last executing test programs: 8m33.685382125s ago: executing program 1 (id=36): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002080)='/dev/ptyv8\x00', 0x480, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty46\x00', 0x88a42, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x222c0, 0x0) ioctl$auto(0x3, 0x4b48, r0) 8m33.461066197s ago: executing program 1 (id=38): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r0, &(0x7f0000000080)='MJC802154_HWSIM\x00\xcb\x0fX\xc7\xfdx!\xf7\xb5T\x04\xad\x96\xf4\xbc\xca\xa52UWT1\a\x00\x00\x00\x00\x00\x007\xc9\xa6\x8a', 0x1060) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{0x1009, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0) writev$auto(r1, &(0x7f0000000340)={0x0, 0x18}, 0x8) 8m33.172187421s ago: executing program 1 (id=39): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @host}, 0x55) listen$auto(0x3, 0x81) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 8m32.175218649s ago: executing program 1 (id=46): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 8m31.75211602s ago: executing program 1 (id=48): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/oom_adj\x00', 0x49402, 0x0) read$auto(r1, 0x0, 0x9a28) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000100)={0x0, 0x7}, 0x4000000000007) getsockopt$auto_SO_NOFCS(r0, 0x68c, 0x2b, 0x0, 0x0) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f0000000cc0)='/sys/kernel/tracing/trace_options\x00', 0x442, 0x0) 8m31.412010286s ago: executing program 1 (id=51): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) connect$auto(0x4, 0x0, 0x10) 8m30.971866481s ago: executing program 32 (id=51): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) connect$auto(0x4, 0x0, 0x10) 4.59795397s ago: executing program 2 (id=2858): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x103300, 0x0) close_range$auto(0x2, r0, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3, @loopback}, 0x54) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) read$auto(0x3, 0x0, 0x8080) write$auto(0x3, 0x0, 0xffd8) 4.00424842s ago: executing program 0 (id=2860): openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec4\x00', 0x800, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x2a742, 0x0) mmap$auto(0x0, 0x10000, 0xde, 0x11, r0, 0x28000) madvise$auto(0x0, 0x2000040080000004, 0xe) syz_genetlink_get_family_id$auto_ioam6(0x0, 0xffffffffffffffff) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(0xffffffffffffffff, 0x0, 0x808) r1 = ioctl$auto_TIOCGPTPEER2(0xffffffffffffffff, 0x5441, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x12, r1, 0x2) getrlimit$auto(0x4, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r2, 0x127f, 0x0) 3.645606072s ago: executing program 2 (id=2863): mmap$auto(0x0, 0x20009, 0x7, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x0, 0x5, 0x0) r0 = pipe$auto(0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/4096, 0x1000) write$auto(0x1, 0x0, 0x80000000) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x200084c, 0x0, 0x9, 0x0, 0x3, 0x10b}, 0x4}, 0xffffffff, 0xc5c) write$auto(0xffffffffffffffff, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7112}, 0x8) 3.22256463s ago: executing program 0 (id=2866): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x1e, 0x5, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) io_uring_register$auto(0x2, 0x0, 0x0, 0x3) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x4, 0x100000000) ptrace$auto_PTRACE_SETREGSET(0x4205, r2, 0xffffffff00000202, 0x6) 2.791694091s ago: executing program 4 (id=2872): mmap$auto(0x0, 0x20009, 0x1, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socket(0x18, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r2 = socket(0x18, 0x5, 0x1) connect$auto(r2, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x80487436, 0x0) 2.733907889s ago: executing program 4 (id=2873): openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x109000, 0x0) r0 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) read$auto_cgwb_debug_stats_fops_(r0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="01012b"], 0x20}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 2.641771311s ago: executing program 2 (id=2874): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r1 = epoll_create$auto(0x70c) epoll_ctl$auto(r1, 0x1, r0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x40006) 2.442067904s ago: executing program 3 (id=2875): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) msgget$auto(0x4, 0x8) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/dev/cdrom/info\x00', 0x2000, 0x0) read$auto(r2, &(0x7f0000000140)='\x00\xd8\x1ed.\x0e\x92\x19\xa0\xedP\xaf\xce-\xa9\x86\xc5\x97\xdc_\xd8`K\xf9\xa0\xff\x8e\xa8\x11N\xdcLG\xb7\x85L\xd3\x98\x18l\x9d\xddv\xa1\fM\x92\x89\xe71j\x8b\xdf\xcd%\x9fQ\x8f\x91\xd8\b\a\xf3\xe2\xd8<\xe4\x94\xa9\xb3\xff54\xec\x1b>\xce\x95\x9a\xe3-\xfdP\xcc\'\xccoN\xe3\xe7\xe8', 0x200) setresuid$auto(0x0, 0x7, 0x8080) setfsuid$auto(0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/audit\x00', 0x2, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000400)="a0", 0x1) ioctl$auto_KVM_GET_MSRS(r1, 0x4068aea3, &(0x7f0000000040)={0x79}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x10000, 0x0) 2.441333685s ago: executing program 4 (id=2883): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x200080, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0) 2.276725584s ago: executing program 0 (id=2876): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) epoll_create$auto(0x3e) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0xa200, 0x0) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000d00), 0x1, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp1\x00', 0x20000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/erspan0/queues/tx-0/xps_cpus\x00', 0x0, 0x0) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0xb, 0xd, 0x2007d49, 0x9487, 0x4, 0x0, 0xffffffff, 0x3, 0x0, 0x3, 0x7, 0xfffffffffffffff7, 0x5, 0x2, 0x3]}, 0x0) 2.255630228s ago: executing program 3 (id=2877): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x20008800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x4040}, 0x40008c0) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080), 0x3}, 0x2, 0x0, 0x1, 0x1}, 0x5}, 0x8002, 0x100) fanotify_init$auto(0x65, 0x2) socket(0x1d, 0x2, 0x2) connect$auto(0x3, 0x0, 0x55) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0xb, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x38}, 0x6, 0x0, 0x4, 0x9}, 0x9}, 0x6, 0x1f00) 2.086491042s ago: executing program 3 (id=2878): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0) ioctl$auto_BLKALIGNOFF(r0, 0x127a, 0x0) r1 = socket(0x10, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r2, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYBLOB="16018d8e82d8e469fdd8c9f27e056e81bc35907492ec2617766f61c7ce27126f3618c51a89c8f0a556d235"], 0x14}, 0x1, 0x0, 0x0, 0x4854}, 0x40) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r2) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r2) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r1, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010027bd7000fcdbdf250a9e00ff15000000140001"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) write$auto_tomoyo_operations_securityfs_if(0xffffffffffffffff, 0x0, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f0000005fc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x20000010) 1.960278521s ago: executing program 0 (id=2879): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/ping_group_range\x00', 0x202, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x160082, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) preadv2$auto(0xffffffffffffffff, 0x0, 0x6, 0x3, 0x4, 0x2a) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r2, 0x8000) 1.305770036s ago: executing program 2 (id=2880): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x10, 0x80002, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) timerfd_settime$auto(r0, 0x3, 0x0, 0x0) 1.219458173s ago: executing program 4 (id=2881): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x80, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlock$auto(0x800, 0x85fc) socket(0x2, 0x1, 0x106) socket(0x2, 0x801, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) 1.083532066s ago: executing program 2 (id=2882): close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0xb10, &(0x7f0000000080)={0x80000003, 0x9, 0x100200, 0x8000, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x5, 0x52, 0x5, 0x8, 0x40, 0x104, 0x8, 0x100000000}}) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socketcall$auto(0xa, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4040aea0, &(0x7f00000000c0)={0xdd}) 576.005667ms ago: executing program 3 (id=2884): r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r0, 0x41015500, &(0x7f00000011c0)={"44cb9bf73ee4f7d17375d0a20200fc097204973ce5c568f45cf3a37f00073e797cd85f52c60300259f0f496b584d7480859a383753a492b262cd2e665fea37decc05000020000000001eee4def7500006344c1b5ba8cd74d78b58200000000001000000001000004000000004000", "780700e6cfac240fa640711402b4c630bc5601fb47fa2955a8f7ff3993c0f4f3a6e054fed14a933119c64d9d923ef32ce561acad10f499213cd61be3b68dcaf3e5f074ce961d6a33c481d540e5282df56757d500", 0x5}) poll$auto(0x0, 0x5, 0x80000000) mmap$auto(0x0, 0x220006, 0x4000000000df, 0xeb2, 0x401, 0x8000) r1 = open(0x0, 0x22240, 0x174) fcntl$auto(r1, 0x400, 0x0) sendmsg$auto_NL80211_CMD_MODIFY_LINK_STA(r1, 0x0, 0x40895) io_uring_register$auto_IORING_REGISTER_BUFFERS(r1, 0x0, 0x0, 0x1) fcntl$auto_F_ADD_SEALS(0xffffffffffffffff, 0x410, 0x0) rename$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 502.537057ms ago: executing program 4 (id=2885): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000500)="7a47301037954c081c9a0bb84bb7b04ef84993eab91abe1686f43e43d786e964e8f04455bd620de9f3fb6d65e6c078c1a63c8fa7f7d5152d4831f60eade8e3d8a508f6178de4e7e975de72c549dbc7876cb528ba0841788237bf") r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/dummy_hcd.6/usb7/version\x00', 0x20040, 0x0) read$auto(r1, &(0x7f0000000240)='$\x00', 0xb) mmap$auto(0x0, 0x20009, 0x800000000000b17a, 0xeb1, 0x3fd, 0x8000) mmap$auto(0x3, 0xe983, 0x13, 0x10, 0x401, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x6, 0x1) setgroups$auto(0xe32, 0x0) 501.852136ms ago: executing program 0 (id=2893): mmap$auto(0x0, 0x40006, 0x22, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) r0 = socket(0x2, 0x3, 0xa) r1 = open(0x0, 0x161340, 0x130) statx$auto(r1, 0x0, 0xb003, 0xda97, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) sendmmsg$auto(r0, 0x0, 0x5, 0x4) 428.453945ms ago: executing program 3 (id=2886): io_uring_setup$auto(0x86, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x20040890) unshare$auto(0x40000080) mmap$auto(0x0, 0x402000d, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x40e00, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) ioctl$auto_PPPIOCATTACH(r1, 0x4004743d, 0x0) 266.950353ms ago: executing program 2 (id=2887): r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x306, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) msync$auto(0x0, 0xe0, 0x6) ioctl$auto_SNDCTL_SEQ_THRESHOLD(r0, 0x4004510d, &(0x7f0000000200)) 226.783321ms ago: executing program 0 (id=2888): syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000200)={0x0, 0xffffffff}, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x44eb2, 0xffffffffffffffff, 0x300000000000) pkey_mprotect$auto(0x80000000, 0x0, 0x7, 0x4) fcntl$auto_F_DUPFD_CLOEXEC(0xffffffffffffffff, 0x406, 0xffffffffffffffff) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x8000000000000, 0x200, 0x6) 43.513417ms ago: executing program 4 (id=2889): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram10\x00', 0x60742, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x69) listen$auto(0x3, 0x81) r0 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x6, 0x0, 0x7, 0x1}, 0x3}, 0x4, 0x20000000) mprotect$auto(0x200000000000, 0x806121, 0x8) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 3 (id=2890): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x8d}, 0x7}, 0xb8ad, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs):                                                                  syzkaller syzkaller login: [ 520.606572][T13461] netlink: 'syz.3.2322': attribute type 27 has an invalid length. [ 520.625885][T13461] netlink: 18 bytes leftover after parsing attributes in process `syz.3.2322'. [ 522.068076][T13484] [U] 0 [ 522.076477][T13483] [U] QUI [ 522.652067][T13495] FAULT_INJECTION: forcing a failure. [ 522.652067][T13495] name failslab, interval 1, probability 0, space 0, times 0 [ 522.700843][T13495] CPU: 0 UID: 0 PID: 13495 Comm: syz.3.2333 Tainted: G L syzkaller #0 PREEMPT(full) [ 522.700896][T13495] Tainted: [L]=SOFTLOCKUP [ 522.700907][T13495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 522.700928][T13495] Call Trace: [ 522.700938][T13495] [ 522.700951][T13495] dump_stack_lvl+0x100/0x190 [ 522.701013][T13495] should_fail_ex.cold+0x5/0xa [ 522.701081][T13495] should_failslab+0xc2/0x120 [ 522.701131][T13495] __kmalloc_cache_noprof+0x7a/0x6f0 [ 522.701204][T13495] ? alloc_tty_struct+0x96/0x8c0 [ 522.701264][T13495] alloc_tty_struct+0x96/0x8c0 [ 522.701312][T13495] ? __pfx_alloc_tty_struct+0x10/0x10 [ 522.701386][T13495] tty_init_dev.part.0+0x20/0x470 [ 522.701447][T13495] tty_open+0xa63/0xfa0 [ 522.701502][T13495] ? __pfx_tty_open+0x10/0x10 [ 522.701546][T13495] ? chrdev_open+0x10b/0x6a0 [ 522.701587][T13495] ? chrdev_open+0x10b/0x6a0 [ 522.701636][T13495] ? __pfx_tty_open+0x10/0x10 [ 522.701680][T13495] chrdev_open+0x234/0x6a0 [ 522.701722][T13495] ? __pfx_apparmor_file_open+0x10/0x10 [ 522.701759][T13495] ? __pfx_chrdev_open+0x10/0x10 [ 522.701803][T13495] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 522.701859][T13495] do_dentry_open+0x6ab/0x14d0 [ 522.701899][T13495] ? __pfx_chrdev_open+0x10/0x10 [ 522.701990][T13495] vfs_open+0x82/0x3f0 [ 522.702051][T13495] path_openat+0x208c/0x31a0 [ 522.702109][T13495] ? __pfx_path_openat+0x10/0x10 [ 522.702170][T13495] do_file_open+0x20e/0x430 [ 522.702220][T13495] ? __pfx_do_file_open+0x10/0x10 [ 522.702293][T13495] ? alloc_fd+0x476/0x790 [ 522.702339][T13495] ? do_getname+0x191/0x390 [ 522.702395][T13495] do_sys_openat2+0x10d/0x1e0 [ 522.702448][T13495] ? __pfx_do_sys_openat2+0x10/0x10 [ 522.702503][T13495] ? __fget_files+0x21f/0x3d0 [ 522.702553][T13495] __x64_sys_openat+0x12d/0x210 [ 522.702612][T13495] ? __pfx___x64_sys_openat+0x10/0x10 [ 522.702678][T13495] ? rcu_is_watching+0x12/0xc0 [ 522.702724][T13495] do_syscall_64+0x115/0x840 [ 522.702776][T13495] ? clear_bhb_loop+0x40/0x90 [ 522.702819][T13495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 522.702855][T13495] RIP: 0033:0x7f684739ce59 [ 522.702883][T13495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 522.702918][T13495] RSP: 002b:00007f6848261028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 522.702950][T13495] RAX: ffffffffffffffda RBX: 00007f6847616090 RCX: 00007f684739ce59 [ 522.702973][T13495] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 522.702995][T13495] RBP: 00007f6847432d6f R08: 0000000000000000 R09: 0000000000000000 [ 522.703017][T13495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 522.703045][T13495] R13: 00007f6847616128 R14: 00007f6847616090 R15: 00007fff04194108 [ 522.703091][T13495] [ 524.352313][T13528] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2344'. [ 524.742411][T13537] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 524.750112][T13537] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 524.757819][T13537] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 524.764169][T13537] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 524.793094][T13542] FAULT_INJECTION: forcing a failure. [ 524.793094][T13542] name failslab, interval 1, probability 0, space 0, times 0 [ 524.806985][T13542] CPU: 0 UID: 0 PID: 13542 Comm: syz.0.2348 Tainted: G L syzkaller #0 PREEMPT(full) [ 524.807037][T13542] Tainted: [L]=SOFTLOCKUP [ 524.807049][T13542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 524.807070][T13542] Call Trace: [ 524.807081][T13542] [ 524.807093][T13542] dump_stack_lvl+0x100/0x190 [ 524.807159][T13542] should_fail_ex.cold+0x5/0xa [ 524.807204][T13542] should_failslab+0xc2/0x120 [ 524.807258][T13542] __kmalloc_cache_node_noprof+0x7d/0x770 [ 524.807296][T13542] ? look_up_lock_class+0x55/0x120 [ 524.807345][T13542] ? __get_vm_area_node+0x101/0x330 [ 524.807394][T13542] __get_vm_area_node+0x101/0x330 [ 524.807440][T13542] __vmalloc_node_range_noprof+0x228/0x1630 [ 524.807485][T13542] ? n_tty_open+0x1a/0x170 [ 524.807535][T13542] ? do_raw_spin_unlock+0x145/0x1e0 [ 524.807572][T13542] ? look_up_lock_class+0x55/0x120 [ 524.807623][T13542] ? n_tty_open+0x1a/0x170 [ 524.807682][T13542] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 524.807729][T13542] ? __ldsem_down_write_nested+0xfd/0x830 [ 524.807864][T13542] ? __ldsem_down_write_nested+0x10e/0x830 [ 524.807918][T13542] ? vc_allocate+0x110/0x880 [ 524.807962][T13542] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 524.808023][T13542] ? n_tty_open+0x1a/0x170 [ 524.808070][T13542] __vmalloc_node_noprof+0xad/0xf0 [ 524.808120][T13542] ? n_tty_open+0x1a/0x170 [ 524.808173][T13542] ? __pfx_n_tty_open+0x10/0x10 [ 524.808235][T13542] n_tty_open+0x1a/0x170 [ 524.808289][T13542] tty_ldisc_open+0xa2/0x120 [ 524.808329][T13542] tty_ldisc_setup+0x40/0xf0 [ 524.808372][T13542] tty_init_dev.part.0+0x1b5/0x470 [ 524.808426][T13542] tty_open+0xa63/0xfa0 [ 524.808481][T13542] ? __pfx_tty_open+0x10/0x10 [ 524.808526][T13542] ? chrdev_open+0x10b/0x6a0 [ 524.808568][T13542] ? chrdev_open+0x10b/0x6a0 [ 524.808618][T13542] ? __pfx_tty_open+0x10/0x10 [ 524.808664][T13542] chrdev_open+0x234/0x6a0 [ 524.808705][T13542] ? __pfx_apparmor_file_open+0x10/0x10 [ 524.808743][T13542] ? __pfx_chrdev_open+0x10/0x10 [ 524.808790][T13542] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 524.808846][T13542] do_dentry_open+0x6ab/0x14d0 [ 524.808887][T13542] ? __pfx_chrdev_open+0x10/0x10 [ 524.808950][T13542] vfs_open+0x82/0x3f0 [ 524.809004][T13542] path_openat+0x208c/0x31a0 [ 524.809061][T13542] ? __pfx_path_openat+0x10/0x10 [ 524.809120][T13542] do_file_open+0x20e/0x430 [ 524.809164][T13542] ? __pfx_do_file_open+0x10/0x10 [ 524.809244][T13542] ? alloc_fd+0x476/0x790 [ 524.809289][T13542] ? do_getname+0x191/0x390 [ 524.809343][T13542] do_sys_openat2+0x10d/0x1e0 [ 524.809396][T13542] ? __pfx_do_sys_openat2+0x10/0x10 [ 524.809452][T13542] ? __fget_files+0x21f/0x3d0 [ 524.809501][T13542] __x64_sys_openat+0x12d/0x210 [ 524.809555][T13542] ? __pfx___x64_sys_openat+0x10/0x10 [ 524.809615][T13542] ? rcu_is_watching+0x12/0xc0 [ 524.809678][T13542] do_syscall_64+0x115/0x840 [ 524.809724][T13542] ? clear_bhb_loop+0x40/0x90 [ 524.809768][T13542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 524.809803][T13542] RIP: 0033:0x7febecd9ce59 [ 524.809831][T13542] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 524.809864][T13542] RSP: 002b:00007febedcae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 524.809897][T13542] RAX: ffffffffffffffda RBX: 00007febed016090 RCX: 00007febecd9ce59 [ 524.809919][T13542] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 524.809940][T13542] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 524.809959][T13542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 524.809980][T13542] R13: 00007febed016128 R14: 00007febed016090 R15: 00007ffe65567a48 [ 524.810024][T13542] [ 525.195473][T13542] warn_alloc: 2 callbacks suppressed [ 525.195500][T13542] syz.0.2348: vmalloc error: size 9112, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 525.219410][T13542] CPU: 0 UID: 0 PID: 13542 Comm: syz.0.2348 Tainted: G L syzkaller #0 PREEMPT(full) [ 525.219461][T13542] Tainted: [L]=SOFTLOCKUP [ 525.219473][T13542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 525.219494][T13542] Call Trace: [ 525.219504][T13542] [ 525.219517][T13542] dump_stack_lvl+0x100/0x190 [ 525.219584][T13542] warn_alloc.cold+0x95/0x1c1 [ 525.219621][T13542] ? __pfx_warn_alloc+0x10/0x10 [ 525.219675][T13542] ? trace_kmalloc+0xe3/0x110 [ 525.219733][T13542] ? __kmalloc_cache_node_noprof+0x2d9/0x770 [ 525.219774][T13542] ? __kasan_kmalloc+0x8a/0xb0 [ 525.219809][T13542] ? __get_vm_area_node+0x208/0x330 [ 525.219861][T13542] __vmalloc_node_range_noprof+0xccd/0x1630 [ 525.219909][T13542] ? do_raw_spin_unlock+0x145/0x1e0 [ 525.219946][T13542] ? look_up_lock_class+0x55/0x120 [ 525.219998][T13542] ? n_tty_open+0x1a/0x170 [ 525.220061][T13542] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 525.220110][T13542] ? __ldsem_down_write_nested+0xfd/0x830 [ 525.220161][T13542] ? __ldsem_down_write_nested+0x10e/0x830 [ 525.220213][T13542] ? vc_allocate+0x110/0x880 [ 525.220259][T13542] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 525.220318][T13542] ? n_tty_open+0x1a/0x170 [ 525.220364][T13542] __vmalloc_node_noprof+0xad/0xf0 [ 525.220410][T13542] ? n_tty_open+0x1a/0x170 [ 525.220459][T13542] ? __pfx_n_tty_open+0x10/0x10 [ 525.220507][T13542] n_tty_open+0x1a/0x170 [ 525.220558][T13542] tty_ldisc_open+0xa2/0x120 [ 525.220596][T13542] tty_ldisc_setup+0x40/0xf0 [ 525.220637][T13542] tty_init_dev.part.0+0x1b5/0x470 [ 525.220698][T13542] tty_open+0xa63/0xfa0 [ 525.220755][T13542] ? __pfx_tty_open+0x10/0x10 [ 525.220801][T13542] ? chrdev_open+0x10b/0x6a0 [ 525.220843][T13542] ? chrdev_open+0x10b/0x6a0 [ 525.220893][T13542] ? __pfx_tty_open+0x10/0x10 [ 525.220940][T13542] chrdev_open+0x234/0x6a0 [ 525.220980][T13542] ? __pfx_apparmor_file_open+0x10/0x10 [ 525.221017][T13542] ? __pfx_chrdev_open+0x10/0x10 [ 525.221062][T13542] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 525.221116][T13542] do_dentry_open+0x6ab/0x14d0 [ 525.221157][T13542] ? __pfx_chrdev_open+0x10/0x10 [ 525.221210][T13542] vfs_open+0x82/0x3f0 [ 525.221267][T13542] path_openat+0x208c/0x31a0 [ 525.221327][T13542] ? __pfx_path_openat+0x10/0x10 [ 525.221389][T13542] do_file_open+0x20e/0x430 [ 525.221437][T13542] ? __pfx_do_file_open+0x10/0x10 [ 525.221511][T13542] ? alloc_fd+0x476/0x790 [ 525.221559][T13542] ? do_getname+0x191/0x390 [ 525.221617][T13542] do_sys_openat2+0x10d/0x1e0 [ 525.221674][T13542] ? __pfx_do_sys_openat2+0x10/0x10 [ 525.221751][T13542] ? __fget_files+0x21f/0x3d0 [ 525.221804][T13542] __x64_sys_openat+0x12d/0x210 [ 525.221863][T13542] ? __pfx___x64_sys_openat+0x10/0x10 [ 525.221928][T13542] ? rcu_is_watching+0x12/0xc0 [ 525.221976][T13542] do_syscall_64+0x115/0x840 [ 525.222027][T13542] ? clear_bhb_loop+0x40/0x90 [ 525.222072][T13542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.222110][T13542] RIP: 0033:0x7febecd9ce59 [ 525.222140][T13542] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 525.222176][T13542] RSP: 002b:00007febedcae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 525.222209][T13542] RAX: ffffffffffffffda RBX: 00007febed016090 RCX: 00007febecd9ce59 [ 525.222233][T13542] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 525.222257][T13542] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 525.222279][T13542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 525.222300][T13542] R13: 00007febed016128 R14: 00007febed016090 R15: 00007ffe65567a48 [ 525.222347][T13542] [ 525.222462][T13542] Mem-Info: [ 525.605713][T13542] active_anon:7651 inactive_anon:4 isolated_anon:0 [ 525.605713][T13542] active_file:17290 inactive_file:47421 isolated_file:0 [ 525.605713][T13542] unevictable:810 dirty:511 writeback:0 [ 525.605713][T13542] slab_reclaimable:11412 slab_unreclaimable:93465 [ 525.605713][T13542] mapped:25477 shmem:1301 pagetables:1487 [ 525.605713][T13542] sec_pagetables:0 bounce:0 [ 525.605713][T13542] kernel_misc_reclaimable:0 [ 525.605713][T13542] free:1301168 free_pcp:16592 free_cma:0 [ 525.714531][T13542] Node 0 active_anon:30604kB inactive_anon:16kB active_file:69160kB inactive_file:189560kB unevictable:1704kB isolated(anon):0kB isolated(file):0kB mapped:101908kB dirty:2044kB writeback:0kB shmem:3668kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11868kB pagetables:5800kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 525.807940][T13542] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:124kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 525.905125][T13542] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 525.998115][T13542] lowmem_reserve[]: 0 2478 2479 2479 2479 [ 526.023582][T13542] Node 0 DMA32 free:1262396kB boost:0kB min:34060kB low:42572kB high:51084kB reserved_highatomic:0KB free_highatomic:0KB active_anon:30464kB inactive_anon:16kB active_file:69160kB inactive_file:189560kB unevictable:1704kB writepending:2132kB zspages:864kB present:3129332kB managed:2537492kB mlocked:168kB bounce:0kB free_pcp:41828kB local_pcp:20544kB free_cma:0kB [ 526.118549][T13542] lowmem_reserve[]: 0 0 1 1 1 [ 526.134159][T13542] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1112kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 526.204617][T13546] zswap: compressor not available [ 526.211373][T13542] lowmem_reserve[]: 0 0 0 0 0 [ 526.297968][T13542] Node 1 Normal free:3930596kB boost:0kB min:55824kB low:69780kB high:83736kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:124kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:22048kB local_pcp:22048kB free_cma:0kB [ 526.377376][T13542] lowmem_reserve[]: 0 0 0 0 0 [ 526.388325][T13542] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 526.405992][T13542] Node 0 DMA32: 4974*4kB (UME) 4352*8kB (UME) 2544*16kB (UME) 885*32kB (UME) 545*64kB (UME) 214*128kB (UME) 282*256kB (UM) 175*512kB (UM) 94*1024kB (UME) 11*2048kB (UM) 195*4096kB (M) = 1265304kB [ 526.458958][T13542] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 526.471905][T13542] Node 1 Normal: 18*4kB (UM) 20*8kB (UM) 19*16kB (UM) 18*32kB (U) 17*64kB (UM) 11*128kB (U) 12*256kB (UM) 12*512kB (UM) 6*1024kB (U) 6*2048kB (UM) 952*4096kB (UM) = 3930648kB [ 526.492648][T13542] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 526.503816][T13542] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 526.513741][T13542] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 526.523444][T13542] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 526.567988][T13542] 66064 total pagecache pages [ 526.572923][T13542] 15 pages in swap cache [ 526.578731][T13542] Free swap = 124204kB [ 526.587958][T13542] Total swap = 124996kB [ 526.595522][T13542] 2097051 pages RAM [ 526.605909][T13542] 0 pages HighMem/MovableOnly [ 526.615344][T13542] 430785 pages reserved [ 526.619687][T13542] 0 pages cma reserved [ 526.624153][T13542] tty tty16: ldisc open failed (-12), clearing slot 15 [ 526.808169][ T5648] Bluetooth: hci1: command 0x0406 tx timeout [ 526.808383][ T4951] Bluetooth: hci3: command 0x0406 tx timeout [ 526.814495][ T50] Bluetooth: hci0: command 0x0406 tx timeout [ 526.820597][ T5643] Bluetooth: hci2: command 0x0406 tx timeout [ 528.772614][ T30] audit: type=1804 audit(1781306729.293:21): pid=13568 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2357" name="/newroot/611/file0" dev="tmpfs" ino=3165 res=1 errno=0 [ 529.360513][T13592] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2363'. [ 529.398998][T13592] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2363'. [ 530.054046][T13607] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2368'. [ 530.127302][T13607] team0: Port device team_slave_0 removed [ 531.605939][T13637] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2377'. [ 532.294137][T13643] openvswitch: netlink: IP tunnel dst address not specified [ 534.134856][T13669] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2389'. [ 534.294632][T13670] FAULT_INJECTION: forcing a failure. [ 534.294632][T13670] name failslab, interval 1, probability 0, space 0, times 0 [ 534.318052][T13670] CPU: 1 UID: 0 PID: 13670 Comm: syz.4.2388 Tainted: G L syzkaller #0 PREEMPT(full) [ 534.318119][T13670] Tainted: [L]=SOFTLOCKUP [ 534.318133][T13670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 534.318156][T13670] Call Trace: [ 534.318168][T13670] [ 534.318181][T13670] dump_stack_lvl+0x100/0x190 [ 534.318253][T13670] should_fail_ex.cold+0x5/0xa [ 534.318301][T13670] should_failslab+0xc2/0x120 [ 534.318347][T13670] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 534.318405][T13670] ? __kernfs_new_node+0xd2/0x9f0 [ 534.318454][T13670] __kernfs_new_node+0xd2/0x9f0 [ 534.318501][T13670] ? __pfx___kernfs_new_node+0x10/0x10 [ 534.318553][T13670] ? find_held_lock+0x2b/0x80 [ 534.318597][T13670] ? kernfs_root+0xee/0x2a0 [ 534.318635][T13670] ? kernfs_root+0xee/0x2a0 [ 534.318683][T13670] kernfs_new_node+0x11b/0x1a0 [ 534.318736][T13670] __kernfs_create_file+0x53/0x350 [ 534.318797][T13670] sysfs_add_file_mode_ns+0x207/0x3c0 [ 534.318845][T13670] internal_create_group+0x593/0xfb0 [ 534.318899][T13670] ? __pfx_internal_create_group+0x10/0x10 [ 534.318948][T13670] ? kernfs_create_link+0x1bd/0x240 [ 534.319009][T13670] internal_create_groups+0x9d/0x150 [ 534.319054][T13670] device_add+0xf5b/0x1950 [ 534.319110][T13670] ? __pfx_device_add+0x10/0x10 [ 534.319151][T13670] ? lockdep_init_map_type+0x5c/0x250 [ 534.319212][T13670] ? __init_waitqueue_head+0xca/0x150 [ 534.319264][T13670] netdev_register_kobject+0x1a9/0x3d0 [ 534.319319][T13670] register_netdevice+0x151c/0x24b0 [ 534.319370][T13670] ? __pfx_register_netdevice+0x10/0x10 [ 534.319421][T13670] ? __pfx_loopback_net_init+0x10/0x10 [ 534.319481][T13670] register_netdev+0x34/0x50 [ 534.319520][T13670] loopback_net_init+0x7a/0x170 [ 534.319579][T13670] ? __pfx_loopback_net_init+0x10/0x10 [ 534.319635][T13670] ops_init+0x1e2/0x5f0 [ 534.319679][T13670] setup_net+0x118/0x3a0 [ 534.319720][T13670] ? __pfx_setup_net+0x10/0x10 [ 534.319760][T13670] ? mutex_init_lockdep+0xf1/0x120 [ 534.319804][T13670] copy_net_ns+0x46f/0x7c0 [ 534.319852][T13670] create_new_namespaces+0x3ea/0xac0 [ 534.319908][T13670] unshare_nsproxy_namespaces+0xf2/0x220 [ 534.319958][T13670] ksys_unshare+0x438/0xab0 [ 534.320013][T13670] ? __pfx_ksys_unshare+0x10/0x10 [ 534.320062][T13670] ? xfd_validate_state+0x129/0x190 [ 534.320122][T13670] __x64_sys_unshare+0x31/0x40 [ 534.320174][T13670] do_syscall_64+0x115/0x840 [ 534.320227][T13670] ? clear_bhb_loop+0x40/0x90 [ 534.320272][T13670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.320310][T13670] RIP: 0033:0x7f90d0d9ce59 [ 534.320339][T13670] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 534.320375][T13670] RSP: 002b:00007f90d1d23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 534.320410][T13670] RAX: ffffffffffffffda RBX: 00007f90d1015fa0 RCX: 00007f90d0d9ce59 [ 534.320435][T13670] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 534.320457][T13670] RBP: 00007f90d0e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 534.320479][T13670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 534.320501][T13670] R13: 00007f90d1016038 R14: 00007f90d1015fa0 R15: 00007fffaf922528 [ 534.320548][T13670] [ 534.483439][T13674] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2390'. [ 534.786364][T13674] veth1_macvtap: left promiscuous mode [ 534.794515][T13674] macsec0: entered promiscuous mode [ 534.804298][T13674] macsec0: entered allmulticast mode [ 535.510461][T13692] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2396'. [ 535.581476][T13692] netlink: 214 bytes leftover after parsing attributes in process `syz.3.2396'. [ 535.629692][T13692] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 535.639472][T13692] IPv6: NLM_F_CREATE should be set when creating new route [ 535.646895][T13692] IPv6: NLM_F_CREATE should be set when creating new route [ 535.654251][T13692] IPv6: NLM_F_CREATE should be set when creating new route [ 535.763718][T13698] netlink: 266 bytes leftover after parsing attributes in process `syz.0.2398'. [ 535.773543][T13698] IPv6: NLM_F_CREATE should be specified when creating new route [ 536.993022][T13727] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2405'. [ 537.194677][T13729] FAULT_INJECTION: forcing a failure. [ 537.194677][T13729] name failslab, interval 1, probability 0, space 0, times 0 [ 537.211765][T13729] CPU: 1 UID: 0 PID: 13729 Comm: syz.3.2407 Tainted: G L syzkaller #0 PREEMPT(full) [ 537.211818][T13729] Tainted: [L]=SOFTLOCKUP [ 537.211847][T13729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 537.211868][T13729] Call Trace: [ 537.211880][T13729] [ 537.211894][T13729] dump_stack_lvl+0x100/0x190 [ 537.211957][T13729] should_fail_ex.cold+0x5/0xa [ 537.212008][T13729] ? constrain_params_by_rules+0x175/0xcc0 [ 537.212140][T13729] should_failslab+0xc2/0x120 [ 537.212181][T13729] __kmalloc_noprof+0xe0/0x850 [ 537.212236][T13729] ? kasan_quarantine_put+0x104/0x240 [ 537.212283][T13729] constrain_params_by_rules+0x175/0xcc0 [ 537.212336][T13729] ? kfree+0x223/0x6c0 [ 537.212390][T13729] ? constrain_params_by_rules+0xa22/0xcc0 [ 537.212449][T13729] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 537.212510][T13729] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 537.212562][T13729] ? __kasan_slab_free+0x5f/0x80 [ 537.212596][T13729] ? kfree+0x223/0x6c0 [ 537.212649][T13729] ? snd_pcm_oss_change_params_locked+0x18d9/0x39f0 [ 537.212699][T13729] ? snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 537.212748][T13729] ? snd_interval_refine+0x2d0/0x580 [ 537.212790][T13729] snd_pcm_hw_refine+0x7e7/0xad0 [ 537.212851][T13729] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 537.212911][T13729] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 537.212978][T13729] snd_pcm_hw_param_first+0x2b0/0x680 [ 537.213035][T13729] snd_pcm_hw_param_near.constprop.0+0x739/0x850 [ 537.213101][T13729] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 537.213151][T13729] ? __pfx_rate_dst_frames+0x10/0x10 [ 537.213190][T13729] ? calc_dst_frames.constprop.0.isra.0+0xed/0x120 [ 537.213250][T13729] snd_pcm_oss_change_params_locked+0x18d9/0x39f0 [ 537.213327][T13729] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 537.213378][T13729] ? __pfx___mutex_lock+0x10/0x10 [ 537.213459][T13729] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 537.213516][T13729] snd_pcm_oss_ioctl+0x25e1/0x37c0 [ 537.213567][T13729] ? __fget_files+0x215/0x3d0 [ 537.213606][T13729] ? hook_file_ioctl_common+0x149/0x410 [ 537.213653][T13729] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 537.213708][T13729] ? __fget_files+0x21f/0x3d0 [ 537.213755][T13729] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 537.213808][T13729] __x64_sys_ioctl+0x18e/0x210 [ 537.213846][T13729] do_syscall_64+0x115/0x840 [ 537.213894][T13729] ? clear_bhb_loop+0x40/0x90 [ 537.213937][T13729] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.214000][T13729] RIP: 0033:0x7f684739ce59 [ 537.214031][T13729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 537.214065][T13729] RSP: 002b:00007f6848282028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 537.214097][T13729] RAX: ffffffffffffffda RBX: 00007f6847615fa0 RCX: 00007f684739ce59 [ 537.214132][T13729] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000003 [ 537.214178][T13729] RBP: 00007f6847432d6f R08: 0000000000000000 R09: 0000000000000000 [ 537.214199][T13729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 537.214247][T13729] R13: 00007f6847616038 R14: 00007f6847615fa0 R15: 00007fff04194108 [ 537.214355][T13729] [ 538.540050][T13755] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2416'. [ 539.133938][T13767] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2420'. [ 539.594671][ T4951] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 539.594742][ T4951] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 539.616736][ T4951] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 539.616812][ T4951] Bluetooth: hci1: adv larger than maximum supported [ 539.626430][ T4951] Bluetooth: hci1: adv larger than maximum supported [ 539.634689][ T4951] Bluetooth: hci1: Unknown advertising packet type: 0x30 [ 539.641536][ T4951] Bluetooth: hci1: Unknown advertising packet type: 0x72 [ 539.648843][ T4951] Bluetooth: hci1: adv larger than maximum supported [ 539.657462][ T4951] Bluetooth: hci1: Malformed LE Event: 0x0d [ 540.541092][ T30] audit: type=1804 audit(1781306741.053:22): pid=13777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2424" name="/newroot/586/file0" dev="tmpfs" ino=3034 res=1 errno=0 [ 540.693517][T13791] FAULT_INJECTION: forcing a failure. [ 540.693517][T13791] name failslab, interval 1, probability 0, space 0, times 0 [ 540.732096][T13791] CPU: 1 UID: 0 PID: 13791 Comm: syz.0.2426 Tainted: G L syzkaller #0 PREEMPT(full) [ 540.732146][T13791] Tainted: [L]=SOFTLOCKUP [ 540.732157][T13791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 540.732177][T13791] Call Trace: [ 540.732187][T13791] [ 540.732199][T13791] dump_stack_lvl+0x100/0x190 [ 540.732261][T13791] should_fail_ex.cold+0x5/0xa [ 540.732307][T13791] should_failslab+0xc2/0x120 [ 540.732350][T13791] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 540.732416][T13791] ? __kernfs_new_node+0xd2/0x9f0 [ 540.732458][T13791] __kernfs_new_node+0xd2/0x9f0 [ 540.732497][T13791] ? __pfx___kernfs_new_node+0x10/0x10 [ 540.732540][T13791] ? find_held_lock+0x2b/0x80 [ 540.732577][T13791] ? kernfs_root+0xee/0x2a0 [ 540.732608][T13791] ? kernfs_root+0xee/0x2a0 [ 540.732651][T13791] kernfs_new_node+0x11b/0x1a0 [ 540.732695][T13791] __kernfs_create_file+0x53/0x350 [ 540.732750][T13791] sysfs_add_file_mode_ns+0x207/0x3c0 [ 540.732790][T13791] internal_create_group+0x593/0xfb0 [ 540.732835][T13791] ? __pfx_internal_create_group+0x10/0x10 [ 540.732877][T13791] ? kernfs_create_link+0x1bd/0x240 [ 540.732934][T13791] internal_create_groups+0x9d/0x150 [ 540.732981][T13791] device_add+0x71a/0x1950 [ 540.733023][T13791] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 540.733075][T13791] ? __pfx_device_add+0x10/0x10 [ 540.733114][T13791] ? lockdep_init_map_type+0x5c/0x250 [ 540.733174][T13791] ? __init_waitqueue_head+0xca/0x150 [ 540.733223][T13791] netdev_register_kobject+0x1a9/0x3d0 [ 540.733279][T13791] register_netdevice+0x151c/0x24b0 [ 540.733330][T13791] ? __pfx_register_netdevice+0x10/0x10 [ 540.733382][T13791] ? __pfx_loopback_net_init+0x10/0x10 [ 540.733485][T13791] register_netdev+0x34/0x50 [ 540.733525][T13791] loopback_net_init+0x7a/0x170 [ 540.733584][T13791] ? __pfx_loopback_net_init+0x10/0x10 [ 540.733640][T13791] ops_init+0x1e2/0x5f0 [ 540.733683][T13791] setup_net+0x118/0x3a0 [ 540.733723][T13791] ? __pfx_setup_net+0x10/0x10 [ 540.733763][T13791] ? mutex_init_lockdep+0xf1/0x120 [ 540.733807][T13791] copy_net_ns+0x46f/0x7c0 [ 540.733855][T13791] create_new_namespaces+0x3ea/0xac0 [ 540.733912][T13791] unshare_nsproxy_namespaces+0xf2/0x220 [ 540.733962][T13791] ksys_unshare+0x438/0xab0 [ 540.734016][T13791] ? __pfx_ksys_unshare+0x10/0x10 [ 540.734064][T13791] ? xfd_validate_state+0x129/0x190 [ 540.734115][T13791] __x64_sys_unshare+0x31/0x40 [ 540.734167][T13791] do_syscall_64+0x115/0x840 [ 540.734219][T13791] ? clear_bhb_loop+0x40/0x90 [ 540.734264][T13791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.734302][T13791] RIP: 0033:0x7febecd9ce59 [ 540.734331][T13791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 540.734368][T13791] RSP: 002b:00007febedccf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 540.734410][T13791] RAX: ffffffffffffffda RBX: 00007febed015fa0 RCX: 00007febecd9ce59 [ 540.734434][T13791] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 540.734456][T13791] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 540.734477][T13791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 540.734498][T13791] R13: 00007febed016038 R14: 00007febed015fa0 R15: 00007ffe65567a48 [ 540.734545][T13791] [ 542.307705][T13813] lo: entered allmulticast mode [ 542.441188][T13817] lo: left allmulticast mode [ 542.757592][T13822] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2434'. [ 543.815451][T13845] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2444'. [ 543.914886][T13845] team0: Port device team_slave_0 removed [ 545.789183][T13889] FAULT_INJECTION: forcing a failure. [ 545.789183][T13889] name failslab, interval 1, probability 0, space 0, times 0 [ 545.869843][T13889] CPU: 0 UID: 0 PID: 13889 Comm: syz.4.2456 Tainted: G L syzkaller #0 PREEMPT(full) [ 545.869898][T13889] Tainted: [L]=SOFTLOCKUP [ 545.869911][T13889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 545.869934][T13889] Call Trace: [ 545.869945][T13889] [ 545.869968][T13889] dump_stack_lvl+0x100/0x190 [ 545.870038][T13889] should_fail_ex.cold+0x5/0xa [ 545.870085][T13889] should_failslab+0xc2/0x120 [ 545.870130][T13889] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 545.870192][T13889] ? __alloc_skb+0x140/0x710 [ 545.870234][T13889] __alloc_skb+0x140/0x710 [ 545.870265][T13889] ? __alloc_skb+0x5b7/0x710 [ 545.870299][T13889] ? __pfx___alloc_skb+0x10/0x10 [ 545.870332][T13889] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 545.870388][T13889] ? audit_log_start+0x29d/0x930 [ 545.870428][T13889] ? lockdep_init_map_type+0x5c/0x250 [ 545.870495][T13889] audit_log_start+0x350/0x930 [ 545.870540][T13889] ? __pfx_audit_log_start+0x10/0x10 [ 545.870593][T13889] ? integrity_audit_msg+0x41/0x60 [ 545.870651][T13889] integrity_audit_message+0x10c/0x4f0 [ 545.870708][T13889] ? __pfx_integrity_audit_message+0x10/0x10 [ 545.870769][T13889] ? __pfx_ima_add_template_entry+0x10/0x10 [ 545.870834][T13889] integrity_audit_msg+0x41/0x60 [ 545.870897][T13889] ima_add_violation+0x1b9/0x3c0 [ 545.870946][T13889] ? __pfx_ima_add_violation+0x10/0x10 [ 545.870994][T13889] ? ima_d_path+0x137/0x260 [ 545.871036][T13889] ? __pfx_ima_d_path+0x10/0x10 [ 545.871086][T13889] ? lockdep_init_map_type+0x5c/0x250 [ 545.871148][T13889] ? ima_inode_get+0x39d/0x580 [ 545.871264][T13889] process_measurement+0x148f/0x2350 [ 545.871311][T13889] ? __schedule+0x12a7/0x67a0 [ 545.871364][T13889] ? trace_ignore_this_task+0xbc/0x100 [ 545.871410][T13889] ? __pfx_process_measurement+0x10/0x10 [ 545.871448][T13889] ? __lock_acquire+0x4a5/0x2630 [ 545.871505][T13889] ? trace_pid_list_is_set+0x22c/0x390 [ 545.871594][T13889] ? __pfx_aa_file_perm+0x10/0x10 [ 545.871657][T13889] ima_file_mmap+0x1c4/0x1f0 [ 545.871695][T13889] ? __pfx_ima_file_mmap+0x10/0x10 [ 545.871743][T13889] security_mmap_file+0x278/0x9b0 [ 545.871792][T13889] vm_mmap_pgoff+0xec/0x470 [ 545.871841][T13889] ? find_held_lock+0x2b/0x80 [ 545.871883][T13889] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 545.871925][T13889] ? __fget_files+0x215/0x3d0 [ 545.871986][T13889] ? __fget_files+0x21f/0x3d0 [ 545.872038][T13889] ksys_mmap_pgoff+0x3cb/0x610 [ 545.872085][T13889] ? __x64_sys_futex+0x358/0x4d0 [ 545.872125][T13889] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 545.872169][T13889] ? xfd_validate_state+0x129/0x190 [ 545.872213][T13889] __x64_sys_mmap+0x125/0x190 [ 545.872257][T13889] do_syscall_64+0x115/0x840 [ 545.872306][T13889] ? clear_bhb_loop+0x40/0x90 [ 545.872350][T13889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 545.872387][T13889] RIP: 0033:0x7f90d0d9ce59 [ 545.872417][T13889] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 545.872454][T13889] RSP: 002b:00007f90d1d23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 545.872490][T13889] RAX: ffffffffffffffda RBX: 00007f90d1015fa0 RCX: 00007f90d0d9ce59 [ 545.872515][T13889] RDX: 0000000000000fd5 RSI: 0000000000000001 RDI: 0000000000000000 [ 545.872537][T13889] RBP: 00007f90d0e32d6f R08: 0000000000000006 R09: 0000000040000000 [ 545.872561][T13889] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 545.872581][T13889] R13: 00007f90d1016038 R14: 00007f90d1015fa0 R15: 00007fffaf922528 [ 545.872628][T13889] [ 546.354001][T13889] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 546.383845][T13889] audit: out of memory in audit_log_start [ 547.298599][T13909] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2463'. [ 547.323964][T13911] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 548.409776][T13929] FAULT_INJECTION: forcing a failure. [ 548.409776][T13929] name failslab, interval 1, probability 0, space 0, times 0 [ 548.424043][T13929] CPU: 1 UID: 0 PID: 13929 Comm: syz.4.2469 Tainted: G L syzkaller #0 PREEMPT(full) [ 548.424097][T13929] Tainted: [L]=SOFTLOCKUP [ 548.424109][T13929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 548.424130][T13929] Call Trace: [ 548.424142][T13929] [ 548.424154][T13929] dump_stack_lvl+0x100/0x190 [ 548.424222][T13929] should_fail_ex.cold+0x5/0xa [ 548.424267][T13929] should_failslab+0xc2/0x120 [ 548.424312][T13929] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 548.424369][T13929] ? __kernfs_new_node+0xd2/0x9f0 [ 548.424417][T13929] __kernfs_new_node+0xd2/0x9f0 [ 548.424457][T13929] ? find_held_lock+0x2b/0x80 [ 548.424504][T13929] ? kernfs_add_one+0x583/0x850 [ 548.424548][T13929] ? __pfx___kernfs_new_node+0x10/0x10 [ 548.424597][T13929] ? find_held_lock+0x2b/0x80 [ 548.424640][T13929] ? kernfs_root+0xee/0x2a0 [ 548.424676][T13929] ? kernfs_root+0xee/0x2a0 [ 548.424735][T13929] kernfs_new_node+0x11b/0x1a0 [ 548.424789][T13929] kernfs_create_dir_ns+0x4c/0x1a0 [ 548.424842][T13929] internal_create_group+0x36f/0xfb0 [ 548.424895][T13929] ? __pfx_internal_create_group+0x10/0x10 [ 548.424945][T13929] ? kernfs_create_link+0x1bd/0x240 [ 548.425007][T13929] internal_create_groups+0x9d/0x150 [ 548.425055][T13929] device_add+0xf5b/0x1950 [ 548.425099][T13929] ? __pfx_device_add+0x10/0x10 [ 548.425139][T13929] ? lockdep_init_map_type+0x5c/0x250 [ 548.425198][T13929] ? __init_waitqueue_head+0xca/0x150 [ 548.425248][T13929] netdev_register_kobject+0x1a9/0x3d0 [ 548.425302][T13929] register_netdevice+0x151c/0x24b0 [ 548.425353][T13929] ? __pfx_register_netdevice+0x10/0x10 [ 548.425403][T13929] ? __pfx_loopback_net_init+0x10/0x10 [ 548.425465][T13929] register_netdev+0x34/0x50 [ 548.425504][T13929] loopback_net_init+0x7a/0x170 [ 548.425563][T13929] ? __pfx_loopback_net_init+0x10/0x10 [ 548.425619][T13929] ops_init+0x1e2/0x5f0 [ 548.425670][T13929] setup_net+0x118/0x3a0 [ 548.425719][T13929] ? __pfx_setup_net+0x10/0x10 [ 548.425759][T13929] ? mutex_init_lockdep+0xf1/0x120 [ 548.425803][T13929] copy_net_ns+0x46f/0x7c0 [ 548.425850][T13929] create_new_namespaces+0x3ea/0xac0 [ 548.425906][T13929] unshare_nsproxy_namespaces+0xf2/0x220 [ 548.425963][T13929] ksys_unshare+0x438/0xab0 [ 548.426018][T13929] ? __pfx_ksys_unshare+0x10/0x10 [ 548.426068][T13929] ? xfd_validate_state+0x129/0x190 [ 548.426119][T13929] __x64_sys_unshare+0x31/0x40 [ 548.426167][T13929] do_syscall_64+0x115/0x840 [ 548.426211][T13929] ? clear_bhb_loop+0x40/0x90 [ 548.426249][T13929] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 548.426281][T13929] RIP: 0033:0x7f90d0d9ce59 [ 548.426306][T13929] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 548.426335][T13929] RSP: 002b:00007f90d1d23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 548.426364][T13929] RAX: ffffffffffffffda RBX: 00007f90d1015fa0 RCX: 00007f90d0d9ce59 [ 548.426384][T13929] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 548.426403][T13929] RBP: 00007f90d0e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 548.426421][T13929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 548.426439][T13929] R13: 00007f90d1016038 R14: 00007f90d1015fa0 R15: 00007fffaf922528 [ 548.426479][T13929] [ 549.086996][T13934] lo: entered allmulticast mode [ 549.240110][T13934] lo: left allmulticast mode [ 550.187473][T13949] FAULT_INJECTION: forcing a failure. [ 550.187473][T13949] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 550.220205][T13949] CPU: 0 UID: 0 PID: 13949 Comm: syz.0.2475 Tainted: G L syzkaller #0 PREEMPT(full) [ 550.220262][T13949] Tainted: [L]=SOFTLOCKUP [ 550.220275][T13949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 550.220297][T13949] Call Trace: [ 550.220309][T13949] [ 550.220323][T13949] dump_stack_lvl+0x100/0x190 [ 550.220390][T13949] should_fail_ex.cold+0x5/0xa [ 550.220438][T13949] _copy_from_user+0x2e/0xd0 [ 550.220492][T13949] memdup_user+0x6b/0xe0 [ 550.220533][T13949] msr_io+0xea/0x480 [ 550.220578][T13949] ? __pfx_do_get_msr+0x10/0x10 [ 550.220643][T13949] ? __pfx_msr_io+0x10/0x10 [ 550.220689][T13949] ? __pfx_widen_string+0x10/0x10 [ 550.220728][T13949] ? __kernel_text_address+0xd/0x30 [ 550.220772][T13949] kvm_arch_vcpu_ioctl+0x1950/0x5730 [ 550.220822][T13949] ? kvm_arch_vcpu_ioctl+0x1928/0x5730 [ 550.220883][T13949] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 550.220933][T13949] ? __pfx_stack_trace_save+0x10/0x10 [ 550.220982][T13949] ? stack_depot_save_flags+0x27/0x9d0 [ 550.221044][T13949] ? __lock_acquire+0x4a5/0x2630 [ 550.221103][T13949] ? tomoyo_path_number_perm+0x46d/0x580 [ 550.221155][T13949] ? __lock_acquire+0x4a5/0x2630 [ 550.221211][T13949] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.221265][T13949] ? lock_acquire+0x1b1/0x370 [ 550.221327][T13949] ? rcu_is_watching+0x12/0xc0 [ 550.221374][T13949] ? trace_contention_end+0x122/0x170 [ 550.221413][T13949] ? __mutex_lock+0x26d/0x1b10 [ 550.221468][T13949] ? kvm_vcpu_ioctl+0x322/0x1720 [ 550.221534][T13949] ? __pfx___mutex_lock+0x10/0x10 [ 550.221588][T13949] ? kasan_quarantine_put+0x104/0x240 [ 550.221638][T13949] ? tomoyo_path_number_perm+0x28f/0x580 [ 550.221694][T13949] ? tomoyo_path_number_perm+0x188/0x580 [ 550.221747][T13949] ? kvm_vcpu_ioctl+0x8a0/0x1720 [ 550.221801][T13949] kvm_vcpu_ioctl+0x8a0/0x1720 [ 550.221864][T13949] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 550.221923][T13949] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 550.221978][T13949] ? do_vfs_ioctl+0x226/0x13e0 [ 550.222015][T13949] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 550.222065][T13949] ? find_held_lock+0x2b/0x80 [ 550.222109][T13949] ? __fget_files+0x215/0x3d0 [ 550.222150][T13949] ? hook_file_ioctl_common+0x149/0x410 [ 550.222205][T13949] ? __fget_files+0x21f/0x3d0 [ 550.222253][T13949] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 550.222312][T13949] __x64_sys_ioctl+0x18e/0x210 [ 550.222350][T13949] do_syscall_64+0x115/0x840 [ 550.222399][T13949] ? clear_bhb_loop+0x40/0x90 [ 550.222442][T13949] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.222480][T13949] RIP: 0033:0x7febecd9ce59 [ 550.222509][T13949] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 550.222545][T13949] RSP: 002b:00007febedccf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 550.222580][T13949] RAX: ffffffffffffffda RBX: 00007febed015fa0 RCX: 00007febecd9ce59 [ 550.222604][T13949] RDX: 0000200000000500 RSI: 00000000c008ae88 RDI: 0000000000000004 [ 550.222634][T13949] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 550.222657][T13949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 550.222678][T13949] R13: 00007febed016038 R14: 00007febed015fa0 R15: 00007ffe65567a48 [ 550.222725][T13949] [ 551.139657][T13956] sd 0:0:1:0: PR command failed: 1026 [ 551.158103][T13956] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 551.180443][T13956] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 552.877391][T13990] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 552.904526][T13990] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 552.914587][T13990] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 552.921739][T13990] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 553.303150][T14000] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2492'. [ 553.327039][T13998] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2499'. [ 553.776311][T14006] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2493'. [ 553.807583][T14007] FAULT_INJECTION: forcing a failure. [ 553.807583][T14007] name failslab, interval 1, probability 0, space 0, times 0 [ 553.865554][T14007] CPU: 1 UID: 0 PID: 14007 Comm: syz.0.2494 Tainted: G L syzkaller #0 PREEMPT(full) [ 553.865608][T14007] Tainted: [L]=SOFTLOCKUP [ 553.865621][T14007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 553.865642][T14007] Call Trace: [ 553.865653][T14007] [ 553.865667][T14007] dump_stack_lvl+0x100/0x190 [ 553.865733][T14007] should_fail_ex.cold+0x5/0xa [ 553.865777][T14007] ? memcg_list_lru_alloc+0x4ec/0x740 [ 553.865813][T14007] should_failslab+0xc2/0x120 [ 553.865857][T14007] __kmalloc_noprof+0xe0/0x850 [ 553.865916][T14007] ? __lock_acquire+0x4a5/0x2630 [ 553.865979][T14007] memcg_list_lru_alloc+0x4ec/0x740 [ 553.866016][T14007] ? copy_process+0x3531/0x7ed0 [ 553.866061][T14007] ? kernel_clone+0x176/0x9e0 [ 553.866115][T14007] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 553.866173][T14007] __memcg_slab_post_alloc_hook+0x27e/0xff0 [ 553.866236][T14007] ? kasan_save_track+0x14/0x30 [ 553.866281][T14007] kmem_cache_alloc_lru_noprof+0x592/0x6e0 [ 553.866351][T14007] ? mqueue_alloc_inode+0x25/0x50 [ 553.866512][T14007] ? __pfx_mqueue_alloc_inode+0x10/0x10 [ 553.866574][T14007] mqueue_alloc_inode+0x25/0x50 [ 553.866631][T14007] alloc_inode+0x68/0x250 [ 553.866687][T14007] new_inode+0x22/0x1c0 [ 553.866741][T14007] mqueue_get_inode+0x2e/0xe00 [ 553.866794][T14007] ? sget_fc+0x801/0xc70 [ 553.866830][T14007] ? __pfx_mqueue_fill_super+0x10/0x10 [ 553.866881][T14007] mqueue_fill_super+0x14d/0x260 [ 553.866935][T14007] get_tree_nodev+0xdd/0x190 [ 553.866977][T14007] mqueue_get_tree+0xf1/0x130 [ 553.867034][T14007] vfs_get_tree+0x92/0x320 [ 553.867070][T14007] fc_mount_longterm+0x1a/0x270 [ 553.867109][T14007] mq_init_ns+0x482/0x820 [ 553.867153][T14007] copy_ipcs+0x3dd/0x7e0 [ 553.867196][T14007] create_new_namespaces+0x20a/0xac0 [ 553.867243][T14007] ? security_capable+0x80/0x260 [ 553.867283][T14007] copy_namespaces+0x468/0x5e0 [ 553.867342][T14007] copy_process+0x3531/0x7ed0 [ 553.867390][T14007] ? futex_unqueue+0x133/0x2c0 [ 