last executing test programs: 20.097094863s ago: executing program 1 (id=9587): r0 = openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/free_buffer\x00', 0x80c01, 0x0) pwritev$auto(r0, &(0x7f0000000080)={0x0, 0x10001}, 0xd, 0x1000000000000002, 0x4f) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyr3/dev\x00', 0x40200, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x8000, 0x0) socket(0x10, 0x2, 0xb) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/hugepages/hugepages-2048kB/surplus_hugepages\x00', 0x103400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001c00)=""/4111, 0x100f) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x3, 0x0, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) sendfile$auto(r3, r1, 0x0, 0x10000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008011, 0x4, 0x0) r5 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0) ioctl$auto_TUNSETOFFLOAD(r5, 0x400454d0, &(0x7f0000000500)=0x9) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0x2003f0, 0x18) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008012, 0x1000000004, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) pwrite64$auto(0xc8, 0x0, 0x10, 0x3) socket(0x2, 0x1, 0x106) 19.076547085s ago: executing program 1 (id=9588): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000fb3d89cb809172a3320003008000400088"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000804}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x2c, 0x0, 0x1, 0x5, 0x25dfdbfd, {}, [@GTPA_I_TEI={0x8, 0x8, 0x5}, @GTPA_LINK={0x8, 0x1, 0x6551e4e0}, @GTPA_VERSION={0x8, 0x2, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x14) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x800}, 0x2, 0x0, 0x7, 0xa505}, 0xa788}, 0x7, 0x8) 18.873529581s ago: executing program 1 (id=9591): pipe$auto(&(0x7f0000000000)) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x642, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000100), 0x80840, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x6, 0x200) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f00000000c0)='\xc4--:\xdd:,./-${\x00', 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) futex$auto(0x0, 0x7, 0x2, 0x0, 0x0, 0x71e8dce0) socket$nl_generic(0x10, 0x3, 0x10) shmctl$auto_IPC_INFO(0xebf0, 0x3, &(0x7f0000000380)={{0xe4, 0xee01, 0xee00, 0x7, 0x0, 0xf02f, 0xac}, 0x5, 0x10, 0x0, 0xe0000000, @raw=0x7, @inferred=r0, 0x1, 0x0, &(0x7f0000000140)="dbe31607f6b92127b8f2bbc1d9d5aedfb2ef95b801370a292c61c25ce2bdead6c482fb3b9b31fc2bd560c55b728edc6cdd48fa2002e8f0983ef05b46f082a3464fb0bc3ba01dec5cf447ce995f19261db7712867c023c9be33ab6f7f83", &(0x7f0000000280)="c1ad76196a07c83102ce2561cc3b5c90bd317b10d633687d13c522504634dea6f5dfc503f069e29a39066d1283e3377598361304d6c40e8989d66790a72fe20c25421f0da693cd4f0d2ae29df5791e2818dba0b646a07ab00c33866ee0660b35f6c839a9a9fbc1e6c89bf93e61135eab9496879df43ff8bb641eb9015c98c538a9feff391039859c043eeea2f207652e92ff94adb9d7c391fe6fc744010dfdf47c1ca3a42ee4d3a4877e79d1846a4efa5c053a35feb819e93dd18ce56e68325b06b2a78a01ae495e0a11f85288361c71592b5a7e7bf70312b270bdab4fe57db6cc998ba54658a267a86320431768"}) rt_tgsigqueueinfo$auto_SIGCONT(r0, r1, 0x12, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x2, 0x0, @_sigfault={&(0x7f0000000040)="8efbffffff00"/21, @_addr_bnd={"4cc0f8a1567a4e05", &(0x7f0000000480)="faab4bd5b4446317f7ec0623a9f5335f4a2835881e6aa2db843c3cc8e6afac0c9a4b57ce202fea0fcdb0e2a6ead5c00a6106107651df20d99fbbe930ec0d0ffd43c7264a93c6de69710c91e30e84b63909956f14bd", &(0x7f0000000500)="e4fc12a0ee0eff6d0f1ba3652e9dde951a16f502f406d79b9cea942a01b92d23c403a87022c6f7d34dddb859f711c2f841a35290d67d48743d6672e8e55a4fd51569a2d3df25be8c8a6c2ef6202aec976a5d375b457f764f8007008102a01194b57fa6a5e0c062a4aad3fae2b0c5d912e3e25b6dcd9ccf0c3649be8d41d5b003d438465146bf919e1bff697a924e00cbe21430a7636b16eed4b6a3f770beec3804b6c8d6cdc2b7983fc131a5e79156d1f1f3dfb16a779eacb0792642d8c6f6d3d5a23beca160c1cdebef6e8d2a861205fcc853a553a54c3a44fb66e40ddf0e88bb8e42e5adcf1c5a49fd00520d1d1fb4f70a0344db7c85bf0d7c4a6e82d65d"}}}}) socket(0x1e, 0x4, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/kernel/task_delayacct\x00', 0x82080, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x0) sysfs$auto(0x2, 0x40, 0x0) fsopen$auto(0x0, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0) io_uring_setup$auto(0x67bb, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x0) socketpair$auto(0x1e, 0x1a8cc09c, 0x8000000000000000, 0x0) socket(0xa, 0x801, 0x84) 18.602953509s ago: executing program 1 (id=9592): sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20000000) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETODELAY(r0, 0x80045017, &(0x7f0000000c00)) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb1\x00', 0x400, 0x0) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2a, 0x2, 0x1) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x882, 0x0) unshare$auto(0x7f0000000000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1) close_range$auto(0x2, 0x8, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x1ffffffffffe, 0xd59f) r1 = socket(0x2b, 0x1, 0x1) r2 = socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x89a0, 0x4) read$auto_proc_oom_adj_operations_base(r2, &(0x7f0000000140)=""/71, 0x47) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) 17.110115711s ago: executing program 1 (id=9600): r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) ioctl$auto(r0, 0xab07, r0) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000080)='/sys/kernel/debug/sync/sw_sync\x00', &(0x7f0000000200)="b7b80923cdc800c979236e1d818539eff1fb19b2d916dc446967864e5de594d91025e7bfc6385143ae464fd2b1c65bd22542cebfee84c9b40f1bc2ff5fa6541b8af327d7727ae41566810b164ef388c03161fa5d259341e1eaf9cb7c1d361468715e04996baf2b3c4855234411d37399f1fb21da9f1d08bafa7b625ac5e90cdfcad4c5cab002d1a419cb6e81efec008a0295f8dec93e93b53a217d1e3dab3581", 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/ptp/ptp0/max_vclocks\x00', 0x103841, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x2c9, 0x7fffffffffffffff, 0x1, 0xeb1, 0xffffffffffffffff, 0x7fff) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r1, 0x40046f41, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open(0x0, 0x76bd, 0x12) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/audit\x00', 0xb02, 0x0) sendfile$auto(r2, r2, 0x0, 0xb2d) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r3 = socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0x9, 0xdf, 0x18, r3, 0x8000) socket(0x2, 0x5, 0x2) mmap$auto(0x0, 0x810004, 0x8001, 0x8000000008011, 0x3, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0x0, 0x0, 0x17) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x8000, 0xfa9d, 0x2, 0x0, 0x3, 0x1) clone$auto(0x10051c, 0x6, 0x0, 0xffffffffffffffff, 0x80000001) r4 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/numa_maps\x00', 0x22000, 0x0) read$auto_proc_sessionid_operations_base(r4, &(0x7f00000000c0)=""/4096, 0x1000) 15.446198684s ago: executing program 1 (id=9607): r0 = socket(0x23, 0x800, 0xe7) unshare$auto(0x40000080) r1 = getsockopt$auto(0xffffffffffffffff, 0x10002, 0x2, 0x0, &(0x7f0000000040)=0x2000000) mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, r1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x2000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000002c0)={0x9, &(0x7f0000000000)={0x50, 0xf2, 0xb0}}) write$auto(0x3, 0x0, 0xfdef) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5f0027617c680b39b053272335", @ANYRES64=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40801) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000180)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r3 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x6a) listen$auto(0x3, 0x81) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x3, 0x0, 0x4000000000000002, 0xb}, 0xfff}, 0x1, 0x311) close_range$auto(r0, 0x8, 0x0) socket(0xf, 0x5, 0xff) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram10/queue/max_sectors_kb\x00', 0xe3102, 0x0) sendfile$auto(r4, r4, 0x0, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) 5.295947398s ago: executing program 0 (id=9627): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x38, r1, 0x1, 0x70bd2f, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@nested={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x5}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x5000000}, 0x24048084) 5.107761841s ago: executing program 0 (id=9628): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004000)='/dev/audio\x00', 0x102, 0x0) openat$auto_clk_dump_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/clk/clk_dump\x00', 0x20000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr12/address\x00', 0x101800, 0x0) pipe$auto(0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/neigh/ip6gre0/base_reachable_time_ms\x00', 0x82082, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4000a, 0xdf, 0x9b72, 0xffffffffffffffff, 0x1000000028000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/edac_core/parameters/edac_mc_poll_msec\x00', 0x60301, 0x0) socketpair$auto(0x1, 0x2, 0x3, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x82, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4048aecb, 0x0) 4.746232582s ago: executing program 0 (id=9630): r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) ioctl$auto(r0, 0xab07, r0) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000080)='/sys/kernel/debug/sync/sw_sync\x00', &(0x7f0000000200)="b7b80923cdc800c979236e1d818539eff1fb19b2d916dc446967864e5de594d91025e7bfc6385143ae464fd2b1c65bd22542cebfee84c9b40f1bc2ff5fa6541b8af327d7727ae41566810b164ef388c03161fa5d259341e1eaf9cb7c1d361468715e04996baf2b3c4855234411d37399f1fb21da9f1d08bafa7b625ac5e90cdfcad4c5cab002d1a419cb6e81efec008a0295f8dec93e93b53a217d1e3dab3581", 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/ptp/ptp0/max_vclocks\x00', 0x103841, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x2c9, 0x7fffffffffffffff, 0x1, 0xeb1, 0xffffffffffffffff, 0x7fff) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r1, 0x40046f41, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open(0x0, 0x76bd, 0x12) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/audit\x00', 0xb02, 0x0) sendfile$auto(r2, r2, 0x0, 0xb2d) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r3 = socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0x9, 0xdf, 0x18, r3, 0x8000) socket(0x2, 0x5, 0x2) mmap$auto(0x0, 0x810004, 0x8001, 0x8000000008011, 0x3, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0x0, 0x0, 0x17) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x8000, 0xfa9d, 0x2, 0x0, 0x3, 0x1) clone$auto(0x10051c, 0x6, 0x0, 0xffffffffffffffff, 0x80000001) r4 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/numa_maps\x00', 0x22000, 0x0) read$auto_proc_sessionid_operations_base(r4, &(0x7f00000000c0)=""/4096, 0x1000) 2.869747027s ago: executing program 0 (id=9632): mlockall$auto(0x1) syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000000), 0x412200, 0x0) ioctl$auto_PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)=0x76) mprotect$auto(0x1ffffffff000, 0x100004, 0x6) 2.090279619s ago: executing program 3 (id=9638): r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) writev$auto(r0, 0x0, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x30, r2, 0x1, 0x703d25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x8880) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x60042, 0x0) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x80900, 0x0) 1.80429393s ago: executing program 3 (id=9640): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004000)='/dev/audio\x00', 0x102, 0x0) openat$auto_clk_dump_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/clk/clk_dump\x00', 0x20000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr12/address\x00', 0x101800, 0x0) pipe$auto(0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/neigh/ip6gre0/base_reachable_time_ms\x00', 0x82082, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4000a, 0xdf, 0x9b72, 0xffffffffffffffff, 0x1000000028000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) socketpair$auto(0x1, 0x2, 0x3, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x82, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4048aecb, 0x0) 1.566667903s ago: executing program 3 (id=9641): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004000)='/dev/audio\x00', 0x102, 0x0) openat$auto_clk_dump_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/clk/clk_dump\x00', 0x20000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr12/address\x00', 0x101800, 0x0) pipe$auto(0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/neigh/ip6gre0/base_reachable_time_ms\x00', 0x82082, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4000a, 0xdf, 0x9b72, 0xffffffffffffffff, 0x1000000028000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) socketpair$auto(0x1, 0x2, 0x3, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x82, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4048aecb, 0x0) 1.276435022s ago: executing program 3 (id=9642): futex$auto(0x0, 0x5, 0x3, 0x0, &(0x7f0000000080)=0x3, 0xfffffffb) 1.238500255s ago: executing program 0 (id=9643): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x640002, 0x130) open(0x0, 0x40000, 0x31) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) listen$auto(0x3, 0x83) 1.156093203s ago: executing program 3 (id=9644): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004000)='/dev/audio\x00', 0x102, 0x0) openat$auto_clk_dump_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/clk/clk_dump\x00', 0x20000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr12/address\x00', 0x101800, 0x0) pipe$auto(0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/neigh/ip6gre0/base_reachable_time_ms\x00', 0x82082, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4000a, 0xdf, 0x9b72, 0xffffffffffffffff, 0x1000000028000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/edac_core/parameters/edac_mc_poll_msec\x00', 0x60301, 0x0) socketpair$auto(0x1, 0x2, 0x3, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x82, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4048aecb, 0x0) 983.753771ms ago: executing program 2 (id=9645): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0xa02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f00000001c0)={{@inferred, 0x7, 0x109, 0x7, "aab8e80600080043529f895cf5e8ec8f46cbb766439d070a0000000000000000000000000000000000001f00", @raw=0x2}, 0x6, 0x4, 0x6, @raw=0xd7, @integer64={0x442df60c, 0x81, 0x7}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) 897.609627ms ago: executing program 0 (id=9646): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe3102, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) mmap$auto(0x401000000000, 0x40000004020009, 0x6, 0x14, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) mprotect$auto(0x1ffffffff000, 0x100018, 0x4) write$auto_mousedev_fops_mousedev(r1, &(0x7f0000000280)='\"', 0x1) read$auto(r1, 0x0, 0x80000004) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) 857.740532ms ago: executing program 2 (id=9647): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x38, r1, 0x1, 0x70bd2f, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@nested={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x5}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x7000000}, 0x24048084) 799.863399ms ago: executing program 3 (id=9648): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x22, 0x2, 0x1) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000100)={0x20041, 0x9, 0x2}, 0x18) socket(0x2, 0x1, 0x106) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r1 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x401, 0x0) syz_clone(0x89411, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$auto(r1, 0x84, 0x1, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x18, 0x5, 0x15) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000040), r2) sendmsg$auto_HANDSHAKE_CMD_DONE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="f4bb0000", @ANYRES16=r3, @ANYBLOB="010028bd7000fedbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x400c4}, 0x20040040) mprotect$auto(0x0, 0x806121, 0x8) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x9, 0x49f, 0x9b72, 0x2, 0x8000000000008000) r4 = open(&(0x7f0000000000)='./file0\x00', 0x26142, 0x4b) write$auto(r4, 0x0, 0x100082) 727.302529ms ago: executing program 2 (id=9649): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x8880) 621.220863ms ago: executing program 2 (id=9650): ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000100)={{@raw=0xfffffffe, 0x85, 0x20e, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x6}, 0x0, @integer=@value=[0x42, 0x4, 0x4, 0x6, 0x2000000009, 0xfffffffffffffffb, 0x9, 0x3, 0x101, 0xff, 0x22, 0x5, 0x6, 0x4, 0x7, 0xfffffffffffffffa, 0x1ff, 0x1, 0x400, 0x8, 0x5, 0x2, 0xe295, 0xa2, 0x8, 0x100000000, 0x2, 0x8, 0xae, 0xaeb, 0x3, 0xffffffffffffffff, 0x5, 0x8, 0xfffffffffffffffb, 0x3, 0x55e2, 0x7, 0x8000, 0xe, 0xffffffffffffffff, 0x6, 0x6, 0x14f3, 0x1ff, 0x1, 0x6e7, 0x3, 0x8, 0x6, 0x3, 0x2, 0x7fffffff, 0x7, 0x9, 0x0, 0x401, 0x9, 0x6, 0x100000001, 0xffffffff, 0x800, 0x8005, 0x5, 0x5ed4, 0x1, 0x7, 0x80000000, 0x962, 0x5, 0xfffffffffffffffe, 0x8, 0xfffffffffffffff7, 0x401, 0x1, 0x3e44, 0x8, 0x4, 0x9, 0x39, 0xc98c, 0x68, 0x2, 0x6, 0x1, 0x87, 0xfffffffffffffffe, 0x4, 0xfffffffffffffffe, 0xffffffffffffffff, 0x55, 0x8, 0x30, 0x2d, 0x0, 0x3, 0x2, 0x0, 0x726, 0x7ffffffc, 0x1000, 0x10000, 0x0, 0x4, 0xffffffffffffff81, 0xbf, 0x4, 0x4, 0x0, 0x5, 0x1, 0x0, 0x6, 0x9, 0x8000, 0xffff, 0x7, 0x140, 0x0, 0xc7dd, 0xfc05, 0x0, 0x4, 0x6, 0x8, 0x0, 0x0, 0x4], "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"}) (async) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) write$auto(r0, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) 186.721624ms ago: executing program 32 (id=9607): r0 = socket(0x23, 0x800, 0xe7) unshare$auto(0x40000080) r1 = getsockopt$auto(0xffffffffffffffff, 0x10002, 0x2, 0x0, &(0x7f0000000040)=0x2000000) mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, r1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x2000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000002c0)={0x9, &(0x7f0000000000)={0x50, 0xf2, 0xb0}}) write$auto(0x3, 0x0, 0xfdef) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5f0027617c680b39b053272335", @ANYRES64=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40801) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000180)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r3 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x6a) listen$auto(0x3, 0x81) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x3, 0x0, 