last executing test programs: 15.895419586s ago: executing program 0 (id=1819): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0xa0, 0x8, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001bc0)='/dev/sequencer2\x00', 0x1, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x2, 0x801, 0x106) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 15.402527098s ago: executing program 3 (id=1822): socket(0x1d, 0x2, 0x6) socket(0x2, 0x1, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) socket(0x11, 0x2, 0x73) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) 15.236637052s ago: executing program 3 (id=1824): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) landlock_add_rule$auto(r1, 0x1, &(0x7f00000002c0)="6a96c15a8368a45ab3eca63f800ee5eff65e76dd164658636036e6ae288cbeda87f8833ddf52f2ccc050584f7f83d9afb16572927e5e79246197184b7b2ac245945209d65d2a73f6dca88e82b1", 0x7e) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0x2, 0x8, 0x0) 14.794793829s ago: executing program 0 (id=1826): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x3, 0xa) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/members\x00', 0x749443, 0x0) socket(0x1d, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x80000001, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x10000000000062, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0x8]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff038}}) write$auto(r2, 0x0, 0x6) 14.792548629s ago: executing program 2 (id=1834): keyctl$auto(0x2000000000000016, 0xffffffffffffffff, 0xfffffffe, 0x0, 0x404e) set_mempolicy$auto(0x1, &(0x7f0000000180)=0x2, 0x6) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop5/mq/0/nr_reserved_tags\x00', 0x80880, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mincore$auto(0x1000, 0x8001, 0x0) mmap$auto(0x9, 0x8001, 0x8, 0x81a, r0, 0xffffffffffffffff) fanotify_init$auto(0x200, 0x1) remap_file_pages$auto(0x8, 0x7, 0x77, 0x8000, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x21}, 0x1, 0x0, 0x0, 0x28044810}, 0x800) r2 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r1], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) 14.190427847s ago: executing program 3 (id=1827): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) socket(0x11, 0x80003, 0x300) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0xfffffffd, 0x6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, 0x0, 0x2) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) socket(0xa, 0x1, 0x84) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3f) 14.189695649s ago: executing program 2 (id=1836): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram11\x00', 0x20000, 0x0) mseal$auto(0x1ffff000, 0xfffffffffffffff3, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) madvise$auto(0x108000, 0x2, 0xa) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400, 0x2) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fchdir$auto(r2) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x100842, 0x0) ioctl$auto_SNDCTL_TMR_CONTINUE(r3, 0x5404, 0x0) ioctl$auto_SNDCTL_TMR_TEMPO(r3, 0xc0045405, &(0x7f0000000140)) ioctl$auto_SNDCTL_TMR_START(r3, 0x5402, 0x0) rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='./cgroup\x00') fanotify_mark$auto(r0, 0x7c9, 0x9, r1, &(0x7f0000000080)='./file0\x00') r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/mptcp/pm_type\x00', 0xe0002, 0x0) sendfile$auto(0x1, r4, 0x0, 0xc01) 13.925620143s ago: executing program 2 (id=1828): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram9/queue/write_zeroes_max_bytes\x00', 0x20400, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_abort_count\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000000)=""/18, 0x12) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) pread64$auto(r2, &(0x7f0000000080)='&.-;-\x04{/@.\xe0!])[&\'+g\x00', 0xe7, 0x7) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x400, 0x7) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/255, 0xff) 13.763389191s ago: executing program 1 (id=1829): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x11, 0x80003, 0x300) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x26dc2, 0x84) io_uring_setup$auto(0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r3 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x401, r3, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) bpf$auto(0x4, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x200ffffffff, 0x9, 0x5, 0xf870e9f, 0x3ff, 0x8}, 0x9) 13.60604833s ago: executing program 1 (id=1830): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) write$auto_fops_init_pkru_pkeys(r1, &(0x7f0000000280)="e7c2da8ba23469d9b78d2e257333bedaec957355b8c2c4c78f4a98e7180a2dfeddb935038a6350c625940925fc61f1b8b51df8f60e61c078ff39654003ba048fb5ce9f0cc683aa815dd3ad98c47fb90efa4ba1a790507d91d2a8beb4ce1934ec6dc65f", 0x63) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) socket(0x1d, 0x3, 0x1) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x7f, 0xeb1, 0x401, 0x8000) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x5) futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x0, 0x0, 0x0, 0x440a48d3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 12.573027623s ago: executing program 2 (id=1831): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) munmap$auto(0x8000, 0xffffffff) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x19, 0x4, 0x4, 0x880b, 0x8, 0xd, 0x66b, 0x4, 0x7ff}, 0x6f4) 12.397758313s ago: executing program 1 (id=1832): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r0, 0x1002, 0x0, 0x0, 0x0, 0x2) socket(0x2b, 0x1, 0x1) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x1e, 0x1, 0x0) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x4) 12.396883928s ago: executing program 0 (id=1842): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bus/usb/023/001\x00', 0x201, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/ubifs/uevent\x00', 0x1, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000001040)='/dev/usbmon7\x00', 0x20e140, 0x0) openat$auto_dfs_dom_ops_debugfs(0xffffffffffffff9c, &(0x7f0000001400), 0x8000, 0x0) syz_clone(0x80f400, 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x20440, 0x0) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x280, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x541c, r1) 12.394548584s ago: executing program 3 (id=1843): quotactl$auto(0x2, &(0x7f0000000040)='/dev/sda1\x00', 0x62a0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x2000a, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20044850}, 0x8040) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x478c41, 0x0) connect$auto(0xffffffffffffffff, 0x0, 0x55) ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, 0x0) 11.991648402s ago: executing program 1 (id=1833): socket(0x1d, 0x2, 0x6) socket(0x2, 0x1, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) socket(0x11, 0x2, 0x73) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) 11.679859723s ago: executing program 0 (id=1835): mmap$auto(0x0, 0x9, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/nr14/statistics/tx_heartbeat_errors\x00', 0xa140, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000b80)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x2, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x10, 0x2, 0x4) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x8f3b7a51b80ebd01, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyt2\x00', 0x101e81, 0x0) setreuid$auto(0x4, 0x8) socketpair$auto(0x5b, 0x2, 0x420100, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 11.479778741s ago: executing program 0 (id=1837): syz_clone3(0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xebf, 0xffffffffffffffff, 0x8000) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x24, 0x1, 0xffffffffffffffff, 0x0, 0x5}, 0x4f4) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) ioctl$auto_VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x6}) socket(0xf, 0x3, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x20c01, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) mmap$auto(0x4, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x2000000000000d3d, 0x1, 0x3, 0x3, 0x95f4da0c, 0xfffffdffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x8000000000000000, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x12, 0x0, 0x0, &(0x7f00000002c0)={[0x400800001ff, 0x7, 0xf, 0x1, 0x47, 0x7, 0x80015f4da0a, 0x1000069a, 0x0, 0x3, 0x208000001f, 0xf6, 0x6d3c, 0x9, 0xffffffffffffffff, 0x9]}, 0x0) 11.479093734s ago: executing program 1 (id=1847): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) write$auto(0x3, 0x0, 0x100082) read$auto_proc_single_file_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/41, 0x11) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/icmp/ratemask\x00', 0xa0202, 0x0) sendfile$auto(r0, r0, 0x0, 0x2) bind$auto(0xffffffffffffffff, &(0x7f0000000100)=@nl=@unspec, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0) close_range$auto(0x2, 0x8, 0x0) pwrite64$auto(0xc8, &(0x7f0000000240)='\vX\xb5n\x91p\xe6\x1eRN8\x99\b\x06e\x1cJ\x99\x00\x03\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\xf2\xff\x9e\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcd^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00F\xd7\x02\xd2\xe7?\xaaw\x89\xea\xb1\x1d\xea\xa8\xb1\xaf\xdc\xdeS\xe4\x88\x16\x8eu8\x7f\xa7\xe5\xbb\xf8\v \x90E\xd8\nw,S\xf5\x00\xd8\xda\x16\xb6C\xe6\xc0j\xae\x19\x1eU\f\x18\x14 \x05\xd9:\'\xf5\r\xd8C\xc7,\xe1\xa9wzVf\xa4\xfc\xff\xb87\xa5.\x14\x81mgI\xb2\xbc\x91o\x1c\xfd/\x88\xa0\x02n\x98C\xd3\xfcY\xf4\x98\xb3-\xec\x87\x1f\xe5\xdcn[\x19\xac\'\xc86s{ \x0f', 0xfdf2, 0x3a) bpf$auto(0xfff, &(0x7f0000000040)=@bpf_attr_4={0x1, r1, 0x5, r1}, 0x800) 11.317742334s ago: executing program 3 (id=1838): openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x4081, 0x0) socket(0x11, 0x3, 0x9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x9, 0x6, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r1, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r1, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xfe) 9.864276921s ago: executing program 2 (id=1839): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) mmap$auto(0x2, 0x400007, 0xe895, 0x16, r0, 0x401) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) socket(0xa, 0x1, 0x100) eventfd2$auto(0x6af3, 0x800) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1f9, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x4, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) write$auto(0x3, 0x0, 0x7fffffff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 100.029872ms ago: executing program 0 (id=1840): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) semctl$auto_GETPID(0xb3fb, 0x1, 0xb, 0x400) msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4) msgctl$auto(0x0, 0x1, 0x0) 63.789645ms ago: executing program 2 (id=1841): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/nbd10/range\x00', 0x70004, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x64e000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/amidi2\x00', 0x8080, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/tty/tty2/power/runtime_active_time\x00', 0xf5292a190ad5cf67, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) unshare$auto(0x40000080) mmap$auto(0x0, 0x6, 0x4000000000df, 0xeb1, 0x401, 0x20000008000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x4, 0xffffffffffff0005, 0x1b) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000200)='/proc/uptime\x00', 0x2800, 0x0) sendfile$auto(0x2, 0x3, 0x0, 0xc3e0) 63.54484ms ago: executing program 3 (id=1844): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000000028000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) open_tree$auto(r1, 0x0, 0xa0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r2, 0x0, 0x20) socket$nl_generic(0x10, 0x3, 0x10) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x101, 0x0) ioctl$auto_SNAPSHOT_GET_IMAGE_SIZE(r3, 0x8008330e, 0x0) accept$auto(r2, 0x0, 0x0) write$auto(0xca, 0x0, 0x10) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event1\x00', 0x8000, 0x0) ioctl$auto_EVIOCSMASK(r4, 0x40104593, 0x0) socket(0x10, 0x3, 0x0) symlink$auto(&(0x7f0000000140)='./file0/file0\x00', 0x0) 0s ago: executing program 1 (id=1845): unshare$auto(0x40000080) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) write$auto(r0, 0x0, 0xfff) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) listmount$auto(0x0, &(0x7f00000001c0)=0x4, 0x4, 0x101) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/nvme-reset-wq/cpumask\x00', 0x9c2342, 0x0) sendfile$auto(r2, r2, 0x0, 0x4000000a1f) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x1842, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d39, 0x5, 0x6, 0x1]}, 0x0) kernel console output (not intermixed with test programs): le Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 337.783853][ T9643] Call Trace: [ 337.783862][ T9643] [ 337.783872][ T9643] dump_stack_lvl+0x16c/0x1f0 [ 337.783913][ T9643] should_fail_ex+0x512/0x640 [ 337.783947][ T9643] ? __kmalloc_noprof+0xbf/0x510 [ 337.783980][ T9643] ? lsm_blob_alloc+0x68/0x90 [ 337.784002][ T9643] should_failslab+0xc2/0x120 [ 337.784035][ T9643] __kmalloc_noprof+0xd2/0x510 [ 337.784064][ T9643] ? down_write_nested+0x151/0x210 [ 337.784106][ T9643] lsm_blob_alloc+0x68/0x90 [ 337.784130][ T9643] security_sb_alloc+0x28/0x230 [ 337.784158][ T9643] alloc_super+0x23d/0xbd0 [ 337.784185][ T9643] ? sget_fc+0xd3/0xc20 [ 337.784218][ T9643] sget_fc+0x116/0xc20 [ 337.784247][ T9643] ? __pfx_set_anon_super_fc+0x10/0x10 [ 337.784275][ T9643] ? __pfx_mqueue_fill_super+0x10/0x10 [ 337.784299][ T9643] get_tree_nodev+0x28/0x190 [ 337.784329][ T9643] mqueue_get_tree+0xf1/0x130 [ 337.784352][ T9643] vfs_get_tree+0x8b/0x340 [ 337.784376][ T9643] fc_mount_longterm+0x18/0x160 [ 337.784414][ T9643] mq_init_ns+0x426/0x620 [ 337.784446][ T9643] copy_ipcs+0x383/0x610 [ 337.784471][ T9643] ? copy_utsname+0xab/0x470 [ 337.784507][ T9643] create_new_namespaces+0x20a/0xa90 [ 337.784535][ T9643] ? security_capable+0x7e/0x260 [ 337.784572][ T9643] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 337.784605][ T9643] ksys_unshare+0x45b/0xa40 [ 337.784644][ T9643] ? __pfx_ksys_unshare+0x10/0x10 [ 337.784680][ T9643] ? xfd_validate_state+0x61/0x180 [ 337.784727][ T9643] __x64_sys_unshare+0x31/0x40 [ 337.784761][ T9643] do_syscall_64+0xcd/0x490 [ 337.784798][ T9643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.784824][ T9643] RIP: 0033:0x7f8a2018ebe9 [ 337.784844][ T9643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 337.784870][ T9643] RSP: 002b:00007f8a1e3ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 337.784895][ T9643] RAX: ffffffffffffffda RBX: 00007f8a203c5fa0 RCX: 00007f8a2018ebe9 [ 337.784913][ T9643] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 337.784929][ T9643] RBP: 00007f8a20211e19 R08: 0000000000000000 R09: 0000000000000000 [ 337.784945][ T9643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 337.784961][ T9643] R13: 00007f8a203c6038 R14: 00007f8a203c5fa0 R15: 00007fffb8b9e958 [ 337.784995][ T9643] [ 342.868882][ T9735] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 343.037183][ T9724] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 343.043437][ T9724] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 343.051079][ T9724] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 343.057211][ T9724] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 343.576875][ T9744] ima: policy update failed [ 343.627320][ T30] audit: type=1802 audit(4294967478.627:7): pid=9744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1031" res=0 errno=0 [ 344.578893][ T5864] Bluetooth: hci0: command 0x0c1a tx timeout [ 345.058636][ T5864] Bluetooth: hci3: command 0x0c1a tx timeout [ 345.058654][ T5874] Bluetooth: hci2: command 0x0c1a tx timeout [ 345.058694][ T5874] Bluetooth: hci1: command 0x0c1a tx timeout [ 345.459971][ T30] audit: type=1804 audit(4294967480.467:8): pid=9774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1039" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 346.158561][ T9793] FAULT_INJECTION: forcing a failure. [ 346.158561][ T9793] name fail_futex, interval 1, probability 0, space 0, times 0 [ 346.191860][ T9793] CPU: 0 UID: 1 PID: 9793 Comm: syz.3.1042 Not tainted syzkaller #0 PREEMPT(full) [ 346.191895][ T9793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 346.191909][ T9793] Call Trace: [ 346.191918][ T9793] [ 346.191927][ T9793] dump_stack_lvl+0x16c/0x1f0 [ 346.191964][ T9793] should_fail_ex+0x512/0x640 [ 346.192003][ T9793] get_futex_key+0x293/0x1560 [ 346.192037][ T9793] ? __pfx_get_futex_key+0x10/0x10 [ 346.192066][ T9793] ? __mutex_trylock_common+0xe9/0x250 [ 346.192108][ T9793] futex_wake+0xea/0x530 [ 346.192142][ T9793] ? __pfx_futex_wake+0x10/0x10 [ 346.192193][ T9793] do_futex+0x1e3/0x350 [ 346.192224][ T9793] ? __pfx_do_futex+0x10/0x10 [ 346.192251][ T9793] ? __might_fault+0xe3/0x190 [ 346.192288][ T9793] mm_release+0x24e/0x300 [ 346.192318][ T9793] do_exit+0x68e/0x2bf0 [ 346.192348][ T9793] ? irqentry_exit+0x3b/0x90 [ 346.192385][ T9793] ? __pfx_do_exit+0x10/0x10 [ 346.192422][ T9793] ? do_raw_spin_lock+0x12c/0x2b0 [ 346.192457][ T9793] ? find_held_lock+0x2b/0x80 [ 346.192484][ T9793] do_group_exit+0xd3/0x2a0 [ 346.192518][ T9793] get_signal+0x2673/0x26d0 [ 346.192555][ T9793] ? __pfx_sock_write_iter+0x10/0x10 [ 346.192582][ T9793] ? __pfx_get_signal+0x10/0x10 [ 346.192608][ T9793] ? do_futex+0x122/0x350 [ 346.192639][ T9793] ? __pfx_do_futex+0x10/0x10 [ 346.192678][ T9793] arch_do_signal_or_restart+0x8f/0x790 [ 346.192713][ T9793] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 346.192752][ T9793] ? ksys_write+0x1ac/0x250 [ 346.192780][ T9793] ? __pfx_ksys_write+0x10/0x10 [ 346.192815][ T9793] exit_to_user_mode_loop+0x84/0x110 [ 346.192852][ T9793] do_syscall_64+0x3f6/0x490 [ 346.192892][ T9793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.192917][ T9793] RIP: 0033:0x7fad2cb8ebe9 [ 346.192937][ T9793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.192960][ T9793] RSP: 002b:00007fad2d9950e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 346.192983][ T9793] RAX: fffffffffffffe00 RBX: 00007fad2cdc6098 RCX: 00007fad2cb8ebe9 [ 346.193000][ T9793] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fad2cdc6098 [ 346.193015][ T9793] RBP: 00007fad2cdc6090 R08: 0000000000000000 R09: 0000000000000000 [ 346.193030][ T9793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 346.193044][ T9793] R13: 00007fad2cdc6128 R14: 00007ffcae774e80 R15: 00007ffcae774f68 [ 346.193078][ T9793] [ 346.646225][ T9796] FAULT_INJECTION: forcing a failure. [ 346.646225][ T9796] name failslab, interval 1, probability 0, space 0, times 0 [ 346.735156][ T9796] CPU: 1 UID: 0 PID: 9796 Comm: syz.0.1044 Not tainted syzkaller #0 PREEMPT(full) [ 346.735193][ T9796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 346.735210][ T9796] Call Trace: [ 346.735219][ T9796] [ 346.735229][ T9796] dump_stack_lvl+0x16c/0x1f0 [ 346.735271][ T9796] should_fail_ex+0x512/0x640 [ 346.735306][ T9796] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 346.735338][ T9796] should_failslab+0xc2/0x120 [ 346.735372][ T9796] __kmalloc_cache_noprof+0x6a/0x3e0 [ 346.735401][ T9796] ? kvm_uevent_notify_change.part.0+0x93/0x450 [ 346.735439][ T9796] kvm_uevent_notify_change.part.0+0x93/0x450 [ 346.735472][ T9796] ? __pfx_kvm_vm_release+0x10/0x10 [ 346.735497][ T9796] kvm_put_kvm+0xe4/0xb40 [ 346.735520][ T9796] ? lockdep_hardirqs_on+0x7c/0x110 [ 346.735559][ T9796] ? __pfx_kvm_vm_release+0x10/0x10 [ 346.735583][ T9796] kvm_vm_release+0x3c/0x50 [ 346.735608][ T9796] __fput+0x402/0xb70 [ 346.735648][ T9796] task_work_run+0x14d/0x240 [ 346.735680][ T9796] ? __pfx_task_work_run+0x10/0x10 [ 346.735719][ T9796] ? __pfx___do_sys_close_range+0x10/0x10 [ 346.735758][ T9796] exit_to_user_mode_loop+0xeb/0x110 [ 346.735797][ T9796] do_syscall_64+0x3f6/0x490 [ 346.735835][ T9796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.735861][ T9796] RIP: 0033:0x7f2e1678ebe9 [ 346.735882][ T9796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.735919][ T9796] RSP: 002b:00007f2e17640038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 346.735945][ T9796] RAX: 0000000000000000 RBX: 00007f2e169c5fa0 RCX: 00007f2e1678ebe9 [ 346.735963][ T9796] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 346.735979][ T9796] RBP: 00007f2e16811e19 R08: 0000000000000000 R09: 0000000000000000 [ 346.735996][ T9796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 346.736012][ T9796] R13: 00007f2e169c6038 R14: 00007f2e169c5fa0 R15: 00007ffe4335bb28 [ 346.736048][ T9796] [ 346.952330][ T5874] Bluetooth: hci3: unexpected subevent 0x0c length: 0 < 5 [ 347.007136][ T9799] FAULT_INJECTION: forcing a failure. [ 347.007136][ T9799] name failslab, interval 1, probability 0, space 0, times 0 [ 347.067202][ T9799] CPU: 0 UID: 0 PID: 9799 Comm: syz.3.1043 Not tainted syzkaller #0 PREEMPT(full) [ 347.067241][ T9799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 347.067258][ T9799] Call Trace: [ 347.067268][ T9799] [ 347.067279][ T9799] dump_stack_lvl+0x16c/0x1f0 [ 347.067319][ T9799] should_fail_ex+0x512/0x640 [ 347.067357][ T9799] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 347.067394][ T9799] should_failslab+0xc2/0x120 [ 347.067428][ T9799] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 347.067460][ T9799] ? __alloc_skb+0x2b2/0x380 [ 347.067498][ T9799] __alloc_skb+0x2b2/0x380 [ 347.067530][ T9799] ? __pfx___alloc_skb+0x10/0x10 [ 347.067564][ T9799] ? tcp_chrono_stop+0x95/0x420 [ 347.067601][ T9799] tcp_stream_alloc_skb+0x34/0x570 [ 347.067640][ T9799] tcp_connect+0xe21/0x4e10 [ 347.067690][ T9799] ? __pfx_tcp_connect+0x10/0x10 [ 347.067719][ T9799] ? __pfx_tcp_fastopen_defer_connect+0x10/0x10 [ 347.067771][ T9799] ? inet6_hash_connect+0xe2/0x180 [ 347.067813][ T9799] tcp_v6_connect+0x157c/0x2170 [ 347.067842][ T9799] ? aa_label_sk_perm+0x195/0x600 [ 347.067881][ T9799] ? __pfx_tcp_v6_connect+0x10/0x10 [ 347.067908][ T9799] ? find_held_lock+0x2b/0x80 [ 347.067954][ T9799] ? __lock_acquire+0xb97/0x1ce0 [ 347.067993][ T9799] ? __inet_stream_connect+0x917/0xf60 [ 347.068018][ T9799] __inet_stream_connect+0x917/0xf60 [ 347.068054][ T9799] ? __pfx___inet_stream_connect+0x10/0x10 [ 347.068082][ T9799] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.068124][ T9799] ? __pfx_inet_stream_connect+0x10/0x10 [ 347.068153][ T9799] ? __local_bh_enable_ip+0xa4/0x120 [ 347.068186][ T9799] ? __pfx_inet_stream_connect+0x10/0x10 [ 347.068212][ T9799] inet_stream_connect+0x57/0xa0 [ 347.068242][ T9799] __sys_connect_file+0x141/0x1a0 [ 347.068276][ T9799] __sys_connect+0x13b/0x160 [ 347.068305][ T9799] ? __pfx___sys_connect+0x10/0x10 [ 347.068348][ T9799] ? xfd_validate_state+0x61/0x180 [ 347.068388][ T9799] ? __sys_setsockopt+0x140/0x1a0 [ 347.068429][ T9799] __x64_sys_connect+0x72/0xb0 [ 347.068454][ T9799] ? lockdep_hardirqs_on+0x7c/0x110 [ 347.068481][ T9799] do_syscall_64+0xcd/0x490 [ 347.068512][ T9799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.068535][ T9799] RIP: 0033:0x7fad2cb8ebe9 [ 347.068556][ T9799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.068582][ T9799] RSP: 002b:00007fad2d9b6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 347.068608][ T9799] RAX: ffffffffffffffda RBX: 00007fad2cdc5fa0 RCX: 00007fad2cb8ebe9 [ 347.068634][ T9799] RDX: 000000000000001b RSI: 00002000000018c0 RDI: 0000000000000003 [ 347.068651][ T9799] RBP: 00007fad2cc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 347.068667][ T9799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 347.068682][ T9799] R13: 00007fad2cdc6038 R14: 00007fad2cdc5fa0 R15: 00007ffcae774f68 [ 347.068716][ T9799] [ 347.911710][ T9806] FAULT_INJECTION: forcing a failure. [ 347.911710][ T9806] name failslab, interval 1, probability 0, space 0, times 0 [ 347.964382][ T9806] CPU: 1 UID: 0 PID: 9806 Comm: syz.3.1056 Not tainted syzkaller #0 PREEMPT(full) [ 347.964418][ T9806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 347.964434][ T9806] Call Trace: [ 347.964443][ T9806] [ 347.964453][ T9806] dump_stack_lvl+0x16c/0x1f0 [ 347.964496][ T9806] should_fail_ex+0x512/0x640 [ 347.964531][ T9806] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 347.964612][ T9806] should_failslab+0xc2/0x120 [ 347.964648][ T9806] __kmalloc_cache_noprof+0x6a/0x3e0 [ 347.964676][ T9806] ? kvm_ioapic_init+0x4f/0x590 [ 347.964712][ T9806] kvm_ioapic_init+0x4f/0x590 [ 347.964746][ T9806] kvm_arch_vm_ioctl+0x8c6/0x1860 [ 347.964778][ T9806] ? register_lock_class+0x41/0x4c0 [ 347.964810][ T9806] ? find_held_lock+0x2b/0x80 [ 347.964835][ T9806] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 347.964873][ T9806] ? __lock_acquire+0x62e/0x1ce0 [ 347.964914][ T9806] ? __lock_acquire+0x62e/0x1ce0 [ 347.964955][ T9806] ? __lock_acquire+0x62e/0x1ce0 [ 347.964995][ T9806] ? __lock_acquire+0x62e/0x1ce0 [ 347.965052][ T9806] ? is_bpf_text_address+0x8a/0x1a0 [ 347.965083][ T9806] ? bpf_ksym_find+0x124/0x1c0 [ 347.965109][ T9806] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 347.965140][ T9806] ? is_bpf_text_address+0x94/0x1a0 [ 347.965171][ T9806] ? kernel_text_address+0x8d/0x100 [ 347.965197][ T9806] ? __kernel_text_address+0xd/0x40 [ 347.965220][ T9806] ? unwind_get_return_address+0x59/0xa0 [ 347.965248][ T9806] ? arch_stack_walk+0xa6/0x100 [ 347.965289][ T9806] ? stack_trace_save+0x8e/0xc0 [ 347.965317][ T9806] ? __pfx_stack_trace_save+0x10/0x10 [ 347.965347][ T9806] ? stack_depot_save_flags+0x29/0x9c0 [ 347.965382][ T9806] ? __lock_acquire+0xb97/0x1ce0 [ 347.965423][ T9806] ? kasan_save_stack+0x42/0x60 [ 347.965451][ T9806] ? kasan_save_stack+0x33/0x60 [ 347.965478][ T9806] ? kasan_save_track+0x14/0x30 [ 347.965505][ T9806] ? kasan_save_free_info+0x3b/0x60 [ 347.965542][ T9806] ? __kasan_slab_free+0x60/0x70 [ 347.965578][ T9806] ? kfree+0x2b4/0x4d0 [ 347.965606][ T9806] kvm_vm_ioctl+0x1a91/0x4000 [ 347.965647][ T9806] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 347.965697][ T9806] ? kasan_quarantine_put+0x10a/0x240 [ 347.965725][ T9806] ? lockdep_hardirqs_on+0x7c/0x110 [ 347.965770][ T9806] ? find_held_lock+0x2b/0x80 [ 347.965797][ T9806] ? tomoyo_path_number_perm+0x295/0x580 [ 347.965836][ T9806] ? tomoyo_path_number_perm+0x18d/0x580 [ 347.965870][ T9806] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 347.965916][ T9806] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.965956][ T9806] ? do_vfs_ioctl+0x128/0x14f0 [ 347.965996][ T9806] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 347.966046][ T9806] ? find_held_lock+0x2b/0x80 [ 347.966070][ T9806] ? hook_file_ioctl_common+0x145/0x410 [ 347.966111][ T9806] ? __fget_files+0x20e/0x3c0 [ 347.966145][ T9806] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 347.966172][ T9806] __x64_sys_ioctl+0x18e/0x210 [ 347.966214][ T9806] do_syscall_64+0xcd/0x490 [ 347.966252][ T9806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.966278][ T9806] RIP: 0033:0x7fad2cb8ebe9 [ 347.966299][ T9806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.966325][ T9806] RSP: 002b:00007fad2d9b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 347.966351][ T9806] RAX: ffffffffffffffda RBX: 00007fad2cdc5fa0 RCX: 00007fad2cb8ebe9 [ 347.966369][ T9806] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 347.966387][ T9806] RBP: 00007fad2cc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 347.966402][ T9806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 347.966418][ T9806] R13: 00007fad2cdc6038 R14: 00007fad2cdc5fa0 R15: 00007ffcae774f68 [ 347.966454][ T9806] [ 349.812932][ T9837] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1055'. [ 350.091391][ T9839] ima: policy update failed [ 350.099490][ T30] audit: type=1802 audit(4294967485.107:9): pid=9839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1057" res=0 errno=0 [ 353.719260][ T9886] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1068'. [ 353.746004][ T9886] hsr_slave_0: left promiscuous mode [ 353.758250][ T9886] hsr_slave_1: left promiscuous mode [ 353.989742][ T9889] ima: policy update failed [ 353.994849][ T30] audit: type=1802 audit(4294967488.997:10): pid=9889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1067" res=0 errno=0 [ 354.063430][ T9900] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input15 [ 354.476731][ T9913] sp0: Synchronizing with TNC [ 354.538621][ T9911] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1072'. [ 355.130412][ T9920] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 355.137774][ T9920] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 356.278481][ T9932] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 356.362822][ T9942] zswap: compressor not available [ 358.222622][ T9971] rnbd_client L213: map_device: Parameters missing [ 359.559861][ T9997] FAULT_INJECTION: forcing a failure. [ 359.559861][ T9997] name failslab, interval 1, probability 0, space 0, times 0 [ 359.627985][ T9997] CPU: 1 UID: 0 PID: 9997 Comm: syz.0.1096 Not tainted syzkaller #0 PREEMPT(full) [ 359.628031][ T9997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 359.628046][ T9997] Call Trace: [ 359.628055][ T9997] [ 359.628065][ T9997] dump_stack_lvl+0x16c/0x1f0 [ 359.628106][ T9997] should_fail_ex+0x512/0x640 [ 359.628140][ T9997] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 359.628174][ T9997] should_failslab+0xc2/0x120 [ 359.628207][ T9997] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 359.628238][ T9997] ? __local_bh_enable_ip+0xa4/0x120 [ 359.628267][ T9997] ? alloc_pid+0xc7/0xbc0 [ 359.628305][ T9997] alloc_pid+0xc7/0xbc0 [ 359.628348][ T9997] copy_process+0x466f/0x7690 [ 359.628395][ T9997] ? __pfx_copy_process+0x10/0x10 [ 359.628427][ T9997] ? futex_private_hash_put+0x176/0x300 [ 359.628459][ T9997] ? futex_private_hash_put+0x18a/0x300 [ 359.628495][ T9997] kernel_clone+0xfc/0x930 [ 359.628525][ T9997] ? __pfx_futex_wake+0x10/0x10 [ 359.628558][ T9997] ? __pfx_kernel_clone+0x10/0x10 [ 359.628608][ T9997] ? 0xffffffff81000000 [ 359.628626][ T9997] __do_sys_clone+0xce/0x120 [ 359.628657][ T9997] ? __pfx___do_sys_clone+0x10/0x10 [ 359.628692][ T9997] ? 0xffffffff81000000 [ 359.628724][ T9997] ? syscall_user_dispatch+0x78/0x140 [ 359.628772][ T9997] do_syscall_64+0xcd/0x490 [ 359.628809][ T9997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.628835][ T9997] RIP: 0033:0x7f2e1678ebe9 [ 359.628855][ T9997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.628880][ T9997] RSP: 002b:00007f2e1761f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 359.628904][ T9997] RAX: ffffffffffffffda RBX: 00007f2e169c6090 RCX: 00007f2e1678ebe9 [ 359.628921][ T9997] RDX: 9999999999999999 RSI: 0000000000000004 RDI: 0000000000000000 [ 359.628936][ T9997] RBP: 00007f2e16811e19 R08: 0000000000000009 R09: 0000000000000000 [ 359.628952][ T9997] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000 [ 359.628967][ T9997] R13: 00007f2e169c6128 R14: 00007f2e169c6090 R15: 00007ffe4335bb28 [ 359.628998][ T9997] ? 