last executing test programs: 19m45.473847179s ago: executing program 2 (id=37): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0xf, 0x7, 0x8, 0x0) r0 = socket(0x10, 0x3, 0xb) setsockopt$auto(r0, 0x104000000000010e, 0x1, 0x0, 0x16) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 19m45.348064382s ago: executing program 2 (id=39): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x71, 0x0, 0x8) 19m44.696161699s ago: executing program 2 (id=45): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = socket(0xa, 0x2, 0x0) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) pipe$auto(0x0) tee$auto(r0, 0x3, 0x8000000000402, 0x5) 19m44.487151402s ago: executing program 2 (id=47): close_range$auto(0x0, 0xfffffffffffff000, 0x0) socket(0x10, 0x2, 0x0) socket(0x2, 0x1, 0x106) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x2, 0x0) ioctl$auto(0x3, 0x89e0, 0x91) 19m44.33971849s ago: executing program 2 (id=49): set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21) io_uring_register$auto(0xffffffffffffffff, 0x1f, &(0x7f0000000040)="78298dc7", 0x1) r0 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/attr/current\x00', 0x1, 0x0) write$auto(r0, 0x0, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 19m43.282990721s ago: executing program 2 (id=56): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000300dfd700000a00050000000000000000000a0001004cbd1bb0650300000a0001000000000000000000080004001000000008000300050000000a000100bc"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 19m42.902945556s ago: executing program 32 (id=56): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000300dfd700000a00050000000000000000000a0001004cbd1bb0650300000a0001000000000000000000080004001000000008000300050000000a000100bc"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 17m44.870408284s ago: executing program 3 (id=1041): socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000000081, 0x8, 0x2, 0xfffffffffffffff8}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f000001f300), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r0], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 17m44.735032431s ago: executing program 3 (id=1042): socket(0x2b, 0x1, 0xffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) lsm_list_modules$auto(0x0, 0x0, 0x0) r0 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$auto_IMADDTIMER(r0, 0x80044940, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(0x3, 0x0, 0x80) 17m44.194311087s ago: executing program 3 (id=1049): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r1, &(0x7f00000000c0)={0x0, 0x7}, 0x3) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) 17m42.955306966s ago: executing program 3 (id=1060): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 17m42.036239202s ago: executing program 3 (id=1071): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) getpid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000e40)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x40000, 0x0) pread64$auto(r1, &(0x7f0000000040)='/dev/tty0\x00', 0x3, 0x7) 17m40.242365125s ago: executing program 3 (id=1092): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) uname$auto(&(0x7f0000000240)={"fc685f71205fad1cb07f3e67d49ca513219e5cd8e010a4393fc468a7c27ff25b3d6a3f3540d153f788ae9f976eb8ad13af309148c74748a98a086e1030ae014236", "9c93244e3d563f0aa13f22a230414ac25ef6d8108920d762077fdf97a7967b55e0127ffae56dee5ccff7b8625876c376b4be546a02eea99f9069212f129d6fe2ad", "491ea26a688b8658035455079bd72a42d030bd6a4cdd4b02d50236cfc9a94c566b98f5d8d7689b4b9a4ffd1513fd5bafa188603808790096b8f4854035edacdf05", "eb9dce7ad83b583285f5a6217510229bfde2caf616acd1dc1df95c1b28e210c750f58f24693ab743348cd3e161b875f0a696fd94f0c154917eca09863e20b43e47", "c31b9f193ec75b094a1f400a2229101e86416b0ccdd2dab4e531ccb4ed9ec9d4560b1516df5c67c8244ad926ce5a51ef90b80248edaf1b654f695b6b4e6cbdd475", "e93dac6cf9221b10088ae454d2244a030654fa614f960905bfc97b029a1756f5700eadd486f0b060601a16fb0913d64929102abf4e30c8ebe2946d351cc99b7bcf"}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8000000, &(0x7f00000002c0)={0x0, 0x2}, 0x1, 0x0, 0x2, 0x7}, 0x4}, 0x3, 0x0) 17m39.826957741s ago: executing program 33 (id=1092): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) uname$auto(&(0x7f0000000240)={"fc685f71205fad1cb07f3e67d49ca513219e5cd8e010a4393fc468a7c27ff25b3d6a3f3540d153f788ae9f976eb8ad13af309148c74748a98a086e1030ae014236", "9c93244e3d563f0aa13f22a230414ac25ef6d8108920d762077fdf97a7967b55e0127ffae56dee5ccff7b8625876c376b4be546a02eea99f9069212f129d6fe2ad", "491ea26a688b8658035455079bd72a42d030bd6a4cdd4b02d50236cfc9a94c566b98f5d8d7689b4b9a4ffd1513fd5bafa188603808790096b8f4854035edacdf05", "eb9dce7ad83b583285f5a6217510229bfde2caf616acd1dc1df95c1b28e210c750f58f24693ab743348cd3e161b875f0a696fd94f0c154917eca09863e20b43e47", "c31b9f193ec75b094a1f400a2229101e86416b0ccdd2dab4e531ccb4ed9ec9d4560b1516df5c67c8244ad926ce5a51ef90b80248edaf1b654f695b6b4e6cbdd475", "e93dac6cf9221b10088ae454d2244a030654fa614f960905bfc97b029a1756f5700eadd486f0b060601a16fb0913d64929102abf4e30c8ebe2946d351cc99b7bcf"}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8000000, &(0x7f00000002c0)={0x0, 0x2}, 0x1, 0x0, 0x2, 0x7}, 0x4}, 0x3, 0x0) 13m32.410773364s ago: executing program 4 (id=3011): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x8023, 0x3, 0xfffffffe, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4068aea3, 0x0) 13m32.159980899s ago: executing program 4 (id=3012): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x20, 0x309, 0x6, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800000000002, 0x9, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x2961]}, 0x1fb, 0x81) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) msgctl$auto_IPC_RMID(0x10, 0x0, &(0x7f0000000440)={{0x7, 0x0, 0x0, 0x10004, 0x3, 0x3, 0x2}, 0x0, 0x0, 0x3ff, 0xfffffffffffffffc, 0x2b, 0x200, 0x3, 0x47, 0x6, 0x7, @inferred=0xffffffffffffffff}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r0}, 0x6a) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfded}, 0x2, 0x0, 0x6, 0xa506}, 0x800}, 0x5, 0x4008) 13m31.822813143s ago: executing program 4 (id=3014): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/security/tomoyo/query\x00', 0x82a02, 0x0) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x2, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = landlock_create_ruleset$auto(0x0, 0x4, 0xfffffffd) setsockopt$auto_SO_PASSSEC(r2, 0x9, 0x22, 0x0, 0x1) write$auto(0x3, 0x0, 0x5c8) 13m31.381887601s ago: executing program 4 (id=3016): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) socket(0x29, 0x2, 0x0) fsconfig$auto_SHMEM_HUGE_FORCE(0xffffffffffffffff, 0x7, &(0x7f0000000100)='@+\\!\x00', &(0x7f00000001c0)="5b0fdf8e7220ade733b697e361a312e8797cf9bc410c090dd180de688ae19ee0f7d3ce7f185fa1b9c9867d234fdb5c62c6e305f1df4ca134c6413371cb668566fc407fc2b99e953d74e9fe557dc0d6dd24b7fd497737dfcd44938915c5131197660e57624aba5b26b726415e50ca4639", 0xfffffffffffffffe) sendmsg$auto_SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, 0x0, 0x4000840) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) socket(0xa, 0x5, 0x84) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0xac, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0xffffffffffffffff, 0x6, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r0 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) 13m31.170008016s ago: executing program 4 (id=3019): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}}) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 13m31.056861305s ago: executing program 4 (id=3021): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x4000000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x140242, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x10}, 0x3) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0) socket(0xa, 0x1, 0x84) chmod$auto(0x0, 0x3ff) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto(r2, 0x8004552d, 0xffffffffffffffff) 13m15.680575341s ago: executing program 34 (id=3021): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x4000000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x140242, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x10}, 0x3) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0) socket(0xa, 0x1, 0x84) chmod$auto(0x0, 0x3ff) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto(r2, 0x8004552d, 0xffffffffffffffff) 12.78484188s ago: executing program 5 (id=5853): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000db, 0x12, 0x400, 0x18002) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x400000000008000) openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000002840)='/sys/kernel/tracing/trace_clock\x00', 0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) ustat$auto(0x801, 0x0) sendmsg$auto(r1, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) readv$auto(0x3, 0x0, 0x10) 10.405308519s ago: executing program 6 (id=5859): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) mmap$auto(0x0, 0x100000001, 0xdf, 0x9b72, 0x2, 0x800008000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x80000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r2, 0x4004550c, r2) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) madvise$auto(0x0, 0x2003f0, 0x11) personality$auto(0xfffffffc) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x400, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) statx$auto(r0, 0x0, 0x9, 0x2, &(0x7f0000000540)={0x5, 0x17d, 0x5f04, 0x8f, 0x0, 0x0, 0x4, 0xbd49, 0x8, 0x2, 0x100, 0x10000000004, {0xffffffffffffffb1, 0xfffffffc}, {0x80000001, 0x6}, {0x100000000, 0x3}, {0xe}, 0x9, 0x4, 0x7, 0x0, 0x9, 0x3, 0x2, 0x3, 0x481000, 0xfffffffe, 0x3, 0x6, [0x0, 0x1, 0x91, 0xb, 0x3, 0x2, 0xcd1, 0x3d7d, 0x2]}) bpf$auto(0x0, 0x0, 0x400f) 10.405180631s ago: executing program 5 (id=5860): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$auto_TCSBRK2(0xffffffffffffffff, 0x5409, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000f7, 0x3, 0x1) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) socket(0x2a, 0x2, 0x1) write$auto(0x3, 0x0, 0xffd8) setsockopt$auto(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)='\x00', 0x8) mseal$auto(0x0, 0x7dda, 0x0) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r0, 0x9210642d, 0xc5) r1 = dup$auto(0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0x80000000df, 0x9b72, r1, 0x28000) r2 = socket$nl_generic(0x10, 0x3, 0x10) readv$auto(r2, 0x0, 0x19) unshare$auto(0x40000080) unshare$auto(0x40000080) r3 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r3, 0x107, 0x2, 0x0, 0x28) 9.594543863s ago: executing program 1 (id=5861): r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/011/001\x00', 0x40, 0x0) socket(0xa, 0x1, 0x84) socket(0x2a, 0x2, 0x0) socket(0x28, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) syz_clone3(0x0, 0x0) shmctl$auto_IPC_SET(0x6, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/est_nice\x00', 0x143881, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r1, r1, 0x0, 0x1000200) sendmsg$auto_IEEE802154_LLSEC_LIST_DEVKEY(r0, 0x0, 0xc000000) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x4, 0x7fff, 0x1, 0x948b, 0x5, 0x8, 0x400000006, 0x100000000003, 0x8, 0x9, 0x5, 0x6d3c, 0x400005, 0x5]}, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r2, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc000cd84061c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1", 0x300) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 8.690956802s ago: executing program 6 (id=5862): r0 = socket(0x10, 0x2, 0x4) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x108000, 0x800032, 0x4) madvise$auto(0x0, 0x200007, 0x19) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) ioctl$auto(0xffffffffffffffff, 