0x4000000000000002, 0xb}, 0xfff}, 0x1, 0x311) close_range$auto(r0, 0x8, 0x0) socket(0xf, 0x5, 0xff) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram10/queue/max_sectors_kb\x00', 0xe3102, 0x0) sendfile$auto(r4, r4, 0x0, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) 122.169826ms ago: executing program 2 (id=9652): futex$auto(0x0, 0x5, 0x3, 0x0, &(0x7f0000000080)=0x3, 0xfffffffb) 0s ago: executing program 2 (id=9653): mlockall$auto(0x1) mlockall$auto(0x2) r0 = openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/environ\x00', 0x2800, 0x0) preadv$auto(r0, &(0x7f00000001c0)={0x0, 0x6b}, 0x8, 0xd2d, 0x8) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x280, 0x0) ioctl$auto_SNDCTL_SEQ_TESTMIDI(r1, 0x40045108, &(0x7f00000000c0)) syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) pread64$auto(r2, &(0x7f0000000080)='\x00'/15, 0x400, 0x9) mprotect$auto(0x1ffffffff001, 0x100002, 0x6) kernel console output (not intermixed with test programs): ptmx_open+0x10/0x10 [ 2227.348417][T11583] chrdev_open+0x234/0x6a0 [ 2227.348439][T11583] ? __pfx_apparmor_file_open+0x10/0x10 [ 2227.348454][T11583] ? __pfx_chrdev_open+0x10/0x10 [ 2227.348476][T11583] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2227.348503][T11583] do_dentry_open+0x748/0x1590 [ 2227.348523][T11583] ? __pfx_chrdev_open+0x10/0x10 [ 2227.348549][T11583] vfs_open+0x82/0x3f0 [ 2227.348567][T11583] path_openat+0x2078/0x3140 [ 2227.348595][T11583] ? __pfx_path_openat+0x10/0x10 [ 2227.348623][T11583] do_filp_open+0x20b/0x470 [ 2227.348644][T11583] ? __pfx_do_filp_open+0x10/0x10 [ 2227.348679][T11583] ? alloc_fd+0x471/0x7d0 [ 2227.348710][T11583] do_sys_openat2+0x121/0x290 [ 2227.348727][T11583] ? __pfx_do_sys_openat2+0x10/0x10 [ 2227.348750][T11583] __x64_sys_openat+0x174/0x210 [ 2227.348766][T11583] ? __pfx___x64_sys_openat+0x10/0x10 [ 2227.348791][T11583] do_syscall_64+0xcd/0xf80 [ 2227.348815][T11583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2227.348831][T11583] RIP: 0033:0x7fb4dbd8f7c9 [ 2227.348845][T11583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2227.348860][T11583] RSP: 002b:00007fb4dcba3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2227.348875][T11583] RAX: ffffffffffffffda RBX: 00007fb4dbfe5fa0 RCX: 00007fb4dbd8f7c9 [ 2227.348884][T11583] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 2227.348894][T11583] RBP: 00007fb4dbe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 2227.348903][T11583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2227.348912][T11583] R13: 00007fb4dbfe6038 R14: 00007fb4dbfe5fa0 R15: 00007ffc329e72f8 [ 2227.348932][T11583] [ 2228.529332][T11591] FAULT_INJECTION: forcing a failure. [ 2228.529332][T11591] name failslab, interval 1, probability 0, space 0, times 0 [ 2228.795225][T11591] CPU: 0 UID: 0 PID: 11591 Comm: syz.0.9260 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2228.795255][T11591] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2228.795261][T11591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2228.795272][T11591] Call Trace: [ 2228.795278][T11591] [ 2228.795285][T11591] dump_stack_lvl+0x16c/0x1f0 [ 2228.795311][T11591] should_fail_ex+0x512/0x640 [ 2228.795329][T11591] ? fs_reclaim_acquire+0xae/0x150 [ 2228.795354][T11591] should_failslab+0xc2/0x120 [ 2228.795384][T11591] __kmalloc_cache_noprof+0x80/0x800 [ 2228.795401][T11591] ? __pfx_widen_string+0x10/0x10 [ 2228.795418][T11591] ? tomoyo_init_log+0x197/0x2140 [ 2228.795448][T11591] ? tomoyo_init_log+0x197/0x2140 [ 2228.795468][T11591] tomoyo_init_log+0x197/0x2140 [ 2228.795487][T11591] ? format_decode+0x1a7/0xd00 [ 2228.795505][T11591] ? __pfx_format_decode+0x10/0x10 [ 2228.795522][T11591] ? __lock_acquire+0x436/0x2890 [ 2228.795543][T11591] ? __pfx_tomoyo_init_log+0x10/0x10 [ 2228.795567][T11591] tomoyo_write_log2+0x2f7/0xc10 [ 2228.795590][T11591] tomoyo_supervisor+0x15e/0x13b0 [ 2228.795615][T11591] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 2228.795650][T11591] ? tomoyo_check_path_acl+0xad/0x210 [ 2228.795666][T11591] ? tomoyo_check_acl+0x1f7/0x410 [ 2228.795684][T11591] tomoyo_path_permission+0x270/0x3b0 [ 2228.795702][T11591] tomoyo_check_open_permission+0x37b/0x3c0 [ 2228.795720][T11591] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 2228.795756][T11591] ? do_raw_spin_lock+0x12c/0x2b0 [ 2228.795778][T11591] tomoyo_file_open+0x6b/0x90 [ 2228.795801][T11591] security_file_open+0x84/0x1e0 [ 2228.795820][T11591] do_dentry_open+0x597/0x1590 [ 2228.795843][T11591] ? security_inode_permission+0xbf/0x260 [ 2228.795863][T11591] vfs_open+0x82/0x3f0 [ 2228.795881][T11591] path_openat+0x2078/0x3140 [ 2228.795908][T11591] ? __pfx_path_openat+0x10/0x10 [ 2228.795937][T11591] do_filp_open+0x20b/0x470 [ 2228.795958][T11591] ? __pfx_do_filp_open+0x10/0x10 [ 2228.795993][T11591] ? alloc_fd+0x471/0x7d0 [ 2228.796029][T11591] do_sys_openat2+0x121/0x290 [ 2228.796046][T11591] ? __pfx_do_sys_openat2+0x10/0x10 [ 2228.796071][T11591] __x64_sys_openat+0x174/0x210 [ 2228.796088][T11591] ? __pfx___x64_sys_openat+0x10/0x10 [ 2228.796114][T11591] do_syscall_64+0xcd/0xf80 [ 2228.796137][T11591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2228.796153][T11591] RIP: 0033:0x7fb4dbd8f7c9 [ 2228.796167][T11591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2228.796181][T11591] RSP: 002b:00007fb4dcb61038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2228.796196][T11591] RAX: ffffffffffffffda RBX: 00007fb4dbfe6180 RCX: 00007fb4dbd8f7c9 [ 2228.796207][T11591] RDX: 000000000000a000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 2228.796216][T11591] RBP: 00007fb4dbe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 2228.796226][T11591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2228.796235][T11591] R13: 00007fb4dbfe6218 R14: 00007fb4dbfe6180 R15: 00007ffc329e72f8 [ 2228.796255][T11591] [ 2230.059278][ T4526] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18 [ 2230.200757][T11598] Console: switching to colour VGA+ 80x25 [ 2230.982992][T11615] FAULT_INJECTION: forcing a failure. [ 2230.982992][T11615] name failslab, interval 1, probability 0, space 0, times 0 [ 2231.097076][T11615] CPU: 0 UID: 0 PID: 11615 Comm: syz.2.9267 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2231.097107][T11615] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2231.097113][T11615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2231.097122][T11615] Call Trace: [ 2231.097128][T11615] [ 2231.097135][T11615] dump_stack_lvl+0x16c/0x1f0 [ 2231.097162][T11615] should_fail_ex+0x512/0x640 [ 2231.097179][T11615] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2231.097199][T11615] should_failslab+0xc2/0x120 [ 2231.097222][T11615] __kmalloc_cache_noprof+0x80/0x800 [ 2231.097239][T11615] ? pty_common_install+0x10e/0xb30 [ 2231.097261][T11615] ? pty_common_install+0x10e/0xb30 [ 2231.097278][T11615] pty_common_install+0x10e/0xb30 [ 2231.097294][T11615] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2231.097319][T11615] ? __pfx_pty_unix98_install+0x10/0x10 [ 2231.097338][T11615] tty_init_dev.part.0+0x9c/0x500 [ 2231.097361][T11615] tty_init_dev+0x60/0x80 [ 2231.097382][T11615] ptmx_open+0x15e/0x3c0 [ 2231.097398][T11615] ? __pfx_ptmx_open+0x10/0x10 [ 2231.097415][T11615] chrdev_open+0x234/0x6a0 [ 2231.097437][T11615] ? __pfx_apparmor_file_open+0x10/0x10 [ 2231.097452][T11615] ? __pfx_chrdev_open+0x10/0x10 [ 2231.097475][T11615] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2231.097502][T11615] do_dentry_open+0x748/0x1590 [ 2231.097522][T11615] ? __pfx_chrdev_open+0x10/0x10 [ 2231.097548][T11615] vfs_open+0x82/0x3f0 [ 2231.097566][T11615] path_openat+0x2078/0x3140 [ 2231.097594][T11615] ? __pfx_path_openat+0x10/0x10 [ 2231.097622][T11615] do_filp_open+0x20b/0x470 [ 2231.097644][T11615] ? __pfx_do_filp_open+0x10/0x10 [ 2231.097679][T11615] ? alloc_fd+0x471/0x7d0 [ 2231.097705][T11615] do_sys_openat2+0x121/0x290 [ 2231.097721][T11615] ? __pfx_do_sys_openat2+0x10/0x10 [ 2231.097745][T11615] __x64_sys_openat+0x174/0x210 [ 2231.097761][T11615] ? __pfx___x64_sys_openat+0x10/0x10 [ 2231.097785][T11615] do_syscall_64+0xcd/0xf80 [ 2231.097808][T11615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2231.097823][T11615] RIP: 0033:0x7f35aa38f7c9 [ 2231.097837][T11615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2231.097851][T11615] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2231.097866][T11615] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2231.097876][T11615] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 2231.097886][T11615] RBP: 00007f35aa413f91 R08: 0000000000000000 R09: 0000000000000000 [ 2231.097898][T11615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2231.097908][T11615] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2231.097927][T11615] [ 2232.134218][T10149] Bluetooth: hci5: command 0x0c1a tx timeout [ 2233.231110][T11640] netlink: 342 bytes leftover after parsing attributes in process `syz.3.9271'. [ 2233.546735][ T4526] block nbd83: Receive control failed (result -107) [ 2233.972182][T11653] FAULT_INJECTION: forcing a failure. [ 2233.972182][T11653] name failslab, interval 1, probability 0, space 0, times 0 [ 2234.070850][T11653] CPU: 0 UID: 0 PID: 11653 Comm: syz.2.9274 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2234.070878][T11653] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2234.070884][T11653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2234.070894][T11653] Call Trace: [ 2234.070899][T11653] [ 2234.070906][T11653] dump_stack_lvl+0x16c/0x1f0 [ 2234.070933][T11653] should_fail_ex+0x512/0x640 [ 2234.070954][T11653] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2234.070974][T11653] should_failslab+0xc2/0x120 [ 2234.070997][T11653] __kmalloc_cache_noprof+0x80/0x800 [ 2234.071015][T11653] ? pty_common_install+0x10e/0xb30 [ 2234.071038][T11653] ? pty_common_install+0x10e/0xb30 [ 2234.071055][T11653] pty_common_install+0x10e/0xb30 [ 2234.071071][T11653] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2234.071096][T11653] ? __pfx_pty_unix98_install+0x10/0x10 [ 2234.071118][T11653] tty_init_dev.part.0+0x9c/0x500 [ 2234.071141][T11653] tty_init_dev+0x60/0x80 [ 2234.071163][T11653] ptmx_open+0x15e/0x3c0 [ 2234.071180][T11653] ? __pfx_ptmx_open+0x10/0x10 [ 2234.071198][T11653] chrdev_open+0x234/0x6a0 [ 2234.071221][T11653] ? __pfx_apparmor_file_open+0x10/0x10 [ 2234.071236][T11653] ? __pfx_chrdev_open+0x10/0x10 [ 2234.071259][T11653] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2234.071285][T11653] do_dentry_open+0x748/0x1590 [ 2234.071306][T11653] ? __pfx_chrdev_open+0x10/0x10 [ 2234.071332][T11653] vfs_open+0x82/0x3f0 [ 2234.071350][T11653] path_openat+0x2078/0x3140 [ 2234.071377][T11653] ? __pfx_path_openat+0x10/0x10 [ 2234.071405][T11653] do_filp_open+0x20b/0x470 [ 2234.071427][T11653] ? __pfx_do_filp_open+0x10/0x10 [ 2234.071462][T11653] ? alloc_fd+0x471/0x7d0 [ 2234.071488][T11653] do_sys_openat2+0x121/0x290 [ 2234.071504][T11653] ? __pfx_do_sys_openat2+0x10/0x10 [ 2234.071527][T11653] __x64_sys_openat+0x174/0x210 [ 2234.071544][T11653] ? __pfx___x64_sys_openat+0x10/0x10 [ 2234.071568][T11653] do_syscall_64+0xcd/0xf80 [ 2234.071591][T11653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2234.071606][T11653] RIP: 0033:0x7f35aa38f7c9 [ 2234.071620][T11653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2234.071634][T11653] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2234.071649][T11653] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2234.071659][T11653] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 2234.071669][T11653] RBP: 00007f35aa413f91 R08: 0000000000000000 R09: 0000000000000000 [ 2234.071686][T11653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2234.071696][T11653] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2234.071717][T11653] [ 2234.650912][ T4526] Bluetooth: hci5: command 0x0c1a tx timeout [ 2235.091452][T11663] FAULT_INJECTION: forcing a failure. [ 2235.091452][T11663] name failslab, interval 1, probability 0, space 0, times 0 [ 2235.192220][T11663] CPU: 0 UID: 0 PID: 11663 Comm: syz.0.9278 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2235.192248][T11663] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2235.192254][T11663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2235.192263][T11663] Call Trace: [ 2235.192268][T11663] [ 2235.192275][T11663] dump_stack_lvl+0x16c/0x1f0 [ 2235.192300][T11663] should_fail_ex+0x512/0x640 [ 2235.192316][T11663] ? kmem_cache_alloc_noprof+0x62/0x770 [ 2235.192336][T11663] should_failslab+0xc2/0x120 [ 2235.192357][T11663] kmem_cache_alloc_noprof+0x83/0x770 [ 2235.192374][T11663] ? __pmd_alloc+0xbf/0x9c0 [ 2235.192399][T11663] ? __pmd_alloc+0xbf/0x9c0 [ 2235.192418][T11663] __pmd_alloc+0xbf/0x9c0 [ 2235.192438][T11663] ? __pud_alloc+0x57a/0x760 [ 2235.192460][T11663] __handle_mm_fault+0xbeb/0x2bb0 [ 2235.192480][T11663] ? __pfx___handle_mm_fault+0x10/0x10 [ 2235.192512][T11663] handle_mm_fault+0x3fe/0xad0 [ 2235.192530][T11663] __get_user_pages+0x54e/0x3590 [ 2235.192559][T11663] ? __pfx___get_user_pages+0x10/0x10 [ 2235.192585][T11663] populate_vma_page_range+0x267/0x3f0 [ 2235.192609][T11663] ? __pfx_populate_vma_page_range+0x10/0x10 [ 2235.192633][T11663] ? vma_set_page_prot+0xb1/0x120 [ 2235.192659][T11663] mprotect_fixup+0x8c3/0xb80 [ 2235.192678][T11663] ? __pfx_mprotect_fixup+0x10/0x10 [ 2235.192700][T11663] do_mprotect_pkey+0x9bc/0xd40 [ 2235.192721][T11663] ? __pfx_do_mprotect_pkey+0x10/0x10 [ 2235.192737][T11663] ? __mutex_unlock_slowpath+0x161/0x790 [ 2235.192765][T11663] ? __fget_files+0x20e/0x3c0 [ 2235.192792][T11663] ? __pfx_ksys_write+0x10/0x10 [ 2235.192816][T11663] __x64_sys_mprotect+0x78/0xc0 [ 2235.192830][T11663] ? lockdep_hardirqs_on+0x7c/0x110 [ 2235.192851][T11663] do_syscall_64+0xcd/0xf80 [ 2235.192873][T11663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2235.192888][T11663] RIP: 0033:0x7fb4dbd8f7c9 [ 2235.192901][T11663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2235.192915][T11663] RSP: 002b:00007fb4dcba3038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a [ 2235.192929][T11663] RAX: ffffffffffffffda RBX: 00007fb4dbfe5fa0 RCX: 00007fb4dbd8f7c9 [ 2235.192939][T11663] RDX: 0000000000000006 RSI: 0000000000100004 RDI: 00001ffffffff000 [ 2235.192948][T11663] RBP: 00007fb4dcba3090 R08: 0000000000000000 R09: 0000000000000000 [ 2235.192957][T11663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2235.192965][T11663] R13: 00007fb4dbfe6038 R14: 00007fb4dbfe5fa0 R15: 00007ffc329e72f8 [ 2235.192985][T11663] [ 2237.820703][T11698] FAULT_INJECTION: forcing a failure. [ 2237.820703][T11698] name failslab, interval 1, probability 0, space 0, times 0 [ 2238.107083][T11698] CPU: 0 UID: 0 PID: 11698 Comm: syz.3.9285 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2238.107113][T11698] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2238.107119][T11698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2238.107128][T11698] Call Trace: [ 2238.107134][T11698] [ 2238.107141][T11698] dump_stack_lvl+0x16c/0x1f0 [ 2238.107167][T11698] should_fail_ex+0x512/0x640 [ 2238.107184][T11698] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2238.107204][T11698] should_failslab+0xc2/0x120 [ 2238.107227][T11698] __kmalloc_cache_noprof+0x80/0x800 [ 2238.107244][T11698] ? mon_text_open+0xe3/0x510 [ 2238.107266][T11698] ? __pfx_mon_text_open+0x10/0x10 [ 2238.107284][T11698] ? mon_text_open+0xe3/0x510 [ 2238.107302][T11698] mon_text_open+0xe3/0x510 [ 2238.107321][T11698] ? __pfx_mon_text_open+0x10/0x10 [ 2238.107342][T11698] ? __debugfs_file_get+0x1fe/0x840 [ 2238.107362][T11698] ? __pfx___debugfs_file_get+0x10/0x10 [ 2238.107381][T11698] ? __pfx_apparmor_file_open+0x10/0x10 [ 2238.107395][T11698] ? lockdown_is_locked_down+0x3f/0x130 [ 2238.107417][T11698] ? bpf_lsm_locked_down+0x9/0x10 [ 2238.107439][T11698] ? __pfx_mon_text_open+0x10/0x10 [ 2238.107457][T11698] full_proxy_open_regular+0x1b9/0x350 [ 2238.107479][T11698] do_dentry_open+0x748/0x1590 [ 2238.107500][T11698] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 2238.107526][T11698] vfs_open+0x82/0x3f0 [ 2238.107544][T11698] path_openat+0x2078/0x3140 [ 2238.107571][T11698] ? __pfx_path_openat+0x10/0x10 [ 2238.107599][T11698] do_filp_open+0x20b/0x470 [ 2238.107629][T11698] ? __pfx_do_filp_open+0x10/0x10 [ 2238.107664][T11698] ? alloc_fd+0x471/0x7d0 [ 2238.107691][T11698] do_sys_openat2+0x121/0x290 [ 2238.107708][T11698] ? __pfx_do_sys_openat2+0x10/0x10 [ 2238.107732][T11698] __x64_sys_openat+0x174/0x210 [ 2238.107749][T11698] ? __pfx___x64_sys_openat+0x10/0x10 [ 2238.107773][T11698] do_syscall_64+0xcd/0xf80 [ 2238.107796][T11698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2238.107812][T11698] RIP: 0033:0x7fcd3b58f7c9 [ 2238.107825][T11698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2238.107841][T11698] RSP: 002b:00007fcd3c3c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2238.107859][T11698] RAX: ffffffffffffffda RBX: 00007fcd3b7e6180 RCX: 00007fcd3b58f7c9 [ 2238.107870][T11698] RDX: 0000000000000800 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 2238.107880][T11698] RBP: 00007fcd3b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2238.107890][T11698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2238.107898][T11698] R13: 00007fcd3b7e6218 R14: 00007fcd3b7e6180 R15: 00007ffe11718f88 [ 2238.107919][T11698] [ 2239.419812][T11716] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9299'. [ 2242.391004][T11773] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9305'. [ 2242.860916][T11779] netlink: 'syz.2.9306': attribute type 1 has an invalid length. [ 2242.914535][T11778] loop6: detected capacity change from 0 to 8 [ 2243.425126][T11791] FAULT_INJECTION: forcing a failure. [ 2243.425126][T11791] name failslab, interval 1, probability 0, space 0, times 0 [ 2243.448290][T11792] snd_aloop snd_aloop.0: control 7:265:7:ª¸è:2 is already present [ 2243.549005][T11791] CPU: 0 UID: 0 PID: 11791 Comm: syz.1.9308 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2243.549033][T11791] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2243.549039][T11791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2243.549048][T11791] Call Trace: [ 2243.549053][T11791] [ 2243.549059][T11791] dump_stack_lvl+0x16c/0x1f0 [ 2243.549092][T11791] should_fail_ex+0x512/0x640 [ 2243.549108][T11791] ? __kmalloc_noprof+0xca/0x910 [ 2243.549126][T11791] should_failslab+0xc2/0x120 [ 2243.549148][T11791] __kmalloc_noprof+0xeb/0x910 [ 2243.549163][T11791] ? copy_splice_read+0x1a8/0xc20 [ 2243.549186][T11791] ? copy_splice_read+0x1a8/0xc20 [ 2243.549205][T11791] copy_splice_read+0x1a8/0xc20 [ 2243.549229][T11791] ? __pfx_copy_splice_read+0x10/0x10 [ 2243.549251][T11791] ? look_up_lock_class+0x59/0x130 [ 2243.549274][T11791] ? lockdep_init_map_type+0x5c/0x270 [ 2243.549290][T11791] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 2243.549312][T11791] ? __pfx_copy_splice_read+0x10/0x10 [ 2243.549331][T11791] do_splice_read+0x285/0x370 [ 2243.549353][T11791] splice_direct_to_actor+0x2a1/0xa30 [ 2243.549375][T11791] ? __pfx_direct_splice_actor+0x10/0x10 [ 2243.549399][T11791] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 2243.549419][T11791] ? get_pid_task+0xfc/0x250 [ 2243.549437][T11791] do_splice_direct+0x174/0x240 [ 2243.549457][T11791] ? __pfx_do_splice_direct+0x10/0x10 [ 2243.549478][T11791] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 2243.549501][T11791] ? rw_verify_area+0xcf/0x6c0 [ 2243.549520][T11791] do_sendfile+0xb06/0xe50 [ 2243.549542][T11791] ? __pfx_do_sendfile+0x10/0x10 [ 2243.549562][T11791] ? __fget_files+0x20e/0x3c0 [ 2243.549586][T11791] __x64_sys_sendfile64+0x1d8/0x220 [ 2243.549600][T11791] ? ksys_write+0x1ac/0x250 [ 2243.549619][T11791] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 2243.549639][T11791] do_syscall_64+0xcd/0xf80 [ 2243.549661][T11791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2243.549676][T11791] RIP: 0033:0x7f385a58f7c9 [ 2243.549688][T11791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2243.549703][T11791] RSP: 002b:00007f385b423038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2243.549717][T11791] RAX: ffffffffffffffda RBX: 00007f385a7e6090 RCX: 00007f385a58f7c9 [ 2243.549727][T11791] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 2243.549736][T11791] RBP: 00007f385b423090 R08: 0000000000000000 R09: 0000000000000000 [ 2243.549744][T11791] R10: 0000000000000043 R11: 0000000000000246 R12: 0000000000000001 [ 2243.549753][T11791] R13: 00007f385a7e6128 R14: 00007f385a7e6090 R15: 00007ffdbe6477c8 [ 2243.549772][T11791] [ 2244.230427][T11787] zswap: compressor not available [ 2244.585126][T11807] netlink: 184 bytes leftover after parsing attributes in process `syz.2.9313'. [ 2244.730838][T11809] FAULT_INJECTION: forcing a failure. [ 2244.730838][T11809] name failslab, interval 1, probability 0, space 0, times 0 [ 2244.779444][T11809] CPU: 0 UID: 0 PID: 11809 Comm: syz.1.9315 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2244.779472][T11809] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2244.779478][T11809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2244.779488][T11809] Call Trace: [ 2244.779494][T11809] [ 2244.779501][T11809] dump_stack_lvl+0x16c/0x1f0 [ 2244.779527][T11809] should_fail_ex+0x512/0x640 [ 2244.779543][T11809] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2244.779563][T11809] should_failslab+0xc2/0x120 [ 2244.779586][T11809] __kmalloc_cache_noprof+0x80/0x800 [ 2244.779601][T11809] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2244.779624][T11809] ? io_wq_create+0x6a/0x9a0 [ 2244.779644][T11809] ? io_wq_create+0x6a/0x9a0 [ 2244.779660][T11809] io_wq_create+0x6a/0x9a0 [ 2244.779679][T11809] io_uring_alloc_task_context+0x1e1/0x650 [ 2244.779697][T11809] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 2244.779713][T11809] ? alloc_file_pseudo+0x1b3/0x230 [ 2244.779733][T11809] __io_uring_add_tctx_node+0x2dd/0x500 [ 2244.779748][T11809] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 2244.779766][T11809] ? __anon_inode_getfile+0x17c/0x280 [ 2244.779783][T11809] io_uring_setup+0x145e/0x1f60 [ 2244.779804][T11809] ? __pfx_io_uring_setup+0x10/0x10 [ 2244.779825][T11809] ? __pfx_do_futex+0x10/0x10 [ 2244.779853][T11809] ? xfd_validate_state+0x61/0x180 [ 2244.779866][T11809] ? __pfx_ksys_write+0x10/0x10 [ 2244.779895][T11809] __x64_sys_io_uring_setup+0xc2/0x170 [ 2244.779916][T11809] do_syscall_64+0xcd/0xf80 [ 2244.779940][T11809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2244.779956][T11809] RIP: 0033:0x7f385a58f7c9 [ 2244.779969][T11809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2244.779983][T11809] RSP: 002b:00007f385b444038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 2244.780005][T11809] RAX: ffffffffffffffda RBX: 00007f385a7e5fa0 RCX: 00007f385a58f7c9 [ 2244.780022][T11809] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 2244.780032][T11809] RBP: 00007f385a613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2244.780041][T11809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2244.780051][T11809] R13: 00007f385a7e6038 R14: 00007f385a7e5fa0 R15: 00007ffdbe6477c8 [ 2244.780071][T11809] [ 2245.073959][T11815] FAULT_INJECTION: forcing a failure. [ 2245.073959][T11815] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2245.086885][T11815] CPU: 0 UID: 0 PID: 11815 Comm: syz.0.9314 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2245.086914][T11815] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2245.086920][T11815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2245.086935][T11815] Call Trace: [ 2245.086942][T11815] [ 2245.086949][T11815] dump_stack_lvl+0x16c/0x1f0 [ 2245.086976][T11815] should_fail_ex+0x512/0x640 [ 2245.086997][T11815] get_futex_key+0x1d0/0x15f0 [ 2245.087017][T11815] ? __pfx_get_futex_key+0x10/0x10 [ 2245.087040][T11815] futex_wake+0xea/0x530 [ 2245.087059][T11815] ? lockdep_hardirqs_on+0x7c/0x110 [ 2245.087089][T11815] ? __pfx_futex_wake+0x10/0x10 [ 2245.087108][T11815] ? kmem_cache_free+0x2d8/0x770 [ 2245.087127][T11815] ? getname_flags.part.0+0x376/0x550 [ 2245.087148][T11815] ? getname_flags.part.0+0x376/0x550 [ 2245.087163][T11815] ? getname_flags.part.0+0x1c5/0x550 [ 2245.087181][T11815] do_futex+0x1e3/0x350 [ 2245.087198][T11815] ? __pfx_do_futex+0x10/0x10 [ 2245.087220][T11815] __x64_sys_futex+0x1e0/0x4c0 [ 2245.087238][T11815] ? __x64_sys_openat+0x174/0x210 [ 2245.087255][T11815] ? __pfx___x64_sys_futex+0x10/0x10 [ 2245.087279][T11815] do_syscall_64+0xcd/0xf80 [ 2245.087309][T11815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2245.087326][T11815] RIP: 0033:0x7fb4dbd8f7c9 [ 2245.087340][T11815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2245.087355][T11815] RSP: 002b:00007fb4dcb610e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2245.087369][T11815] RAX: ffffffffffffffda RBX: 00007fb4dbfe6188 RCX: 00007fb4dbd8f7c9 [ 2245.087379][T11815] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb4dbfe618c [ 2245.087388][T11815] RBP: 00007fb4dbfe6180 R08: 00007fb4dcba4000 R09: 0000000000000000 [ 2245.087397][T11815] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 2245.087406][T11815] R13: 00007fb4dbfe6218 R14: 00007ffc329e7210 R15: 00007ffc329e72f8 [ 2245.087426][T11815] [ 2246.648579][T11829] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 2246.766639][T11829] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 2246.909131][T11829] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 2246.987209][T11834] netlink: 342 bytes leftover after parsing attributes in process `syz.2.9317'. [ 2247.041824][T11829] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 2247.133069][T11829] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 2247.190064][T11837] __vm_enough_memory: pid: 11837, comm: syz.2.9317, bytes: 4398046511104 not enough memory for the allocation [ 2247.227035][T11829] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 2247.482180][T10149] block nbd84: Receive control failed (result -107) [ 2249.192887][T11872] FAULT_INJECTION: forcing a failure. [ 2249.192887][T11872] name failslab, interval 1, probability 0, space 0, times 0 [ 2249.226707][T11865] FAULT_INJECTION: forcing a failure. [ 2249.226707][T11865] name failslab, interval 1, probability 0, space 0, times 0 [ 2249.304587][T11872] CPU: 0 UID: 0 PID: 11872 Comm: syz.3.9330 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2249.304617][T11872] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2249.304623][T11872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2249.304633][T11872] Call Trace: [ 2249.304640][T11872] [ 2249.304647][T11872] dump_stack_lvl+0x16c/0x1f0 [ 2249.304675][T11872] should_fail_ex+0x512/0x640 [ 2249.304692][T11872] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2249.304712][T11872] should_failslab+0xc2/0x120 [ 2249.304736][T11872] __kmalloc_cache_noprof+0x80/0x800 [ 2249.304752][T11872] ? find_held_lock+0x2b/0x80 [ 2249.304772][T11872] ? alloc_tty_struct+0x96/0x8c0 [ 2249.304794][T11872] ? ptmx_open+0x102/0x3c0 [ 2249.304812][T11872] ? alloc_tty_struct+0x96/0x8c0 [ 2249.304831][T11872] ? __pfx___mutex_lock+0x10/0x10 [ 2249.304853][T11872] alloc_tty_struct+0x96/0x8c0 [ 2249.304875][T11872] ? __pfx_alloc_tty_struct+0x10/0x10 [ 2249.304896][T11872] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2249.304922][T11872] tty_init_dev.part.0+0x1e/0x500 [ 2249.304945][T11872] tty_init_dev+0x60/0x80 [ 2249.304966][T11872] ptmx_open+0x15e/0x3c0 [ 2249.304982][T11872] ? __pfx_ptmx_open+0x10/0x10 [ 2249.304998][T11872] chrdev_open+0x234/0x6a0 [ 2249.305019][T11872] ? __pfx_apparmor_file_open+0x10/0x10 [ 2249.305035][T11872] ? __pfx_chrdev_open+0x10/0x10 [ 2249.305057][T11872] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2249.305084][T11872] do_dentry_open+0x748/0x1590 [ 2249.305105][T11872] ? __pfx_chrdev_open+0x10/0x10 [ 2249.305132][T11872] vfs_open+0x82/0x3f0 [ 2249.305150][T11872] path_openat+0x2078/0x3140 [ 2249.305178][T11872] ? __pfx_path_openat+0x10/0x10 [ 2249.305205][T11872] do_filp_open+0x20b/0x470 [ 2249.305227][T11872] ? __pfx_do_filp_open+0x10/0x10 [ 2249.305266][T11872] ? alloc_fd+0x471/0x7d0 [ 2249.305292][T11872] do_sys_openat2+0x121/0x290 [ 2249.305308][T11872] ? __pfx_do_sys_openat2+0x10/0x10 [ 2249.305331][T11872] __x64_sys_openat+0x174/0x210 [ 2249.305348][T11872] ? __pfx___x64_sys_openat+0x10/0x10 [ 2249.305372][T11872] do_syscall_64+0xcd/0xf80 [ 2249.305395][T11872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2249.305411][T11872] RIP: 0033:0x7fcd3b58f7c9 [ 2249.305424][T11872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2249.305439][T11872] RSP: 002b:00007fcd3c403038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2249.305454][T11872] RAX: ffffffffffffffda RBX: 00007fcd3b7e5fa0 RCX: 00007fcd3b58f7c9 [ 2249.305464][T11872] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 2249.305474][T11872] RBP: 00007fcd3b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2249.305483][T11872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2249.305493][T11872] R13: 00007fcd3b7e6038 R14: 00007fcd3b7e5fa0 R15: 00007ffe11718f88 [ 2249.305514][T11872] [ 2249.908292][T11865] CPU: 0 UID: 0 PID: 11865 Comm: syz.1.9327 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2249.908323][T11865] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2249.908330][T11865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2249.908340][T11865] Call Trace: [ 2249.908346][T11865] [ 2249.908353][T11865] dump_stack_lvl+0x16c/0x1f0 [ 2249.908381][T11865] should_fail_ex+0x512/0x640 [ 2249.908397][T11865] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2249.908423][T11865] should_failslab+0xc2/0x120 [ 2249.908445][T11865] __kmalloc_cache_noprof+0x80/0x800 [ 2249.908461][T11865] ? lockdep_init_map_type+0x5c/0x270 [ 2249.908477][T11865] ? mon_text_open+0x1d9/0x510 [ 2249.908499][T11865] ? __pfx_mon_text_open+0x10/0x10 [ 2249.908517][T11865] ? mon_text_open+0x1d9/0x510 [ 2249.908536][T11865] mon_text_open+0x1d9/0x510 [ 2249.908608][T11865] ? __pfx_mon_text_open+0x10/0x10 [ 2249.908628][T11865] ? __debugfs_file_get+0x1fe/0x840 [ 2249.908647][T11865] ? __pfx___debugfs_file_get+0x10/0x10 [ 2249.908666][T11865] ? __pfx_apparmor_file_open+0x10/0x10 [ 2249.908681][T11865] ? lockdown_is_locked_down+0x3f/0x130 [ 2249.908702][T11865] ? bpf_lsm_locked_down+0x9/0x10 [ 2249.908726][T11865] ? __pfx_mon_text_open+0x10/0x10 [ 2249.908743][T11865] full_proxy_open_regular+0x1b9/0x350 [ 2249.908766][T11865] do_dentry_open+0x748/0x1590 [ 2249.908786][T11865] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 2249.908812][T11865] vfs_open+0x82/0x3f0 [ 2249.908830][T11865] path_openat+0x2078/0x3140 [ 2249.908857][T11865] ? __pfx_path_openat+0x10/0x10 [ 2249.908885][T11865] do_filp_open+0x20b/0x470 [ 2249.908907][T11865] ? __pfx_do_filp_open+0x10/0x10 [ 2249.908941][T11865] ? alloc_fd+0x471/0x7d0 [ 2249.908967][T11865] do_sys_openat2+0x121/0x290 [ 2249.908983][T11865] ? __pfx_do_sys_openat2+0x10/0x10 [ 2249.909007][T11865] __x64_sys_openat+0x174/0x210 [ 2249.909023][T11865] ? __pfx___x64_sys_openat+0x10/0x10 [ 2249.909047][T11865] do_syscall_64+0xcd/0xf80 [ 2249.909070][T11865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2249.909085][T11865] RIP: 0033:0x7f385a58f7c9 [ 2249.909099][T11865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2249.909114][T11865] RSP: 002b:00007f385b423038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2249.909129][T11865] RAX: ffffffffffffffda RBX: 00007f385a7e6090 RCX: 00007f385a58f7c9 [ 2249.909140][T11865] RDX: 0000000000000800 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 2249.909150][T11865] RBP: 00007f385a613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2249.909159][T11865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2249.909168][T11865] R13: 00007f385a7e6128 R14: 00007f385a7e6090 R15: 00007ffdbe6477c8 [ 2249.909189][T11865] [ 2251.448844][T11890] loop6: detected capacity change from 0 to 8 [ 2251.631948][T10149] block nbd85: Receive control failed (result -107) [ 2252.357065][T11904] netlink: 25 bytes leftover after parsing attributes in process `syz.2.9338'. [ 2252.643620][T11912] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input67 [ 2252.702635][T11916] FAULT_INJECTION: forcing a failure. [ 2252.702635][T11916] name failslab, interval 1, probability 0, space 0, times 0 [ 2252.820134][T11916] CPU: 0 UID: 0 PID: 11916 Comm: syz.2.9341 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2252.820164][T11916] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2252.820170][T11916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2252.820180][T11916] Call Trace: [ 2252.820186][T11916] [ 2252.820193][T11916] dump_stack_lvl+0x16c/0x1f0 [ 2252.820219][T11916] should_fail_ex+0x512/0x640 [ 2252.820236][T11916] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2252.820256][T11916] should_failslab+0xc2/0x120 [ 2252.820280][T11916] __kmalloc_cache_noprof+0x80/0x800 [ 2252.820297][T11916] ? tty_alloc_file+0x3f/0xa0 [ 2252.820338][T11916] ? kobject_get_unless_zero+0x156/0x1e0 [ 2252.820362][T11916] ? tty_alloc_file+0x3f/0xa0 [ 2252.820381][T11916] ? __pfx_ptmx_open+0x10/0x10 [ 2252.820398][T11916] tty_alloc_file+0x3f/0xa0 [ 2252.820418][T11916] ptmx_open+0x61/0x3c0 [ 2252.820435][T11916] ? __pfx_ptmx_open+0x10/0x10 [ 2252.820451][T11916] chrdev_open+0x234/0x6a0 [ 2252.820472][T11916] ? __pfx_apparmor_file_open+0x10/0x10 [ 2252.820487][T11916] ? __pfx_chrdev_open+0x10/0x10 [ 2252.820509][T11916] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2252.820536][T11916] do_dentry_open+0x748/0x1590 [ 2252.820556][T11916] ? __pfx_chrdev_open+0x10/0x10 [ 2252.820582][T11916] vfs_open+0x82/0x3f0 [ 2252.820600][T11916] path_openat+0x2078/0x3140 [ 2252.820627][T11916] ? __pfx_path_openat+0x10/0x10 [ 2252.820659][T11916] do_filp_open+0x20b/0x470 [ 2252.820682][T11916] ? __pfx_do_filp_open+0x10/0x10 [ 2252.820717][T11916] ? alloc_fd+0x471/0x7d0 [ 2252.820744][T11916] do_sys_openat2+0x121/0x290 [ 2252.820761][T11916] ? __pfx_do_sys_openat2+0x10/0x10 [ 2252.820785][T11916] __x64_sys_openat+0x174/0x210 [ 2252.820802][T11916] ? __pfx___x64_sys_openat+0x10/0x10 [ 2252.820826][T11916] do_syscall_64+0xcd/0xf80 [ 2252.820848][T11916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2252.820864][T11916] RIP: 0033:0x7f35aa38f7c9 [ 2252.820881][T11916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2252.820896][T11916] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2252.820911][T11916] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2252.820922][T11916] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 2252.820932][T11916] RBP: 00007f35aa413f91 R08: 0000000000000000 R09: 0000000000000000 [ 2252.820942][T11916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2252.820951][T11916] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2252.820971][T11916] [ 2253.751524][T11926] FAULT_INJECTION: forcing a failure. [ 2253.751524][T11926] name failslab, interval 1, probability 0, space 0, times 0 [ 2253.818024][T11926] CPU: 0 UID: 0 PID: 11926 Comm: syz.2.9343 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2253.818054][T11926] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2253.818060][T11926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2253.818069][T11926] Call Trace: [ 2253.818075][T11926] [ 2253.818082][T11926] dump_stack_lvl+0x16c/0x1f0 [ 2253.818109][T11926] should_fail_ex+0x512/0x640 [ 2253.818125][T11926] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2253.818145][T11926] should_failslab+0xc2/0x120 [ 2253.818169][T11926] __kmalloc_cache_noprof+0x80/0x800 [ 2253.818186][T11926] ? __io_uring_add_tctx_node+0x132/0x500 [ 2253.818205][T11926] ? __io_uring_add_tctx_node+0x132/0x500 [ 2253.818220][T11926] __io_uring_add_tctx_node+0x132/0x500 [ 2253.818236][T11926] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 2253.818266][T11926] ? __anon_inode_getfile+0x17c/0x280 [ 2253.818284][T11926] io_uring_setup+0x145e/0x1f60 [ 2253.818306][T11926] ? __pfx_io_uring_setup+0x10/0x10 [ 2253.818329][T11926] ? __pfx_do_futex+0x10/0x10 [ 2253.818357][T11926] ? xfd_validate_state+0x61/0x180 [ 2253.818371][T11926] ? __pfx_ksys_write+0x10/0x10 [ 2253.818395][T11926] __x64_sys_io_uring_setup+0xc2/0x170 [ 2253.818416][T11926] do_syscall_64+0xcd/0xf80 [ 2253.818441][T11926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2253.818457][T11926] RIP: 0033:0x7f35aa38f7c9 [ 2253.818470][T11926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2253.818485][T11926] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 2253.818500][T11926] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2253.818510][T11926] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 2253.818519][T11926] RBP: 00007f35aa413f91 R08: 0000000000000000 R09: 0000000000000000 [ 2253.818527][T11926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2253.818536][T11926] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2253.818556][T11926] [ 2254.517542][T11928] FAULT_INJECTION: forcing a failure. [ 2254.517542][T11928] name failslab, interval 1, probability 0, space 0, times 0 [ 2254.558083][T11928] CPU: 0 UID: 0 PID: 11928 Comm: syz.3.9344 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2254.558111][T11928] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2254.558118][T11928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2254.558128][T11928] Call