last executing test programs: 2m34.010382291s ago: executing program 0 (id=1405): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) sendfile$auto(r0, r1, 0x0, 0x3) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/apparmor/parameters/audit\x00', 0xb02, 0x0) sendfile$auto(r2, r2, 0x0, 0x8) 2m33.459819967s ago: executing program 1 (id=1410): sendmsg$auto_NL80211_CMD_ADD_LINK(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x14, 0x0, 0x8, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x40010) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1b, &(0x7f00000000c0), 0x1) 2m32.778766955s ago: executing program 0 (id=1414): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003680)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000004880)={&(0x7f0000000ac0)={0x20, r1, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NL80211_ATTR_KEY_DATA={0x4}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x890) 2m32.638803803s ago: executing program 1 (id=1416): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00', @ANYBLOB="01002dbd7000f9dbdf2501000000060002000100000005000700570000000800090108000000050004000300000014001f00fe88000000000000000000000000000114002000ff010000000000000000000000000001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) write$auto(r0, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) 2m32.27250069s ago: executing program 0 (id=1423): r0 = gettid() socket(0x1e, 0x1, 0x0) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) kill$auto(r0, 0x11) 2m32.203257461s ago: executing program 1 (id=1424): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) getsockopt$auto(r0, 0x84, 0x7d, 0x0, &(0x7f0000000040)=0x9b) 2m31.61658951s ago: executing program 0 (id=1428): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram0/queue/dma_alignment\x00', 0x8800, 0x0) read$auto(r1, 0x0, 0x1) write$auto(r0, 0x0, 0x8) 2m31.440816778s ago: executing program 1 (id=1431): mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x4c440, 0x0) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0x4, 0x0, 0x100082) 2m30.973906217s ago: executing program 1 (id=1434): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 2m29.871451876s ago: executing program 0 (id=1448): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x78, 0x0, 0x4) 2m29.550243985s ago: executing program 1 (id=1453): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_add_rule$auto(r0, 0x0, 0x0, 0x0) 2m29.239965519s ago: executing program 32 (id=1453): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_add_rule$auto(r0, 0x0, 0x0, 0x0) 2m29.233941327s ago: executing program 0 (id=1456): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffdcb, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200040c4}, 0x440c5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0) writev$auto(0x0, &(0x7f0000000000)={0x0, 0x8}, 0xb) 2m13.812511464s ago: executing program 33 (id=1456): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffdcb, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200040c4}, 0x440c5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0) writev$auto(0x0, &(0x7f0000000000)={0x0, 0x8}, 0xb) 2.97441546s ago: executing program 4 (id=2972): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x2d27, 0x7, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x5, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0x200d) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB="0c001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 2.868616678s ago: executing program 4 (id=2975): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0xa, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) 2.08493706s ago: executing program 5 (id=2988): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) msgget$auto(0x0, 0x5) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x7) fsconfig$auto_SHMEM_HUGE_NEVER(0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0) msgsnd$auto(0x0, &(0x7f0000000040)={0x40000007fc, 0x7}, 0x400, 0x2) socket(0x21, 0x2, 0xa) msgrcv$auto(0x0, 0x0, 0x4bd, 0x1, 0xf1) 1.963043318s ago: executing program 4 (id=2990): r0 = socket(0xa, 0x2, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x18, 0x5, 0x1) getpeername$auto(r0, 0x0, 0x0) 1.95098224s ago: executing program 3 (id=2991): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB='\rV'], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='^'], 0x1ac}, 0x1, 0x0, 0x0, 0xc000}, 0xc814) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.840568219s ago: executing program 3 (id=2992): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x571, 0x400, 0x9}]}) 1.801166906s ago: executing program 4 (id=2993): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x2, 0x9, 0x3, 0x16, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x4, 0xfff, 0x7, 0xb0, 0x9, 0x8001, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ac7, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0x5e87) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x15, &(0x7f0000000240), 0x6) 1.760318786s ago: executing program 5 (id=2994): mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1100af"], 0x1ac}, 0x1, 0x0, 0x0, 0x26004814}, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.703418264s ago: executing program 3 (id=2996): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x7, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0) ioctl$auto(r1, 0x3b8c, r0) 1.62679611s ago: executing program 4 (id=2997): mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) r0 = gettid() futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) kill$auto(r0, 0x11) 1.586538577s ago: executing program 2 (id=2998): mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) mknodat$auto(r0, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8) renameat2$auto(r0, &(0x7f0000000200)='./file0\x00', r0, &(0x7f0000000240)='./file1\x00', 0x1) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) mkdir$auto(&(0x7f0000000000)='./file0/file0\x00', 0x3) renameat2$auto(r1, &(0x7f0000000200)='./file0\x00', r1, &(0x7f0000000240)='./file1\x00', 0x2) 1.54469788s ago: executing program 5 (id=2999): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c80"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) 1.49231218s ago: executing program 3 (id=3000): socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = open(0x0, 0x22240, 0x55) statx$auto(r0, 0x0, 0x1003, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) 1.428561412s ago: executing program 2 (id=3001): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) r0 = socket(0x2, 0x3, 0x1) connect$auto(r0, &(0x7f0000000000), 0x55) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000040)={0x0, 0xd5}, 0x1, 0x0, 0x1, 0x9}, 0x6}, 0x6, 0x108800) 1.421111209s ago: executing program 5 (id=3002): socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x7, 0x0, 0x5, 0x3, 0x2000000000210006, 0x0, 0x7, 0x5, 0x2, 0x7, 0xaf, 0x9, 0x2, 0x3, 0x105, 0x7, 0x0, 0x0, 0x2}, 0x1fe, 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f0000000180)=ANY=[@ANYBLOB='*', @ANYRES16, @ANYBLOB="010029bd"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1300"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.334189922s ago: executing program 2 (id=3003): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4e21, @rand_addr=0x64010102}, 0x55) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) 1.216608248s ago: executing program 2 (id=3004): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0xa, 0x0, 0x20) 1.101561507s ago: executing program 5 (id=3005): sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x4, 0x0, 0x29, 0x0, 0x0, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f3, 0x24) 1.036635647s ago: executing program 2 (id=3006): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r0, 0x7cb, 0x0) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r0, 0x7cb, 0x0) 1.001548787s ago: executing program 2 (id=3007): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x8082, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x42, 0x0) write$auto(r0, &(0x7f0000000340)='3\x00', 0x6) 671.508857ms ago: executing program 3 (id=3008): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) 636.051065ms ago: executing program 4 (id=3009): ioperm$auto(0x3, 0xe, 0x2000000000000149) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) madvise$auto(0x4, 0x2, 0x15) r0 = gettid() r1 = getpid() rt_tgsigqueueinfo$auto(r1, r0, 0x1, &(0x7f0000000600)={@siginfo_0_0={0xffffff88, 0x1, 0x40, @_rt={0x0, 0xee01, @sival_int=0x9ae}}}) rt_sigsuspend$auto(&(0x7f0000000380)={0xe}, 0x8) 248.515631ms ago: executing program 3 (id=3010): r0 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) ustat$auto(0x801, 0x0) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x9, 0x0, 0x0) sendmsg$auto(r0, &(0x7f0000000100)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0xa9, 0x4}, 0x0) 0s ago: executing program 5 (id=3011): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r0 = getpgrp(0xffffffffffffffff) prctl$auto(0x1000000003b, 0x1, r0, 0x3, 0x2a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mlockall$auto(0x7) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) kernel console output (not intermixed with test programs): ] ? __pfx_ksys_write+0x10/0x10 [ 243.708313][T10127] do_syscall_64+0xcd/0x490 [ 243.708350][T10127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.708376][T10127] RIP: 0033:0x7f108258ebe9 [ 243.708396][T10127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.708415][T10127] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f [ 243.708437][T10127] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 243.708452][T10127] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000 [ 243.708466][T10127] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 243.708482][T10127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.708496][T10127] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 243.708531][T10127] [ 243.735129][T10129] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 244.066370][T10138] netlink: 'syz.3.1664': attribute type 13 has an invalid length. [ 244.369725][T10150] FAULT_INJECTION: forcing a failure. [ 244.369725][T10150] name failslab, interval 1, probability 0, space 0, times 0 [ 244.398665][T10150] CPU: 1 UID: 0 PID: 10150 Comm: syz.3.1670 Tainted: G I syzkaller #0 PREEMPT(full) [ 244.398708][T10150] Tainted: [I]=FIRMWARE_WORKAROUND [ 244.398718][T10150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 244.398732][T10150] Call Trace: [ 244.398741][T10150] [ 244.398750][T10150] dump_stack_lvl+0x16c/0x1f0 [ 244.398798][T10150] should_fail_ex+0x512/0x640 [ 244.398833][T10150] ? fs_reclaim_acquire+0xae/0x150 [ 244.398874][T10150] ? tomoyo_encode2+0x100/0x3e0 [ 244.398905][T10150] should_failslab+0xc2/0x120 [ 244.398936][T10150] __kmalloc_noprof+0xd2/0x510 [ 244.398972][T10150] tomoyo_encode2+0x100/0x3e0 [ 244.399010][T10150] tomoyo_encode+0x29/0x50 [ 244.399041][T10150] tomoyo_realpath_from_path+0x18f/0x6e0 [ 244.399085][T10150] tomoyo_check_open_permission+0x2ab/0x3c0 [ 244.399114][T10150] ? __d_add+0x403/0xa50 [ 244.399145][T10150] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 244.399214][T10150] ? do_raw_spin_lock+0x12c/0x2b0 [ 244.399261][T10150] tomoyo_file_open+0x6b/0x90 [ 244.399287][T10150] security_file_open+0x84/0x1e0 [ 244.399320][T10150] do_dentry_open+0x596/0x1530 [ 244.399361][T10150] vfs_open+0x82/0x3f0 [ 244.399401][T10150] path_openat+0x1de4/0x2cb0 [ 244.399441][T10150] ? __pfx_path_openat+0x10/0x10 [ 244.399480][T10150] do_filp_open+0x20b/0x470 [ 244.399509][T10150] ? __pfx_do_filp_open+0x10/0x10 [ 244.399552][T10150] ? __pfx_kfree_link+0x10/0x10 [ 244.399598][T10150] ? alloc_fd+0x471/0x7d0 [ 244.399635][T10150] do_sys_openat2+0x11b/0x1d0 [ 244.399670][T10150] ? __pfx_do_sys_openat2+0x10/0x10 [ 244.399722][T10150] __x64_sys_openat+0x174/0x210 [ 244.399759][T10150] ? __pfx___x64_sys_openat+0x10/0x10 [ 244.399821][T10150] do_syscall_64+0xcd/0x490 [ 244.399858][T10150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.399883][T10150] RIP: 0033:0x7f108258ebe9 [ 244.399903][T10150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.399927][T10150] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 244.399951][T10150] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 244.399968][T10150] RDX: 0000000000000040 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 244.399985][T10150] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 244.400000][T10150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 244.400015][T10150] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 244.400049][T10150] [ 244.400078][T10150] ERROR: Out of memory at tomoyo_realpath_from_path. [ 244.920435][ T51] Bluetooth: hci3: command tx timeout [ 244.934532][T10160] netlink: 'syz.2.1673': attribute type 1 has an invalid length. [ 244.969538][T10162] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1674'. [ 244.989212][T10160] netlink: 322 bytes leftover after parsing attributes in process `syz.2.1673'. [ 245.020022][T10160] netlink: 'syz.2.1673': attribute type 1 has an invalid length. [ 245.030274][T10160] netlink: 322 bytes leftover after parsing attributes in process `syz.2.1673'. [ 245.059136][T10166] FAULT_INJECTION: forcing a failure. [ 245.059136][T10166] name failslab, interval 1, probability 0, space 0, times 0 [ 245.086659][T10162] : renamed from bond0 (while UP) [ 245.116379][T10166] CPU: 1 UID: 0 PID: 10166 Comm: syz.4.1676 Tainted: G I syzkaller #0 PREEMPT(full) [ 245.116423][T10166] Tainted: [I]=FIRMWARE_WORKAROUND [ 245.116432][T10166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 245.116447][T10166] Call Trace: [ 245.116456][T10166] [ 245.116466][T10166] dump_stack_lvl+0x16c/0x1f0 [ 245.116507][T10166] should_fail_ex+0x512/0x640 [ 245.116541][T10166] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 245.116572][T10166] should_failslab+0xc2/0x120 [ 245.116605][T10166] __kmalloc_cache_noprof+0x6a/0x3e0 [ 245.116632][T10166] ? newseg+0x25a/0xe60 [ 245.116670][T10166] newseg+0x25a/0xe60 [ 245.116708][T10166] ? __pfx_newseg+0x10/0x10 [ 245.116738][T10166] ? find_held_lock+0x2b/0x80 [ 245.116772][T10166] ? ipcget+0x500/0xda0 [ 245.116804][T10166] ? ipcget+0x500/0xda0 [ 245.116839][T10166] ? ipcget+0x500/0xda0 [ 245.116875][T10166] ipcget+0x87d/0xda0 [ 245.116919][T10166] ? __pfx___might_resched+0x10/0x10 [ 245.116945][T10166] ? __pfx_ipcget+0x10/0x10 [ 245.116980][T10166] ? __x64_sys_futex+0x1e0/0x4c0 [ 245.117010][T10166] ? __x64_sys_futex+0x1e9/0x4c0 [ 245.117047][T10166] __x64_sys_shmget+0x13b/0x1b0 [ 245.117082][T10166] ? __pfx___x64_sys_shmget+0x10/0x10 [ 245.117121][T10166] ? rcu_is_watching+0x12/0xc0 [ 245.117151][T10166] do_syscall_64+0xcd/0x490 [ 245.117187][T10166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.117213][T10166] RIP: 0033:0x7f4d6ef8ebe9 [ 245.117234][T10166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.117258][T10166] RSP: 002b:00007f4d6fe21038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 245.117282][T10166] RAX: ffffffffffffffda RBX: 00007f4d6f1c5fa0 RCX: 00007f4d6ef8ebe9 [ 245.117299][T10166] RDX: 000000000000ffff RSI: 0000000000000006 RDI: 0000000000000004 [ 245.117314][T10166] RBP: 00007f4d6f011e19 R08: 0000000000000000 R09: 0000000000000000 [ 245.117330][T10166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 245.117345][T10166] R13: 00007f4d6f1c6038 R14: 00007f4d6f1c5fa0 R15: 00007fff516be888 [ 245.117382][T10166] [ 245.903549][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 246.280584][T10193] FAULT_INJECTION: forcing a failure. [ 246.280584][T10193] name failslab, interval 1, probability 0, space 0, times 0 [ 246.329714][T10193] CPU: 0 UID: 0 PID: 10193 Comm: syz.2.1688 Tainted: G I syzkaller #0 PREEMPT(full) [ 246.329758][T10193] Tainted: [I]=FIRMWARE_WORKAROUND [ 246.329768][T10193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 246.329782][T10193] Call Trace: [ 246.329791][T10193] [ 246.329801][T10193] dump_stack_lvl+0x16c/0x1f0 [ 246.329841][T10193] should_fail_ex+0x512/0x640 [ 246.329877][T10193] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 246.329908][T10193] should_failslab+0xc2/0x120 [ 246.329943][T10193] __kmalloc_cache_noprof+0x6a/0x3e0 [ 246.329969][T10193] ? newseg+0x25a/0xe60 [ 246.330007][T10193] newseg+0x25a/0xe60 [ 246.330046][T10193] ? __pfx_newseg+0x10/0x10 [ 246.330075][T10193] ? find_held_lock+0x2b/0x80 [ 246.330102][T10193] ? ipcget+0x500/0xda0 [ 246.330132][T10193] ? ipcget+0x500/0xda0 [ 246.330166][T10193] ? ipcget+0x500/0xda0 [ 246.330199][T10193] ipcget+0x87d/0xda0 [ 246.330244][T10193] ? __pfx___might_resched+0x10/0x10 [ 246.330270][T10193] ? __pfx_ipcget+0x10/0x10 [ 246.330310][T10193] ? __x64_sys_futex+0x1e0/0x4c0 [ 246.330340][T10193] ? __x64_sys_futex+0x1e9/0x4c0 [ 246.330377][T10193] __x64_sys_shmget+0x13b/0x1b0 [ 246.330410][T10193] ? __pfx___x64_sys_shmget+0x10/0x10 [ 246.330449][T10193] ? rcu_is_watching+0x12/0xc0 [ 246.330480][T10193] do_syscall_64+0xcd/0x490 [ 246.330515][T10193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.330540][T10193] RIP: 0033:0x7f182e58ebe9 [ 246.330560][T10193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.330585][T10193] RSP: 