553.867447][T14007] ? __pfx_copy_process+0x10/0x10 [ 553.867503][T14007] ? _copy_from_user+0x59/0xd0 [ 553.867556][T14007] kernel_clone+0x176/0x9e0 [ 553.867605][T14007] ? futex_hash+0x141/0x370 [ 553.867656][T14007] ? __pfx_kernel_clone+0x10/0x10 [ 553.867711][T14007] ? __pfx_futex_wait+0x10/0x10 [ 553.867767][T14007] __do_sys_clone3+0x214/0x290 [ 553.867815][T14007] ? __pfx___do_sys_clone3+0x10/0x10 [ 553.867884][T14007] ? _raw_spin_unlock_irq+0x23/0x50 [ 553.867956][T14007] ? rcu_is_watching+0x12/0xc0 [ 553.868004][T14007] do_syscall_64+0x115/0x840 [ 553.868055][T14007] ? clear_bhb_loop+0x40/0x90 [ 553.868101][T14007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 553.868138][T14007] RIP: 0033:0x7febecd9ce59 [ 553.868169][T14007] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 553.868204][T14007] RSP: 002b:00007febedcceef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 553.868239][T14007] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007febecd9ce59 [ 553.868263][T14007] RDX: 00007febedccef10 RSI: 0000000000000058 RDI: 00007febedccef10 [ 553.868286][T14007] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000058 [ 553.868318][T14007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 553.868341][T14007] R13: 00007febed016038 R14: 00007febed015fa0 R15: 00007ffe65567a48 [ 553.868388][T14007] [ 554.235573][T14006] team0: Port device team_slave_0 removed [ 554.888034][ T4951] Bluetooth: hci2: command 0x0406 tx timeout [ 554.968759][ T4951] Bluetooth: hci1: command 0x0406 tx timeout [ 554.974885][ T4951] Bluetooth: hci3: command 0x0406 tx timeout [ 554.981066][ T5643] Bluetooth: hci0: command 0x0406 tx timeout [ 555.308323][T14028] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 555.322309][T14028] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 555.341310][T14028] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 555.360879][T14028] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 555.804489][T14036] validate_nla: 8 callbacks suppressed [ 555.804516][T14036] netlink: 'syz.2.2504': attribute type 21 has an invalid length. [ 555.818905][T14036] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2504'. [ 556.193302][T14039] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2505'. [ 556.242585][T14039] veth0_macvtap: left promiscuous mode [ 557.368127][ T5643] Bluetooth: hci1: command 0x0406 tx timeout [ 557.374270][ T4951] Bluetooth: hci3: command 0x0406 tx timeout [ 557.380391][ T5648] Bluetooth: hci0: command 0x0406 tx timeout [ 557.386730][ T5648] Bluetooth: hci2: command 0x0406 tx timeout [ 557.721771][T14066] netlink: 334 bytes leftover after parsing attributes in process `syz.4.2514'. [ 558.301364][T14082] FAULT_INJECTION: forcing a failure. [ 558.301364][T14082] name failslab, interval 1, probability 0, space 0, times 0 [ 558.317255][T14082] CPU: 1 UID: 5 PID: 14082 Comm: syz.3.2520 Tainted: G L syzkaller #0 PREEMPT(full) [ 558.317302][T14082] Tainted: [L]=SOFTLOCKUP [ 558.317313][T14082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 558.317331][T14082] Call Trace: [ 558.317342][T14082] [ 558.317353][T14082] dump_stack_lvl+0x100/0x190 [ 558.317438][T14082] should_fail_ex.cold+0x5/0xa [ 558.317478][T14082] should_failslab+0xc2/0x120 [ 558.317515][T14082] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 558.317568][T14082] ? __proc_create+0x2cb/0x8c0 [ 558.317615][T14082] __proc_create+0x2cb/0x8c0 [ 558.317655][T14082] ? __pfx___proc_create+0x10/0x10 [ 558.317700][T14082] ? _raw_write_unlock+0x28/0x50 [ 558.317741][T14082] ? proc_register+0x559/0x8a0 [ 558.317786][T14082] proc_create_reg+0x75/0x170 [ 558.317832][T14082] proc_create_seq_private+0x8e/0x180 [ 558.317883][T14082] ? __pfx_proc_create_seq_private+0x10/0x10 [ 558.317933][T14082] ? timer_init_key+0x155/0x330 [ 558.317984][T14082] ? __pfx_nl_fib_input+0x10/0x10 [ 558.318121][T14082] ? __pfx_ip_rt_do_proc_init+0x10/0x10 [ 558.318218][T14082] ip_rt_do_proc_init+0xb2/0x1d0 [ 558.318274][T14082] ? __pfx_ip_rt_do_proc_init+0x10/0x10 [ 558.318325][T14082] ops_init+0x1e2/0x5f0 [ 558.318365][T14082] setup_net+0x118/0x3a0 [ 558.318407][T14082] ? __pfx_setup_net+0x10/0x10 [ 558.318439][T14082] ? mutex_init_lockdep+0xf1/0x120 [ 558.318474][T14082] copy_net_ns+0x46f/0x7c0 [ 558.318511][T14082] create_new_namespaces+0x3ea/0xac0 [ 558.318554][T14082] unshare_nsproxy_namespaces+0xf2/0x220 [ 558.318594][T14082] ksys_unshare+0x438/0xab0 [ 558.318636][T14082] ? __pfx_ksys_unshare+0x10/0x10 [ 558.318675][T14082] ? xfd_validate_state+0x129/0x190 [ 558.318702][T14082] ? set_cred_ucounts+0x10f/0x200 [ 558.318742][T14082] __x64_sys_unshare+0x31/0x40 [ 558.318782][T14082] do_syscall_64+0x115/0x840 [ 558.318822][T14082] ? clear_bhb_loop+0x40/0x90 [ 558.318857][T14082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 558.318887][T14082] RIP: 0033:0x7f684739ce59 [ 558.318912][T14082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 558.318940][T14082] RSP: 002b:00007f6848282028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 558.318967][T14082] RAX: ffffffffffffffda RBX: 00007f6847615fa0 RCX: 00007f684739ce59 [ 558.318986][T14082] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 558.319004][T14082] RBP: 00007f6847432d6f R08: 0000000000000000 R09: 0000000000000000 [ 558.319021][T14082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 558.319039][T14082] R13: 00007f6847616038 R14: 00007f6847615fa0 R15: 00007fff04194108 [ 558.319075][T14082] [ 559.009709][T14091] random: crng reseeded on system resumption [ 559.871706][T14106] FAULT_INJECTION: forcing a failure. [ 559.871706][T14106] name failslab, interval 1, probability 0, space 0, times 0 [ 559.898326][T14106] CPU: 1 UID: 0 PID: 14106 Comm: syz.3.2527 Tainted: G L syzkaller #0 PREEMPT(full) [ 559.898383][T14106] Tainted: [L]=SOFTLOCKUP [ 559.898396][T14106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 559.898417][T14106] Call Trace: [ 559.898428][T14106] [ 559.898442][T14106] dump_stack_lvl+0x100/0x190 [ 559.898508][T14106] should_fail_ex.cold+0x5/0xa [ 559.898551][T14106] should_failslab+0xc2/0x120 [ 559.898594][T14106] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 559.898654][T14106] ? __kernfs_new_node+0xd2/0x9f0 [ 559.898705][T14106] __kernfs_new_node+0xd2/0x9f0 [ 559.898748][T14106] ? __pfx___kernfs_new_node+0x10/0x10 [ 559.898797][T14106] ? find_held_lock+0x2b/0x80 [ 559.898841][T14106] ? kernfs_root+0xee/0x2a0 [ 559.898878][T14106] ? kernfs_root+0xee/0x2a0 [ 559.898927][T14106] kernfs_new_node+0x11b/0x1a0 [ 559.898980][T14106] __kernfs_create_file+0x53/0x350 [ 559.899041][T14106] sysfs_add_file_mode_ns+0x207/0x3c0 [ 559.899090][T14106] internal_create_group+0x593/0xfb0 [ 559.899142][T14106] ? __pfx_internal_create_group+0x10/0x10 [ 559.899193][T14106] ? kernfs_create_link+0x1bd/0x240 [ 559.899255][T14106] internal_create_groups+0x9d/0x150 [ 559.899310][T14106] device_add+0x71a/0x1950 [ 559.899353][T14106] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 559.899406][T14106] ? __pfx_device_add+0x10/0x10 [ 559.899445][T14106] ? lockdep_init_map_type+0x5c/0x250 [ 559.899506][T14106] ? __init_waitqueue_head+0xca/0x150 [ 559.899557][T14106] netdev_register_kobject+0x1a9/0x3d0 [ 559.899613][T14106] register_netdevice+0x151c/0x24b0 [ 559.899664][T14106] ? __pfx_register_netdevice+0x10/0x10 [ 559.899715][T14106] ? __pfx_loopback_net_init+0x10/0x10 [ 559.899774][T14106] register_netdev+0x34/0x50 [ 559.899813][T14106] loopback_net_init+0x7a/0x170 [ 559.899872][T14106] ? __pfx_loopback_net_init+0x10/0x10 [ 559.899927][T14106] ops_init+0x1e2/0x5f0 [ 559.899971][T14106] setup_net+0x118/0x3a0 [ 559.900011][T14106] ? __pfx_setup_net+0x10/0x10 [ 559.900051][T14106] ? mutex_init_lockdep+0xf1/0x120 [ 559.900094][T14106] copy_net_ns+0x46f/0x7c0 [ 559.900141][T14106] create_new_namespaces+0x3ea/0xac0 [ 559.900198][T14106] unshare_nsproxy_namespaces+0xf2/0x220 [ 559.900255][T14106] ksys_unshare+0x438/0xab0 [ 559.900319][T14106] ? __pfx_ksys_unshare+0x10/0x10 [ 559.900369][T14106] ? xfd_validate_state+0x129/0x190 [ 559.900421][T14106] __x64_sys_unshare+0x31/0x40 [ 559.900473][T14106] do_syscall_64+0x115/0x840 [ 559.900525][T14106] ? clear_bhb_loop+0x40/0x90 [ 559.900570][T14106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 559.900608][T14106] RIP: 0033:0x7f684739ce59 [ 559.900637][T14106] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 559.900674][T14106] RSP: 002b:00007f6848282028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 559.900709][T14106] RAX: ffffffffffffffda RBX: 00007f6847615fa0 RCX: 00007f684739ce59 [ 559.900734][T14106] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 559.900756][T14106] RBP: 00007f6847432d6f R08: 0000000000000000 R09: 0000000000000000 [ 559.900778][T14106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 559.900801][T14106] R13: 00007f6847616038 R14: 00007f6847615fa0 R15: 00007fff04194108 [ 559.900847][T14106] [ 560.669182][T14119] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 560.675603][T14119] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 560.698169][T14119] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 560.718196][T14119] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 561.163536][T14131] FAULT_INJECTION: forcing a failure. [ 561.163536][T14131] name failslab, interval 1, probability 0, space 0, times 0 [ 561.190619][T14131] CPU: 0 UID: 0 PID: 14131 Comm: syz.0.2535 Tainted: G L syzkaller #0 PREEMPT(full) [ 561.190676][T14131] Tainted: [L]=SOFTLOCKUP [ 561.190690][T14131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 561.190711][T14131] Call Trace: [ 561.190723][T14131] [ 561.190737][T14131] dump_stack_lvl+0x100/0x190 [ 561.190804][T14131] should_fail_ex.cold+0x5/0xa [ 561.190851][T14131] should_failslab+0xc2/0x120 [ 561.190896][T14131] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 561.190952][T14131] ? __kernfs_new_node+0xd2/0x9f0 [ 561.191001][T14131] __kernfs_new_node+0xd2/0x9f0 [ 561.191046][T14131] ? __pfx___kernfs_new_node+0x10/0x10 [ 561.191097][T14131] ? find_held_lock+0x2b/0x80 [ 561.191150][T14131] ? kernfs_root+0xee/0x2a0 [ 561.191187][T14131] ? kernfs_root+0xee/0x2a0 [ 561.191236][T14131] kernfs_new_node+0x11b/0x1a0 [ 561.191290][T14131] __kernfs_create_file+0x53/0x350 [ 561.191350][T14131] sysfs_add_file_mode_ns+0x207/0x3c0 [ 561.191399][T14131] internal_create_group+0x593/0xfb0 [ 561.191453][T14131] ? __pfx_internal_create_group+0x10/0x10 [ 561.191502][T14131] ? kernfs_create_link+0x1bd/0x240 [ 561.191564][T14131] internal_create_groups+0x9d/0x150 [ 561.191612][T14131] device_add+0x7c8/0x1950 [ 561.191656][T14131] ? __pfx_device_add+0x10/0x10 [ 561.191696][T14131] ? lockdep_init_map_type+0x5c/0x250 [ 561.191756][T14131] ? __init_waitqueue_head+0xca/0x150 [ 561.191805][T14131] netdev_register_kobject+0x1a9/0x3d0 [ 561.191860][T14131] register_netdevice+0x151c/0x24b0 [ 561.191910][T14131] ? __pfx_register_netdevice+0x10/0x10 [ 561.191949][T14131] ? net_generic+0xea/0x2a0 [ 561.192092][T14131] ppp_dev_configure+0x986/0xcb0 [ 561.192151][T14131] ppp_ioctl+0x9d7/0x27c0 [ 561.192192][T14131] ? find_held_lock+0x2b/0x80 [ 561.192238][T14131] ? __pfx_ppp_ioctl+0x10/0x10 [ 561.192281][T14131] ? __fget_files+0x21f/0x3d0 [ 561.192321][T14131] ? __pfx_ppp_ioctl+0x10/0x10 [ 561.192354][T14131] __x64_sys_ioctl+0x18e/0x210 [ 561.192387][T14131] do_syscall_64+0x115/0x840 [ 561.192428][T14131] ? clear_bhb_loop+0x40/0x90 [ 561.192467][T14131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.192503][T14131] RIP: 0033:0x7febecd9ce59 [ 561.192532][T14131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 561.192569][T14131] RSP: 002b:00007febedccf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 561.192605][T14131] RAX: ffffffffffffffda RBX: 00007febed015fa0 RCX: 00007febecd9ce59 [ 561.192630][T14131] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000006 [ 561.192651][T14131] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 561.192673][T14131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 561.192695][T14131] R13: 00007febed016038 R14: 00007febed015fa0 R15: 00007ffe65567a48 [ 561.192742][T14131] [ 562.326677][T14146] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2541'. [ 562.392715][T14146] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2541'. [ 562.475316][ T30] audit: type=1807 audit(1781306762.993:23): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 562.516497][ T30] audit: type=1802 audit(1781306763.013:24): pid=14149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.2542" res=0 errno=0 [ 562.544825][T14148] ima: policy update failed [ 562.552250][ T30] audit: type=1802 audit(1781306763.073:25): pid=14148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2542" res=0 errno=0 [ 562.728040][T14057] Bluetooth: hci1: command 0x0406 tx timeout [ 562.728062][ T50] Bluetooth: hci3: command 0x0406 tx timeout [ 562.728154][ T50] Bluetooth: hci0: command 0x0406 tx timeout [ 562.734756][ T5648] Bluetooth: hci2: command 0x0406 tx timeout [ 563.051453][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.059947][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.503008][T14161] FAULT_INJECTION: forcing a failure. [ 563.503008][T14161] name failslab, interval 1, probability 0, space 0, times 0 [ 563.541803][T14161] CPU: 1 UID: 0 PID: 14161 Comm: syz.0.2546 Tainted: G L syzkaller #0 PREEMPT(full) [ 563.541862][T14161] Tainted: [L]=SOFTLOCKUP [ 563.541875][T14161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 563.541898][T14161] Call Trace: [ 563.541919][T14161] [ 563.541933][T14161] dump_stack_lvl+0x100/0x190 [ 563.542003][T14161] should_fail_ex.cold+0x5/0xa [ 563.542049][T14161] should_failslab+0xc2/0x120 [ 563.542093][T14161] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 563.542152][T14161] ? proc_alloc_inode+0x25/0x200 [ 563.542197][T14161] ? __pfx_proc_alloc_inode+0x10/0x10 [ 563.542240][T14161] proc_alloc_inode+0x25/0x200 [ 563.542281][T14161] alloc_inode+0x68/0x250 [ 563.542338][T14161] new_inode+0x22/0x1c0 [ 563.542398][T14161] proc_pid_make_inode+0x22/0x160 [ 563.542441][T14161] proc_ns_dir_lookup+0x25b/0x390 [ 563.542488][T14161] lookup_open.isra.0+0x631/0x11b0 [ 563.542536][T14161] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 563.542606][T14161] ? mnt_get_write_access+0x1e9/0x2f0 [ 563.542672][T14161] path_openat+0xa98/0x31a0 [ 563.542734][T14161] ? __pfx_path_openat+0x10/0x10 [ 563.542797][T14161] do_file_open+0x20e/0x430 [ 563.542847][T14161] ? __pfx_do_file_open+0x10/0x10 [ 563.542910][T14161] ? __pfx_kfree_link+0x10/0x10 [ 563.542960][T14161] ? alloc_fd+0x476/0x790 [ 563.543008][T14161] ? do_getname+0x191/0x390 [ 563.543065][T14161] do_sys_openat2+0x10d/0x1e0 [ 563.543122][T14161] ? __pfx_do_sys_openat2+0x10/0x10 [ 563.543182][T14161] ? ksys_semctl.constprop.0+0x14e/0x2e0 [ 563.543236][T14161] __x64_sys_openat+0x12d/0x210 [ 563.543297][T14161] ? __pfx___x64_sys_openat+0x10/0x10 [ 563.543363][T14161] ? rcu_is_watching+0x12/0xc0 [ 563.543411][T14161] do_syscall_64+0x115/0x840 [ 563.543463][T14161] ? clear_bhb_loop+0x40/0x90 [ 563.543508][T14161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.543546][T14161] RIP: 0033:0x7febecd5d68e [ 563.543575][T14161] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 563.543618][T14161] RSP: 002b:00007febedcadec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 563.543654][T14161] RAX: ffffffffffffffda RBX: 00007febedcae6c0 RCX: 00007febecd5d68e [ 563.543678][T14161] RDX: 0000000000000002 RSI: 00007febedcadf90 RDI: ffffffffffffff9c [ 563.543701][T14161] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 563.543723][T14161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 563.543745][T14161] R13: 00007febed016128 R14: 00007febed016090 R15: 00007ffe65567a48 [ 563.543792][T14161] [ 565.141805][T14188] FAULT_INJECTION: forcing a failure. [ 565.141805][T14188] name fail_futex, interval 1, probability 0, space 0, times 0 [ 565.174295][T14188] CPU: 1 UID: 0 PID: 14188 Comm: syz.0.2553 Tainted: G L syzkaller #0 PREEMPT(full) [ 565.174352][T14188] Tainted: [L]=SOFTLOCKUP [ 565.174370][T14188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 565.174393][T14188] Call Trace: [ 565.174405][T14188] [ 565.174419][T14188] dump_stack_lvl+0x100/0x190 [ 565.174487][T14188] should_fail_ex.cold+0x5/0xa [ 565.174531][T14188] get_futex_key+0x1d2/0x1510 [ 565.174592][T14188] ? __pfx_get_futex_key+0x10/0x10 [ 565.174644][T14188] ? futex_hash+0x2ad/0x370 [ 565.174700][T14188] ? futex_hash+0x141/0x370 [ 565.174760][T14188] futex_wake+0xea/0x530 [ 565.174803][T14188] ? __pfx_futex_wait+0x10/0x10 [ 565.174846][T14188] ? __pfx_futex_wake+0x10/0x10 [ 565.174902][T14188] ? do_writev+0x214/0x340 [ 565.174949][T14188] do_futex+0x32b/0x350 [ 565.174986][T14188] ? __pfx_do_futex+0x10/0x10 [ 565.175021][T14188] ? cap_task_prctl+0x104/0xa50 [ 565.175159][T14188] __x64_sys_futex+0x34f/0x4d0 [ 565.175201][T14188] ? __pfx___x64_sys_futex+0x10/0x10 [ 565.175240][T14188] ? __pfx___do_sys_prctl+0x10/0x10 [ 565.175273][T14188] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 565.175326][T14188] ? syscall_user_dispatch+0x76/0x130 [ 565.175368][T14188] do_syscall_64+0x115/0x840 [ 565.175418][T14188] ? clear_bhb_loop+0x40/0x90 [ 565.175462][T14188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 565.175497][T14188] RIP: 0033:0x7febecd9ce59 [ 565.175526][T14188] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 565.175562][T14188] RSP: 002b:00007febedccf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 565.175596][T14188] RAX: ffffffffffffffda RBX: 00007febed015fa8 RCX: 00007febecd9ce59 [ 565.175620][T14188] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007febed015fac [ 565.175641][T14188] RBP: 00007febed015fa0 R08: 0000000000000001 R09: 0000000000000000 [ 565.175663][T14188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 565.175685][T14188] R13: 00007febed016038 R14: 00007ffe65567960 R15: 00007ffe65567a48 [ 565.175729][T14188] [ 