0x400064c8, 0xffffffffffffffff) setpriority$auto_PRIO_USER(0x2, 0x0, 0x3) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r0, 0x0, 0x2fb) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, 0x0, 0x202400, 0x0) 8.242980452s ago: executing program 5 (id=5863): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810008, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000040)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) r2 = socket(0x23, 0x5, 0x0) bind$auto(r2, 0x0, 0x80) socket(0xf, 0xa, 0x5) ioperm$auto(0x7, 0x75, 0x4) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) 8.242111009s ago: executing program 0 (id=5873): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x2, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) mmap$auto(0x0, 0xa00006, 0x400002, 0x40ebe, r0, 0x300000000000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) close_range$auto(0x2, 0x8, 0x0) 8.241611838s ago: executing program 1 (id=5864): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000000200)="352c8efa610c0bcf83a4ebdb040000000000000021cb244b19a48bb5e0d12df9735b745b9554dfb0ad77a37be296ebe6f598901d632a206d9bb056d8c8", 0x3d) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x801, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) io_uring_setup$auto(0x1, 0x0) bpf$auto(0x5, 0x0, 0x102) getpid() r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0xa001, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 7.347748094s ago: executing program 6 (id=5865): openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0xa0000, 0x0) ioctl$auto(r2, 0x4b3a, 0x1) ioctl$auto(0xc8, 0x800454da, 0xffffffffffffffff) r3 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) copy_file_range$auto(r3, 0x0, r4, 0x0, 0x21c3, 0x0) openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f00000005c0), 0x101080, 0x0) pidfd_open$auto(0x1, 0x80) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mprotect$auto(0x3, 0x8000, 0x1) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x8000000000003, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket$nl_generic(0x10, 0x3, 0x10) write$auto_snd_seq_f_ops_seq_clientmgr(r0, &(0x7f0000000600)="1f8842e738998f93741c724f22740b67b60874f919b1c91009f92f1f2489938f562e09bd55d01671f07e2c30b959d2649eea38fc3a0956f19d8348d3dba680e239001cf5c1d00b75ae43c84f66f13c04984495acecb44cd985924073d126a6e084e0b287068b1d16868e23c32e2584a78b0cea0ebebb4af502bf75c524c245ce160a1cd2a86b5bb5b2f2363e0a338d4368a9fe7618c678909406c76a6f6290956a2717baca77a4b0675f1fcd94a94d771763cadc9519f3736e2975a54544993fb227e06aae5b63189fb9c8091ed077e283349063261c9bacbfa116895f99e6638a2ab1083e082ba3dab565b809898af727bd32b8685dc3466f350294597e4658fb80b591dd8286fde1d7770d5b268a76e6194754f280d124c53fb00308e13263955f351a6f242c423675f1a7ef39eaad9e1a1cb25b81df41a04b85cd7fcd0bd214bdd932827a20b4b6e4cb1c46eb28e0355a0d2cb49e0d6ce0a59b74a69538155eb1cf373117a2e34598bd22d7c31f3d2933f8153ec143996e8634c186146b7a51e070fa47f66899cfec193e39dd8c01b7300a0297d6ca1c197280911ab931608a17a2703b83a52c2dd56b62c4e94b77f9813ab345d585639b38776332923eedc0b329d386c773e6e7e879526c19b0b52177a9440560d115f32676b3066e3dcfb1f34346a9ce767eaa59509b458337b6af0e476c8457900be858c89261c52b49e48f92961baae413eb0784299d3d174046d643981c5051a40e6947c0803ac3e202faab3da32c29ec0b11fdae4c27b972ecd2ac59ef9ad9a575ea29819878beb7002730f9b553ab6785a1247b8f085f891f7a9744765a754e2ae4f3731b9c3d4769774246c54432818953f5bee9b2fdee1ed3aae8e8fb27acdc74b8e1ac6b52766b33f14ee5543333179bb6ee1a58780a658adcaa049de7051d18bff5e5b9bfc602d426ccd3a24c795fe2c2e68257bdcaa520c48f24875c2abf6d493c896acad058ac09403f63eb0cf1bffba589b639c9faabc2e78fd0bd76a55cae9e15b1e7c6bf3d4a51b061168407296581e794b1a679b0695c0d215f0a8571c4c0fdd518a2dec6c812e32907f76b07265d3cae3d42acaf6b28b00f1e523c61adca6d377cc9682740f1f47f69f05ed7736590f71d4616935ed1593fd9e98e219b5d47328a449c9edbea621a3eb35bdaa2320a2370e57433e09857789a1b9d88357efad6615a09d40c75c6fd575626a1f14f9aa6122461b1cc35c69768f7c03956fd9f1b15924e53ed1a0d153e5e22cd1ca71b9718f19188e54ccfc496d37f9d6836bc262b8cc73ebd5e2524529eeae83405e00e9af4211001db6ae00e2c1efb57697cbb6c1c7b7557f6a6c76aa1c37c902000a8a7f40451c1470183fc5a92268081baf4308baa6aa609def76a8d63bf9be77ba2b39ff6c940e1287a7d2ff788bb7f3a19f53cbe1c20a4dfb24e8cdff0d388a9494d1224187a0ee7698ca32fe26b59f07b9cfdf6d583f1f024f5053bb5b31ae31dec9d41116b4651c6955c17d58b7ad3cec7cf3959d907a0cfbd8342debce0e07fe93952e40a6042f326260c236c04f8356c557407c9fc433b8c852322b1d2bb1117a8314c6d29c617a166c06e61728a5d88151f0cee7062f0847309bee8a224598e0265faaddcb4e7bbb3484b4eb520d94e1918c1819b9f7a2c1c74a419f83f1baf4a075f8234b99b737d82dd5c50a11e55036c6356c71f9d61978014ba401b79a98aef265e40f1ce7347167b5d3c8b521f1327f5a0a69c34b613f549149ada32fe95168615aaa7c5fd87a522b480a13a69b5741c96138474f3dd12ba6f3ed7f8e39a5d82ab452c3bdd0dfa282d5cf27419a6bf2e58ba71d3757e622b88f40f2a4596a9b8bd13c2ad9a9a61e953c9cbcbe3abdb8b631ba7684a9c867c56720e8574407fa2b6e729ffda43f4079eb9b6f922c7001bf7ed8949eb912e3281a9b335781904e02f7a0b628dc8e6d0ec1e0938db7fcf713e62a92f08003d34d3f26aa8a39fa87ede48af3bd91295a51b2fd5af9d2ba041e510f7f39a178deb7e59d890bec34cf85ad9133996c9a4a92213cea076b81f13d5493111f2991e742df6f6b443b7b539991c5e889421d1d6125a5b300cf8dedd406b56302c9515332279d4a443b09b0d416f6b330836b05e80d0c005bfc6d4d4e53acef964e76fd928958f3b2e8ac676f801f393a112d96923ebf944145f0fb478520c96dda08a8a492d059a681ef781755a3d6d2d08a5e2ad42e940b5ef004fc19b0a2d3bfe5afdd0cf6b7f6bda751b6d8b962497412541fc918b03c2325da0479599778cb933c88f4802030c46df7b29de5716ed1b749a8c71244f336fee88d21f9e0167c87e9aead03cf6d61c913ab890283e8c1fd6c8aea7c03177ddf982857e186dbe1cf15186fbafbee8f010aba127031e1aa73bfaef768e45e533ca16f59e149fbfb9ec567cde25e549a8058d3c9b60d377b20780e6b7537fc963c3a3a9fb0ce3fc9de0ba7936b4ea3272f38bb9f55311e375e063e8425222bd5c721da8e1ea98507cdac956bfec7050c72656089ed54277e6c5cb2acab4e43f9bee1c3d179e542b222793a93e65a3ce04856df56a2080def31be8c6d47f24ae8f139728128ff4812352b97d8775e8d6cc7515f9686107b4e0200e7e7109d535e0f70b2ef2008902aafc947fd3896f9e1fb508e573d1768586e2612582bc1ca9cb7438359bb1cc944f46fc8f9c9b69e6dc27ac9b94cd399cc9b1d164b69b1fa1b1a8f4565ff872db129c2c3bbd2d3572f680af69ae7ef2b0b323900b3cf4d185e80b07982a71eeaf49dabca3a2ab075eea14fa900000a168a689d87585160065191943efe6cb69d3b4e7db735060f71e71e1a2ec5936e6f69142fbea4ee55115d3b3d89bb1e8ed2871605ebcc0d311e60a55ccf6bc1b8061f526fcdd256063286fdafb9f39afc7db965bf2c2217ef79cf4d487389c9f3276fdf939ee056f729cade1c6d94b9a4d16f3263e619b79c3d5499c54079446982a3281d28a3d8c35afaba05b50c862c5ef24ba49a30dac385ffb56ef0c2285a29cdb131f8079179eceaed42e5af20aae170f102b8e2a1c253aa14dea937209dfd43931f43e78dc5159e62be947a6c20837f6c681a1d03506f917cd1680ec8490b4005498bec7c1ef68cf96c74403260babe47bb3d90e400017646335e5f0415e0923e3662ec7f2df764d72e6192e02676ae64174a8b17cec1df654d1d317245789aa7d96833382d7d417f4672104c6f503e8e2c8f6990dce42257e54009fcf0394636b50d54b06b845b0204a6b0b5bdb3a4d4ba2da020baa0b2efd1797000c277ae31642aa15a0475b5f977e83457f9cd056b7726fa2efa2e48f389bbb2c5d7ec2f6570f81b4bd372047674436f12c961405fcd89277addcfcd502a8f9260ad9acb4efe41358f1ebd34e179306ab76b1c4c36fbd5ee61ce6a2541cc9987a73e8a133f7d7ff0e4ecbb44e3975fd23678b0226f3af7bb361b31ecffc2552a9ae76e9580544f3aaa56be7f023fb088176863ab095d36c4736600f1ed87c3a1679ab918d46a036952ae9cc8c9d99d197bcd5ae501f7302ca31d8bb9ef90e7be7689e311cb8a52a44d01e9ec5ebaa31cc8a006925d7b953b169f5ce55c75d169ff677a82778ee05ea6a92b64e2c177f728d7f4c6e200ef3815364a259abb04b6bacc482c326c028f10370c32571edfd626ae0dc62bf8a930a0dbfb93c0183d7ba2b762d1351a1c155f404769868d44ca41a86ef235514cf54c6a34176145e0052728e8b3a02dafdf2dad64cd6d1a2e2a9eee67007a7b20591508de0a8d54f2fa6deedaebdfc5dc2cd58b893841af61533c889dcc871597279d2231451a3410943bb92be84f97eed08e8105fbe2a4dedb56e9d9aa3a1a951a0e304663ddf2f1d8e2312624dcf154d83e6050ee34c326f44c491baa2b8d4cb52bb658b1976300cdb76910fe0445eebdf1b8abfe78741b43df09f94f79e5976604bca356bdb6c97b55c3f01bdbd958015a0d1c4651c0c603caba25c24da51fc45eb82f71a841107c0d097a230d54ed6e560cab21540c5df4dd317aac338ce71a4dd206717f6450422b9f38b59f842be15e2e2d7ada323889eaf2f5e10dc483bce233629f4ed68731ba7afea5a732b60d60d0c5461c17f695c2dacdbd6dddddc089ce60449ee68a3efd068c9874a52c8a6d9abed77265995af43af4366306cffb2703c48cc1fd52372b18a8033d7f30d30b0f36b7c96d93335dad097ba5c8bf59ae4e4e661672473f88e1b528a88b401438bb7537dd0e6db943fe8d6d10b2dfb6a6a88592bade5ade22d66c4b27ab8e3191e6fb3c58e7353736678b8038fc0114d933959bc0cdaea63b3d9f89a3c91041bcb32bb5867e4ed0d3c96ef969129dcb675afef9ce25722dae73c30a2c510e7272fb70e94b356a9c4967ee8c2a3d71807bd1b68ab24bbac47ec04336269621342c27be652c127118f23231862124bf3270ab1379e0bb9c37e165856d7fee133a561da85560c6cda019bf41e0a6967acb43ab065ff110cea1620b070029705cee0785f0b7636eccb0dd0accb8811dd5dd56592e7effbfe13c02570c29507f2c2f4b6e6d5b0a06c793ef9a0aed548a748d3d4f1697fda972ba5c3650a9a94597ed07130bbb70349cd61deff23fa3c8e4651d16c5f29cd008db981eea6d32fcdfb5422fd0d7322c218756b092e360bed32b63d33c1560698b70e0524fcb1817cc8fa5df2f88409fa8f59004e7d99438e31e720316f9b88857211209ee4bfacdeadc2bc84933ccf519be66ca2dfe9779063a28cbad085c5bf311f55a65f2c218fb634927d02f0edd8f89ce781fcd1bce0c35e0cf8e6c2be59dd6dce24e1d6f7936194f8cf1754aa6cf66e21727c3129fa271e2858f50968142dab993d24f3593f4c0c7eedc5a5c4f15abd2dcb74a8d109a9ac00e07702bc3b0f85005b06c3cbcff240b83c408b12849cc2ef83809fde42c1e62ae0dac218148821ede3fb2201a87d55e029522bfe43f359529f3ce87771611bb6767aaa20a6399ecaa8866d4c04341ffcbfe3868262afd068c554d6402f7f6b916bca2d484535ca00eb3d0629181ee2a9a9af573039ce91de9ddf593d7617acdf445360a87cf21e7553d8054e44d1bd9e73af40826319b2f9f770efeda848174b15af40217d33c94c305459a15baa811240805ff9183397980da9eeec33dc496eec390fcad83cac76e01b3963c0fb8e90c8504da6ac661904bebb7200d44ad644e86cf9abcc46deab51154142112156d637eda85f11d8c42a8100c8ca72470a28e699e961713946c2602ede0be44b6c27e632392acecb32a819bd190fbff6fdf1f0db4b45d502b21b465b7e8111e822c1b036e72ff31623150ced6489ad5cb80545296437e9591409c2a2d4ed4651da7bc1edb196ecb3094b9530974aa9da9ab2e4afdf849523d5412b5b5cc902233651661b6a99c2832f6aaec185ad71ecf2d4132889ee5cde91f7e93774b2bb4688dd9bfc56aa75ded11d984d15939495a329fe9c7d40101d9ba1a0ca9fbde9fc6b155988d10339f29fd27b676046d411e8b4d39786f8b02739bc95be2a6ab52d3a3b677043095a323cfaf3795ec794a71cc0ff63d9d319bd87b8e87d6751ad97065ad7243c4b47b3b3808a3a8cd1a5b4ae11a6bdb26891302d6a89ae215780a6da872ad786c25a0e21c7bf32eabecf4258640ea8f192073c99568aefb4ac7053efcd084485b73b44242597778478a830117bb6b99ffb5d9faf613aff47a3d5badaa5cbebed", 0x1000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x8, 0xc, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) 7.059792658s ago: executing program 0 (id=5866): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2002, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sequencer2\x00', 0x0, 0x0) epoll_create$auto(0x3e) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd4/integrity/read_verify\x00', 0x20a800, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x101000, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) open(0x0, 0xcd1e23e41b02d660, 0x154) socket(0x10, 0x2, 0x0) open(0x0, 0x161342, 0x0) socketpair$auto(0x0, 0x3, 0x0, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 6.424284456s ago: executing program 1 (id=5868): r0 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x80301, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r0, &(0x7f0000000040)="6524b5aac083b05c1173a1174ad8f5246cdc95", 0x13) r1 = socket(0xa, 0x3, 0x7) setsockopt$auto(0x3, 0x29, 0x46, 0x0, 0x808) madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000040)='5F\xf2\x00', 0x1000080000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) shmdt$auto(0x0) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event2\x00', 0xc0200, 0x0) ioctl$auto_EVIOCGKEYCODE(r2, 0x80084504, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r5 