002b:00007f182f38a038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 246.330618][T10193] RAX: ffffffffffffffda RBX: 00007f182e7c5fa0 RCX: 00007f182e58ebe9 [ 246.330635][T10193] RDX: 000000000000ffff RSI: 0000000000000006 RDI: 0000000000000004 [ 246.330650][T10193] RBP: 00007f182e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 246.330666][T10193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 246.330681][T10193] R13: 00007f182e7c6038 R14: 00007f182e7c5fa0 R15: 00007ffe706ed3b8 [ 246.330716][T10193] [ 247.988006][T10233] FAULT_INJECTION: forcing a failure. [ 247.988006][T10233] name failslab, interval 1, probability 0, space 0, times 0 [ 248.004002][T10233] CPU: 0 UID: 0 PID: 10233 Comm: syz.3.1699 Tainted: G I syzkaller #0 PREEMPT(full) [ 248.004044][T10233] Tainted: [I]=FIRMWARE_WORKAROUND [ 248.004053][T10233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 248.004068][T10233] Call Trace: [ 248.004077][T10233] [ 248.004087][T10233] dump_stack_lvl+0x16c/0x1f0 [ 248.004125][T10233] should_fail_ex+0x512/0x640 [ 248.004161][T10233] ? fs_reclaim_acquire+0xae/0x150 [ 248.004204][T10233] should_failslab+0xc2/0x120 [ 248.004235][T10233] __kmalloc_cache_noprof+0x6a/0x3e0 [ 248.004259][T10233] ? find_held_lock+0x2b/0x80 [ 248.004282][T10233] ? tomoyo_open_control+0x56/0xa30 [ 248.004313][T10233] tomoyo_open_control+0x56/0xa30 [ 248.004345][T10233] do_dentry_open+0x97f/0x1530 [ 248.004376][T10233] ? __pfx_tomoyo_open+0x10/0x10 [ 248.004415][T10233] vfs_open+0x82/0x3f0 [ 248.004449][T10233] path_openat+0x1de4/0x2cb0 [ 248.004481][T10233] ? __pfx_path_openat+0x10/0x10 [ 248.004517][T10233] do_filp_open+0x20b/0x470 [ 248.004538][T10233] ? __pfx_do_filp_open+0x10/0x10 [ 248.004590][T10233] ? alloc_fd+0x471/0x7d0 [ 248.004627][T10233] do_sys_openat2+0x11b/0x1d0 [ 248.004662][T10233] ? __pfx_do_sys_openat2+0x10/0x10 [ 248.004711][T10233] __x64_sys_openat+0x174/0x210 [ 248.004757][T10233] ? __pfx___x64_sys_openat+0x10/0x10 [ 248.004809][T10233] do_syscall_64+0xcd/0x490 [ 248.004847][T10233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.004873][T10233] RIP: 0033:0x7f108258ebe9 [ 248.004894][T10233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.004917][T10233] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 248.004942][T10233] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 248.004958][T10233] RDX: 00000000000c0802 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 248.004974][T10233] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 248.004989][T10233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.005005][T10233] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 248.005042][T10233] [ 248.444951][T10239] FAULT_INJECTION: forcing a failure. [ 248.444951][T10239] name failslab, interval 1, probability 0, space 0, times 0 [ 248.460574][T10239] CPU: 0 UID: 0 PID: 10239 Comm: syz.3.1702 Tainted: G I syzkaller #0 PREEMPT(full) [ 248.460617][T10239] Tainted: [I]=FIRMWARE_WORKAROUND [ 248.460627][T10239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 248.460642][T10239] Call Trace: [ 248.460651][T10239] [ 248.460661][T10239] dump_stack_lvl+0x16c/0x1f0 [ 248.460708][T10239] should_fail_ex+0x512/0x640 [ 248.460743][T10239] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 248.460778][T10239] should_failslab+0xc2/0x120 [ 248.460811][T10239] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 248.460841][T10239] ? __pfx_map_id_range_down+0x10/0x10 [ 248.460876][T10239] ? prepare_creds+0x2c/0x7d0 [ 248.460918][T10239] prepare_creds+0x2c/0x7d0 [ 248.460956][T10239] __sys_setfsgid+0xe3/0x380 [ 248.460984][T10239] ? rcu_is_watching+0x12/0xc0 [ 248.461014][T10239] do_syscall_64+0xcd/0x490 [ 248.461050][T10239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.461076][T10239] RIP: 0033:0x7f108258ebe9 [ 248.461097][T10239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.461122][T10239] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000007b [ 248.461146][T10239] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 248.461165][T10239] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 248.461181][T10239] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 248.461196][T10239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.461211][T10239] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 248.461247][T10239] [ 249.387800][T10265] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1711'. [ 250.164638][T10286] netlink: 130 bytes leftover after parsing attributes in process `syz.2.1718'. [ 250.398755][T10293] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1720'. [ 250.460889][T10293] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1720'. [ 250.906908][T10301] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1723'. [ 252.107981][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 252.118302][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 252.250457][T10336] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1735'. [ 252.462548][T10344] netlink: 'syz.3.1741': attribute type 21 has an invalid length. [ 252.483167][T10344] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1741'. [ 252.576977][T10346] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1740'. [ 253.054755][T10367] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 253.094210][T10369] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1750'. [ 255.561379][T10443] netlink: 26 bytes leftover after parsing attributes in process `syz.3.1780'. [ 255.587567][T10443] openvswitch: netlink: IP tunnel dst address not specified [ 255.620464][T10445] FAULT_INJECTION: forcing a failure. [ 255.620464][T10445] name failslab, interval 1, probability 0, space 0, times 0 [ 255.652392][T10445] CPU: 1 UID: 0 PID: 10445 Comm: syz.4.1779 Tainted: G I syzkaller #0 PREEMPT(full) [ 255.652440][T10445] Tainted: [I]=FIRMWARE_WORKAROUND [ 255.652450][T10445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 255.652466][T10445] Call Trace: [ 255.652475][T10445] [ 255.652486][T10445] dump_stack_lvl+0x16c/0x1f0 [ 255.652527][T10445] should_fail_ex+0x512/0x640 [ 255.652561][T10445] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 255.652595][T10445] should_failslab+0xc2/0x120 [ 255.652628][T10445] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 255.652660][T10445] ? d_instantiate+0x77/0x90 [ 255.652690][T10445] ? alloc_empty_file+0x55/0x1e0 [ 255.652738][T10445] alloc_empty_file+0x55/0x1e0 [ 255.652777][T10445] alloc_file_pseudo+0x13a/0x230 [ 255.652817][T10445] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 255.652858][T10445] ? hugetlbfs_get_inode+0x31f/0x730 [ 255.652891][T10445] hugetlb_file_setup+0x4ce/0x620 [ 255.652922][T10445] ksys_mmap_pgoff+0x189/0x5c0 [ 255.652963][T10445] __x64_sys_mmap+0x125/0x190 [ 255.653005][T10445] do_syscall_64+0xcd/0x490 [ 255.653041][T10445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.653068][T10445] RIP: 0033:0x7f4d6ef8ebe9 [ 255.653087][T10445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.653110][T10445] RSP: 002b:00007f4d6fe21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 255.653134][T10445] RAX: ffffffffffffffda RBX: 00007f4d6f1c5fa0 RCX: 00007f4d6ef8ebe9 [ 255.653149][T10445] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 255.653163][T10445] RBP: 00007f4d6f011e19 R08: 0000000000000401 R09: 0000300000000000 [ 255.653179][T10445] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 255.653194][T10445] R13: 00007f4d6f1c6038 R14: 00007f4d6f1c5fa0 R15: 00007fff516be888 [ 255.653228][T10445] [ 256.154685][T10453] ptp ptp0: new virtual clock ptp1 [ 256.207198][T10453] ptp ptp0: new virtual clock ptp2 [ 256.276037][T10453] ptp ptp0: new virtual clock ptp3 [ 256.324633][T10453] ptp ptp0: new virtual clock ptp4 [ 256.371332][T10453] ptp ptp0: new virtual clock ptp5 [ 256.444918][T10453] ptp ptp0: new virtual clock ptp6 [ 256.531394][T10453] ptp ptp0: new virtual clock ptp7 [ 256.598880][T10453] ptp ptp0: new virtual clock ptp8 [ 256.641231][T10453] ptp ptp0: new virtual clock ptp9 [ 256.707070][T10453] ptp ptp0: new virtual clock ptp10 [ 256.842274][T10453] ptp ptp0: new virtual clock ptp11 [ 256.873457][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2c2!!! [ 256.885032][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 256.919490][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 256.985514][T10453] ptp ptp0: new virtual clock ptp12 [ 257.039190][T10453] failed to create ptp aux_worker -4 [ 257.314344][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 257.383451][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 257.432784][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 257.487880][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 257.765838][T10516] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1797'. [ 258.187006][T10539] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1805'. [ 259.436986][T10580] netlink: 'syz.3.1820': attribute type 3 has an invalid length. [ 259.778196][T10590] netlink: 'syz.3.1825': attribute type 3 has an invalid length. [ 260.214567][T10604] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1831'. [ 260.474441][T10618] FAULT_INJECTION: forcing a failure. [ 260.474441][T10618] name failslab, interval 1, probability 0, space 0, times 0 [ 260.489703][T10618] CPU: 1 UID: 0 PID: 10618 Comm: syz.3.1838 Tainted: G I syzkaller #0 PREEMPT(full) [ 260.489743][T10618] Tainted: [I]=FIRMWARE_WORKAROUND [ 260.489752][T10618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 260.489765][T10618] Call Trace: [ 260.489774][T10618] [ 260.489783][T10618] dump_stack_lvl+0x16c/0x1f0 [ 260.489823][T10618] should_fail_ex+0x512/0x640 [ 260.489857][T10618] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 260.489889][T10618] should_failslab+0xc2/0x120 [ 260.489923][T10618] __kmalloc_cache_noprof+0x6a/0x3e0 [ 260.489950][T10618] ? _raw_spin_unlock+0x28/0x50 [ 260.489978][T10618] ? snd_ctl_open+0x174/0x5f0 [ 260.490015][T10618] snd_ctl_open+0x174/0x5f0 [ 260.490050][T10618] ? __pfx_snd_ctl_open+0x10/0x10 [ 260.490081][T10618] snd_open+0x22a/0x4c0 [ 260.490117][T10618] ? __pfx_snd_open+0x10/0x10 [ 260.490153][T10618] chrdev_open+0x231/0x6a0 [ 260.490184][T10618] ? __pfx_apparmor_file_open+0x10/0x10 [ 260.490213][T10618] ? __pfx_chrdev_open+0x10/0x10 [ 260.490246][T10618] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 260.490281][T10618] do_dentry_open+0x97f/0x1530 [ 260.490313][T10618] ? __pfx_chrdev_open+0x10/0x10 [ 260.490353][T10618] vfs_open+0x82/0x3f0 [ 260.490394][T10618] path_openat+0x1de4/0x2cb0 [ 260.490437][T10618] ? __pfx_path_openat+0x10/0x10 [ 260.490477][T10618] do_filp_open+0x20b/0x470 [ 260.490509][T10618] ? __pfx_do_filp_open+0x10/0x10 [ 260.490576][T10618] ? alloc_fd+0x471/0x7d0 [ 260.490615][T10618] do_sys_openat2+0x11b/0x1d0 [ 260.490654][T10618] ? __pfx_do_sys_openat2+0x10/0x10 [ 260.490705][T10618] __x64_sys_openat+0x174/0x210 [ 260.490744][T10618] ? __pfx___x64_sys_openat+0x10/0x10 [ 260.490793][T10618] do_syscall_64+0xcd/0x490 [ 260.490827][T10618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.490853][T10618] RIP: 0033:0x7f108258ebe9 [ 260.490874][T10618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.490901][T10618] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 260.490927][T10618] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 260.490944][T10618] RDX: 0000000000000a02 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 260.490961][T10618] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 260.490977][T10618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 260.490992][T10618] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 260.491027][T10618] [ 261.084577][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.092165][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.290155][T10609] FAULT_INJECTION: forcing a failure. [ 261.290155][T10609] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 261.433459][T10609] CPU: 1 UID: 0 PID: 10609 Comm: syz.4.1834 Tainted: G I syzkaller #0 PREEMPT(full) [ 261.433500][T10609] Tainted: [I]=FIRMWARE_WORKAROUND [ 261.433510][T10609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 261.433524][T10609] Call Trace: [ 261.433533][T10609] [ 261.433542][T10609] dump_stack_lvl+0x16c/0x1f0 [ 261.433577][T10609] should_fail_ex+0x512/0x640 [ 261.433616][T10609] should_fail_alloc_page+0xe7/0x130 [ 261.433650][T10609] prepare_alloc_pages+0x3c2/0x610 [ 261.433683][T10609] ? rcu_is_watching+0x12/0xc0 [ 261.433710][T10609] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 261.433744][T10609] ? stack_trace_save+0x8e/0xc0 [ 261.433768][T10609] ? __pfx_stack_trace_save+0x10/0x10 [ 261.433793][T10609] ? stack_depot_save_flags+0x29/0x9c0 [ 261.433823][T10609] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 261.433853][T10609] ? kasan_save_stack+0x42/0x60 [ 261.433878][T10609] ? kasan_save_stack+0x33/0x60 [ 261.433901][T10609] ? kasan_save_track+0x14/0x30 [ 261.433924][T10609] ? __kasan_kmalloc+0xaa/0xb0 [ 261.433947][T10609] ? mon_bin_open+0x1a8/0x4a0 [ 261.433976][T10609] ? do_sys_openat2+0x11b/0x1d0 [ 261.434009][T10609] ? __x64_sys_openat+0x174/0x210 [ 261.434043][T10609] ? do_syscall_64+0xcd/0x490 [ 261.434073][T10609] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.434100][T10609] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 261.434138][T10609] ? policy_nodemask+0xea/0x4e0 [ 261.434170][T10609] alloc_pages_mpol+0x1fb/0x550 [ 261.434207][T10609] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 261.434245][T10609] alloc_pages_noprof+0x131/0x390 [ 261.434292][T10609] get_zeroed_page_noprof+0x18/0xb0 [ 261.434329][T10609] mon_alloc_buff+0xce/0x1b0 [ 261.434359][T10609] ? kasan_save_track+0x14/0x30 [ 261.434391][T10609] mon_bin_open+0x207/0x4a0 [ 261.434419][T10609] ? __pfx_mon_bin_open+0x10/0x10 [ 261.434449][T10609] chrdev_open+0x231/0x6a0 [ 261.434483][T10609] ? __pfx_chrdev_open+0x10/0x10 [ 261.434517][T10609] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 261.434554][T10609] do_dentry_open+0x97f/0x1530 [ 261.434586][T10609] ? __pfx_chrdev_open+0x10/0x10 [ 261.434625][T10609] vfs_open+0x82/0x3f0 [ 261.434666][T10609] path_openat+0x1de4/0x2cb0 [ 261.434709][T10609] ? __pfx_path_openat+0x10/0x10 [ 261.434749][T10609] do_filp_open+0x20b/0x470 [ 261.434780][T10609] ? __pfx_do_filp_open+0x10/0x10 [ 261.434838][T10609] ? alloc_fd+0x471/0x7d0 [ 261.434876][T10609] do_sys_openat2+0x11b/0x1d0 [ 261.434913][T10609] ? __pfx_do_sys_openat2+0x10/0x10 [ 261.434966][T10609] __x64_sys_openat+0x174/0x210 [ 261.435002][T10609] ? __pfx___x64_sys_openat+0x10/0x10 [ 261.435055][T10609] do_syscall_64+0xcd/0x490 [ 261.435091][T10609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.435117][T10609] RIP: 0033:0x7f4d6ef8ebe9 [ 261.435138][T10609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.435162][T10609] RSP: 002b:00007f4d6fe21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 261.435187][T10609] RAX: ffffffffffffffda RBX: 00007f4d6f1c5fa0 RCX: 00007f4d6ef8ebe9 [ 261.435205][T10609] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 261.435222][T10609] RBP: 00007f4d6f011e19 R08: 0000000000000000 R09: 0000000000000000 [ 261.435238][T10609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.435259][T10609] R13: 00007f4d6f1c6038 R14: 00007f4d6f1c5fa0 R15: 00007fff516be888 [ 261.435297][T10609] [ 262.652682][T10650] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1851'. [ 264.574019][T10701] binder: 10700:10701 ioctl c00c6211 0 returned -14 [ 264.592755][T10701] binder: 10700:10701 ioctl c0306201 200000000000 returned -14 [ 265.140003][T10706] FAULT_INJECTION: forcing a failure. [ 265.140003][T10706] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 265.182570][T10706] CPU: 0 UID: 0 PID: 10706 Comm: syz.5.1872 Tainted: G I syzkaller #0 PREEMPT(full) [ 265.182615][T10706] Tainted: [I]=FIRMWARE_WORKAROUND [ 265.182626][T10706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 265.182641][T10706] Call Trace: [ 265.182649][T10706] [ 265.182660][T10706] dump_stack_lvl+0x16c/0x1f0 [ 265.182701][T10706] should_fail_ex+0x512/0x640 [ 265.182744][T10706] should_fail_alloc_page+0xe7/0x130 [ 265.182780][T10706] prepare_alloc_pages+0x3c2/0x610 [ 265.182818][T10706] ? rcu_is_watching+0x12/0xc0 [ 265.182850][T10706] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 265.182892][T10706] ? stack_trace_save+0x8e/0xc0 [ 265.182931][T10706] ? __pfx_stack_trace_save+0x10/0x10 [ 265.182962][T10706] ? stack_depot_save_flags+0x29/0x9c0 [ 265.183001][T10706] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 265.183037][T10706] ? kasan_save_stack+0x42/0x60 [ 265.183064][T10706] ? kasan_save_stack+0x33/0x60 [ 265.183090][T10706] ? kasan_save_track+0x14/0x30 [ 265.183116][T10706] ? __kasan_kmalloc+0xaa/0xb0 [ 265.183139][T10706] ? mon_bin_open+0x1a8/0x4a0 [ 265.183171][T10706] ? do_sys_openat2+0x11b/0x1d0 [ 265.183206][T10706] ? __x64_sys_openat+0x174/0x210 [ 265.183240][T10706] ? do_syscall_64+0xcd/0x490 [ 265.183268][T10706] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.183301][T10706] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 265.183336][T10706] ? policy_nodemask+0xea/0x4e0 [ 265.183367][T10706] alloc_pages_mpol+0x1fb/0x550 [ 265.183400][T10706] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 265.183440][T10706] alloc_pages_noprof+0x131/0x390 [ 265.183474][T10706] get_zeroed_page_noprof+0x18/0xb0 [ 265.183508][T10706] mon_alloc_buff+0xce/0x1b0 [ 265.183535][T10706] ? kasan_save_track+0x14/0x30 [ 265.183567][T10706] mon_bin_open+0x207/0x4a0 [ 265.183599][T10706] ? __pfx_mon_bin_open+0x10/0x10 [ 265.183629][T10706] chrdev_open+0x231/0x6a0 [ 265.183660][T10706] ? __pfx_apparmor_file_open+0x10/0x10 [ 265.183687][T10706] ? __pfx_chrdev_open+0x10/0x10 [ 265.183723][T10706] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 265.183760][T10706] do_dentry_open+0x97f/0x1530 [ 265.183792][T10706] ? __pfx_chrdev_open+0x10/0x10 [ 265.183831][T10706] vfs_open+0x82/0x3f0 [ 265.183872][T10706] path_openat+0x1de4/0x2cb0 [ 265.183922][T10706] ? __pfx_path_openat+0x10/0x10 [ 265.183966][T10706] do_filp_open+0x20b/0x470 [ 265.183996][T10706] ? __pfx_do_filp_open+0x10/0x10 [ 265.184054][T10706] ? alloc_fd+0x471/0x7d0 [ 265.184093][T10706] do_sys_openat2+0x11b/0x1d0 [ 265.184129][T10706] ? __pfx_do_sys_openat2+0x10/0x10 [ 265.184179][T10706] __x64_sys_openat+0x174/0x210 [ 265.184217][T10706] ? __pfx___x64_sys_openat+0x10/0x10 [ 265.184270][T10706] do_syscall_64+0xcd/0x490 [ 265.184306][T10706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.184332][T10706] RIP: 0033:0x7f865f38ebe9 [ 265.184352][T10706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.184377][T10706] RSP: 002b:00007f866023d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 265.184402][T10706] RAX: ffffffffffffffda RBX: 00007f865f5c5fa0 RCX: 00007f865f38ebe9 [ 265.184419][T10706] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 265.184437][T10706] RBP: 00007f865f411e19 R08: 0000000000000000 R09: 0000000000000000 [ 265.184453][T10706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.184469][T10706] R13: 00007f865f5c6038 R14: 00007f865f5c5fa0 R15: 00007ffe3d250278 [ 265.184506][T10706] [ 266.726494][T10736] netlink: 130 bytes leftover after parsing attributes in process `syz.5.1886'. [ 268.691144][T10784] FAULT_INJECTION: forcing a failure. [ 268.691144][T10784] name failslab, interval 1, probability 0, space 0, times 0 [ 268.719090][T10784] CPU: 1 UID: 0 PID: 10784 Comm: syz.3.1904 Tainted: G I syzkaller #0 PREEMPT(full) [ 268.719135][T10784] Tainted: [I]=FIRMWARE_WORKAROUND [ 268.719145][T10784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 268.719161][T10784] Call Trace: [ 268.719171][T10784] [ 268.719181][T10784] dump_stack_lvl+0x16c/0x1f0 [ 268.719222][T10784] should_fail_ex+0x512/0x640 [ 268.719255][T10784] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 268.719290][T10784] should_failslab+0xc2/0x120 [ 268.719323][T10784] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 268.719354][T10784] ? flock_lock_inode+0xbe5/0x1030 [ 268.719383][T10784] flock_lock_inode+0xbe5/0x1030 [ 268.719414][T10784] ? __pfx_flock_lock_inode+0x10/0x10 [ 268.719452][T10784] ? __pfx___might_resched+0x10/0x10 [ 268.719485][T10784] locks_lock_inode_wait+0x1da/0x490 [ 268.719512][T10784] ? __pfx_locks_lock_inode_wait+0x10/0x10 [ 268.719553][T10784] ? common_file_perm+0x1a9/0x340 [ 268.719590][T10784] __do_sys_flock+0x446/0x520 [ 268.719613][T10784] ? __pfx___do_sys_flock+0x10/0x10 [ 268.719661][T10784] ? ksys_write+0x1ac/0x250 [ 268.719689][T10784] ? __pfx_ksys_write+0x10/0x10 [ 268.719728][T10784] do_syscall_64+0xcd/0x490 [ 268.719763][T10784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.719788][T10784] RIP: 0033:0x7f108258ebe9 [ 268.719810][T10784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.719834][T10784] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000049 [ 268.719859][T10784] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 268.719876][T10784] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003 [ 268.719891][T10784] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 268.719906][T10784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.719921][T10784] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 268.719957][T10784] [ 269.042687][T10788] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1905'. [ 269.170588][T10788] team0: Port device team_slave_1 removed [ 270.115953][T10815] FAULT_INJECTION: forcing a failure. [ 270.115953][T10815] name failslab, interval 1, probability 0, space 0, times 0 [ 270.134297][T10815] CPU: 1 UID: 0 PID: 10815 Comm: syz.5.1915 Tainted: G I syzkaller #0 PREEMPT(full) [ 270.134341][T10815] Tainted: [I]=FIRMWARE_WORKAROUND [ 270.134351][T10815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 270.134365][T10815] Call Trace: [ 270.134373][T10815] [ 270.134382][T10815] dump_stack_lvl+0x16c/0x1f0 [ 270.134421][T10815] should_fail_ex+0x512/0x640 [ 270.134466][T10815] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 270.134502][T10815] should_failslab+0xc2/0x120 [ 270.134534][T10815] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 270.134566][T10815] ? __alloc_skb+0x2b2/0x380 [ 270.134602][T10815] __alloc_skb+0x2b2/0x380 [ 270.134635][T10815] ? __pfx___alloc_skb+0x10/0x10 [ 270.134672][T10815] ? if_nlmsg_size+0x475/0xaf0 [ 270.134711][T10815] rtmsg_ifinfo_build_skb+0x81/0x280 [ 270.134756][T10815] rtmsg_ifinfo+0x9f/0x1a0 [ 270.134798][T10815] netif_state_change+0x17f/0x3b0 [ 270.134824][T10815] ? __pfx_netif_state_change+0x10/0x10 [ 270.134853][T10815] ? tun_get+0x191/0x370 [ 270.134896][T10815] netdev_state_change+0xaa/0x240 [ 270.134935][T10815] __tun_chr_ioctl+0x2443/0x48b0 [ 270.134958][T10815] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 270.135002][T10815] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 270.135031][T10815] ? hook_file_ioctl_common+0x145/0x410 [ 270.135072][T10815] ? __fget_files+0x20e/0x3c0 [ 270.135104][T10815] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 270.135131][T10815] __x64_sys_ioctl+0x18b/0x210 [ 270.135173][T10815] do_syscall_64+0xcd/0x490 [ 270.135210][T10815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.135235][T10815] RIP: 0033:0x7f865f38ebe9 [ 270.135256][T10815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.135281][T10815] RSP: 002b:00007f866021c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 270.135305][T10815] RAX: ffffffffffffffda RBX: 00007f865f5c6090 RCX: 00007f865f38ebe9 [ 270.135323][T10815] RDX: 000000000000006f RSI: 00000000400454cc RDI: 04000000000000c8 [ 270.135339][T10815] RBP: 00007f865f411e19 R08: 0000000000000000 R09: 0000000000000000 [ 270.135354][T10815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 270.135370][T10815] R13: 00007f865f5c6128 R14: 00007f865f5c6090 R15: 00007ffe3d250278 [ 270.135406][T10815] [ 271.748218][T10843] netlink: zone id is out of range [ 271.768392][T10843] netlink: zone id is out of range [ 271.777705][T10843] netlink: zone id is out of range [ 271.794886][T10843] netlink: zone id is out of range [ 271.809097][T10843] netlink: zone id is out of range [ 271.817828][T10843] netlink: zone id is out of range [ 271.843369][T10843] netlink: zone id is out of range [ 271.863184][T10843] netlink: zone id is out of range [ 271.869359][T10843] netlink: zone id is out of range [ 271.877467][T10843] netlink: zone id is out of range [ 271.889018][T10846] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1928'. [ 272.053393][T10846] team_slave_0: entered allmulticast mode [ 273.859030][T10890] FAULT_INJECTION: forcing a failure. [ 273.859030][T10890] name failslab, interval 1, probability 0, space 0, times 0 [ 273.886111][T10890] CPU: 0 UID: 0 PID: 10890 Comm: syz.3.1950 Tainted: G I syzkaller #0 PREEMPT(full) [ 273.886173][T10890] Tainted: [I]=FIRMWARE_WORKAROUND [ 273.886182][T10890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 273.886196][T10890] Call Trace: [ 273.886205][T10890] [ 273.886215][T10890] dump_stack_lvl+0x16c/0x1f0 [ 273.886253][T10890] should_fail_ex+0x512/0x640 [ 273.886285][T10890] ? fs_reclaim_acquire+0xae/0x150 [ 273.886324][T10890] should_failslab+0xc2/0x120 [ 273.886357][T10890] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 273.886386][T10890] ? security_inode_alloc+0x3b/0x2b0 [ 273.886417][T10890] security_inode_alloc+0x3b/0x2b0 [ 273.886444][T10890] inode_init_always_gfp+0xce4/0x1030 [ 273.886474][T10890] alloc_inode+0x86/0x240 [ 273.886508][T10890] path_from_stashed+0x25b/0x750 [ 273.886535][T10890] ? do_raw_spin_unlock+0x172/0x230 [ 273.886581][T10890] ns_get_path+0x5f/0x80 [ 273.886609][T10890] proc_ns_get_link+0x121/0x230 [ 273.886641][T10890] ? __pfx_proc_ns_get_link+0x10/0x10 [ 273.886673][T10890] ? atime_needs_update+0x8b/0x710 [ 273.886711][T10890] ? __pfx_proc_ns_get_link+0x10/0x10 [ 273.886742][T10890] step_into+0x1a29/0x2270 [ 273.886774][T10890] ? __pfx_step_into+0x10/0x10 [ 273.886799][T10890] ? find_held_lock+0x2b/0x80 [ 273.886831][T10890] path_openat+0x6db/0x2cb0 [ 273.886871][T10890] ? __pfx_path_openat+0x10/0x10 [ 273.886910][T10890] do_filp_open+0x20b/0x470 [ 273.886941][T10890] ? __pfx_do_filp_open+0x10/0x10 [ 273.886996][T10890] ? alloc_fd+0x471/0x7d0 [ 273.887053][T10890] do_sys_openat2+0x11b/0x1d0 [ 273.887093][T10890] ? __pfx_do_sys_openat2+0x10/0x10 [ 273.887152][T10890] __x64_sys_openat+0x174/0x210 [ 273.887192][T10890] ? __pfx___x64_sys_openat+0x10/0x10 [ 273.887246][T10890] do_syscall_64+0xcd/0x490 [ 273.887283][T10890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.887308][T10890] RIP: 0033:0x7f108258d550 [ 273.887329][T10890] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 273.887353][T10890] RSP: 002b:00007f10834a6f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 273.887377][T10890] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f108258d550 [ 273.887395][T10890] RDX: 0000000000000002 RSI: 00007f10834a6fa0 RDI: 00000000ffffff9c [ 273.887411][T10890] RBP: 00007f10834a6fa0 R08: 0000000000000000 R09: 0000000000000000 [ 273.887427][T10890] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 273.887442][T10890] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 273.887477][T10890] [ 276.569917][T10967] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1981'. [ 278.827902][ T51] Bluetooth: hci3: Malformed LE Event: 0x1b [ 280.806722][T11067] FAULT_INJECTION: forcing a failure. [ 280.806722][T11067] name failslab, interval 1, probability 0, space 0, times 0 [ 280.843592][T11067] CPU: 0 UID: 0 PID: 11067 Comm: syz.3.2024 Tainted: G I syzkaller #0 PREEMPT(full) [ 280.843634][T11067] Tainted: [I]=FIRMWARE_WORKAROUND [ 280.843643][T11067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 280.843658][T11067] Call Trace: [ 280.843667][T11067] [ 280.843675][T11067] dump_stack_lvl+0x16c/0x1f0 [ 280.843717][T11067] should_fail_ex+0x512/0x640 [ 280.843752][T11067] ? fs_reclaim_acquire+0xae/0x150 [ 280.843792][T11067] should_failslab+0xc2/0x120 [ 280.843825][T11067] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 280.843858][T11067] ? security_inode_alloc+0x3b/0x2b0 [ 280.843892][T11067] security_inode_alloc+0x3b/0x2b0 [ 280.843921][T11067] inode_init_always_gfp+0xce4/0x1030 [ 280.843952][T11067] alloc_inode+0x86/0x240 [ 280.843990][T11067] path_from_stashed+0x25b/0x750 [ 280.844017][T11067] ? do_raw_read_unlock+0x44/0xe0 [ 280.844060][T11067] ns_get_path+0x5f/0x80 [ 280.844086][T11067] proc_ns_get_link+0x121/0x230 [ 280.844116][T11067] ? __pfx_proc_ns_get_link+0x10/0x10 [ 280.844149][T11067] ? atime_needs_update+0x8b/0x710 [ 280.844184][T11067] ? __pfx_proc_ns_get_link+0x10/0x10 [ 280.844212][T11067] step_into+0x1a29/0x2270 [ 280.844246][T11067] ? __pfx_step_into+0x10/0x10 [ 280.844276][T11067] ? find_held_lock+0x2b/0x80 [ 280.844311][T11067] path_openat+0x6db/0x2cb0 [ 280.844354][T11067] ? __pfx_path_openat+0x10/0x10 [ 280.844393][T11067] do_filp_open+0x20b/0x470 [ 280.844424][T11067] ? __pfx_do_filp_open+0x10/0x10 [ 280.844498][T11067] do_sys_openat2+0x11b/0x1d0 [ 280.844537][T11067] ? __pfx_do_sys_openat2+0x10/0x10 [ 280.844590][T11067] __x64_sys_openat+0x174/0x210 [ 280.844628][T11067] ? __pfx___x64_sys_openat+0x10/0x10 [ 280.844681][T11067] do_syscall_64+0xcd/0x490 [ 280.844717][T11067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.844743][T11067] RIP: 0033:0x7f108258d550 [ 280.844762][T11067] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 280.844787][T11067] RSP: 002b:00007f10834a6f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 280.844812][T11067] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f108258d550 [ 280.844829][T11067] RDX: 0000000000000002 RSI: 00007f10834a6fa0 RDI: 00000000ffffff9c [ 280.844845][T11067] RBP: 00007f10834a6fa0 R08: 0000000000000000 R09: 0000000000000000 [ 280.844860][T11067] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 280.844873][T11067] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 280.844907][T11067] [ 281.486323][T11078] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2028'. [ 281.650261][T11081] FAULT_INJECTION: forcing a failure. [ 281.650261][T11081] name failslab, interval 1, probability 0, space 0, times 0 [ 281.688458][T11081] CPU: 0 UID: 0 PID: 11081 Comm: syz.3.2029 Tainted: G I syzkaller #0 PREEMPT(full) [ 281.688503][T11081] Tainted: [I]=FIRMWARE_WORKAROUND [ 281.688513][T11081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 281.688529][T11081] Call Trace: [ 281.688537][T11081] [ 281.688548][T11081] dump_stack_lvl+0x16c/0x1f0 [ 281.688590][T11081] should_fail_ex+0x512/0x640 [ 281.688622][T11081] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 281.688658][T11081] should_failslab+0xc2/0x120 [ 281.688697][T11081] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 281.688729][T11081] ? __alloc_skb+0x2b2/0x380 [ 281.688766][T11081] __alloc_skb+0x2b2/0x380 [ 281.688796][T11081] ? __pfx___alloc_skb+0x10/0x10 [ 281.688833][T11081] ? if_nlmsg_size+0x475/0xaf0 [ 281.688872][T11081] rtmsg_ifinfo_build_skb+0x81/0x280 [ 281.688916][T11081] rtmsg_ifinfo+0x9f/0x1a0 [ 281.688959][T11081] netif_state_change+0x17f/0x3b0 [ 281.688984][T11081] ? __pfx_netif_state_change+0x10/0x10 [ 281.689013][T11081] ? tun_get+0x191/0x370 [ 281.689056][T11081] netdev_state_change+0xaa/0x240 [ 281.689095][T11081] __tun_chr_ioctl+0x2443/0x48b0 [ 281.689117][T11081] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 281.689162][T11081] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 281.689191][T11081] ? hook_file_ioctl_common+0x145/0x410 [ 281.689232][T11081] ? __fget_files+0x20e/0x3c0 [ 281.689266][T11081] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 281.689292][T11081] __x64_sys_ioctl+0x18b/0x210 [ 281.689332][T11081] do_syscall_64+0xcd/0x490 [ 281.689370][T11081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.689396][T11081] RIP: 0033:0x7f108258ebe9 [ 281.689416][T11081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 281.689443][T11081] RSP: 002b:00007f1083486038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 281.689469][T11081] RAX: ffffffffffffffda RBX: 00007f10827c6090 RCX: 00007f108258ebe9 [ 281.689487][T11081] RDX: 000000000000006f RSI: 00000000400454cc RDI: 04000000000000c8 [ 281.689504][T11081] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 281.689521][T11081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 281.689537][T11081] R13: 00007f10827c6128 R14: 00007f10827c6090 R15: 00007fffe3f9b848 [ 281.689575][T11081] [ 281.690476][T11083] FAULT_INJECTION: forcing a failure. [ 281.690476][T11083] name failslab, interval 1, probability 0, space 0, times 0 [ 282.024229][T11083] CPU: 0 UID: 0 PID: 11083 Comm: syz.4.2030 Tainted: G I syzkaller #0 PREEMPT(full) [ 282.024269][T11083] Tainted: [I]=FIRMWARE_WORKAROUND [ 282.024278][T11083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 282.024292][T11083] Call Trace: [ 282.024299][T11083] [ 282.024309][T11083] dump_stack_lvl+0x16c/0x1f0 [ 282.024346][T11083] should_fail_ex+0x512/0x640 [ 282.024377][T11083] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 282.024405][T11083] should_failslab+0xc2/0x120 [ 282.024436][T11083] __kmalloc_cache_noprof+0x6a/0x3e0 [ 282.024463][T11083] ? nci_allocate_device+0x105/0x430 [ 282.024496][T11083] nci_allocate_device+0x105/0x430 [ 282.024524][T11083] virtual_ncidev_open+0x6f/0x220 [ 282.024552][T11083] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 282.024576][T11083] misc_open+0x35d/0x420 [ 282.024601][T11083] ? __pfx_misc_open+0x10/0x10 [ 282.024625][T11083] chrdev_open+0x231/0x6a0 [ 282.024667][T11083] ? __pfx_chrdev_open+0x10/0x10 [ 282.024699][T11083] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 282.024734][T11083] do_dentry_open+0x97f/0x1530 [ 282.024766][T11083] ? __pfx_chrdev_open+0x10/0x10 [ 282.024803][T11083] vfs_open+0x82/0x3f0 [ 282.024842][T11083] path_openat+0x1de4/0x2cb0 [ 282.024886][T11083] ? __pfx_path_openat+0x10/0x10 [ 282.024922][T11083] do_filp_open+0x20b/0x470 [ 282.024950][T11083] ? __pfx_do_filp_open+0x10/0x10 [ 282.025005][T11083] ? alloc_fd+0x471/0x7d0 [ 282.025043][T11083] do_sys_openat2+0x11b/0x1d0 [ 282.025078][T11083] ? __pfx_do_sys_openat2+0x10/0x10 [ 282.025129][T11083] __x64_sys_openat+0x174/0x210 [ 282.025166][T11083] ? __pfx___x64_sys_openat+0x10/0x10 [ 282.025219][T11083] do_syscall_64+0xcd/0x490 [ 282.025255][T11083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.025280][T11083] RIP: 0033:0x7f4d6ef8ebe9 [ 282.025300][T11083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.025323][T11083] RSP: 002b:00007f4d6fe21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 282.025347][T11083] RAX: ffffffffffffffda RBX: 00007f4d6f1c5fa0 RCX: 00007f4d6ef8ebe9 [ 282.025361][T11083] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 282.025376][T11083] RBP: 00007f4d6f011e19 R08: 0000000000000000 R09: 0000000000000000 [ 282.025391][T11083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 282.025405][T11083] R13: 00007f4d6f1c6038 R14: 00007f4d6f1c5fa0 R15: 00007fff516be888 [ 282.025440][T11083] [ 283.371945][T11130] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2049'. [ 283.529367][T11133] FAULT_INJECTION: forcing a failure. [ 283.529367][T11133] name failslab, interval 1, probability 0, space 0, times 0 [ 283.553734][T11133] CPU: 0 UID: 0 PID: 11133 Comm: syz.4.2050 Tainted: G I syzkaller #0 PREEMPT(full) [ 283.553778][T11133] Tainted: [I]=FIRMWARE_WORKAROUND [ 283.553789][T11133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 283.553805][T11133] Call Trace: [ 283.553813][T11133] [ 283.553822][T11133] dump_stack_lvl+0x16c/0x1f0 [ 283.553863][T11133] should_fail_ex+0x512/0x640 [ 283.553895][T11133] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 283.553930][T11133] should_failslab+0xc2/0x120 [ 283.553966][T11133] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 283.553998][T11133] ? security_file_alloc+0x34/0x2b0 [ 283.554036][T11133] security_file_alloc+0x34/0x2b0 [ 283.554071][T11133] init_file+0x93/0x4c0 [ 283.554106][T11133] alloc_empty_file+0x73/0x1e0 [ 283.554141][T11133] alloc_file_pseudo+0x13a/0x230 [ 283.554178][T11133] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 283.554215][T11133] ? tipc_sk_finish_conn+0x580/0x790 [ 283.554253][T11133] sock_alloc_file+0x50/0x210 [ 283.554289][T11133] __sys_socketpair+0x34e/0x5a0 [ 283.554318][T11133] ? __pfx___sys_socketpair+0x10/0x10 [ 283.554349][T11133] ? xfd_validate_state+0x61/0x180 [ 283.554380][T11133] ? __pfx_do_writev+0x10/0x10 [ 283.554427][T11133] __x64_sys_socketpair+0x96/0x100 [ 283.554456][T11133] ? lockdep_hardirqs_on+0x7c/0x110 [ 283.554489][T11133] do_syscall_64+0xcd/0x490 [ 283.554526][T11133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.554552][T11133] RIP: 0033:0x7f4d6ef8ebe9 [ 283.554574][T11133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.554599][T11133] RSP: 002b:00007f4d6fe21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 283.554623][T11133] RAX: ffffffffffffffda RBX: 00007f4d6f1c5fa0 RCX: 00007f4d6ef8ebe9 [ 283.554639][T11133] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 283.554654][T11133] RBP: 00007f4d6f011e19 R08: 0000000000000000 R09: 0000000000000000 [ 283.554668][T11133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.554682][T11133] R13: 00007f4d6f1c6038 R14: 00007f4d6f1c5fa0 R15: 00007fff516be888 [ 283.554717][T11133] [ 283.971627][T11138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 283.982479][T11138] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 283.992763][T11138] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 284.002839][T11138] page_type: f5(slab) [ 284.007718][T11138] raw: 00fff00000000040 ffff88801b842140 0000000000000000 dead000000000001 [ 284.019242][T11138] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 284.027874][T11147] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 284.029634][T11138] head: 00fff00000000040 ffff88801b842140 0000000000000000 dead000000000001 [ 284.051730][T11138] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 284.063493][T11138] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 284.074009][T11138] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 284.084543][T11138] page dumped because: unmovable page [ 284.091011][T11138] page_owner tracks the page as allocated [ 284.098336][T11138] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5245, tgid 5245 (udevd), ts 35485846457, free_ts 29274866380 [ 284.127858][T11138] post_alloc_hook+0x1c0/0x230 [ 284.133680][T11138] get_page_from_freelist+0x132b/0x38e0 [ 284.140358][T11138] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 284.181756][T11138] alloc_pages_mpol+0x1fb/0x550 [ 284.187923][T11138] new_slab+0x247/0x330 [ 284.197364][T11138] ___slab_alloc+0xcf2/0x1740 [ 284.257699][T11138] __slab_alloc.constprop.0+0x56/0xb0 [ 284.298121][T11138] __kmalloc_noprof+0x2f2/0x510 [ 284.300008][T11152] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2057'. [ 284.311002][T11138] tomoyo_realpath_from_path+0xc2/0x6e0 [ 284.326404][T11138] tomoyo_check_open_permission+0x2ab/0x3c0 [ 284.333617][T11138] tomoyo_file_open+0x6b/0x90 [ 284.339719][T11138] security_file_open+0x84/0x1e0 [ 284.351291][T11138] do_dentry_open+0x596/0x1530 [ 284.360049][T11138] vfs_open+0x82/0x3f0 [ 284.366684][T11138] path_openat+0x1de4/0x2cb0 [ 284.372514][T11138] do_filp_open+0x20b/0x470 [ 284.382886][T11138] page last free pid 1 tgid 1 stack trace: [ 284.433496][T11138] __free_frozen_pages+0x7d5/0x10f0 [ 284.439921][T11138] free_contig_range+0x183/0x4b0 [ 284.452036][T11138] destroy_args+0x794/0xc10 [ 284.457623][T11138] debug_vm_pgtable+0x1a32/0x3640 [ 284.463797][T11138] do_one_initcall+0x120/0x6e0 [ 284.470458][T11138] kernel_init_freeable+0x5c2/0x910 [ 284.480796][T11138] kernel_init+0x1c/0x2b0 [ 284.486703][T11138] ret_from_fork+0x5d7/0x6f0 [ 284.492574][T11138] ret_from_fork_asm+0x1a/0x30 [ 284.566968][T11154] zswap: compressor not available [ 284.909279][T11170] net_ratelimit: 344 callbacks suppressed [ 284.909302][T11170] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 284.928691][T11171] netlink: 302 bytes leftover after parsing attributes in process `syz.5.2063'. [ 284.990233][T11174] netlink: 'syz.2.2065': attribute type 15 has an invalid length. [ 285.018836][T11176] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2067'. [ 285.043378][T11174] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2065'. [ 286.625432][T11218] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2083'. [ 286.972924][T11218] team0: Port device team_slave_1 removed [ 287.636593][T11245] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2091'. [ 288.743184][T11283] netlink: zone id is out of range [ 288.749939][T11283] netlink: zone id is out of range [ 288.762152][T11283] netlink: zone id is out of range [ 288.769321][T11283] netlink: zone id is out of range [ 288.777640][T11283] netlink: zone id is out of range [ 288.784257][T11283] netlink: zone id is out of range [ 288.790505][T11283] netlink: zone id is out of range [ 288.796966][T11283] netlink: zone id is out of range [ 288.803326][T11283] netlink: zone id is out of range [ 288.872175][T11281] Format for adding new port is "id [perm_addr]" (uint MAC). [ 289.347915][T11298] FAULT_INJECTION: forcing a failure. [ 289.347915][T11298] name failslab, interval 1, probability 0, space 0, times 0 [ 289.363346][T11298] CPU: 1 UID: 0 PID: 11298 Comm: syz.3.2106 Tainted: G I syzkaller #0 PREEMPT(full) [ 289.363373][T11298] Tainted: [I]=FIRMWARE_WORKAROUND [ 289.363380][T11298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 289.363389][T11298] Call Trace: [ 289.363394][T11298] [ 289.363400][T11298] dump_stack_lvl+0x16c/0x1f0 [ 289.363425][T11298] should_fail_ex+0x512/0x640 [ 289.363446][T11298] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 289.363463][T11298] should_failslab+0xc2/0x120 [ 289.363482][T11298] __kmalloc_cache_noprof+0x6a/0x3e0 [ 289.363498][T11298] ? userio_char_open+0x45/0x210 [ 289.363519][T11298] ? __pfx_userio_char_open+0x10/0x10 [ 289.363535][T11298] userio_char_open+0x45/0x210 [ 289.363552][T11298] ? __pfx_userio_char_open+0x10/0x10 [ 289.363569][T11298] misc_open+0x35d/0x420 [ 289.363585][T11298] ? __pfx_misc_open+0x10/0x10 [ 289.363599][T11298] chrdev_open+0x231/0x6a0 [ 289.363620][T11298] ? __pfx_chrdev_open+0x10/0x10 [ 289.363639][T11298] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 289.363659][T11298] do_dentry_open+0x97f/0x1530 [ 289.363677][T11298] ? __pfx_chrdev_open+0x10/0x10 [ 289.363706][T11298] vfs_open+0x82/0x3f0 [ 289.363730][T11298] path_openat+0x1de4/0x2cb0 [ 289.363754][T11298] ? __pfx_path_openat+0x10/0x10 [ 289.363775][T11298] do_filp_open+0x20b/0x470 [ 289.363793][T11298] ? __pfx_do_filp_open+0x10/0x10 [ 289.363823][T11298] ? alloc_fd+0x471/0x7d0 [ 289.363844][T11298] do_sys_openat2+0x11b/0x1d0 [ 289.363864][T11298] ? __pfx_do_sys_openat2+0x10/0x10 [ 289.363893][T11298] __x64_sys_openat+0x174/0x210 [ 289.363914][T11298] ? __pfx___x64_sys_openat+0x10/0x10 [ 289.363943][T11298] do_syscall_64+0xcd/0x490 [ 289.363964][T11298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.363979][T11298] RIP: 0033:0x7f108258ebe9 [ 289.363990][T11298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.364004][T11298] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 289.364018][T11298] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 289.364027][T11298] RDX: 0000000000002000 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 289.364036][T11298] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 289.364045][T11298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.364054][T11298] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 289.364073][T11298] [ 290.284848][T11317] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2115'. [ 290.500886][T11328] FAULT_INJECTION: forcing a failure. [ 290.500886][T11328] name failslab, interval 1, probability 0, space 0, times 0 [ 290.518926][T11328] CPU: 1 UID: 0 PID: 11328 Comm: syz.3.2119 Tainted: G I syzkaller #0 PREEMPT(full) [ 290.518970][T11328] Tainted: [I]=FIRMWARE_WORKAROUND [ 290.518980][T11328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 290.518994][T11328] Call Trace: [ 290.519003][T11328] [ 290.519014][T11328] dump_stack_lvl+0x16c/0x1f0 [ 290.519054][T11328] should_fail_ex+0x512/0x640 [ 290.519089][T11328] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 290.519125][T11328] ? __pfx_nst_fop_open+0x10/0x10 [ 290.519158][T11328] should_failslab+0xc2/0x120 [ 290.519191][T11328] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 290.519220][T11328] ? rcu_is_watching+0x12/0xc0 [ 290.519246][T11328] ? seq_open+0x55/0x170 [ 290.519285][T11328] ? __pfx_nst_fop_open+0x10/0x10 [ 290.519319][T11328] seq_open+0x55/0x170 [ 290.519354][T11328] __seq_open_private+0x3e/0xd0 [ 290.519394][T11328] nst_fop_open+0x24/0x120 [ 290.519429][T11328] full_proxy_open_regular+0x1b9/0x360 [ 290.519459][T11328] do_dentry_open+0x97f/0x1530 [ 290.519491][T11328] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 290.519524][T11328] vfs_open+0x82/0x3f0 [ 290.519565][T11328] path_openat+0x1de4/0x2cb0 [ 290.519607][T11328] ? __pfx_path_openat+0x10/0x10 [ 290.519646][T11328] do_filp_open+0x20b/0x470 [ 290.519674][T11328] ? __pfx_do_filp_open+0x10/0x10 [ 290.519729][T11328] ? alloc_fd+0x471/0x7d0 [ 290.519773][T11328] do_sys_openat2+0x11b/0x1d0 [ 290.519811][T11328] ? __pfx_do_sys_openat2+0x10/0x10 [ 290.519865][T11328] __x64_sys_openat+0x174/0x210 [ 290.519902][T11328] ? __pfx___x64_sys_openat+0x10/0x10 [ 290.519955][T11328] do_syscall_64+0xcd/0x490 [ 290.519992][T11328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.520018][T11328] RIP: 0033:0x7f108258ebe9 [ 290.520040][T11328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 290.520065][T11328] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 290.520090][T11328] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 290.520109][T11328] RDX: 0000000000101080 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 290.520126][T11328] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 290.520142][T11328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 290.520157][T11328] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 290.520188][T11328] [ 291.930322][T11369] FAULT_INJECTION: forcing a failure. [ 291.930322][T11369] name failslab, interval 1, probability 0, space 0, times 0 [ 291.949354][T11369] CPU: 0 UID: 0 PID: 11369 Comm: syz.3.2135 Tainted: G I syzkaller #0 PREEMPT(full) [ 291.949399][T11369] Tainted: [I]=FIRMWARE_WORKAROUND [ 291.949410][T11369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 291.949425][T11369] Call Trace: [ 291.949434][T11369] [ 291.949445][T11369] dump_stack_lvl+0x16c/0x1f0 [ 291.949493][T11369] should_fail_ex+0x512/0x640 [ 291.949529][T11369] ? fs_reclaim_acquire+0xae/0x150 [ 291.949570][T11369] should_failslab+0xc2/0x120 [ 291.949603][T11369] __kmalloc_cache_noprof+0x6a/0x3e0 [ 291.949631][T11369] ? __lock_acquire+0x62e/0x1ce0 [ 291.949661][T11369] ? usb_control_msg+0xbc/0x4a0 [ 291.949700][T11369] usb_control_msg+0xbc/0x4a0 [ 291.949735][T11369] ? __pfx_usb_control_msg+0x10/0x10 [ 291.949780][T11369] hub_ext_port_status+0x14e/0x670 [ 291.949825][T11369] hub_activate+0x6e5/0x1d60 [ 291.949870][T11369] ? __pfx_hub_activate+0x10/0x10 [ 291.949901][T11369] ? find_held_lock+0x2b/0x80 [ 291.949926][T11369] ? proc_do_submiturb+0x16e0/0x3b10 [ 291.949968][T11369] hub_resume+0xa8/0x3f0 [ 291.950001][T11369] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 291.950037][T11369] ? __pfx_hub_resume+0x10/0x10 [ 291.950070][T11369] ? __pfx_hcd_bus_resume+0x10/0x10 [ 291.950108][T11369] usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0 [ 291.950140][T11369] usb_resume_both+0x273/0x800 [ 291.950169][T11369] ? __pfx_usb_resume_both+0x10/0x10 [ 291.950196][T11369] ? __pfx_usb_runtime_resume+0x10/0x10 [ 291.950227][T11369] ? __pfx_usb_runtime_resume+0x10/0x10 [ 291.950257][T11369] __rpm_callback+0xc8/0x610 [ 291.950293][T11369] ? __pfx_usb_runtime_resume+0x10/0x10 [ 291.950322][T11369] rpm_callback+0x1b7/0x200 [ 291.950354][T11369] ? __pfx_usb_runtime_resume+0x10/0x10 [ 291.950382][T11369] rpm_resume+0xd0a/0x1310 [ 291.950426][T11369] ? __pfx_rpm_resume+0x10/0x10 [ 291.950456][T11369] ? do_raw_spin_lock+0x12c/0x2b0 [ 291.950503][T11369] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 291.950556][T11369] __pm_runtime_resume+0xb6/0x170 [ 291.950595][T11369] usb_autoresume_device+0x23/0xe0 [ 291.950626][T11369] usbdev_open+0x228/0x8b0 [ 291.950657][T11369] ? kobject_get_unless_zero+0x156/0x1e0 [ 291.950693][T11369] ? __pfx_usbdev_open+0x10/0x10 [ 291.950721][T11369] ? chrdev_open+0x10b/0x6a0 [ 291.950759][T11369] ? __pfx_usbdev_open+0x10/0x10 [ 291.950787][T11369] chrdev_open+0x231/0x6a0 [ 291.950818][T11369] ? __pfx_apparmor_file_open+0x10/0x10 [ 291.950846][T11369] ? __pfx_chrdev_open+0x10/0x10 [ 291.950881][T11369] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 291.950916][T11369] do_dentry_open+0x97f/0x1530 [ 291.950950][T11369] ? __pfx_chrdev_open+0x10/0x10 [ 291.950990][T11369] vfs_open+0x82/0x3f0 [ 291.951031][T11369] path_openat+0x1de4/0x2cb0 [ 291.951075][T11369] ? __pfx_path_openat+0x10/0x10 [ 291.951116][T11369] do_filp_open+0x20b/0x470 [ 291.951147][T11369] ? __pfx_do_filp_open+0x10/0x10 [ 291.951206][T11369] ? alloc_fd+0x471/0x7d0 [ 291.951249][T11369] do_sys_openat2+0x11b/0x1d0 [ 291.951286][T11369] ? __pfx_do_sys_openat2+0x10/0x10 [ 291.951340][T11369] __x64_sys_openat+0x174/0x210 [ 291.951380][T11369] ? __pfx___x64_sys_openat+0x10/0x10 [ 291.951434][T11369] do_syscall_64+0xcd/0x490 [ 291.951471][T11369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.951502][T11369] RIP: 0033:0x7f108258ebe9 [ 291.951523][T11369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 291.951549][T11369] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 291.951574][T11369] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 291.951592][T11369] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 291.951608][T11369] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 291.951623][T11369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 291.951637][T11369] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 291.951673][T11369] [ 291.951691][T11369] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 292.449919][T11375] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2137'. [ 292.925783][T11389] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2143'. [ 293.486069][T11403] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2150'. [ 293.849172][T11400] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2148'. [ 293.977550][T11419] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2155'. [ 295.950690][T11473] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2180'. [ 295.957890][T11477] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2182'. [ 296.390607][T11485] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2185'. [ 297.473167][ T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 297.989379][T11519] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2198'. [ 301.579217][T11610] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2232'. [ 301.590263][T11610] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 301.613179][T11610] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 301.654313][T11610] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 301.676249][T11610] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 302.177176][T11629] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2240'. [ 302.675193][T11642] netlink: 'syz.3.2246': attribute type 11 has an invalid