0xffffffff81000000 [ 359.629025][ T9997] [ 362.487571][T10032] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 362.495101][T10032] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 362.794849][T10036] FAULT_INJECTION: forcing a failure. [ 362.794849][T10036] name failslab, interval 1, probability 0, space 0, times 0 [ 362.821972][T10036] CPU: 1 UID: 0 PID: 10036 Comm: syz.1.1103 Not tainted syzkaller #0 PREEMPT(full) [ 362.822005][T10036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 362.822019][T10036] Call Trace: [ 362.822029][T10036] [ 362.822039][T10036] dump_stack_lvl+0x16c/0x1f0 [ 362.822079][T10036] should_fail_ex+0x512/0x640 [ 362.822110][T10036] ? fs_reclaim_acquire+0xae/0x150 [ 362.822149][T10036] ? tomoyo_encode2+0x100/0x3e0 [ 362.822179][T10036] should_failslab+0xc2/0x120 [ 362.822210][T10036] __kmalloc_noprof+0xd2/0x510 [ 362.822236][T10036] ? d_absolute_path+0x136/0x1a0 [ 362.822276][T10036] tomoyo_encode2+0x100/0x3e0 [ 362.822314][T10036] tomoyo_encode+0x29/0x50 [ 362.822346][T10036] tomoyo_realpath_from_path+0x18f/0x6e0 [ 362.822391][T10036] tomoyo_check_open_permission+0x2ab/0x3c0 [ 362.822423][T10036] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 362.822490][T10036] ? find_held_lock+0x2b/0x80 [ 362.822524][T10036] tomoyo_file_open+0x6b/0x90 [ 362.822549][T10036] security_file_open+0x84/0x1e0 [ 362.822583][T10036] do_dentry_open+0x596/0x1530 [ 362.822624][T10036] vfs_open+0x82/0x3f0 [ 362.822662][T10036] path_openat+0x1de4/0x2cb0 [ 362.822703][T10036] ? __pfx_path_openat+0x10/0x10 [ 362.822740][T10036] do_filp_open+0x20b/0x470 [ 362.822779][T10036] ? __pfx_do_filp_open+0x10/0x10 [ 362.822835][T10036] ? alloc_fd+0x471/0x7d0 [ 362.822872][T10036] do_sys_openat2+0x11b/0x1d0 [ 362.822910][T10036] ? __pfx_do_sys_openat2+0x10/0x10 [ 362.822960][T10036] __x64_sys_openat+0x174/0x210 [ 362.822996][T10036] ? __pfx___x64_sys_openat+0x10/0x10 [ 362.823035][T10036] ? syscall_user_dispatch+0x78/0x140 [ 362.823082][T10036] do_syscall_64+0xcd/0x490 [ 362.823118][T10036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.823144][T10036] RIP: 0033:0x7f8a2018ebe9 [ 362.823164][T10036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.823189][T10036] RSP: 002b:00007f8a1e3cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 362.823214][T10036] RAX: ffffffffffffffda RBX: 00007f8a203c6090 RCX: 00007f8a2018ebe9 [ 362.823231][T10036] RDX: 00000000000c2481 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 362.823248][T10036] RBP: 00007f8a20211e19 R08: 0000000000000000 R09: 0000000000000000 [ 362.823263][T10036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 362.823278][T10036] R13: 00007f8a203c6128 R14: 00007f8a203c6090 R15: 00007fffb8b9e958 [ 362.823312][T10036] [ 362.823356][T10036] ERROR: Out of memory at tomoyo_realpath_from_path. [ 362.876566][T10043] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 364.604486][T10055] zswap: compressor not available [ 364.660218][T10063] sp0: Synchronizing with TNC [ 367.724213][ T5874] Bluetooth: hci0: unexpected subevent 0x0c length: 0 < 5 [ 369.495559][T10119] zswap: compressor not available [ 375.039708][T10213] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input19 [ 377.851604][T10256] binder: 10251:10256 ioctl c00c620f 200000000180 returned -22 syzkaller syzkaller login: [ 378.665733][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.672117][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.102903][ T30] audit: type=1804 audit(4294967514.087:11): pid=10269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1150" name="/newroot/280/file0" dev="tmpfs" ino=1499 res=1 errno=0 [ 379.290664][ T30] audit: type=1804 audit(4294967514.297:12): pid=10264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1150" name="/newroot/280/file0" dev="tmpfs" ino=1499 res=1 errno=0 [ 380.645931][T10293] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1158'. syzkaller syzkaller login: [ 385.098916][T10365] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1172'. [ 388.381431][T10412] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1182'. [ 389.336181][T10423] FAULT_INJECTION: forcing a failure. [ 389.336181][T10423] name failslab, interval 1, probability 0, space 0, times 0 [ 389.368294][T10423] CPU: 0 UID: 0 PID: 10423 Comm: syz.0.1186 Not tainted syzkaller #0 PREEMPT(full) [ 389.368317][T10423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 389.368327][T10423] Call Trace: [ 389.368333][T10423] [ 389.368339][T10423] dump_stack_lvl+0x16c/0x1f0 [ 389.368373][T10423] should_fail_ex+0x512/0x640 [ 389.368405][T10423] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 389.368435][T10423] should_failslab+0xc2/0x120 [ 389.368457][T10423] __kmalloc_cache_noprof+0x6a/0x3e0 [ 389.368471][T10423] ? lockdep_init_map_type+0x5c/0x280 [ 389.368491][T10423] ? nci_hci_allocate+0x45/0x330 [ 389.368513][T10423] nci_hci_allocate+0x45/0x330 [ 389.368532][T10423] nci_allocate_device+0x26f/0x430 [ 389.368550][T10423] virtual_ncidev_open+0x6f/0x220 [ 389.368567][T10423] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 389.368582][T10423] misc_open+0x35d/0x420 [ 389.368598][T10423] ? __pfx_misc_open+0x10/0x10 [ 389.368612][T10423] chrdev_open+0x234/0x6a0 [ 389.368637][T10423] ? __pfx_apparmor_file_open+0x10/0x10 [ 389.368654][T10423] ? __pfx_chrdev_open+0x10/0x10 [ 389.368674][T10423] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 389.368695][T10423] do_dentry_open+0x982/0x1530 [ 389.368714][T10423] ? __pfx_chrdev_open+0x10/0x10 [ 389.368736][T10423] vfs_open+0x82/0x3f0 [ 389.368760][T10423] path_openat+0x1de4/0x2cb0 [ 389.368783][T10423] ? __pfx_path_openat+0x10/0x10 [ 389.368805][T10423] do_filp_open+0x20b/0x470 [ 389.368822][T10423] ? __pfx_do_filp_open+0x10/0x10 [ 389.368852][T10423] ? alloc_fd+0x471/0x7d0 [ 389.368872][T10423] do_sys_openat2+0x11b/0x1d0 [ 389.368893][T10423] ? __pfx_do_sys_openat2+0x10/0x10 [ 389.368921][T10423] __x64_sys_openat+0x174/0x210 [ 389.368943][T10423] ? __pfx___x64_sys_openat+0x10/0x10 [ 389.368972][T10423] do_syscall_64+0xcd/0x490 [ 389.368992][T10423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.369007][T10423] RIP: 0033:0x7f2e1678ebe9 [ 389.369020][T10423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 389.369034][T10423] RSP: 002b:00007f2e17640038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 389.369048][T10423] RAX: ffffffffffffffda RBX: 00007f2e169c5fa0 RCX: 00007f2e1678ebe9 [ 389.369058][T10423] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 389.369067][T10423] RBP: 00007f2e16811e19 R08: 0000000000000000 R09: 0000000000000000 [ 389.369076][T10423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 389.369085][T10423] R13: 00007f2e169c6038 R14: 00007f2e169c5fa0 R15: 00007ffe4335bb28 [ 389.369104][T10423] [ 389.955481][T10439] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1193'. [ 393.332416][T10484] FAULT_INJECTION: forcing a failure. [ 393.332416][T10484] name failslab, interval 1, probability 0, space 0, times 0 [ 393.368545][T10484] CPU: 1 UID: 0 PID: 10484 Comm: syz.0.1211 Not tainted syzkaller #0 PREEMPT(full) [ 393.368580][T10484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 393.368596][T10484] Call Trace: [ 393.368605][T10484] [ 393.368614][T10484] dump_stack_lvl+0x16c/0x1f0 [ 393.368656][T10484] should_fail_ex+0x512/0x640 [ 393.368690][T10484] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 393.368724][T10484] should_failslab+0xc2/0x120 [ 393.368757][T10484] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 393.368788][T10484] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 393.368823][T10484] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 393.368859][T10484] radix_tree_insert+0x247/0x630 [ 393.368896][T10484] qrtr_node_enqueue+0x1077/0x12e0 [ 393.368939][T10484] ? __asan_memcpy+0x3c/0x60 [ 393.368966][T10484] ? __pfx_qrtr_node_enqueue+0x10/0x10 [ 393.368998][T10484] ? skb_set_owner_w+0x31f/0x710 [ 393.369026][T10484] ? skb_copy_header+0x20/0x2b0 [ 393.369055][T10484] ? __pfx_skb_set_owner_w+0x10/0x10 [ 393.369080][T10484] ? __pskb_copy_fclone+0x48e/0xb50 [ 393.369116][T10484] ? __pfx__copy_from_iter+0x10/0x10 [ 393.369161][T10484] qrtr_bcast_enqueue+0xc7/0x1b0 [ 393.369207][T10484] qrtr_sendmsg+0x441/0x7b0 [ 393.369244][T10484] ? __pfx_qrtr_bcast_enqueue+0x10/0x10 [ 393.369290][T10484] ? __pfx_qrtr_sendmsg+0x10/0x10 [ 393.369334][T10484] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 393.369369][T10484] sock_write_iter+0x4fc/0x5b0 [ 393.369396][T10484] ? __pfx_sock_write_iter+0x10/0x10 [ 393.369436][T10484] ? __futex_wait+0x24c/0x2f0 [ 393.369474][T10484] ? copy_iovec_from_user+0x131/0x170 [ 393.369515][T10484] do_iter_readv_writev+0x65f/0x9e0 [ 393.369547][T10484] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 393.369581][T10484] ? bpf_lsm_file_permission+0x9/0x10 [ 393.369617][T10484] ? security_file_permission+0x71/0x210 [ 393.369653][T10484] ? rw_verify_area+0xcf/0x6c0 [ 393.369683][T10484] vfs_writev+0x35f/0xde0 [ 393.369715][T10484] ? __lock_acquire+0x62e/0x1ce0 [ 393.369750][T10484] ? __pfx_vfs_writev+0x10/0x10 [ 393.369806][T10484] ? __fget_files+0x20e/0x3c0 [ 393.369844][T10484] ? do_writev+0x28c/0x340 [ 393.369868][T10484] do_writev+0x28c/0x340 [ 393.369897][T10484] ? __pfx_do_writev+0x10/0x10 [ 393.369936][T10484] do_syscall_64+0xcd/0x490 [ 393.369973][T10484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.369999][T10484] RIP: 0033:0x7f2e1678ebe9 [ 393.370021][T10484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 393.370046][T10484] RSP: 002b:00007f2e17640038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 393.370071][T10484] RAX: ffffffffffffffda RBX: 00007f2e169c5fa0 RCX: 00007f2e1678ebe9 [ 393.370089][T10484] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 393.370105][T10484] RBP: 00007f2e16811e19 R08: 0000000000000000 R09: 0000000000000000 [ 393.370122][T10484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 393.370138][T10484] R13: 00007f2e169c6038 R14: 00007f2e169c5fa0 R15: 00007ffe4335bb28 [ 393.370175][T10484] [ 393.579207][T10493] binder: 10485:10493 ioctl c00c620f 200000000180 returned -22 [ 395.080011][ T30] audit: type=1804 audit(4294967530.087:13): pid=10512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1207" name="/newroot/294/file0" dev="tmpfs" ino=1564 res=1 errno=0 [ 395.158520][ T30] audit: type=1804 audit(4294967530.107:14): pid=10513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1207" name="/newroot/294/file0" dev="tmpfs" ino=1564 res=1 errno=0 [ 395.942045][T10524] FAULT_INJECTION: forcing a failure. [ 395.942045][T10524] name failslab, interval 1, probability 0, space 0, times 0 [ 395.956476][T10524] CPU: 1 UID: 0 PID: 10524 Comm: syz.2.1212 Not tainted syzkaller #0 PREEMPT(full) [ 395.956510][T10524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 395.956525][T10524] Call Trace: [ 395.956535][T10524] [ 395.956545][T10524] dump_stack_lvl+0x16c/0x1f0 [ 395.956584][T10524] should_fail_ex+0x512/0x640 [ 395.956619][T10524] ? fs_reclaim_acquire+0xae/0x150 [ 395.956658][T10524] ? tomoyo_encode2+0x100/0x3e0 [ 395.956689][T10524] should_failslab+0xc2/0x120 [ 395.956723][T10524] __kmalloc_noprof+0xd2/0x510 [ 395.956750][T10524] ? d_absolute_path+0x136/0x1a0 [ 395.956791][T10524] tomoyo_encode2+0x100/0x3e0 [ 395.956827][T10524] tomoyo_encode+0x29/0x50 [ 395.956858][T10524] tomoyo_realpath_from_path+0x18f/0x6e0 [ 395.956900][T10524] tomoyo_mkdev_perm+0x22b/0x570 [ 395.956927][T10524] ? tomoyo_mkdev_perm+0x217/0x570 [ 395.956957][T10524] ? __pfx_tomoyo_mkdev_perm+0x10/0x10 [ 395.956989][T10524] ? __lock_acquire+0xb97/0x1ce0 [ 395.957031][T10524] ? do_raw_spin_lock+0x12c/0x2b0 [ 395.957085][T10524] ? __pfx_current_check_access_path+0x10/0x10 [ 395.957123][T10524] ? simple_lookup+0x105/0x1d0 [ 395.957157][T10524] tomoyo_path_mknod+0x12a/0x190 [ 395.957182][T10524] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 395.957208][T10524] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 395.957248][T10524] security_path_mknod+0x161/0x310 [ 395.957280][T10524] do_mknodat+0x239/0x5d0 [ 395.957312][T10524] ? __pfx_do_mknodat+0x10/0x10 [ 395.957338][T10524] ? getname_flags.part.0+0x1c5/0x550 [ 395.957395][T10524] __x64_sys_mknod+0x87/0xb0 [ 395.957427][T10524] do_syscall_64+0xcd/0x490 [ 395.957463][T10524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.957490][T10524] RIP: 0033:0x7f9cd258ebe9 [ 395.957510][T10524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.957535][T10524] RSP: 002b:00007f9cd33ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 395.957554][T10524] RAX: ffffffffffffffda RBX: 00007f9cd27c5fa0 RCX: 00007f9cd258ebe9 [ 395.957569][T10524] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0 [ 395.957584][T10524] RBP: 00007f9cd2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 395.957596][T10524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 395.957610][T10524] R13: 00007f9cd27c6038 R14: 00007f9cd27c5fa0 R15: 00007fff9ee2f798 [ 395.957642][T10524] [ 395.997327][T10524] ERROR: Out of memory at tomoyo_realpath_from_path. [ 397.795138][T10553] FAULT_INJECTION: forcing a failure. [ 397.795138][T10553] name failslab, interval 1, probability 0, space 0, times 0 [ 397.958633][T10553] CPU: 1 UID: 0 PID: 10553 Comm: syz.0.1225 Not tainted syzkaller #0 PREEMPT(full) [ 397.958668][T10553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 397.958682][T10553] Call Trace: [ 397.958690][T10553] [ 397.958697][T10553] dump_stack_lvl+0x16c/0x1f0 [ 397.958735][T10553] should_fail_ex+0x512/0x640 [ 397.958771][T10553] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 397.958806][T10553] should_failslab+0xc2/0x120 [ 397.958837][T10553] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 397.958866][T10553] ? do_raw_spin_unlock+0x172/0x230 [ 397.958904][T10553] ? __d_alloc+0x32/0xae0 [ 397.958934][T10553] ? __pfx_mqueue_fill_super+0x10/0x10 [ 397.958971][T10553] ? __pfx_mqueue_fill_super+0x10/0x10 [ 397.958996][T10553] __d_alloc+0x32/0xae0 [ 397.959025][T10553] ? mqueue_get_inode+0x285/0xdd0 [ 397.959050][T10553] ? __pfx_mqueue_fill_super+0x10/0x10 [ 397.959075][T10553] d_make_root+0x3e/0x90 [ 397.959109][T10553] mqueue_fill_super+0x175/0x260 [ 397.959133][T10553] get_tree_nodev+0xdd/0x190 [ 397.959165][T10553] mqueue_get_tree+0xf1/0x130 [ 397.959189][T10553] vfs_get_tree+0x8b/0x340 [ 397.959211][T10553] fc_mount_longterm+0x18/0x160 [ 397.959255][T10553] mq_init_ns+0x426/0x620 [ 397.959288][T10553] copy_ipcs+0x383/0x610 [ 397.959313][T10553] ? copy_utsname+0xab/0x470 [ 397.959349][T10553] create_new_namespaces+0x20a/0xa90 [ 397.959383][T10553] ? security_capable+0x7e/0x260 [ 397.959414][T10553] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 397.959447][T10553] ksys_unshare+0x45b/0xa40 [ 397.959481][T10553] ? __pfx_ksys_unshare+0x10/0x10 [ 397.959516][T10553] ? xfd_validate_state+0x61/0x180 [ 397.959561][T10553] __x64_sys_unshare+0x31/0x40 [ 397.959593][T10553] do_syscall_64+0xcd/0x490 [ 397.959629][T10553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.959654][T10553] RIP: 0033:0x7f2e1678ebe9 [ 397.959675][T10553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 397.959699][T10553] RSP: 002b:00007f2e1761f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 397.959724][T10553] RAX: ffffffffffffffda RBX: 00007f2e169c6090 RCX: 00007f2e1678ebe9 [ 397.959741][T10553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 397.959757][T10553] RBP: 00007f2e16811e19 R08: 0000000000000000 R09: 0000000000000000 [ 397.959773][T10553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 397.959790][T10553] R13: 00007f2e169c6128 R14: 00007f2e169c6090 R15: 00007ffe4335bb28 [ 397.959824][T10553] [ 399.296018][T10574] binder: 10565:10574 ioctl c00c620f 200000000180 returned -22 [ 400.937751][T10591] ubi0: attaching mtd0 [ 400.993740][T10591] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 402.088635][T10603] program syz.1.1228 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 403.291248][T10620] FAULT_INJECTION: forcing a failure. [ 403.291248][T10620] name failslab, interval 1, probability 0, space 0, times 0 [ 403.316115][T10620] CPU: 1 UID: 0 PID: 10620 Comm: syz.2.1231 Not tainted syzkaller #0 PREEMPT(full) [ 403.316153][T10620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 403.316168][T10620] Call Trace: [ 403.316179][T10620] [ 403.316189][T10620] dump_stack_lvl+0x16c/0x1f0 [ 403.316231][T10620] should_fail_ex+0x512/0x640 [ 403.316266][T10620] ? fs_reclaim_acquire+0xae/0x150 [ 403.316308][T10620] should_failslab+0xc2/0x120 [ 403.316342][T10620] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 403.316374][T10620] ? security_inode_alloc+0x3b/0x2b0 [ 403.316409][T10620] security_inode_alloc+0x3b/0x2b0 [ 403.316440][T10620] inode_init_always_gfp+0xce4/0x1030 [ 403.316473][T10620] ? __pfx_mqueue_fill_super+0x10/0x10 [ 403.316497][T10620] alloc_inode+0x86/0x240 [ 403.316534][T10620] new_inode+0x22/0x1c0 [ 403.316571][T10620] ? __pfx_mqueue_fill_super+0x10/0x10 [ 403.316595][T10620] mqueue_get_inode+0x2e/0xdd0 [ 403.316618][T10620] ? sget_fc+0x808/0xc20 [ 403.316648][T10620] ? __pfx_mqueue_fill_super+0x10/0x10 [ 403.316671][T10620] mqueue_fill_super+0x14d/0x260 [ 403.316696][T10620] get_tree_nodev+0xdd/0x190 [ 403.316727][T10620] mqueue_get_tree+0xf1/0x130 [ 403.316751][T10620] vfs_get_tree+0x8b/0x340 [ 403.316776][T10620] fc_mount_longterm+0x18/0x160 [ 403.316822][T10620] mq_init_ns+0x426/0x620 [ 403.316856][T10620] copy_ipcs+0x383/0x610 [ 403.316883][T10620] ? copy_utsname+0xab/0x470 [ 403.316922][T10620] create_new_namespaces+0x20a/0xa90 [ 403.316951][T10620] ? security_capable+0x7e/0x260 [ 403.316983][T10620] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 403.317015][T10620] ksys_unshare+0x45b/0xa40 [ 403.317050][T10620] ? __pfx_ksys_unshare+0x10/0x10 [ 403.317084][T10620] ? xfd_validate_state+0x61/0x180 [ 403.317127][T10620] __x64_sys_unshare+0x31/0x40 [ 403.317177][T10620] do_syscall_64+0xcd/0x490 [ 403.317215][T10620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 403.317241][T10620] RIP: 0033:0x7f9cd258ebe9 [ 403.317263][T10620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 403.317289][T10620] RSP: 002b:00007f9cd33ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 403.317315][T10620] RAX: ffffffffffffffda RBX: 00007f9cd27c6090 RCX: 00007f9cd258ebe9 [ 403.317333][T10620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 403.317349][T10620] RBP: 00007f9cd2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 403.317365][T10620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 403.317381][T10620] R13: 00007f9cd27c6128 R14: 00007f9cd27c6090 R15: 00007fff9ee2f798 [ 403.317416][T10620] [ 404.118261][T10635] binder: 10626:10635 ioctl c00c620f 200000000180 returned -22 [ 405.803938][T10657] ubi0: attaching mtd0 [ 405.808063][T10657] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 407.920015][T10695] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1243'. [ 408.060796][T10687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1254'. [ 411.759934][T10744] nvme_fabrics: missing parameter 'transport=%s' [ 411.774879][T10744] nvme_fabrics: missing parameter 'nqn=%s' [ 