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r5, 0x29, 0x38, 0x0, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) unshare$auto(0x8000000) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) 5.923513756s ago: executing program 0 (id=5869): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card1/cable#1\x00', 0x100, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000040)=""/99, 0x63) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = socket(0x10, 0x2, 0x6) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, r4, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_COORDINATOR={0x1c, 0x1e, 0x0, 0x1, [@nested={0x18, 0x122, 0x0, 0x1, [@nested={0x8, 0x46, 0x0, 0x1, [@nested={0x4, 0xf7}]}, @nested={0xa, 0x10, 0x0, 0x1, [@generic='\x00\x00\x00*O{']}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044) r5 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) ioctl$auto_UI_SET_PHYS(r5, 0x4008556c, &(0x7f00000001c0)=0x0) ioctl$auto_UI_SET_PHYS(r5, 0x4008556c, &(0x7f0000000080)=0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv6/conf/netdevsim2/hop_limit\x00', 0x5014c0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) 5.590356837s ago: executing program 6 (id=5870): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) timer_create$auto(0x0, 0x0, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) mmap$auto(0x6, 0x4, 0x4000000000dd, 0x40eb1, r1, 0x300000000000) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) sendmsg$auto_NL80211_CMD_LEAVE_OCB(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, 0x0, 0x0, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_KEY_SEQ={0x7, 0xa, "107c4c"}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x3}, @NL80211_ATTR_WIPHY_NAME={0x5, 0x2, '\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) 5.109929221s ago: executing program 5 (id=5872): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x8, 0x2020009, 0x3, 0x216, r0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0x401, 0x8000) ioctl$auto(0xffffffffffffffff, 0xc0045405, 0x3) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mkdir$auto(&(0x7f00000002c0)='./file0\x00', 0x3) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x101040, 0x149) getxattrat$auto(r1, &(0x7f0000000300)='./file0\x00', 0xeb, &(0x7f0000000340)='/sys/kernel/debug/check_wx_pages\x00', 0x0, 0xffffffff) mmap$auto(0x200, 0x400008, 0x200, 0x9b72, 0xffffffffffffffff, 0x6) r2 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) read$auto_check_wx_fops_(r2, &(0x7f0000000080)=""/228, 0xe4) 2.737978094s ago: executing program 0 (id=5874): r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/011/001\x00', 0x40, 0x0) socket(0xa, 0x1, 0x84) socket(0x2a, 0x2, 0x0) socket(0x28, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) syz_clone3(0x0, 0x0) shmctl$auto_IPC_SET(0x6, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/est_nice\x00', 0x143881, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r1, r1, 0x0, 0x1000200) sendmsg$auto_IEEE802154_LLSEC_LIST_DEVKEY(r0, 0x0, 0xc000000) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x4, 0x7fff, 0x1, 0x948b, 0x5, 0x8, 0x400000006, 0x100000000003, 0x8, 0x9, 0x5, 0x6d3c, 0x400005, 0x5]}, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r2, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc000cd84061c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1", 0x300) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 2.737192423s ago: executing program 1 (id=5875): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x48a22, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x7) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x9}, 0x3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1f, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xe3a7) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000480)='-', 0x1) 2.063132809s ago: executing program 5 (id=5876): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0xb2) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) mlock$auto(0x81, 0xffff) madvise$auto(0xffffffffffffffff, 0x5, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000200), r0) sendmsg$auto_KSMBD_EVENT_LOGOUT_REQUEST(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x48041) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) mmap$auto(0x0, 0x5, 0xefb, 0x8000000008011, 0x3, 0x2000000000) socket(0xa, 0x1, 0x100) r3 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r3, &(0x7f0000000040)=""/4096, 0xfffffe82) 2.058877409s ago: executing program 0 (id=5884): openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000240), 0x40, 0x0) r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/13t\x00', 0x101080, 0x0) socket(0xb, 0x80805, 0x0) nanosleep$auto(&(0x7f0000000280)={0x100, 0xc12}, &(0x7f0000000380)={0xffffffffffffffff, 0x7c}) fadvise64$auto_POSIX_FADV_NOREUSE(r0, 0x2, 0x6, 0x5) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da09, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0xffffffffffffff7f, 0x6d3f, 0x9, 0x2, 0xffffffffffffffff]}, 0x0) write$auto(r1, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fc, 0x7, 0xd, 0x9cd5, 0x958b, 0x3, 0x15f4da0a, 0x400000000003, 0x3, 0x8f, 0x40008000001f, 0x4, 0x6d3e, 0x9, 0x2, 0x40]}, 0x0) close_range$auto(0x2, 0x8, 0x0) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000003c0)='\xb2\x00\x00\x00\xd2\x8e\x9dj\xef\x13\xc9n\b\xea\xcb\xc0&V\xf9TY\x8c\xa0{\xb4\x1e\t\xb3\xe1\xad\xadA\xa2I!W\xd2F\n\xf05>1y\x84\x88\xc8v\xa0\xf0{\x1c\xdbUk\xde\xf29\x91\x85\xf3s\x19\x82\x96\xad\x9bH:\x7f,\xb5\xa0\xb3\xe7\x80\xd5\x83\xd3\xb8\x0eC \xcfp\x7f\x14P\xb7\xc0\xfe\xc8\x89\x85u\xec-\'z\xf7\x8bh\xa5\xeaX^\xc1\'\xf6L`\xa9\xd6V\x18RLF\x9f\v\f0uC\xa68\xac\xaf\xa0\x9f\'\xc7\xec', 0x3, 0x0) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000380), 0x80180, 0x0) r3 = socket(0x2c, 0x3, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r3) readv$auto(r2, &(0x7f00000000c0)={0x0, 0x7}, 0x6) 1.587375371s ago: executing program 6 (id=5877): memfd_secret$auto(0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0xa, 0x801, 0x84) socket(0xa, 0x1, 0x84) r1 = io_uring_setup$auto(0x6, 0x0) r2 = socket(0xa, 0x2, 0x88) r3 = bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3) bpf$auto(0x4, &(0x7f0000000040)=@link_update={r3, @new_prog_fd=r4, 0x1, @old_prog_fd=r1}, 0x9) 872.468492ms ago: executing program 1 (id=5878): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop12\x00', 0x8200, 0x0) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) openat$auto_clk_summary_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/clk/clk_orphan_summary\x00', 0x20800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000240), 0x3cb640, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0p/sub3/xrun_injection\x00', 0x8a180, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/batadv_slave_0/proxy_ndp\x00', 0x382, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mtd0\x00', 0x28082, 0x0) inotify_init1$auto(0x3000000000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0) ioctl$auto(0x3, 0x80106f53, r0) 871.176381ms ago: executing program 6 (id=5879): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = gettid() socket(0xa, 0x1, 0x100) syz_clone(0xc388db00, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file1\x00', 0x161342, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) semget$auto(0x80000000, 0x13c, 0x3ff) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x3, 0x7fffffff) r3 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000d00), 0x1, 0x0) sendmsg$auto_NL802154_CMD_SET_MAX_FRAME_RETRIES(r2, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRESHEX=r0, @ANYRESOCT, @ANYRESHEX=r3, @ANYRES64=r1], 0x4c}, 0x1, 0x0, 0x0, 0x20000810}, 0x20044810) sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004805}, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000040)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x80000001, 0xa505}, 0x7ff}, 0x7, 0x8) writev$auto(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x3a6f1e07}, 0x3) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x842, 0x0) write$auto(r4, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) 705.935123ms ago: executing program 5 (id=5880): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) brk$auto(0x7fffffffafff) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) read$auto_stat_fops_per_vm_kvm_main(0xffffffffffffffff, 0x0, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x400020009, 0x10000000000df, 0x13, 0x8000000401, 0x7fffffffffffffff) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) semctl$auto_SETALL(0x2, 0x6, 0x11, 0xb1c) r0 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000004c0)={&(0x7f00000001c0)={0x2e8, r1, 0x10, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0xd}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8}, @NL80211_ATTR_PROBE_RESP={0x296, 0x91, "d20d233d42d4bd361352d168cb1c272f0368b64e2cd92c4f3970d34b2aac6337b0ac21bdcce1fed84b929a70c999c30a707260413af63e3edc6ecc77f7f008142d52271c9a89b7dbb6f66466ff2d134210342b5722bbf99c3373b88ef4dfb83e4ca24a046ad8e7712e0ba3c1f824833949f6e85fef675e96ee1620b8da912440c165db5903b39c8dd2679f0b88e6167dfe1c01497dd49d508c147153e18e02e26267dda449e4b798055491460113ed727909dc2caae30b7e8fdb2003fc7033be073cd9b10f21640d0624c36fac9de2ff41d6f3c8b070d2ef10da654d014e1de1e0879b69b9dc6b634f0e5c68cf9ea04fdf75d64ed2784d026dbbf8e654caab9de4b36be2c3fc70e7aa4de7e3e7bbbd5092c14f2cd42b42979117566532a9dd1afeebbca9e512dc2891ddcc07db043d5561b2f43948286cf17fc97d4b8ebc485a7b380f1134ffd303e2ee0fb5ec5092ddb123944be62228f06db97f36245e1c1eddbf48b51978a1c4ef44631f2dc286a8c42782290f117a5589f483d362bfe1b7dbcebb4723872fcb96cf1f75a1b45446b05ac120b7801764eee7758815782af19f57fb9a7a0cc0c10ca88f386a07ee6275157b25a0b8d1639e582f10ace19b56c7471cb840a512a029b08dab1ecefadf9a36d32451f086cf8130fdcf3bf8c589e03ee89f59f074ae779217360271be713c4f57b16b74367db844ac20b27128f1284da873af11478965c9f9de2046074f99cf9538d4696c828866dd3c22c90f7d7c555e81437cda38dcfebdcac69847f3f0728bbc827c131f44c8d80325c740c43d5003b48367bc79bb9f6f7961c8b3c87ab3e51c6595f38f5d6e70cd32bcb565ebd460d620a3583c433f214b524c8e1f87940d748f46c7da35c3908dcb90fa3654e6e54f0a0de9c5e724654d6c25c951293b"}, @NL80211_ATTR_MESH_ID={0x15, 0x18, "63461665aac98199d8765ca96f5bcd5a52"}, @NL80211_ATTR_PUNCT_BITMAP={0x8, 0x142, 0x5}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x5}, @NL80211_ATTR_DISABLE_HE={0x4}]}, 0x2e8}, 0x1, 0x0, 0x0, 0x4000}, 0x20000800) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/dri/vkms/state\x00', 0x2, 0x0) 319.131774ms ago: executing program 1 (id=5881): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) unshare$auto(0x40000080) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) bind$auto(r2, &(0x7f0000000040)=@generic={0x26, "3e3284c31ab939b1082f015635ba"}, 0xfffffffb) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20001, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r0, r3, 0x0, 0x1) 0s ago: executing program 0 (id=5882): r0 = socket(0x2, 0x1, 0x0) setsockopt$auto_SO_RCVBUFFORCE(r0, 0x6, 0x21, 0x0, 0x9) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x54) connect$auto(0x3, &(0x7f0000000240)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x8}, 0x50) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/ext4/sda1/last_trim_minblks\x00', 0x2400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$auto(0x3, 0x0, 0x51) socket(0xf, 0x3, 0x2) open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x70) socket(0x2, 0x1, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r1, 0x5646, r1) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000280)=""/40, 0x28) socket(0x1e, 0x1, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x6, 0x1, 