length. [ 302.914072][ T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 302.959498][T11651] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2251'. [ 302.985039][T11651] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2251'. [ 303.187269][T11658] device-mapper: ioctl: Unable to rename non-existent device,  to „ [ 303.348625][T11664] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2254'. [ 303.764679][T11678] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 303.797364][T11680] netlink: 'syz.2.2266': attribute type 27 has an invalid length. [ 303.827766][T11680] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2266'. [ 304.131812][T11696] FAULT_INJECTION: forcing a failure. [ 304.131812][T11696] name failslab, interval 1, probability 0, space 0, times 0 [ 304.147662][T11696] CPU: 1 UID: 0 PID: 11696 Comm: syz.4.2273 Tainted: G I syzkaller #0 PREEMPT(full) [ 304.147707][T11696] Tainted: [I]=FIRMWARE_WORKAROUND [ 304.147718][T11696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 304.147733][T11696] Call Trace: [ 304.147742][T11696] [ 304.147753][T11696] dump_stack_lvl+0x16c/0x1f0 [ 304.147792][T11696] should_fail_ex+0x512/0x640 [ 304.147828][T11696] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 304.147859][T11696] should_failslab+0xc2/0x120 [ 304.147893][T11696] __kmalloc_cache_noprof+0x6a/0x3e0 [ 304.147921][T11696] ? open_substream+0xec/0x990 [ 304.147950][T11696] ? _raw_spin_unlock_irq+0x23/0x50 [ 304.147984][T11696] open_substream+0xec/0x990 [ 304.148018][T11696] rawmidi_open_priv+0x543/0x6e0 [ 304.148054][T11696] snd_rawmidi_open+0x4cc/0xbf0 [ 304.148091][T11696] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 304.148123][T11696] ? __pfx_default_wake_function+0x10/0x10 [ 304.148153][T11696] ? kobject_get_unless_zero+0x156/0x1e0 [ 304.148192][T11696] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 304.148222][T11696] snd_open+0x22a/0x4c0 [ 304.148258][T11696] ? __pfx_snd_open+0x10/0x10 [ 304.148291][T11696] chrdev_open+0x231/0x6a0 [ 304.148322][T11696] ? __pfx_apparmor_file_open+0x10/0x10 [ 304.148350][T11696] ? __pfx_chrdev_open+0x10/0x10 [ 304.148385][T11696] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 304.148422][T11696] do_dentry_open+0x97f/0x1530 [ 304.148454][T11696] ? __pfx_chrdev_open+0x10/0x10 [ 304.148494][T11696] vfs_open+0x82/0x3f0 [ 304.148535][T11696] path_openat+0x1de4/0x2cb0 [ 304.148577][T11696] ? __pfx_path_openat+0x10/0x10 [ 304.148627][T11696] do_filp_open+0x20b/0x470 [ 304.148658][T11696] ? __pfx_do_filp_open+0x10/0x10 [ 304.148717][T11696] ? alloc_fd+0x471/0x7d0 [ 304.148756][T11696] do_sys_openat2+0x11b/0x1d0 [ 304.148792][T11696] ? __pfx_do_sys_openat2+0x10/0x10 [ 304.148841][T11696] __x64_sys_openat+0x174/0x210 [ 304.148876][T11696] ? __pfx___x64_sys_openat+0x10/0x10 [ 304.148926][T11696] do_syscall_64+0xcd/0x490 [ 304.148961][T11696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.148987][T11696] RIP: 0033:0x7f4d6ef8ebe9 [ 304.149008][T11696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.149033][T11696] RSP: 002b:00007f4d6fe21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 304.149058][T11696] RAX: ffffffffffffffda RBX: 00007f4d6f1c5fa0 RCX: 00007f4d6ef8ebe9 [ 304.149076][T11696] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 304.149093][T11696] RBP: 00007f4d6f011e19 R08: 0000000000000000 R09: 0000000000000000 [ 304.149109][T11696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 304.149125][T11696] R13: 00007f4d6f1c6038 R14: 00007f4d6f1c5fa0 R15: 00007fff516be888 [ 304.149162][T11696] [ 304.570534][T11702] FAULT_INJECTION: forcing a failure. [ 304.570534][T11702] name failslab, interval 1, probability 0, space 0, times 0 [ 304.587093][T11702] CPU: 0 UID: 0 PID: 11702 Comm: syz.3.2274 Tainted: G I syzkaller #0 PREEMPT(full) [ 304.587135][T11702] Tainted: [I]=FIRMWARE_WORKAROUND [ 304.587146][T11702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 304.587161][T11702] Call Trace: [ 304.587170][T11702] [ 304.587179][T11702] dump_stack_lvl+0x16c/0x1f0 [ 304.587220][T11702] should_fail_ex+0x512/0x640 [ 304.587263][T11702] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 304.587300][T11702] should_failslab+0xc2/0x120 [ 304.587333][T11702] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 304.587366][T11702] ? fcntl_dirnotify+0x23b/0xb60 [ 304.587405][T11702] fcntl_dirnotify+0x23b/0xb60 [ 304.587446][T11702] do_fcntl+0xe62/0x15a0 [ 304.587481][T11702] ? __pfx_do_fcntl+0x10/0x10 [ 304.587521][T11702] ? tomoyo_file_fcntl+0x6c/0xc0 [ 304.587550][T11702] __x64_sys_fcntl+0x163/0x200 [ 304.587591][T11702] do_syscall_64+0xcd/0x490 [ 304.587629][T11702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.587655][T11702] RIP: 0033:0x7f108258ebe9 [ 304.587676][T11702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.587700][T11702] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 304.587725][T11702] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 304.587743][T11702] RDX: 0000000000000002 RSI: 0000000000000402 RDI: 0000000000000003 [ 304.587758][T11702] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 304.587774][T11702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 304.587788][T11702] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 304.587824][T11702] [ 305.402862][T11723] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2284'. [ 305.825325][T11736] netlink: 'syz.3.2290': attribute type 4 has an invalid length. [ 305.846830][T11736] netlink: 314 bytes leftover after parsing attributes in process `syz.3.2290'. [ 306.196013][T11751] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2296'. [ 306.684802][T11757] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2298'. [ 307.208924][T11768] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2303'. [ 307.729116][T11784] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2309'. [ 308.205347][T11809] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2320'. [ 308.218163][T11809] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2320'. [ 308.413569][T11813] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2323'. [ 308.712169][T11825] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2328'. [ 308.748649][T11825] netlink: 354 bytes leftover after parsing attributes in process `syz.5.2328'. [ 309.000539][ T5865] Bluetooth: hci2: command 0x0406 tx timeout [ 309.107036][T11838] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2333'. [ 309.130017][T11838] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2333'. [ 312.516772][T11917] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 313.961576][T11970] zswap: compressor ´ëQz"ôzfƒk not available [ 315.059876][T12018] __nla_validate_parse: 4 callbacks suppressed [ 315.059897][T12018] netlink: 206 bytes leftover after parsing attributes in process `syz.5.2408'. [ 315.761201][T12043] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2419'. [ 315.983737][T12052] FAULT_INJECTION: forcing a failure. [ 315.983737][T12052] name failslab, interval 1, probability 0, space 0, times 0 [ 316.018980][T12052] CPU: 1 UID: 0 PID: 12052 Comm: syz.5.2421 Tainted: G I syzkaller #0 PREEMPT(full) [ 316.019025][T12052] Tainted: [I]=FIRMWARE_WORKAROUND [ 316.019036][T12052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 316.019052][T12052] Call Trace: [ 316.019061][T12052] [ 316.019072][T12052] dump_stack_lvl+0x16c/0x1f0 [ 316.019114][T12052] should_fail_ex+0x512/0x640 [ 316.019150][T12052] ? __kmalloc_noprof+0xbf/0x510 [ 316.019183][T12052] ? memcg_list_lru_alloc+0x4e9/0x740 [ 316.019212][T12052] should_failslab+0xc2/0x120 [ 316.019245][T12052] __kmalloc_noprof+0xd2/0x510 [ 316.019272][T12052] ? __lock_acquire+0x62e/0x1ce0 [ 316.019313][T12052] memcg_list_lru_alloc+0x4e9/0x740 [ 316.019352][T12052] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 316.019391][T12052] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 316.019434][T12052] __memcg_slab_post_alloc_hook+0x133/0x960 [ 316.019477][T12052] ? kasan_save_track+0x14/0x30 [ 316.019508][T12052] kmem_cache_alloc_lru_noprof+0x30f/0x3b0 [ 316.019535][T12052] ? find_held_lock+0x2b/0x80 [ 316.019556][T12052] ? alloc_inode+0xc3/0x240 [ 316.019586][T12052] ? alloc_fd+0x471/0x7d0 [ 316.019613][T12052] alloc_inode+0xc3/0x240 [ 316.019647][T12052] alloc_anon_inode+0x28/0x3e0 [ 316.019674][T12052] ? alloc_fd+0x471/0x7d0 [ 316.019700][T12052] anon_inode_make_secure_inode+0x31/0x140 [ 316.019735][T12052] secretmem_file_create.constprop.0+0x43/0x290 [ 316.019769][T12052] __x64_sys_memfd_secret+0xc1/0x150 [ 316.019801][T12052] do_syscall_64+0xcd/0x490 [ 316.019838][T12052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.019860][T12052] RIP: 0033:0x7f865f38ebe9 [ 316.019881][T12052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.019905][T12052] RSP: 002b:00007f866021c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 316.019930][T12052] RAX: ffffffffffffffda RBX: 00007f865f5c6090 RCX: 00007f865f38ebe9 [ 316.019946][T12052] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 316.019961][T12052] RBP: 00007f865f411e19 R08: 0000000000000000 R09: 0000000000000000 [ 316.019977][T12052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.019991][T12052] R13: 00007f865f5c6128 R14: 00007f865f5c6090 R15: 00007ffe3d250278 [ 316.020022][T12052] [ 316.717062][T12069] GUP no longer grows the stack in syz.5.2428 (12069): 14000-18000 (4000) [ 316.728354][T12069] CPU: 0 UID: 0 PID: 12069 Comm: syz.5.2428 Tainted: G I syzkaller #0 PREEMPT(full) [ 316.728397][T12069] Tainted: [I]=FIRMWARE_WORKAROUND [ 316.728407][T12069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 316.728420][T12069] Call Trace: [ 316.728428][T12069] [ 316.728438][T12069] dump_stack_lvl+0x16c/0x1f0 [ 316.728486][T12069] gup_vma_lookup+0x1d2/0x220 [ 316.728526][T12069] __get_user_pages+0x243/0x34a0 [ 316.728570][T12069] ? find_held_lock+0x2b/0x80 [ 316.728594][T12069] ? __pfx___get_user_pages+0x10/0x10 [ 316.728639][T12069] get_user_pages_remote+0x243/0xab0 [ 316.728678][T12069] ? __pfx_get_user_pages_remote+0x10/0x10 [ 316.728713][T12069] ? __pfx___might_resched+0x10/0x10 [ 316.728740][T12069] ? noop_dirty_folio+0x5e/0xb0 [ 316.728779][T12069] __access_remote_vm+0x24d/0x850 [ 316.728817][T12069] ? __pfx___access_remote_vm+0x10/0x10 [ 316.728857][T12069] mem_rw+0x20e/0x640 [ 316.728898][T12069] ? __pfx_mem_write+0x10/0x10 [ 316.728932][T12069] vfs_write+0x29d/0x11d0 [ 316.728963][T12069] ? __pfx___mutex_lock+0x10/0x10 [ 316.728999][T12069] ? __pfx_vfs_write+0x10/0x10 [ 316.729042][T12069] ? __fget_files+0x20e/0x3c0 [ 316.729082][T12069] ksys_write+0x12a/0x250 [ 316.729112][T12069] ? __pfx_ksys_write+0x10/0x10 [ 316.729154][T12069] do_syscall_64+0xcd/0x490 [ 316.729191][T12069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.729214][T12069] RIP: 0033:0x7f865f38ebe9 [ 316.729236][T12069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.729261][T12069] RSP: 002b:00007f866023d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 316.729286][T12069] RAX: ffffffffffffffda RBX: 00007f865f5c5fa0 RCX: 00007f865f38ebe9 [ 316.729304][T12069] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 316.729320][T12069] RBP: 00007f865f411e19 R08: 0000000000000000 R09: 0000000000000000 [ 316.729336][T12069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.729351][T12069] R13: 00007f865f5c6038 R14: 00007f865f5c5fa0 R15: 00007ffe3d250278 [ 316.729390][T12069] [ 316.984955][ C0] vkms_vblank_simulate: vblank timer overrun [ 317.409337][T12080] sctp: [Deprecated]: syz.3.2431 (pid 12080) Use of int in max_burst socket option deprecated. [ 317.409337][T12080] Use struct sctp_assoc_value instead [ 317.666678][T12090] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 317.979927][T12098] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2439'. [ 319.616080][T12151] netlink: 74 bytes leftover after parsing attributes in process `syz.3.2461'. [ 320.325038][T12167] FAULT_INJECTION: forcing a failure. [ 320.325038][T12167] name failslab, interval 1, probability 0, space 0, times 0 [ 320.349074][T12167] CPU: 0 UID: 0 PID: 12167 Comm: syz.4.2466 Tainted: G I syzkaller #0 PREEMPT(full) [ 320.349118][T12167] Tainted: [I]=FIRMWARE_WORKAROUND [ 320.349128][T12167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 320.349143][T12167] Call Trace: [ 320.349151][T12167] [ 320.349161][T12167] dump_stack_lvl+0x16c/0x1f0 [ 320.349202][T12167] should_fail_ex+0x512/0x640 [ 320.349237][T12167] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 320.349268][T12167] should_failslab+0xc2/0x120 [ 320.349301][T12167] __kmalloc_cache_noprof+0x6a/0x3e0 [ 320.349327][T12167] ? vhost_net_open+0x28/0x8a0 [ 320.349360][T12167] ? vhost_net_open+0x6e/0x8a0 [ 320.349398][T12167] ? __pfx_vhost_net_open+0x10/0x10 [ 320.349430][T12167] vhost_net_open+0x6e/0x8a0 [ 320.349464][T12167] ? __pfx_vhost_net_open+0x10/0x10 [ 320.349498][T12167] misc_open+0x35d/0x420 [ 320.349527][T12167] ? __pfx_misc_open+0x10/0x10 [ 320.349553][T12167] chrdev_open+0x231/0x6a0 [ 320.349585][T12167] ? __pfx_apparmor_file_open+0x10/0x10 [ 320.349612][T12167] ? __pfx_chrdev_open+0x10/0x10 [ 320.349645][T12167] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 320.349681][T12167] do_dentry_open+0x97f/0x1530 [ 320.349713][T12167] ? __pfx_chrdev_open+0x10/0x10 [ 320.349753][T12167] vfs_open+0x82/0x3f0 [ 320.349792][T12167] path_openat+0x1de4/0x2cb0 [ 320.349835][T12167] ? __pfx_path_openat+0x10/0x10 [ 320.349889][T12167] do_filp_open+0x20b/0x470 [ 320.349922][T12167] ? __pfx_do_filp_open+0x10/0x10 [ 320.349981][T12167] ? alloc_fd+0x471/0x7d0 [ 320.350020][T12167] do_sys_openat2+0x11b/0x1d0 [ 320.350055][T12167] ? __pfx_do_sys_openat2+0x10/0x10 [ 320.350106][T12167] __x64_sys_openat+0x174/0x210 [ 320.350143][T12167] ? __pfx___x64_sys_openat+0x10/0x10 [ 320.350197][T12167] do_syscall_64+0xcd/0x490 [ 320.350233][T12167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.350259][T12167] RIP: 0033:0x7f4d6ef8ebe9 [ 320.350282][T12167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.350306][T12167] RSP: 002b:00007f4d6fe21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 320.350330][T12167] RAX: ffffffffffffffda RBX: 00007f4d6f1c5fa0 RCX: 00007f4d6ef8ebe9 [ 320.350348][T12167] RDX: 0000000000000100 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 320.350365][T12167] RBP: 00007f4d6f011e19 R08: 0000000000000000 R09: 0000000000000000 [ 320.350381][T12167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 320.350396][T12167] R13: 00007f4d6f1c6038 R14: 00007f4d6f1c5fa0 R15: 00007fff516be888 [ 320.350431][T12167] [ 320.657142][ C0] vkms_vblank_simulate: vblank timer overrun [ 321.035870][T12174] FAULT_INJECTION: forcing a failure. [ 321.035870][T12174] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 321.051675][T12174] CPU: 0 UID: 0 PID: 12174 Comm: syz.5.2476 Tainted: G I syzkaller #0 PREEMPT(full) [ 321.051712][T12174] Tainted: [I]=FIRMWARE_WORKAROUND [ 321.051721][T12174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 321.051733][T12174] Call Trace: [ 321.051741][T12174] [ 321.051750][T12174] dump_stack_lvl+0x16c/0x1f0 [ 321.051788][T12174] should_fail_ex+0x512/0x640 [ 321.051829][T12174] _copy_from_user+0x2e/0xd0 [ 321.051867][T12174] btf_new_fd+0x70a/0x5490 [ 321.051896][T12174] ? __lock_acquire+0xb97/0x1ce0 [ 321.051938][T12174] ? __pfx_btf_new_fd+0x10/0x10 [ 321.051967][T12174] ? aa_get_newest_label+0xd2/0x250 [ 321.051996][T12174] ? apparmor_capable+0x114/0x1d0 [ 321.052026][T12174] ? bpf_lsm_capable+0x9/0x10 [ 321.052056][T12174] ? security_capable+0x7e/0x260 [ 321.052082][T12174] ? ns_capable+0xd7/0x110 [ 321.052112][T12174] __sys_bpf+0x38a/0x4de0 [ 321.052145][T12174] ? __pfx_futex_wake+0x10/0x10 [ 321.052182][T12174] ? __pfx___sys_bpf+0x10/0x10 [ 321.052226][T12174] ? do_futex+0x122/0x350 [ 321.052256][T12174] ? __pfx_do_futex+0x10/0x10 [ 321.052307][T12174] ? xfd_validate_state+0x61/0x180 [ 321.052342][T12174] ? __pfx_do_pwritev+0x10/0x10 [ 321.052376][T12174] __x64_sys_bpf+0x78/0xc0 [ 321.052421][T12174] ? lockdep_hardirqs_on+0x7c/0x110 [ 321.052455][T12174] do_syscall_64+0xcd/0x490 [ 321.052490][T12174] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.052516][T12174] RIP: 0033:0x7f865f38ebe9 [ 321.052537][T12174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.052562][T12174] RSP: 002b:00007f866023d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 321.052587][T12174] RAX: ffffffffffffffda RBX: 00007f865f5c5fa0 RCX: 00007f865f38ebe9 [ 321.052605][T12174] RDX: 0000000000000026 RSI: 0000000000000000 RDI: 0000000000000012 [ 321.052619][T12174] RBP: 00007f865f411e19 R08: 0000000000000000 R09: 0000000000000000 [ 321.052635][T12174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 321.052650][T12174] R13: 00007f865f5c6038 R14: 00007f865f5c5fa0 R15: 00007ffe3d250278 [ 321.052686][T12174] [ 321.371210][T12180] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2469'. [ 321.387856][T12180] veth0_vlan: entered allmulticast mode [ 322.285919][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.295268][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.698888][T12223] netlink: 334 bytes leftover after parsing attributes in process `syz.4.2487'. [ 322.846840][T12227] FAULT_INJECTION: forcing a failure. [ 322.846840][T12227] name failslab, interval 1, probability 0, space 0, times 0 [ 322.882385][T12227] CPU: 1 UID: 0 PID: 12227 Comm: syz.4.2490 Tainted: G I syzkaller #0 PREEMPT(full) [ 322.882428][T12227] Tainted: [I]=FIRMWARE_WORKAROUND [ 322.882438][T12227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 322.882453][T12227] Call Trace: [ 322.882461][T12227] [ 322.882472][T12227] dump_stack_lvl+0x16c/0x1f0 [ 322.882514][T12227] should_fail_ex+0x512/0x640 [ 322.882568][T12227] ? __kvmalloc_node_noprof+0x124/0x620 [ 322.882604][T12227] should_failslab+0xc2/0x120 [ 322.882638][T12227] __kvmalloc_node_noprof+0x137/0x620 [ 322.882665][T12227] ? stack_depot_save_flags+0x29/0x9c0 [ 322.882701][T12227] ? v4l2_ctrl_new+0x97d/0x2180 [ 322.882745][T12227] ? v4l2_ctrl_new+0x97d/0x2180 [ 322.882777][T12227] v4l2_ctrl_new+0x97d/0x2180 [ 322.882815][T12227] ? __ia32_sys_fchown+0x90/0xb0 [ 322.882870][T12227] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 322.882915][T12227] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 322.882954][T12227] v4l2_ctrl_new_std+0x1be/0x290 [ 322.882999][T12227] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 322.883037][T12227] ? rcu_is_watching+0x12/0xc0 [ 322.883064][T12227] ? trace_kmalloc+0x2b/0xd0 [ 322.883097][T12227] ? __kvmalloc_node_noprof+0x298/0x620 [ 322.883128][T12227] ? v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 322.883168][T12227] ? media_request_object_init+0x100/0x180 [ 322.883214][T12227] vicodec_open+0x1d0/0xf90 [ 322.883252][T12227] v4l2_open+0x222/0x490 [ 322.883284][T12227] ? __pfx_v4l2_open+0x10/0x10 [ 322.883315][T12227] chrdev_open+0x231/0x6a0 [ 322.883347][T12227] ? __pfx_apparmor_file_open+0x10/0x10 [ 322.883376][T12227] ? __pfx_chrdev_open+0x10/0x10 [ 322.883411][T12227] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 322.883455][T12227] do_dentry_open+0x97f/0x1530 [ 322.883489][T12227] ? __pfx_chrdev_open+0x10/0x10 [ 322.883535][T12227] vfs_open+0x82/0x3f0 [ 322.883578][T12227] path_openat+0x1de4/0x2cb0 [ 322.883621][T12227] ? __pfx_path_openat+0x10/0x10 [ 322.883661][T12227] do_filp_open+0x20b/0x470 [ 322.883691][T12227] ? __pfx_do_filp_open+0x10/0x10 [ 322.883747][T12227] ? alloc_fd+0x471/0x7d0 [ 322.883785][T12227] do_sys_openat2+0x11b/0x1d0 [ 322.883821][T12227] ? __pfx_do_sys_openat2+0x10/0x10 [ 322.883875][T12227] __x64_sys_openat+0x174/0x210 [ 322.883914][T12227] ? __pfx___x64_sys_openat+0x10/0x10 [ 322.883967][T12227] do_syscall_64+0xcd/0x490 [ 322.884004][T12227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.884030][T12227] RIP: 0033:0x7f4d6ef8ebe9 [ 322.884052][T12227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.884078][T12227] RSP: 002b:00007f4d6fe21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 322.884104][T12227] RAX: ffffffffffffffda RBX: 00007f4d6f1c5fa0 RCX: 00007f4d6ef8ebe9 [ 322.884121][T12227] RDX: 0000000000080002 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 322.884137][T12227] RBP: 00007f4d6f011e19 R08: 0000000000000000 R09: 0000000000000000 [ 322.884152][T12227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 322.884166][T12227] R13: 00007f4d6f1c6038 R14: 00007f4d6f1c5fa0 R15: 00007fff516be888 [ 322.884202][T12227] [ 323.711559][T12256] FAULT_INJECTION: forcing a failure. [ 323.711559][T12256] name failslab, interval 1, probability 0, space 0, times 0 [ 323.726775][T12255] sctp: [Deprecated]: syz.5.2499 (pid 12255) Use of int in max_burst socket option deprecated. [ 323.726775][T12255] Use struct sctp_assoc_value instead [ 323.752138][T12256] CPU: 1 UID: 0 PID: 12256 Comm: syz.2.2503 Tainted: G I syzkaller #0 PREEMPT(full) [ 323.752181][T12256] Tainted: [I]=FIRMWARE_WORKAROUND [ 323.752191][T12256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 323.752206][T12256] Call Trace: [ 323.752215][T12256] [ 323.752225][T12256] dump_stack_lvl+0x16c/0x1f0 [ 323.752264][T12256] should_fail_ex+0x512/0x640 [ 323.752297][T12256] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 323.752325][T12256] should_failslab+0xc2/0x120 [ 323.752356][T12256] __kmalloc_cache_noprof+0x6a/0x3e0 [ 323.752379][T12256] ? mon_bin_open+0x1a8/0x4a0 [ 323.752414][T12256] mon_bin_open+0x1a8/0x4a0 [ 323.752447][T12256] ? __pfx_mon_bin_open+0x10/0x10 [ 323.752479][T12256] chrdev_open+0x231/0x6a0 [ 323.752511][T12256] ? __pfx_chrdev_open+0x10/0x10 [ 323.752542][T12256] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 323.752579][T12256] do_dentry_open+0x97f/0x1530 [ 323.752611][T12256] ? __pfx_chrdev_open+0x10/0x10 [ 323.752651][T12256] vfs_open+0x82/0x3f0 [ 323.752693][T12256] path_openat+0x1de4/0x2cb0 [ 323.752736][T12256] ? __pfx_path_openat+0x10/0x10 [ 323.752784][T12256] do_filp_open+0x20b/0x470 [ 323.752816][T12256] ? __pfx_do_filp_open+0x10/0x10 [ 323.752872][T12256] ? alloc_fd+0x471/0x7d0 [ 323.752912][T12256] do_sys_openat2+0x11b/0x1d0 [ 323.752949][T12256] ? __pfx_do_sys_openat2+0x10/0x10 [ 323.753002][T12256] __x64_sys_openat+0x174/0x210 [ 323.753037][T12256] ? __pfx___x64_sys_openat+0x10/0x10 [ 323.753087][T12256] do_syscall_64+0xcd/0x490 [ 323.753124][T12256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.753149][T12256] RIP: 0033:0x7f182e58ebe9 [ 323.753169][T12256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.753194][T12256] RSP: 002b:00007f182f38a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 323.753219][T12256] RAX: ffffffffffffffda RBX: 00007f182e7c5fa0 RCX: 00007f182e58ebe9 [ 323.753235][T12256] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 323.753253][T12256] RBP: 00007f182e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 323.753268][T12256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 323.753282][T12256] R13: 00007f182e7c6038 R14: 00007f182e7c5fa0 R15: 00007ffe706ed3b8 [ 323.753318][T12256] [ 324.630402][T12277] netlink: 'syz.5.2513': attribute type 1 has an invalid length. [ 325.162928][T12296] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2522'. [ 326.287804][T12336] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2538'. [ 326.824214][T12353] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2546'. [ 326.974452][T12357] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2547'. [ 328.228718][T12383] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2556'. [ 329.332592][T12420] sctp: [Deprecated]: syz.2.2570 (pid 12420) Use of int in max_burst socket option deprecated. [ 329.332592][T12420] Use struct sctp_assoc_value instead [ 329.435594][T12426] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2573'. [ 330.077128][T12449] sctp: [Deprecated]: syz.4.2584 (pid 12449) Use of int in max_burst socket option deprecated. [ 330.077128][T12449] Use struct sctp_assoc_value instead [ 330.201593][T12458] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2589'. [ 330.219338][T12458] netlink: 354 bytes leftover after parsing attributes in process `syz.5.2589'. [ 331.285226][T12494] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2605'. [ 332.347337][T12536] netlink: 'syz.3.2623': attribute type 2 has an invalid length. [ 332.381957][T12536] netlink: 'syz.3.2623': attribute type 2 has an invalid length. [ 332.781802][T12551] lo: entered allmulticast mode [ 332.847550][T12553] lo: left allmulticast mode [ 333.102038][T12559] FAULT_INJECTION: forcing a failure. [ 333.102038][T12559] name failslab, interval 1, probability 0, space 0, times 0 [ 333.123102][T12559] CPU: 0 UID: 0 PID: 12559 Comm: syz.3.2632 Tainted: G I syzkaller #0 PREEMPT(full) [ 333.123143][T12559] Tainted: [I]=FIRMWARE_WORKAROUND [ 333.123153][T12559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 333.123165][T12559] Call Trace: [ 333.123174][T12559] [ 333.123184][T12559] dump_stack_lvl+0x16c/0x1f0 [ 333.123224][T12559] should_fail_ex+0x512/0x640 [ 333.123257][T12559] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 333.123285][T12559] should_failslab+0xc2/0x120 [ 333.123316][T12559] __kmalloc_cache_noprof+0x6a/0x3e0 [ 333.123342][T12559] ? snd_seq_pool_new+0x44/0x230 [ 333.123371][T12559] ? __pfx_snd_seq_open+0x10/0x10 [ 333.123407][T12559] snd_seq_pool_new+0x44/0x230 [ 333.123433][T12559] seq_create_client1+0x66/0x5e0 [ 333.123472][T12559] ? __pfx_snd_seq_open+0x10/0x10 [ 333.123506][T12559] snd_seq_open+0x59/0x550 [ 333.123541][T12559] ? __pfx_snd_seq_open+0x10/0x10 [ 333.123574][T12559] snd_open+0x22a/0x4c0 [ 333.123607][T12559] ? __pfx_snd_open+0x10/0x10 [ 333.123641][T12559] chrdev_open+0x231/0x6a0 [ 333.123671][T12559] ? __pfx_apparmor_file_open+0x10/0x10 [ 333.123700][T12559] ? __pfx_chrdev_open+0x10/0x10 [ 333.123731][T12559] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 333.123766][T12559] do_dentry_open+0x97f/0x1530 [ 333.123797][T12559] ? __pfx_chrdev_open+0x10/0x10 [ 333.123837][T12559] vfs_open+0x82/0x3f0 [ 333.123878][T12559] path_openat+0x1de4/0x2cb0 [ 333.123929][T12559] ? __pfx_path_openat+0x10/0x10 [ 333.123985][T12559] do_filp_open+0x20b/0x470 [ 333.124018][T12559] ? __pfx_do_filp_open+0x10/0x10 [ 333.124076][T12559] ? alloc_fd+0x471/0x7d0 [ 333.124114][T12559] do_sys_openat2+0x11b/0x1d0 [ 333.124150][T12559] ? __pfx_do_sys_openat2+0x10/0x10 [ 333.124200][T12559] __x64_sys_openat+0x174/0x210 [ 333.124236][T12559] ? __pfx___x64_sys_openat+0x10/0x10 [ 333.124289][T12559] do_syscall_64+0xcd/0x490 [ 333.124325][T12559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.124350][T12559] RIP: 0033:0x7f108258ebe9 [ 333.124371][T12559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.124394][T12559] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 333.124419][T12559] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 333.124436][T12559] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 333.124450][T12559] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 333.124465][T12559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.124479][T12559] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 333.124515][T12559] [ 333.158947][T12561] FAULT_INJECTION: forcing a failure. [ 333.158947][T12561] name failslab, interval 1, probability 0, space 0, times 0 [ 333.483070][T12561] CPU: 0 UID: 0 PID: 12561 Comm: syz.5.2639 Tainted: G I syzkaller #0 PREEMPT(full) [ 333.483112][T12561] Tainted: [I]=FIRMWARE_WORKAROUND [ 333.483120][T12561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 333.483133][T12561] Call Trace: [ 333.483142][T12561] [ 333.483151][T12561] dump_stack_lvl+0x16c/0x1f0 [ 333.483187][T12561] should_fail_ex+0x512/0x640 [ 333.483221][T12561] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 333.483252][T12561] should_failslab+0xc2/0x120 [ 333.483280][T12561] __kmalloc_cache_noprof+0x6a/0x3e0 [ 333.483302][T12561] ? vhost_vsock_dev_open+0x26/0x390 [ 333.483336][T12561] ? vhost_vsock_dev_open+0x6c/0x390 [ 333.483372][T12561] ? __pfx_vhost_vsock_dev_open+0x10/0x10 [ 333.483406][T12561] vhost_vsock_dev_open+0x6c/0x390 [ 333.483439][T12561] ? __pfx_vhost_vsock_dev_open+0x10/0x10 [ 333.483474][T12561] misc_open+0x35d/0x420 [ 333.483503][T12561] ? __pfx_misc_open+0x10/0x10 [ 333.483529][T12561] chrdev_open+0x231/0x6a0 [ 333.483559][T12561] ? __pfx_apparmor_file_open+0x10/0x10 [ 333.483587][T12561] ? __pfx_chrdev_open+0x10/0x10 [ 333.483619][T12561] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 333.483653][T12561] do_dentry_open+0x97f/0x1530 [ 333.483687][T12561] ? __pfx_chrdev_open+0x10/0x10 [ 333.483723][T12561] vfs_open+0x82/0x3f0 [ 333.483762][T12561] path_openat+0x1de4/0x2cb0 [ 333.483803][T12561] ? __pfx_path_openat+0x10/0x10 [ 333.483842][T12561] do_filp_open+0x20b/0x470 [ 333.483872][T12561] ? __pfx_do_filp_open+0x10/0x10 [ 333.483932][T12561] ? alloc_fd+0x471/0x7d0 [ 333.483968][T12561] do_sys_openat2+0x11b/0x1d0 [ 333.484004][T12561] ? __pfx_do_sys_openat2+0x10/0x10 [ 333.484054][T12561] __x64_sys_openat+0x174/0x210 [ 333.484090][T12561] ? __pfx___x64_sys_openat+0x10/0x10 [ 333.484143][T12561] do_syscall_64+0xcd/0x490 [ 333.484177][T12561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.484202][T12561] RIP: 0033:0x7f865f38ebe9 [ 333.484222][T12561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.484245][T12561] RSP: 002b:00007f866023d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 333.484269][T12561] RAX: ffffffffffffffda RBX: 00007f865f5c5fa0 RCX: 00007f865f38ebe9 [ 333.484285][T12561] RDX: 0000000000080000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 333.484299][T12561] RBP: 00007f865f411e19 R08: 0000000000000000 R09: 0000000000000000 [ 333.484313][T12561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.484326][T12561] R13: 00007f865f5c6038 R14: 00007f865f5c5fa0 R15: 00007ffe3d250278 [ 333.484359][T12561] [ 333.891757][T12570] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2634'. [ 334.577036][T12589] HfR: entered promiscuous mode [ 334.643478][T12589] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2642'. [ 334.694261][T12589] HfR: left promiscuous mode [ 335.628324][T12620] FAULT_INJECTION: forcing a failure. [ 335.628324][T12620] name failslab, interval 1, probability 0, space 0, times 0 [ 335.713265][T12620] CPU: 0 UID: 0 PID: 12620 Comm: syz.5.2654 Tainted: G I syzkaller #0 PREEMPT(full) [ 335.713309][T12620] Tainted: [I]=FIRMWARE_WORKAROUND [ 335.713320][T12620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 335.713335][T12620] Call Trace: [ 335.713343][T12620] [ 335.713352][T12620] dump_stack_lvl+0x16c/0x1f0 [ 335.713391][T12620] should_fail_ex+0x512/0x640 [ 335.713423][T12620] ? __kmalloc_noprof+0xbf/0x510 [ 335.713454][T12620] ? __seq_open_private+0x22/0xd0 [ 335.713493][T12620] should_failslab+0xc2/0x120 [ 335.713525][T12620] __kmalloc_noprof+0xd2/0x510 [ 335.713561][T12620] ? __pfx_stats_fop_open+0x10/0x10 [ 335.713596][T12620] __seq_open_private+0x22/0xd0 [ 335.713634][T12620] sc_common_open+0x6b/0x200 [ 335.713670][T12620] full_proxy_open_regular+0x1b9/0x360 [ 335.713706][T12620] do_dentry_open+0x97f/0x1530 [ 335.713738][T12620] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 335.713770][T12620] vfs_open+0x82/0x3f0 [ 335.713809][T12620] path_openat+0x1de4/0x2cb0 [ 335.713848][T12620] ? __pfx_path_openat+0x10/0x10 [ 335.713882][T12620] do_filp_open+0x20b/0x470 [ 335.713909][T12620] ? __pfx_do_filp_open+0x10/0x10 [ 335.713967][T12620] ? alloc_fd+0x471/0x7d0 [ 335.714005][T12620] do_sys_openat2+0x11b/0x1d0 [ 335.714043][T12620] ? __pfx_do_sys_openat2+0x10/0x10 [ 335.714096][T12620] __x64_sys_openat+0x174/0x210 [ 335.714135][T12620] ? __pfx___x64_sys_openat+0x10/0x10 [ 335.714187][T12620] do_syscall_64+0xcd/0x490 [ 335.714224][T12620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.714251][T12620] RIP: 0033:0x7f865f38ebe9 [ 335.714273][T12620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 335.714298][T12620] RSP: 002b:00007f866023d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 335.714321][T12620] RAX: ffffffffffffffda RBX: 00007f865f5c5fa0 RCX: 00007f865f38ebe9 [ 335.714340][T12620] RDX: 0000000000145440 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 335.714357][T12620] RBP: 00007f865f411e19 R08: 0000000000000000 R09: 0000000000000000 [ 335.714373][T12620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.714388][T12620] R13: 00007f865f5c6038 R14: 00007f865f5c5fa0 R15: 00007ffe3d250278 [ 335.714421][T12620] [ 336.096247][T12626] FAULT_INJECTION: forcing a failure. [ 336.096247][T12626] name failslab, interval 1, probability 0, space 0, times 0 [ 336.111795][T12626] CPU: 1 UID: 0 PID: 12626 Comm: syz.3.2657 Tainted: G I syzkaller #0 PREEMPT(full) [ 336.111840][T12626] Tainted: [I]=FIRMWARE_WORKAROUND [ 336.111850][T12626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 336.111865][T12626] Call Trace: [ 336.111874][T12626] [ 336.111884][T12626] dump_stack_lvl+0x16c/0x1f0 [ 336.111923][T12626] should_fail_ex+0x512/0x640 [ 336.111958][T12626] ? __kmalloc_noprof+0xbf/0x510 [ 336.111992][T12626] ? sk_prot_alloc+0x1a8/0x2a0 [ 336.112014][T12626] should_failslab+0xc2/0x120 [ 336.112047][T12626] __kmalloc_noprof+0xd2/0x510 [ 336.112086][T12626] sk_prot_alloc+0x1a8/0x2a0 [ 336.112112][T12626] sk_alloc+0x36/0xc20 [ 336.112145][T12626] pppol2tp_create+0x32/0x250 [ 336.112183][T12626] pppox_create+0x159/0x2c0 [ 336.112217][T12626] __sock_create+0x338/0x8d0 [ 336.112249][T12626] __sys_socket+0x14d/0x260 [ 336.112277][T12626] ? __pfx___sys_socket+0x10/0x10 [ 336.112304][T12626] ? xfd_validate_state+0x61/0x180 [ 336.112338][T12626] ? __pfx_do_pwritev+0x10/0x10 [ 336.112374][T12626] __x64_sys_socket+0x72/0xb0 [ 336.112398][T12626] ? lockdep_hardirqs_on+0x7c/0x110 [ 336.112431][T12626] do_syscall_64+0xcd/0x490 [ 336.112468][T12626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.112494][T12626] RIP: 0033:0x7f108258ebe9 [ 336.112516][T12626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.112542][T12626] RSP: 002b:00007f1083486038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 336.112567][T12626] RAX: ffffffffffffffda RBX: 00007f10827c6090 RCX: 00007f108258ebe9 [ 336.112591][T12626] RDX: 0000000000000001 RSI: 0000000000000005 RDI: 0000000000000018 [ 336.112607][T12626] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 336.112623][T12626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 336.112640][T12626] R13: 00007f10827c6128 R14: 