa_file_perm+0x10/0x10 [ 604.559705][T15323] ima_file_mmap+0x1c4/0x1f0 [ 604.559736][T15323] ? __pfx_ima_file_mmap+0x10/0x10 [ 604.559773][T15323] security_mmap_file+0x278/0x9b0 [ 604.559798][T15323] vm_mmap_pgoff+0xec/0x470 [ 604.559824][T15323] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 604.559843][T15323] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 604.559868][T15323] ? hugetlbfs_get_inode+0x36e/0x750 [ 604.559896][T15323] ksys_mmap_pgoff+0x273/0x650 [ 604.559916][T15323] ? __x64_sys_futex+0x358/0x4d0 [ 604.559941][T15323] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 604.559961][T15323] ? xfd_validate_state+0x129/0x190 [ 604.559992][T15323] __x64_sys_mmap+0x125/0x190 [ 604.560022][T15323] do_syscall_64+0x106/0xf80 [ 604.560049][T15323] ? clear_bhb_loop+0x40/0x90 [ 604.560071][T15323] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.560089][T15323] RIP: 0033:0x7fe5fdb9c799 [ 604.560107][T15323] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 604.560124][T15323] RSP: 002b:00007fe5feac5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 604.560141][T15323] RAX: ffffffffffffffda RBX: 00007fe5fde16180 RCX: 00007fe5fdb9c799 [ 604.560153][T15323] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 604.560163][T15323] RBP: 00007fe5fdc32c99 R08: ffffffffffffffff R09: 0000300000020000 [ 604.560174][T15323] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 604.560185][T15323] R13: 00007fe5fde16218 R14: 00007fe5fde16180 R15: 00007ffd62ee8128 [ 604.560208][T15323] [ 605.325257][ T30] audit: type=1804 audit(1774260228.626:8): pid=15323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.3184" name="anon_hugepage" dev="hugetlbfs" ino=62476 res=0 errno=0 [ 606.819352][T15353] netlink: 138 bytes leftover after parsing attributes in process `syz.4.3193'. [ 610.052959][T15410] zswap: compressor 000 not available [ 610.416462][T15421] Invalid ELF header magic: != ELF [ 611.439090][T15447] FAULT_INJECTION: forcing a failure. [ 611.439090][T15447] name failslab, interval 1, probability 0, space 0, times 0 [ 611.499476][T15447] CPU: 0 UID: 0 PID: 15447 Comm: syz.4.3218 Tainted: G L syzkaller #0 PREEMPT(full) [ 611.499508][T15447] Tainted: [L]=SOFTLOCKUP [ 611.499514][T15447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 611.499525][T15447] Call Trace: [ 611.499531][T15447] [ 611.499538][T15447] dump_stack_lvl+0x100/0x190 [ 611.499572][T15447] should_fail_ex.cold+0x5/0xa [ 611.499594][T15447] ? tracing_open+0x303/0xef0 [ 611.499616][T15447] should_failslab+0xc2/0x120 [ 611.499636][T15447] __kmalloc_noprof+0xe0/0x850 [ 611.499663][T15447] ? seq_open+0x116/0x170 [ 611.499691][T15447] tracing_open+0x303/0xef0 [ 611.499718][T15447] do_dentry_open+0x6d8/0x1660 [ 611.499737][T15447] ? __pfx_tracing_open+0x10/0x10 [ 611.499765][T15447] vfs_open+0x82/0x3f0 [ 611.499791][T15447] path_openat+0x208c/0x31a0 [ 611.499819][T15447] ? __pfx_path_openat+0x10/0x10 [ 611.499847][T15447] do_file_open+0x20e/0x430 [ 611.499868][T15447] ? __pfx_do_file_open+0x10/0x10 [ 611.499905][T15447] ? alloc_fd+0x476/0x790 [ 611.499925][T15447] ? do_getname+0x191/0x390 [ 611.499960][T15447] do_sys_openat2+0x10d/0x1e0 [ 611.499985][T15447] ? __pfx_do_sys_openat2+0x10/0x10 [ 611.500019][T15447] __x64_sys_openat+0x12d/0x210 [ 611.500045][T15447] ? __pfx___x64_sys_openat+0x10/0x10 [ 611.500079][T15447] do_syscall_64+0x106/0xf80 [ 611.500107][T15447] ? clear_bhb_loop+0x40/0x90 [ 