0xfffffffffffffff7, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000021, 0x7, 0x6d3e, 0x7fff, 0x2, 0x6]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01032dbd245f8cdedf251f"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000) kernel console output (not intermixed with test programs): lookup_open.isra.0+0x4da/0x1580 [ 990.151934][T25209] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 990.151963][T25209] ? mnt_get_write_access+0x1e9/0x2f0 [ 990.151981][T25209] path_openat+0x893/0x2cb0 [ 990.152006][T25209] ? __pfx_path_openat+0x10/0x10 [ 990.152026][T25209] ? __lock_acquire+0xb8a/0x1c90 [ 990.152043][T25209] do_filp_open+0x20b/0x470 [ 990.152062][T25209] ? __pfx_do_filp_open+0x10/0x10 [ 990.152095][T25209] ? alloc_fd+0x471/0x7d0 [ 990.152120][T25209] do_sys_openat2+0x11b/0x1d0 [ 990.152137][T25209] ? __pfx_do_sys_openat2+0x10/0x10 [ 990.152151][T25209] ? __fget_files+0x204/0x3c0 [ 990.152175][T25209] __x64_sys_openat+0x174/0x210 [ 990.152191][T25209] ? __pfx___x64_sys_openat+0x10/0x10 [ 990.152214][T25209] do_syscall_64+0xcd/0xfa0 [ 990.152237][T25209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 990.152251][T25209] RIP: 0033:0x7f0836b8efc9 [ 990.152264][T25209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 990.152277][T25209] RSP: 002b:00007f0834dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 990.152292][T25209] RAX: ffffffffffffffda RBX: 00007f0836de6090 RCX: 00007f0836b8efc9 [ 990.152301][T25209] RDX: 00000000000a0202 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 990.152310][T25209] RBP: 00007f0836c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 990.152319][T25209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 990.152328][T25209] R13: 00007f0836de6128 R14: 00007f0836de6090 R15: 00007ffe2bcf8978 [ 990.152348][T25209] [ 991.748182][T25224] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5078'. [ 991.836807][T25224] mac80211_hwsim hwsim3 wlan1: left promiscuous mode [ 993.199108][T25287] FAULT_INJECTION: forcing a failure. [ 993.199108][T25287] name failslab, interval 1, probability 0, space 0, times 0 [ 993.276234][T25287] CPU: 0 UID: 0 PID: 25287 Comm: syz.1.5082 Tainted: G U syzkaller #0 PREEMPT(full) [ 993.276262][T25287] Tainted: [U]=USER [ 993.276267][T25287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 993.276276][T25287] Call Trace: [ 993.276282][T25287] [ 993.276289][T25287] dump_stack_lvl+0x16c/0x1f0 [ 993.276316][T25287] should_fail_ex+0x512/0x640 [ 993.276330][T25287] ? __kmalloc_noprof+0xca/0x880 [ 993.276352][T25287] should_failslab+0xc2/0x120 [ 993.276368][T25287] __kmalloc_noprof+0xdd/0x880 [ 993.276386][T25287] ? acpi_ns_internalize_name+0x161/0x2e0 [ 993.276410][T25287] ? acpi_ns_internalize_name+0x161/0x2e0 [ 993.276428][T25287] acpi_ns_internalize_name+0x161/0x2e0 [ 993.276448][T25287] ? __pfx_acpi_ns_internalize_name+0x10/0x10 [ 993.276468][T25287] ? acpi_ut_trace_ptr+0x1d2/0x2a0 [ 993.276484][T25287] ? kasan_save_stack+0x33/0x60 [ 993.276512][T25287] ? kasan_save_track+0x14/0x30 [ 993.276532][T25287] ? __kasan_kmalloc+0xaa/0xb0 [ 993.276550][T25287] ? acpi_evaluate_object+0xf5/0xdf0 [ 993.276571][T25287] ? acpi_evaluate_integer+0xdd/0x200 [ 993.276587][T25287] ? status_show+0xa0/0x120 [ 993.276609][T25287] acpi_ns_get_node_unlocked+0x180/0x4f0 [ 993.276637][T25287] ? __pfx_acpi_ns_get_node_unlocked+0x10/0x10 [ 993.276659][T25287] ? mark_held_locks+0x49/0x80 [ 993.276680][T25287] ? acpi_os_wait_semaphore+0x212/0x3f0 [ 993.276699][T25287] ? acpi_ns_get_node+0x6c/0xf0 [ 993.276718][T25287] acpi_ns_get_node+0x6c/0xf0 [ 993.276746][T25287] acpi_ns_evaluate+0xcd5/0x16d0 [ 993.276780][T25287] acpi_evaluate_object+0x4ca/0xdf0 [ 993.276815][T25287] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 993.276837][T25287] ? __mutex_trylock_common+0xe9/0x250 [ 993.276857][T25287] acpi_evaluate_integer+0xdd/0x200 [ 993.276876][T25287] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 993.276897][T25287] ? mac80211_hwsim_send_pmsr_request+0x7b6/0x1110 [ 993.276927][T25287] ? __pfx_status_show+0x10/0x10 [ 993.276945][T25287] status_show+0xa0/0x120 [ 993.276965][T25287] ? __pfx_status_show+0x10/0x10 [ 993.276990][T25287] dev_attr_show+0x56/0xe0 [ 993.277005][T25287] ? __pfx_dev_attr_show+0x10/0x10 [ 993.277017][T25287] sysfs_kf_seq_show+0x216/0x3e0 [ 993.277041][T25287] seq_read_iter+0x50e/0x12d0 [ 993.277067][T25287] kernfs_fop_read_iter+0x46c/0x610 [ 993.277086][T25287] ? rw_verify_area+0xcf/0x6c0 [ 993.277106][T25287] vfs_read+0x8bf/0xcf0 [ 993.277131][T25287] ? __pfx___mutex_lock+0x10/0x10 [ 993.277145][T25287] ? __pfx_vfs_read+0x10/0x10 [ 993.277177][T25287] ksys_read+0x12a/0x250 [ 993.277195][T25287] ? __pfx_ksys_read+0x10/0x10 [ 993.277220][T25287] do_syscall_64+0xcd/0xfa0 [ 993.277243][T25287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 993.277258][T25287] RIP: 0033:0x7f3fa018efc9 [ 993.277272][T25287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 993.277288][T25287] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 993.277303][T25287] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 993.277313][T25287] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000006 [ 993.277325][T25287] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 993.277335][T25287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 993.277343][T25287] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 993.277363][T25287] [ 993.981581][T25257] FAULT_INJECTION: forcing a failure. [ 993.981581][T25257] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 994.022989][T25257] CPU: 0 UID: 0 PID: 25257 Comm: syz.6.5081 Tainted: G U syzkaller #0 PREEMPT(full) [ 994.023018][T25257] Tainted: [U]=USER [ 994.023023][T25257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 994.023032][T25257] Call Trace: [ 994.023038][T25257] [ 994.023045][T25257] dump_stack_lvl+0x16c/0x1f0 [ 994.023072][T25257] should_fail_ex+0x512/0x640 [ 994.023090][T25257] should_fail_alloc_page+0xe7/0x130 [ 994.023107][T25257] prepare_alloc_pages+0x3c2/0x610 [ 994.023126][T25257] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 994.023158][T25257] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 994.023179][T25257] ? validate_mm+0x403/0x560 [ 994.023198][T25257] ? __pfx_validate_mm+0x10/0x10 [ 994.023218][T25257] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 994.023238][T25257] ? policy_nodemask+0xea/0x4e0 [ 994.023254][T25257] alloc_pages_mpol+0x1fb/0x550 [ 994.023268][T25257] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 994.023288][T25257] alloc_pages_noprof+0x131/0x390 [ 994.023303][T25257] __pmd_alloc+0x3b/0x8b0 [ 994.023319][T25257] move_page_tables+0x30b7/0x4230 [ 994.023342][T25257] ? __pfx_copy_vma+0x10/0x10 [ 994.023364][T25257] ? __pfx_move_page_tables+0x10/0x10 [ 994.023413][T25257] ? rcu_is_watching+0x12/0xc0 [ 994.023434][T25257] ? finish_task_switch.isra.0+0x221/0xc10 [ 994.023461][T25257] ? lockdep_hardirqs_on+0x7c/0x110 [ 994.023486][T25257] copy_vma_and_data+0x24e/0x790 [ 994.023507][T25257] ? __pfx_copy_vma_and_data+0x10/0x10 [ 994.023531][T25257] ? __vma_enter_locked+0x163/0x3f0 [ 994.023551][T25257] ? find_held_lock+0x2b/0x80 [ 994.023571][T25257] ? move_vma+0x52e/0x1770 [ 994.023593][T25257] move_vma+0x540/0x1770 [ 994.023614][T25257] ? __pfx_move_vma+0x10/0x10 [ 994.023635][T25257] ? shmem_get_unmapped_area+0x170/0xa00 [ 994.023653][T25257] ? cap_mmap_addr+0x4b/0x120 [ 994.023668][T25257] ? bpf_lsm_mmap_addr+0x9/0x10 [ 994.023688][T25257] ? security_mmap_addr+0x6c/0x1e0 [ 994.023707][T25257] ? __get_unmapped_area+0x267/0x440 [ 994.023722][T25257] ? vrm_set_new_addr+0x208/0x290 [ 994.023741][T25257] mremap_to+0x1b7/0x450 [ 994.023760][T25257] do_mremap+0x13a8/0x2020 [ 994.023779][T25257] ? futex_private_hash_put+0x180/0x300 [ 994.023805][T25257] ? __pfx_do_mremap+0x10/0x10 [ 994.023832][T25257] __do_sys_mremap+0x119/0x170 [ 994.023850][T25257] ? __pfx___do_sys_mremap+0x10/0x10 [ 994.023873][T25257] ? __x64_sys_futex+0x1e0/0x4c0 [ 994.023903][T25257] do_syscall_64+0xcd/0xfa0 [ 994.023927][T25257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 994.023943][T25257] RIP: 0033:0x7f0836b8efc9 [ 994.023957][T25257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 994.023971][T25257] RSP: 002b:00007f0834df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 994.023987][T25257] RAX: ffffffffffffffda RBX: 00007f0836de5fa0 RCX: 00007f0836b8efc9 [ 994.023997][T25257] RDX: 0000000000000843 RSI: 00000000000000ff RDI: 00000000001ff000 [ 994.024006][T25257] RBP: 00007f0836c11f91 R08: 00000000fffff000 R09: 0000000000000000 [ 994.024015][T25257] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 994.024024][T25257] R13: 00007f0836de6038 R14: 00007f0836de5fa0 R15: 00007ffe2bcf8978 [ 994.024044][T25257] [ 994.902929][T25257] : Can't lookup blockdev [ 995.165075][T25301] ERROR: Out of memory at tomoyo_memory_ok. [ 995.473354][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 995.483725][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 999.341039][T25371] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 999.387445][T25371] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 999.436659][T25371] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 999.478537][T25371] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1000.576431][T25420] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5101'. [ 1000.653665][T25422] netlink: 354 bytes leftover after parsing attributes in process `syz.6.5101'. [ 1000.993473][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 1001.387865][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 1001.468907][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 1001.548700][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 1002.679298][T25468] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1002.722031][T25468] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1002.728220][T25468] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1002.801045][T25468] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1003.860762][T25500] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1003.897175][T25500] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1003.930081][T25500] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1003.975094][T25500] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1005.529275][T18161] Bluetooth: hci0: command 0x0406 tx timeout [ 1005.927320][T18161] Bluetooth: hci3: command 0x0406 tx timeout [ 1005.934106][T18161] Bluetooth: hci2: command 0x0406 tx timeout [ 1006.008644][T25576] Bluetooth: hci1: command 0x0406 tx timeout [ 1006.337517][T25585] ERROR: Out of memory at tomoyo_memory_ok. [ 1007.716324][T25624] __vm_enough_memory: pid: 25624, comm: syz.0.5123, bytes: 4398046511104 not enough memory for the allocation [ 1007.867957][T25624] Format for adding new port is "id [perm_addr]" (uint MAC). [ 1011.257743][T25576] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 1013.434201][T25847] Invalid ELF header magic: != ELF [ 1016.892812][T25966] binder: 25961:25966 ioctl c0046209 ffffffffffffffff returned -22 [ 1017.480128][T25987] ERROR: Out of memory at tomoyo_memory_ok. [ 1018.500597][T26010] Invalid ELF header magic: != ELF [ 1019.161164][T25993] delete_channel: no stack [ 1022.369412][T26082] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.6.5158: iget: checksum invalid [ 1022.462598][T26082] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1022.605473][T26082] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.6.5158: iget: checksum invalid [ 1022.722208][T26082] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1022.817875][T26082] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.6.5158: iget: checksum invalid [ 