567.021222][T14237] FAULT_INJECTION: forcing a failure. [ 567.021222][T14237] name failslab, interval 1, probability 0, space 0, times 0 [ 567.046248][T14237] CPU: 1 UID: 0 PID: 14237 Comm: syz.2.2565 Tainted: G L syzkaller #0 PREEMPT(full) [ 567.046306][T14237] Tainted: [L]=SOFTLOCKUP [ 567.046320][T14237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 567.046341][T14237] Call Trace: [ 567.046353][T14237] [ 567.046367][T14237] dump_stack_lvl+0x100/0x190 [ 567.046434][T14237] should_fail_ex.cold+0x5/0xa [ 567.046482][T14237] should_failslab+0xc2/0x120 [ 567.046527][T14237] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 567.046585][T14237] ? __kernfs_new_node+0xd2/0x9f0 [ 567.046634][T14237] __kernfs_new_node+0xd2/0x9f0 [ 567.046681][T14237] ? __pfx___kernfs_new_node+0x10/0x10 [ 567.046742][T14237] ? find_held_lock+0x2b/0x80 [ 567.046787][T14237] ? kernfs_root+0xee/0x2a0 [ 567.046825][T14237] ? kernfs_root+0xee/0x2a0 [ 567.046874][T14237] kernfs_new_node+0x11b/0x1a0 [ 567.046928][T14237] __kernfs_create_file+0x53/0x350 [ 567.046989][T14237] sysfs_add_file_mode_ns+0x207/0x3c0 [ 567.047038][T14237] internal_create_group+0x593/0xfb0 [ 567.047091][T14237] ? __pfx_internal_create_group+0x10/0x10 [ 567.047141][T14237] ? kernfs_create_link+0x1bd/0x240 [ 567.047201][T14237] internal_create_groups+0x9d/0x150 [ 567.047250][T14237] device_add+0x71a/0x1950 [ 567.047290][T14237] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 567.047340][T14237] ? __pfx_device_add+0x10/0x10 [ 567.047373][T14237] ? lockdep_init_map_type+0x5c/0x250 [ 567.047422][T14237] ? __init_waitqueue_head+0xca/0x150 [ 567.047464][T14237] netdev_register_kobject+0x1a9/0x3d0 [ 567.047509][T14237] register_netdevice+0x151c/0x24b0 [ 567.047551][T14237] ? __pfx_register_netdevice+0x10/0x10 [ 567.047592][T14237] ? __pfx_loopback_net_init+0x10/0x10 [ 567.047641][T14237] register_netdev+0x34/0x50 [ 567.047673][T14237] loopback_net_init+0x7a/0x170 [ 567.047728][T14237] ? __pfx_loopback_net_init+0x10/0x10 [ 567.047774][T14237] ops_init+0x1e2/0x5f0 [ 567.047812][T14237] setup_net+0x118/0x3a0 [ 567.047850][T14237] ? __pfx_setup_net+0x10/0x10 [ 567.047887][T14237] ? mutex_init_lockdep+0xf1/0x120 [ 567.047925][T14237] copy_net_ns+0x46f/0x7c0 [ 567.047963][T14237] create_new_namespaces+0x3ea/0xac0 [ 567.048009][T14237] unshare_nsproxy_namespaces+0xf2/0x220 [ 567.048049][T14237] ksys_unshare+0x438/0xab0 [ 567.048094][T14237] ? __pfx_ksys_unshare+0x10/0x10 [ 567.048134][T14237] ? xfd_validate_state+0x129/0x190 [ 567.048176][T14237] __x64_sys_unshare+0x31/0x40 [ 567.048218][T14237] do_syscall_64+0x115/0x840 [ 567.048260][T14237] ? clear_bhb_loop+0x40/0x90 [ 567.048297][T14237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.048328][T14237] RIP: 0033:0x7fa07459ce59 [ 567.048353][T14237] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 567.048384][T14237] RSP: 002b:00007fa07541a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 567.048413][T14237] RAX: ffffffffffffffda RBX: 00007fa074815fa0 RCX: 00007fa07459ce59 [ 567.048434][T14237] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 567.048452][T14237] RBP: 00007fa074632d6f R08: 0000000000000000 R09: 0000000000000000 [ 567.048471][T14237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 567.048488][T14237] R13: 00007fa074816038 R14: 00007fa074815fa0 R15: 00007ffe56587b28 [ 567.048527][T14237] [ 568.434351][T14251] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2571'. [ 568.464824][T14253] random: crng reseeded on system resumption [ 568.474468][T14251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2571'. [ 568.573969][T14255] futex_wake_op: syz.0.2573 tries to shift op by -2048; fix this program [ 568.596229][T14255] futex_wake_op: syz.0.2573 tries to shift op by -2048; fix this program [ 568.681289][T14255] 0x000000000001-0x000000020000 : "" [ 568.798916][T14255] ftl_cs: FTL header corrupt! [ 569.751753][T14274] ima: policy update failed [ 569.781542][ T30] audit: type=1802 audit(1781306770.303:26): pid=14274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2578" res=0 errno=0 [ 571.343786][T14298] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2583'. [ 571.438632][T14299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2583'. [ 571.451058][T14296] FAULT_INJECTION: forcing a failure. [ 571.451058][T14296] name failslab, interval 1, probability 0, space 0, times 0 [ 571.495670][T14296] CPU: 1 UID: 5 PID: 14296 Comm: syz.2.2582 Tainted: G L syzkaller #0 PREEMPT(full) [ 571.495733][T14296] Tainted: [L]=SOFTLOCKUP [ 571.495745][T14296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 571.495767][T14296] Call Trace: [ 571.495779][T14296] [ 571.495792][T14296] dump_stack_lvl+0x100/0x190 [ 571.495860][T14296] should_fail_ex.cold+0x5/0xa [ 571.495905][T14296] should_failslab+0xc2/0x120 [ 571.495949][T14296] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 571.496007][T14296] ? __proc_create+0x2cb/0x8c0 [ 571.496062][T14296] __proc_create+0x2cb/0x8c0 [ 571.496111][T14296] ? __pfx___proc_create+0x10/0x10 [ 571.496164][T14296] ? _raw_write_unlock+0x28/0x50 [ 571.496214][T14296] ? proc_register+0x559/0x8a0 [ 571.496265][T14296] proc_create_reg+0x75/0x170 [ 571.496317][T14296] proc_create_net_data+0x8e/0x1c0 [ 571.496368][T14296] ? __pfx_proc_create_net_data+0x10/0x10 [ 571.496419][T14296] ? __pfx___netlink_kernel_create+0x10/0x10 [ 571.496478][T14296] fib_proc_init+0xf9/0x1d0 [ 571.496569][T14296] fib_net_init+0x2af/0x3f0 [ 571.496615][T14296] ? is_module_address+0x69/0xf0 [ 571.496650][T14296] ? __pfx_fib_net_init+0x10/0x10 [ 571.496696][T14296] ? timer_init_key+0x155/0x330 [ 571.496755][T14296] ? __pfx_nl_fib_input+0x10/0x10 [ 571.496807][T14296] ? devinet_init_net+0x56c/0x8d0 [ 571.496865][T14296] ? __pfx_fib_net_init+0x10/0x10 [ 571.496910][T14296] ops_init+0x1e2/0x5f0 [ 571.496953][T14296] setup_net+0x118/0x3a0 [ 571.496993][T14296] ? __pfx_setup_net+0x10/0x10 [ 571.497032][T14296] ? mutex_init_lockdep+0xf1/0x120 [ 571.497075][T14296] copy_net_ns+0x46f/0x7c0 [ 571.497122][T14296] create_new_namespaces+0x3ea/0xac0 [ 571.497183][T14296] unshare_nsproxy_namespaces+0xf2/0x220 [ 571.497232][T14296] ksys_unshare+0x438/0xab0 [ 571.497284][T14296] ? __pfx_ksys_unshare+0x10/0x10 [ 571.497333][T14296] ? xfd_validate_state+0x129/0x190 [ 571.497367][T14296] ? set_cred_ucounts+0x10f/0x200 [ 571.497417][T14296] __x64_sys_unshare+0x31/0x40 [ 571.497466][T14296] do_syscall_64+0x115/0x840 [ 571.497517][T14296] ? clear_bhb_loop+0x40/0x90 [ 571.497562][T14296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.497600][T14296] RIP: 0033:0x7fa07459ce59 [ 571.497629][T14296] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 571.497670][T14296] RSP: 002b:00007fa07541a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 571.497705][T14296] RAX: ffffffffffffffda RBX: 00007fa074815fa0 RCX: 00007fa07459ce59 [ 571.497741][T14296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 571.497765][T14296] RBP: 00007fa074632d6f R08: 0000000000000000 R09: 0000000000000000 [ 571.497788][T14296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 571.497811][T14296] R13: 00007fa074816038 R14: 00007fa074815fa0 R15: 00007ffe56587b28 [ 571.497856][T14296] [ 572.065129][T14303] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2585'. [ 572.652058][T14324] FAULT_INJECTION: forcing a failure. [ 572.652058][T14324] name failslab, interval 1, probability 0, space 0, times 0 [ 572.688163][T14324] CPU: 1 UID: 0 PID: 14324 Comm: syz.0.2592 Tainted: G L syzkaller #0 PREEMPT(full) [ 572.688227][T14324] Tainted: [L]=SOFTLOCKUP [ 572.688242][T14324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 572.688268][T14324] Call Trace: [ 572.688290][T14324] [ 572.688306][T14324] dump_stack_lvl+0x100/0x190 [ 572.688379][T14324] should_fail_ex.cold+0x5/0xa [ 572.688436][T14324] ? lsm_blob_alloc+0x68/0x90 [ 572.688532][T14324] should_failslab+0xc2/0x120 [ 572.688581][T14324] __kmalloc_noprof+0xe0/0x850 [ 572.688642][T14324] ? trace_kmem_cache_alloc+0xd5/0x100 [ 572.688712][T14324] lsm_blob_alloc+0x68/0x90 [ 572.688773][T14324] security_sk_alloc+0x2d/0x290 [ 572.688818][T14324] sk_prot_alloc+0x1d1/0x2a0 [ 572.688872][T14324] sk_alloc+0x36/0xe80 [ 572.688935][T14324] inet_create+0x3a0/0x1060 [ 572.688998][T14324] ? inet_create+0x94/0x1060 [ 572.689070][T14324] __sock_create+0x339/0x860 [ 572.689129][T14324] mptcp_subflow_create_socket+0xec/0xa30 [ 572.689255][T14324] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 572.689304][T14324] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 572.689355][T14324] ? find_held_lock+0x2b/0x80 [ 572.689403][T14324] ? tomoyo_check_inet_address+0x40d/0x6d0 [ 572.689466][T14324] __mptcp_nmpc_sk+0x17f/0x880 [ 572.689523][T14324] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 572.689566][T14324] ? register_lock_class+0x40/0x560 [ 572.689640][T14324] mptcp_connect+0x7e/0xaf0 [ 572.689692][T14324] __inet_stream_connect+0x208/0xfa0 [ 572.689765][T14324] ? __pfx___inet_stream_connect+0x10/0x10 [ 572.689828][T14324] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 572.689877][T14324] ? __pfx_inet_stream_connect+0x10/0x10 [ 572.689940][T14324] ? __local_bh_enable_ip+0x9e/0x120 [ 572.689993][T14324] ? __pfx_inet_stream_connect+0x10/0x10 [ 572.690051][T14324] inet_stream_connect+0x57/0xa0 [ 572.690113][T14324] __sys_connect_file+0x141/0x1a0 [ 572.690178][T14324] __sys_connect+0x141/0x170 [ 572.690235][T14324] ? __pfx___sys_connect+0x10/0x10 [ 572.690334][T14324] __x64_sys_connect+0x72/0xb0 [ 572.690391][T14324] ? lockdep_hardirqs_on+0x78/0x100 [ 572.690445][T14324] do_syscall_64+0x115/0x840 [ 572.690499][T14324] ? clear_bhb_loop+0x40/0x90 [ 572.690546][T14324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 572.690586][T14324] RIP: 0033:0x7febecd9ce59 [ 572.690617][T14324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 572.690654][T14324] RSP: 002b:00007febedccf028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 572.690690][T14324] RAX: ffffffffffffffda RBX: 00007febed015fa0 RCX: 00007febecd9ce59 [ 572.690715][T14324] RDX: 0000000000000051 RSI: 0000200000000080 RDI: 0000000000000003 [ 572.690738][T14324] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 572.690762][T14324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 572.690784][T14324] R13: 00007febed016038 R14: 00007febed015fa0 R15: 00007ffe65567a48 [ 572.690834][T14324] [ 573.166197][T14330] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2595'. [ 573.223471][T14330] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2595'. [ 573.908242][T14352] FAULT_INJECTION: forcing a failure. [ 573.908242][T14352] name failslab, interval 1, probability 0, space 0, times 0 [ 573.923979][T14352] CPU: 1 UID: 0 PID: 14352 Comm: syz.4.2601 Tainted: G L syzkaller #0 PREEMPT(full) [ 573.924034][T14352] Tainted: [L]=SOFTLOCKUP [ 573.924046][T14352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 573.924068][T14352] Call Trace: [ 573.924090][T14352] [ 573.924104][T14352] dump_stack_lvl+0x100/0x190 [ 573.924172][T14352] should_fail_ex.cold+0x5/0xa [ 573.924215][T14352] ? drm_atomic_state_init+0x190/0x490 [ 573.924260][T14352] should_failslab+0xc2/0x120 [ 573.924305][T14352] __kmalloc_noprof+0xe0/0x850 [ 573.924373][T14352] drm_atomic_state_init+0x190/0x490 [ 573.924417][T14352] ? kasan_save_track+0x14/0x30 [ 573.924459][T14352] drm_atomic_state_alloc+0xd3/0x120 [ 573.924505][T14352] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 573.924558][T14352] ? rcu_is_watching+0x12/0xc0 [ 573.924599][T14352] ? trace_contention_end+0x122/0x170 [ 573.924638][T14352] ? __mutex_lock+0x26d/0x1b10 [ 573.924695][T14352] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 573.924749][T14352] ? drm_master_internal_acquire+0x21/0x80 [ 573.924840][T14352] drm_client_modeset_commit_locked+0x14d/0x580 [ 573.924901][T14352] drm_client_modeset_commit+0x4f/0x80 [ 573.924955][T14352] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 573.925011][T14352] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 573.925067][T14352] drm_fbdev_client_restore+0x1b/0x30 [ 573.925114][T14352] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 573.925151][T14352] drm_client_dev_restore+0x205/0x2a0 [ 573.925210][T14352] drm_release+0x2c6/0x360 [ 573.925259][T14352] ? __pfx_drm_release+0x10/0x10 [ 573.925306][T14352] __fput+0x3ff/0xb50 [ 573.925367][T14352] task_work_run+0x150/0x240 [ 573.925404][T14352] ? __pfx_task_work_run+0x10/0x10 [ 573.925447][T14352] ? rcu_is_watching+0x12/0xc0 [ 573.925493][T14352] exit_to_user_mode_loop+0x157/0x670 [ 573.925546][T14352] ? rcu_is_watching+0x12/0xc0 [ 573.925591][T14352] do_syscall_64+0x652/0x840 [ 573.925643][T14352] ? clear_bhb_loop+0x40/0x90 [ 573.925686][T14352] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.925724][T14352] RIP: 0033:0x7f90d0d9ce59 [ 573.925751][T14352] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 573.925787][T14352] RSP: 002b:00007f90d1d23028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 573.925819][T14352] RAX: 0000000000000000 RBX: 00007f90d1015fa0 RCX: 00007f90d0d9ce59 [ 573.925840][T14352] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 573.925861][T14352] RBP: 00007f90d0e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 573.925883][T14352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 573.925903][T14352] R13: 00007f90d1016038 R14: 00007f90d1015fa0 R15: 00007fffaf922528 [ 573.925950][T14352] [ 574.570715][T14363] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2604'. [ 574.840508][T14367] random: crng reseeded on system resumption [ 574.950827][T14372] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2606'. [ 574.995128][T14372] netlink: 350 bytes leftover after parsing attributes in process `syz.0.2606'. [ 575.473825][T14378] FAULT_INJECTION: forcing a failure. [ 575.473825][T14378] name failslab, interval 1, probability 0, space 0, times 0 [ 575.504359][T14378] CPU: 0 UID: 0 PID: 14378 Comm: syz.0.2616 Tainted: G L syzkaller #0 PREEMPT(full) [ 575.504418][T14378] Tainted: [L]=SOFTLOCKUP [ 575.504432][T14378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 575.504453][T14378] Call Trace: [ 575.504466][T14378] [ 575.504480][T14378] dump_stack_lvl+0x100/0x190 [ 575.504556][T14378] should_fail_ex.cold+0x5/0xa [ 575.504605][T14378] should_failslab+0xc2/0x120 [ 575.504649][T14378] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 575.504706][T14378] ? __kernfs_new_node+0xd2/0x9f0 [ 575.504754][T14378] __kernfs_new_node+0xd2/0x9f0 [ 575.504799][T14378] ? __pfx___kernfs_new_node+0x10/0x10 [ 575.504850][T14378] ? find_held_lock+0x2b/0x80 [ 575.504894][T14378] ? kernfs_root+0xee/0x2a0 [ 575.504931][T14378] ? kernfs_root+0xee/0x2a0 [ 575.504980][T14378] kernfs_new_node+0x11b/0x1a0 [ 575.505033][T14378] __kernfs_create_file+0x53/0x350 [ 575.505093][T14378] sysfs_add_file_mode_ns+0x207/0x3c0 [ 575.505141][T14378] internal_create_group+0x593/0xfb0 [ 575.505193][T14378] ? __pfx_internal_create_group+0x10/0x10 [ 575.505243][T14378] ? kernfs_create_link+0x1bd/0x240 [ 575.505304][T14378] internal_create_groups+0x9d/0x150 [ 575.505351][T14378] device_add+0x71a/0x1950 [ 575.505393][T14378] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 575.505443][T14378] ? __pfx_device_add+0x10/0x10 [ 575.505482][T14378] ? lockdep_init_map_type+0x5c/0x250 [ 575.505548][T14378] ? __init_waitqueue_head+0xca/0x150 [ 575.505598][T14378] netdev_register_kobject+0x1a9/0x3d0 [ 575.505654][T14378] register_netdevice+0x151c/0x24b0 [ 575.505704][T14378] ? __pfx_register_netdevice+0x10/0x10 [ 575.505755][T14378] ? __pfx_loopback_net_init+0x10/0x10 [ 575.505815][T14378] register_netdev+0x34/0x50 [ 575.505852][T14378] loopback_net_init+0x7a/0x170 [ 575.505911][T14378] ? __pfx_loopback_net_init+0x10/0x10 [ 575.505964][T14378] ops_init+0x1e2/0x5f0 [ 575.506008][T14378] setup_net+0x118/0x3a0 [ 575.506045][T14378] ? __pfx_setup_net+0x10/0x10 [ 575.506084][T14378] ? mutex_init_lockdep+0xf1/0x120 [ 575.506127][T14378] copy_net_ns+0x46f/0x7c0 [ 575.506172][T14378] create_new_namespaces+0x3ea/0xac0 [ 575.506227][T14378] unshare_nsproxy_namespaces+0xf2/0x220 [ 575.506277][T14378] ksys_unshare+0x438/0xab0 [ 575.506330][T14378] ? __pfx_ksys_unshare+0x10/0x10 [ 575.506380][T14378] ? xfd_validate_state+0x129/0x190 [ 575.506430][T14378] __x64_sys_unshare+0x31/0x40 [ 575.506481][T14378] do_syscall_64+0x115/0x840 [ 575.506540][T14378] ? clear_bhb_loop+0x40/0x90 [ 575.506585][T14378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.506623][T14378] RIP: 0033:0x7febecd9ce59 [ 575.506652][T14378] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 575.506688][T14378] RSP: 002b:00007febedccf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 575.506722][T14378] RAX: ffffffffffffffda RBX: 00007febed015fa0 RCX: 00007febecd9ce59 [ 575.506746][T14378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 575.506768][T14378] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 575.506790][T14378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.506812][T14378] R13: 00007febed016038 R14: 00007febed015fa0 R15: 00007ffe65567a48 [ 575.506857][T14378] [ 575.920985][T14384] FAULT_INJECTION: forcing a failure. [ 575.920985][T14384] name failslab, interval 1, probability 0, space 0, times 0 [ 575.956158][T14384] CPU: 1 UID: 5 PID: 14384 Comm: syz.4.2609 Tainted: G L syzkaller #0 PREEMPT(full) [ 575.956213][T14384] Tainted: [L]=SOFTLOCKUP [ 575.956225][T14384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 575.956247][T14384] Call Trace: [ 575.956258][T14384] [ 575.956272][T14384] dump_stack_lvl+0x100/0x190 [ 575.956342][T14384] should_fail_ex.cold+0x5/0xa [ 575.956387][T14384] ? lsm_blob_alloc+0x68/0x90 [ 575.956449][T14384] should_failslab+0xc2/0x120 [ 575.956495][T14384] __kmalloc_noprof+0xe0/0x850 [ 575.956553][T14384] ? trace_kmalloc+0xe3/0x110 [ 575.956603][T14384] lsm_blob_alloc+0x68/0x90 [ 575.956659][T14384] security_sk_alloc+0x2d/0x290 [ 575.956700][T14384] sk_prot_alloc+0x12a/0x2a0 [ 575.956750][T14384] sk_alloc+0x36/0xe80 [ 575.956811][T14384] __netlink_create+0x5e/0x2c0 [ 575.956854][T14384] __netlink_kernel_create+0xed/0x750 [ 575.956905][T14384] ? __pfx___netlink_kernel_create+0x10/0x10 [ 575.956967][T14384] fib_net_init+0x26d/0x3f0 [ 575.957012][T14384] ? is_module_address+0x69/0xf0 [ 575.957046][T14384] ? __pfx_fib_net_init+0x10/0x10 [ 575.957094][T14384] ? timer_init_key+0x155/0x330 [ 575.957145][T14384] ? __pfx_nl_fib_input+0x10/0x10 [ 575.957198][T14384] ? devinet_init_net+0x56c/0x8d0 [ 575.957254][T14384] ? __pfx_fib_net_init+0x10/0x10 [ 575.957300][T14384] ops_init+0x1e2/0x5f0 [ 575.957344][T14384] setup_net+0x118/0x3a0 [ 575.957384][T14384] ? __pfx_setup_net+0x10/0x10 [ 575.957423][T14384] ? mutex_init_lockdep+0xf1/0x120 [ 575.957474][T14384] copy_net_ns+0x46f/0x7c0 [ 575.957521][T14384] create_new_namespaces+0x3ea/0xac0 [ 575.957576][T14384] unshare_nsproxy_namespaces+0xf2/0x220 [ 575.957626][T14384] ksys_unshare+0x438/0xab0 [ 575.957689][T14384] ? __pfx_ksys_unshare+0x10/0x10 [ 575.957734][T14384] ? xfd_validate_state+0x129/0x190 [ 575.957767][T14384] ? set_cred_ucounts+0x10f/0x200 [ 575.957814][T14384] __x64_sys_unshare+0x31/0x40 [ 575.957860][T14384] do_syscall_64+0x115/0x840 [ 575.957925][T14384] ? clear_bhb_loop+0x40/0x90 [ 575.957969][T14384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.958005][T14384] RIP: 0033:0x7f90d0d9ce59 [ 575.958033][T14384] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 575.958067][T14384] RSP: 002b:00007f90d1d23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 575.958101][T14384] RAX: ffffffffffffffda RBX: 00007f90d1015fa0 RCX: 00007f90d0d9ce59 [ 575.958124][T14384] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 575.958145][T14384] RBP: 00007f90d0e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 575.958166][T14384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.958187][T14384] R13: 00007f90d1016038 R14: 00007f90d1015fa0 R15: 00007fffaf922528 [ 575.958233][T14384] [ 578.453197][T14427] FAULT_INJECTION: forcing a failure. [ 578.453197][T14427] name failslab, interval 1, probability 0, space 0, times 0 [ 578.516502][T14427] CPU: 1 UID: 5 PID: 14427 Comm: syz.0.2623 Tainted: G L syzkaller #0 PREEMPT(full) [ 578.516559][T14427] Tainted: [L]=SOFTLOCKUP [ 578.516572][T14427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 578.516594][T14427] Call Trace: [ 578.516606][T14427] [ 578.516618][T14427] dump_stack_lvl+0x100/0x190 [ 578.516686][T14427] should_fail_ex.cold+0x5/0xa [ 578.516733][T14427] should_failslab+0xc2/0x120 [ 578.516777][T14427] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 578.516833][T14427] ? __proc_create+0x2cb/0x8c0 [ 578.516885][T14427] __proc_create+0x2cb/0x8c0 [ 578.516934][T14427] ? __pfx___proc_create+0x10/0x10 [ 578.516977][T14427] ? do_raw_spin_lock+0x128/0x260 [ 578.517031][T14427] proc_create_reg+0x75/0x170 [ 578.517083][T14427] proc_create_net_data+0x8e/0x1c0 [ 578.517141][T14427] ? __pfx_proc_create_net_data+0x10/0x10 [ 578.517193][T14427] ? __pfx___netlink_kernel_create+0x10/0x10 [ 578.517258][T14427] fib_proc_init+0x5e/0x1d0 [ 578.517304][T14427] fib_net_init+0x2af/0x3f0 [ 578.517349][T14427] ? is_module_address+0x69/0xf0 [ 578.517382][T14427] ? __pfx_fib_net_init+0x10/0x10 [ 578.517428][T14427] ? timer_init_key+0x155/0x330 [ 578.517476][T14427] ? __pfx_nl_fib_input+0x10/0x10 [ 578.517527][T14427] ? devinet_init_net+0x56c/0x8d0 [ 578.517583][T14427] ? __pfx_fib_net_init+0x10/0x10 [ 578.517629][T14427] ops_init+0x1e2/0x5f0 [ 578.517671][T14427] setup_net+0x118/0x3a0 [ 578.517710][T14427] ? __pfx_setup_net+0x10/0x10 [ 578.517749][T14427] ? mutex_init_lockdep+0xf1/0x120 [ 578.517791][T14427] copy_net_ns+0x46f/0x7c0 [ 578.517834][T14427] create_new_namespaces+0x3ea/0xac0 [ 578.517887][T14427] unshare_nsproxy_namespaces+0xf2/0x220 [ 578.517943][T14427] ksys_unshare+0x438/0xab0 [ 578.517997][T14427] ? __pfx_ksys_unshare+0x10/0x10 [ 578.518045][T14427] ? xfd_validate_state+0x129/0x190 [ 578.518079][T14427] ? set_cred_ucounts+0x10f/0x200 [ 578.518143][T14427] __x64_sys_unshare+0x31/0x40 [ 578.518193][T14427] do_syscall_64+0x115/0x840 [ 578.518243][T14427] ? clear_bhb_loop+0x40/0x90 [ 578.518286][T14427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 578.518322][T14427] RIP: 0033:0x7febecd9ce59 [ 578.518352][T14427] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 578.518388][T14427] RSP: 002b:00007febedccf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 578.518423][T14427] RAX: ffffffffffffffda RBX: 00007febed015fa0 RCX: 00007febecd9ce59 [ 578.518447][T14427] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 578.518469][T14427] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 578.518492][T14427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 578.518514][T14427] R13: 00007febed016038 R14: 00007febed015fa0 R15: 00007ffe65567a48 [ 578.518561][T14427] [ 579.060459][T14432] nbd: nbd4129 already in use [ 579.311947][T14438] FAULT_INJECTION: forcing a failure. [ 579.311947][T14438] name failslab, interval 1, probability 0, space 0, times 0 [ 579.358387][T14438] CPU: 1 UID: 5 PID: 14438 Comm: syz.0.2637 Tainted: G L syzkaller #0 PREEMPT(full) [ 579.358446][T14438] Tainted: [L]=SOFTLOCKUP [ 579.358464][T14438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 579.358486][T14438] Call Trace: [ 579.358498][T14438] [ 579.358512][T14438] dump_stack_lvl+0x100/0x190 [ 579.358590][T14438] should_fail_ex.cold+0x5/0xa [ 579.358644][T14438] should_failslab+0xc2/0x120 [ 579.358687][T14438] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 579.358743][T14438] ? __proc_create+0x2cb/0x8c0 [ 579.358795][T14438] __proc_create+0x2cb/0x8c0 [ 579.358841][T14438] ? __pfx___proc_create+0x10/0x10 [ 579.358892][T14438] ? _raw_write_unlock+0x28/0x50 [ 579.358939][T14438] ? proc_register+0x559/0x8a0 [ 579.358989][T14438] proc_create_reg+0x75/0x170 [ 579.359040][T14438] proc_create_seq_private+0x8e/0x180 [ 579.359090][T14438] ? __pfx_proc_create_seq_private+0x10/0x10 [ 579.359141][T14438] ? timer_init_key+0x155/0x330 [ 579.359192][T14438] ? __pfx_nl_fib_input+0x10/0x10 [ 579.359245][T14438] ? __pfx_ip_rt_do_proc_init+0x10/0x10 [ 579.359298][T14438] ip_rt_do_proc_init+0xb2/0x1d0 [ 579.359353][T14438] ? __pfx_ip_rt_do_proc_init+0x10/0x10 [ 579.359404][T14438] ops_init+0x1e2/0x5f0 [ 579.359447][T14438] setup_net+0x118/0x3a0 [ 579.359485][T14438] ? __pfx_setup_net+0x10/0x10 [ 579.359523][T14438] ? mutex_init_lockdep+0xf1/0x120 [ 579.359565][T14438] copy_net_ns+0x46f/0x7c0 [ 579.359611][T14438] create_new_namespaces+0x3ea/0xac0 [ 579.359671][T14438] unshare_nsproxy_namespaces+0xf2/0x220 [ 579.359719][T14438] ksys_unshare+0x438/0xab0 [ 579.359772][T14438] ? __pfx_ksys_unshare+0x10/0x10 [ 579.359819][T14438] ? xfd_validate_state+0x129/0x190 [ 579.359853][T14438] ? set_cred_ucounts+0x10f/0x200 [ 579.359902][T14438] __x64_sys_unshare+0x31/0x40 [ 579.359952][T14438] do_syscall_64+0x115/0x840 [ 579.360018][T14438] ? clear_bhb_loop+0x40/0x90 [ 579.360062][T14438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.360099][T14438] RIP: 0033:0x7febecd9ce59 [ 579.360129][T14438] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 579.360166][T14438] RSP: 002b:00007febedccf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 579.360200][T14438] RAX: ffffffffffffffda RBX: 00007febed015fa0 RCX: 00007febecd9ce59 [ 579.360225][T14438] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 579.360248][T14438] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 579.360271][T14438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 579.360293][T14438] R13: 00007febed016038 R14: 00007febed015fa0 R15: 00007ffe65567a48 [ 579.360340][T14438] [ 580.979597][T14471] FAULT_INJECTION: forcing a failure. [ 580.979597][T14471] name failslab, interval 1, probability 0, space 0, times 0 [ 581.047479][T14471] CPU: 1 UID: 0 PID: 14471 Comm: syz.2.2638 Tainted: G L syzkaller #0 PREEMPT(full) [ 581.047536][T14471] Tainted: [L]=SOFTLOCKUP [ 581.047549][T14471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 581.047570][T14471] Call Trace: [ 581.047581][T14471] [ 581.047595][T14471] dump_stack_lvl+0x100/0x190 [ 581.047672][T14471] should_fail_ex.cold+0x5/0xa [ 581.047717][T14471] should_failslab+0xc2/0x120 [ 581.047760][T14471] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 581.047819][T14471] ? __d_alloc+0x34/0xa40 [ 581.047873][T14471] __d_alloc+0x34/0xa40 [ 581.047927][T14471] ? __pfx_stack_trace_save+0x10/0x10 [ 581.047978][T14471] d_alloc_parallel+0x111/0x14e0 [ 581.048019][T14471] ? kasan_save_stack+0x3f/0x50 [ 581.048058][T14471] ? kasan_save_stack+0x30/0x50 [ 581.048093][T14471] ? kasan_save_free_info+0x3b/0x70 [ 581.048144][T14471] ? link_path_walk+0x161f/0x1cc0 [ 581.048186][T14471] ? __pfx_d_alloc_parallel+0x10/0x10 [ 581.048229][T14471] ? lockdep_init_map_type+0x5c/0x250 [ 581.048289][T14471] ? lockdep_init_map_type+0x5c/0x250 [ 581.048352][T14471] __lookup_slow+0x193/0x460 [ 581.048408][T14471] ? __pfx___lookup_slow+0x10/0x10 [ 581.048499][T14471] lookup_slow+0x50/0x70 [ 581.048552][T14471] link_path_walk+0x1377/0x1cc0 [ 581.048606][T14471] path_openat+0x1be/0x31a0 [ 581.048647][T14471] ? kasan_save_stack+0x3f/0x50 [ 581.048681][T14471] ? kasan_save_stack+0x30/0x50 [ 581.048714][T14471] ? kasan_save_track+0x14/0x30 [ 581.048748][T14471] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 581.048816][T14471] ? __pfx_path_openat+0x10/0x10 [ 581.048876][T14471] do_file_open+0x20e/0x430 [ 581.048935][T14471] ? __pfx_do_file_open+0x10/0x10 [ 581.048997][T14471] ? __pfx_kfree_link+0x10/0x10 [ 581.049047][T14471] ? alloc_fd+0x476/0x790 [ 581.049095][T14471] ? do_getname+0x191/0x390 [ 581.049153][T14471] do_sys_openat2+0x10d/0x1e0 [ 581.049209][T14471] ? __pfx_do_sys_openat2+0x10/0x10 [ 581.049269][T14471] ? ksys_semctl.constprop.0+0x14e/0x2e0 [ 581.049321][T14471] __x64_sys_openat+0x12d/0x210 [ 581.049379][T14471] ? __pfx___x64_sys_openat+0x10/0x10 [ 581.049444][T14471] ? rcu_is_watching+0x12/0xc0 [ 581.049492][T14471] do_syscall_64+0x115/0x840 [ 581.049542][T14471] ? clear_bhb_loop+0x40/0x90 [ 581.049587][T14471] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 581.049623][T14471] RIP: 0033:0x7fa07455d68e [ 581.049654][T14471] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 581.049689][T14471] RSP: 002b:00007fa0753f8ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 581.049724][T14471] RAX: ffffffffffffffda RBX: 00007fa0753f96c0 RCX: 00007fa07455d68e [ 581.049748][T14471] RDX: 0000000000000002 RSI: 00007fa0753f8f90 RDI: ffffffffffffff9c [ 581.049771][T14471] RBP: 00007fa074632d6f R08: 0000000000000000 R09: 0000000000000000 [ 581.049792][T14471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 581.049813][T14471] R13: 00007fa074816128 R14: 00007fa074816090 R15: 00007ffe56587b28 [ 581.049860][T14471] [ 582.022648][T14481] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2642'. [ 582.192580][T14483] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2643'. [ 582.909660][T14501] netlink: 'syz.0.2650': attribute type 21 has an invalid length. [ 582.925623][T14501] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2650'. [ 584.846945][T14539] vhci_hcd vhci_hcd.2: invalid port number 255 [ 584.928247][T14542] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2665'. [ 591.074458][T14665] random: crng reseeded on system resumption [ 594.252598][T14724] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2723'. [ 594.284630][T14724] netlink: 302 bytes leftover after parsing attributes in process `syz.3.2723'. [ 595.317597][T14743] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2730'. [ 597.510824][T14778] FAULT_INJECTION: forcing a failure. [ 597.510824][T14778] name failslab, interval 1, probability 0, space 0, times 0 [ 597.556619][T14778] CPU: 1 UID: 0 PID: 14778 Comm: syz.3.2743 Tainted: G L syzkaller #0 PREEMPT(full) [ 597.556678][T14778] Tainted: [L]=SOFTLOCKUP [ 597.556692][T14778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 597.556715][T14778] Call Trace: [ 597.556727][T14778] [ 597.556742][T14778] dump_stack_lvl+0x100/0x190 [ 597.556815][T14778] should_fail_ex.cold+0x5/0xa [ 597.556863][T14778] should_failslab+0xc2/0x120 [ 597.556908][T14778] __kmalloc_cache_noprof+0x7a/0x6f0 [ 597.556961][T14778] ? percpu_ref_init+0xec/0x3f0 [ 597.557008][T14778] ? __pfx_blk_queue_usage_counter_release+0x10/0x10 [ 597.557153][T14778] percpu_ref_init+0xec/0x3f0 [ 597.557198][T14778] blk_alloc_queue+0x574/0x790 [ 597.557255][T14778] __blk_alloc_disk+0xa0/0x170 [ 597.557351][T14778] ? __pfx___blk_alloc_disk+0x10/0x10 [ 597.557421][T14778] ? __pfx_idr_alloc+0x10/0x10 [ 597.557472][T14778] ? lockdep_init_map_type+0x5c/0x250 [ 597.557532][T14778] ? __raw_spin_lock_init+0x3a/0x110 [ 597.557586][T14778] ? __pfx_hot_add_show+0x10/0x10 [ 597.557685][T14778] zram_add+0x1bf/0x5d0 [ 597.557732][T14778] ? __pfx_zram_add+0x10/0x10 [ 597.557806][T14778] ? find_held_lock+0x2b/0x80 [ 597.557848][T14778] ? sysfs_file_kobj+0xe4/0x290 [ 597.557908][T14778] ? __pfx_hot_add_show+0x10/0x10 [ 597.557956][T14778] hot_add_show+0x21/0x80 [ 597.558002][T14778] class_attr_show+0x72/0xa0 [ 597.558041][T14778] ? __pfx_class_attr_show+0x10/0x10 [ 597.558078][T14778] sysfs_kf_seq_show+0x217/0x3a0 [ 597.558120][T14778] seq_read_iter+0x32f/0x1270 [ 597.558159][T14778] ? lock_acquire+0x1b1/0x370 [ 597.558233][T14778] kernfs_fop_read_iter+0x46c/0x610 [ 597.558290][T14778] ? rw_verify_area+0xce/0x6d0 [ 597.558328][T14778] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 597.558386][T14778] vfs_read+0x825/0xb30 [ 597.558433][T14778] ? __pfx_vfs_read+0x10/0x10 [ 597.558503][T14778] ksys_read+0x12a/0x250 [ 597.558552][T14778] ? __pfx_ksys_read+0x10/0x10 [ 597.558598][T14778] ? rcu_is_watching+0x12/0xc0 [ 597.558646][T14778] do_syscall_64+0x115/0x840 [ 597.558698][T14778] ? clear_bhb_loop+0x40/0x90 [ 597.558743][T14778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.558781][T14778] RIP: 0033:0x7f684739ce59 [ 597.558811][T14778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 597.558846][T14778] RSP: 002b:00007f6848282028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 597.558881][T14778] RAX: ffffffffffffffda RBX: 00007f6847615fa0 RCX: 00007f684739ce59 [ 597.558905][T14778] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000005 [ 597.558928][T14778] RBP: 00007f6847432d6f R08: 0000000000000000 R09: 0000000000000000 [ 597.558950][T14778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 597.558970][T14778] R13: 00007f6847616038 R14: 00007f6847615fa0 R15: 00007fff04194108 [ 597.559018][T14778] [ 597.897975][T14778] zram: Error allocating disk structure for device 1 [ 598.212637][T14787] FAULT_INJECTION: forcing a failure. [ 598.212637][T14787] name failslab, interval 1, probability 0, space 0, times 0 [ 598.260796][T14787] CPU: 0 UID: 0 PID: 14787 Comm: syz.3.2745 Tainted: G L syzkaller #0 PREEMPT(full) [ 598.260853][T14787] Tainted: [L]=SOFTLOCKUP [ 598.260865][T14787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 598.260887][T14787] Call Trace: [ 598.260899][T14787] [ 598.260913][T14787] dump_stack_lvl+0x100/0x190 [ 598.260979][T14787] should_fail_ex.cold+0x5/0xa [ 598.261023][T14787] ? __d_alloc+0x64c/0xa40 [ 598.261068][T14787] should_failslab+0xc2/0x120 [ 598.261112][T14787] __kmalloc_noprof+0xe0/0x850 [ 598.261178][T14787] __d_alloc+0x64c/0xa40 [ 598.261221][T14787] d_alloc_parallel+0x111/0x14e0 [ 598.261254][T14787] ? __lock_acquire+0x4a5/0x2630 [ 598.261299][T14787] ? look_up_lock_class+0x64/0x120 [ 598.261344][T14787] ? register_lock_class+0x40/0x560 [ 598.261394][T14787] ? __pfx_d_alloc_parallel+0x10/0x10 [ 598.261428][T14787] ? lockdep_init_map_type+0x5c/0x250 [ 598.261478][T14787] ? lockdep_init_map_type+0x5c/0x250 [ 598.261542][T14787] __lookup_slow+0x193/0x460 [ 598.261589][T14787] ? __pfx___lookup_slow+0x10/0x10 [ 598.261664][T14787] lookup_slow+0x50/0x70 [ 598.261710][T14787] link_path_walk+0x1377/0x1cc0 [ 598.261755][T14787] path_openat+0x1be/0x31a0 [ 598.261805][T14787] ? __pfx_path_openat+0x10/0x10 [ 598.261841][T14787] ? stack_trace_save+0x8e/0xc0 [ 598.261879][T14787] ? __pfx_stack_trace_save+0x10/0x10 [ 598.261918][T14787] ? stack_depot_save_flags+0x27/0x9d0 [ 598.261964][T14787] ? __kasan_slab_alloc+0x89/0x90 [ 598.261994][T14787] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 598.262042][T14787] ? do_getname+0x35/0x390 [ 598.262088][T14787] do_file_open+0x20e/0x430 [ 598.262124][T14787] ? kasan_save_stack+0x30/0x50 [ 598.262156][T14787] ? __pfx_do_file_open+0x10/0x10 [ 598.262195][T14787] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.262256][T14787] ? find_held_lock+0x2b/0x80 [ 598.262291][T14787] ? __might_fault+0xc5/0x140 [ 598.262337][T14787] ? __might_fault+0xc5/0x140 [ 598.262386][T14787] file_open_name+0x198/0x3b0 [ 598.262432][T14787] ? __pfx_file_open_name+0x10/0x10 [ 598.262484][T14787] ? do_getname+0x191/0x390 [ 598.262539][T14787] acct_on+0xa4/0x9e0 [ 598.262577][T14787] ? __pfx_acct_on+0x10/0x10 [ 598.262613][T14787] ? bpf_lsm_capable+0x9/0x10 [ 598.262646][T14787] ? security_capable+0x80/0x260 [ 598.262679][T14787] __x64_sys_acct+0x81/0x1e0 [ 598.262713][T14787] ? lockdep_hardirqs_on+0x78/0x100 [ 598.262755][T14787] do_syscall_64+0x115/0x840 [ 598.262794][T14787] ? clear_bhb_loop+0x40/0x90 [ 598.262831][T14787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.262862][T14787] RIP: 0033:0x7f684739ce59 [ 598.262891][T14787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 598.262927][T14787] RSP: 002b:00007f6848282028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 598.262960][T14787] RAX: ffffffffffffffda RBX: 00007f6847615fa0 RCX: 00007f684739ce59 [ 598.262983][T14787] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000440 [ 598.263004][T14787] RBP: 00007f6847432d6f R08: 0000000000000000 R09: 0000000000000000 [ 