Trace: [ 2254.558135][T11928] [ 2254.558142][T11928] dump_stack_lvl+0x16c/0x1f0 [ 2254.558169][T11928] should_fail_ex+0x512/0x640 [ 2254.558186][T11928] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2254.558206][T11928] should_failslab+0xc2/0x120 [ 2254.558230][T11928] __kmalloc_cache_noprof+0x80/0x800 [ 2254.558247][T11928] ? io_uring_alloc_task_context+0x96/0x650 [ 2254.558266][T11928] ? io_uring_alloc_task_context+0x96/0x650 [ 2254.558280][T11928] ? percpu_counter_add_batch+0xca/0x200 [ 2254.558295][T11928] io_uring_alloc_task_context+0x96/0x650 [ 2254.558310][T11928] ? file_init_path+0x4fe/0x760 [ 2254.558326][T11928] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 2254.558342][T11928] ? alloc_file_pseudo+0x1b3/0x230 [ 2254.558361][T11928] __io_uring_add_tctx_node+0x2dd/0x500 [ 2254.558377][T11928] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 2254.558394][T11928] ? __anon_inode_getfile+0x17c/0x280 [ 2254.558412][T11928] io_uring_setup+0x145e/0x1f60 [ 2254.558432][T11928] ? __pfx_io_uring_setup+0x10/0x10 [ 2254.558454][T11928] ? __pfx_do_futex+0x10/0x10 [ 2254.558481][T11928] ? xfd_validate_state+0x61/0x180 [ 2254.558495][T11928] ? __pfx_ksys_write+0x10/0x10 [ 2254.558527][T11928] __x64_sys_io_uring_setup+0xc2/0x170 [ 2254.558547][T11928] do_syscall_64+0xcd/0xf80 [ 2254.558571][T11928] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2254.558587][T11928] RIP: 0033:0x7fcd3b58f7c9 [ 2254.558600][T11928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2254.558615][T11928] RSP: 002b:00007fcd3c403038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 2254.558629][T11928] RAX: ffffffffffffffda RBX: 00007fcd3b7e5fa0 RCX: 00007fcd3b58f7c9 [ 2254.558640][T11928] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 2254.558648][T11928] RBP: 00007fcd3b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2254.558657][T11928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2254.558666][T11928] R13: 00007fcd3b7e6038 R14: 00007fcd3b7e5fa0 R15: 00007ffe11718f88 [ 2254.558686][T11928] [ 2257.474470][T10149] block nbd86: Receive control failed (result -107) [ 2257.569990][T11909] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input68 [ 2257.740200][T11893] Process accounting resumed [ 2257.945619][T11951] FAULT_INJECTION: forcing a failure. [ 2257.945619][T11951] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2258.074547][T11951] CPU: 0 UID: 0 PID: 11951 Comm: syz.2.9349 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2258.074574][T11951] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2258.074579][T11951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2258.074588][T11951] Call Trace: [ 2258.074593][T11951] [ 2258.074599][T11951] dump_stack_lvl+0x16c/0x1f0 [ 2258.074625][T11951] should_fail_ex+0x512/0x640 [ 2258.074645][T11951] _copy_to_iter+0x29f/0x1710 [ 2258.074662][T11951] ? chacha_block_generic+0x211/0x330 [ 2258.074680][T11951] ? __pfx__copy_to_iter+0x10/0x10 [ 2258.074698][T11951] ? __pfx___might_resched+0x10/0x10 [ 2258.074718][T11951] ? crng_make_state+0x48e/0x6c0 [ 2258.074735][T11951] get_random_bytes_user+0x17f/0x3c0 [ 2258.074751][T11951] ? __pfx_get_random_bytes_user+0x10/0x10 [ 2258.074769][T11951] ? __mutex_unlock_slowpath+0x161/0x790 [ 2258.074797][T11951] ? import_ubuf+0x1b6/0x220 [ 2258.074812][T11951] __x64_sys_getrandom+0x183/0x290 [ 2258.074828][T11951] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 2258.074843][T11951] ? fput+0x70/0xf0 [ 2258.074865][T11951] do_syscall_64+0xcd/0xf80 [ 2258.074887][T11951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2258.074902][T11951] RIP: 0033:0x7f35aa38f7c9 [ 2258.074915][T11951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2258.074929][T11951] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 2258.074943][T11951] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2258.074953][T11951] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 2258.074962][T11951] RBP: 00007f35ab1fa090 R08: 0000000000000000 R09: 0000000000000000 [ 2258.074971][T11951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2258.075031][T11951] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2258.075050][T11951] [ 2258.969028][T11957] zswap: compressor not available [ 2259.915365][T11972] snd_aloop snd_aloop.0: control 7:265:7:ª¸è:2 is already present [ 2260.503666][T11982] FAULT_INJECTION: forcing a failure. [ 2260.503666][T11982] name failslab, interval 1, probability 0, space 0, times 0 [ 2260.648161][T11982] CPU: 0 UID: 0 PID: 11982 Comm: syz.3.9357 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2260.648191][T11982] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2260.648197][T11982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2260.648207][T11982] Call Trace: [ 2260.648213][T11982] [ 2260.648219][T11982] dump_stack_lvl+0x16c/0x1f0 [ 2260.648247][T11982] should_fail_ex+0x512/0x640 [ 2260.648264][T11982] ? kmem_cache_alloc_noprof+0x62/0x770 [ 2260.648285][T11982] should_failslab+0xc2/0x120 [ 2260.648309][T11982] kmem_cache_alloc_noprof+0x83/0x770 [ 2260.648326][T11982] ? __kernfs_new_node+0xd2/0x990 [ 2260.648352][T11982] ? __kernfs_new_node+0xd2/0x990 [ 2260.648368][T11982] __kernfs_new_node+0xd2/0x990 [ 2260.648387][T11982] ? __pfx___kernfs_new_node+0x10/0x10 [ 2260.648410][T11982] ? find_held_lock+0x2b/0x80 [ 2260.648429][T11982] ? kernfs_root+0xee/0x2a0 [ 2260.648449][T11982] kernfs_new_node+0x13c/0x1e0 [ 2260.648472][T11982] __kernfs_create_file+0x53/0x350 [ 2260.648496][T11982] sysfs_add_file_mode_ns+0x207/0x3c0 [ 2260.648517][T11982] internal_create_group+0x597/0xf70 [ 2260.648540][T11982] ? __pfx_internal_create_group+0x10/0x10 [ 2260.648561][T11982] ? kernfs_create_link+0x1bd/0x240 [ 2260.648586][T11982] internal_create_groups+0x9d/0x150 [ 2260.648605][T11982] device_add+0x6f7/0x1980 [ 2260.648627][T11982] ? __pfx_device_add+0x10/0x10 [ 2260.648646][T11982] ? lockdep_init_map_type+0x5c/0x270 [ 2260.648661][T11982] ? __init_waitqueue_head+0xca/0x150 [ 2260.648684][T11982] netdev_register_kobject+0x1a9/0x3d0 [ 2260.648713][T11982] register_netdevice+0x13ac/0x21d0 [ 2260.648739][T11982] ? __pfx_register_netdevice+0x10/0x10 [ 2260.648767][T11982] internal_dev_create+0x2d3/0x520 [ 2260.648791][T11982] ovs_vport_add+0x147/0x4d0 [ 2260.648820][T11982] new_vport+0x16/0x1d0 [ 2260.648838][T11982] ovs_dp_cmd_new+0x6ba/0xe60 [ 2260.648862][T11982] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 2260.648885][T11982] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 2260.648911][T11982] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 2260.648941][T11982] genl_family_rcv_msg_doit+0x209/0x2f0 [ 2260.648966][T11982] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 2260.648989][T11982] ? genl_get_cmd+0x194/0x580 [ 2260.649014][T11982] ? bpf_lsm_capable+0x9/0x10 [ 2260.649033][T11982] ? security_capable+0x7e/0x260 [ 2260.649057][T11982] ? ns_capable+0xd7/0x110 [ 2260.649077][T11982] genl_rcv_msg+0x55c/0x800 [ 2260.649094][T11982] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2260.649108][T11982] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 2260.649133][T11982] netlink_rcv_skb+0x158/0x420 [ 2260.649153][T11982] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2260.649168][T11982] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2260.649196][T11982] ? netlink_deliver_tap+0x1ae/0xd30 [ 2260.649219][T11982] genl_rcv+0x28/0x40 [ 2260.649238][T11982] netlink_unicast+0x5aa/0x870 [ 2260.649262][T11982] ? __pfx_netlink_unicast+0x10/0x10 [ 2260.649290][T11982] netlink_sendmsg+0x8c8/0xdd0 [ 2260.649313][T11982] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2260.649336][T11982] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 2260.649363][T11982] ____sys_sendmsg+0xa5d/0xc30 [ 2260.649386][T11982] ? copy_msghdr_from_user+0x10a/0x160 [ 2260.649405][T11982] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2260.649431][T11982] ? __pfx_futex_wake_mark+0x10/0x10 [ 2260.649455][T11982] ___sys_sendmsg+0x134/0x1d0 [ 2260.649474][T11982] ? __pfx____sys_sendmsg+0x10/0x10 [ 2260.649492][T11982] ? futex_private_hash_put+0x160/0x1b0 [ 2260.649531][T11982] __sys_sendmsg+0x16d/0x220 [ 2260.649549][T11982] ? __pfx___sys_sendmsg+0x10/0x10 [ 2260.649567][T11982] ? __x64_sys_futex+0x1e0/0x4c0 [ 2260.649596][T11982] do_syscall_64+0xcd/0xf80 [ 2260.649619][T11982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2260.649634][T11982] RIP: 0033:0x7fcd3b58f7c9 [ 2260.649648][T11982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2260.649663][T11982] RSP: 002b:00007fcd3c403038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2260.649678][T11982] RAX: ffffffffffffffda RBX: 00007fcd3b7e5fa0 RCX: 00007fcd3b58f7c9 [ 2260.649689][T11982] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 000000000000000a [ 2260.649699][T11982] RBP: 00007fcd3b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2260.649708][T11982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2260.649717][T11982] R13: 00007fcd3b7e6038 R14: 00007fcd3b7e5fa0 R15: 00007ffe11718f88 [ 2260.649738][T11982] [ 2263.743533][T12022] FAULT_INJECTION: forcing a failure. [ 2263.743533][T12022] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2263.839819][T12022] CPU: 0 UID: 0 PID: 12022 Comm: syz.2.9366 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2263.839848][T12022] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2263.839854][T12022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2263.839863][T12022] Call Trace: [ 2263.839868][T12022] [ 2263.839874][T12022] dump_stack_lvl+0x16c/0x1f0 [ 2263.839901][T12022] should_fail_ex+0x512/0x640 [ 2263.839921][T12022] _copy_to_iter+0x29f/0x1710 [ 2263.839939][T12022] ? chacha_block_generic+0x211/0x330 [ 2263.839957][T12022] ? __pfx__copy_to_iter+0x10/0x10 [ 2263.839975][T12022] ? __pfx___might_resched+0x10/0x10 [ 2263.839995][T12022] ? crng_make_state+0x48e/0x6c0 [ 2263.840012][T12022] get_random_bytes_user+0x17f/0x3c0 [ 2263.840029][T12022] ? __pfx_get_random_bytes_user+0x10/0x10 [ 2263.840047][T12022] ? __mutex_unlock_slowpath+0x161/0x790 [ 2263.840075][T12022] ? import_ubuf+0x1b6/0x220 [ 2263.840090][T12022] __x64_sys_getrandom+0x183/0x290 [ 2263.840106][T12022] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 2263.840121][T12022] ? fput+0x70/0xf0 [ 2263.840143][T12022] do_syscall_64+0xcd/0xf80 [ 2263.840165][T12022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2263.840180][T12022] RIP: 0033:0x7f35aa38f7c9 [ 2263.840200][T12022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2263.840214][T12022] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 2263.840228][T12022] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2263.840239][T12022] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 2263.840247][T12022] RBP: 00007f35ab1fa090 R08: 0000000000000000 R09: 0000000000000000 [ 2263.840256][T12022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2263.840264][T12022] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2263.840283][T12022] [ 2264.355244][T12030] netlink: 'syz.0.9367': attribute type 2 has an invalid length. [ 2265.788512][T12055] FAULT_INJECTION: forcing a failure. [ 2265.788512][T12055] name failslab, interval 1, probability 0, space 0, times 0 [ 2265.883878][T12055] CPU: 0 UID: 0 PID: 12055 Comm: syz.2.9375 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2265.883907][T12055] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2265.883914][T12055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2265.883923][T12055] Call Trace: [ 2265.883929][T12055] [ 2265.883936][T12055] dump_stack_lvl+0x16c/0x1f0 [ 2265.883963][T12055] should_fail_ex+0x512/0x640 [ 2265.883980][T12055] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2265.884000][T12055] should_failslab+0xc2/0x120 [ 2265.884022][T12055] __kmalloc_cache_noprof+0x80/0x800 [ 2265.884039][T12055] ? tty_alloc_file+0x3f/0xa0 [ 2265.884060][T12055] ? kobject_get_unless_zero+0x156/0x1e0 [ 2265.884084][T12055] ? tty_alloc_file+0x3f/0xa0 [ 2265.884102][T12055] ? __pfx_ptmx_open+0x10/0x10 [ 2265.884117][T12055] tty_alloc_file+0x3f/0xa0 [ 2265.884137][T12055] ptmx_open+0x61/0x3c0 [ 2265.884153][T12055] ? __pfx_ptmx_open+0x10/0x10 [ 2265.884169][T12055] chrdev_open+0x234/0x6a0 [ 2265.884191][T12055] ? __pfx_apparmor_file_open+0x10/0x10 [ 2265.884207][T12055] ? __pfx_chrdev_open+0x10/0x10 [ 2265.884229][T12055] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2265.884255][T12055] do_dentry_open+0x748/0x1590 [ 2265.884275][T12055] ? __pfx_chrdev_open+0x10/0x10 [ 2265.884302][T12055] vfs_open+0x82/0x3f0 [ 2265.884319][T12055] path_openat+0x2078/0x3140 [ 2265.884347][T12055] ? __pfx_path_openat+0x10/0x10 [ 2265.884378][T12055] do_filp_open+0x20b/0x470 [ 2265.884408][T12055] ? __pfx_do_filp_open+0x10/0x10 [ 2265.884444][T12055] ? alloc_fd+0x471/0x7d0 [ 2265.884470][T12055] do_sys_openat2+0x121/0x290 [ 2265.884487][T12055] ? __pfx_do_sys_openat2+0x10/0x10 [ 2265.884511][T12055] __x64_sys_openat+0x174/0x210 [ 2265.884528][T12055] ? __pfx___x64_sys_openat+0x10/0x10 [ 2265.884552][T12055] do_syscall_64+0xcd/0xf80 [ 2265.884575][T12055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2265.884591][T12055] RIP: 0033:0x7f35aa38f7c9 [ 2265.884603][T12055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2265.884618][T12055] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2265.884634][T12055] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2265.884645][T12055] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 2265.884655][T12055] RBP: 00007f35aa413f91 R08: 0000000000000000 R09: 0000000000000000 [ 2265.884664][T12055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2265.884672][T12055] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2265.884692][T12055] [ 2266.370599][T12061] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 2266.586204][T12066] netlink: 'syz.2.9377': attribute type 1 has an invalid length. [ 2266.926409][T12071] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 2268.857502][T12095] zswap: compressor not available [ 2270.106575][T12123] __vm_enough_memory: pid: 12123, comm: syz.0.9388, bytes: 4398046511104 not enough memory for the allocation [ 2270.266954][T12116] FAULT_INJECTION: forcing a failure. [ 2270.266954][T12116] name failslab, interval 1, probability 0, space 0, times 0 [ 2270.293104][T12129] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9390'. [ 2270.381567][T12116] CPU: 0 UID: 0 PID: 12116 Comm: syz.0.9388 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2270.381595][T12116] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2270.381602][T12116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2270.381612][T12116] Call Trace: [ 2270.381618][T12116] [ 2270.381625][T12116] dump_stack_lvl+0x16c/0x1f0 [ 2270.381653][T12116] should_fail_ex+0x512/0x640 [ 2270.381669][T12116] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2270.381689][T12116] should_failslab+0xc2/0x120 [ 2270.381713][T12116] __kmalloc_cache_noprof+0x80/0x800 [ 2270.381729][T12116] ? __pfx___register_sysctl_table+0x10/0x10 [ 2270.381749][T12116] ? is_module_address+0x69/0xf0 [ 2270.381767][T12116] ? ipv4_sysctl_init_net+0x170/0x350 [ 2270.381787][T12116] ? ipv4_sysctl_init_net+0x170/0x350 [ 2270.381803][T12116] ipv4_sysctl_init_net+0x170/0x350 [ 2270.381820][T12116] ? __pfx_ipv4_sysctl_init_net+0x10/0x10 [ 2270.381836][T12116] ops_init+0x1e2/0x5f0 [ 2270.381858][T12116] setup_net+0x11d/0x3a0 [ 2270.381878][T12116] ? __pfx_setup_net+0x10/0x10 [ 2270.381896][T12116] ? lockdep_init_map_type+0x5c/0x270 [ 2270.381912][T12116] ? mutex_init_lockep+0x110/0x150 [ 2270.381930][T12116] copy_net_ns+0x351/0x7c0 [ 2270.381952][T12116] create_new_namespaces+0x3ea/0xab0 [ 2270.381977][T12116] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2270.381998][T12116] ksys_unshare+0x45b/0xa40 [ 2270.382021][T12116] ? __pfx_ksys_unshare+0x10/0x10 [ 2270.382044][T12116] ? xfd_validate_state+0x61/0x180 [ 2270.382063][T12116] __x64_sys_unshare+0x31/0x40 [ 2270.382076][T12116] do_syscall_64+0xcd/0xf80 [ 2270.382098][T12116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2270.382113][T12116] RIP: 0033:0x7fb4dbd8f7c9 [ 2270.382127][T12116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2270.382141][T12116] RSP: 002b:00007fb4dcba3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2270.382163][T12116] RAX: ffffffffffffffda RBX: 00007fb4dbfe5fa0 RCX: 00007fb4dbd8f7c9 [ 2270.382174][T12116] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2270.382183][T12116] RBP: 00007fb4dbe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 2270.382192][T12116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2270.382201][T12116] R13: 00007fb4dbfe6038 R14: 00007fb4dbfe5fa0 R15: 00007ffc329e72f8 [ 2270.382222][T12116] [ 2270.872099][T12133] binder: 12132:12133 ioctl c0306201 2000000000c0 returned -14 [ 2272.121891][T12148] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70 [ 2272.284296][T12153] can: request_module (can-proto-0) failed. [ 2272.627566][T12167] ubi15: attaching mtd0 [ 2272.661293][T12167] ubi15 error: ubi_attach_mtd_dev: bad VID header (328828) or data offsets (328892) [ 2272.697852][T12152] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input71 [ 2273.164702][T12183] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9402'. [ 2273.547681][T12188] FAULT_INJECTION: forcing a failure. [ 2273.547681][T12188] name failslab, interval 1, probability 0, space 0, times 0 [ 2273.669096][T12188] CPU: 0 UID: 0 PID: 12188 Comm: syz.0.9404 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2273.669124][T12188] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2273.669130][T12188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2273.669139][T12188] Call Trace: [ 2273.669144][T12188] [ 2273.669151][T12188] dump_stack_lvl+0x16c/0x1f0 [ 2273.669184][T12188] should_fail_ex+0x512/0x640 [ 2273.669200][T12188] ? __kvmalloc_node_noprof+0x129/0xa40 [ 2273.669223][T12188] should_failslab+0xc2/0x120 [ 2273.669245][T12188] __kvmalloc_node_noprof+0x14a/0xa40 [ 2273.669266][T12188] ? seq_read_iter+0x830/0x12d0 [ 2273.669289][T12188] ? seq_read_iter+0x830/0x12d0 [ 2273.669307][T12188] seq_read_iter+0x830/0x12d0 [ 2273.669333][T12188] kernfs_fop_read_iter+0x46c/0x610 [ 2273.669356][T12188] ? rw_verify_area+0xcf/0x6c0 [ 2273.669377][T12188] vfs_read+0x8bf/0xcf0 [ 2273.669400][T12188] ? __pfx_vfs_read+0x10/0x10 [ 2273.669432][T12188] ksys_read+0x12a/0x250 [ 2273.669451][T12188] ? __pfx_ksys_read+0x10/0x10 [ 2273.669476][T12188] do_syscall_64+0xcd/0xf80 [ 2273.669499][T12188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2273.669515][T12188] RIP: 0033:0x7fb4dbd8f7c9 [ 