411.894305][T10748] nvme_fabrics: missing parameter 'transport=%s' [ 411.916962][T10748] nvme_fabrics: missing parameter 'nqn=%s' [ 411.960618][T10746] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1259'. [ 416.524939][T10814] nvme_fabrics: missing parameter 'transport=%s' [ 416.535864][T10814] nvme_fabrics: missing parameter 'nqn=%s' [ 416.719976][T10817] nvme_fabrics: missing parameter 'transport=%s' [ 416.746750][T10817] nvme_fabrics: missing parameter 'nqn=%s' syzkaller syzkaller login: [ 422.340109][T10891] nvme_fabrics: missing parameter 'transport=%s' [ 422.347466][T10891] nvme_fabrics: missing parameter 'nqn=%s' [ 422.410633][T10893] nvme_fabrics: missing parameter 'transport=%s' [ 422.417159][T10893] nvme_fabrics: missing parameter 'nqn=%s' [ 424.102601][T10928] nvme_fabrics: missing parameter 'transport=%s' [ 424.150342][T10928] nvme_fabrics: missing parameter 'nqn=%s' [ 424.410345][T10930] nvme_fabrics: missing parameter 'transport=%s' [ 424.431391][T10930] nvme_fabrics: missing parameter 'nqn=%s' [ 428.797980][T10999] nvme_fabrics: missing parameter 'transport=%s' [ 428.805370][T10999] nvme_fabrics: missing parameter 'nqn=%s' [ 428.892506][T11001] nvme_fabrics: missing parameter 'transport=%s' [ 428.899586][T11001] nvme_fabrics: missing parameter 'nqn=%s' syzkaller syzkaller login: [ 432.069373][T11059] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1320'. [ 437.188174][T11122] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1332'. [ 439.062921][T11152] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1340'. [ 439.081309][T11152] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 439.312459][T11161] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1342'. [ 440.102318][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.109940][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.852112][T11243] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1357'. [ 446.514812][T11269] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1366'. [ 447.214742][T11275] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1367'. [ 447.275180][T11275] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 448.981683][T11302] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1374'. [ 449.159508][T11312] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1376'. [ 449.318178][ T5874] Bluetooth: hci1: unexpected subevent 0x0c length: 0 < 5 [ 449.887982][T11306] hugetlbfs: syz.0.1375 (11306): Using mlock ulimits for SHM_HUGETLB is obsolete syzkaller syzkaller login: [ 454.106211][ T5874] Bluetooth: hci2: unexpected subevent 0x0c length: 0 < 5 [ 454.968240][T11401] netlink: 'syz.2.1395': attribute type 4 has an invalid length. [ 454.985661][T11401] netlink: 314 bytes leftover after parsing attributes in process `syz.2.1395'. [ 455.569807][T11408] FAULT_INJECTION: forcing a failure. [ 455.569807][T11408] name failslab, interval 1, probability 0, space 0, times 0 [ 455.716759][T11408] CPU: 1 UID: 0 PID: 11408 Comm: syz.2.1397 Not tainted syzkaller #0 PREEMPT(full) [ 455.716797][T11408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 455.716813][T11408] Call Trace: [ 455.716822][T11408] [ 455.716832][T11408] dump_stack_lvl+0x16c/0x1f0 [ 455.716872][T11408] should_fail_ex+0x512/0x640 [ 455.716908][T11408] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 455.716944][T11408] should_failslab+0xc2/0x120 [ 455.716979][T11408] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 455.717010][T11408] ? alloc_io_context+0x21/0x2f0 [ 455.717050][T11408] alloc_io_context+0x21/0x2f0 [ 455.717075][T11408] __copy_io+0xdc/0x210 [ 455.717102][T11408] copy_process+0x287f/0x7690 [ 455.717152][T11408] ? __pfx_copy_process+0x10/0x10 [ 455.717184][T11408] ? futex_private_hash_put+0x176/0x300 [ 455.717221][T11408] ? futex_private_hash_put+0x18a/0x300 [ 455.717257][T11408] kernel_clone+0xfc/0x930 [ 455.717288][T11408] ? __pfx_futex_wake+0x10/0x10 [ 455.717321][T11408] ? __pfx_kernel_clone+0x10/0x10 [ 455.717349][T11408] ? 0xffffffff81000000 [ 455.717359][T11408] __do_sys_clone+0xce/0x120 [ 455.717377][T11408] ? __pfx___do_sys_clone+0x10/0x10 [ 455.717396][T11408] ? 0xffffffff81000000 [ 455.717413][T11408] ? syscall_user_dispatch+0x78/0x140 [ 455.717440][T11408] do_syscall_64+0xcd/0x490 [ 455.717461][T11408] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.717476][T11408] RIP: 0033:0x7f9cd258ebe9 [ 455.717487][T11408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 455.717501][T11408] RSP: 002b:00007f9cd33ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 455.717516][T11408] RAX: ffffffffffffffda RBX: 00007f9cd27c6090 RCX: 00007f9cd258ebe9 [ 455.717526][T11408] RDX: 9999999999999999 RSI: 0000000000000004 RDI: 0000000000000000 [ 455.717535][T11408] RBP: 00007f9cd2611e19 R08: 0000000000000009 R09: 0000000000000000 [ 455.717544][T11408] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000 [ 455.717553][T11408] R13: 00007f9cd27c6128 R14: 00007f9cd27c6090 R15: 00007fff9ee2f798 [ 455.717566][T11408] ? 0xffffffff81000000 [ 455.717580][T11408] syzkaller syzkaller login: [ 458.678656][T11440] FAULT_INJECTION: forcing a failure. [ 458.678656][T11440] name failslab, interval 1, probability 0, space 0, times 0 [ 458.717203][T11440] CPU: 1 UID: 0 PID: 11440 Comm: syz.3.1404 Not tainted syzkaller #0 PREEMPT(full) [ 458.717239][T11440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 458.717255][T11440] Call Trace: [ 458.717263][T11440] [ 458.717273][T11440] dump_stack_lvl+0x16c/0x1f0 [ 458.717313][T11440] should_fail_ex+0x512/0x640 [ 458.717347][T11440] ? fs_reclaim_acquire+0xae/0x150 [ 458.717385][T11440] ? tomoyo_encode2+0x100/0x3e0 [ 458.717418][T11440] should_failslab+0xc2/0x120 [ 458.717448][T11440] __kmalloc_noprof+0xd2/0x510 [ 458.717477][T11440] ? d_absolute_path+0x136/0x1a0 [ 458.717517][T11440] tomoyo_encode2+0x100/0x3e0 [ 458.717567][T11440] tomoyo_encode+0x29/0x50 [ 458.717600][T11440] tomoyo_realpath_from_path+0x18f/0x6e0 [ 458.717647][T11440] tomoyo_check_open_permission+0x2ab/0x3c0 [ 458.717676][T11440] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 458.717705][T11440] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 458.717770][T11440] ? find_held_lock+0x2b/0x80 [ 458.717802][T11440] tomoyo_file_open+0x6b/0x90 [ 458.717827][T11440] security_file_open+0x84/0x1e0 [ 458.717860][T11440] do_dentry_open+0x596/0x1530 [ 458.717897][T11440] vfs_open+0x82/0x3f0 [ 458.717933][T11440] path_openat+0x1de4/0x2cb0 [ 458.717970][T11440] ? __pfx_path_openat+0x10/0x10 [ 458.718008][T11440] do_filp_open+0x20b/0x470 [ 458.718039][T11440] ? __pfx_do_filp_open+0x10/0x10 [ 458.718094][T11440] ? alloc_fd+0x471/0x7d0 [ 458.718131][T11440] do_sys_openat2+0x11b/0x1d0 [ 458.718168][T11440] ? __pfx_do_sys_openat2+0x10/0x10 [ 458.718221][T11440] __x64_sys_openat+0x174/0x210 [ 458.718258][T11440] ? __pfx___x64_sys_openat+0x10/0x10 [ 458.718298][T11440] ? syscall_user_dispatch+0x78/0x140 [ 458.718343][T11440] do_syscall_64+0xcd/0x490 [ 458.718383][T11440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 458.718408][T11440] RIP: 0033:0x7fad2cb8ebe9 [ 458.718427][T11440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 458.718449][T11440] RSP: 002b:00007fad2d995038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 458.718473][T11440] RAX: ffffffffffffffda RBX: 00007fad2cdc6090 RCX: 00007fad2cb8ebe9 [ 458.718489][T11440] RDX: 00000000000c2481 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 458.718505][T11440] RBP: 00007fad2cc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 458.718520][T11440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 458.718534][T11440] R13: 00007fad2cdc6128 R14: 00007fad2cdc6090 R15: 00007ffcae774f68 [ 458.718582][T11440] [ 459.142777][T11440] ERROR: Out of memory at tomoyo_realpath_from_path. [ 462.594771][ T5874] Bluetooth: hci2: unexpected subevent 0x0c length: 0 < 5 [ 465.744847][T11533] [U]  [ 465.747676][T11533] [U] [ 465.750359][T11533] [U] [ 465.753032][T11533] [U] [ 465.781657][T11533] [U] [ 465.784371][T11533] [U] [ 465.787046][T11533] [U] [ 465.789717][T11533] [U] [ 465.799693][T11533] [U] [ 465.802440][T11533] [U] [ 465.805146][T11533] [U] [ 465.807842][T11533] [U] [ 465.850807][T11533] [U] [ 465.853564][T11533] [U] [ 465.856281][T11533] [U] [ 465.859003][T11533] [U] [ 465.889940][T11533] [U] [ 465.892679][T11533] [U] [ 465.895371][T11533] [U] [ 465.898050][T11533] [U] [ 465.927007][T11533] [U] [ 465.929751][T11533] [U] [ 465.932462][T11533] [U] [ 465.935178][T11533] [U] [ 465.974842][T11533] [U] [ 465.977595][T11533] [U] [ 465.980311][T11533] [U] [ 465.983020][T11533] [U] [ 466.014589][T11533] [U] [ 466.017350][T11533] [U] [ 466.020059][T11533] [U] [ 466.022767][T11533] [U] [ 466.028661][T11533] [U] [ 466.031378][T11533] [U] [ 466.034055][T11533] [U] [ 466.036744][T11533] [U] [ 466.073917][T11533] [U] [ 466.076671][T11533] [U] [ 466.079384][T11533] [U] [ 466.082094][T11533] [U] [ 466.110151][T11533] [U] [ 466.112888][T11533] [U] [ 466.115600][T11533] [U] [ 466.118322][T11533] [U] [ 466.121297][T11533] [U] [ 466.124014][T11533] [U] [ 466.126726][T11533] [U] [ 466.129438][T11533] [U] [ 466.151256][T11533] [U] [ 466.153995][T11533] [U] [ 466.156681][T11533] [U] [ 466.159358][T11533] [U] [ 466.164487][T11533] [U] [ 466.167203][T11533] [U] [ 466.169894][T11533] [U] [ 466.172598][T11533] [U] [ 466.175511][T11533] [U] [ 466.178222][T11533] [U] [ 466.180913][T11533] [U] [ 466.183628][T11533] [U] [ 466.200847][T11533] [U] [ 466.203599][T11533] [U] [ 466.206304][T11533] [U] [ 466.209016][T11533] [U] [ 466.318608][T11533] [U] [ 469.799766][T11599] zswap: compressor not available [ 471.081663][ T30] audit: type=1800 audit(4294967606.087:15): pid=11631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1444" name="members" dev="configfs" ino=41010 res=0 errno=0 [ 472.342532][ T5874] Bluetooth: hci0: unexpected subevent 0x0c length: 0 < 5 [ 474.167392][ T5874] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 476.222172][ T5874] Bluetooth: hci3: unexpected subevent 0x0c length: 0 < 5 [ 477.246490][T11742] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1469'. [ 477.495626][T11744] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1469'. [ 479.604726][T11777] FAULT_INJECTION: forcing a failure. [ 479.604726][T11777] name failslab, interval 1, probability 0, space 0, times 0 [ 479.651973][T11777] CPU: 0 UID: 0 PID: 11777 Comm: syz.0.1476 Not tainted syzkaller #0 PREEMPT(full) [ 479.652010][T11777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 479.652024][T11777] Call Trace: [ 479.652033][T11777] [ 479.652043][T11777] dump_stack_lvl+0x16c/0x1f0 [ 479.652082][T11777] should_fail_ex+0x512/0x640 [ 479.652117][T11777] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 479.652152][T11777] should_failslab+0xc2/0x120 [ 479.652181][T11777] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 479.652211][T11777] ? binderfs_binder_device_create.isra.0+0x322/0xb10 [ 479.652259][T11777] kstrdup+0x53/0x100 [ 479.652293][T11777] binderfs_binder_device_create.isra.0+0x322/0xb10 [ 479.652342][T11777] binderfs_fill_super+0x8d4/0x1360 [ 479.652380][T11777] ? __pfx_binderfs_fill_super+0x10/0x10 [ 479.652416][T11777] ? shrinker_register+0x1a8/0x260 [ 479.652436][T11777] ? sget_fc+0x808/0xc20 [ 479.652451][T11777] ? apparmor_capable+0x114/0x1d0 [ 479.652467][T11777] ? __pfx_set_anon_super_fc+0x10/0x10 [ 479.652483][T11777] ? __pfx_binderfs_fill_super+0x10/0x10 [ 479.652500][T11777] get_tree_nodev+0xdd/0x190 [ 479.652517][T11777] vfs_get_tree+0x8b/0x340 [ 479.652530][T11777] vfs_cmd_create+0xd7/0x2a0 [ 479.652550][T11777] __do_sys_fsconfig+0x7b8/0xbe0 [ 479.652571][T11777] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 479.652599][T11777] do_syscall_64+0xcd/0x490 [ 479.652620][T11777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.652635][T11777] RIP: 0033:0x7f2e1678ebe9 [ 479.652654][T11777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.652680][T11777] RSP: 002b:00007f2e1761f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 479.652706][T11777] RAX: ffffffffffffffda RBX: 00007f2e169c6090 RCX: 00007f2e1678ebe9 [ 479.652723][T11777] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000009 [ 479.652738][T11777] RBP: 00007f2e16811e19 R08: 0000000000000000 R09: 0000000000000000 [ 479.652754][T11777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 479.652770][T11777] R13: 00007f2e169c6128 R14: 00007f2e169c6090 R15: 00007ffe4335bb28 [ 479.652805][T11777] [ 479.873428][ C0] vkms_vblank_simulate: vblank timer overrun [ 480.268604][T11791] random: crng reseeded on system resumption [ 480.372936][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 480.411641][ T1179] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 480.412002][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 480.469109][ T13] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 480.480150][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 480.523448][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 480.535378][ T1179] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 480.572491][ T13] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 480.582904][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 480.618317][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 480.631836][ T1179] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 480.663421][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 480.675431][ T13] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 480.783276][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 480.797111][ T1179] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 480.828676][ T1179] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 480.839822][ T13] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 480.858646][ T1179] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 480.866959][ T13] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 480.897735][ T13] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 493.423353][T11841] sp0: Synchronizing with TNC [ 493.592303][T11849] openvswitch: HfR: Dropping previously announced user features [ 493.633292][T11849] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1491'. [ 493.809354][T11849] HfR: left promiscuous mode [ 495.991657][T11899] HfR: entered promiscuous mode [ 496.120401][T11899] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1505'. [ 496.241539][T11899] HfR: left promiscuous mode [ 496.848803][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 496.849054][ T13] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 496.849264][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 496.849448][ T13] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 496.850572][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 496.850764][ T13] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 496.850918][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 496.851099][ T13] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 496.851130][ T13] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 496.851150][ T13] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 496.866458][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 496.866607][ T4317] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 496.866705][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 496.866825][ T4317] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 496.866937][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 496.867042][ T4317] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 496.867125][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 496.867220][ T4317] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 496.867238][ T4317] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 496.867249][ T4317] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 501.541042][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.547376][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.359194][T11915] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 507.365285][T11915] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 507.371462][T11915] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 507.377493][T11915] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 507.392082][T11930] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 507.640311][T11964] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.0.1517: bg 3: bad block bitmap checksum [ 507.738981][T11964] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 1958 with max blocks 1 with error 74 [ 507.789810][T11964] EXT4-fs (sda1): This should not happen!! Data will be lost [ 507.789810][T11964] [ 508.061830][T11963] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 