598.263025][T14787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 598.263046][T14787] R13: 00007f6847616038 R14: 00007f6847615fa0 R15: 00007fff04194108 [ 598.263092][T14787] [ 599.142327][T14799] ovs_: entered promiscuous mode [ 599.761642][T14811] FAULT_INJECTION: forcing a failure. [ 599.761642][T14811] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 599.812166][T14811] CPU: 1 UID: 0 PID: 14811 Comm: syz.2.2752 Tainted: G L syzkaller #0 PREEMPT(full) [ 599.812224][T14811] Tainted: [L]=SOFTLOCKUP [ 599.812238][T14811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 599.812261][T14811] Call Trace: [ 599.812274][T14811] [ 599.812289][T14811] dump_stack_lvl+0x100/0x190 [ 599.812367][T14811] should_fail_ex.cold+0x5/0xa [ 599.812415][T14811] _copy_to_iter+0x5a4/0x1720 [ 599.812475][T14811] ? __pfx__copy_to_iter+0x10/0x10 [ 599.812524][T14811] ? irqentry_exit+0x24d/0x970 [ 599.812580][T14811] ? folio_mark_accessed+0xf3/0x1040 [ 599.812618][T14811] ? __pfx_filemap_get_pages+0x10/0x10 [ 599.812656][T14811] ? __pfx_folio_mark_accessed+0x10/0x10 [ 599.812705][T14811] copy_page_to_iter+0x285/0x370 [ 599.812761][T14811] filemap_read+0x7a9/0x10a0 [ 599.812816][T14811] ? __pfx_filemap_read+0x10/0x10 [ 599.812884][T14811] ? __pfx_down_read+0x10/0x10 [ 599.812923][T14811] ? __pfx_aa_file_perm+0x10/0x10 [ 599.812983][T14811] blkdev_read_iter+0x2c4/0x4f0 [ 599.813162][T14811] do_iter_readv_writev+0x60d/0x920 [ 599.813209][T14811] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 599.813257][T14811] ? bpf_lsm_file_permission+0x9/0x10 [ 599.813292][T14811] ? security_file_permission+0x76/0x210 [ 599.813352][T14811] ? rw_verify_area+0xce/0x6d0 [ 599.813392][T14811] vfs_readv+0x4d3/0x8d0 [ 599.813442][T14811] ? __pfx_vfs_readv+0x10/0x10 [ 599.813483][T14811] ? __pfx_futex_wake+0x10/0x10 [ 599.813553][T14811] ? __fget_files+0x21f/0x3d0 [ 599.813608][T14811] ? do_preadv+0x1ac/0x270 [ 599.813644][T14811] do_preadv+0x1ac/0x270 [ 599.813685][T14811] ? __pfx_do_preadv+0x10/0x10 [ 599.813735][T14811] __x64_sys_preadv2+0xef/0x160 [ 599.813786][T14811] do_syscall_64+0x115/0x840 [ 599.813839][T14811] ? clear_bhb_loop+0x40/0x90 [ 599.813885][T14811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.813923][T14811] RIP: 0033:0x7fa07459ce59 [ 599.813954][T14811] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 599.813991][T14811] RSP: 002b:00007fa07541a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000147 [ 599.814026][T14811] RAX: ffffffffffffffda RBX: 00007fa074815fa0 RCX: 00007fa07459ce59 [ 599.814051][T14811] RDX: 0000000000000006 RSI: 0000200000000280 RDI: 0000000000000006 [ 599.814074][T14811] RBP: 00007fa074632d6f R08: 0000000000000004 R09: 000000000000002a [ 599.814096][T14811] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 599.814117][T14811] R13: 00007fa074816038 R14: 00007fa074815fa0 R15: 00007ffe56587b28 [ 599.814165][T14811] [ 601.206905][ T50] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 601.206950][ T50] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15 [ 601.224391][ T50] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 601.503742][T14842] netlink: 306 bytes leftover after parsing attributes in process `syz.2.2762'. [ 601.899060][T14847] FAULT_INJECTION: forcing a failure. [ 601.899060][T14847] name failslab, interval 1, probability 0, space 0, times 0 [ 601.933136][T14847] CPU: 0 UID: 0 PID: 14847 Comm: syz.0.2771 Tainted: G L syzkaller #0 PREEMPT(full) [ 601.933191][T14847] Tainted: [L]=SOFTLOCKUP [ 601.933204][T14847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 601.933225][T14847] Call Trace: [ 601.933237][T14847] [ 601.933250][T14847] dump_stack_lvl+0x100/0x190 [ 601.933314][T14847] should_fail_ex.cold+0x5/0xa [ 601.933359][T14847] should_failslab+0xc2/0x120 [ 601.933402][T14847] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 601.933439][T14847] ? snd_timer_instance_new+0x65/0x350 [ 601.933498][T14847] kstrdup+0x51/0xe0 [ 601.933537][T14847] snd_timer_instance_new+0x65/0x350 [ 601.933585][T14847] snd_seq_timer_open+0x1d4/0x5d0 [ 601.933705][T14847] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 601.933750][T14847] ? find_held_lock+0x2b/0x80 [ 601.933802][T14847] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 601.933852][T14847] ? lockdep_hardirqs_on+0x78/0x100 [ 601.933904][T14847] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 601.933958][T14847] queue_use+0xdc/0x1f0 [ 601.934010][T14847] snd_seq_queue_alloc+0x2e5/0x540 [ 601.934072][T14847] snd_seq_ioctl_create_queue+0xa9/0x370 [ 601.934126][T14847] call_seq_client_ctl+0xa3/0x130 [ 601.934173][T14847] snd_seq_kernel_client_ctl+0x77/0xd0 [ 601.934220][T14847] alloc_seq_queue+0xdb/0x180 [ 601.934267][T14847] ? __pfx_alloc_seq_queue+0x10/0x10 [ 601.934332][T14847] ? find_held_lock+0x2b/0x80 [ 601.934381][T14847] ? mark_held_locks+0x40/0x70 [ 601.934443][T14847] snd_seq_oss_open+0x2b2/0xa10 [ 601.934499][T14847] odev_open+0x6f/0x90 [ 601.934543][T14847] ? __pfx_odev_open+0x10/0x10 [ 601.934584][T14847] soundcore_open+0x2e3/0x5a0 [ 601.934633][T14847] ? __pfx_soundcore_open+0x10/0x10 [ 601.934677][T14847] chrdev_open+0x234/0x6a0 [ 601.934722][T14847] ? __pfx_apparmor_file_open+0x10/0x10 [ 601.934762][T14847] ? __pfx_chrdev_open+0x10/0x10 [ 601.934811][T14847] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 601.934870][T14847] do_dentry_open+0x6ab/0x14d0 [ 601.934913][T14847] ? __pfx_chrdev_open+0x10/0x10 [ 601.934969][T14847] vfs_open+0x82/0x3f0 [ 601.935026][T14847] path_openat+0x208c/0x31a0 [ 601.935082][T14847] ? __pfx_path_openat+0x10/0x10 [ 601.935153][T14847] do_file_open+0x20e/0x430 [ 601.935203][T14847] ? __pfx_do_file_open+0x10/0x10 [ 601.935278][T14847] ? alloc_fd+0x476/0x790 [ 601.935326][T14847] ? do_getname+0x191/0x390 [ 601.935383][T14847] do_sys_openat2+0x10d/0x1e0 [ 601.935440][T14847] ? __pfx_do_sys_openat2+0x10/0x10 [ 601.935510][T14847] __x64_sys_openat+0x12d/0x210 [ 601.935564][T14847] ? __pfx___x64_sys_openat+0x10/0x10 [ 601.935627][T14847] ? rcu_is_watching+0x12/0xc0 [ 601.935673][T14847] do_syscall_64+0x115/0x840 [ 601.935724][T14847] ? clear_bhb_loop+0x40/0x90 [ 601.935767][T14847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.935804][T14847] RIP: 0033:0x7febecd9ce59 [ 601.935832][T14847] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 601.935865][T14847] RSP: 002b:00007febedccf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 601.935899][T14847] RAX: ffffffffffffffda RBX: 00007febed015fa0 RCX: 00007febecd9ce59 [ 601.935923][T14847] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 601.935945][T14847] RBP: 00007febece32d6f R08: 0000000000000000 R09: 0000000000000000 [ 601.935968][T14847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 601.935989][T14847] R13: 00007febed016038 R14: 00007febed015fa0 R15: 00007ffe65567a48 [ 601.936036][T14847] [ 604.035985][T14896] random: crng reseeded on system resumption [ 605.908885][T14929] netlink: 306 bytes leftover after parsing attributes in process `syz.4.2791'. [ 609.268319][T14987] random: crng reseeded on system resumption [ 609.891656][T14993] FAULT_INJECTION: forcing a failure. [ 609.891656][T14993] name failslab, interval 1, probability 0, space 0, times 0 [ 609.929449][T14993] CPU: 0 UID: 0 PID: 14993 Comm: syz.3.2808 Tainted: G L syzkaller #0 PREEMPT(full) [ 609.929508][T14993] Tainted: [L]=SOFTLOCKUP [ 609.929522][T14993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 609.929543][T14993] Call Trace: [ 609.929555][T14993] [ 609.929569][T14993] dump_stack_lvl+0x100/0x190 [ 609.929641][T14993] should_fail_ex.cold+0x5/0xa [ 609.929687][T14993] should_failslab+0xc2/0x120 [ 609.929731][T14993] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 609.929793][T14993] ? ptlock_alloc+0x1f/0x70 [ 609.929844][T14993] ? mark_held_locks+0x40/0x70 [ 609.929906][T14993] ptlock_alloc+0x1f/0x70 [ 609.929960][T14993] pte_alloc_one+0x82/0x3d0 [ 609.930009][T14993] __pte_alloc+0x6d/0x380 [ 609.930048][T14993] ? __pfx___pte_alloc+0x10/0x10 [ 609.930090][T14993] ? __rcu_read_unlock+0x27f/0x5e0 [ 609.930149][T14993] walk_pgd_range+0xb99/0x1dd0 [ 609.930190][T14993] ? __pfx_guard_install_set_pte+0x10/0x10 [ 609.930234][T14993] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 609.930283][T14993] ? __pfx_guard_install_set_pte+0x10/0x10 [ 609.930329][T14993] ? __pfx_guard_install_set_pte+0x10/0x10 [ 609.930376][T14993] ? __pfx_guard_install_set_pte+0x10/0x10 [ 609.930428][T14993] ? __pfx_walk_pgd_range+0x10/0x10 [ 609.930477][T14993] __walk_page_range+0x171/0x850 [ 609.930512][T14993] ? do_raw_spin_lock+0x128/0x260 [ 609.930569][T14993] walk_page_range_vma_unsafe+0x209/0x8f0 [ 609.930614][T14993] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 609.930674][T14993] madvise_guard_install+0x421/0x790 [ 609.930731][T14993] ? __pfx_madvise_guard_install+0x10/0x10 [ 609.930782][T14993] ? __pfx_guard_install_pud_entry+0x10/0x10 [ 609.930822][T14993] ? __pfx_guard_install_pmd_entry+0x10/0x10 [ 609.930861][T14993] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 609.930905][T14993] ? __pfx_guard_install_set_pte+0x10/0x10 [ 609.930953][T14993] madvise_vma_behavior+0xb9b/0x2240 [ 609.930999][T14993] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 609.931043][T14993] ? lock_vma_under_rcu+0x17c/0x590 [ 609.931092][T14993] ? lock_vma_under_rcu+0x25/0x590 [ 609.931136][T14993] ? lock_vma_under_rcu+0x1f9/0x590 [ 609.931180][T14993] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 609.931239][T14993] ? __futex_wait+0x256/0x300 [ 609.931291][T14993] madvise_walk_vmas+0x71c/0xa90 [ 609.931345][T14993] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 609.931404][T14993] ? find_held_lock+0x2b/0x80 [ 609.931448][T14993] madvise_do_behavior+0x1ea/0x510 [ 609.931495][T14993] ? __pfx_madvise_do_behavior+0x10/0x10 [ 609.931535][T14993] ? futex_wait+0x11e/0x370 [ 609.931584][T14993] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 609.931634][T14993] do_madvise+0x195/0x240 [ 609.931675][T14993] ? __pfx_do_madvise+0x10/0x10 [ 609.931715][T14993] ? do_futex+0x192/0x350 [ 609.931753][T14993] ? _raw_spin_unlock_irq+0x23/0x50 [ 609.931810][T14993] ? exit_to_user_mode_loop+0xf3/0x670 [ 609.931882][T14993] __x64_sys_madvise+0xa9/0x110 [ 609.931931][T14993] ? lockdep_hardirqs_on+0x78/0x100 [ 609.931983][T14993] do_syscall_64+0x115/0x840 [ 609.932034][T14993] ? clear_bhb_loop+0x40/0x90 [ 609.932080][T14993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 609.932117][T14993] RIP: 0033:0x7f684739ce59 [ 609.932147][T14993] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 609.932184][T14993] RSP: 002b:00007f6848282028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 609.932219][T14993] RAX: ffffffffffffffda RBX: 00007f6847615fa0 RCX: 00007f684739ce59 [ 609.932243][T14993] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 609.932267][T14993] RBP: 00007f6847432d6f R08: 0000000000000000 R09: 0000000000000000 [ 609.932289][T14993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 609.932312][T14993] R13: 00007f6847616038 R14: 00007f6847615fa0 R15: 00007fff04194108 [ 609.932360][T14993] [ 611.333620][T15015] ovs_: entered promiscuous mode [ 612.370994][T15039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2821'. [ 612.436579][T15041] netlink: 'syz.2.2821': attribute type 7 has an invalid length. [ 616.710076][T15112] FAULT_INJECTION: forcing a failure. [ 616.710076][T15112] name failslab, interval 1, probability 0, space 0, times 0 [ 616.744680][T15112] CPU: 1 UID: 0 PID: 15112 Comm: syz.4.2843 Tainted: G L syzkaller #0 PREEMPT(full) [ 616.744722][T15112] Tainted: [L]=SOFTLOCKUP [ 616.744732][T15112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 616.744748][T15112] Call Trace: [ 616.744756][T15112] [ 616.744766][T15112] dump_stack_lvl+0x100/0x190 [ 616.744815][T15112] should_fail_ex.cold+0x5/0xa [ 616.744848][T15112] should_failslab+0xc2/0x120 [ 616.744880][T15112] __kmalloc_cache_noprof+0x7a/0x6f0 [ 616.744917][T15112] ? snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 616.744965][T15112] ? _snd_pcm_hw_param_min+0x1ea/0x670 [ 616.745046][T15112] snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 616.745119][T15112] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 616.745158][T15112] ? __pfx___mutex_lock+0x10/0x10 [ 616.745211][T15112] ? do_vfs_ioctl+0x226/0x13e0 [ 616.745241][T15112] snd_pcm_oss_make_ready+0xeb/0x1b0 [ 616.745280][T15112] snd_pcm_oss_ioctl+0x7b4/0x37c0 [ 616.745319][T15112] ? __fget_files+0x215/0x3d0 [ 616.745373][T15112] ? hook_file_ioctl_common+0x149/0x410 [ 616.745413][T15112] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 616.745459][T15112] ? __fget_files+0x21f/0x3d0 [ 616.745493][T15112] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 616.745532][T15112] __x64_sys_ioctl+0x18e/0x210 [ 616.745560][T15112] do_syscall_64+0x115/0x840 [ 616.745596][T15112] ? clear_bhb_loop+0x40/0x90 [ 616.745627][T15112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 616.745654][T15112] RIP: 0033:0x7f90d0d9ce59 [ 616.745674][T15112] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 616.745699][T15112] RSP: 002b:00007f90d1d23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 616.745724][T15112] RAX: ffffffffffffffda RBX: 00007f90d1015fa0 RCX: 00007f90d0d9ce59 [ 616.745741][T15112] RDX: 00002000000000c0 RSI: 00000000800c5012 RDI: 0000000000000007 [ 616.745757][T15112] RBP: 00007f90d0e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 616.745773][T15112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 616.745788][T15112] R13: 00007f90d1016038 R14: 00007f90d1015fa0 R15: 00007fffaf922528 [ 616.745821][T15112] [ 617.042075][ T50] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 617.395278][T15114] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 617.442777][T15114] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 617.466379][T15114] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 617.498057][T15114] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 617.525978][T15114] page dumped because: unmovable page [ 617.554607][T15114] page_owner info is not present (never set?) [ 618.452522][T15153] syz.0.2855 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 619.311739][T15167] openvswitch: ovs_: Dropping previously announced user features [ 619.362644][T15167] HfR: entered promiscuous mode [ 620.791175][T15208] netlink: 25 bytes leftover after parsing attributes in process `syz.4.2873'. [ 621.666306][T15227] FAULT_INJECTION: forcing a failure. [ 621.666306][T15227] name (null), interval 1, probability 0, space 0, times 1 [ 621.686806][T15227] CPU: 0 UID: 0 PID: 15227 Comm: syz.0.2879 Tainted: G L syzkaller #0 PREEMPT(full) [ 621.686861][T15227] Tainted: [L]=SOFTLOCKUP [ 621.686875][T15227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 621.686899][T15227] Call Trace: [ 621.686908][T15227] [ 621.686918][T15227] dump_stack_lvl+0x100/0x190 [ 621.686969][T15227] should_fail_ex.cold+0x5/0xa [ 621.687002][T15227] null_queue_rq+0x2ed/0xfb0 [ 621.687127][T15227] null_queue_rqs+0xe9/0x2f0 [ 621.687170][T15227] ? __pfx_null_queue_rqs+0x10/0x10 [ 621.687220][T15227] __blk_mq_flush_list+0x9a/0xc0 [ 621.687290][T15227] blk_mq_dispatch_queue_requests+0x184/0x7c0 [ 621.687338][T15227] blk_mq_flush_plug_list+0x1f2/0x600 [ 621.687394][T15227] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 621.687447][T15227] __blk_flush_plug+0x2c4/0x4b0 [ 621.687491][T15227] ? __pfx___blk_flush_plug+0x10/0x10 [ 621.687528][T15227] ? folio_batch_move_lru+0x344/0x7d0 [ 621.687553][T15227] ? __pfx_lru_add+0x10/0x10 [ 621.687577][T15227] ? lock_acquire+0x1b1/0x370 [ 621.687621][T15227] blk_finish_plug+0x5c/0xa0 [ 621.687660][T15227] read_pages+0x5f7/0xdf0 [ 621.687705][T15227] ? __pfx_read_pages+0x10/0x10 [ 621.687778][T15227] page_cache_ra_order+0x76b/0xf10 [ 621.687852][T15227] page_cache_async_ra+0x7bb/0xd30 [ 621.687916][T15227] filemap_fault+0xf77/0x2e90 [ 621.687962][T15227] ? __pfx_filemap_fault+0x10/0x10 [ 621.688004][T15227] ? blk_cgroup_congested+0x136/0x270 [ 621.688095][T15227] ? blk_cgroup_congested+0x136/0x270 [ 621.688157][T15227] ? __pfx_filemap_map_pages+0x10/0x10 [ 621.688212][T15227] __do_fault+0x10b/0x440 [ 621.688253][T15227] do_fault+0xeb2/0x1750 [ 621.688306][T15227] __handle_mm_fault+0x187d/0x2a00 [ 621.688406][T15227] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 621.688454][T15227] ? __pfx___handle_mm_fault+0x10/0x10 [ 621.688514][T15227] ? pte_offset_map_lock+0x174/0x320 [ 621.688557][T15227] ? find_held_lock+0x2b/0x80 [ 621.688616][T15227] ? follow_page_pte+0x4d0/0x13f0 [ 621.688669][T15227] handle_mm_fault+0x37b/0xa30 [ 621.688731][T15227] __get_user_pages+0x1178/0x32a0 [ 621.688793][T15227] ? __pfx___get_user_pages+0x10/0x10 [ 621.688850][T15227] populate_vma_page_range+0x267/0x3f0 [ 621.688901][T15227] ? __pfx_populate_vma_page_range+0x10/0x10 [ 621.688947][T15227] ? __pfx_find_vma_intersection+0x10/0x10 [ 621.688992][T15227] ? do_mmap+0x93f/0x12f0 [ 621.689039][T15227] __mm_populate+0x107/0x3a0 [ 621.689089][T15227] ? __pfx___mm_populate+0x10/0x10 [ 621.689140][T15227] ? up_write+0x28c/0x4f0 [ 621.689182][T15227] vm_mmap_pgoff+0x37f/0x470 [ 621.689232][T15227] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 621.689275][T15227] ? __fget_files+0x215/0x3d0 [ 621.689325][T15227] ? __fget_files+0x21f/0x3d0 [ 621.689383][T15227] ksys_mmap_pgoff+0x3cb/0x610 [ 621.689429][T15227] ? __x64_sys_futex+0x358/0x4d0 [ 621.689458][T15227] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 621.689488][T15227] ? xfd_validate_state+0x129/0x190 [ 621.689520][T15227] __x64_sys_mmap+0x125/0x190 [ 621.689551][T15227] do_syscall_64+0x115/0x840 [ 621.689589][T15227] ? clear_bhb_loop+0x40/0x90 [ 621.689620][T15227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.689647][T15227] RIP: 0033:0x7febecd9ce59 [ 621.689668][T15227] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 621.689693][T15227] RSP: 