1022.886170][T26082] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1022.956596][T26082] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.6.5158: iget: checksum invalid [ 1023.155233][T26082] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1023.288564][T26082] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1023.454409][T26082] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1023.793673][T26095] netlink: 25 bytes leftover after parsing attributes in process `syz.1.5162'. [ 1026.464033][T26160] binder: 26156:26160 unknown command 0 [ 1026.560024][T26160] binder: 26156:26160 ioctl c0306201 2000000000c0 returned -22 [ 1027.128181][T26167] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5172'. [ 1027.196526][T26167] \: renamed from lo (while UP) [ 1028.052352][T26180] netlink: 36332 bytes leftover after parsing attributes in process `syz.6.5177'. [ 1028.674987][T26201] ERROR: Out of memory at tomoyo_memory_ok. [ 1028.690532][T26207] binder: 26206:26207 unknown command 0 [ 1028.724816][T26207] binder: 26206:26207 ioctl c0306201 2000000000c0 returned -22 [ 1029.974314][T26228] netlink: 25 bytes leftover after parsing attributes in process `syz.0.5185'. [ 1035.270402][T26421] ERROR: Out of memory at tomoyo_memory_ok. [ 1035.386226][T26464] ERROR: Out of memory at tomoyo_memory_ok. [ 1035.551939][T26421] ERROR: Out of memory at tomoyo_memory_ok. [ 1036.130472][T26454] FAULT_INJECTION: forcing a failure. [ 1036.130472][T26454] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1036.253381][T26454] CPU: 0 UID: 0 PID: 26454 Comm: syz.6.5201 Tainted: G U syzkaller #0 PREEMPT(full) [ 1036.253410][T26454] Tainted: [U]=USER [ 1036.253415][T26454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1036.253424][T26454] Call Trace: [ 1036.253430][T26454] [ 1036.253435][T26454] dump_stack_lvl+0x16c/0x1f0 [ 1036.253461][T26454] should_fail_ex+0x512/0x640 [ 1036.253478][T26454] get_futex_key+0x1d0/0x1560 [ 1036.253503][T26454] ? __pfx_get_futex_key+0x10/0x10 [ 1036.253527][T26454] ? __mutex_trylock_common+0xe9/0x250 [ 1036.253548][T26454] futex_wake+0xea/0x530 [ 1036.253566][T26454] ? __pfx_futex_wake+0x10/0x10 [ 1036.253582][T26454] ? __lock_acquire+0xb8a/0x1c90 [ 1036.253604][T26454] do_futex+0x1e3/0x350 [ 1036.253618][T26454] ? __pfx_do_futex+0x10/0x10 [ 1036.253631][T26454] ? __might_fault+0xe3/0x190 [ 1036.253655][T26454] mm_release+0x24e/0x300 [ 1036.253675][T26454] do_exit+0x68e/0x2bf0 [ 1036.253693][T26454] ? __pfx_do_exit+0x10/0x10 [ 1036.253708][T26454] ? do_raw_spin_lock+0x12c/0x2b0 [ 1036.253724][T26454] ? find_held_lock+0x2b/0x80 [ 1036.253749][T26454] do_group_exit+0xd3/0x2a0 [ 1036.253769][T26454] get_signal+0x2671/0x26d0 [ 1036.253796][T26454] ? __pfx_get_signal+0x10/0x10 [ 1036.253815][T26454] ? do_futex+0x122/0x350 [ 1036.253835][T26454] ? __pfx_do_futex+0x10/0x10 [ 1036.253850][T26454] arch_do_signal_or_restart+0x8f/0x790 [ 1036.253873][T26454] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1036.253900][T26454] ? xfd_validate_state+0x61/0x180 [ 1036.253914][T26454] ? __pfx___do_sys_close_range+0x10/0x10 [ 1036.253939][T26454] exit_to_user_mode_loop+0x85/0x130 [ 1036.253957][T26454] do_syscall_64+0x426/0xfa0 [ 1036.253980][T26454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1036.253994][T26454] RIP: 0033:0x7f0836b8efc9 [ 1036.254006][T26454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1036.254020][T26454] RSP: 002b:00007f0834db40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1036.254034][T26454] RAX: fffffffffffffe00 RBX: 00007f0836de6188 RCX: 00007f0836b8efc9 [ 1036.254044][T26454] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0836de6188 [ 1036.254053][T26454] RBP: 00007f0836de6180 R08: 0000000000000000 R09: 0000000000000000 [ 1036.254062][T26454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1036.254071][T26454] R13: 00007f0836de6218 R14: 00007ffe2bcf8890 R15: 00007ffe2bcf8978 [ 1036.254090][T26454] [ 1036.575465][T26501] netlink: 13 bytes leftover after parsing attributes in process `syz.0.5203'. [ 1036.634665][T26505] FAULT_INJECTION: forcing a failure. [ 1036.634665][T26505] name failslab, interval 1, probability 0, space 0, times 0 [ 1036.648058][T26505] CPU: 0 UID: 0 PID: 26505 Comm: syz.5.5204 Tainted: G U syzkaller #0 PREEMPT(full) [ 1036.648084][T26505] Tainted: [U]=USER [ 1036.648090][T26505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1036.648139][T26505] Call Trace: [ 1036.648145][T26505] [ 1036.648152][T26505] dump_stack_lvl+0x16c/0x1f0 [ 1036.648180][T26505] should_fail_ex+0x512/0x640 [ 1036.648194][T26505] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 1036.648217][T26505] should_failslab+0xc2/0x120 [ 1036.648231][T26505] __kmalloc_node_noprof+0xe0/0x8a0 [ 1036.648251][T26505] ? lockdep_init_map_type+0x5c/0x280 [ 1036.648266][T26505] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 1036.648290][T26505] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 1036.648309][T26505] blk_mq_alloc_tag_set+0x577/0x12e0 [ 1036.648329][T26505] ? idr_alloc_u32+0x263/0x2f0 [ 1036.648355][T26505] loop_add+0x3b2/0xb70 [ 1036.648373][T26505] ? __pfx_loop_add+0x10/0x10 [ 1036.648401][T26505] ? find_held_lock+0x2b/0x80 [ 1036.648422][T26505] loop_control_ioctl+0x13e/0x630 [ 1036.648438][T26505] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1036.648458][T26505] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1036.648475][T26505] __x64_sys_ioctl+0x18e/0x210 [ 1036.648494][T26505] do_syscall_64+0xcd/0xfa0 [ 1036.648515][T26505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1036.648529][T26505] RIP: 0033:0x7faaffd8efc9 [ 1036.648543][T26505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1036.648557][T26505] RSP: 002b:00007fab00b5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1036.648571][T26505] RAX: ffffffffffffffda RBX: 00007faafffe5fa0 RCX: 00007faaffd8efc9 [ 1036.648580][T26505] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000003 [ 1036.648589][T26505] RBP: 00007faaffe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1036.648598][T26505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1036.648607][T26505] R13: 00007faafffe6038 R14: 00007faafffe5fa0 R15: 00007fff608aa728 [ 1036.648627][T26505] [ 1039.953904][T26643] ERROR: Out of memory at tomoyo_memory_ok. [ 1041.065890][T26669] netlink: 25 bytes leftover after parsing attributes in process `syz.6.5218'. [ 1042.845125][T26747] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 1043.387086][T26758] FAULT_INJECTION: forcing a failure. [ 1043.387086][T26758] name failslab, interval 1, probability 0, space 0, times 0 [ 1043.511442][T26758] CPU: 0 UID: 0 PID: 26758 Comm: syz.5.5227 Tainted: G U syzkaller #0 PREEMPT(full) [ 1043.511468][T26758] Tainted: [U]=USER [ 1043.511474][T26758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1043.511488][T26758] Call Trace: [ 1043.511494][T26758] [ 1043.511500][T26758] dump_stack_lvl+0x16c/0x1f0 [ 1043.511537][T26758] should_fail_ex+0x512/0x640 [ 1043.511552][T26758] ? fs_reclaim_acquire+0xae/0x150 [ 1043.511569][T26758] should_failslab+0xc2/0x120 [ 1043.511584][T26758] __kmalloc_noprof+0xdd/0x880 [ 1043.511601][T26758] ? ima_alloc_init_template+0x19d/0x720 [ 1043.511623][T26758] ? ima_alloc_init_template+0x19d/0x720 [ 1043.511639][T26758] ima_alloc_init_template+0x19d/0x720 [ 1043.511657][T26758] ? take_dentry_name_snapshot+0x319/0x7d0 [ 1043.511675][T26758] ima_store_measurement+0x1eb/0x5c0 [ 1043.511694][T26758] ? __pfx_ima_store_measurement+0x10/0x10 [ 1043.511712][T26758] ? vfs_getxattr_alloc+0xec/0x350 [ 1043.511735][T26758] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1043.511753][T26758] process_measurement+0x1ddb/0x23e0 [ 1043.511774][T26758] ? __lock_acquire+0x622/0x1c90 [ 1043.511788][T26758] ? __pfx_process_measurement+0x10/0x10 [ 1043.511803][T26758] ? __kasan_slab_alloc+0x89/0x90 [ 1043.511816][T26758] ? security_file_alloc+0x34/0x2b0 [ 1043.511833][T26758] ? alloc_empty_file+0x73/0x1e0 [ 1043.511847][T26758] ? alloc_file_pseudo+0x13a/0x230 [ 1043.511866][T26758] ? find_held_lock+0x2b/0x80 [ 1043.511906][T26758] ima_file_mmap+0x1b1/0x1d0 [ 1043.511921][T26758] ? __pfx_ima_file_mmap+0x10/0x10 [ 1043.511940][T26758] security_mmap_file+0x88c/0x990 [ 1043.511960][T26758] vm_mmap_pgoff+0xec/0x470 [ 1043.511976][T26758] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1043.511988][T26758] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1043.512004][T26758] ? hugetlbfs_get_inode+0x31f/0x730 [ 1043.512029][T26758] ksys_mmap_pgoff+0x1c8/0x5c0 [ 1043.512046][T26758] __x64_sys_mmap+0x125/0x190 [ 1043.512065][T26758] do_syscall_64+0xcd/0xfa0 [ 1043.512087][T26758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1043.512101][T26758] RIP: 0033:0x7faaffd8efc9 [ 1043.512123][T26758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1043.512138][T26758] RSP: 002b:00007fab00b5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1043.512153][T26758] RAX: ffffffffffffffda RBX: 00007faafffe5fa0 RCX: 00007faaffd8efc9 [ 1043.512169][T26758] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 1043.512179][T26758] RBP: 00007faaffe11f91 R08: ffffffffffffffff R09: 0000300000000000 [ 1043.512190][T26758] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1043.512199][T26758] R13: 00007faafffe6038 R14: 00007faafffe5fa0 R15: 00007fff608aa728 [ 1043.512219][T26758] [ 1043.824548][ T30] audit: type=1804 audit(8277292622.166:30): pid=26758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.5.5227" name="anon_hugepage" dev="hugetlbfs" ino=224790 res=0 errno=0 [ 1044.268192][ T36] Bluetooth: hci4: Frame reassembly failed (-84) [ 1044.324336][T26771] ERROR: Out of memory at tomoyo_memory_ok. [ 1044.374430][T26771] FAULT_INJECTION: forcing a failure. [ 1044.374430][T26771] name failslab, interval 1, probability 0, space 0, times 0 [ 1044.417625][T26771] CPU: 0 UID: 0 PID: 26771 Comm: syz.5.5229 Tainted: G U syzkaller #0 PREEMPT(full) [ 1044.417653][T26771] Tainted: [U]=USER [ 1044.417658][T26771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1044.417667][T26771] Call Trace: [ 1044.417673][T26771] [ 1044.417680][T26771] dump_stack_lvl+0x16c/0x1f0 [ 1044.417707][T26771] should_fail_ex+0x512/0x640 [ 1044.417722][T26771] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1044.417747][T26771] should_failslab+0xc2/0x120 [ 1044.417762][T26771] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1044.417783][T26771] ? nlmsg_notify+0xac/0x220 [ 1044.417797][T26771] ? __addrconf_sysctl_register+0xbb/0x360 [ 1044.417823][T26771] ? kmemdup_noprof+0x29/0x60 [ 1044.417841][T26771] kmemdup_noprof+0x29/0x60 [ 1044.417859][T26771] __addrconf_sysctl_register+0xbb/0x360 [ 1044.417883][T26771] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 1044.417908][T26771] ? __asan_memcpy+0x3c/0x60 [ 1044.417928][T26771] addrconf_init_net+0x53a/0x8e0 [ 1044.417943][T26771] ? __pfx_addrconf_init_net+0x10/0x10 [ 1044.417956][T26771] ops_init+0x1e2/0x5f0 [ 1044.417972][T26771] setup_net+0x100/0x390 [ 1044.417985][T26771] ? __pfx_setup_net+0x10/0x10 [ 1044.417999][T26771] ? debug_mutex_init+0x37/0x70 [ 1044.418042][T26771] copy_net_ns+0x2f8/0x690 [ 1044.418060][T26771] create_new_namespaces+0x3ea/0xa90 [ 1044.418090][T26771] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1044.418113][T26771] ksys_unshare+0x45b/0xa40 [ 1044.418128][T26771] ? __pfx_ksys_unshare+0x10/0x10 [ 1044.418143][T26771] ? xfd_validate_state+0x61/0x180 [ 1044.418164][T26771] __x64_sys_unshare+0x31/0x40 [ 1044.418178][T26771] do_syscall_64+0xcd/0xfa0 [ 1044.418200][T26771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1044.418214][T26771] RIP: 0033:0x7faaffd8efc9 [ 1044.418226][T26771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1044.418240][T26771] RSP: 