508.938035][T11987] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1522'. [ 509.378731][ T5874] Bluetooth: hci3: command 0x0c1a tx timeout [ 509.381784][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 509.384906][ T5864] Bluetooth: hci1: command 0x0c1a tx timeout [ 509.396874][ T5864] Bluetooth: hci0: command 0x0c1a tx timeout [ 512.281987][T12045] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1535'. [ 512.357693][T12050] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1538'. [ 513.147887][T12076] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1547'. [ 514.238580][T12090] warning: `syz.3.1553' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 516.647008][T12127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1562'. [ 517.047927][T12121] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1560'. [ 517.755830][T12142] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1566'. [ 518.897805][ T51] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 519.960957][T12195] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1577'. [ 520.171822][T12174] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1575'. [ 520.356840][T12198] sp0: Synchronizing with TNC [ 520.434676][T12206] vhci_hcd: invalid port number 16 [ 520.458328][T12206] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 521.326872][T12225] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1584'. [ 521.751889][T12216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 521.771315][T12216] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 521.798827][T12216] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 521.808614][T12216] page_type: f5(slab) [ 521.816696][T12216] raw: 00fff00000000040 ffff88801b842280 ffffea0001f6ec00 0000000000000002 [ 521.838518][T12216] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 521.859022][T12216] head: 00fff00000000040 ffff88801b842280 ffffea0001f6ec00 0000000000000002 [ 521.878007][T12216] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 521.898474][T12216] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 521.907203][T12216] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 521.936916][T12216] page dumped because: unmovable page [ 521.948465][T12216] page_owner tracks the page as allocated [ 521.964500][T12216] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5545, tgid 5545 (dhcpcd-run-hook), ts 53416564419, free_ts 53396947394 [ 522.018760][T12216] post_alloc_hook+0x1c0/0x230 [ 522.025258][T12216] get_page_from_freelist+0x132b/0x38e0 [ 522.061067][T12216] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 522.077616][T12216] alloc_pages_mpol+0x1fb/0x550 [ 522.088413][T12216] new_slab+0x247/0x330 [ 522.092622][T12216] ___slab_alloc+0xcf2/0x1740 [ 522.113337][T12216] __slab_alloc.constprop.0+0x56/0xb0 [ 522.119215][T12216] __kmalloc_cache_noprof+0xfb/0x3e0 [ 522.124544][T12216] tomoyo_init_log+0xc8a/0x2140 [ 522.140463][T12216] tomoyo_supervisor+0x302/0x13b0 [ 522.145556][T12216] tomoyo_env_perm+0x191/0x200 [ 522.170729][T12216] tomoyo_find_next_domain+0xec2/0x20b0 [ 522.188568][T12216] tomoyo_bprm_check_security+0x12e/0x1d0 [ 522.194451][T12216] security_bprm_check+0x1b9/0x1e0 [ 522.208423][T12216] bprm_execve+0x81a/0x1640 [ 522.221256][T12216] do_execveat_common.isra.0+0x4a5/0x610 [ 522.247458][T12216] page last free pid 5544 tgid 5544 stack trace: [ 522.272451][T12216] __free_frozen_pages+0x7d5/0x10f0 [ 522.277721][T12216] __put_partials+0x165/0x1c0 [ 522.287712][T12216] qlist_free_all+0x4d/0x120 [ 522.292661][T12216] kasan_quarantine_reduce+0x195/0x1e0 [ 522.308426][T12216] __kasan_slab_alloc+0x69/0x90 [ 522.313344][T12216] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 522.342729][T12216] getname_flags.part.0+0x4c/0x550 [ 522.347923][T12216] getname_flags+0x93/0xf0 [ 522.352437][T12216] vfs_fstatat+0xe1/0xf0 [ 522.356725][T12216] __do_sys_newfstatat+0x97/0x120 [ 522.364939][T12216] do_syscall_64+0xcd/0x490 [ 522.369817][T12216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.059762][ T30] audit: type=1804 audit(4294967325.369:16): pid=12252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1592" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 526.920278][T12309] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1607'. [ 527.066852][ T1179] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1382 with max blocks 9 with error 117 [ 527.118714][ T1179] EXT4-fs (sda1): This should not happen!! Data will be lost [ 527.118714][ T1179] [ 527.209403][ T1179] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2240 with max blocks 1 with error 117 [ 527.251214][ T1179] EXT4-fs (sda1): This should not happen!! Data will be lost [ 527.251214][ T1179] [ 527.770937][T12323] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2051 with max blocks 1 with error 117 [ 527.795362][T12323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 527.795362][T12323] [ 527.959007][T12322] random: crng reseeded on system resumption [ 528.005957][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 528.030686][ T36] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:2: iget: checksum invalid [ 528.042254][ T1179] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 528.053479][ T36] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 528.064970][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 528.076884][ T36] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:2: iget: checksum invalid [ 528.088579][ T1179] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 528.118254][ T36] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 528.145512][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 528.178977][ T1179] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 528.191199][ T36] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:2: iget: checksum invalid [ 528.211034][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 528.223421][ T36] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 528.330061][ T1179] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 528.339057][ T36] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:2: iget: checksum invalid [ 528.357514][ T1179] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 528.367013][ T36] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 528.376572][ T1179] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 528.385101][ T36] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 528.399041][ T36] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 529.154723][T12343] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1616'. [ 529.465816][T12348] zswap: compressor 000 not available [ 529.832461][T12355] FAULT_INJECTION: forcing a failure. [ 529.832461][T12355] name failslab, interval 1, probability 0, space 0, times 0 [ 529.848175][T12355] CPU: 0 UID: 0 PID: 12355 Comm: syz.0.1627 Not tainted syzkaller #0 PREEMPT(full) [ 529.848214][T12355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 529.848230][T12355] Call Trace: [ 529.848239][T12355] [ 529.848249][T12355] dump_stack_lvl+0x16c/0x1f0 [ 529.848289][T12355] should_fail_ex+0x512/0x640 [ 529.848325][T12355] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 529.848365][T12355] should_failslab+0xc2/0x120 [ 529.848398][T12355] __kmalloc_cache_noprof+0x6a/0x3e0 [ 529.848424][T12355] ? io_wq_create+0x6a/0x9a0 [ 529.848456][T12355] io_wq_create+0x6a/0x9a0 [ 529.848486][T12355] io_uring_alloc_task_context+0x1e1/0x650 [ 529.848517][T12355] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 529.848546][T12355] ? alloc_file_pseudo+0x1b3/0x230 [ 529.848590][T12355] __io_uring_add_tctx_node+0x2dd/0x500 [ 529.848615][T12355] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 529.848645][T12355] ? __anon_inode_getfile+0x17c/0x280 [ 529.848681][T12355] io_uring_setup+0x1579/0x2080 [ 529.848718][T12355] ? __pfx_io_uring_setup+0x10/0x10 [ 529.848758][T12355] ? __pfx___might_resched+0x10/0x10 [ 529.848795][T12355] ? xfd_validate_state+0x61/0x180 [ 529.848830][T12355] ? __pfx___do_sys_close_range+0x10/0x10 [ 529.848869][T12355] __x64_sys_io_uring_setup+0xc2/0x170 [ 529.848904][T12355] do_syscall_64+0xcd/0x490 [ 529.848941][T12355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.848967][T12355] RIP: 0033:0x7f2e1678ebe9 [ 529.848988][T12355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 529.849013][T12355] RSP: 002b:00007f2e17640038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 529.849037][T12355] RAX: ffffffffffffffda RBX: 00007f2e169c5fa0 RCX: 00007f2e1678ebe9 [ 529.849054][T12355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 529.849069][T12355] RBP: 00007f2e16811e19 R08: 0000000000000000 R09: 0000000000000000 [ 529.849083][T12355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 529.849099][T12355] R13: 00007f2e169c6038 R14: 00007f2e169c5fa0 R15: 00007ffe4335bb28 [ 529.849133][T12355] [ 529.928123][T12358] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1619'. [ 538.662413][T12322] FAULT_INJECTION: forcing a failure. [ 538.662413][T12322] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 538.678207][T12322] CPU: 0 UID: 0 PID: 12322 Comm: syz.3.1612 Not tainted syzkaller #0 PREEMPT(full) [ 538.678243][T12322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 538.678259][T12322] Call Trace: [ 538.678268][T12322] [ 538.678278][T12322] dump_stack_lvl+0x16c/0x1f0 [ 538.678320][T12322] should_fail_ex+0x512/0x640 [ 538.678365][T12322] should_fail_alloc_page+0xe7/0x130 [ 538.678400][T12322] prepare_alloc_pages+0x3c2/0x610 [ 538.678434][T12322] ? rcu_is_watching+0x12/0xc0 [ 538.678464][T12322] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 538.678508][T12322] ? stack_trace_save+0x8e/0xc0 [ 538.678536][T12322] ? __pfx_stack_trace_save+0x10/0x10 [ 538.678568][T12322] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 538.678605][T12322] ? kasan_save_stack+0x42/0x60 [ 538.678631][T12322] ? kasan_save_stack+0x33/0x60 [ 538.678663][T12322] ? do_dentry_open+0x982/0x1530 [ 538.678692][T12322] ? vfs_open+0x82/0x3f0 [ 538.678724][T12322] ? path_openat+0x1de4/0x2cb0 [ 538.678761][T12322] ? do_filp_open+0x20b/0x470 [ 538.678789][T12322] ? do_sys_openat2+0x11b/0x1d0 [ 538.678824][T12322] ? __x64_sys_openat+0x174/0x210 [ 538.678861][T12322] ? do_syscall_64+0xcd/0x490 [ 538.678892][T12322] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.678920][T12322] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 538.678954][T12322] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 538.678989][T12322] ? policy_nodemask+0xea/0x4e0 [ 538.679025][T12322] alloc_pages_mpol+0x1fb/0x550 [ 538.679057][T12322] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 538.679099][T12322] alloc_pages_noprof+0x131/0x390 [ 538.679133][T12322] get_zeroed_page_noprof+0x18/0xb0 [ 538.679166][T12322] get_image_page+0x18/0x190 [ 538.679190][T12322] alloc_rtree_node+0x3c/0xb0 [ 538.679215][T12322] memory_bm_create+0x519/0x810 [ 538.679253][T12322] create_basic_memory_bitmaps+0xbd/0x320 [ 538.679284][T12322] snapshot_open+0x235/0x2b0 [ 538.679312][T12322] ? __pfx_snapshot_open+0x10/0x10 [ 538.679341][T12322] misc_open+0x35d/0x420 [ 538.679369][T12322] ? __pfx_misc_open+0x10/0x10 [ 538.679393][T12322] chrdev_open+0x234/0x6a0 [ 538.679422][T12322] ? __pfx_apparmor_file_open+0x10/0x10 [ 538.679451][T12322] ? __pfx_chrdev_open+0x10/0x10 [ 538.679485][T12322] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 538.679518][T12322] do_dentry_open+0x982/0x1530 [ 538.679550][T12322] ? __pfx_chrdev_open+0x10/0x10 [ 538.679588][T12322] vfs_open+0x82/0x3f0 [ 538.679629][T12322] path_openat+0x1de4/0x2cb0 [ 538.679670][T12322] ? __pfx_path_openat+0x10/0x10 [ 538.679711][T12322] do_filp_open+0x20b/0x470 [ 538.679751][T12322] ? __pfx_do_filp_open+0x10/0x10 [ 538.679811][T12322] ? alloc_fd+0x471/0x7d0 [ 538.679850][T12322] do_sys_openat2+0x11b/0x1d0 [ 538.679888][T12322] ? __pfx_do_sys_openat2+0x10/0x10 [ 538.679941][T12322] __x64_sys_openat+0x174/0x210 [ 538.679979][T12322] ? __pfx___x64_sys_openat+0x10/0x10 [ 538.680030][T12322] do_syscall_64+0xcd/0x490 [ 538.680068][T12322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.680094][T12322] RIP: 0033:0x7fad2cb8ebe9 [ 538.680117][T12322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 538.680142][T12322] RSP: 002b:00007fad2d9b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 538.680168][T12322] RAX: ffffffffffffffda RBX: 00007fad2cdc5fa0 RCX: 00007fad2cb8ebe9 [ 538.680186][T12322] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 538.680202][T12322] RBP: 00007fad2cc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 538.680218][T12322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 538.680234][T12322] R13: 00007fad2cdc6038 R14: 00007fad2cdc5fa0 R15: 00007ffcae774f68 [ 538.680269][T12322] [ 539.205883][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 539.256774][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 539.268602][ T4317] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 539.308641][ T1179] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 539.328888][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 539.364710][ T4317] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 539.369553][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 539.387546][T12364] FAULT_INJECTION: forcing a failure. [ 539.387546][T12364] name failslab, interval 1, probability 0, space 0, times 0 [ 539.432820][ T1179] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 539.432986][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 539.458875][ T4317] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 539.468720][T12364] CPU: 0 UID: 0 PID: 12364 Comm: syz.0.1629 Not tainted syzkaller #0 PREEMPT(full) [ 539.468754][T12364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 539.468769][T12364] Call Trace: [ 539.468778][T12364] [ 539.468787][T12364] dump_stack_lvl+0x16c/0x1f0 [ 539.468825][T12364] should_fail_ex+0x512/0x640 [ 539.468856][T12364] ? __kvmalloc_node_noprof+0x124/0x620 [ 539.468888][T12364] should_failslab+0xc2/0x120 [ 539.468918][T12364] __kvmalloc_node_noprof+0x137/0x620 [ 539.468947][T12364] ? bucket_table_alloc.isra.0+0x83/0x460 [ 539.468988][T12364] ? bucket_table_alloc.isra.0+0x83/0x460 [ 539.469020][T12364] bucket_table_alloc.isra.0+0x83/0x460 [ 539.469056][T12364] rhashtable_init_noprof+0x41a/0x7e0 [ 539.469089][T12364] ? kasan_save_track+0x14/0x30 [ 539.469121][T12364] fqdir_init+0xb4/0x1f0 [ 539.469160][T12364] ipv4_frags_init_net+0x2b/0x3d0 [ 539.469193][T12364] ? __pfx_ipv4_frags_init_net+0x10/0x10 [ 539.469222][T12364] ops_init+0x1e2/0x5f0 [ 539.469254][T12364] setup_net+0x10f/0x380 [ 539.469281][T12364] ? lockdep_init_map_type+0x5c/0x280 [ 539.469311][T12364] ? __pfx_setup_net+0x10/0x10 [ 539.469344][T12364] ? debug_mutex_init+0x37/0x70 [ 539.469373][T12364] copy_net_ns+0x2a6/0x5f0 [ 539.469413][T12364] create_new_namespaces+0x3ea/0xa90 [ 539.469450][T12364] copy_namespaces+0x468/0x560 [ 539.469479][T12364] copy_process+0x2822/0x7690 [ 539.469526][T12364] ? __pfx_copy_process+0x10/0x10 [ 539.469555][T12364] ? futex_private_hash_put+0x176/0x300 [ 539.469590][T12364] ? futex_private_hash_put+0x18a/0x300 [ 539.469625][T12364] kernel_clone+0xfc/0x930 [ 539.469665][T12364] ? __pfx_kernel_clone+0x10/0x10 [ 539.469713][T12364] __do_sys_clone+0xce/0x120 [ 539.469742][T12364] ? __pfx___do_sys_clone+0x10/0x10 [ 539.469783][T12364] ? xfd_validate_state+0x61/0x180 [ 539.469830][T12364] do_syscall_64+0xcd/0x490 [ 539.469865][T12364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 539.469890][T12364] RIP: 0033:0x7f2e1678ebe9 [ 539.469909][T12364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 539.469932][T12364] RSP: 002b:00007f2e1763ffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 539.469956][T12364] RAX: ffffffffffffffda RBX: 00007f2e169c5fa0 RCX: 00007f2e1678ebe9 [ 539.469972][T12364] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000068000000 [ 539.469987][T12364] RBP: 00007f2e16811e19 R08: 0000000000000000 R09: 0000000000000000 [ 539.470001][T12364] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 539.470016][T12364] R13: 00007f2e169c6038 R14: 00007f2e169c5fa0 R15: 00007ffe4335bb28 [ 539.470050][T12364] [ 539.495005][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 539.755060][ T1179] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 539.757416][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 539.799926][ T4317] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 539.809076][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 539.830835][ T4317] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 539.840543][ T1179] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 539.850035][ T4317] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 