611.500129][T15447] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 611.500148][T15447] RIP: 0033:0x7f2c0799c799 [ 611.500163][T15447] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 611.500180][T15447] RSP: 002b:00007f2c08845028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 611.500198][T15447] RAX: ffffffffffffffda RBX: 00007f2c07c15fa0 RCX: 00007f2c0799c799 [ 611.500209][T15447] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 611.500221][T15447] RBP: 00007f2c07a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 611.500232][T15447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 611.500244][T15447] R13: 00007f2c07c16038 R14: 00007f2c07c15fa0 R15: 00007ffc1ad3c948 [ 611.500268][T15447] [ 613.063888][T15469] FAULT_INJECTION: forcing a failure. [ 613.063888][T15469] name failslab, interval 1, probability 0, space 0, times 0 [ 613.152718][T15469] CPU: 0 UID: 0 PID: 15469 Comm: syz.0.3226 Tainted: G L syzkaller #0 PREEMPT(full) [ 613.152750][T15469] Tainted: [L]=SOFTLOCKUP [ 613.152758][T15469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 613.152769][T15469] Call Trace: [ 613.152776][T15469] [ 613.152783][T15469] dump_stack_lvl+0x100/0x190 [ 613.152815][T15469] should_fail_ex.cold+0x5/0xa [ 613.152839][T15469] should_failslab+0xc2/0x120 [ 613.152860][T15469] __kmalloc_cache_noprof+0x7a/0x6f0 [ 613.152885][T15469] ? trace_pid_list_alloc+0x2fe/0x480 [ 613.152919][T15469] trace_pid_list_alloc+0x2fe/0x480 [ 613.152954][T15469] trace_pid_write+0x110/0x460 [ 613.152990][T15469] ? __pfx_trace_pid_write+0x10/0x10 [ 613.153033][T15469] event_pid_write.isra.0+0x1e4/0x800 [ 613.153054][T15469] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 613.153082][T15469] vfs_write+0x2aa/0x1070 [ 613.153103][T15469] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 613.153125][T15469] ? __pfx_vfs_write+0x10/0x10 [ 613.153141][T15469] ? __fget_files+0x215/0x3d0 [ 613.153165][T15469] ? __fget_files+0x21f/0x3d0 [ 613.153189][T15469] ksys_write+0x12a/0x250 [ 613.153206][T15469] ? __pfx_ksys_write+0x10/0x10 [ 613.153231][T15469] do_syscall_64+0x106/0xf80 [ 613.153258][T15469] ? clear_bhb_loop+0x40/0x90 [ 613.153280][T15469] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 613.153299][T15469] RIP: 0033:0x7fc72e79c799 [ 613.153315][T15469] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 613.153332][T15469] RSP: 002b:00007fc72f5f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 613.153351][T15469] RAX: ffffffffffffffda RBX: 00007fc72ea15fa0 RCX: 00007fc72e79c799 [ 613.153362][T15469] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 613.153372][T15469] RBP: 00007fc72e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 613.153383][T15469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 613.153394][T15469] R13: 00007fc72ea16038 R14: 00007fc72ea15fa0 R15: 00007ffc2c856588 [ 613.153418][T15469] [ 614.423554][T15490] openvswitch: netlink: IP tunnel dst address not specified [ 615.064114][T15494] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3235'. [ 615.257475][T15494] Process accounting paused [ 615.546169][T15516] netlink: 202 bytes leftover after parsing attributes in process `syz.4.3244'. [ 616.074892][T15528] random: crng reseeded on system resumption [ 616.138383][T15528] Restarting kernel threads ... [ 616.161262][T15528] Done restarting kernel threads. [ 616.324716][T15528] sp0: Synchronizing with TNC [ 618.528191][T15579] forcing mempool usage for bvec_alloc+0x197/0x210 [ 619.060184][T15588] netlink: 306 bytes leftover after parsing attributes in process `syz.4.3267'. [ 619.286706][ T5825] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 619.654051][ T5825] Bluetooth: hci1: unexpected event 0x20 length: 123 > 7 [ 620.700980][T15623] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3278'. [ 622.278801][T15661] netlink: 326 bytes leftover after parsing attributes in process `syz.5.3292'. [ 622.439222][T15667] netlink: 244 bytes leftover after parsing attributes in process `syz.2.3295'. [ 622.998358][T15665] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3293'. [ 623.420269][T15686] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3300'. [ 623.536521][T15686] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3300'. [ 624.621546][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.631967][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.960012][T15722] netlink: 'syz.2.3310': attribute type 27 has an invalid length. [ 624.988604][T15722] netlink: 146 bytes leftover after parsing attributes in process `syz.2.3310'. [ 625.861291][T15735] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3316'. [ 626.440047][T15746] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3320'. [ 626.681773][T15753] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3323'. [ 626.797802][T15753] team0 (unregistering): Port device team_slave_0 removed [ 626.894679][T15753] team0 (unregistering): Port device team_slave_1 removed [ 627.746245][T15770] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3330'. [ 627.779687][T15770] netlink: 'syz.4.3330': attribute type 1 has an invalid length. [ 627.809435][T15770] netlink: 13 bytes leftover after parsing attributes in process `syz.4.3330'. [ 627.907831][T15765] mkiss: ax0: crc mode is auto. [ 628.322619][T15780] FAULT_INJECTION: forcing a failure. [ 628.322619][T15780] name failslab, interval 1, probability 0, space 0, times 0 [ 628.480071][T15780] CPU: 0 UID: 0 PID: 15780 Comm: syz.0.3334 Tainted: G L syzkaller #0 PREEMPT(full) [ 628.480103][T15780] Tainted: [L]=SOFTLOCKUP [ 628.480109][T15780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 628.480120][T15780] Call Trace: [ 628.480126][T15780] [ 628.480133][T15780] dump_stack_lvl+0x100/0x190 [ 628.480166][T15780] should_fail_ex.cold+0x5/0xa [ 628.480188][T15780] should_failslab+0xc2/0x120 [ 628.480208][T15780] __kmalloc_cache_noprof+0x7a/0x6f0 [ 628.480235][T15780] ? cec_open+0xdb/0x690 [ 628.480261][T15780] ? __lock_acquire+0x4a5/0x2630 [ 628.480287][T15780] cec_open+0xdb/0x690 [ 628.480314][T15780] ? __pfx_cec_open+0x10/0x10 [ 628.480343][T15780] ? kobject_get_unless_zero+0x156/0x200 [ 628.480362][T15780] ? find_held_lock+0x2b/0x80 [ 628.480379][T15780] ? chrdev_open+0x10b/0x6a0 [ 628.480398][T15780] ? chrdev_open+0x10b/0x6a0 [ 628.480419][T15780] ? __pfx_cec_open+0x10/0x10 [ 628.480445][T15780] chrdev_open+0x234/0x6a0 [ 628.480463][T15780] ? __pfx_apparmor_file_open+0x10/0x10 [ 628.480482][T15780] ? __pfx_chrdev_open+0x10/0x10 [ 628.480502][T15780] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 628.480528][T15780] do_dentry_open+0x6d8/0x1660 [ 628.480547][T15780] ? __pfx_chrdev_open+0x10/0x10 [ 628.480572][T15780] vfs_open+0x82/0x3f0 [ 628.480598][T15780] path_openat+0x208c/0x31a0 [ 628.480624][T15780] ? __pfx_path_openat+0x10/0x10 [ 628.480652][T15780] do_file_open+0x20e/0x430 [ 628.480674][T15780] ? __pfx_do_file_open+0x10/0x10 [ 