2273.669528][T12188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2273.669543][T12188] RSP: 002b:00007fb4dcba3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2273.669557][T12188] RAX: ffffffffffffffda RBX: 00007fb4dbfe5fa0 RCX: 00007fb4dbd8f7c9 [ 2273.669567][T12188] RDX: 00000000000000c3 RSI: 00002000000004c0 RDI: 0000000000000003 [ 2273.669575][T12188] RBP: 00007fb4dcba3090 R08: 0000000000000000 R09: 0000000000000000 [ 2273.669584][T12188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2273.669593][T12188] R13: 00007fb4dbfe6038 R14: 00007fb4dbfe5fa0 R15: 00007ffc329e72f8 [ 2273.669613][T12188] [ 2274.018610][T12192] netlink: 338 bytes leftover after parsing attributes in process `syz.3.9406'. [ 2274.029686][T12192] netlink: 338 bytes leftover after parsing attributes in process `syz.3.9406'. [ 2275.458818][T12216] netlink: 338 bytes leftover after parsing attributes in process `syz.2.9411'. [ 2276.899972][T12226] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input72 [ 2277.733538][T12228] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input73 [ 2278.801154][T12254] ERROR: Out of memory at tomoyo_memory_ok. [ 2278.832431][T12255] netlink: 338 bytes leftover after parsing attributes in process `syz.1.9418'. [ 2278.903073][T12255] netlink: 338 bytes leftover after parsing attributes in process `syz.1.9418'. [ 2280.040284][T12278] FAULT_INJECTION: forcing a failure. [ 2280.040284][T12278] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2280.179356][T12278] CPU: 0 UID: 0 PID: 12278 Comm: syz.2.9427 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2280.179383][T12278] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2280.179390][T12278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2280.179398][T12278] Call Trace: [ 2280.179404][T12278] [ 2280.179411][T12278] dump_stack_lvl+0x16c/0x1f0 [ 2280.179442][T12278] should_fail_ex+0x512/0x640 [ 2280.179461][T12278] _copy_to_iter+0x29f/0x1710 [ 2280.179478][T12278] ? __mutex_unlock_slowpath+0x161/0x790 [ 2280.179503][T12278] ? __pfx__copy_to_iter+0x10/0x10 [ 2280.179518][T12278] ? kernfs_seq_stop+0xcd/0x120 [ 2280.179542][T12278] ? kernfs_put_active+0x86/0xe0 [ 2280.179562][T12278] seq_read_iter+0xd02/0x12d0 [ 2280.179590][T12278] kernfs_fop_read_iter+0x46c/0x610 [ 2280.179612][T12278] ? rw_verify_area+0xcf/0x6c0 [ 2280.179632][T12278] vfs_read+0x8bf/0xcf0 [ 2280.179655][T12278] ? __pfx_vfs_read+0x10/0x10 [ 2280.179687][T12278] ksys_read+0x12a/0x250 [ 2280.179706][T12278] ? __pfx_ksys_read+0x10/0x10 [ 2280.179731][T12278] do_syscall_64+0xcd/0xf80 [ 2280.179753][T12278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2280.179769][T12278] RIP: 0033:0x7f35aa38f7c9 [ 2280.179782][T12278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2280.179796][T12278] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2280.179811][T12278] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2280.179821][T12278] RDX: 00000000000000c3 RSI: 00002000000004c0 RDI: 0000000000000003 [ 2280.179830][T12278] RBP: 00007f35ab1fa090 R08: 0000000000000000 R09: 0000000000000000 [ 2280.179839][T12278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2280.179847][T12278] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2280.179867][T12278] [ 2281.762359][T10149] Bluetooth: hci0: unexpected event 0x20 length: 123 > 7 [ 2282.294554][T12288] __vm_enough_memory: pid: 12288, comm: syz.2.9429, bytes: 4398046511104 not enough memory for the allocation [ 2282.449760][T12292] FAULT_INJECTION: forcing a failure. [ 2282.449760][T12292] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2282.543476][T12292] CPU: 0 UID: 0 PID: 12292 Comm: syz.0.9431 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2282.543503][T12292] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2282.543508][T12292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2282.543517][T12292] Call Trace: [ 2282.543523][T12292] [ 2282.543529][T12292] dump_stack_lvl+0x16c/0x1f0 [ 2282.543556][T12292] should_fail_ex+0x512/0x640 [ 2282.543575][T12292] _copy_to_iter+0x29f/0x1710 [ 2282.543593][T12292] ? chacha_block_generic+0x211/0x330 [ 2282.543610][T12292] ? __pfx__copy_to_iter+0x10/0x10 [ 2282.543628][T12292] ? __pfx___might_resched+0x10/0x10 [ 2282.543649][T12292] ? crng_make_state+0x48e/0x6c0 [ 2282.543666][T12292] get_random_bytes_user+0x17f/0x3c0 [ 2282.543682][T12292] ? __pfx_get_random_bytes_user+0x10/0x10 [ 2282.543700][T12292] ? __mutex_unlock_slowpath+0x161/0x790 [ 2282.543727][T12292] ? import_ubuf+0x1b6/0x220 [ 2282.543743][T12292] __x64_sys_getrandom+0x183/0x290 [ 2282.543759][T12292] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 2282.543774][T12292] ? fput+0x70/0xf0 [ 2282.543796][T12292] do_syscall_64+0xcd/0xf80 [ 2282.543852][T12292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2282.543869][T12292] RIP: 0033:0x7fb4dbd8f7c9 [ 2282.543881][T12292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2282.543896][T12292] RSP: 002b:00007fb4dcba3038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 2282.543910][T12292] RAX: ffffffffffffffda RBX: 00007fb4dbfe5fa0 RCX: 00007fb4dbd8f7c9 [ 2282.543921][T12292] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 2282.543930][T12292] RBP: 00007fb4dcba3090 R08: 0000000000000000 R09: 0000000000000000 [ 2282.543939][T12292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2282.543947][T12292] R13: 00007fb4dbfe6038 R14: 00007fb4dbfe5fa0 R15: 00007ffc329e72f8 [ 2282.543966][T12292] [ 2283.465160][T12301] FAULT_INJECTION: forcing a failure. [ 2283.465160][T12301] name failslab, interval 1, probability 0, space 0, times 0 [ 2283.508555][T12301] CPU: 0 UID: 0 PID: 12301 Comm: syz.1.9434 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2283.508585][T12301] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2283.508591][T12301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2283.508600][T12301] Call Trace: [ 2283.508606][T12301] [ 2283.508613][T12301] dump_stack_lvl+0x16c/0x1f0 [ 2283.508640][T12301] should_fail_ex+0x512/0x640 [ 2283.508656][T12301] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2283.508675][T12301] should_failslab+0xc2/0x120 [ 2283.508704][T12301] __kmalloc_cache_noprof+0x80/0x800 [ 2283.508721][T12301] ? tty_alloc_file+0x3f/0xa0 [ 2283.508743][T12301] ? kobject_get_unless_zero+0x156/0x1e0 [ 2283.508769][T12301] ? tty_alloc_file+0x3f/0xa0 [ 2283.508787][T12301] ? __pfx_ptmx_open+0x10/0x10 [ 2283.508803][T12301] tty_alloc_file+0x3f/0xa0 [ 2283.508823][T12301] ptmx_open+0x61/0x3c0 [ 2283.508839][T12301] ? __pfx_ptmx_open+0x10/0x10 [ 2283.508855][T12301] chrdev_open+0x234/0x6a0 [ 2283.508876][T12301] ? __pfx_apparmor_file_open+0x10/0x10 [ 2283.508891][T12301] ? __pfx_chrdev_open+0x10/0x10 [ 2283.508914][T12301] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2283.508940][T12301] do_dentry_open+0x748/0x1590 [ 2283.508961][T12301] ? __pfx_chrdev_open+0x10/0x10 [ 2283.508987][T12301] vfs_open+0x82/0x3f0 [ 2283.509004][T12301] path_openat+0x2078/0x3140 [ 2283.509031][T12301] ? __pfx_path_openat+0x10/0x10 [ 2283.509059][T12301] do_filp_open+0x20b/0x470 [ 2283.509080][T12301] ? __pfx_do_filp_open+0x10/0x10 [ 2283.509114][T12301] ? alloc_fd+0x471/0x7d0 [ 2283.509147][T12301] do_sys_openat2+0x121/0x290 [ 2283.509163][T12301] ? __pfx_do_sys_openat2+0x10/0x10 [ 2283.509187][T12301] __x64_sys_openat+0x174/0x210 [ 2283.509204][T12301] ? __pfx___x64_sys_openat+0x10/0x10 [ 2283.509229][T12301] do_syscall_64+0xcd/0xf80 [ 2283.509253][T12301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2283.509270][T12301] RIP: 0033:0x7f385a58f7c9 [ 2283.509283][T12301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2283.509297][T12301] RSP: 002b:00007f385b444038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2283.509312][T12301] RAX: ffffffffffffffda RBX: 00007f385a7e5fa0 RCX: 00007f385a58f7c9 [ 2283.509322][T12301] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 2283.509332][T12301] RBP: 00007f385a613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2283.509342][T12301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2283.509351][T12301] R13: 00007f385a7e6038 R14: 00007f385a7e5fa0 R15: 00007ffdbe6477c8 [ 2283.509370][T12301] [ 2284.904743][T12329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9442'. [ 2285.536402][T12338] FAULT_INJECTION: forcing a failure. [ 2285.536402][T12338] name failslab, interval 1, probability 0, space 0, times 0 [ 2285.638084][T12338] CPU: 0 UID: 0 PID: 12338 Comm: syz.3.9445 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2285.638113][T12338] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2285.638119][T12338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2285.638130][T12338] Call Trace: [ 2285.638135][T12338] [ 2285.638143][T12338] dump_stack_lvl+0x16c/0x1f0 [ 2285.638171][T12338] should_fail_ex+0x512/0x640 [ 2285.638189][T12338] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2285.638209][T12338] should_failslab+0xc2/0x120 [ 2285.638232][T12338] __kmalloc_cache_noprof+0x80/0x800 [ 2285.638249][T12338] ? tty_alloc_file+0x3f/0xa0 [ 2285.638270][T12338] ? kobject_get_unless_zero+0x156/0x1e0 [ 2285.638295][T12338] ? tty_alloc_file+0x3f/0xa0 [ 2285.638313][T12338] ? __pfx_ptmx_open+0x10/0x10 [ 2285.638328][T12338] tty_alloc_file+0x3f/0xa0 [ 2285.638348][T12338] ptmx_open+0x61/0x3c0 [ 2285.638364][T12338] ? __pfx_ptmx_open+0x10/0x10 [ 2285.638380][T12338] chrdev_open+0x234/0x6a0 [ 2285.638401][T12338] ? __pfx_apparmor_file_open+0x10/0x10 [ 2285.638416][T12338] ? __pfx_chrdev_open+0x10/0x10 [ 2285.638439][T12338] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2285.638465][T12338] do_dentry_open+0x748/0x1590 [ 2285.638485][T12338] ? __pfx_chrdev_open+0x10/0x10 [ 2285.638511][T12338] vfs_open+0x82/0x3f0 [ 2285.638529][T12338] path_openat+0x2078/0x3140 [ 2285.638556][T12338] ? __pfx_path_openat+0x10/0x10 [ 2285.638583][T12338] do_filp_open+0x20b/0x470 [ 2285.638605][T12338] ? __pfx_do_filp_open+0x10/0x10 [ 2285.638639][T12338] ? alloc_fd+0x471/0x7d0 [ 2285.638665][T12338] do_sys_openat2+0x121/0x290 [ 2285.638681][T12338] ? __pfx_do_sys_openat2+0x10/0x10 [ 2285.638707][T12338] __x64_sys_openat+0x174/0x210 [ 2285.638724][T12338] ? __pfx___x64_sys_openat+0x10/0x10 [ 2285.638748][T12338] do_syscall_64+0xcd/0xf80 [ 2285.638771][T12338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2285.638786][T12338] RIP: 0033:0x7fcd3b58f7c9 [ 2285.638799][T12338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2285.638814][T12338] RSP: 002b:00007fcd3c403038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2285.638829][T12338] RAX: ffffffffffffffda RBX: 00007fcd3b7e5fa0 RCX: 00007fcd3b58f7c9 [ 2285.638839][T12338] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 2285.638849][T12338] RBP: 00007fcd3b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2285.638858][T12338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2285.638866][T12338] R13: 00007fcd3b7e6038 R14: 00007fcd3b7e5fa0 R15: 00007ffe11718f88 [ 2285.638886][T12338] [ 2287.690046][T12365] snd_aloop snd_aloop.0: Parsing timer source '™ý÷' failed with -22 [ 2287.840755][T12371] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9453'. [ 2288.152548][T12371] Process accounting paused [ 2288.748107][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 2288.754619][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 2290.001856][T12399] FAULT_INJECTION: forcing a failure. [ 2290.001856][T12399] name failslab, interval 1, probability 0, space 0, times 0 [ 2290.024979][T12400] snd_aloop snd_aloop.0: control 7:265:7:ª¸è:2 is already present [ 2290.131233][T12399] CPU: 0 UID: 0 PID: 12399 Comm: syz.3.9462 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2290.131262][T12399] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2290.131269][T12399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2290.131279][T12399] Call Trace: [ 2290.131285][T12399] [ 2290.131292][T12399] dump_stack_lvl+0x16c/0x1f0 [ 2290.131320][T12399] should_fail_ex+0x512/0x640 [ 2290.131336][T12399] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2290.131356][T12399] should_failslab+0xc2/0x120 [ 2290.131379][T12399] __kmalloc_cache_noprof+0x80/0x800 [ 2290.131396][T12399] ? pty_common_install+0xdf/0xb30 [ 2290.131417][T12399] ? pty_common_install+0xdf/0xb30 [ 2290.131434][T12399] pty_common_install+0xdf/0xb30 [ 2290.131450][T12399] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2290.131475][T12399] ? __pfx_pty_unix98_install+0x10/0x10 [ 2290.131493][T12399] tty_init_dev.part.0+0x9c/0x500 [ 2290.131516][T12399] tty_init_dev+0x60/0x80 [ 2290.131538][T12399] ptmx_open+0x15e/0x3c0 [ 2290.131554][T12399] ? __pfx_ptmx_open+0x10/0x10 [ 2290.131570][T12399] chrdev_open+0x234/0x6a0 [ 2290.131592][T12399] ? __pfx_apparmor_file_open+0x10/0x10 [ 2290.131608][T12399] ? __pfx_chrdev_open+0x10/0x10 [ 2290.131630][T12399] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2290.131657][T12399] do_dentry_open+0x748/0x1590 [ 2290.131676][T12399] ? __pfx_chrdev_open+0x10/0x10 [ 2290.131703][T12399] vfs_open+0x82/0x3f0 [ 2290.131721][T12399] path_openat+0x2078/0x3140 [ 2290.131749][T12399] ? __pfx_path_openat+0x10/0x10 [ 2290.131777][T12399] do_filp_open+0x20b/0x470 [ 2290.131799][T12399] ? __pfx_do_filp_open+0x10/0x10 [ 2290.131834][T12399] ? alloc_fd+0x471/0x7d0 [ 2290.131860][T12399] do_sys_openat2+0x121/0x290 [ 2290.131875][T12399] ? __pfx_do_sys_openat2+0x10/0x10 [ 2290.131899][T12399] __x64_sys_openat+0x174/0x210 [ 2290.131915][T12399] ? __pfx___x64_sys_openat+0x10/0x10 [ 2290.131939][T12399] do_syscall_64+0xcd/0xf80 [ 2290.131975][T12399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2290.131991][T12399] RIP: 0033:0x7fcd3b58f7c9 [ 2290.132005][T12399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2290.132019][T12399] RSP: 002b:00007fcd3c3e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2290.132034][T12399] RAX: ffffffffffffffda RBX: 00007fcd3b7e6090 RCX: 00007fcd3b58f7c9 [ 2290.132045][T12399] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 2290.132054][T12399] RBP: 00007fcd3b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2290.132064][T12399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2290.132073][T12399] R13: 00007fcd3b7e6128 R14: 00007fcd3b7e6090 R15: 00007ffe11718f88 [ 2290.132094][T12399] [ 2292.342221][T10193] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 6 with max blocks 2 with error 117 [ 2292.397482][T10193] EXT4-fs (sda1): This should not happen!! Data will be lost [ 2292.397482][T10193] [ 2293.032607][T12415] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9467'. [ 2293.122486][T12415] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9467'. [ 2294.066856][T12437] ERROR: Out of memory at tomoyo_memory_ok. [ 2295.352203][T12457] hub 1-0:1.0: USB hub found [ 2295.450339][T12457] hub 1-0:1.0: 1 port detected [ 2296.582365][T12478] FAULT_INJECTION: forcing a failure. [ 2296.582365][T12478] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2296.685972][T12478] CPU: 0 UID: 0 PID: 12478 Comm: syz.2.9483 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2296.686000][T12478] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2296.686006][T12478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2296.686015][T12478] Call Trace: [ 2296.686021][T12478] [ 2296.686027][T12478] dump_stack_lvl+0x16c/0x1f0 [ 2296.686055][T12478] should_fail_ex+0x512/0x640 [ 2296.686074][T12478] _copy_to_iter+0x29f/0x1710 [ 2296.686092][T12478] ? chacha_block_generic+0x211/0x330 [ 2296.686109][T12478] ? __pfx__copy_to_iter+0x10/0x10 [ 2296.686128][T12478] ? __pfx___might_resched+0x10/0x10 [ 2296.686148][T12478] ? crng_make_state+0x48e/0x6c0 [ 2296.686166][T12478] get_random_bytes_user+0x17f/0x3c0 [ 2296.686182][T12478] ? __pfx_get_random_bytes_user+0x10/0x10 [ 2296.686200][T12478] ? __mutex_unlock_slowpath+0x161/0x790 [ 2296.686228][T12478] ? import_ubuf+0x1b6/0x220 [ 2296.686243][T12478] __x64_sys_getrandom+0x183/0x290 [ 2296.686259][T12478] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 2296.686274][T12478] ? fput+0x70/0xf0 [ 2296.686296][T12478] do_syscall_64+0xcd/0xf80 [ 2296.686318][T12478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2296.686333][T12478] RIP: 0033:0x7f35aa38f7c9 [ 2296.686346][T12478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2296.686359][T12478] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 2296.686374][T12478] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2296.686384][T12478] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 2296.686392][T12478] RBP: 00007f35ab1fa090 R08: 0000000000000000 R09: 0000000000000000 [ 2296.686401][T12478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2296.686410][T12478] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2296.686429][T12478] [ 2298.392188][T10149] block nbd87: Receive control failed (result -107) [ 2299.565275][T12506] FAULT_INJECTION: forcing a failure. [ 2299.565275][T12506] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2299.657083][T12506] CPU: 0 UID: 0 PID: 12506 Comm: syz.0.9491 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2299.657110][T12506] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2299.657116][T12506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2299.657126][T12506] Call Trace: [ 2299.657131][T12506] [ 2299.657138][T12506] dump_stack_lvl+0x16c/0x1f0 [ 2299.657165][T12506] should_fail_ex+0x512/0x640 [ 2299.657184][T12506] get_futex_key+0x1d0/0x15f0 [ 2299.657203][T12506] ? __pfx_get_futex_key+0x10/0x10 [ 2299.657225][T12506] futex_wake+0xea/0x530 [ 2299.657246][T12506] ? __pfx_futex_wake+0x10/0x10 [ 2299.657273][T12506] do_futex+0x1e3/0x350 [ 2299.657289][T12506] ? __pfx_do_futex+0x10/0x10 [ 2299.657304][T12506] ? __might_fault+0xe3/0x190 [ 2299.657334][T12506] mm_release+0x24e/0x300 [ 2299.657355][T12506] do_exit+0x69e/0x2bd0 [ 2299.657370][T12506] ? __pfx_do_cpu_nanosleep+0x10/0x10 [ 2299.657395][T12506] ? __pfx_do_exit+0x10/0x10 [ 2299.657408][T12506] ? do_raw_spin_lock+0x12c/0x2b0 [ 2299.657425][T12506] ? find_held_lock+0x2b/0x80 [ 2299.657446][T12506] do_group_exit+0xd3/0x2a0 [ 2299.657468][T12506] get_signal+0x2671/0x26d0 [ 2299.657495][T12506] ? __pfx_get_signal+0x10/0x10 [ 2299.657519][T12506] arch_do_signal_or_restart+0x8f/0x7a0 [ 2299.657539][T12506] ? get_timespec64+0x136/0x1b0 [ 2299.657554][T12506] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 2299.657589][T12506] exit_to_user_mode_loop+0x8c/0x540 [ 2299.657657][T12506] do_syscall_64+0x4ee/0xf80 [ 2299.657686][T12506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2299.657703][T12506] RIP: 0033:0x7fb4dbd8f7c9 [ 2299.657717][T12506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2299.657731][T12506] RSP: 