539.862333][ T1179] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 539.878277][ T1179] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 550.229431][T12366] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 550.235512][T12366] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 550.241694][T12366] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 550.247900][T12366] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 550.269319][T12404] FAULT_INJECTION: forcing a failure. [ 550.269319][T12404] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 550.298800][T12404] CPU: 0 UID: 0 PID: 12404 Comm: syz.0.1634 Not tainted syzkaller #0 PREEMPT(full) [ 550.298838][T12404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 550.298854][T12404] Call Trace: [ 550.298862][T12404] [ 550.298872][T12404] dump_stack_lvl+0x16c/0x1f0 [ 550.298912][T12404] should_fail_ex+0x512/0x640 [ 550.298963][T12404] should_fail_alloc_page+0xe7/0x130 [ 550.299001][T12404] prepare_alloc_pages+0x3c2/0x610 [ 550.299045][T12404] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 550.299091][T12404] ? __lock_acquire+0xb97/0x1ce0 [ 550.299125][T12404] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 550.299177][T12404] ? mark_held_locks+0x49/0x80 [ 550.299208][T12404] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 550.299248][T12404] ? policy_nodemask+0xea/0x4e0 [ 550.299285][T12404] alloc_pages_mpol+0x1fb/0x550 [ 550.299320][T12404] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 550.299353][T12404] ? __pfx___mutex_lock+0x10/0x10 [ 550.299396][T12404] ___kmalloc_large_node+0xed/0x160 [ 550.299439][T12404] __kmalloc_large_noprof+0x1c/0x70 [ 550.299478][T12404] uhid_char_open+0x24/0x250 [ 550.299503][T12404] ? __pfx_uhid_char_open+0x10/0x10 [ 550.299527][T12404] misc_open+0x35d/0x420 [ 550.299556][T12404] ? __pfx_misc_open+0x10/0x10 [ 550.299582][T12404] chrdev_open+0x234/0x6a0 [ 550.299614][T12404] ? __pfx_apparmor_file_open+0x10/0x10 [ 550.299643][T12404] ? __pfx_chrdev_open+0x10/0x10 [ 550.299678][T12404] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 550.299714][T12404] do_dentry_open+0x982/0x1530 [ 550.299746][T12404] ? __pfx_chrdev_open+0x10/0x10 [ 550.299787][T12404] vfs_open+0x82/0x3f0 [ 550.299828][T12404] path_openat+0x1de4/0x2cb0 [ 550.299868][T12404] ? __pfx_path_openat+0x10/0x10 [ 550.299908][T12404] do_filp_open+0x20b/0x470 [ 550.299948][T12404] ? __pfx_do_filp_open+0x10/0x10 [ 550.300008][T12404] ? alloc_fd+0x471/0x7d0 [ 550.300047][T12404] do_sys_openat2+0x11b/0x1d0 [ 550.300087][T12404] ? __pfx_do_sys_openat2+0x10/0x10 [ 550.300139][T12404] __x64_sys_openat+0x174/0x210 [ 550.300177][T12404] ? __pfx___x64_sys_openat+0x10/0x10 [ 550.300231][T12404] do_syscall_64+0xcd/0x490 [ 550.300268][T12404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.300295][T12404] RIP: 0033:0x7f2e1678ebe9 [ 550.300316][T12404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 550.300342][T12404] RSP: 002b:00007f2e17640038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 550.300367][T12404] RAX: ffffffffffffffda RBX: 00007f2e169c5fa0 RCX: 00007f2e1678ebe9 [ 550.300384][T12404] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 550.300402][T12404] RBP: 00007f2e16811e19 R08: 0000000000000000 R09: 0000000000000000 [ 550.300418][T12404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 550.300434][T12404] R13: 00007f2e169c6038 R14: 00007f2e169c5fa0 R15: 00007ffe4335bb28 [ 550.300469][T12404] [ 551.168944][T12431] FAULT_INJECTION: forcing a failure. [ 551.168944][T12431] name failslab, interval 1, probability 0, space 0, times 0 [ 551.188629][T12431] CPU: 0 UID: 0 PID: 12431 Comm: syz.2.1643 Not tainted syzkaller #0 PREEMPT(full) [ 551.188665][T12431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 551.188680][T12431] Call Trace: [ 551.188689][T12431] [ 551.188699][T12431] dump_stack_lvl+0x16c/0x1f0 [ 551.188739][T12431] should_fail_ex+0x512/0x640 [ 551.188772][T12431] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 551.188813][T12431] should_failslab+0xc2/0x120 [ 551.188846][T12431] __kmalloc_cache_noprof+0x6a/0x3e0 [ 551.188870][T12431] ? ovs_dp_cmd_new+0x42e/0xe60 [ 551.188902][T12431] ovs_dp_cmd_new+0x42e/0xe60 [ 551.188936][T12431] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 551.188970][T12431] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 551.189011][T12431] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 551.189058][T12431] genl_family_rcv_msg_doit+0x209/0x2f0 [ 551.189099][T12431] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 551.189151][T12431] ? bpf_lsm_capable+0x9/0x10 [ 551.189172][T12431] ? security_capable+0x7e/0x260 [ 551.189199][T12431] ? ns_capable+0xd7/0x110 [ 551.189229][T12431] genl_rcv_msg+0x55c/0x800 [ 551.189257][T12431] ? __pfx_genl_rcv_msg+0x10/0x10 [ 551.189296][T12431] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 551.189336][T12431] netlink_rcv_skb+0x158/0x420 [ 551.189367][T12431] ? __pfx_genl_rcv_msg+0x10/0x10 [ 551.189406][T12431] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 551.189455][T12431] ? netlink_deliver_tap+0x1ae/0xd30 [ 551.189494][T12431] genl_rcv+0x28/0x40 [ 551.189528][T12431] netlink_unicast+0x5a7/0x870 [ 551.189568][T12431] ? __pfx_netlink_unicast+0x10/0x10 [ 551.189603][T12431] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 551.189636][T12431] ? __lock_acquire+0xb97/0x1ce0 [ 551.189679][T12431] netlink_sendmsg+0x8d1/0xdd0 [ 551.189717][T12431] ? __pfx_netlink_sendmsg+0x10/0x10 [ 551.189753][T12431] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 551.189791][T12431] ____sys_sendmsg+0xa98/0xc70 [ 551.189817][T12431] ? copy_msghdr_from_user+0x10a/0x160 [ 551.189852][T12431] ? __pfx_____sys_sendmsg+0x10/0x10 [ 551.189887][T12431] ? __pfx_futex_wake_mark+0x10/0x10 [ 551.189925][T12431] ___sys_sendmsg+0x134/0x1d0 [ 551.189960][T12431] ? __pfx____sys_sendmsg+0x10/0x10 [ 551.190037][T12431] __sys_sendmsg+0x16d/0x220 [ 551.190070][T12431] ? __pfx___sys_sendmsg+0x10/0x10 [ 551.190103][T12431] ? __x64_sys_futex+0x1e0/0x4c0 [ 551.190155][T12431] do_syscall_64+0xcd/0x490 [ 551.190192][T12431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.190217][T12431] RIP: 0033:0x7f9cd258ebe9 [ 551.190238][T12431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 551.190264][T12431] RSP: 002b:00007f9cd33ce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 551.190290][T12431] RAX: ffffffffffffffda RBX: 00007f9cd27c5fa0 RCX: 00007f9cd258ebe9 [ 551.190308][T12431] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000007 [ 551.190325][T12431] RBP: 00007f9cd2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 551.190341][T12431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 551.190357][T12431] R13: 00007f9cd27c6038 R14: 00007f9cd27c5fa0 R15: 00007fff9ee2f798 [ 551.190393][T12431] [ 552.024071][T12449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1647'. [ 552.076640][T12449] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1647'. [ 552.179469][T12456] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 552.324218][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 552.338502][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 552.339008][ T5186] Bluetooth: hci1: command 0x0c1a tx timeout [ 552.344540][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 553.292849][ T51] Bluetooth: hci2: unexpected subevent 0x03 length: 253 > 9 [ 555.433802][T12508] FAULT_INJECTION: forcing a failure. [ 555.433802][T12508] name failslab, interval 1, probability 0, space 0, times 0 [ 555.465411][T12508] CPU: 1 UID: 0 PID: 12508 Comm: syz.3.1661 Not tainted syzkaller #0 PREEMPT(full) [ 555.465433][T12508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 555.465443][T12508] Call Trace: [ 555.465449][T12508] [ 555.465455][T12508] dump_stack_lvl+0x16c/0x1f0 [ 555.465482][T12508] should_fail_ex+0x512/0x640 [ 555.465502][T12508] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 555.465521][T12508] should_failslab+0xc2/0x120 [ 555.465540][T12508] __kmalloc_cache_noprof+0x6a/0x3e0 [ 555.465555][T12508] ? kernfs_fop_open+0x244/0xda0 [ 555.465572][T12508] kernfs_fop_open+0x244/0xda0 [ 555.465590][T12508] do_dentry_open+0x982/0x1530 [ 555.465609][T12508] ? __pfx_kernfs_fop_open+0x10/0x10 [ 555.465626][T12508] vfs_open+0x82/0x3f0 [ 555.465649][T12508] path_openat+0x1de4/0x2cb0 [ 555.465672][T12508] ? __pfx_path_openat+0x10/0x10 [ 555.465693][T12508] do_filp_open+0x20b/0x470 [ 555.465710][T12508] ? __pfx_do_filp_open+0x10/0x10 [ 555.465740][T12508] ? alloc_fd+0x471/0x7d0 [ 555.465769][T12508] do_sys_openat2+0x11b/0x1d0 [ 555.465791][T12508] ? __pfx_do_sys_openat2+0x10/0x10 [ 555.465820][T12508] __x64_sys_openat+0x174/0x210 [ 555.465843][T12508] ? __pfx___x64_sys_openat+0x10/0x10 [ 555.465874][T12508] do_syscall_64+0xcd/0x490 [ 555.465895][T12508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.465910][T12508] RIP: 0033:0x7fad2cb8ebe9 [ 555.465922][T12508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 555.465936][T12508] RSP: 002b:00007fad2d9b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 555.465950][T12508] RAX: ffffffffffffffda RBX: 00007fad2cdc5fa0 RCX: 00007fad2cb8ebe9 [ 555.465960][T12508] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 555.465970][T12508] RBP: 00007fad2cc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 555.465979][T12508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 555.465988][T12508] R13: 00007fad2cdc6038 R14: 00007fad2cdc5fa0 R15: 00007ffcae774f68 [ 555.466007][T12508] [ 556.628572][T12524] netlink: 206 bytes leftover after parsing attributes in process `syz.2.1665'. [ 556.816779][T12502] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 557.126722][T12527] FAULT_INJECTION: forcing a failure. [ 557.126722][T12527] name failslab, interval 1, probability 0, space 0, times 0 [ 557.158179][T12527] CPU: 1 UID: 0 PID: 12527 Comm: syz.2.1666 Not tainted syzkaller #0 PREEMPT(full) [ 557.158217][T12527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 557.158232][T12527] Call Trace: [ 557.158241][T12527] [ 557.158252][T12527] dump_stack_lvl+0x16c/0x1f0 [ 557.158293][T12527] should_fail_ex+0x512/0x640 [ 557.158327][T12527] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 557.158366][T12527] should_failslab+0xc2/0x120 [ 557.158397][T12527] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 557.158434][T12527] ? alloc_empty_file+0x55/0x1e0 [ 557.158474][T12527] alloc_empty_file+0x55/0x1e0 [ 557.158512][T12527] path_openat+0xda/0x2cb0 [ 557.158540][T12527] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.158579][T12527] ? __pfx_path_openat+0x10/0x10 [ 557.158618][T12527] do_filp_open+0x20b/0x470 [ 557.158651][T12527] ? __pfx_do_filp_open+0x10/0x10 [ 557.158707][T12527] ? alloc_fd+0x471/0x7d0 [ 557.158744][T12527] do_sys_openat2+0x11b/0x1d0 [ 557.158780][T12527] ? __pfx_do_sys_openat2+0x10/0x10 [ 557.158833][T12527] __x64_sys_openat+0x174/0x210 [ 557.158872][T12527] ? __pfx___x64_sys_openat+0x10/0x10 [ 557.158926][T12527] do_syscall_64+0xcd/0x490 [ 557.158961][T12527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.158982][T12527] RIP: 0033:0x7f9cd258ebe9 [ 557.159002][T12527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.159026][T12527] RSP: 002b:00007f9cd33ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 557.159053][T12527] RAX: ffffffffffffffda RBX: 00007f9cd27c5fa0 RCX: 00007f9cd258ebe9 [ 557.159071][T12527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 557.159087][T12527] RBP: 00007f9cd2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 557.159102][T12527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.159118][T12527] R13: 00007f9cd27c6038 R14: 00007f9cd27c5fa0 R15: 00007fff9ee2f798 [ 557.159154][T12527] [ 557.612658][T11903] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2252 with max blocks 1 with error 117 [ 557.629678][T11903] EXT4-fs (sda1): This should not happen!! Data will be lost [ 557.629678][T11903] [ 558.300143][T12548] random: crng reseeded on system resumption [ 558.373555][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 558.387121][ T13] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 558.390873][ T44] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:3: iget: checksum invalid [ 558.458701][ T44] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 558.459531][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 558.550505][ T13] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 558.558665][ T44] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:3: iget: checksum invalid [ 558.633385][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 558.644640][ T44] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 558.653043][ T13] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 558.668641][ T44] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:3: iget: checksum invalid [ 558.688626][ T44] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 558.700770][ T44] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:3: iget: checksum invalid [ 558.714433][ T44] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 558.727722][ T44] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 558.727852][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 558.761408][ T44] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 558.777904][ T13] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 558.788694][ T13] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 558.798454][ T13] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 560.061104][T12572] syz.1.1680 (12572): /proc/12568/oom_adj is deprecated, please use /proc/12568/oom_score_adj instead. [ 562.984703][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.995174][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.402883][T12587] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 569.644024][T12605] HfR: entered promiscuous mode [ 569.690519][T12605] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1686'. [ 569.713824][T12605] HfR: left promiscuous mode [ 569.884149][T12612] HfR: entered promiscuous mode [ 571.004021][T12641] syz.3.1695: vmalloc error: size 4096, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 571.038962][T12641] CPU: 0 UID: 0 PID: 12641 Comm: syz.3.1695 Not tainted syzkaller #0 PREEMPT(full) [ 571.038999][T12641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 571.039016][T12641] Call Trace: [ 571.039026][T12641] [ 571.039036][T12641] dump_stack_lvl+0x16c/0x1f0 [ 571.039077][T12641] warn_alloc+0x248/0x3a0 [ 571.039111][T12641] ? __pfx_warn_alloc+0x10/0x10 [ 571.039143][T12641] ? alloc_pages_mpol+0x25a/0x550 [ 571.039179][T12641] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 571.039226][T12641] __vmalloc_node_range_noprof+0x11d4/0x14b0 [ 571.039264][T12641] ? kernel_clone+0xfc/0x930 [ 571.039305][T12641] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 571.039344][T12641] ? kernel_clone+0xfc/0x930 [ 571.039375][T12641] __vmalloc_node_noprof+0xad/0xf0 [ 571.039401][T12641] ? kernel_clone+0xfc/0x930 [ 571.039436][T12641] copy_process+0x2c70/0x7690 [ 571.039469][T12641] ? __pfx___futex_wait+0x10/0x10 [ 571.039522][T12641] ? __pfx_copy_process+0x10/0x10 [ 571.039555][T12641] ? futex_private_hash_put+0x176/0x300 [ 571.039591][T12641] ? futex_private_hash_put+0x18a/0x300 [ 571.039638][T12641] kernel_clone+0xfc/0x930 [ 571.039675][T12641] ? __pfx_kernel_clone+0x10/0x10 [ 571.039734][T12641] __do_sys_clone+0xce/0x120 [ 571.039767][T12641] ? __pfx___do_sys_clone+0x10/0x10 [ 571.039818][T12641] ? xfd_validate_state+0x61/0x180 [ 571.039868][T12641] do_syscall_64+0xcd/0x490 [ 571.039908][T12641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.039935][T12641] RIP: 0033:0x7fad2cb8ebe9 [ 571.039957][T12641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 571.039983][T12641] RSP: 002b:00007fad2d9b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 571.040009][T12641] RAX: ffffffffffffffda RBX: 00007fad2cdc5fa0 RCX: 00007fad2cb8ebe9 [ 571.040027][T12641] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 571.040044][T12641] RBP: 00007fad2cc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 571.040061][T12641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 571.040077][T12641] R13: 00007fad2cdc6038 R14: 00007fad2cdc5fa0 R15: 00007ffcae774f68 [ 571.040113][T12641] [ 571.040158][T12641] Mem-Info: [ 571.272690][T12641] active_anon:13331 inactive_anon:1992 isolated_anon:0 [ 571.272690][T12641] active_file:21787 inactive_file:40951 isolated_file:0 [ 571.272690][T12641] unevictable:768 dirty:601 writeback:0 [ 571.272690][T12641] slab_reclaimable:11619 slab_unreclaimable:95583 [ 571.272690][T12641] mapped:27383 shmem:2019 pagetables:1228 [ 571.272690][T12641] sec_pagetables:0 bounce:0 [ 