002b:00007fab00b5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1044.418254][T26771] RAX: ffffffffffffffda RBX: 00007faafffe5fa0 RCX: 00007faaffd8efc9 [ 1044.418264][T26771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1044.418274][T26771] RBP: 00007faaffe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1044.418283][T26771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1044.418292][T26771] R13: 00007faafffe6038 R14: 00007faafffe5fa0 R15: 00007fff608aa728 [ 1044.418312][T26771] [ 1045.332676][T26783] hub 8-0:1.0: USB hub found [ 1045.355920][T26788] random: crng reseeded on system resumption [ 1045.415563][T26783] hub 8-0:1.0: 1 port detected [ 1046.217189][ T5841] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 1046.760007][T26819] netlink: 342 bytes leftover after parsing attributes in process `syz.0.5235'. [ 1047.309331][T26847] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 1048.683512][T26867] netlink: 268 bytes leftover after parsing attributes in process `syz.5.5238'. [ 1048.825480][T26867] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.5238: iget: checksum invalid [ 1048.922455][T26867] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1049.136178][T26867] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.5238: iget: checksum invalid [ 1049.291619][T26867] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1049.364076][T26867] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.5238: iget: checksum invalid [ 1049.442051][T26867] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1049.511975][T26867] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.5238: iget: checksum invalid [ 1049.577890][T26867] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1049.661004][T26867] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1049.722415][T26867] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1051.082148][T26914] ERROR: Out of memory at tomoyo_memory_ok. [ 1051.501218][ T5841] Bluetooth: hci2: hcon ffff888024f98000 sent 1 < count 256 [ 1051.588317][T26933] ERROR: Out of memory at tomoyo_memory_ok. [ 1052.469691][T26917] ERROR: Out of memory at tomoyo_memory_ok. [ 1052.711937][T26933] ERROR: Out of memory at tomoyo_memory_ok. [ 1055.265015][T26997] FAULT_INJECTION: forcing a failure. [ 1055.265015][T26997] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1055.434605][T26997] CPU: 0 UID: 0 PID: 26997 Comm: syz.1.5257 Tainted: G U syzkaller #0 PREEMPT(full) [ 1055.434630][T26997] Tainted: [U]=USER [ 1055.434636][T26997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1055.434644][T26997] Call Trace: [ 1055.434649][T26997] [ 1055.434655][T26997] dump_stack_lvl+0x16c/0x1f0 [ 1055.434683][T26997] should_fail_ex+0x512/0x640 [ 1055.434701][T26997] get_futex_key+0x293/0x1560 [ 1055.434728][T26997] ? __pfx_get_futex_key+0x10/0x10 [ 1055.434750][T26997] ? __mutex_trylock_common+0xe9/0x250 [ 1055.434771][T26997] futex_wake+0xea/0x530 [ 1055.434789][T26997] ? __pfx_futex_wake+0x10/0x10 [ 1055.434805][T26997] ? __lock_acquire+0xb8a/0x1c90 [ 1055.434827][T26997] do_futex+0x1e3/0x350 [ 1055.434842][T26997] ? __pfx_do_futex+0x10/0x10 [ 1055.434855][T26997] ? __might_fault+0xe3/0x190 [ 1055.434878][T26997] mm_release+0x24e/0x300 [ 1055.434899][T26997] do_exit+0x68e/0x2bf0 [ 1055.434918][T26997] ? __pfx_do_exit+0x10/0x10 [ 1055.434938][T26997] ? do_raw_spin_lock+0x12c/0x2b0 [ 1055.434954][T26997] ? find_held_lock+0x2b/0x80 [ 1055.434976][T26997] do_group_exit+0xd3/0x2a0 [ 1055.434992][T26997] get_signal+0x2671/0x26d0 [ 1055.435020][T26997] ? __pfx_get_signal+0x10/0x10 [ 1055.435039][T26997] ? do_futex+0x122/0x350 [ 1055.435053][T26997] ? __pfx_do_futex+0x10/0x10 [ 1055.435069][T26997] arch_do_signal_or_restart+0x8f/0x790 [ 1055.435093][T26997] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1055.435119][T26997] ? xfd_validate_state+0x61/0x180 [ 1055.435134][T26997] ? __pfx___do_sys_close_range+0x10/0x10 [ 1055.435159][T26997] exit_to_user_mode_loop+0x85/0x130 [ 1055.435177][T26997] do_syscall_64+0x426/0xfa0 [ 1055.435200][T26997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1055.435214][T26997] RIP: 0033:0x7f3fa018efc9 [ 1055.435227][T26997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1055.435240][T26997] RSP: 002b:00007f3fa10be0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1055.435254][T26997] RAX: fffffffffffffe00 RBX: 00007f3fa03e6188 RCX: 00007f3fa018efc9 [ 1055.435264][T26997] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3fa03e6188 [ 1055.435273][T26997] RBP: 00007f3fa03e6180 R08: 0000000000000000 R09: 0000000000000000 [ 1055.435281][T26997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1055.435290][T26997] R13: 00007f3fa03e6218 R14: 00007ffcc3b1d1f0 R15: 00007ffcc3b1d2d8 [ 1055.435309][T26997] [ 1056.270025][T27065] ubi0: attaching mtd0 [ 1056.310121][T27065] ubi0: scanning is finished [ 1056.314761][T27065] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1056.559043][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1056.565414][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1057.415015][T27076] netlink: 268 bytes leftover after parsing attributes in process `syz.6.5270'. [ 1057.598019][T27076] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.6.5270: iget: checksum invalid [ 1057.663951][T27065] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1057.891335][T27076] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1058.071498][T27076] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.6.5270: iget: checksum invalid [ 1058.354459][T27076] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1058.573695][T27076] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.6.5270: iget: checksum invalid [ 1058.646269][T27090] random: crng reseeded on system resumption [ 1058.779492][T27076] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1058.873660][T27097] FAULT_INJECTION: forcing a failure. [ 1058.873660][T27097] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.891596][T27076] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.6.5270: iget: checksum invalid [ 1059.039072][T27076] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1059.114154][T27097] CPU: 0 UID: 0 PID: 27097 Comm: syz.1.5267 Tainted: G U syzkaller #0 PREEMPT(full) [ 1059.114181][T27097] Tainted: [U]=USER [ 1059.114186][T27097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1059.114195][T27097] Call Trace: [ 1059.114201][T27097] [ 1059.114207][T27097] dump_stack_lvl+0x16c/0x1f0 [ 1059.114233][T27097] should_fail_ex+0x512/0x640 [ 1059.114247][T27097] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1059.114268][T27097] should_failslab+0xc2/0x120 [ 1059.114283][T27097] __kmalloc_cache_noprof+0x72/0x780 [ 1059.114300][T27097] ? find_held_lock+0x2b/0x80 [ 1059.114319][T27097] ? uevent_net_init+0xd3/0x350 [ 1059.114337][T27097] ? uevent_net_init+0xd3/0x350 [ 1059.114351][T27097] uevent_net_init+0xd3/0x350 [ 1059.114367][T27097] ? __pfx_uevent_net_init+0x10/0x10 [ 1059.114382][T27097] ? rcu_is_watching+0x12/0xc0 [ 1059.114400][T27097] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1059.114416][T27097] ? ops_init+0x77/0x5f0 [ 1059.114432][T27097] ? __pfx_uevent_net_init+0x10/0x10 [ 1059.114446][T27097] ops_init+0x1e2/0x5f0 [ 1059.114461][T27097] setup_net+0x100/0x390 [ 1059.114475][T27097] ? __pfx_setup_net+0x10/0x10 [ 1059.114489][T27097] ? debug_mutex_init+0x37/0x70 [ 1059.114509][T27097] copy_net_ns+0x2f8/0x690 [ 1059.114526][T27097] create_new_namespaces+0x3ea/0xa90 [ 1059.114559][T27097] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1059.114582][T27097] ksys_unshare+0x45b/0xa40 [ 1059.114596][T27097] ? __pfx_ksys_unshare+0x10/0x10 [ 1059.114612][T27097] ? xfd_validate_state+0x61/0x180 [ 1059.114633][T27097] __x64_sys_unshare+0x31/0x40 [ 1059.114646][T27097] do_syscall_64+0xcd/0xfa0 [ 1059.114668][T27097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1059.114682][T27097] RIP: 0033:0x7f3fa018efc9 [ 1059.114694][T27097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1059.114708][T27097] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1059.114723][T27097] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1059.114733][T27097] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1059.114741][T27097] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1059.114750][T27097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1059.114758][T27097] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1059.114777][T27097] [ 1059.615139][T27076] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1059.677217][T27076] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1062.930859][T27213] ERROR: Out of memory at tomoyo_memory_ok. [ 1063.031402][T27194] FAULT_INJECTION: forcing a failure. [ 1063.031402][T27194] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1063.128340][T27194] CPU: 0 UID: 0 PID: 27194 Comm: syz.5.5271 Tainted: G U syzkaller #0 PREEMPT(full) [ 1063.128366][T27194] Tainted: [U]=USER [ 1063.128371][T27194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1063.128380][T27194] Call Trace: [ 1063.128385][T27194] [ 1063.128391][T27194] dump_stack_lvl+0x16c/0x1f0 [ 1063.128417][T27194] should_fail_ex+0x512/0x640 [ 1063.128434][T27194] get_futex_key+0x1d0/0x1560 [ 1063.128460][T27194] ? __pfx_get_futex_key+0x10/0x10 [ 1063.128482][T27194] ? __mutex_trylock_common+0xe9/0x250 [ 1063.128502][T27194] futex_wake+0xea/0x530 [ 1063.128521][T27194] ? __pfx_futex_wake+0x10/0x10 [ 1063.128536][T27194] ? __lock_acquire+0xb8a/0x1c90 [ 1063.128558][T27194] do_futex+0x1e3/0x350 [ 1063.128573][T27194] ? __pfx_do_futex+0x10/0x10 [ 1063.128585][T27194] ? __might_fault+0xe3/0x190 [ 1063.128609][T27194] mm_release+0x24e/0x300 [ 1063.128631][T27194] do_exit+0x68e/0x2bf0 [ 1063.128649][T27194] ? __pfx_do_exit+0x10/0x10 [ 1063.128663][T27194] ? do_raw_spin_lock+0x12c/0x2b0 [ 1063.128680][T27194] ? find_held_lock+0x2b/0x80 [ 1063.128701][T27194] do_group_exit+0xd3/0x2a0 [ 1063.128717][T27194] get_signal+0x2671/0x26d0 [ 1063.128744][T27194] ? __pfx_get_signal+0x10/0x10 [ 1063.128764][T27194] ? do_futex+0x122/0x350 [ 1063.128778][T27194] ? __pfx_do_futex+0x10/0x10 [ 1063.128793][T27194] arch_do_signal_or_restart+0x8f/0x790 [ 1063.128817][T27194] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1063.128843][T27194] ? __pfx___do_sys_close_range+0x10/0x10 [ 1063.128868][T27194] exit_to_user_mode_loop+0x85/0x130 [ 1063.128886][T27194] do_syscall_64+0x426/0xfa0 [ 1063.128908][T27194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1063.128923][T27194] RIP: 0033:0x7faaffd8efc9 [ 1063.128935][T27194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1063.128948][T27194] RSP: 002b:00007faafdfd50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1063.128962][T27194] RAX: fffffffffffffe00 RBX: 00007faafffe6188 RCX: 00007faaffd8efc9 [ 1063.128972][T27194] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faafffe6188 [ 1063.128981][T27194] RBP: 00007faafffe6180 R08: 0000000000000000 R09: 0000000000000000 [ 1063.128989][T27194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1063.128997][T27194] R13: 00007faafffe6218 R14: 00007fff608aa640 R15: 00007fff608aa728 [ 1063.129016][T27194] [ 1063.480214][ C0] vcan0: j1939_tp_rxtimer: 0xffff88806408c400: rx timeout, send abort [ 1063.488649][ C0] vcan0: j1939_tp_rxtimer: 0xffff88806408d400: rx timeout, send abort [ 1063.497044][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88806408c400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1063.511379][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88806408d400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1063.839630][ T5181] ERROR: Out of memory at tomoyo_memory_ok. [ 