002b:00007fb4dcba3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000db [ 2299.657746][T12506] RAX: fffffffffffffdfc RBX: 00007fb4dbfe5fa0 RCX: 00007fb4dbd8f7c9 [ 2299.657757][T12506] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002 [ 2299.657766][T12506] RBP: 00007fb4dbe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 2299.657776][T12506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2299.657785][T12506] R13: 00007fb4dbfe6038 R14: 00007fb4dbfe5fa0 R15: 00007ffc329e72f8 [ 2299.657805][T12506] [ 2300.828253][T12520] hub 3-0:1.0: USB hub found [ 2300.848612][T12520] hub 3-0:1.0: 1 port detected [ 2301.059620][T12520] usb usb3: authorized to connect [ 2301.958531][T12543] loop6: detected capacity change from 0 to 8 [ 2302.553602][T12551] FAULT_INJECTION: forcing a failure. [ 2302.553602][T12551] name failslab, interval 1, probability 0, space 0, times 0 [ 2302.698172][T12551] CPU: 0 UID: 0 PID: 12551 Comm: syz.0.9501 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2302.698201][T12551] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2302.698207][T12551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2302.698217][T12551] Call Trace: [ 2302.698223][T12551] [ 2302.698230][T12551] dump_stack_lvl+0x16c/0x1f0 [ 2302.698257][T12551] should_fail_ex+0x512/0x640 [ 2302.698275][T12551] ? kmem_cache_alloc_noprof+0x62/0x770 [ 2302.698296][T12551] should_failslab+0xc2/0x120 [ 2302.698319][T12551] kmem_cache_alloc_noprof+0x83/0x770 [ 2302.698336][T12551] ? alloc_empty_file+0x55/0x1e0 [ 2302.698355][T12551] ? alloc_empty_file+0x55/0x1e0 [ 2302.698370][T12551] alloc_empty_file+0x55/0x1e0 [ 2302.698385][T12551] alloc_file_pseudo+0x13a/0x230 [ 2302.698402][T12551] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2302.698419][T12551] ? _raw_spin_unlock+0x28/0x50 [ 2302.698437][T12551] ? alloc_fd+0x471/0x7d0 [ 2302.698460][T12551] __anon_inode_getfile+0xe8/0x280 [ 2302.698474][T12551] ? __init_waitqueue_head+0xca/0x150 [ 2302.698494][T12551] do_epoll_create+0x326/0x500 [ 2302.698517][T12551] __x64_sys_epoll_create+0x45/0x70 [ 2302.698539][T12551] do_syscall_64+0xcd/0xf80 [ 2302.698563][T12551] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2302.698579][T12551] RIP: 0033:0x7fb4dbd8f7c9 [ 2302.698592][T12551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2302.698607][T12551] RSP: 002b:00007fb4dcb82038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 2302.698622][T12551] RAX: ffffffffffffffda RBX: 00007fb4dbfe6090 RCX: 00007fb4dbd8f7c9 [ 2302.698632][T12551] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000003e [ 2302.698641][T12551] RBP: 00007fb4dbe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 2302.698650][T12551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2302.698659][T12551] R13: 00007fb4dbfe6128 R14: 00007fb4dbfe6090 R15: 00007ffc329e72f8 [ 2302.698678][T12551] [ 2306.341447][T12592] netlink: 'syz.1.9512': attribute type 1 has an invalid length. [ 2306.921567][T10149] block nbd88: Receive control failed (result -107) [ 2307.915457][T12621] FAULT_INJECTION: forcing a failure. [ 2307.915457][T12621] name failslab, interval 1, probability 0, space 0, times 0 [ 2308.048588][T12621] CPU: 0 UID: 0 PID: 12621 Comm: syz.2.9520 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2308.048617][T12621] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2308.048623][T12621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2308.048634][T12621] Call Trace: [ 2308.048639][T12621] [ 2308.048646][T12621] dump_stack_lvl+0x16c/0x1f0 [ 2308.048674][T12621] should_fail_ex+0x512/0x640 [ 2308.048691][T12621] ? kmem_cache_alloc_noprof+0x62/0x770 [ 2308.048716][T12621] should_failslab+0xc2/0x120 [ 2308.048739][T12621] kmem_cache_alloc_noprof+0x83/0x770 [ 2308.048757][T12621] ? security_file_alloc+0x34/0x2b0 [ 2308.048779][T12621] ? security_file_alloc+0x34/0x2b0 [ 2308.048796][T12621] security_file_alloc+0x34/0x2b0 [ 2308.048814][T12621] init_file+0x93/0x4c0 [ 2308.048829][T12621] alloc_empty_file+0x73/0x1e0 [ 2308.048845][T12621] alloc_file_pseudo+0x13a/0x230 [ 2308.048861][T12621] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2308.048877][T12621] ? security_inode_init_security_anon+0x79/0x240 [ 2308.048898][T12621] __anon_inode_getfile+0xe8/0x280 [ 2308.048913][T12621] ? _copy_to_user+0x48/0xd0 [ 2308.048930][T12621] io_uring_setup+0x1432/0x1f60 [ 2308.048951][T12621] ? __pfx_io_uring_setup+0x10/0x10 [ 2308.048973][T12621] ? __pfx_do_futex+0x10/0x10 [ 2308.049000][T12621] ? xfd_validate_state+0x61/0x180 [ 2308.049013][T12621] ? __pfx_ksys_write+0x10/0x10 [ 2308.049037][T12621] __x64_sys_io_uring_setup+0xc2/0x170 [ 2308.049057][T12621] do_syscall_64+0xcd/0xf80 [ 2308.049080][T12621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2308.049096][T12621] RIP: 0033:0x7f35aa38f7c9 [ 2308.049109][T12621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2308.049123][T12621] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 2308.049138][T12621] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2308.049148][T12621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 2308.049157][T12621] RBP: 00007f35aa413f91 R08: 0000000000000000 R09: 0000000000000000 [ 2308.049166][T12621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2308.049175][T12621] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2308.049195][T12621] [ 2308.419480][ T30] audit: type=1804 audit(4294997123.293:43): pid=12627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.9521" name="/newroot/563/file0" dev="tmpfs" ino=2983 res=1 errno=0 [ 2309.009545][T12638] FAULT_INJECTION: forcing a failure. [ 2309.009545][T12638] name failslab, interval 1, probability 0, space 0, times 0 [ 2309.160140][T12638] CPU: 0 UID: 0 PID: 12638 Comm: syz.2.9524 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2309.160174][T12638] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2309.160181][T12638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2309.160191][T12638] Call Trace: [ 2309.160196][T12638] [ 2309.160203][T12638] dump_stack_lvl+0x16c/0x1f0 [ 2309.160232][T12638] should_fail_ex+0x512/0x640 [ 2309.160250][T12638] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2309.160271][T12638] should_failslab+0xc2/0x120 [ 2309.160295][T12638] __kmalloc_cache_noprof+0x80/0x800 [ 2309.160313][T12638] ? io_uring_alloc_task_context+0x96/0x650 [ 2309.160342][T12638] ? io_uring_alloc_task_context+0x96/0x650 [ 2309.160360][T12638] ? percpu_counter_add_batch+0xca/0x200 [ 2309.160377][T12638] io_uring_alloc_task_context+0x96/0x650 [ 2309.160394][T12638] ? file_init_path+0x4fe/0x760 [ 2309.160415][T12638] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 2309.160434][T12638] ? alloc_file_pseudo+0x1b3/0x230 [ 2309.160455][T12638] __io_uring_add_tctx_node+0x2dd/0x500 [ 2309.160472][T12638] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 2309.160491][T12638] ? __anon_inode_getfile+0x17c/0x280 [ 2309.160509][T12638] io_uring_setup+0x145e/0x1f60 [ 2309.160532][T12638] ? __pfx_io_uring_setup+0x10/0x10 [ 2309.160555][T12638] ? __pfx_do_futex+0x10/0x10 [ 2309.160585][T12638] ? xfd_validate_state+0x61/0x180 [ 2309.160599][T12638] ? __pfx_ksys_write+0x10/0x10 [ 2309.160625][T12638] __x64_sys_io_uring_setup+0xc2/0x170 [ 2309.160647][T12638] do_syscall_64+0xcd/0xf80 [ 2309.160672][T12638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2309.160689][T12638] RIP: 0033:0x7f35aa38f7c9 [ 2309.160705][T12638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2309.160721][T12638] RSP: 002b:00007f35ab1fa038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 2309.160737][T12638] RAX: ffffffffffffffda RBX: 00007f35aa5e5fa0 RCX: 00007f35aa38f7c9 [ 2309.160748][T12638] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 2309.160758][T12638] RBP: 00007f35aa413f91 R08: 0000000000000000 R09: 0000000000000000 [ 2309.160768][T12638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2309.160778][T12638] R13: 00007f35aa5e6038 R14: 00007f35aa5e5fa0 R15: 00007ffc04cabf88 [ 2309.160798][T12638] [ 2311.302648][T12680] FAULT_INJECTION: forcing a failure. [ 2311.302648][T12680] name failslab, interval 1, probability 0, space 0, times 0 [ 2311.416958][T12680] CPU: 0 UID: 0 PID: 12680 Comm: syz.1.9535 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2311.416990][T12680] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2311.416997][T12680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2311.417007][T12680] Call Trace: [ 2311.417013][T12680] [ 2311.417019][T12680] dump_stack_lvl+0x16c/0x1f0 [ 2311.417049][T12680] should_fail_ex+0x512/0x640 [ 2311.417066][T12680] ? kmem_cache_alloc_noprof+0x62/0x770 [ 2311.417087][T12680] should_failslab+0xc2/0x120 [ 2311.417110][T12680] kmem_cache_alloc_noprof+0x83/0x770 [ 2311.417129][T12680] ? alloc_empty_file+0x55/0x1e0 [ 2311.417149][T12680] ? alloc_empty_file+0x55/0x1e0 [ 2311.417180][T12680] alloc_empty_file+0x55/0x1e0 [ 2311.417197][T12680] alloc_file_pseudo+0x13a/0x230 [ 2311.417216][T12680] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2311.417233][T12680] ? alloc_fd+0x471/0x7d0 [ 2311.417259][T12680] sock_alloc_file+0x50/0x210 [ 2311.417282][T12680] __sys_socket+0x1c0/0x260 [ 2311.417297][T12680] ? __pfx___sys_socket+0x10/0x10 [ 2311.417313][T12680] ? do_user_addr_fault+0x843/0x1370 [ 2311.417335][T12680] __x64_sys_socket+0x72/0xb0 [ 2311.417349][T12680] ? lockdep_hardirqs_on+0x7c/0x110 [ 2311.417370][T12680] do_syscall_64+0xcd/0xf80 [ 2311.417393][T12680] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2311.417409][T12680] RIP: 0033:0x7f385a5916e7 [ 2311.417423][T12680] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2311.417437][T12680] RSP: 002b:00007f385b400fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 2311.417452][T12680] RAX: ffffffffffffffda RBX: 00007f385a7e6180 RCX: 00007f385a5916e7 [ 2311.417462][T12680] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 2311.417471][T12680] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 2311.417480][T12680] R10: 0000200000000080 R11: 0000000000000286 R12: 0000000000000000 [ 2311.417489][T12680] R13: 00007f385a7e6218 R14: 00007f385a7e6180 R15: 00007ffdbe6477c8 [ 2311.417509][T12680] [ 2312.314618][T10149] block nbd89: Receive control failed (result -107) [ 2313.231856][ T4526] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 2313.243872][ T4526] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 2313.253298][ T4526] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 2313.268214][ T4526] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 2313.278413][ T4526] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 2315.107609][T12704] chnl_net:caif_netlink_parms(): no params data found [ 2315.380115][ T4526] Bluetooth: hci2: command tx timeout [ 2315.581450][T12704] bridge0: port 1(bridge_slave_0) entered blocking state [ 2315.662117][T12704] bridge0: port 1(bridge_slave_0) entered disabled state [ 2315.729409][T12704] bridge_slave_0: entered allmulticast mode [ 2315.788283][T12704] bridge_slave_0: entered promiscuous mode [ 2315.838478][T12704] bridge0: port 2(bridge_slave_1) entered blocking state [ 2315.898114][T12704] bridge0: port 2(bridge_slave_1) entered disabled state [ 2315.937396][T12704] bridge_slave_1: entered allmulticast mode [ 2315.984590][T12704] bridge_slave_1: entered promiscuous mode [ 2316.153783][T12704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2316.232097][T12704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2316.410946][T12704] team0: Port device team_slave_0 added [ 2316.459480][T12704] team0: Port device team_slave_1 added [ 2316.620642][T12704] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2316.627604][T12704] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2316.820391][T12704] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2316.906889][T12704] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2316.951644][T12704] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2317.108443][T12704] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2317.371036][T12704] hsr_slave_0: entered promiscuous mode [ 2317.402206][T12704] hsr_slave_1: entered promiscuous mode [ 2317.450703][T12704] debugfs: 'hsr0' already exists in 'hsr' [ 2317.456450][T12704] Cannot create hsr debugfs directory [ 2317.470207][ T4526] Bluetooth: hci2: command tx timeout [ 2317.496254][T12762] snd_aloop snd_aloop.0: control 7:265:7:ª¸è:2 is already present [ 2318.353014][T12772] Process accounting resumed [ 2319.106396][T12793] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9560'. [ 2319.504036][T12704] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2319.547568][ T4526] Bluetooth: hci2: command tx timeout [ 2320.188719][T12704] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2320.432059][T12811] workqueue: Interrupted when creating a worker thread "kworker/u11:0" [ 2320.598033][T12752] kexec: Could not allocate control_code_buffer [ 2320.620409][T12820] snd_aloop snd_aloop.0: control 7:265:7:ª¸è:2 is already present [ 2320.704004][T12704] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2321.146452][T12704] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2321.622422][ T4526] Bluetooth: hci2: command tx timeout [ 2321.879827][T12704] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 2321.945405][T12844] synth uevent: /devices/virtual/block/ram8: unknown uevent action string [ 2321.977112][T12704] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 2322.011593][T12844] block ram8: uevent: failed to send synthetic uevent: -22 [ 2322.064625][T12704] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 2322.162702][T12704] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 2322.697376][T12704] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2322.795774][T12704] 8021q: adding VLAN 0 to HW filter on device team0 [ 2322.822620][T10193] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1380 with max blocks 19 with error 117 [ 2322.867062][ T3638] bridge0: port 1(bridge_slave_0) entered blocking state [ 2322.874211][ T3638] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2322.933686][T10193] EXT4-fs (sda1): This should not happen!! Data will be lost [ 2322.933686][T10193] [ 2322.998124][ T3638] bridge0: port 2(bridge_slave_1) entered blocking state [ 2323.005290][ T3638] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2323.852106][T12895] snd_aloop snd_aloop.0: Parsing timer source '™ý÷' failed with -22 [ 2323.975808][T12704] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2324.004241][T12888] ERROR: Out of memory at tomoyo_memory_ok. [ 2324.030521][T12897] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 2324.089312][T12892] ERROR: Out of memory at tomoyo_memory_ok. [ 2324.146493][T12897] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 2324.233456][T12704] veth0_vlan: entered promiscuous mode [ 2324.296107][T12704] veth1_vlan: entered promiscuous mode [ 2324.542741][T12900] blktrace: Concurrent blktraces are not allowed on loop2 [ 2324.845765][T12704] veth0_macvtap: entered promiscuous mode [ 2325.091096][T12704] veth1_macvtap: entered promiscuous mode [ 2325.317518][T12704] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2325.373849][T12704] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2325.503059][T12906] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2325.574842][T12906] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2325.653664][T12906] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2325.724700][T12906] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2325.944913][T12903] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2325.993322][T12903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2326.086146][T12873] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2326.105443][T12873] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2326.727457][T12917] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 2326.792853][T12917] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 2326.837580][T12917] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 2326.887723][T12917] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 2326.929150][T12917] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 2326.991084][T12917] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 2327.308330][T12940] futex_wake_op: syz.0.9589 tries to shift op by -1; fix this program [ 2327.726946][T12950] snd_aloop snd_aloop.0: Parsing timer source '™ý÷' failed with -22 [ 2327.809021][T12871] block nbd90: Receive control failed (result -107) [ 2328.102196][T12957] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 2328.146598][T12957] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 2328.232340][T12960] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 2328.267312][T12871] Bluetooth: hci1: command 0x0c1a tx timeout [ 2328.466883][T12958] blktrace: Concurrent blktraces are not allowed on loop2 [ 2328.825481][T12881] Bluetooth: hci5: command 0x0c1a tx timeout [ 2328.904726][T12962] Bluetooth: hci0: command 0x0c1a tx timeout [ 2328.910789][T12881] Bluetooth: hci2: command 0x0c1a tx timeout [ 2328.954756][T12974] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9598'. [ 2329.189474][T12980] ubi0: attaching mtd0 [ 2329.211758][T12980] ubi0: scanning is finished [ 2329.482771][T12980] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 2329.634610][T12980] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 2329.854818][T12980] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 2329.862328][T12980] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 2330.174559][T12980] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 2330.264631][T12980] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 2330.357109][T12980] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 1536983697 [ 2330.443141][T12980] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 2330.542176][T13001] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9604'. [ 2330.565611][T12988] ubi0: background thread "ubi_bgt0d" started, PID 12988 [ 2330.572696][T12984] ubi0: detaching mtd0 [ 2330.632354][T13005] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9604'. [ 2330.662022][T12984] ubi0: mtd0 is detached [ 2330.986331][T12962] Bluetooth: hci2: command 0x0c1a tx timeout [ 2331.031338][T13008] ERROR: Out of memory at tomoyo_memory_ok. [ 2331.078337][T13011] ERROR: Out of memory at tomoyo_memory_ok. [ 2332.224133][T13031] FAULT_INJECTION: forcing a failure. [ 2332.224133][T13031] name failslab, interval 1, probability 0, space 0, times 0 [ 2332.320149][T13031] CPU: 0 UID: 0 PID: 13031 Comm: syz.0.9611 