002b:00007febedcae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 621.689718][T15227] RAX: ffffffffffffffda RBX: 00007febed016090 RCX: 00007febecd9ce59 [ 621.689735][T15227] RDX: 0000000000000ffb RSI: 0000000000810004 RDI: 0000000000000000 [ 621.689751][T15227] RBP: 00007febece32d6f R08: 0000000000000005 R09: 0000000000008000 [ 621.689767][T15227] R10: 0008000000008012 R11: 0000000000000246 R12: 0000000000000000 [ 621.689783][T15227] R13: 00007febed016128 R14: 00007febed016090 R15: 00007ffe65567a48 [ 621.689815][T15227] [ 622.365619][T15232] FAULT_INJECTION: forcing a failure. [ 622.365619][T15232] name failslab, interval 1, probability 0, space 0, times 0 [ 622.405356][T15232] CPU: 1 UID: 0 PID: 15232 Comm: syz.4.2881 Tainted: G L syzkaller #0 PREEMPT(full) [ 622.405412][T15232] Tainted: [L]=SOFTLOCKUP [ 622.405426][T15232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 622.405448][T15232] Call Trace: [ 622.405461][T15232] [ 622.405474][T15232] dump_stack_lvl+0x100/0x190 [ 622.405543][T15232] should_fail_ex.cold+0x5/0xa [ 622.405589][T15232] should_failslab+0xc2/0x120 [ 622.405633][T15232] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 622.405690][T15232] ? ptlock_alloc+0x1f/0x70 [ 622.405749][T15232] ptlock_alloc+0x1f/0x70 [ 622.405811][T15232] pte_alloc_one+0x82/0x3d0 [ 622.405862][T15232] __pte_alloc+0x6d/0x380 [ 622.405906][T15232] ? __pfx___pte_alloc+0x10/0x10 [ 622.405945][T15232] ? walk_pgd_range+0x1391/0x1dd0 [ 622.405980][T15232] ? walk_pgd_range+0x1391/0x1dd0 [ 622.406023][T15232] walk_pgd_range+0xb99/0x1dd0 [ 622.406065][T15232] ? __pfx_guard_install_set_pte+0x10/0x10 [ 622.406110][T15232] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 622.406161][T15232] ? __pfx_guard_install_set_pte+0x10/0x10 [ 622.406211][T15232] ? __pfx_guard_install_set_pte+0x10/0x10 [ 622.406259][T15232] ? __pfx_guard_install_set_pte+0x10/0x10 [ 622.406303][T15232] ? __pfx_walk_pgd_range+0x10/0x10 [ 622.406339][T15232] ? rcu_is_watching+0x12/0xc0 [ 622.406381][T15232] ? trace_pelt_se_tp+0x13b/0x190 [ 622.406443][T15232] __walk_page_range+0x171/0x850 [ 622.406479][T15232] ? do_raw_spin_lock+0x128/0x260 [ 622.406522][T15232] ? find_held_lock+0x2b/0x80 [ 622.406566][T15232] ? debug_object_activate+0x331/0x490 [ 622.406712][T15232] ? debug_object_activate+0x331/0x490 [ 622.406767][T15232] walk_page_range_vma_unsafe+0x209/0x8f0 [ 622.406821][T15232] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 622.406881][T15232] madvise_guard_install+0x421/0x790 [ 622.406940][T15232] ? __pfx_madvise_guard_install+0x10/0x10 [ 622.406993][T15232] ? __pfx_guard_install_pud_entry+0x10/0x10 [ 622.407036][T15232] ? __pfx_guard_install_pmd_entry+0x10/0x10 [ 622.407081][T15232] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 622.407131][T15232] ? __pfx_guard_install_set_pte+0x10/0x10 [ 622.407185][T15232] madvise_vma_behavior+0xb9b/0x2240 [ 622.407241][T15232] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 622.407292][T15232] ? lock_vma_under_rcu+0x17c/0x590 [ 622.407350][T15232] ? lock_vma_under_rcu+0x25/0x590 [ 622.407402][T15232] ? lock_vma_under_rcu+0x1f9/0x590 [ 622.407453][T15232] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 622.407517][T15232] ? __futex_wait+0x256/0x300 [ 622.407571][T15232] madvise_walk_vmas+0x71c/0xa90 [ 622.407627][T15232] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 622.407679][T15232] ? find_held_lock+0x2b/0x80 [ 622.407728][T15232] madvise_do_behavior+0x1ea/0x510 [ 622.407781][T15232] ? __pfx_madvise_do_behavior+0x10/0x10 [ 622.407835][T15232] ? futex_wait+0x11e/0x370 [ 622.407892][T15232] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 622.407950][T15232] do_madvise+0x195/0x240 [ 622.407997][T15232] ? __pfx_do_madvise+0x10/0x10 [ 622.408044][T15232] ? do_futex+0x192/0x350 [ 622.408089][T15232] ? _raw_spin_unlock_irq+0x23/0x50 [ 622.408151][T15232] ? exit_to_user_mode_loop+0xf3/0x670 [ 622.408219][T15232] __x64_sys_madvise+0xa9/0x110 [ 622.408268][T15232] ? lockdep_hardirqs_on+0x78/0x100 [ 622.408333][T15232] do_syscall_64+0x115/0x840 [ 622.408384][T15232] ? clear_bhb_loop+0x40/0x90 [ 622.408428][T15232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 622.408465][T15232] RIP: 0033:0x7f90d0d9ce59 [ 622.408494][T15232] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 622.408529][T15232] RSP: 002b:00007f90d1d23028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 622.408562][T15232] RAX: ffffffffffffffda RBX: 00007f90d1015fa0 RCX: 00007f90d0d9ce59 [ 622.408586][T15232] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 622.408608][T15232] RBP: 00007f90d0e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 622.408631][T15232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 622.408653][T15232] R13: 00007f90d1016038 R14: 00007f90d1015fa0 R15: 00007fffaf922528 [ 622.408700][T15232] [ 623.707335][T15257] [ 623.709814][T15257] ====================================================== [ 623.716870][T15257] WARNING: possible circular locking dependency detected [ 623.723932][T15257] syzkaller #0 Tainted: G L [ 623.729971][T15257] ------------------------------------------------------ [ 623.737026][T15257] syz.4.2889/15257 is trying to acquire lock: [ 623.743129][T15257] ffff88807e50e1e8 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0 [ 623.754698][T15257] [ 623.754698][T15257] but task is already holding lock: [ 623.762190][T15257] ffff888069e7c0e0 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 623.771389][T15257] [ 623.771389][T15257] which lock already depends on the new lock. [ 623.771389][T15257] [ 623.781821][T15257] [ 623.781821][T15257] the existing dependency chain (in reverse order) is: [ 623.790944][T15257] [ 623.790944][T15257] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}: [ 623.798797][T15257] lock_sock_nested+0x41/0xf0 [ 623.804063][T15257] smc_listen_out+0x1f5/0x4b0 [ 623.809306][T15257] smc_listen_work+0x4c2/0x50e0 [ 623.814716][T15257] process_one_work+0xa0e/0x1980 [ 623.820209][T15257] worker_thread+0x5ef/0xe50 [ 623.825372][T15257] kthread+0x370/0x450 [ 623.830012][T15257] ret_from_fork+0x72b/0xd50 [ 623.835151][T15257] ret_from_fork_asm+0x1a/0x30 [ 623.840475][T15257] [ 623.840475][T15257] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}: [ 623.850699][T15257] __lock_acquire+0x14b8/0x2630 [ 623.856129][T15257] lock_acquire+0x1b1/0x370 [ 623.861206][T15257] __flush_work+0x4de/0xcb0 [ 623.866263][T15257] cancel_work_sync+0xd1/0xf0 [ 623.871505][T15257] smc_clcsock_release+0x5f/0xe0 [ 623.877105][T15257] __smc_release+0x5c2/0x880 [ 623.882255][T15257] smc_close_non_accepted+0xda/0x200 [ 623.888109][T15257] smc_close_active+0x4ff/0x1070 [ 623.893623][T15257] __smc_release+0x634/0x880 [ 623.898771][T15257] smc_release+0x1fc/0x620 [ 623.903755][T15257] __sock_release+0xb3/0x260 [ 623.908914][T15257] sock_close+0x1c/0x30 [ 623.913622][T15257] __fput+0x3ff/0xb50 [ 623.918179][T15257] task_work_run+0x150/0x240 [ 623.923320][T15257] exit_to_user_mode_loop+0x157/0x670 [ 623.929263][T15257] do_syscall_64+0x652/0x840 [ 623.934420][T15257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 623.940876][T15257] [ 623.940876][T15257] other info that might help us debug this: [ 623.940876][T15257] [ 623.951127][T15257] Possible unsafe locking scenario: [ 623.951127][T15257] [ 623.958611][T15257] CPU0 CPU1 [ 623.963996][T15257] ---- ---- [ 623.969384][T15257] lock(sk_lock-AF_SMC/1); [ 623.973931][T15257] lock((work_completion)(&new_smc->smc_listen_work)); [ 623.983429][T15257] lock(sk_lock-AF_SMC/1); [ 623.990500][T15257] lock((work_completion)(&new_smc->smc_listen_work)); [ 623.997473][T15257] [ 623.997473][T15257] *** DEADLOCK *** [ 623.997473][T15257] [ 624.005654][T15257] 3 locks held by syz.4.2889/15257: [ 624.010873][T15257] #0: ffff88805b991f00 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 624.021484][T15257] #1: ffff888069e7c0e0 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 624.030961][T15257] #2: ffffffff8e7e5360 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0 [ 624.040159][T15257] [ 624.040159][T15257] stack backtrace: [ 624.046091][T15257] CPU: 1 UID: 0 PID: 15257 Comm: syz.4.2889 Tainted: G L syzkaller #0 PREEMPT(full) [ 624.046135][T15257] Tainted: [L]=SOFTLOCKUP [ 624.046145][T15257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 624.046165][T15257] Call Trace: [ 624.046176][T15257] [ 624.046187][T15257] dump_stack_lvl+0x100/0x190 [ 624.046239][T15257] print_circular_bug.cold+0x178/0x1c7 [ 624.046289][T15257] check_noncircular+0x146/0x160 [ 624.046337][T15257] __lock_acquire+0x14b8/0x2630 [ 624.046389][T15257] lock_acquire+0x1b1/0x370 [ 624.046433][T15257] ? __flush_work+0x4ca/0xcb0 [ 624.046463][T15257] ? mark_held_locks+0x40/0x70 [ 624.046508][T15257] ? __flush_work+0x4ca/0xcb0 [ 624.046536][T15257] __flush_work+0x4de/0xcb0 [ 624.046562][T15257] ? __flush_work+0x4ca/0xcb0 [ 624.046592][T15257] ? __pfx___flush_work+0x10/0x10 [ 624.046622][T15257] ? __pfx_wq_barrier_func+0x10/0x10 [ 624.046665][T15257] ? __pfx___might_resched+0x10/0x10 [ 624.046698][T15257] cancel_work_sync+0xd1/0xf0 [ 624.046731][T15257] smc_clcsock_release+0x5f/0xe0 [ 624.046770][T15257] __smc_release+0x5c2/0x880 [ 624.046813][T15257] ? __pfx_sock_def_readable+0x10/0x10 [ 624.046861][T15257] smc_close_non_accepted+0xda/0x200 [ 624.046901][T15257] smc_close_active+0x4ff/0x1070 [ 624.046941][T15257] __smc_release+0x634/0x880 [ 624.046975][T15257] smc_release+0x1fc/0x620 [ 624.047008][T15257] __sock_release+0xb3/0x260 [ 624.047038][T15257] ? __pfx_sock_close+0x10/0x10 [ 624.047067][T15257] sock_close+0x1c/0x30 [ 624.047094][T15257] __fput+0x3ff/0xb50 [ 624.047137][T15257] task_work_run+0x150/0x240 [ 624.047163][T15257] ? __pfx_task_work_run+0x10/0x10 [ 624.047190][T15257] ? rcu_is_watching+0x12/0xc0 [ 624.047225][T15257] exit_to_user_mode_loop+0x157/0x670 [ 624.047271][T15257] ? rcu_is_watching+0x12/0xc0 [ 624.047306][T15257] do_syscall_64+0x652/0x840 [ 624.047346][T15257] ? clear_bhb_loop+0x40/0x90 [ 624.047378][T15257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.047413][T15257] RIP: 0033:0x7f90d0d9ce59 [ 624.047436][T15257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 624.047465][T15257] RSP: 002b:00007f90d1d23028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 624.047491][T15257] RAX: 0000000000000000 RBX: 00007f90d1015fa0 RCX: 00007f90d0d9ce59 [ 624.047510][T15257] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 624.047527][T15257] RBP: 00007f90d0e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 624.047545][T15257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 624.047563][T15257] R13: 00007f90d1016038 R14: 00007f90d1015fa0 R15: 00007fffaf922528 [ 624.047590][T15257] [ 624.496667][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.503212][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.518344][ T3302] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.654427][ T3302] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.733745][ T3302] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.773776][ T3302] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.873468][ T3302] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.933817][ T3302] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.965602][ T3302] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.022405][ T3302] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.129549][ T3302] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.217084][ T3302] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.264718][ T3302] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.277685][ T5296] 8021q: adding VLAN 0 to HW filter on device eth5 [ 626.334865][ T3302] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.475691][ T3302] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.548780][ T3302] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.607657][ T3302] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.668497][ T3302] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.682166][ T5296] 8021q: adding VLAN 0 to HW filter on device eth6 [ 626.796843][ T3302] bridge_slave_1: left allmulticast mode [ 626.806545][ T3302] bridge_slave_1: left promiscuous mode [ 626.812593][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state [ 626.821667][ T3302] bridge_slave_0: left allmulticast mode [ 626.827381][ T3302] bridge_slave_0: left promiscuous mode [ 626.833382][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state [ 626.849896][ T3302] bridge_slave_1: left allmulticast mode [ 626.857089][ T3302] bridge_slave_1: left promiscuous mode [ 626.863371][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state [ 626.875637][ T3302] bridge_slave_0: left allmulticast mode [ 626.882582][ T3302] bridge_slave_0: left promiscuous mode [ 626.888767][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state [ 626.905304][ T3302] bridge_slave_1: left allmulticast mode [ 626.911623][ T3302] bridge_slave_1: left promiscuous mode [ 626.917409][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state [ 626.926099][ T3302] bridge_slave_0: left allmulticast mode [ 626.933621][ T3302] bridge_slave_0: left promiscuous mode [ 626.940957][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state [ 626.954320][ T3302] bridge_slave_1: left allmulticast mode [ 626.960110][ T3302] bridge_slave_1: left promiscuous mode [ 626.965872][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state [ 626.975155][ T3302] bridge_slave_0: left allmulticast mode [ 626.982380][ T3302] bridge_slave_0: left promiscuous mode [ 626.988233][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state [ 627.301510][ T3302] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 627.311834][ T3302] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 627.321629][ T3302] bond0 (unregistering): Released all slaves [ 627.601767][ T3302] bond0 (unregistering): (slave ): Releasing backup interface [ 627.610650][ T3302] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 627.620550][ T3302] bond0 (unregistering): Released all slaves [ 627.834452][ T5296] 8021q: adding VLAN 0 to HW filter on device eth7 [ 627.902229][ T3302] ovs_: left promiscuous mode [ 627.920104][ T3302] ovs_: left promiscuous mode [ 627.969881][ T3302] HfR: left promiscuous mode [ 628.293662][ T5296] 8021q: adding VLAN 0 to HW filter on device eth8 [ 628.642992][ T5296] 8021q: adding VLAN 0 to HW filter on device eth9 [ 628.987448][ T5296] 8021q: adding VLAN 0 to HW filter on device eth10 [ 629.297043][ T3302] hsr_slave_0: left promiscuous mode [ 629.302967][ T3302] hsr_slave_1: left promiscuous mode [ 629.309017][ T3302] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 629.316451][ T3302] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 629.325891][ T3302] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 629.334188][ T3302] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 629.346336][ T3302] hsr_slave_0: left promiscuous mode [ 629.352371][ T3302] hsr_slave_1: left promiscuous mode [ 629.358452][ T3302] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 629.365903][ T3302] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 629.374033][ T3302] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 629.382407][ T3302] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 629.394996][ T3302] hsr_slave_0: left promiscuous mode [ 629.402463][ T3302] hsr_slave_1: left promiscuous mode [ 629.408830][ T3302] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 629.416285][ T3302] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 629.426114][ T3302] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 629.433683][ T3302] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 629.445497][ T3302] hsr_slave_0: left promiscuous mode [ 629.451567][ T3302] hsr_slave_1: left promiscuous mode [ 629.457357][ T3302] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 629.465069][ T3302] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 629.472996][ T3302] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 629.480766][ T3302] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 629.495406][ T3302] veth1_vlan: left promiscuous mode [ 629.500955][ T3302] veth0_vlan: left promiscuous mode [ 629.506916][ T3302] veth0_macvtap: left promiscuous mode [ 629.512634][ T3302] veth1_vlan: left promiscuous mode [ 629.518052][ T3302] veth0_vlan: left promiscuous mode [ 629.524005][ T3302] veth1_macvtap: left promiscuous mode [ 629.529989][ T3302] veth0_macvtap: left promiscuous mode [ 629.535588][ T3302] veth1_vlan: left promiscuous mode [ 629.543620][ T3302] veth1_macvtap: left promiscuous mode [ 629.549237][ T3302] veth0_macvtap: left promiscuous mode [ 629.555018][ T3302] veth1_vlan: left promiscuous mode [ 629.560475][ T3302] veth0_vlan: left promiscuous mode [ 629.787571][ T3302] team0 (unregistering): Port device team_slave_1 removed [ 629.916368][ T3302] team0 (unregistering): Port device team_slave_1 removed [ 630.052725][ T3302] team0 (unregistering): Port device team_slave_1 removed [ 630.178870][ T3302] team0 (unregistering): Port device team_slave_1 removed [ 630.193658][ T3302] team0 (unregistering): Port device team_slave_0 removed [ 630.240757][ T5296] 8021q: adding VLAN 0 to HW filter on device eth11 [ 630.709639][ T5296] 8021q: adding VLAN 0 to HW filter on device eth12 [ 631.093204][ T5296] 8021q: adding VLAN 0 to HW filter on device eth13 [ 631.406758][ T5296] 8021q: adding VLAN 0 to HW filter on device eth14 [ 631.702807][ T5296] 8021q: adding VLAN 0 to HW filter on device eth15 [ 632.019618][ T5296] 8021q: adding VLAN 0 to HW filter on device eth16 [ 632.321947][ T5296] 8021q: adding VLAN 0 to HW filter on device eth17 [ 632.625029][ T5296] 8021q: adding VLAN 0 to HW filter on device eth18 [ 632.956038][ T5296] 8021q: adding VLAN 0 to HW filter on device eth19 [ 633.262834][ T5296] 8021q: adding VLAN 0 to HW filter on device eth20