1063.926361][T27231] FAULT_INJECTION: forcing a failure. [ 1063.926361][T27231] name failslab, interval 1, probability 0, space 0, times 0 [ 1063.983571][T27231] CPU: 0 UID: 0 PID: 27231 Comm: syz.1.5275 Tainted: G U syzkaller #0 PREEMPT(full) [ 1063.983597][T27231] Tainted: [U]=USER [ 1063.983602][T27231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1063.983611][T27231] Call Trace: [ 1063.983617][T27231] [ 1063.983624][T27231] dump_stack_lvl+0x16c/0x1f0 [ 1063.983654][T27231] should_fail_ex+0x512/0x640 [ 1063.983669][T27231] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1063.983689][T27231] should_failslab+0xc2/0x120 [ 1063.983704][T27231] __kmalloc_cache_noprof+0x72/0x780 [ 1063.983723][T27231] ? kvm_dev_ioctl+0xa8a/0x1a80 [ 1063.983746][T27231] ? kvm_dev_ioctl+0xa8a/0x1a80 [ 1063.983765][T27231] kvm_dev_ioctl+0xa8a/0x1a80 [ 1063.983787][T27231] ? find_held_lock+0x2b/0x80 [ 1063.983805][T27231] ? hook_file_ioctl_common+0x145/0x410 [ 1063.983824][T27231] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 1063.983848][T27231] ? __fget_files+0x20e/0x3c0 [ 1063.983869][T27231] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 1063.983890][T27231] __x64_sys_ioctl+0x18e/0x210 [ 1063.983907][T27231] do_syscall_64+0xcd/0xfa0 [ 1063.983930][T27231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1063.983944][T27231] RIP: 0033:0x7f3fa018efc9 [ 1063.983957][T27231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1063.983971][T27231] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1063.983985][T27231] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1063.984002][T27231] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000008 [ 1063.984012][T27231] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1063.984021][T27231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1063.984030][T27231] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1063.984049][T27231] [ 1064.834722][ T50] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1065.733583][T27266] netlink: 268 bytes leftover after parsing attributes in process `syz.0.5279'. [ 1065.855373][T27266] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.5279: iget: checksum invalid [ 1065.927058][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b486000: rx timeout, send abort [ 1066.017201][T27266] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1066.219772][T27266] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.5279: iget: checksum invalid [ 1066.407249][T27266] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1066.433247][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b486000: abort rx timeout. Force session deactivation [ 1066.502424][T27266] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.5279: iget: checksum invalid [ 1066.592373][T27266] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1066.675029][T27266] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.5279: iget: checksum invalid [ 1066.767348][T27266] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1066.854523][T27266] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1066.877228][T27341] ptrace attach of "./syz-executor exec"[5830] was attempted by ""[27341] [ 1066.926778][T27266] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1069.081345][T27381] netlink: 330 bytes leftover after parsing attributes in process `syz.0.5295'. [ 1069.163377][T27381] : renamed from vlan0 (while UP) [ 1069.205492][T27381] veth0_vlan: left promiscuous mode [ 1069.258525][T27381] : entered allmulticast mode [ 1069.289973][T27381] veth0_vlan: entered allmulticast mode [ 1071.063488][T27432] hub 1-0:1.0: USB hub found [ 1071.126126][T27432] hub 1-0:1.0: 1 port detected [ 1072.767443][T27506] tipc: Started in network mode [ 1072.802246][T27506] tipc: Node identity ee00, cluster identity 4711 [ 1072.852435][T27506] tipc: Node number set to 60928 [ 1074.140587][T27550] ERROR: Out of memory at tomoyo_memory_ok. [ 1074.194179][T27552] vhci_hcd: invalid port number 16 [ 1074.312529][T27552] vhci_hcd: invalid port number 16 [ 1074.624926][T27571] : renamed from ip6tnl0 (while UP) [ 1076.857028][T27664] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1076.886737][T27664] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1076.934969][T27664] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1077.042881][T27664] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1077.062500][T27664] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1078.617552][T27726] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 1078.672445][ T5841] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5 [ 1078.704912][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 1078.924892][ T5184] ERROR: Out of memory at tomoyo_memory_ok. [ 1078.944773][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 1078.994272][T27737] ERROR: Out of memory at tomoyo_memory_ok. [ 1079.040728][ T5184] ERROR: Out of memory at tomoyo_memory_ok. [ 1079.080354][T27741] ERROR: Out of memory at tomoyo_memory_ok. [ 1079.102745][T25576] Bluetooth: hci3: command 0x0406 tx timeout [ 1079.108768][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 1079.167501][T27737] ERROR: Out of memory at tomoyo_memory_ok. [ 1079.647631][T27762] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5329'. [ 1079.882209][T27782] ptrace attach of "./syz-executor exec"[14815] was attempted by ""[27782] [ 1081.013996][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 1081.420141][T27758] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1081.458253][T27758] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1081.490345][T27758] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1081.529250][T27758] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1081.889739][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 1082.338753][T27824] sd 0:0:1:0: PR command failed: 1026 [ 1082.525348][T27824] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1082.635463][T27824] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1083.482136][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 1083.488238][T25576] Bluetooth: hci2: command 0x0406 tx timeout [ 1083.564490][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 1084.458048][T27894] netlink: 17 bytes leftover after parsing attributes in process `syz.5.5343'. [ 1084.550180][T27890] hub 8-0:1.0: USB hub found [ 1084.636178][T27890] hub 8-0:1.0: 1 port detected [ 1085.343258][T27910] ERROR: Out of memory at tomoyo_memory_ok. [ 1085.559492][T27913] random: crng reseeded on system resumption [ 1086.627909][T27940] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5350'. [ 1087.972063][T28021] random: crng reseeded on system resumption [ 1088.179984][T25576] Bluetooth: hci4: command 0xfc11 tx timeout [ 1088.187878][ T5841] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 1089.236915][T23914] usb usb38-port5: attempt power cycle [ 1089.244051][T28058] serio: Serial port pty6 [ 1089.853959][T23914] usb usb38-port5: unable to enumerate USB device [ 1091.955303][T28107] __vm_enough_memory: pid: 28107, comm: syz.6.5369, bytes: 4398046511104 not enough memory for the allocation [ 1091.990948][T28098] FAULT_INJECTION: forcing a failure. [ 1091.990948][T28098] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.166351][T28098] CPU: 0 UID: 0 PID: 28098 Comm: syz.5.5366 Tainted: G U syzkaller #0 PREEMPT(full) [ 1092.166377][T28098] Tainted: [U]=USER [ 1092.166382][T28098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1092.166391][T28098] Call Trace: [ 1092.166397][T28098] [ 1092.166404][T28098] dump_stack_lvl+0x16c/0x1f0 [ 1092.166431][T28098] should_fail_ex+0x512/0x640 [ 1092.166446][T28098] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1092.166468][T28098] should_failslab+0xc2/0x120 [ 1092.166483][T28098] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1092.166503][T28098] ? sk_prot_alloc+0x60/0x2a0 [ 1092.166523][T28098] ? sk_prot_alloc+0x60/0x2a0 [ 1092.166536][T28098] ? find_held_lock+0x2b/0x80 [ 1092.166554][T28098] sk_prot_alloc+0x60/0x2a0 [ 1092.166570][T28098] sk_alloc+0x36/0xc20 [ 1092.166591][T28098] inet_create+0x3a1/0x1040 [ 1092.166611][T28098] ? inet_create+0x93/0x1040 [ 1092.166632][T28098] __sock_create+0x338/0x8d0 [ 1092.166652][T28098] mptcp_subflow_create_socket+0xec/0xa10 [ 1092.166672][T28098] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 1092.166693][T28098] __mptcp_nmpc_sk+0x182/0x890 [ 1092.166710][T28098] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 1092.166728][T28098] ? __local_bh_enable_ip+0xa4/0x120 [ 1092.166750][T28098] mptcp_getsockopt+0xcf8/0xe20 [ 1092.166765][T28098] ? __pfx_mptcp_getsockopt+0x10/0x10 [ 1092.166780][T28098] ? find_held_lock+0x2b/0x80 [ 1092.166797][T28098] ? __might_fault+0xe3/0x190 [ 1092.166814][T28098] ? __might_fault+0xe3/0x190 [ 1092.166830][T28098] ? __might_fault+0x13b/0x190 [ 1092.166853][T28098] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 1092.166868][T28098] do_sock_getsockopt+0x34d/0x440 [ 1092.166885][T28098] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 1092.166900][T28098] ? __fget_files+0x204/0x3c0 [ 1092.166927][T28098] __sys_getsockopt+0x123/0x1b0 [ 1092.166951][T28098] __x64_sys_getsockopt+0xbd/0x160 [ 1092.166970][T28098] ? do_syscall_64+0x91/0xfa0 [ 1092.166989][T28098] ? lockdep_hardirqs_on+0x7c/0x110 [ 1092.167009][T28098] do_syscall_64+0xcd/0xfa0 [ 1092.167031][T28098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1092.167045][T28098] RIP: 0033:0x7faaffd8efc9 [ 1092.167059][T28098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1092.167073][T28098] RSP: 002b:00007fab00b5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 1092.167087][T28098] RAX: ffffffffffffffda RBX: 00007faafffe5fa0 RCX: 00007faaffd8efc9 [ 1092.167097][T28098] RDX: 0000000000000021 RSI: 0000000000000006 RDI: 0000000000000006 [ 1092.167106][T28098] RBP: 00007faaffe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1092.167114][T28098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1092.167123][T28098] R13: 00007faafffe6038 R14: 00007faafffe5fa0 R15: 00007fff608aa728 [ 1092.167143][T28098] [ 1093.301201][T28153] FAULT_INJECTION: forcing a failure. [ 1093.301201][T28153] name failslab, interval 1, probability 0, space 0, times 0 [ 1093.349142][T28153] CPU: 0 UID: 0 PID: 28153 Comm: syz.1.5370 Tainted: G U syzkaller #0 PREEMPT(full) [ 1093.349168][T28153] Tainted: [U]=USER [ 1093.349173][T28153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1093.349182][T28153] Call Trace: [ 1093.349187][T28153] [ 1093.349194][T28153] dump_stack_lvl+0x16c/0x1f0 [ 1093.349220][T28153] should_fail_ex+0x512/0x640 [ 1093.349234][T28153] ? __kmalloc_noprof+0xca/0x880 [ 1093.349255][T28153] should_failslab+0xc2/0x120 [ 1093.349270][T28153] __kmalloc_noprof+0xdd/0x880 [ 1093.349287][T28153] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 1093.349312][T28153] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 1093.349330][T28153] apply_wqattrs_prepare+0xf8/0xbd0 [ 1093.349356][T28153] apply_workqueue_attrs_locked+0x64/0xe0 [ 1093.349376][T28153] __alloc_workqueue+0xf3f/0x1810 [ 1093.349393][T28153] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1093.349415][T28153] alloc_workqueue_noprof+0xd2/0x200 [ 1093.349429][T28153] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 1093.349448][T28153] ? __pfx___debug_object_init+0x10/0x10 [ 1093.349471][T28153] nci_register_device+0x21e/0xb80 [ 1093.349490][T28153] ? __pfx_nci_register_device+0x10/0x10 [ 1093.349511][T28153] ? lockdep_init_map_type+0x5c/0x280 [ 1093.349530][T28153] virtual_ncidev_open+0x141/0x220 [ 1093.349548][T28153] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1093.349564][T28153] misc_open+0x26d/0x450 [ 