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2332.320179][T13031] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2332.320186][T13031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2332.320195][T13031] Call Trace: [ 2332.320201][T13031] [ 2332.320208][T13031] dump_stack_lvl+0x16c/0x1f0 [ 2332.320236][T13031] should_fail_ex+0x512/0x640 [ 2332.320256][T13031] should_failslab+0xc2/0x120 [ 2332.320279][T13031] __kmalloc_cache_noprof+0x80/0x800 [ 2332.320297][T13031] ? __task_pid_nr_ns+0x1f5/0x500 [ 2332.320310][T13031] ? proc_thread_self_get_link+0x1c6/0x240 [ 2332.320332][T13031] ? proc_thread_self_get_link+0x1c6/0x240 [ 2332.320349][T13031] proc_thread_self_get_link+0x1c6/0x240 [ 2332.320368][T13031] pick_link+0xb09/0x13b0 [ 2332.320387][T13031] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 2332.320407][T13031] step_into_slowpath+0x6c6/0xf50 [ 2332.320430][T13031] ? __pfx_step_into_slowpath+0x10/0x10 [ 2332.320452][T13031] ? lookup_fast+0x156/0x610 [ 2332.320468][T13031] ? inode_permission+0x37b/0x640 [ 2332.320486][T13031] link_path_walk+0xd26/0x1c70 [ 2332.320512][T13031] path_openat+0x1bd/0x3140 [ 2332.320532][T13031] ? do_syscall_64+0xcd/0xf80 [ 2332.320552][T13031] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2332.320573][T13031] ? __pfx_path_openat+0x10/0x10 [ 2332.320601][T13031] do_filp_open+0x20b/0x470 [ 2332.320623][T13031] ? __pfx_do_filp_open+0x10/0x10 [ 2332.320658][T13031] ? alloc_fd+0x471/0x7d0 [ 2332.320684][T13031] do_sys_openat2+0x121/0x290 [ 2332.320700][T13031] ? __pfx_do_sys_openat2+0x10/0x10 [ 2332.320723][T13031] __x64_sys_openat+0x174/0x210 [ 2332.320815][T13031] ? __pfx___x64_sys_openat+0x10/0x10 [ 2332.320839][T13031] do_syscall_64+0xcd/0xf80 [ 2332.320862][T13031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2332.320877][T13031] RIP: 0033:0x7fb4dbd8f7c9 [ 2332.320891][T13031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2332.320905][T13031] RSP: 002b:00007fb4dcb82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2332.320921][T13031] RAX: ffffffffffffffda RBX: 00007fb4dbfe6090 RCX: 00007fb4dbd8f7c9 [ 2332.320931][T13031] RDX: 00000000000aa102 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 2332.320941][T13031] RBP: 00007fb4dbe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 2332.320951][T13031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2332.320960][T13031] R13: 00007fb4dbfe6128 R14: 00007fb4dbfe6090 R15: 00007ffc329e72f8 [ 2332.320982][T13031] [ 2332.609721][T13032] FAULT_INJECTION: forcing a failure. [ 2332.609721][T13032] name failslab, interval 1, probability 0, space 0, times 0 [ 2332.623097][T13032] CPU: 0 UID: 0 PID: 13032 Comm: syz.2.9610 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2332.623124][T13032] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2332.623131][T13032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2332.623140][T13032] Call Trace: [ 2332.623146][T13032] [ 2332.623153][T13032] dump_stack_lvl+0x16c/0x1f0 [ 2332.623179][T13032] should_fail_ex+0x512/0x640 [ 2332.623195][T13032] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 2332.623215][T13032] should_failslab+0xc2/0x120 [ 2332.623238][T13032] kmem_cache_alloc_noprof+0x83/0x770 [ 2332.623257][T13032] ? skb_clone+0x190/0x3f0 [ 2332.623278][T13032] ? skb_clone+0x190/0x3f0 [ 2332.623295][T13032] skb_clone+0x190/0x3f0 [ 2332.623314][T13032] netlink_deliver_tap+0xabd/0xd30 [ 2332.623338][T13032] netlink_unicast+0x71f/0x870 [ 2332.623361][T13032] ? __pfx_netlink_unicast+0x10/0x10 [ 2332.623382][T13032] ? genl_rcv_msg+0x4bb/0x800 [ 2332.623401][T13032] netlink_ack+0x696/0xb80 [ 2332.623426][T13032] netlink_rcv_skb+0x332/0x420 [ 2332.623447][T13032] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2332.623462][T13032] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2332.623490][T13032] ? netlink_deliver_tap+0x1ae/0xd30 [ 2332.623513][T13032] genl_rcv+0x28/0x40 [ 2332.623533][T13032] netlink_unicast+0x5aa/0x870 [ 2332.623556][T13032] ? __pfx_netlink_unicast+0x10/0x10 [ 2332.623584][T13032] netlink_sendmsg+0x8c8/0xdd0 [ 2332.623608][T13032] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2332.623631][T13032] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 2332.623658][T13032] ____sys_sendmsg+0xa5d/0xc30 [ 2332.623681][T13032] ? copy_msghdr_from_user+0x10a/0x160 [ 2332.623699][T13032] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2332.623719][T13032] ? preempt_schedule_thunk+0x16/0x30 [ 2332.623738][T13032] ? try_to_wake_up+0xa67/0x1860 [ 2332.623761][T13032] ___sys_sendmsg+0x134/0x1d0 [ 2332.623787][T13032] ? __pfx____sys_sendmsg+0x10/0x10 [ 2332.623807][T13032] ? futex_private_hash_put+0x160/0x1b0 [ 2332.623846][T13032] __sys_sendmsg+0x16d/0x220 [ 2332.623864][T13032] ? __pfx___sys_sendmsg+0x10/0x10 [ 2332.623883][T13032] ? __x64_sys_futex+0x1e0/0x4c0 [ 2332.623912][T13032] do_syscall_64+0xcd/0xf80 [ 2332.623935][T13032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2332.623950][T13032] RIP: 0033:0x7fecf878f7c9 [ 2332.623963][T13032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2332.623978][T13032] RSP: 002b:00007fecf961d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2332.623992][T13032] RAX: ffffffffffffffda RBX: 00007fecf89e5fa0 RCX: 00007fecf878f7c9 [ 2332.624002][T13032] RDX: 0000000000000800 RSI: 0000200000000dc0 RDI: 0000000000000002 [ 2332.624011][T13032] RBP: 00007fecf8813f91 R08: 0000000000000000 R09: 0000000000000000 [ 2332.624020][T13032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2332.624029][T13032] R13: 00007fecf89e6038 R14: 00007fecf89e5fa0 R15: 00007ffd2083e5b8 [ 2332.624050][T13032] [ 2333.296493][T12962] Bluetooth: hci2: command 0x0c1a tx timeout [ 2333.617428][T13034] zswap: compressor not available [ 2333.728480][T12881] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 2333.772258][T12881] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 2333.781093][T12881] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 2333.791269][T12881] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 2333.799857][T12881] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 2334.906208][T13044] chnl_net:caif_netlink_parms(): no params data found [ 2335.408375][T13044] bridge0: port 1(bridge_slave_0) entered blocking state [ 2335.430212][T13044] bridge0: port 1(bridge_slave_0) entered disabled state [ 2335.450594][T13044] bridge_slave_0: entered allmulticast mode [ 2335.485790][T13044] bridge_slave_0: entered promiscuous mode [ 2335.544265][T13044] bridge0: port 2(bridge_slave_1) entered blocking state [ 2335.567693][T13044] bridge0: port 2(bridge_slave_1) entered disabled state [ 2335.591401][T13044] bridge_slave_1: entered allmulticast mode [ 2335.622362][T13044] bridge_slave_1: entered promiscuous mode [ 2335.784764][T13044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2335.843464][T13044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2335.867941][T12962] Bluetooth: hci3: command tx timeout [ 2335.973171][T13044] team0: Port device team_slave_0 added [ 2336.032835][T13044] team0: Port device team_slave_1 added [ 2336.187372][T13044] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2336.198088][T13070] futex_wake_op: syz.0.9619 tries to shift op by -1; fix this program [ 2336.234863][T13044] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2336.379250][T13044] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2336.558345][T13044] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2336.592351][T13044] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2336.752761][T13044] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2336.936065][T13044] hsr_slave_0: entered promiscuous mode [ 2336.969688][T13044] hsr_slave_1: entered promiscuous mode [ 2336.999354][T13044] debugfs: 'hsr0' already exists in 'hsr' [ 2337.005104][T13044] Cannot create hsr debugfs directory [ 2337.792849][T13044] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2337.915283][T13078] FAULT_INJECTION: forcing a failure. [ 2337.915283][T13078] name failslab, interval 1, probability 0, space 0, times 0 [ 2337.948842][T12962] Bluetooth: hci3: command tx timeout [ 2338.022533][T13078] CPU: 0 UID: 0 PID: 13078 Comm: syz.0.9621 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2338.022562][T13078] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2338.022569][T13078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2338.022584][T13078] Call Trace: [ 2338.022590][T13078] [ 2338.022596][T13078] dump_stack_lvl+0x16c/0x1f0 [ 2338.022622][T13078] should_fail_ex+0x512/0x640 [ 2338.022640][T13078] ? __kmalloc_cache_node_noprof+0x62/0x830 [ 2338.022663][T13078] should_failslab+0xc2/0x120 [ 2338.022686][T13078] __kmalloc_cache_node_noprof+0x83/0x830 [ 2338.022706][T13078] ? __alloc_workqueue+0x670/0x1810 [ 2338.022733][T13078] ? __alloc_workqueue+0x670/0x1810 [ 2338.022753][T13078] __alloc_workqueue+0x670/0x1810 [ 2338.022781][T13078] alloc_workqueue_noprof+0xd2/0x200 [ 2338.022803][T13078] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 2338.022827][T13078] ? rcu_is_watching+0x12/0xc0 [ 2338.022848][T13078] ? trace_kmalloc+0x2b/0xb0 [ 2338.022867][T13078] ? __kmalloc_noprof+0x35d/0x910 [ 2338.022883][T13078] ? ieee80211_register_hw+0x15c9/0x4160 [ 2338.022902][T13078] ieee80211_register_hw+0x1f1a/0x4160 [ 2338.022918][T13078] ? lockdep_hardirqs_on+0x11/0x110 [ 2338.022939][T13078] ? _raw_spin_unlock+0x41/0x50 [ 2338.022960][T13078] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 2338.022983][T13078] ? __pfx___debug_object_init+0x10/0x10 [ 2338.023009][T13078] ? find_held_lock+0x2b/0x80 [ 2338.023028][T13078] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 2338.023051][T13078] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 2338.023072][T13078] ? __hrtimer_setup+0x176/0x280 [ 2338.023092][T13078] mac80211_hwsim_new_radio+0x3323/0x5150 [ 2338.023120][T13078] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 2338.023142][T13078] hwsim_new_radio_nl+0xba2/0x1330 [ 2338.023161][T13078] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 2338.023183][T13078] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 2338.023208][T13078] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 2338.023236][T13078] genl_family_rcv_msg_doit+0x209/0x2f0 [ 2338.023260][T13078] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 2338.023284][T13078] ? genl_get_cmd+0x194/0x580 [ 2338.023309][T13078] ? bpf_lsm_capable+0x9/0x10 [ 2338.023328][T13078] ? security_capable+0x7e/0x260 [ 2338.023351][T13078] ? ns_capable+0xd7/0x110 [ 2338.023372][T13078] genl_rcv_msg+0x55c/0x800 [ 2338.023388][T13078] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2338.023402][T13078] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 2338.023425][T13078] netlink_rcv_skb+0x158/0x420 [ 2338.023446][T13078] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2338.023461][T13078] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2338.023492][T13078] ? netlink_deliver_tap+0x1ae/0xd30 [ 2338.023515][T13078] genl_rcv+0x28/0x40 [ 2338.023535][T13078] netlink_unicast+0x5aa/0x870 [ 2338.023558][T13078] ? __pfx_netlink_unicast+0x10/0x10 [ 2338.023592][T13078] netlink_sendmsg+0x8c8/0xdd0 [ 2338.023617][T13078] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2338.023641][T13078] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 2338.023670][T13078] ____sys_sendmsg+0xa5d/0xc30 [ 2338.023695][T13078] ? copy_msghdr_from_user+0x10a/0x160 [ 2338.023714][T13078] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2338.023740][T13078] ? __pfx_futex_wake_mark+0x10/0x10 [ 2338.023764][T13078] ___sys_sendmsg+0x134/0x1d0 [ 2338.023783][T13078] ? __pfx____sys_sendmsg+0x10/0x10 [ 2338.023801][T13078] ? futex_private_hash_put+0x160/0x1b0 [ 2338.023839][T13078] __sys_sendmsg+0x16d/0x220 [ 2338.023857][T13078] ? __pfx___sys_sendmsg+0x10/0x10 [ 2338.023875][T13078] ? __x64_sys_futex+0x1e0/0x4c0 [ 2338.023903][T13078] do_syscall_64+0xcd/0xf80 [ 2338.023926][T13078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2338.023941][T13078] RIP: 0033:0x7fb4dbd8f7c9 [ 2338.023955][T13078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2338.023969][T13078] RSP: 002b:00007fb4dcba3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2338.023985][T13078] RAX: ffffffffffffffda RBX: 00007fb4dbfe5fa0 RCX: 00007fb4dbd8f7c9 [ 2338.023995][T13078] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 2338.024005][T13078] RBP: 00007fb4dbe13f91 R08: 0000000000000000 R09: 0000000000000000 [ 2338.024015][T13078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2338.024024][T13078] R13: 00007fb4dbfe6038 R14: 00007fb4dbfe5fa0 R15: 00007ffc329e72f8 [ 2338.024045][T13078] [ 2339.408735][T13044] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2339.541121][T13044] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2339.652220][T13086] random: crng reseeded on system resumption [ 2339.753870][T13044] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2340.040964][T12962] Bluetooth: hci3: command tx timeout [ 2340.273133][T13044] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2340.442058][T13044] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2340.491813][T13044] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2340.551910][T13044] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2340.782383][T13104] snd_aloop snd_aloop.0: control 7:265:7:ª¸è:2 is already present [ 2340.841269][T13044] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2340.911508][T13044] 8021q: adding VLAN 0 to HW filter on device team0 [ 2340.953657][T12903] bridge0: port 1(bridge_slave_0) entered blocking state [ 2340.960834][T12903] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2341.031284][T12903] bridge0: port 2(bridge_slave_1) entered blocking state [ 2341.038409][T12903] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2341.477336][T13113] FAULT_INJECTION: forcing a failure. [ 2341.477336][T13113] name failslab, interval 1, probability 0, space 0, times 0 [ 2341.526416][T13118] ubi0: attaching mtd0 [ 2341.551917][T13118] ubi0: scanning is finished [ 2341.588429][T13113] CPU: 0 UID: 0 PID: 13113 Comm: syz.2.9629 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2341.588458][T13113] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2341.588464][T13113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2341.588474][T13113] Call Trace: [ 2341.588480][T13113] [ 2341.588486][T13113] dump_stack_lvl+0x16c/0x1f0 [ 2341.588514][T13113] should_fail_ex+0x512/0x640 [ 2341.588531][T13113] ? fs_reclaim_acquire+0xae/0x150 [ 2341.588556][T13113] should_failslab+0xc2/0x120 [ 2341.588578][T13113] kmem_cache_alloc_noprof+0x83/0x770 [ 2341.588596][T13113] ? __pfx_map_id_range_down+0x10/0x10 [ 2341.588617][T13113] ? security_inode_alloc+0x3b/0x2b0 [ 2341.588636][T13113] ? security_inode_alloc+0x3b/0x2b0 [ 2341.588650][T13113] security_inode_alloc+0x3b/0x2b0 [ 2341.588674][T13113] inode_init_always_gfp+0xced/0x1040 [ 2341.588703][T13113] alloc_inode+0x86/0x240 [ 2341.588720][T13113] alloc_anon_inode+0x28/0x3e0 [ 2341.588743][T13113] anon_inode_make_secure_inode+0x31/0x140 [ 2341.588762][T13113] __anon_inode_getfile+0x1cf/0x280 [ 2341.588776][T13113] ? _copy_to_user+0x48/0xd0 [ 2341.588793][T13113] io_uring_setup+0x1432/0x1f60 [ 2341.588814][T13113] ? __pfx_io_uring_setup+0x10/0x10 [ 2341.588836][T13113] ? __pfx_do_futex+0x10/0x10 [ 2341.588863][T13113] ? xfd_validate_state+0x61/0x180 [ 2341.588877][T13113] ? __pfx_ksys_write+0x10/0x10 [ 2341.588901][T13113] __x64_sys_io_uring_setup+0xc2/0x170 [ 2341.588921][T13113] do_syscall_64+0xcd/0xf80 [ 2341.588943][T13113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2341.588958][T13113] RIP: 0033:0x7fecf878f7c9 [ 2341.588971][T13113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2341.588986][T13113] RSP: 002b:00007fecf961d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 2341.589001][T13113] RAX: ffffffffffffffda RBX: 00007fecf89e5fa0 RCX: 00007fecf878f7c9 [ 2341.589011][T13113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 2341.589019][T13113] RBP: 00007fecf8813f91 R08: 0000000000000000 R09: 0000000000000000 [ 2341.589028][T13113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2341.589036][T13113] R13: 00007fecf89e6038 R14: 00007fecf89e5fa0 R15: 00007ffd2083e5b8 [ 2341.589055][T13113] [ 2341.819598][T13044] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2341.848427][T13044] veth0_vlan: entered promiscuous mode [ 2341.858482][T13044] veth1_vlan: entered promiscuous mode [ 2341.878977][T13044] veth0_macvtap: entered promiscuous mode [ 2341.888122][T13044] veth1_macvtap: entered promiscuous mode [ 2341.903003][T13044] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2341.913517][T13044] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2342.022204][T13118] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 2342.030057][T13118] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 2342.040997][T13118] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 2342.055717][T12873] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2342.064223][T12876] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2342.074493][T12868] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2342.092449][T13118] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 2342.136973][T12876] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2342.153247][T12962] Bluetooth: hci3: command tx timeout [ 2342.160108][T12868] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2342.170825][T12873] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2342.192591][T13118] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 2342.199783][T13118] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 2342.230981][T13118] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 1536983697 [ 2342.242763][T13118] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 2342.276255][T12868] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2342.308787][T12868] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2342.341771][T13121] ubi0: background thread "ubi_bgt0d" started, PID 13121 [ 2342.351858][T13120] ubi0: detaching mtd0 [ 2342.461876][T13120] ubi0: mtd0 is detached [ 2342.643643][T13130] random: crng reseeded on system resumption [ 2343.901060][T13145] snd_aloop snd_aloop.0: control 7:265:7:ª¸è:2 is already present [ 2344.105723][T13151] futex_wake_op: syz.2.9637 tries to shift op by -1; fix this program [ 2344.274824][T12962] block nbd91: Receive control failed (result -107) [ 2345.267750][T13175] snd_aloop snd_aloop.0: control 7:265:7:ª¸è:2 is already present [ 2346.384569][T12881] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 2346.397745][T12881] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 2346.408085][T12881] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 