571.272690][T12641] kernel_misc_reclaimable:0 [ 571.272690][T12641] free:1304968 free_pcp:17320 free_cma:0 [ 571.388490][T12641] Node 0 active_anon:53324kB inactive_anon:9268kB active_file:87144kB inactive_file:164060kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:108732kB dirty:2404kB writeback:0kB shmem:7940kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11396kB pagetables:4664kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 571.465837][T12641] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 571.511610][T12641] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 571.570148][T12641] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 571.575978][T12641] Node 0 DMA32 free:1296280kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:53276kB inactive_anon:9868kB active_file:86168kB inactive_file:163976kB unevictable:1536kB writepending:2504kB present:3129332kB managed:2539584kB mlocked:0kB bounce:0kB free_pcp:63272kB local_pcp:37708kB free_cma:0kB [ 571.630312][T12641] lowmem_reserve[]: 0 0 1 1 1 [ 571.635242][T12641] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:976kB inactive_file:340kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 571.688616][T12641] lowmem_reserve[]: 0 0 0 0 0 [ 571.694792][T12641] Node 1 Normal free:3909752kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:3344kB local_pcp:112kB free_cma:0kB [ 571.729685][T12641] lowmem_reserve[]: 0 0 0 0 0 [ 571.736335][T12641] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 571.749863][T12641] Node 0 DMA32: 3346*4kB (UM) 1758*8kB (UME) 1786*16kB (UM) 1272*32kB (UME) 677*64kB (UM) 329*128kB (UME) 45*256kB (UME) 82*512kB (UM) 50*1024kB (M) 3*2048kB (UME) 245*4096kB (UME) = 1296536kB [ 571.770641][T12641] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 571.862381][ T51] Bluetooth: hci0: unexpected subevent 0x03 length: 253 > 9 [ 571.872194][T12641] Node 1 Normal: 175*4kB (UME) 52*8kB (UME) 43*16kB (UME) 191*32kB (UME) 110*64kB (UME) 29*128kB (UME) 20*256kB (UME) 10*512kB (UME) 2*1024kB (UM) 4*2048kB (ME) 945*4096kB (UM) = 3909868kB [ 572.014004][T12641] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 572.251565][T12641] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 572.260973][T12641] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 572.270568][T12641] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 572.280075][T12641] 64394 total pagecache pages [ 572.284764][T12641] 6 pages in swap cache [ 572.289028][T12641] Free swap = 124972kB [ 572.297398][T12641] Total swap = 124996kB [ 572.301652][T12641] 2097051 pages RAM [ 572.305459][T12641] 0 pages HighMem/MovableOnly [ 572.315523][T12641] 430193 pages reserved [ 572.365539][T12641] 0 pages cma reserved [ 572.412938][ T30] audit: type=1804 audit(4294967374.739:17): pid=12653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1698" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 574.403965][ T4317] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2257 with max blocks 1 with error 117 [ 574.509064][ T4317] EXT4-fs (sda1): This should not happen!! Data will be lost [ 574.509064][ T4317] [ 574.581866][ T4317] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2272 with max blocks 1 with error 117 [ 574.635431][ T4317] EXT4-fs (sda1): This should not happen!! Data will be lost [ 574.635431][ T4317] [ 575.321196][T12697] FAULT_INJECTION: forcing a failure. [ 575.321196][T12697] name failslab, interval 1, probability 0, space 0, times 0 [ 575.335294][T12697] CPU: 0 UID: 0 PID: 12697 Comm: syz.1.1709 Not tainted syzkaller #0 PREEMPT(full) [ 575.335331][T12697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 575.335347][T12697] Call Trace: [ 575.335358][T12697] [ 575.335368][T12697] dump_stack_lvl+0x16c/0x1f0 [ 575.335409][T12697] should_fail_ex+0x512/0x640 [ 575.335445][T12697] ? __kvmalloc_node_noprof+0x124/0x620 [ 575.335480][T12697] should_failslab+0xc2/0x120 [ 575.335513][T12697] __kvmalloc_node_noprof+0x137/0x620 [ 575.335545][T12697] ? alloc_fdtable+0x175/0x2d0 [ 575.335578][T12697] ? alloc_fdtable+0x175/0x2d0 [ 575.335602][T12697] alloc_fdtable+0x175/0x2d0 [ 575.335630][T12697] dup_fd+0x83b/0xb90 [ 575.335662][T12697] ? apparmor_task_alloc+0x2c2/0x3b0 [ 575.335694][T12697] copy_process+0x230c/0x7690 [ 575.335727][T12697] ? __pfx___futex_wait+0x10/0x10 [ 575.335778][T12697] ? __pfx_copy_process+0x10/0x10 [ 575.335810][T12697] ? futex_private_hash_put+0x176/0x300 [ 575.335845][T12697] ? futex_private_hash_put+0x18a/0x300 [ 575.335882][T12697] kernel_clone+0xfc/0x930 [ 575.335917][T12697] ? __pfx_kernel_clone+0x10/0x10 [ 575.335970][T12697] __do_sys_clone+0xce/0x120 [ 575.336002][T12697] ? __pfx___do_sys_clone+0x10/0x10 [ 575.336052][T12697] ? xfd_validate_state+0x61/0x180 [ 575.336109][T12697] do_syscall_64+0xcd/0x490 [ 575.336147][T12697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.336175][T12697] RIP: 0033:0x7f8a2018ebe9 [ 575.336196][T12697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 575.336224][T12697] RSP: 002b:00007f8a1e3ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 575.336248][T12697] RAX: ffffffffffffffda RBX: 00007f8a203c5fa0 RCX: 00007f8a2018ebe9 [ 575.336264][T12697] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 575.336280][T12697] RBP: 00007f8a20211e19 R08: 0000000000000000 R09: 0000000000000000 [ 575.336296][T12697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.336312][T12697] R13: 00007f8a203c6038 R14: 00007f8a203c5fa0 R15: 00007fffb8b9e958 [ 575.336347][T12697] [ 575.351763][T12698] mkiss: ax0: crc mode is auto. [ 576.004554][T12715] ptrace attach of "./syz-executor exec"[5861] was attempted by ""[12715] [ 576.724128][T12730] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1717'. [ 578.831331][ T30] audit: type=1804 audit(4294967381.159:18): pid=12770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1726" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 580.817962][T12806] FAULT_INJECTION: forcing a failure. [ 580.817962][T12806] name failslab, interval 1, probability 0, space 0, times 0 [ 580.872220][T12806] CPU: 1 UID: 0 PID: 12806 Comm: syz.3.1738 Not tainted syzkaller #0 PREEMPT(full) [ 580.872259][T12806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 580.872274][T12806] Call Trace: [ 580.872284][T12806] [ 580.872295][T12806] dump_stack_lvl+0x16c/0x1f0 [ 580.872337][T12806] should_fail_ex+0x512/0x640 [ 580.872372][T12806] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 580.872403][T12806] should_failslab+0xc2/0x120 [ 580.872437][T12806] __kmalloc_cache_noprof+0x6a/0x3e0 [ 580.872464][T12806] ? mark_held_locks+0x49/0x80 [ 580.872494][T12806] ? rfkill_fop_open+0x1b6/0x750 [ 580.872526][T12806] rfkill_fop_open+0x1b6/0x750 [ 580.872557][T12806] ? __pfx_rfkill_fop_open+0x10/0x10 [ 580.872585][T12806] misc_open+0x35d/0x420 [ 580.872613][T12806] ? __pfx_misc_open+0x10/0x10 [ 580.872640][T12806] chrdev_open+0x234/0x6a0 [ 580.872678][T12806] ? __pfx_apparmor_file_open+0x10/0x10 [ 580.872709][T12806] ? __pfx_chrdev_open+0x10/0x10 [ 580.872745][T12806] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 580.872783][T12806] do_dentry_open+0x982/0x1530 [ 580.872816][T12806] ? __pfx_chrdev_open+0x10/0x10 [ 580.872855][T12806] vfs_open+0x82/0x3f0 [ 580.872897][T12806] path_openat+0x1de4/0x2cb0 [ 580.872940][T12806] ? __pfx_path_openat+0x10/0x10 [ 580.872981][T12806] do_filp_open+0x20b/0x470 [ 580.873012][T12806] ? __pfx_do_filp_open+0x10/0x10 [ 580.873070][T12806] ? alloc_fd+0x471/0x7d0 [ 580.873110][T12806] do_sys_openat2+0x11b/0x1d0 [ 580.873147][T12806] ? __pfx_do_sys_openat2+0x10/0x10 [ 580.873200][T12806] __x64_sys_openat+0x174/0x210 [ 580.873239][T12806] ? __pfx___x64_sys_openat+0x10/0x10 [ 580.873291][T12806] do_syscall_64+0xcd/0x490 [ 580.873330][T12806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.873354][T12806] RIP: 0033:0x7fad2cb8ebe9 [ 580.873375][T12806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 580.873401][T12806] RSP: 002b:00007fad2d9b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 580.873426][T12806] RAX: ffffffffffffffda RBX: 00007fad2cdc5fa0 RCX: 00007fad2cb8ebe9 [ 580.873445][T12806] RDX: 0000000000000080 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 580.873464][T12806] RBP: 00007fad2cc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 580.873481][T12806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 580.873497][T12806] R13: 00007fad2cdc6038 R14: 00007fad2cdc5fa0 R15: 00007ffcae774f68 [ 580.873534][T12806] [ 581.519398][T12822] Invalid ELF header magic: != ELF [ 582.351207][T12830] random: crng reseeded on system resumption [ 582.357906][ T36] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:2: iget: checksum invalid [ 582.401271][ T36] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 582.405514][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 582.454419][ T4317] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 582.458575][ T36] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:2: iget: checksum invalid [ 582.489540][T12833] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1745'. [ 582.509358][T12833] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1745'. [ 582.531859][ T36] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 582.543693][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 582.568335][ T4317] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 582.568427][ T36] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:2: iget: checksum invalid [ 582.569045][ T36] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 582.613938][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 582.667955][ T4317] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 582.678653][ T36] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:2: iget: checksum invalid [ 582.714930][ T36] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 582.720287][ T4317] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:9: iget: checksum invalid [ 582.746889][ T36] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 582.749762][ T4317] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 582.777556][ T4317] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 582.788439][ T36] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 582.810778][ T4317] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 584.775488][T12862] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1747'. [ 593.258729][T12895] mkiss: ax0: crc mode is auto. [ 593.688666][T12911] netlink: 93 bytes leftover after parsing attributes in process `syz.0.1757'. [ 594.558602][T12932] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1762'. [ 594.630804][ T4317] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 594.660538][ T4317] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 594.677491][ T4317] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 594.699200][ T4317] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.916739][T12951] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 595.930678][T12951] FAULT_INJECTION: forcing a failure. [ 595.930678][T12951] name failslab, interval 1, probability 0, space 0, times 0 [ 595.948747][T12951] CPU: 0 UID: 0 PID: 12951 Comm: syz.0.1770 Not tainted syzkaller #0 PREEMPT(full) [ 595.948782][T12951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 595.948802][T12951] Call Trace: [ 595.948810][T12951] [ 595.948821][T12951] dump_stack_lvl+0x16c/0x1f0 [ 595.948861][T12951] should_fail_ex+0x512/0x640 [ 595.948898][T12951] ? __kmalloc_noprof+0xbf/0x510 [ 595.948932][T12951] ? lsm_blob_alloc+0x68/0x90 [ 595.948953][T12951] should_failslab+0xc2/0x120 [ 595.948988][T12951] __kmalloc_noprof+0xd2/0x510 [ 595.949029][T12951] lsm_blob_alloc+0x68/0x90 [ 595.949052][T12951] security_sk_alloc+0x30/0x270 [ 595.949083][T12951] sk_prot_alloc+0x1c7/0x2a0 [ 595.949111][T12951] sk_alloc+0x36/0xc20 [ 595.949144][T12951] __netlink_create+0x5e/0x2c0 [ 595.949178][T12951] __netlink_kernel_create+0xed/0x750 [ 595.949215][T12951] ? __pfx___netlink_kernel_create+0x10/0x10 [ 595.949259][T12951] ? __pfx_genl_pernet_init+0x10/0x10 [ 595.949297][T12951] genl_pernet_init+0xbd/0x170 [ 595.949336][T12951] ? __pfx_genl_pernet_init+0x10/0x10 [ 595.949373][T12951] ? lockdep_init_map_type+0x5c/0x280 [ 595.949407][T12951] ? __pfx_genl_rcv+0x10/0x10 [ 595.949441][T12951] ? __pfx_genl_bind+0x10/0x10 [ 595.949476][T12951] ? __pfx_genl_unbind+0x10/0x10 [ 595.949511][T12951] ? __pfx_genl_release+0x10/0x10 [ 595.949549][T12951] ? debug_mutex_init+0x37/0x70 [ 595.949579][T12951] ops_init+0x1e2/0x5f0 [ 595.949627][T12951] setup_net+0x10f/0x380 [ 595.949661][T12951] ? lockdep_init_map_type+0x5c/0x280 [ 595.949697][T12951] ? __pfx_setup_net+0x10/0x10 [ 595.949735][T12951] ? debug_mutex_init+0x37/0x70 [ 595.949766][T12951] copy_net_ns+0x2a6/0x5f0 [ 595.949808][T12951] create_new_namespaces+0x3ea/0xa90 [ 595.949846][T12951] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 595.949879][T12951] ksys_unshare+0x45b/0xa40 [ 595.949914][T12951] ? __pfx_ksys_unshare+0x10/0x10 [ 595.949949][T12951] ? xfd_validate_state+0x61/0x180 [ 595.949997][T12951] __x64_sys_unshare+0x31/0x40 [ 595.950030][T12951] do_syscall_64+0xcd/0x490 [ 595.950067][T12951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.950093][T12951] RIP: 0033:0x7f2e1678ebe9 [ 595.950113][T12951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 595.950139][T12951] RSP: 002b:00007f2e17640038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 595.950164][T12951] RAX: ffffffffffffffda RBX: 00007f2e169c5fa0 RCX: 00007f2e1678ebe9 [ 595.950182][T12951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 595.950198][T12951] RBP: 00007f2e16811e19 R08: 0000000000000000 R09: 0000000000000000 [ 595.950215][T12951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.950232][T12951] R13: 00007f2e169c6038 R14: 00007f2e169c5fa0 R15: 00007ffe4335bb28 [ 595.950269][T12951] [ 597.009785][T12971] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 597.378615][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 597.406910][T12976] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 597.563942][T12980] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 598.914941][ T1179] Bluetooth: hci4: Frame reassembly failed (-84) [ 598.970624][ T51] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 599.110169][T13023] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 599.913880][T13034] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1795'. [ 599.955061][ T36] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.965480][ T36] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.975059][ T36] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.984960][ T36] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 600.097947][T13031] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1794'. [ 600.113560][T13030] ima: policy update failed [ 600.118280][ T30] audit: type=1802 audit(4294967402.439:19): pid=13030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1794" res=0 errno=0 [ 600.133735][T13038] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1796'. [ 600.502977][T13038] team0 (unregistering): Port device team_slave_0 removed [ 600.545764][T13038] team0 (unregistering): Port device team_slave_1 removed [ 600.980155][ T51] Bluetooth: hci4: command 0xfc11 tx timeout [ 600.987821][ T5186] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 601.218697][T13054] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1800'. [ 601.518273][T13058] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 602.634883][T13076] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1805'. [ 604.716584][T13109] FAULT_INJECTION: forcing a failure. [ 604.716584][T13109] name failslab, interval 1, probability 0, space 0, times 0 [ 604.729533][T13109] CPU: 1 UID: 0 PID: 13109 Comm: syz.0.1815 Not tainted syzkaller #0 PREEMPT(full) [ 604.729555][T13109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 604.729565][T13109] Call Trace: [ 604.729571][T13109] [ 604.729577][T13109] dump_stack_lvl+0x16c/0x1f0 [ 604.729602][T13109] should_fail_ex+0x512/0x640 [ 604.729622][T13109] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 604.729643][T13109] should_failslab+0xc2/0x120 [ 604.729661][T13109] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 604.729679][T13109] ? __alloc_skb+0x2b2/0x380 [ 604.729699][T13109] __alloc_skb+0x2b2/0x380 [ 604.729716][T13109] ? __pfx___alloc_skb+0x10/0x10 [ 604.729736][T13109] ? __pfx___register_sysctl_table+0x10/0x10 [ 604.729757][T13109] ? is_module_address+0x69/0xf0 [ 604.729779][T13109] inet_netconf_notify_devconf+0x8b/0x1f0 [ 604.729804][T13109] __devinet_sysctl_register+0x227/0x360 [ 604.729828][T13109] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 