628.480709][T15780] ? alloc_fd+0x476/0x790 [ 628.480730][T15780] ? do_getname+0x191/0x390 [ 628.480756][T15780] do_sys_openat2+0x10d/0x1e0 [ 628.480781][T15780] ? __pfx_do_sys_openat2+0x10/0x10 [ 628.480815][T15780] ? __fget_files+0x21f/0x3d0 [ 628.480838][T15780] __x64_sys_openat+0x12d/0x210 [ 628.480864][T15780] ? __pfx___x64_sys_openat+0x10/0x10 [ 628.480897][T15780] do_syscall_64+0x106/0xf80 [ 628.480924][T15780] ? clear_bhb_loop+0x40/0x90 [ 628.480946][T15780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.480966][T15780] RIP: 0033:0x7fc72e79c799 [ 628.480982][T15780] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 628.481000][T15780] RSP: 002b:00007fc72f5f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 628.481019][T15780] RAX: ffffffffffffffda RBX: 00007fc72ea15fa0 RCX: 00007fc72e79c799 [ 628.481030][T15780] RDX: 0000000000101901 RSI: 0000200000002c00 RDI: ffffffffffffff9c [ 628.481041][T15780] RBP: 00007fc72e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 628.481052][T15780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 628.481067][T15780] R13: 00007fc72ea16038 R14: 00007fc72ea15fa0 R15: 00007ffc2c856588 [ 628.481091][T15780] [ 629.694717][T15800] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3340'. [ 632.033811][T15838] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3353'. [ 632.106255][T15839] netlink: 13 bytes leftover after parsing attributes in process `syz.5.3353'. [ 634.764986][ T5825] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 635.790969][T15896] ================================================================== [ 635.790987][T15896] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60 [ 635.791016][T15896] Read of size 26 at addr ffff888029f860d4 by task syz.4.3372/15896 [ 635.791032][T15896] [ 635.791043][T15896] CPU: 0 UID: 0 PID: 15896 Comm: syz.4.3372 Tainted: G L syzkaller #0 PREEMPT(full) [ 635.791069][T15896] Tainted: [L]=SOFTLOCKUP [ 635.791076][T15896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 635.791087][T15896] Call Trace: [ 635.791093][T15896] [ 635.791100][T15896] dump_stack_lvl+0x100/0x190 [ 635.791127][T15896] print_report+0x156/0x4c9 [ 635.791153][T15896] ? __virt_addr_valid+0x81/0x620 [ 635.791176][T15896] ? __phys_addr+0xe8/0x180 [ 635.791199][T15896] ? fbcon_prepare_logo+0x94e/0xc60 [ 635.791218][T15896] kasan_report+0xdf/0x1e0 [ 635.791237][T15896] ? fbcon_prepare_logo+0x94e/0xc60 [ 635.791260][T15896] kasan_check_range+0x10f/0x1e0 [ 635.791283][T15896] __asan_memcpy+0x23/0x60 [ 635.791309][T15896] fbcon_prepare_logo+0x94e/0xc60 [ 635.791332][T15896] fbcon_init+0x10a0/0x1820 [ 635.791354][T15896] visual_init+0x320/0x620 [ 635.791375][T15896] do_bind_con_driver.isra.0+0x636/0x9c0 [ 635.791404][T15896] store_bind+0x609/0x730 [ 635.791430][T15896] ? __pfx_store_bind+0x10/0x10 [ 635.791454][T15896] dev_attr_store+0x58/0x80 [ 635.791475][T15896] ? __pfx_dev_attr_store+0x10/0x10 [ 635.791496][T15896] sysfs_kf_write+0xf2/0x150 [ 635.791519][T15896] kernfs_fop_write_iter+0x3e0/0x5f0 [ 635.791539][T15896] ? __pfx_sysfs_kf_write+0x10/0x10 [ 635.791564][T15896] vfs_write+0x6ac/0x1070 [ 635.791580][T15896] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 635.791601][T15896] ? __pfx_vfs_write+0x10/0x10 [ 635.791624][T15896] ksys_write+0x12a/0x250 [ 635.791640][T15896] ? __pfx_ksys_write+0x10/0x10 [ 635.791660][T15896] do_syscall_64+0x106/0xf80 [ 635.791686][T15896] ? clear_bhb_loop+0x40/0x90 [ 