2346.415935][T12881] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 2346.423819][T12881] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 2346.989774][T13196] chnl_net:caif_netlink_parms(): no params data found [ 2348.514273][T12881] Bluetooth: hci1: command tx timeout [ 2348.606068][T13196] bridge0: port 1(bridge_slave_0) entered blocking state [ 2348.646312][T13196] bridge0: port 1(bridge_slave_0) entered disabled state [ 2348.685433][T13196] bridge_slave_0: entered allmulticast mode [ 2348.714421][T13196] bridge_slave_0: entered promiscuous mode [ 2348.732605][T13196] bridge0: port 2(bridge_slave_1) entered blocking state [ 2348.774256][T13196] bridge0: port 2(bridge_slave_1) entered disabled state [ 2348.804485][T13196] bridge_slave_1: entered allmulticast mode [ 2348.825688][T13196] bridge_slave_1: entered promiscuous mode [ 2348.910586][T13211] snd_aloop snd_aloop.0: control 7:265:7:ª¸è:2 is already present [ 2348.966145][T13196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2349.009937][T13196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2349.216876][T13196] team0: Port device team_slave_0 added [ 2349.246354][T13196] team0: Port device team_slave_1 added [ 2349.321211][T13196] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2349.362204][T13196] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2349.446835][T13220] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9658'. [ 2349.467066][T13196] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2349.512886][T13196] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2349.542895][T13196] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2349.641044][T13196] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2349.695050][T13220] ipvlan0: entered promiscuous mode [ 2349.718068][T13220] ipvlan0: entered allmulticast mode [ 2349.737514][T13220] veth0_vlan: entered allmulticast mode [ 2349.889220][T13196] hsr_slave_0: entered promiscuous mode [ 2349.908013][T13196] hsr_slave_1: entered promiscuous mode [ 2349.931820][T13196] debugfs: 'hsr0' already exists in 'hsr' [ 2349.968227][T13196] Cannot create hsr debugfs directory [ 2350.057554][T13224] FAULT_INJECTION: forcing a failure. [ 2350.057554][T13224] name failslab, interval 1, probability 0, space 0, times 0 [ 2350.155184][T13224] CPU: 0 UID: 0 PID: 13224 Comm: syz.3.9659 Tainted: G U L syzkaller #0 PREEMPT(full) [ 2350.155213][T13224] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2350.155220][T13224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2350.155229][T13224] Call Trace: [ 2350.155235][T13224] [ 2350.155241][T13224] dump_stack_lvl+0x16c/0x1f0 [ 2350.155269][T13224] should_fail_ex+0x512/0x640 [ 2350.155286][T13224] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2350.155307][T13224] should_failslab+0xc2/0x120 [ 2350.155330][T13224] __kmalloc_cache_noprof+0x80/0x800 [ 2350.155347][T13224] ? io_uring_alloc_task_context+0x96/0x650 [ 2350.155367][T13224] ? io_uring_alloc_task_context+0x96/0x650 [ 2350.155381][T13224] ? percpu_counter_add_batch+0xca/0x200 [ 2350.155395][T13224] io_uring_alloc_task_context+0x96/0x650 [ 2350.155410][T13224] ? file_init_path+0x4fe/0x760 [ 2350.155426][T13224] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 2350.155443][T13224] ? alloc_file_pseudo+0x1b3/0x230 [ 2350.155461][T13224] __io_uring_add_tctx_node+0x2dd/0x500 [ 2350.155477][T13224] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 2350.155494][T13224] ? __anon_inode_getfile+0x17c/0x280 [ 2350.155511][T13224] io_uring_setup+0x145e/0x1f60 [ 2350.155532][T13224] ? __pfx_io_uring_setup+0x10/0x10 [ 2350.155554][T13224] ? __pfx_do_futex+0x10/0x10 [ 2350.155581][T13224] ? xfd_validate_state+0x61/0x180 [ 2350.155595][T13224] ? __pfx_ksys_write+0x10/0x10 [ 2350.155619][T13224] __x64_sys_io_uring_setup+0xc2/0x170 [ 2350.155639][T13224] do_syscall_64+0xcd/0xf80 [ 2350.155661][T13224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2350.155677][T13224] RIP: 0033:0x7fe38b58f7c9 [ 2350.155691][T13224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2350.155705][T13224] RSP: 002b:00007fe38c436038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 2350.155719][T13224] RAX: ffffffffffffffda RBX: 00007fe38b7e5fa0 RCX: 00007fe38b58f7c9 [ 2350.155729][T13224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 2350.155738][T13224] RBP: 00007fe38b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2350.155747][T13224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2350.155756][T13224] R13: 00007fe38b7e6038 R14: 00007fe38b7e5fa0 R15: 00007fffeaf20328 [ 2350.155783][T13224] [ 2350.778213][T12962] Bluetooth: hci1: command tx timeout [ 2350.784416][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 2350.795557][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 2350.967871][T13196] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 2351.008133][T13196] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 2351.034231][T13196] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 2351.058957][T13196] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 2351.254471][T13196] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2351.312387][T13196] 8021q: adding VLAN 0 to HW filter on device team0 [ 2351.340870][T12887] bridge0: port 1(bridge_slave_0) entered blocking state [ 2351.348019][T12887] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2351.397860][T12887] bridge0: port 2(bridge_slave_1) entered blocking state [ 2351.404965][T12887] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2351.815530][T13196] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2352.333137][T13196] veth0_vlan: entered promiscuous mode [ 2352.386750][T13196] veth1_vlan: entered promiscuous mode [ 2352.458664][T13196] veth0_macvtap: entered promiscuous mode [ 2352.496723][T13196] veth1_macvtap: entered promiscuous mode [ 2352.542967][T13196] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2352.580581][T13196] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2352.617179][T13081] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2352.648337][T13081] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2352.692971][T13081] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2352.741077][T13081] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2352.842561][T12881] Bluetooth: hci1: command tx timeout [ 2352.952965][T13227] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2352.999939][T13227] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2353.081499][T13227] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2353.100194][T13227] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2354.198655][T13227] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1380 with max blocks 19 with error 117 [ 2354.212990][T13227] EXT4-fs (sda1): This should not happen!! Data will be lost [ 2354.212990][T13227] [ 2354.918427][T12881] Bluetooth: hci1: command tx timeout [ 2384.547898][T13227] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 909 with max blocks 30 with error 117 [ 2384.561526][T13227] EXT4-fs (sda1): This should not happen!! Data will be lost [ 2384.561526][T13227] [ 2384.589161][T13227] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1372 with max blocks 8 with error 117 [ 2384.605236][T13227] EXT4-fs (sda1): This should not happen!! Data will be lost [ 2384.605236][T13227] [ 2411.669197][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 2411.675704][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 2459.849686][T12962] Bluetooth: hci3: command 0x0406 tx timeout [ 2470.095102][T12881] Bluetooth: hci1: command 0x0406 tx timeout [ 2473.150132][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 2473.158907][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 2482.101191][ T31] INFO: task kworker/u10:4:12878 blocked for more than 143 seconds. [ 2482.109280][ T31] Tainted: G U L syzkaller #0 [ 2482.123785][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2482.141851][ T31] task:kworker/u10:4 state:D stack:26776 pid:12878 tgid:12878 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 2482.158071][ T31] Workqueue: netns cleanup_net [ 2482.167892][ T31] Call Trace: [ 2482.175904][ T31] [ 2482.179167][ T31] ? __schedule+0x10b9/0x6150 [ 2482.190469][ T31] __schedule+0x1139/0x6150 [ 2482.199680][ T31] ? __lock_acquire+0x436/0x2890 [ 2482.205789][ T31] ? __pfx___schedule+0x10/0x10 [ 2482.211072][ T31] ? find_held_lock+0x2b/0x80 [ 2482.215826][ T31] ? schedule+0x2d7/0x3a0 [ 2482.220226][ T31] schedule+0xe7/0x3a0 [ 2482.224841][ T31] schedule_timeout+0x257/0x290 [ 2482.229746][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 2482.236076][ T31] ? mark_held_locks+0x49/0x80 [ 2482.242754][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 2482.248635][ T31] __wait_for_common+0x2fc/0x4e0 [ 2482.255554][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 2482.261545][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 2482.267070][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 2482.272830][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 2482.278706][ T31] __flush_workqueue+0x3e2/0x1230 [ 2482.284404][ T31] ? __lock_acquire+0x436/0x2890 [ 2482.289452][ T31] ? __lock_acquire+0x436/0x2890 [ 2482.295371][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 2482.301117][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 2482.307023][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 2482.313450][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 2482.319008][ T31] rds_tcp_listen_stop+0x104/0x150 [ 2482.324784][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 2482.330212][ T31] rds_tcp_exit_net+0xcb/0x810 [ 2482.335317][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 2482.343064][ T31] ? __pfx___might_resched+0x10/0x10 [ 2482.349015][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 2482.355279][ T31] ops_undo_list+0x2ee/0xab0 [ 2482.359925][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 2482.366331][ T31] ? cleanup_net+0x347/0x830 [ 2482.371601][ T31] ? idr_destroy+0x62/0x2e0 [ 2482.376158][ T31] cleanup_net+0x41b/0x830 [ 2482.380610][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 2482.386180][ T31] ? rcu_is_watching+0x12/0xc0 [ 2482.391194][ T31] process_one_work+0x9ba/0x1b20 [ 2482.396880][ T31] ? __pfx_process_one_work+0x10/0x10 [ 2482.403152][ T31] ? assign_work+0x1a0/0x250 [ 2482.408296][ T31] worker_thread+0x6c8/0xf10 [ 2482.414357][ T31] ? __kthread_parkme+0x19e/0x250 [ 2482.419439][ T31] ? __pfx_worker_thread+0x10/0x10 [ 2482.425160][ T31] kthread+0x3c5/0x780 [ 2482.429421][ T31] ? __pfx_kthread+0x10/0x10 [ 2482.434390][ T31] ? rcu_is_watching+0x12/0xc0 [ 2482.439226][ T31] ? __pfx_kthread+0x10/0x10 [ 2482.445254][ T31] ret_from_fork+0x983/0xb10 [ 2482.450514][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 2482.457702][ T31] ? __switch_to+0x7af/0x10d0 [ 2482.463202][ T31] ? __pfx_kthread+0x10/0x10 [ 2482.467859][ T31] ret_from_fork_asm+0x1a/0x30 [ 2482.474182][ T31] [ 2482.477263][ T31] INFO: task syz.1.9607:13015 blocked for more than 143 seconds. [ 2482.485414][ T31] Tainted: G U L syzkaller #0 [ 2482.495820][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2482.505023][ T31] task:syz.1.9607 state:D stack:26472 pid:13015 tgid:13009 ppid:3776 task_flags:0x400140 flags:0x00080002 [ 2482.518277][ T31] Call Trace: [ 2482.521785][ T31] [ 2482.524759][ T31] ? __schedule+0x10b9/0x6150 [ 2482.529574][ T31] __schedule+0x1139/0x6150 [ 2482.534478][ T31] ? __lock_acquire+0x436/0x2890 [ 2482.539484][ T31] ? __pfx___schedule+0x10/0x10 [ 2482.545709][ T31] ? find_held_lock+0x2b/0x80 [ 2482.550441][ T31] ? schedule+0x2d7/0x3a0 [ 2482.555662][ T31] schedule+0xe7/0x3a0 [ 2482.559787][ T31] schedule_timeout+0x257/0x290 [ 2482.565893][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 2482.572074][ T31] ? mark_held_locks+0x49/0x80 [ 2482.577104][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 2482.586048][ T31] __wait_for_common+0x2fc/0x4e0 [ 2482.591757][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 2482.597195][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 2482.602983][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 2482.608247][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 2482.614900][ T31] __flush_workqueue+0x3e2/0x1230 [ 2482.619966][ T31] ? __lock_acquire+0x436/0x2890 [ 2482.625890][ T31] ? __lock_acquire+0x436/0x2890 [ 2482.631182][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 2482.636699][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 2482.642297][ T31] ? release_sock+0x21/0x220 [ 2482.648039][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 2482.653828][ T31] ? __local_bh_enable_ip+0xa4/0x120 [ 2482.659794][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 2482.666015][ T31] rds_tcp_listen_stop+0x104/0x150 [ 2482.671970][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 2482.677397][ T31] rds_tcp_exit_net+0xcb/0x810 [ 2482.683255][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 2482.688690][ T31] ? __pfx___might_resched+0x10/0x10 [ 2482.696103][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 2482.701820][ T31] ops_undo_list+0x2ee/0xab0 [ 2482.706509][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 2482.712022][ T31] ? ops_init+0x2f0/0x5f0 [ 2482.716954][ T31] ? ops_init+0x2fa/0x5f0 [ 2482.721613][ T31] setup_net+0x1ff/0x3a0 [ 2482.726142][ T31] ? __pfx_setup_net+0x10/0x10 [ 2482.730980][ T31] ? lockdep_init_map_type+0x5c/0x270 [ 2482.737553][ T31] ? mutex_init_lockep+0x110/0x150 [ 2482.746753][ T31] copy_net_ns+0x351/0x7c0 [ 2482.752551][ T31] create_new_namespaces+0x3ea/0xab0 [ 2482.758487][ T31] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2482.764465][ T31] ksys_unshare+0x45b/0xa40 [ 2482.769033][ T31] ? __pfx_ksys_unshare+0x10/0x10 [ 2482.774596][ T31] ? xfd_validate_state+0x61/0x180 [ 2482.779771][ T31] __x64_sys_unshare+0x31/0x40 [ 2482.785638][ T31] do_syscall_64+0xcd/0xf80 [ 2482.790208][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2482.797348][ T31] RIP: 0033:0x7f385a58f7c9 [ 2482.803121][ T31] RSP: 002b:00007f385b402038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2482.811986][ T31] RAX: ffffffffffffffda RBX: 00007f385a7e6180 RCX: 00007f385a58f7c9 [ 2482.820783][ T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2482.831605][ T31] RBP: 00007f385a613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2482.839850][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2482.849324][ T31] R13: 00007f385a7e6218 R14: 00007f385a7e6180 R15: 00007ffdbe6477c8 [ 2482.858712][ T31] [ 2482.862609][ T31] [ 2482.862609][ T31] Showing all locks held in the system: [ 2482.870407][ T31] 1 lock held by khungtaskd/31: [ 2482.875688][ T31] #0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 2482.886184][ T31] 2 locks held by getty/8940: [ 2482.890915][ T31] #0: ffff88814de110a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 2482.912547][ T31] #1: ffffc9000b5632f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x1510 [ 2482.925316][ T31] 3 locks held by kworker/u10:4/12878: [ 2482.930927][ T31] #0: ffff88801badf148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 [ 2482.941748][ T31] #1: ffffc9000480fc90 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 [ 2482.952612][ T31] #2: ffffffff9012e6d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x830 [ 2482.965478][ T31] 1 lock held by syz.1.9607/13015: [ 2482.970647][ T31] #0: ffffffff9012e6d0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x333/0x7c0 [ 2482.980426][ T31] [ 2482.990999][ T31] ============================================= [ 2482.990999][ T31] [ 2482.999987][ T31] NMI backtrace for cpu 0 [ 2483.000001][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full) [ 2483.000024][ T31] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2483.000029][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2483.000038][ T31] Call Trace: [ 2483.000043][ T31] [ 2483.000049][ T31] dump_stack_lvl+0x116/0x1f0 [ 2483.000074][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 2483.000091][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 2483.000107][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 2483.000125][ T31] sys_info+0x133/0x180 [ 2483.000138][ T31] watchdog+0xe66/0x1180 [ 2483.000169][ T31] ? rcu_is_watching+0x12/0xc0 [ 2483.000190][ T31] ? __pfx_watchdog+0x10/0x10 [ 2483.000209][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 2483.000231][ T31] ? __kthread_parkme+0x19e/0x250 [ 2483.000253][ T31] ? __pfx_watchdog+0x10/0x10 [ 2483.000273][ T31] kthread+0x3c5/0x780 [ 2483.000287][ T31] ? __pfx_kthread+0x10/0x10 [ 2483.000302][ T31] ? rcu_is_watching+0x12/0xc0 [ 2483.000321][ T31] ? __pfx_kthread+0x10/0x10 [ 2483.000336][ T31] ret_from_fork+0x983/0xb10 [ 2483.000352][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 2483.000368][ T31] ? __switch_to+0x7af/0x10d0 [ 2483.000386][ T31] ? __pfx_kthread+0x10/0x10 [ 2483.000401][ T31] ret_from_fork_asm+0x1a/0x30 [ 2483.000430][ T31] [ 2483.145427][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 2483.152295][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full) [ 2483.162967][ T31] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 2483.168149][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2483.178197][ T31] Call Trace: [ 2483.181467][ T31] [ 2483.184386][ T31] dump_stack_lvl+0x3d/0x1f0 [ 2483.188996][ T31] vpanic+0x640/0x6f0 [ 2483.192971][ T31] panic+0xca/0xd0 [ 2483.196677][ T31] ? __pfx_panic+0x10/0x10 [ 2483.201080][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 2483.207144][ T31] ? nmi_trigger_cpumask_backtrace+0x1b1/0x300 [ 2483.213311][ T31] ? nmi_trigger_cpumask_backtrace+0x2be/0x300 [ 2483.219476][ T31] ? watchdog+0xe83/0x1180 [ 2483.223903][ T31] ? watchdog+0xe76/0x1180 [ 2483.228320][ T31] watchdog+0xe94/0x1180 [ 2483.232587][ T31] ? rcu_is_watching+0x12/0xc0 [ 2483.237355][ T31] ? __pfx_watchdog+0x10/0x10 [ 2483.242023][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 2483.247217][ T31] ? __kthread_parkme+0x19e/0x250 [ 2483.252265][ T31] ? __pfx_watchdog+0x10/0x10 [ 2483.256934][ T31] kthread+0x3c5/0x780 [ 2483.261002][ T31] ? __pfx_kthread+0x10/0x10 [ 2483.265582][ T31] ? rcu_is_watching+0x12/0xc0 [ 2483.270337][ T31] ? __pfx_kthread+0x10/0x10 [ 2483.274915][ T31] ret_from_fork+0x983/0xb10 [ 2483.279497][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 2483.284598][ T31] ? __switch_to+0x7af/0x10d0 [ 2483.289275][ T31] ? __pfx_kthread+0x10/0x10 [ 2483.293873][ T31] ret_from_fork_asm+0x1a/0x30 [ 2483.298659][ T31] [ 2483.301824][ T31] Kernel Offset: disabled [ 2483.306150][ T31] Rebooting in 86400 seconds..