00007f10827c6090 R15: 00007fffe3f9b848 [ 336.112676][T12626] [ 337.669888][T12660] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2668'. [ 339.569398][T12723] netlink: 'syz.4.2691': attribute type 64 has an invalid length. [ 339.611369][T12723] netlink: 74 bytes leftover after parsing attributes in process `syz.4.2691'. [ 340.488110][T12711] kexec: Could not allocate control_code_buffer [ 340.609656][T12737] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2696'. [ 341.187817][T12753] sctp: [Deprecated]: syz.3.2704 (pid 12753) Use of struct sctp_assoc_value in delayed_ack socket option. [ 341.187817][T12753] Use struct sctp_sack_info instead [ 342.389284][T12799] FAULT_INJECTION: forcing a failure. [ 342.389284][T12799] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 342.419654][T12799] CPU: 1 UID: 0 PID: 12799 Comm: syz.3.2725 Tainted: G I syzkaller #0 PREEMPT(full) [ 342.419697][T12799] Tainted: [I]=FIRMWARE_WORKAROUND [ 342.419705][T12799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 342.419720][T12799] Call Trace: [ 342.419729][T12799] [ 342.419740][T12799] dump_stack_lvl+0x16c/0x1f0 [ 342.419788][T12799] should_fail_ex+0x512/0x640 [ 342.419830][T12799] should_fail_alloc_page+0xe7/0x130 [ 342.419867][T12799] prepare_alloc_pages+0x3c2/0x610 [ 342.419902][T12799] ? rcu_is_watching+0x12/0xc0 [ 342.419932][T12799] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 342.419971][T12799] ? __lock_acquire+0x62e/0x1ce0 [ 342.420005][T12799] ? css_rstat_updated+0x1c2/0x510 [ 342.420035][T12799] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 342.420073][T12799] ? rcu_is_watching+0x12/0xc0 [ 342.420108][T12799] ? __lock_acquire+0x62e/0x1ce0 [ 342.420140][T12799] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 342.420179][T12799] ? policy_nodemask+0xea/0x4e0 [ 342.420213][T12799] alloc_pages_mpol+0x1fb/0x550 [ 342.420247][T12799] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 342.420282][T12799] ? filemap_get_entry+0x1a7/0x3b0 [ 342.420320][T12799] folio_alloc_noprof+0x20/0x2d0 [ 342.420356][T12799] filemap_alloc_folio_noprof+0x3a1/0x470 [ 342.420385][T12799] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 342.420426][T12799] ? rcu_is_watching+0x12/0xc0 [ 342.420459][T12799] __filemap_get_folio+0x5e1/0xc30 [ 342.420500][T12799] ioctx_alloc+0x761/0x2120 [ 342.420547][T12799] ? __pfx_ioctx_alloc+0x10/0x10 [ 342.420573][T12799] ? __might_fault+0x13b/0x190 [ 342.420612][T12799] __x64_sys_io_setup+0xc9/0x210 [ 342.420643][T12799] do_syscall_64+0xcd/0x490 [ 342.420685][T12799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.420712][T12799] RIP: 0033:0x7f108258ebe9 [ 342.420749][T12799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 342.420781][T12799] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 342.420806][T12799] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 342.420823][T12799] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 342.420839][T12799] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 342.420855][T12799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 342.420870][T12799] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 342.420906][T12799] [ 342.840233][T12793] zswap: compressor not available [ 343.071473][T12815] FAULT_INJECTION: forcing a failure. [ 343.071473][T12815] name failslab, interval 1, probability 0, space 0, times 0 [ 343.097308][T12815] CPU: 0 UID: 0 PID: 12815 Comm: syz.3.2729 Tainted: G I syzkaller #0 PREEMPT(full) [ 343.097352][T12815] Tainted: [I]=FIRMWARE_WORKAROUND [ 343.097362][T12815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 343.097376][T12815] Call Trace: [ 343.097384][T12815] [ 343.097395][T12815] dump_stack_lvl+0x16c/0x1f0 [ 343.097435][T12815] should_fail_ex+0x512/0x640 [ 343.097470][T12815] ? __kmalloc_noprof+0xbf/0x510 [ 343.097505][T12815] ? __seq_open_private+0x22/0xd0 [ 343.097542][T12815] should_failslab+0xc2/0x120 [ 343.097575][T12815] __kmalloc_noprof+0xd2/0x510 [ 343.097612][T12815] ? __pfx_stats_fop_open+0x10/0x10 [ 343.097647][T12815] __seq_open_private+0x22/0xd0 [ 343.097685][T12815] sc_common_open+0x6b/0x200 [ 343.097721][T12815] full_proxy_open_regular+0x1b9/0x360 [ 343.097758][T12815] do_dentry_open+0x97f/0x1530 [ 343.097793][T12815] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 343.097825][T12815] vfs_open+0x82/0x3f0 [ 343.097867][T12815] path_openat+0x1de4/0x2cb0 [ 343.097910][T12815] ? __pfx_path_openat+0x10/0x10 [ 343.097950][T12815] do_filp_open+0x20b/0x470 [ 343.097981][T12815] ? __pfx_do_filp_open+0x10/0x10 [ 343.098036][T12815] ? alloc_fd+0x471/0x7d0 [ 343.098073][T12815] do_sys_openat2+0x11b/0x1d0 [ 343.098109][T12815] ? __pfx_do_sys_openat2+0x10/0x10 [ 343.098160][T12815] __x64_sys_openat+0x174/0x210 [ 343.098198][T12815] ? __pfx___x64_sys_openat+0x10/0x10 [ 343.098251][T12815] do_syscall_64+0xcd/0x490 [ 343.098288][T12815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.098314][T12815] RIP: 0033:0x7f108258ebe9 [ 343.098334][T12815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.098359][T12815] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 343.098385][T12815] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 343.098402][T12815] RDX: 0000000000145440 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 343.098418][T12815] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 343.098434][T12815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 343.098448][T12815] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 343.098483][T12815] [ 343.575917][T12826] lo: entered allmulticast mode [ 343.678822][T12829] lo: left allmulticast mode [ 344.750012][T12869] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2752'. [ 344.772689][T12871] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2753'. [ 344.833799][ T5865] Bluetooth: hci1: command 0x0406 tx timeout [ 345.156501][T12884] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2760'. [ 345.848629][T12905] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2765'. [ 346.786244][T12926] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2773'. [ 346.971670][T12935] netlink: 'syz.3.2777': attribute type 1 has an invalid length. [ 347.535671][T12947] FAULT_INJECTION: forcing a failure. [ 347.535671][T12947] name failslab, interval 1, probability 0, space 0, times 0 [ 347.555413][T12947] CPU: 0 UID: 0 PID: 12947 Comm: syz.3.2783 Tainted: G I syzkaller #0 PREEMPT(full) [ 347.555457][T12947] Tainted: [I]=FIRMWARE_WORKAROUND [ 347.555467][T12947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 347.555482][T12947] Call Trace: [ 347.555491][T12947] [ 347.555501][T12947] dump_stack_lvl+0x16c/0x1f0 [ 347.555550][T12947] should_fail_ex+0x512/0x640 [ 347.555585][T12947] ? fs_reclaim_acquire+0xae/0x150 [ 347.555627][T12947] ? security_inode_init_security+0x13f/0x390 [ 347.555666][T12947] should_failslab+0xc2/0x120 [ 347.555700][T12947] __kmalloc_noprof+0xd2/0x510 [ 347.555738][T12947] security_inode_init_security+0x13f/0x390 [ 347.555778][T12947] ? __pfx_shmem_initxattrs+0x10/0x10 [ 347.555815][T12947] ? __pfx_security_inode_init_security+0x10/0x10 [ 347.555867][T12947] shmem_mknod+0x22e/0x450 [ 347.555910][T12947] shmem_mkdir+0x31/0x80 [ 347.555948][T12947] vfs_mkdir+0x593/0x8c0 [ 347.555978][T12947] do_mkdirat+0x304/0x3e0 [ 347.556011][T12947] ? __pfx_do_mkdirat+0x10/0x10 [ 347.556045][T12947] ? getname_flags.part.0+0x1c5/0x550 [ 347.556087][T12947] __x64_sys_mkdir+0xef/0x140 [ 347.556119][T12947] do_syscall_64+0xcd/0x490 [ 347.556155][T12947] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.556181][T12947] RIP: 0033:0x7f108258ebe9 [ 347.556202][T12947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.556226][T12947] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 347.556250][T12947] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 347.556268][T12947] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 347.556282][T12947] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 347.556298][T12947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 347.556313][T12947] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 347.556350][T12947] [ 347.833779][T12952] lo: entered allmulticast mode [ 347.908319][T12953] lo: left allmulticast mode [ 349.068285][T12997] netlink: 'syz.5.2800': attribute type 1 has an invalid length. [ 349.139925][T12991] zswap: compressor not available [ 349.403745][ T51] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 349.667740][T13009] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2807'. [ 349.983872][T13017] net_ratelimit: 345 callbacks suppressed [ 349.983897][T13017] openvswitch: netlink: IP tunnel dst address not specified [ 350.208123][T13017] openvswitch: netlink: IP tunnel dst address not specified [ 350.697957][T13032] netlink: 346 bytes leftover after parsing attributes in process `syz.5.2813'. [ 351.118128][T13041] mmap: syz.5.2818 (13041) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 351.308971][ T51] Bluetooth: hci0: ISO packet too small [ 351.328735][T13045] netlink: 'syz.4.2819': attribute type 1 has an invalid length. [ 351.787456][T13065] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2827'. [ 354.419320][T13116] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2848'. [ 354.628769][T13119] netlink: 322 bytes leftover after parsing attributes in process `syz.3.2849'. [ 354.820821][T13126] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2852'. [ 355.086233][T13136] netlink: 146 bytes leftover after parsing attributes in process `syz.2.2855'. [ 357.190839][T13189] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2874'. [ 357.762241][T13203] Process accounting resumed [ 358.226448][T13218] netlink: 334 bytes leftover after parsing attributes in process `syz.4.2885'. [ 358.766713][T13235] FAULT_INJECTION: forcing a failure. [ 358.766713][T13235] name failslab, interval 1, probability 0, space 0, times 0 [ 358.782379][T13235] CPU: 1 UID: 0 PID: 13235 Comm: syz.3.2893 Tainted: G I syzkaller #0 PREEMPT(full) [ 358.782425][T13235] Tainted: [I]=FIRMWARE_WORKAROUND [ 358.782434][T13235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 358.782450][T13235] Call Trace: [ 358.782460][T13235] [ 358.782470][T13235] dump_stack_lvl+0x16c/0x1f0 [ 358.782511][T13235] should_fail_ex+0x512/0x640 [ 358.782554][T13235] ? __kmalloc_noprof+0xbf/0x510 [ 358.782588][T13235] ? vkms_crtc_atomic_check+0x3c5/0x880 [ 358.782616][T13235] should_failslab+0xc2/0x120 [ 358.782649][T13235] __kmalloc_noprof+0xd2/0x510 [ 358.782678][T13235] ? drm_atomic_add_affected_planes+0x32b/0x3f0 [ 358.782714][T13235] vkms_crtc_atomic_check+0x3c5/0x880 [ 358.782752][T13235] ? __pfx_vkms_crtc_atomic_check+0x10/0x10 [ 358.782779][T13235] drm_atomic_helper_check_planes+0x4dd/0x900 [ 358.782828][T13235] drm_atomic_helper_check+0xae/0x190 [ 358.782869][T13235] vkms_atomic_check+0x1d9/0x250 [ 358.782905][T13235] ? __pfx_vkms_atomic_check+0x10/0x10 [ 358.782944][T13235] drm_atomic_check_only+0x19ca/0x3130 [ 358.782990][T13235] drm_atomic_commit+0x136/0x300 [ 358.783017][T13235] ? __pfx_drm_atomic_commit+0x10/0x10 [ 358.783038][T13235] ? __pfx___drm_printfn_info+0x10/0x10 [ 358.783077][T13235] ? drm_client_rotation+0x4da/0x6a0 [ 358.783111][T13235] drm_client_modeset_commit_atomic+0x69d/0x7e0 [ 358.783152][T13235] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 358.783180][T13235] ? rcu_is_watching+0x12/0xc0 [ 358.783241][T13235] drm_client_modeset_commit_locked+0x14d/0x580 [ 358.783275][T13235] drm_client_modeset_commit+0x4f/0x80 [ 358.783304][T13235] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 358.783333][T13235] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 358.783370][T13235] drm_fbdev_client_restore+0x2c/0x40 [ 358.783403][T13235] drm_client_dev_restore+0x1f3/0x2a0 [ 358.783439][T13235] drm_release+0x2c4/0x360 [ 358.783467][T13235] ? __pfx_drm_release+0x10/0x10 [ 358.783490][T13235] __fput+0x3ff/0xb70 [ 358.783543][T13235] task_work_run+0x14d/0x240 [ 358.783586][T13235] ? __pfx_task_work_run+0x10/0x10 [ 358.783626][T13235] ? __pfx___do_sys_close_range+0x10/0x10 [ 358.783667][T13235] exit_to_user_mode_loop+0xeb/0x110 [ 358.783704][T13235] do_syscall_64+0x3f6/0x490 [ 358.783742][T13235] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.783768][T13235] RIP: 0033:0x7f108258ebe9 [ 358.783789][T13235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.783814][T13235] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 358.783838][T13235] RAX: 0000000000000000 RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 358.783855][T13235] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 358.783871][T13235] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 358.783886][T13235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 358.783902][T13235] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 358.783940][T13235] [ 359.761773][T13250] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2900'. [ 359.830424][T13252] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2898'. [ 360.084750][T13259] __vm_enough_memory: pid: 13259, comm: syz.3.2903, bytes: 4398046511104 not enough memory for the allocation [ 360.196620][ T5873] Bluetooth: hci3: command 0x0406 tx timeout [ 360.697907][T13272] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2909'. [ 361.152233][T13287] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2917'. [ 361.241209][T13291] FAULT_INJECTION: forcing a failure. [ 361.241209][T13291] name failslab, interval 1, probability 0, space 0, times 0 [ 361.262096][T13291] CPU: 1 UID: 0 PID: 13291 Comm: syz.3.2918 Tainted: G I syzkaller #0 PREEMPT(full) [ 361.262139][T13291] Tainted: [I]=FIRMWARE_WORKAROUND [ 361.262148][T13291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 361.262164][T13291] Call Trace: [ 361.262172][T13291] [ 361.262182][T13291] dump_stack_lvl+0x16c/0x1f0 [ 361.262221][T13291] should_fail_ex+0x512/0x640 [ 361.262255][T13291] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 361.262297][T13291] should_failslab+0xc2/0x120 [ 361.262332][T13291] __kmalloc_cache_noprof+0x6a/0x3e0 [ 361.262359][T13291] ? kernfs_fop_open+0x244/0xda0 [ 361.262389][T13291] kernfs_fop_open+0x244/0xda0 [ 361.262424][T13291] do_dentry_open+0x97f/0x1530 [ 361.262456][T13291] ? __pfx_kernfs_fop_open+0x10/0x10 [ 361.262487][T13291] vfs_open+0x82/0x3f0 [ 361.262529][T13291] path_openat+0x1de4/0x2cb0 [ 361.262572][T13291] ? __pfx_path_openat+0x10/0x10 [ 361.262611][T13291] do_filp_open+0x20b/0x470 [ 361.262640][T13291] ? __pfx_do_filp_open+0x10/0x10 [ 361.262694][T13291] ? alloc_fd+0x471/0x7d0 [ 361.262733][T13291] do_sys_openat2+0x11b/0x1d0 [ 361.262769][T13291] ? __pfx_do_sys_openat2+0x10/0x10 [ 361.262822][T13291] __x64_sys_openat+0x174/0x210 [ 361.262859][T13291] ? __pfx___x64_sys_openat+0x10/0x10 [ 361.262911][T13291] do_syscall_64+0xcd/0x490 [ 361.262952][T13291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 361.262977][T13291] RIP: 0033:0x7f108258ebe9 [ 361.262998][T13291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 361.263021][T13291] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 361.263045][T13291] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 361.263060][T13291] RDX: 0000000000008502 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 361.263075][T13291] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 361.263089][T13291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 361.263103][T13291] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 361.263138][T13291] [ 361.595818][T13293] netlink: 342 bytes leftover after parsing attributes in process `syz.5.2919'. [ 361.712251][T13295] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2921'. [ 361.886804][T13301] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2923'. [ 362.300274][T13313] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 362.661507][T13317] FAULT_INJECTION: forcing a failure. [ 362.661507][T13317] name failslab, interval 1, probability 0, space 0, times 0 [ 362.678038][T13317] CPU: 1 UID: 0 PID: 13317 Comm: syz.5.2928 Tainted: G I syzkaller #0 PREEMPT(full) [ 362.678083][T13317] Tainted: [I]=FIRMWARE_WORKAROUND [ 362.678093][T13317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 362.678109][T13317] Call Trace: [ 362.678118][T13317] [ 362.678129][T13317] dump_stack_lvl+0x16c/0x1f0 [ 362.678171][T13317] should_fail_ex+0x512/0x640 [ 362.678205][T13317] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 362.678237][T13317] should_failslab+0xc2/0x120 [ 362.678272][T13317] __kmalloc_cache_noprof+0x6a/0x3e0 [ 362.678300][T13317] ? snd_seq_prioq_new+0x3f/0x110 [ 362.678337][T13317] snd_seq_prioq_new+0x3f/0x110 [ 362.678367][T13317] snd_seq_queue_alloc+0x12b/0x5a0 [ 362.678403][T13317] snd_seq_ioctl_create_queue+0xa9/0x380 [ 362.678441][T13317] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 362.678484][T13317] alloc_seq_queue+0xda/0x180 [ 362.678519][T13317] ? __pfx_alloc_seq_queue+0x10/0x10 [ 362.678575][T13317] ? mark_held_locks+0x49/0x80 [ 362.678605][T13317] ? _raw_spin_unlock_irq+0x23/0x50 [ 362.678637][T13317] snd_seq_oss_open+0x38c/0xa20 [ 362.678683][T13317] odev_open+0x6f/0x90 [ 362.678714][T13317] ? __pfx_odev_open+0x10/0x10 [ 362.678747][T13317] soundcore_open+0x409/0x580 [ 362.678784][T13317] ? __pfx_soundcore_open+0x10/0x10 [ 362.678817][T13317] chrdev_open+0x231/0x6a0 [ 362.678846][T13317] ? __pfx_apparmor_file_open+0x10/0x10 [ 362.678893][T13317] ? __pfx_chrdev_open+0x10/0x10 [ 362.678928][T13317] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 362.678969][T13317] do_dentry_open+0x97f/0x1530 [ 362.679005][T13317] ? __pfx_chrdev_open+0x10/0x10 [ 362.679044][T13317] vfs_open+0x82/0x3f0 [ 362.679084][T13317] path_openat+0x1de4/0x2cb0 [ 362.679127][T13317] ? __pfx_path_openat+0x10/0x10 [ 362.679167][T13317] do_filp_open+0x20b/0x470 [ 362.679198][T13317] ? __pfx_do_filp_open+0x10/0x10 [ 362.679256][T13317] ? alloc_fd+0x471/0x7d0 [ 362.679294][T13317] do_sys_openat2+0x11b/0x1d0 [ 362.679330][T13317] ? __pfx_do_sys_openat2+0x10/0x10 [ 362.679381][T13317] __x64_sys_openat+0x174/0x210 [ 362.679418][T13317] ? __pfx___x64_sys_openat+0x10/0x10 [ 362.679470][T13317] do_syscall_64+0xcd/0x490 [ 362.679507][T13317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.679532][T13317] RIP: 0033:0x7f865f38ebe9 [ 362.679554][T13317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.679578][T13317] RSP: 002b:00007f866023d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 362.679603][T13317] RAX: ffffffffffffffda RBX: 00007f865f5c5fa0 RCX: 00007f865f38ebe9 [ 362.679621][T13317] RDX: 00000000001c8740 RSI: 0000200000000540 RDI: ffffffffffffff9c [ 362.679637][T13317] RBP: 00007f865f411e19 R08: 0000000000000000 R09: 0000000000000000 [ 362.679653][T13317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 362.679667][T13317] R13: 00007f865f5c6038 R14: 00007f865f5c5fa0 R15: 00007ffe3d250278 [ 362.679699][T13317] [ 363.275576][T13325] sysfs_service_op_store: Client not running :-5: [ 363.383251][T13327] netlink: 146 bytes leftover after parsing attributes in process `syz.3.2934'. [ 366.958704][T13452] netlink: 146 bytes leftover after parsing attributes in process `syz.3.2987'. [ 367.111970][T13458] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2991'. [ 367.353848][T13470] netlink: 146 bytes leftover after parsing attributes in process `syz.5.2994'. [ 367.542200][T13478] netlink: 'syz.5.2999': attribute type 1 has an invalid length. [ 367.551815][T13478] netlink: 306 bytes leftover after parsing attributes in process `syz.5.2999'. [ 367.839344][T13486] netlink: 'syz.5.3002': attribute type 33 has an invalid length. [ 367.851140][T13486] netlink: 322 bytes leftover after parsing attributes in process `syz.5.3002'. [ 368.392058][T13504] FAULT_INJECTION: forcing a failure. [ 368.392058][T13504] name failslab, interval 1, probability 0, space 0, times 0 [ 368.411537][T13504] CPU: 1 UID: 0 PID: 13504 Comm: syz.3.3008 Tainted: G I syzkaller #0 PREEMPT(full) [ 368.411564][T13504] Tainted: [I]=FIRMWARE_WORKAROUND [ 368.411569][T13504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 368.411579][T13504] Call Trace: [ 368.411584][T13504] [ 368.411590][T13504] dump_stack_lvl+0x16c/0x1f0 [ 368.411615][T13504] should_fail_ex+0x512/0x640 [ 368.411635][T13504] ? __kmalloc_noprof+0xbf/0x510 [ 368.411654][T13504] ? realloc_user_queue+0x288/0x320 [ 368.411674][T13504] should_failslab+0xc2/0x120 [ 368.411694][T13504] __kmalloc_noprof+0xd2/0x510 [ 368.411716][T13504] realloc_user_queue+0x288/0x320 [ 368.411731][T13504] ? __pfx_snd_timer_user_open+0x10/0x10 [ 368.411746][T13504] snd_timer_user_open+0xfc/0x180 [ 368.411761][T13504] snd_open+0x22a/0x4c0 [ 368.411781][T13504] ? __pfx_snd_open+0x10/0x10 [ 368.411801][T13504] chrdev_open+0x231/0x6a0 [ 368.411819][T13504] ? __pfx_apparmor_file_open+0x10/0x10 [ 368.411835][T13504] ? __pfx_chrdev_open+0x10/0x10 [ 368.411854][T13504] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 368.411874][T13504] do_dentry_open+0x97f/0x1530 [ 368.411892][T13504] ? __pfx_chrdev_open+0x10/0x10 [ 368.411913][T13504] vfs_open+0x82/0x3f0 [ 368.411936][T13504] path_openat+0x1de4/0x2cb0 [ 368.411958][T13504] ? __pfx_path_openat+0x10/0x10 [ 368.411980][T13504] do_filp_open+0x20b/0x470 [ 368.411996][T13504] ? __pfx_do_filp_open+0x10/0x10 [ 368.412026][T13504] ? alloc_fd+0x471/0x7d0 [ 368.412046][T13504] do_sys_openat2+0x11b/0x1d0 [ 368.412067][T13504] ? __pfx_do_sys_openat2+0x10/0x10 [ 368.412095][T13504] __x64_sys_openat+0x174/0x210 [ 368.412116][T13504] ? __pfx___x64_sys_openat+0x10/0x10 [ 368.412145][T13504] do_syscall_64+0xcd/0x490 [ 368.412165][T13504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.412180][T13504] RIP: 0033:0x7f108258ebe9 [ 368.412192][T13504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 368.412206][T13504] RSP: 002b:00007f10834a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 368.412220][T13504] RAX: ffffffffffffffda RBX: 00007f10827c5fa0 RCX: 00007f108258ebe9 [ 368.412230][T13504] RDX: 0000000000101440 RSI: 0000200000001cc0 RDI: ffffffffffffff9c [ 368.412238][T13504] RBP: 00007f1082611e19 R08: 0000000000000000 R09: 0000000000000000 [ 368.412247][T13504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 368.412255][T13504] R13: 00007f10827c6038 R14: 00007f10827c5fa0 R15: 00007fffe3f9b848 [ 368.412273][T13504] [ 369.009308][ T31] INFO: task kworker/u8:9:1163 blocked for more than 143 seconds. [ 369.040118][ T31] Tainted: G I syzkaller #0 [ 369.049526][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 369.060260][ T31] task:kworker/u8:9 state:D stack:22216 pid:1163 tgid:1163 ppid:2 task_flags:0x4208160 flags:0x00004000 [ 369.074991][ T31] Workqueue: netns cleanup_net [ 369.080832][ T31] Call Trace: [ 369.084870][ T31] [ 369.088559][ T31] __schedule+0x1190/0x5de0 [ 369.094142][ T31] ? __lock_acquire+0x62e/0x1ce0 [ 369.100228][ T31] ? __pfx___schedule+0x10/0x10 [ 369.106884][ T31] ? find_held_lock+0x2b/0x80 [ 369.112654][ T31] ? schedule+0x2d7/0x3a0 [ 369.118001][ T31] schedule+0xe7/0x3a0 [ 369.123317][ T31] schedule_timeout+0x257/0x290 [ 369.129241][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 369.203302][ T31] ? mark_held_locks+0x49/0x80 [ 369.210579][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 369.217537][ T31] __wait_for_common+0x2fc/0x4e0 [ 369.223854][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 369.230460][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 369.237768][ T31] remove_one+0x312/0x420 [ 369.244536][ T31] ? find_next_child+0x18f/0x280 [ 369.251094][ T31] __simple_recursive_removal+0x158/0x610 [ 369.260865][ T31] ? __pfx_remove_one+0x10/0x10 [ 369.267622][ T31] debugfs_remove+0x5d/0x80 [ 369.274313][ T31] nsim_dev_health_exit+0x3b/0xe0 [ 369.280450][ T31] nsim_dev_reload_destroy+0x144/0x4d0 [ 369.289534][ T31] nsim_dev_reload_down+0x6e/0xd0 [ 369.299350][ T31] devlink_reload+0x1a1/0x7c0 [ 369.306188][ T31] ? __pfx_devlink_reload+0x10/0x10 [ 369.316490][ T31] devlink_pernet_pre_exit+0x1a0/0x2b0 [ 369.338342][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 369.356799][ T31] ? up_write+0x1b2/0x520 [ 369.372080][ T31] ? kobject_put+0xab/0x5a0 [ 369.382105][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 369.392839][ T31] ops_undo_list+0x187/0xab0 [ 369.402719][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 369.414847][ T31] ? cleanup_net+0x334/0x890 [ 369.420474][ T31] ? idr_destroy+0x62/0x2e0 [ 369.427875][ T31] cleanup_net+0x408/0x890 [ 369.435752][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 369.441854][ T31] ? rcu_is_watching+0x12/0xc0 [ 369.449642][ T31] process_one_work+0x9cf/0x1b70 [ 369.459729][ T31] ? __pfx_process_one_work+0x10/0x10 [ 369.469587][ T31] ? assign_work+0x1a0/0x250 [ 369.477884][ T31] worker_thread+0x6c8/0xf10 [ 369.485560][ T31] ? __kthread_parkme+0x19e/0x250 [ 369.491739][ T31] ? __pfx_worker_thread+0x10/0x10 [ 369.500153][ T31] kthread+0x3c5/0x780 [ 369.508833][ T31] ? __pfx_kthread+0x10/0x10 [ 369.518846][ T31] ? rcu_is_watching+0x12/0xc0 [ 369.526627][ T31] ? __pfx_kthread+0x10/0x10 [ 369.532243][ T31] ret_from_fork+0x5d7/0x6f0 [ 369.540344][ T31] ? __pfx_kthread+0x10/0x10 [ 369.562924][ T31] ret_from_fork_asm+0x1a/0x30 [ 369.580214][ T31] [ 369.586381][ T31] INFO: task syz.0.1456:9591 blocked for more than 143 seconds. [ 369.618098][ T31] Tainted: G I syzkaller #0 [ 369.631788][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 369.653091][ T31] task:syz.0.1456 state:D stack:27160 pid:9591 tgid:9589 ppid:5876 task_flags:0x400140 flags:0x00004004 [ 369.673044][ T31] Call Trace: [ 369.677912][ T31] [ 369.689009][ T31] __schedule+0x1190/0x5de0 [ 369.701453][ T31] ? __lock_acquire+0x62e/0x1ce0 [ 369.710328][ T31] ? __pfx___schedule+0x10/0x10 [ 369.726179][ T31] ? find_held_lock+0x2b/0x80 [ 369.738350][ T31] ? schedule+0x2d7/0x3a0 [ 369.753140][ T31] ? devlink_health_report+0x3ba/0x9c0 [ 369.759835][ T31] schedule+0xe7/0x3a0 [ 369.765419][ T31] schedule_preempt_disabled+0x13/0x30 [ 369.772009][ T31] __mutex_lock+0x81b/0x1060 [ 369.783032][ T31] ? devlink_health_report+0x3ba/0x9c0 [ 369.789647][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 369.807743][ T31] ? irqentry_exit+0x3b/0x90 [ 369.821611][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 369.833328][ T31] ? devlink_health_report+0x3ba/0x9c0 [ 369.839942][ T31] devlink_health_report+0x3ba/0x9c0 [ 369.863028][ T31] ? __pfx_devlink_health_report+0x10/0x10 [ 369.883615][ T31] ? _copy_from_user+0x59/0xd0 [ 369.889397][ T31] nsim_dev_health_break_write+0x166/0x210 [ 369.903080][ T31] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 369.910755][ T31] full_proxy_write+0x12e/0x1a0 [ 369.936714][ T31] ? __pfx_full_proxy_write+0x10/0x10 [ 369.956041][ T31] vfs_writev+0x5df/0xde0 [ 369.961300][ T31] ? __pfx_vfs_writev+0x10/0x10 [ 369.983057][ T31] ? kmem_cache_free+0x2d1/0x4d0 [ 369.989043][ T31] ? fd_install+0x225/0x750 [ 370.003039][ T31] ? do_writev+0x132/0x340 [ 370.008396][ T31] do_writev+0x132/0x340 [ 370.013654][ T31] ? __pfx_do_writev+0x10/0x10 [ 370.019430][ T31] do_syscall_64+0xcd/0x490 [ 370.025762][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.032867][ T31] RIP: 0033:0x7f0876f8ebe9 [ 370.038730][ T31] RSP: 002b:00007f0877e6b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 370.048930][ T31] RAX: ffffffffffffffda RBX: 00007f08771c5fa0 RCX: 00007f0876f8ebe9 [ 370.058649][ T31] RDX: 000000000000000b RSI: 0000200000000000 RDI: 0000000000000000 [ 370.070167][ T31] RBP: 00007f0877011e19 R08: 0000000000000000 R09: 0000000000000000 [ 370.080837][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 370.094184][ T31] R13: 00007f08771c6038 R14: 00007f08771c5fa0 R15: 00007ffd772ee528 [ 370.106113][ T31] [ 370.109852][ T31] [ 370.109852][ T31] Showing all locks held in the system: [ 370.120972][ T31] 1 lock held by khungtaskd/31: [ 370.131247][ T31] #0: ffffffff8e5c10e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 370.147026][ T31] 6 locks held by kworker/u8:9/1163: [ 370.153437][ T31] #0: ffff88801c6fe948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 370.171555][ T31] #1: ffffc9000449fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 370.190490][ T31] #2: ffffffff90371510 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890 [ 370.201923][ T31] #3: ffff888075d250e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x12c/0x2b0 [ 370.217975][ T31] #4: ffff888075d26250 (&devlink->lock_key){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x136/0x2b0 [ 370.232611][ T31] #5: ffff88805b8295a8 (&sb->s_type->i_mutex_key#3/2){+.+.}-{4:4}, at: __simple_recursive_removal+0x354/0x610 [ 370.250935][ T31] 2 locks held by kworker/u9:1/5186: [ 370.257399][ T31] #0: ffff88802651b948 ((wq_completion)nbd0-recv){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 370.274652][ T31] #1: ffffc9000ed07d10 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 370.288925][ T31] 2 locks held by getty/9467: [ 370.294704][ T31] #0: ffff8880313930a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 370.306532][ T31] #1: ffffc9000359b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 370.318701][ T31] 2 locks held by syz.0.1456/9591: [ 370.324924][ T31] #0: ffff888140e8a428 (sb_writers#8){.+.+}-{0:0}, at: do_writev+0x132/0x340 [ 370.336562][ T31] #1: ffff888075d26250 (&devlink->lock_key){+.+.}-{4:4}, at: devlink_health_report+0x3ba/0x9c0 [ 370.349274][ T31] 1 lock held by syz.2.3006/13499: [ 370.361086][ T31] [ 370.365702][ T31] ============================================= [ 370.365702][ T31] [ 370.377315][ T31] NMI backtrace for cpu 1 [ 370.377337][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G I syzkaller #0 PREEMPT(full) [ 370.377372][ T31] Tainted: [I]=FIRMWARE_WORKAROUND [ 370.377380][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 370.377394][ T31] Call Trace: [ 370.377402][ T31] [ 370.377412][ T31] dump_stack_lvl+0x116/0x1f0 [ 370.377449][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 370.377476][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 370.377511][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 370.377541][ T31] watchdog+0xf0e/0x1260 [ 370.377581][ T31] ? __pfx_watchdog+0x10/0x10 [ 370.377613][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 370.377646][ T31] ? __kthread_parkme+0x19e/0x250 [ 370.377677][ T31] ? __pfx_watchdog+0x10/0x10 [ 370.377710][ T31] kthread+0x3c5/0x780 [ 370.377742][ T31] ? __pfx_kthread+0x10/0x10 [ 370.377777][ T31] ? rcu_is_watching+0x12/0xc0 [ 370.377801][ T31] ? __pfx_kthread+0x10/0x10 [ 370.377835][ T31] ret_from_fork+0x5d7/0x6f0 [ 370.377870][ T31] ? __pfx_kthread+0x10/0x10 [ 370.377903][ T31] ret_from_fork_asm+0x1a/0x30 [ 370.377949][ T31] [ 370.377958][ T31] Sending NMI from CPU 1 to CPUs 0: [ 370.527204][ C0] NMI backtrace for cpu 0 [ 370.527227][ C0] CPU: 0 UID: 0 PID: 59 Comm: kworker/u8:4 Tainted: G I syzkaller #0 PREEMPT(full) [ 370.527263][ C0] Tainted: [I]=FIRMWARE_WORKAROUND [ 370.527272][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 370.527288][ C0] Workqueue: kvfree_rcu_reclaim kfree_rcu_work [ 370.527315][ C0] RIP: 0010:its_return_thunk+0x0/0x10 [ 370.527340][ C0] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 e9 db 1e 98 f5 cc [ 370.527364][ C0] RSP: 0018:ffffc9000210faa8 EFLAGS: 00000293 [ 370.527381][ C0] RAX: 0000000000000000 RBX: ffff8880e2e76c00 RCX: ffffffff816c85aa [ 370.527397][ C0] RDX: ffff88801d7a8000 RSI: ffff888062e76c00 RDI: 0000000000000006 [ 370.527413][ C0] RBP: ffff888062e76c00 R08: 0000000000000006 R09: ffff888062e76c00 [ 370.527428][ C0] R10: ffff8880e2e76c00 R11: 000000000000012a R12: 0000000000000000 [ 370.527443][ C0] R13: ffff888062e76c00 R14: 000000000000012a R15: 0000000000000000 [ 370.527458][ C0] FS: 0000000000000000(0000) GS:ffff8881246c0000(0000) knlGS:0000000000000000 [ 370.527486][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 370.527501][ C0] CR2: 00007ffe3d24ed58 CR3: 0000000075bbe000 CR4: 00000000003526f0 [ 370.527517][ C0] Call Trace: [ 370.527524][ C0] [ 370.527532][ C0] __phys_addr+0x2a/0x180 [ 370.527562][ C0] kmem_cache_free_bulk.part.0+0x146/0x7f0 [ 370.527591][ C0] ? kvfree_rcu_bulk+0x1b7/0x1e0 [ 370.527622][ C0] kvfree_rcu_bulk+0x1b7/0x1e0 [ 370.527646][ C0] kfree_rcu_work+0x124/0x1a0 [ 370.527673][ C0] ? rcu_is_watching+0x12/0xc0 [ 370.527700][ C0] process_one_work+0x9cf/0x1b70 [ 370.527741][ C0] ? __pfx_nsim_dev_trap_report_work+0x10/0x10 [ 370.527779][ C0] ? __pfx_process_one_work+0x10/0x10 [ 370.527820][ C0] ? assign_work+0x1a0/0x250 [ 370.527854][ C0] worker_thread+0x6c8/0xf10 [ 370.527883][ C0] ? __pfx_worker_thread+0x10/0x10 [ 370.527903][ C0] kthread+0x3c5/0x780 [ 370.527936][ C0] ? __pfx_kthread+0x10/0x10 [ 370.527970][ C0] ? rcu_is_watching+0x12/0xc0 [ 370.527993][ C0] ? __pfx_kthread+0x10/0x10 [ 370.528026][ C0] ret_from_fork+0x5d7/0x6f0 [ 370.528060][ C0] ? __pfx_kthread+0x10/0x10 [ 370.528093][ C0] ret_from_fork_asm+0x1a/0x30 [ 370.528129][ C0] [ 370.528297][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 370.813828][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G I syzkaller #0 PREEMPT(full) [ 370.826739][ T31] Tainted: [I]=FIRMWARE_WORKAROUND [ 370.832849][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 370.844902][ T31] Call Trace: [ 370.848826][ T31] [ 370.852329][ T31] dump_stack_lvl+0x3d/0x1f0 [ 370.857836][ T31] vpanic+0x6e8/0x7a0 [ 370.862615][ T31] ? __pfx_vpanic+0x10/0x10 [ 370.868020][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 370.875199][ T31] panic+0xca/0xd0 [ 370.879658][ T31] ? __pfx_panic+0x10/0x10 [ 370.884951][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 370.891434][ T31] ? nmi_trigger_cpumask_backtrace+0x1b1/0x300 [ 370.898810][ T31] ? watchdog+0xd78/0x1260 [ 370.904111][ T31] ? watchdog+0xd6b/0x1260 [ 370.909408][ T31] watchdog+0xd89/0x1260 [ 370.914498][ T31] ? __pfx_watchdog+0x10/0x10 [ 370.920100][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 370.926331][ T31] ? __kthread_parkme+0x19e/0x250 [ 370.932351][ T31] ? __pfx_watchdog+0x10/0x10 [ 370.937955][ T31] kthread+0x3c5/0x780 [ 370.942834][ T31] ? __pfx_kthread+0x10/0x10 [ 370.948339][ T31] ? rcu_is_watching+0x12/0xc0 [ 370.954057][ T31] ? __pfx_kthread+0x10/0x10 [ 370.959577][ T31] ret_from_fork+0x5d7/0x6f0 [ 370.965081][ T31] ? __pfx_kthread+0x10/0x10 [ 370.970585][ T31] ret_from_fork_asm+0x1a/0x30 [ 370.976306][ T31] [ 370.980059][ T31] Kernel Offset: disabled [ 370.985226][ T31] Rebooting in 86400 seconds..