635.791706][T15896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.791724][T15896] RIP: 0033:0x7f2c0799c799 [ 635.791739][T15896] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 635.791766][T15896] RSP: 002b:00007f2c08845028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 635.791784][T15896] RAX: ffffffffffffffda RBX: 00007f2c07c15fa0 RCX: 00007f2c0799c799 [ 635.791796][T15896] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003 [ 635.791807][T15896] RBP: 00007f2c07a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 635.791818][T15896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 635.791829][T15896] R13: 00007f2c07c16038 R14: 00007f2c07c15fa0 R15: 00007ffc1ad3c948 [ 635.791846][T15896] [ 635.791853][T15896] [ 635.791858][T15896] Allocated by task 15896: [ 635.791867][T15896] kasan_save_stack+0x30/0x50 [ 635.791894][T15896] kasan_save_track+0x14/0x30 [ 635.791909][T15896] __kasan_kmalloc+0xaa/0xb0 [ 635.791935][T15896] __kmalloc_noprof+0x301/0x850 [ 635.791961][T15896] vc_do_resize+0x1da/0x10f0 [ 635.791983][T15896] fbcon_init+0x10ba/0x1820 [ 635.792000][T15896] visual_init+0x320/0x620 [ 635.792019][T15896] do_bind_con_driver.isra.0+0x636/0x9c0 [ 635.792043][T15896] store_bind+0x609/0x730 [ 635.792070][T15896] dev_attr_store+0x58/0x80 [ 635.792089][T15896] sysfs_kf_write+0xf2/0x150 [ 635.792109][T15896] kernfs_fop_write_iter+0x3e0/0x5f0 [ 635.792127][T15896] vfs_write+0x6ac/0x1070 [ 635.792141][T15896] ksys_write+0x12a/0x250 [ 635.792156][T15896] do_syscall_64+0x106/0xf80 [ 635.792181][T15896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.792198][T15896] [ 635.792203][T15896] The buggy address belongs to the object at ffff888029f86000 [ 635.792203][T15896] which belongs to the cache kmalloc-192 of size 192 [ 635.792217][T15896] The buggy address is located 56 bytes to the right of [ 635.792217][T15896] allocated 156-byte region [ffff888029f86000, ffff888029f8609c) [ 635.792234][T15896] [ 635.792239][T15896] The buggy address belongs to the physical page: [ 635.792246][T15896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29f86 [ 635.792264][T15896] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 635.792278][T15896] page_type: f5(slab) [ 635.792293][T15896] raw: 00fff00000000000 ffff88813fe393c0 dead000000000100 dead000000000122 [ 635.792309][T15896] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 635.792319][T15896] page dumped because: kasan: bad access detected [ 635.792328][T15896] page_owner tracks the page as allocated [ 635.792334][T15896] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 8911643707, free_ts 0 [ 635.792364][T15896] post_alloc_hook+0x153/0x170 [ 635.792388][T15896] get_page_from_freelist+0x111d/0x3140 [ 635.792413][T15896] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 635.792441][T15896] new_slab+0xa6/0x6b0 [ 635.792462][T15896] refill_objects+0x26b/0x400 [ 635.792486][T15896] __pcs_replace_empty_main+0x1ab/0x660 [ 635.792512][T15896] __kmalloc_cache_noprof+0x493/0x6f0 [ 635.792535][T15896] call_usermodehelper_setup+0xaf/0x360 [ 635.792562][T15896] kobject_uevent_env+0x17c1/0x18b0 [ 635.792581][T15896] driver_register+0x29c/0x360 [ 635.792600][T15896] usb_register_driver+0x21c/0x3e0 [ 635.792627][T15896] do_one_initcall+0x11d/0x760 [ 635.792645][T15896] kernel_init_freeable+0x6e5/0x7a0 [ 635.792665][T15896] kernel_init+0x1f/0x1e0 [ 635.792682][T15896] ret_from_fork+0x754/0xd80 [ 635.792707][T15896] ret_from_fork_asm+0x1a/0x30 [ 