604.729851][T13109] ? devinet_init_net+0xeb/0x910 [ 604.729873][T13109] ? __asan_memcpy+0x3c/0x60 [ 604.729889][T13109] devinet_init_net+0x347/0x910 [ 604.729920][T13109] ? __pfx_devinet_init_net+0x10/0x10 [ 604.729943][T13109] ops_init+0x1e2/0x5f0 [ 604.729965][T13109] setup_net+0x10f/0x380 [ 604.729984][T13109] ? lockdep_init_map_type+0x5c/0x280 [ 604.730004][T13109] ? __pfx_setup_net+0x10/0x10 [ 604.730024][T13109] ? debug_mutex_init+0x37/0x70 [ 604.730041][T13109] copy_net_ns+0x2a6/0x5f0 [ 604.730064][T13109] create_new_namespaces+0x3ea/0xa90 [ 604.730085][T13109] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 604.730103][T13109] ksys_unshare+0x45b/0xa40 [ 604.730122][T13109] ? __pfx_ksys_unshare+0x10/0x10 [ 604.730142][T13109] ? xfd_validate_state+0x61/0x180 [ 604.730168][T13109] __x64_sys_unshare+0x31/0x40 [ 604.730186][T13109] do_syscall_64+0xcd/0x490 [ 604.730207][T13109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.730222][T13109] RIP: 0033:0x7f2e1678ebe9 [ 604.730234][T13109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 604.730248][T13109] RSP: 002b:00007f2e17640038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 604.730263][T13109] RAX: ffffffffffffffda RBX: 00007f2e169c5fa0 RCX: 00007f2e1678ebe9 [ 604.730274][T13109] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 604.730282][T13109] RBP: 00007f2e16811e19 R08: 0000000000000000 R09: 0000000000000000 [ 604.730291][T13109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 604.730300][T13109] R13: 00007f2e169c6038 R14: 00007f2e169c5fa0 R15: 00007ffe4335bb28 [ 604.730319][T13109] [ 605.017234][T13114] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1816'. [ 605.195342][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2283 with max blocks 1 with error 117 [ 605.273146][ T5186] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 605.304664][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 605.304664][ T13] [ 606.251003][T13137] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1823'. [ 606.502970][T13144] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 1938 with max blocks 1 with error 117 [ 606.600316][T13144] EXT4-fs (sda1): This should not happen!! Data will be lost [ 606.600316][T13144] [ 606.725480][T13147] EXT4-fs error (device sda1): ext4_discard_preallocations:5671: comm syz.1.1825: Error -117 reading block bitmap for 3 [ 606.740303][T13147] EXT4-fs error (device sda1): ext4_discard_preallocations:5671: comm syz.1.1825: Error -117 reading block bitmap for 3 [ 606.833539][T13149] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1834'. [ 610.095321][T13202] random: crng reseeded on system resumption [ 610.137645][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 610.206760][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 610.218205][ T13] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 610.228803][T13207] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1838'. [ 610.241801][ T1179] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 610.252580][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 610.266905][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 610.281421][ T13] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 610.302013][ T1179] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 610.313434][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 610.315075][T13207] mac80211_hwsim hwsim22 : renamed from wlan0 [ 610.349106][ T13] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 610.359965][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 610.456725][ T1179] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 610.458655][ T13] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:1: iget: checksum invalid [ 610.527563][ T13] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 610.537294][ T1179] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u8:8: iget: checksum invalid [ 610.577836][ T1179] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 610.605496][ T13] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 610.626168][ T1179] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 610.657096][ T13] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 610.709375][ T1179] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 621.442501][T13221] Invalid ELF header magic: != ELF [ 621.608999][T13223] random: crng reseeded on system resumption [ 621.635890][T13223] FAULT_INJECTION: forcing a failure. [ 621.635890][T13223] name failslab, interval 1, probability 0, space 0, times 0 [ 621.680272][T13223] CPU: 1 UID: 0 PID: 13223 Comm: syz.3.1844 Not tainted syzkaller #0 PREEMPT(full) [ 621.680310][T13223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 621.680326][T13223] Call Trace: [ 621.680335][T13223] [ 621.680345][T13223] dump_stack_lvl+0x16c/0x1f0 [ 621.680386][T13223] should_fail_ex+0x512/0x640 [ 621.680429][T13223] should_failslab+0xc2/0x120 [ 621.680461][T13223] __kmalloc_cache_noprof+0x6a/0x3e0 [ 621.680485][T13223] ? do_raw_spin_lock+0x12c/0x2b0 [ 621.680520][T13223] ? find_held_lock+0x2b/0x80 [ 621.680542][T13223] ? async_schedule_node_domain+0x54/0x120 [ 621.680572][T13223] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 621.680603][T13223] async_schedule_node_domain+0x54/0x120 [ 621.680634][T13223] dev_cache_fw_image+0x38e/0x490 [ 621.680665][T13223] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 621.680698][T13223] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 621.680739][T13223] dpm_for_each_dev+0x5d/0xb0 [ 621.680766][T13223] fw_pm_notify+0x81/0x150 [ 621.680790][T13223] notifier_call_chain+0xbc/0x410 [ 621.680820][T13223] ? __pfx_fw_pm_notify+0x10/0x10 [ 621.680857][T13223] blocking_notifier_call_chain_robust+0xc8/0x160 [ 621.680891][T13223] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 621.680932][T13223] pm_notifier_call_chain_robust+0x27/0x60 [ 621.680966][T13223] snapshot_open+0x218/0x2b0 [ 621.680995][T13223] ? __pfx_snapshot_open+0x10/0x10 [ 621.681018][T13223] misc_open+0x35d/0x420 [ 621.681041][T13223] ? __pfx_misc_open+0x10/0x10 [ 621.681067][T13223] chrdev_open+0x234/0x6a0 [ 621.681095][T13223] ? __pfx_apparmor_file_open+0x10/0x10 [ 621.681121][T13223] ? __pfx_chrdev_open+0x10/0x10 [ 621.681151][T13223] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 621.681187][T13223] do_dentry_open+0x982/0x1530 [ 621.681220][T13223] ? __pfx_chrdev_open+0x10/0x10 [ 621.681257][T13223] vfs_open+0x82/0x3f0 [ 621.681296][T13223] path_openat+0x1de4/0x2cb0 [ 621.681343][T13223] ? __pfx_path_openat+0x10/0x10 [ 621.681383][T13223] do_filp_open+0x20b/0x470 [ 621.681414][T13223] ? __pfx_do_filp_open+0x10/0x10 [ 621.681470][T13223] ? alloc_fd+0x471/0x7d0 [ 621.681505][T13223] do_sys_openat2+0x11b/0x1d0 [ 621.681540][T13223] ? __pfx_do_sys_openat2+0x10/0x10 [ 621.681590][T13223] __x64_sys_openat+0x174/0x210 [ 621.681627][T13223] ? __pfx___x64_sys_openat+0x10/0x10 [ 621.681679][T13223] do_syscall_64+0xcd/0x490 [ 621.681728][T13223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.681756][T13223] RIP: 0033:0x7fad2cb8ebe9 [ 621.681775][T13223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 621.681799][T13223] RSP: 002b:00007fad2d9b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 621.681825][T13223] RAX: ffffffffffffffda RBX: 00007fad2cdc5fa0 RCX: 00007fad2cb8ebe9 [ 621.681841][T13223] RDX: 0000000000000101 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 621.681856][T13223] RBP: 00007fad2cc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 621.681872][T13223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 621.681886][T13223] R13: 00007fad2cdc6038 R14: 00007fad2cdc5fa0 R15: 00007ffcae774f68 [ 621.681923][T13223] [ 621.683649][T13223] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.1844: iget: checksum invalid [ 622.010920][T13223] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 622.021969][T13223] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.1844: iget: checksum invalid [ 622.039012][T13223] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 622.055122][T13223] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.1844: iget: checksum invalid [ 622.077136][T13223] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 622.125343][T13223] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.1844: iget: checksum invalid [ 622.180967][T13223] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 622.222187][T13223] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 622.288276][T13223] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 622.344329][T13223] [ 622.346702][T13223] ====================================================== [ 622.353725][T13223] WARNING: possible circular locking dependency detected [ 622.360745][T13223] syzkaller #0 Not tainted [ 622.365157][T13223] ------------------------------------------------------ [ 622.372169][T13223] syz.3.1844/13223 is trying to acquire lock: [ 622.378236][T13223] ffffffff8e4751d0 (umhelper_sem){++++}-{4:4}, at: usermodehelper_read_trylock+0xa9/0x250 [ 622.388187][T13223] [ 622.388187][T13223] but task is already holding lock: [ 622.395565][T13223] ffffffff8f5174e8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 622.404474][T13223] [ 622.404474][T13223] which lock already depends on the new lock. [ 622.404474][T13223] [ 622.414880][T13223] [ 622.414880][T13223] the existing dependency chain (in reverse order) is: [ 622.423907][T13223] [ 622.423907][T13223] -> #1 (dpm_list_mtx){+.+.}-{4:4}: [ 622.431313][T13223] __mutex_lock+0x193/0x1060 [ 622.436444][T13223] device_pm_add+0x87/0x3e0 [ 622.441483][T13223] device_add+0x9cd/0x1aa0 [ 622.446434][T13223] firmware_fallback_sysfs+0x2ec/0xbe0 [ 622.452436][T13223] _request_firmware+0xfe9/0x1470 [ 622.458014][T13223] request_firmware_work_func+0xea/0x250 [ 622.464198][T13223] process_one_work+0x9cf/0x1b70 [ 622.469697][T13223] worker_thread+0x6c8/0xf10 [ 622.474830][T13223] kthread+0x3c5/0x780 [ 622.479454][T13223] ret_from_fork+0x5d7/0x6f0 [ 622.484601][T13223] ret_from_fork_asm+0x1a/0x30 [ 622.489917][T13223] [ 622.489917][T13223] -> #0 (umhelper_sem){++++}-{4:4}: [ 622.497320][T13223] __lock_acquire+0x12a6/0x1ce0 [ 622.502718][T13223] lock_acquire+0x179/0x350 [ 622.507761][T13223] down_read+0x9b/0x480 [ 622.512456][T13223] usermodehelper_read_trylock+0xa9/0x250 [ 622.518707][T13223] firmware_fallback_sysfs+0x6ba/0xbe0 [ 622.524703][T13223] _request_firmware+0xfe9/0x1470 [ 622.530265][T13223] __async_dev_cache_fw_image+0xb1/0x340 [ 622.536437][T13223] async_schedule_node_domain+0xd1/0x120 [ 622.542613][T13223] dev_cache_fw_image+0x38e/0x490 [ 622.548174][T13223] dpm_for_each_dev+0x5d/0xb0 [ 622.553381][T13223] fw_pm_notify+0x81/0x150 [ 622.558329][T13223] notifier_call_chain+0xbc/0x410 [ 622.563895][T13223] blocking_notifier_call_chain_robust+0xc8/0x160 [ 622.570906][T13223] pm_notifier_call_chain_robust+0x27/0x60 [ 622.577275][T13223] snapshot_open+0x218/0x2b0 [ 622.582391][T13223] misc_open+0x35d/0x420 [ 622.587155][T13223] chrdev_open+0x234/0x6a0 [ 622.592094][T13223] do_dentry_open+0x982/0x1530 [ 622.597377][T13223] vfs_open+0x82/0x3f0 [ 622.601970][T13223] path_openat+0x1de4/0x2cb0 [ 622.607081][T13223] do_filp_open+0x20b/0x470 [ 622.612101][T13223] do_sys_openat2+0x11b/0x1d0 [ 622.617300][T13223] __x64_sys_openat+0x174/0x210 [ 622.622673][T13223] do_syscall_64+0xcd/0x490 [ 622.627701][T13223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 622.634110][T13223] [ 622.634110][T13223] other info that might help us debug this: [ 622.634110][T13223] [ 622.644326][T13223] Possible unsafe locking scenario: [ 622.644326][T13223] [ 622.651768][T13223] CPU0 CPU1 [ 622.657122][T13223] ---- ---- [ 622.662472][T13223] lock(dpm_list_mtx); [ 622.666623][T13223] lock(umhelper_sem); [ 622.673296][T13223] lock(dpm_list_mtx); [ 622.679963][T13223] rlock(umhelper_sem); [ 622.684203][T13223] [ 622.684203][T13223] *** DEADLOCK *** [ 622.684203][T13223] [ 622.692332][T13223] 5 locks held by syz.3.1844/13223: [ 622.697517][T13223] #0: ffffffff8f307068 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 622.705980][T13223] #1: ffffffff8e484808 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0 [ 622.716340][T13223] #2: ffffffff8e4c4c70 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160 [ 622.728181][T13223] #3: ffffffff8f51cae8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 622.736804][T13223] #4: ffffffff8f5174e8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 622.746120][T13223] [ 622.746120][T13223] stack backtrace: [ 622.752001][T13223] CPU: 0 UID: 0 PID: 13223 Comm: syz.3.1844 Not tainted syzkaller #0 PREEMPT(full) [ 622.752026][T13223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 622.752039][T13223] Call Trace: [ 622.752048][T13223] [ 622.752056][T13223] dump_stack_lvl+0x116/0x1f0 [ 622.752085][T13223] print_circular_bug+0x275/0x350 [ 622.752112][T13223] check_noncircular+0x14c/0x170 [ 622.752139][T13223] __lock_acquire+0x12a6/0x1ce0 [ 622.752169][T13223] lock_acquire+0x179/0x350 [ 622.752193][T13223] ? usermodehelper_read_trylock+0xa9/0x250 [ 622.752214][T13223] ? __pfx___might_resched+0x10/0x10 [ 622.752237][T13223] down_read+0x9b/0x480 [ 622.752265][T13223] ? usermodehelper_read_trylock+0xa9/0x250 [ 622.752285][T13223] ? __pfx_down_read+0x10/0x10 [ 622.752311][T13223] ? __dev_printk+0x1ff/0x270 [ 622.752339][T13223] usermodehelper_read_trylock+0xa9/0x250 [ 622.752358][T13223] ? __pfx_usermodehelper_read_trylock+0x10/0x10 [ 622.752380][T13223] ? __pfx_autoremove_wake_function+0x10/0x10 [ 622.752404][T13223] ? ima_load_data+0x42/0x140 [ 622.752426][T13223] firmware_fallback_sysfs+0x6ba/0xbe0 [ 622.752455][T13223] _request_firmware+0xfe9/0x1470 [ 622.752482][T13223] ? __pfx__request_firmware+0x10/0x10 [ 622.752507][T13223] ? dump_stack_lvl+0x1a3/0x1f0 [ 622.752533][T13223] __async_dev_cache_fw_image+0xb1/0x340 [ 622.752559][T13223] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 622.752585][T13223] ? mark_held_locks+0x49/0x80 [ 622.752609][T13223] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 622.752639][T13223] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 622.752665][T13223] async_schedule_node_domain+0xd1/0x120 [ 622.752690][T13223] dev_cache_fw_image+0x38e/0x490 [ 622.752714][T13223] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 622.752739][T13223] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 622.752762][T13223] dpm_for_each_dev+0x5d/0xb0 [ 622.752782][T13223] fw_pm_notify+0x81/0x150 [ 622.752803][T13223] notifier_call_chain+0xbc/0x410 [ 622.752828][T13223] ? __pfx_fw_pm_notify+0x10/0x10 [ 622.752852][T13223] blocking_notifier_call_chain_robust+0xc8/0x160 [ 622.752879][T13223] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 622.752911][T13223] pm_notifier_call_chain_robust+0x27/0x60 [ 622.752939][T13223] snapshot_open+0x218/0x2b0 [ 622.752962][T13223] ? __pfx_snapshot_open+0x10/0x10 [ 622.752986][T13223] misc_open+0x35d/0x420 [ 622.753008][T13223] ? __pfx_misc_open+0x10/0x10 [ 622.753032][T13223] chrdev_open+0x234/0x6a0 [ 622.753059][T13223] ? __pfx_apparmor_file_open+0x10/0x10 [ 622.753082][T13223] ? __pfx_chrdev_open+0x10/0x10 [ 622.753107][T13223] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 622.753133][T13223] do_dentry_open+0x982/0x1530 [ 622.753158][T13223] ? __pfx_chrdev_open+0x10/0x10 [ 622.753185][T13223] vfs_open+0x82/0x3f0 [ 622.753215][T13223] path_openat+0x1de4/0x2cb0 [ 622.753242][T13223] ? __pfx_path_openat+0x10/0x10 [ 622.753269][T13223] do_filp_open+0x20b/0x470 [ 622.753292][T13223] ? __pfx_do_filp_open+0x10/0x10 [ 622.753324][T13223] ? alloc_fd+0x471/0x7d0 [ 622.753352][T13223] do_sys_openat2+0x11b/0x1d0 [ 622.753381][T13223] ? __pfx_do_sys_openat2+0x10/0x10 [ 622.753414][T13223] __x64_sys_openat+0x174/0x210 [ 622.753445][T13223] ? __pfx___x64_sys_openat+0x10/0x10 [ 622.753479][T13223] do_syscall_64+0xcd/0x490 [ 622.753507][T13223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 622.753529][T13223] RIP: 0033:0x7fad2cb8ebe9 [ 622.753547][T13223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 622.753567][T13223] RSP: 002b:00007fad2d9b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 622.753587][T13223] RAX: ffffffffffffffda RBX: 00007fad2cdc5fa0 RCX: 00007fad2cb8ebe9 [ 622.753602][T13223] RDX: 0000000000000101 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 622.753616][T13223] RBP: 00007fad2cc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 622.753629][T13223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 622.753646][T13223] R13: 00007fad2cdc6038 R14: 00007fad2cdc5fa0 R15: 00007ffcae774f68 [ 622.753666][T13223] [ 624.421666][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.428027][ T1305] ieee802154 phy1 wpan1: encryption failed: -22