635.792724][T15896] page_owner free stack trace missing [ 635.792730][T15896] [ 635.792734][T15896] Memory state around the buggy address: [ 635.792743][T15896] ffff888029f85f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 635.792764][T15896] ffff888029f86000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 635.792776][T15896] >ffff888029f86080: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc [ 635.792786][T15896] ^ [ 635.792796][T15896] ffff888029f86100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 635.792809][T15896] ffff888029f86180: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc [ 635.792819][T15896] ================================================================== [ 635.812808][T15896] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 635.812830][T15896] CPU: 0 UID: 0 PID: 15896 Comm: syz.4.3372 Tainted: G L syzkaller #0 PREEMPT(full) [ 635.812858][T15896] Tainted: [L]=SOFTLOCKUP [ 635.812865][T15896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 635.812876][T15896] Call Trace: [ 635.812883][T15896] [ 635.812891][T15896] dump_stack_lvl+0x100/0x190 [ 635.812922][T15896] vpanic+0x552/0x970 [ 635.812939][T15896] ? __pfx_vpanic+0x10/0x10 [ 635.812959][T15896] ? fbcon_prepare_logo+0x94e/0xc60 [ 635.812979][T15896] panic+0xd1/0xe0 [ 635.812995][T15896] ? __pfx_panic+0x10/0x10 [ 635.813013][T15896] ? fbcon_prepare_logo+0x94e/0xc60 [ 635.813032][T15896] ? preempt_schedule_common+0x42/0xc0 [ 635.813062][T15896] check_panic_on_warn.cold+0x19/0x34 [ 635.813083][T15896] end_report.part.0+0x3a/0x90 [ 635.813109][T15896] kasan_report.cold+0xe/0x18 [ 635.813134][T15896] ? fbcon_prepare_logo+0x94e/0xc60 [ 635.813157][T15896] kasan_check_range+0x10f/0x1e0 [ 635.813181][T15896] __asan_memcpy+0x23/0x60 [ 635.813208][T15896] fbcon_prepare_logo+0x94e/0xc60 [ 635.813232][T15896] fbcon_init+0x10a0/0x1820 [ 635.813254][T15896] visual_init+0x320/0x620 [ 635.813276][T15896] do_bind_con_driver.isra.0+0x636/0x9c0 [ 635.813305][T15896] store_bind+0x609/0x730 [ 635.813332][T15896] ? __pfx_store_bind+0x10/0x10 [ 635.813356][T15896] dev_attr_store+0x58/0x80 [ 635.813378][T15896] ? __pfx_dev_attr_store+0x10/0x10 [ 635.813400][T15896] sysfs_kf_write+0xf2/0x150 [ 635.813424][T15896] kernfs_fop_write_iter+0x3e0/0x5f0 [ 635.813459][T15896] ? __pfx_sysfs_kf_write+0x10/0x10 [ 635.813484][T15896] vfs_write+0x6ac/0x1070 [ 635.813502][T15896] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 635.813523][T15896] ? __pfx_vfs_write+0x10/0x10 [ 635.813547][T15896] ksys_write+0x12a/0x250 [ 635.813564][T15896] ? __pfx_ksys_write+0x10/0x10 [ 635.813585][T15896] do_syscall_64+0x106/0xf80 [ 635.813611][T15896] ? clear_bhb_loop+0x40/0x90 [ 635.813632][T15896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.813651][T15896] RIP: 0033:0x7f2c0799c799 [ 635.813666][T15896] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 635.813683][T15896] RSP: 002b:00007f2c08845028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 635.813714][T15896] RAX: ffffffffffffffda RBX: 00007f2c07c15fa0 RCX: 00007f2c0799c799 [ 635.813726][T15896] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003 [ 635.813737][T15896] RBP: 00007f2c07a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 635.813748][T15896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 635.813766][T15896] R13: 00007f2c07c16038 R14: 00007f2c07c15fa0 R15: 00007ffc1ad3c948 [ 635.813783][T15896] [ 635.813849][T15896] Kernel Offset: disabled