1093.349578][T28153] ? __pfx_misc_open+0x10/0x10 [ 1093.349590][T28153] chrdev_open+0x234/0x6a0 [ 1093.349610][T28153] ? __pfx_apparmor_file_open+0x10/0x10 [ 1093.349626][T28153] ? __pfx_chrdev_open+0x10/0x10 [ 1093.349648][T28153] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1093.349671][T28153] do_dentry_open+0x982/0x1530 [ 1093.349691][T28153] ? __pfx_chrdev_open+0x10/0x10 [ 1093.349716][T28153] vfs_open+0x82/0x3f0 [ 1093.349733][T28153] path_openat+0x1de4/0x2cb0 [ 1093.349759][T28153] ? __pfx_path_openat+0x10/0x10 [ 1093.349779][T28153] ? __lock_acquire+0xb8a/0x1c90 [ 1093.349796][T28153] do_filp_open+0x20b/0x470 [ 1093.349826][T28153] ? __pfx_do_filp_open+0x10/0x10 [ 1093.349860][T28153] ? alloc_fd+0x471/0x7d0 [ 1093.349884][T28153] do_sys_openat2+0x11b/0x1d0 [ 1093.349900][T28153] ? __pfx_do_sys_openat2+0x10/0x10 [ 1093.349924][T28153] __x64_sys_openat+0x174/0x210 [ 1093.349941][T28153] ? __pfx___x64_sys_openat+0x10/0x10 [ 1093.349965][T28153] do_syscall_64+0xcd/0xfa0 [ 1093.349987][T28153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1093.350002][T28153] RIP: 0033:0x7f3fa018efc9 [ 1093.350015][T28153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1093.350028][T28153] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1093.350043][T28153] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1093.350053][T28153] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1093.350063][T28153] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1093.350072][T28153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1093.350080][T28153] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1093.350101][T28153] [ 1094.810845][T28165] ima: policy update failed [ 1094.846396][ T30] audit: type=1802 audit(8277292673.738:31): pid=28165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.5373" res=0 errno=0 [ 1094.873870][T28165] netlink: 25 bytes leftover after parsing attributes in process `syz.0.5373'. [ 1095.349119][T28173] sp0: Synchronizing with TNC [ 1095.435965][T28180] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5376'. [ 1095.488262][T28185] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5376'. [ 1095.581238][T28180] netlink: 290 bytes leftover after parsing attributes in process `syz.1.5376'. [ 1095.915598][T28195] FAULT_INJECTION: forcing a failure. [ 1095.915598][T28195] name failslab, interval 1, probability 0, space 0, times 0 [ 1095.995219][T28170] FAULT_INJECTION: forcing a failure. [ 1095.995219][T28170] name failslab, interval 1, probability 0, space 0, times 0 [ 1096.030440][T28195] CPU: 0 UID: 0 PID: 28195 Comm: syz.1.5379 Tainted: G U syzkaller #0 PREEMPT(full) [ 1096.030466][T28195] Tainted: [U]=USER [ 1096.030471][T28195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1096.030480][T28195] Call Trace: [ 1096.030486][T28195] [ 1096.030492][T28195] dump_stack_lvl+0x16c/0x1f0 [ 1096.030518][T28195] should_fail_ex+0x512/0x640 [ 1096.030533][T28195] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1096.030554][T28195] should_failslab+0xc2/0x120 [ 1096.030569][T28195] __kmalloc_cache_noprof+0x72/0x780 [ 1096.030589][T28195] ? snd_seq_oss_open+0x55/0xa20 [ 1096.030609][T28195] ? snd_seq_oss_open+0x55/0xa20 [ 1096.030624][T28195] snd_seq_oss_open+0x55/0xa20 [ 1096.030655][T28195] odev_open+0x79/0xc0 [ 1096.030670][T28195] ? __pfx_odev_open+0x10/0x10 [ 1096.030685][T28195] soundcore_open+0x40c/0x580 [ 1096.030703][T28195] ? __pfx_soundcore_open+0x10/0x10 [ 1096.030718][T28195] chrdev_open+0x234/0x6a0 [ 1096.030739][T28195] ? __pfx_apparmor_file_open+0x10/0x10 [ 1096.030755][T28195] ? __pfx_chrdev_open+0x10/0x10 [ 1096.030777][T28195] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1096.030799][T28195] do_dentry_open+0x982/0x1530 [ 1096.030820][T28195] ? __pfx_chrdev_open+0x10/0x10 [ 1096.030844][T28195] vfs_open+0x82/0x3f0 [ 1096.030861][T28195] path_openat+0x1de4/0x2cb0 [ 1096.030886][T28195] ? __pfx_path_openat+0x10/0x10 [ 1096.030906][T28195] ? __lock_acquire+0xb8a/0x1c90 [ 1096.030923][T28195] do_filp_open+0x20b/0x470 [ 1096.030943][T28195] ? __pfx_do_filp_open+0x10/0x10 [ 1096.030975][T28195] ? alloc_fd+0x471/0x7d0 [ 1096.030998][T28195] do_sys_openat2+0x11b/0x1d0 [ 1096.031013][T28195] ? __pfx_do_sys_openat2+0x10/0x10 [ 1096.031036][T28195] __x64_sys_openat+0x174/0x210 [ 1096.031052][T28195] ? __pfx___x64_sys_openat+0x10/0x10 [ 1096.031076][T28195] do_syscall_64+0xcd/0xfa0 [ 1096.031103][T28195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1096.031118][T28195] RIP: 0033:0x7f3fa018efc9 [ 1096.031131][T28195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1096.031146][T28195] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1096.031160][T28195] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1096.031170][T28195] RDX: 00000000001c8740 RSI: 0000200000000540 RDI: ffffffffffffff9c [ 1096.031179][T28195] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1096.031190][T28195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1096.031198][T28195] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1096.031219][T28195] [ 1096.410397][T28170] CPU: 0 UID: 0 PID: 28170 Comm: syz.5.5374 Tainted: G U syzkaller #0 PREEMPT(full) [ 1096.410424][T28170] Tainted: [U]=USER [ 1096.410429][T28170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1096.410438][T28170] Call Trace: [ 1096.410444][T28170] [ 1096.410451][T28170] dump_stack_lvl+0x16c/0x1f0 [ 1096.410477][T28170] should_fail_ex+0x512/0x640 [ 1096.410493][T28170] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1096.410515][T28170] should_failslab+0xc2/0x120 [ 1096.410530][T28170] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1096.410549][T28170] ? kvm_vm_ioctl+0xc2e/0x3fd0 [ 1096.410572][T28170] ? kvm_vm_ioctl+0xc2e/0x3fd0 [ 1096.410590][T28170] kvm_vm_ioctl+0xc2e/0x3fd0 [ 1096.410623][T28170] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 1096.410654][T28170] ? kasan_quarantine_put+0x10a/0x240 [ 1096.410674][T28170] ? lockdep_hardirqs_on+0x7c/0x110 [ 1096.410697][T28170] ? find_held_lock+0x2b/0x80 [ 1096.410716][T28170] ? tomoyo_path_number_perm+0x295/0x580 [ 1096.410738][T28170] ? tomoyo_path_number_perm+0x18d/0x580 [ 1096.410756][T28170] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1096.410772][T28170] ? futex_wake+0x1ad/0x530 [ 1096.410794][T28170] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1096.410813][T28170] ? do_vfs_ioctl+0x128/0x14f0 [ 1096.410829][T28170] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1096.410849][T28170] ? find_held_lock+0x2b/0x80 [ 1096.410867][T28170] ? hook_file_ioctl_common+0x145/0x410 [ 1096.410889][T28170] ? __fget_files+0x20e/0x3c0 [ 1096.410909][T28170] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 1096.410929][T28170] __x64_sys_ioctl+0x18e/0x210 [ 1096.410945][T28170] do_syscall_64+0xcd/0xfa0 [ 1096.410967][T28170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1096.410984][T28170] RIP: 0033:0x7faaffd8efc9 [ 1096.410997][T28170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1096.411010][T28170] RSP: 002b:00007fab00b5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1096.411025][T28170] RAX: ffffffffffffffda RBX: 00007faafffe5fa0 RCX: 00007faaffd8efc9 [ 1096.411035][T28170] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000003 [ 1096.411043][T28170] RBP: 00007faaffe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1096.411052][T28170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1096.411060][T28170] R13: 00007faafffe6038 R14: 00007faafffe5fa0 R15: 00007fff608aa728 [ 1096.411079][T28170] [ 1097.055685][T28225] ERROR: Out of memory at tomoyo_memory_ok. [ 1097.772158][T28241] ERROR: Out of memory at tomoyo_memory_ok. [ 1099.488111][T28258] zswap: compressor not available [ 1099.899755][T28272] ERROR: Out of memory at tomoyo_memory_ok. [ 1103.312775][T28394] FAULT_INJECTION: forcing a failure. [ 1103.312775][T28394] name failslab, interval 1, probability 0, space 0, times 0 [ 1103.396880][T28394] CPU: 0 UID: 0 PID: 28394 Comm: syz.6.5400 Tainted: G U syzkaller #0 PREEMPT(full) [ 1103.396906][T28394] Tainted: [U]=USER [ 1103.396912][T28394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1103.396921][T28394] Call Trace: [ 1103.396927][T28394] [ 1103.396934][T28394] dump_stack_lvl+0x16c/0x1f0 [ 1103.396960][T28394] should_fail_ex+0x512/0x640 [ 1103.396975][T28394] ? __kmalloc_noprof+0xca/0x880 [ 1103.396995][T28394] should_failslab+0xc2/0x120 [ 1103.397010][T28394] __kmalloc_noprof+0xdd/0x880 [ 1103.397027][T28394] ? lockdep_init_map_type+0x5c/0x280 [ 1103.397043][T28394] ? xfrm_hash_alloc+0xd1/0x100 [ 1103.397065][T28394] ? xfrm_hash_alloc+0xd1/0x100 [ 1103.397082][T28394] xfrm_hash_alloc+0xd1/0x100 [ 1103.397101][T28394] xfrm_net_init+0x35f/0xcc0 [ 1103.397124][T28394] ? __pfx_xfrm_net_init+0x10/0x10 [ 1103.397142][T28394] ops_init+0x1e2/0x5f0 [ 1103.397159][T28394] setup_net+0x100/0x390 [ 1103.397173][T28394] ? __pfx_setup_net+0x10/0x10 [ 1103.397187][T28394] ? debug_mutex_init+0x37/0x70 [ 1103.397208][T28394] copy_net_ns+0x2f8/0x690 [ 1103.397224][T28394] create_new_namespaces+0x3ea/0xa90 [ 1103.397249][T28394] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1103.397271][T28394] ksys_unshare+0x45b/0xa40 [ 1103.397286][T28394] ? __pfx_ksys_unshare+0x10/0x10 [ 1103.397300][T28394] ? xfd_validate_state+0x61/0x180 [ 1103.397321][T28394] __x64_sys_unshare+0x31/0x40 [ 1103.397334][T28394] do_syscall_64+0xcd/0xfa0 [ 1103.397356][T28394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1103.397371][T28394] RIP: 0033:0x7f0836b8efc9 [ 1103.397383][T28394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1103.397397][T28394] RSP: 002b:00007f0834df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1103.397411][T28394] RAX: ffffffffffffffda RBX: 00007f0836de5fa0 RCX: 00007f0836b8efc9 [ 1103.397420][T28394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1103.397429][T28394] RBP: 00007f0836c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1103.397437][T28394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1103.397446][T28394] R13: 00007f0836de6038 R14: 00007f0836de5fa0 R15: 00007ffe2bcf8978 [ 1103.397466][T28394] [ 1103.620136][ C0] vkms_vblank_simulate: vblank timer overrun [ 1104.255131][T28409] FAULT_INJECTION: forcing a failure. [ 1104.255131][T28409] name failslab, interval 1, probability 0, space 0, times 0 [ 1104.328909][T28409] CPU: 0 UID: 0 PID: 28409 Comm: syz.1.5402 Tainted: G U syzkaller #0 PREEMPT(full) [ 1104.328935][T28409] Tainted: [U]=USER [ 1104.328940][T28409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1104.328949][T28409] Call Trace: [ 1104.328954][T28409] [ 1104.328960][T28409] dump_stack_lvl+0x16c/0x1f0 [ 1104.328987][T28409] should_fail_ex+0x512/0x640 [ 1104.329001][T28409] ? fs_reclaim_acquire+0xae/0x150 [ 1104.329017][T28409] should_failslab+0xc2/0x120 [ 1104.329032][T28409] __kmalloc_cache_noprof+0x72/0x780 [ 1104.329051][T28409] ? __pfx_tomoyo_init_log+0x10/0x10 [ 1104.329071][T28409] ? tomoyo_write_log2+0x33d/0xc10 [ 1104.329093][T28409] ? tomoyo_write_log2+0x33d/0xc10 [ 1104.329111][T28409] tomoyo_write_log2+0x33d/0xc10 [ 1104.329133][T28409] tomoyo_supervisor+0x15e/0x13b0 [ 1104.329150][T28409] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 1104.329162][T28409] ? __pfx_vsnprintf+0x10/0x10 [ 1104.329193][T28409] ? tomoyo_check_path_number_acl+0xa6/0x2f0 [ 1104.329217][T28409] tomoyo_path_number_perm+0x448/0x580 [ 1104.329235][T28409] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1104.329271][T28409] ? find_held_lock+0x2b/0x80 [ 1104.329290][T28409] ? hook_file_ioctl_common+0x145/0x410 [ 1104.329312][T28409] ? __fget_files+0x20e/0x3c0 [ 1104.329334][T28409] security_file_ioctl+0x9b/0x240 [ 1104.329353][T28409] __x64_sys_ioctl+0xb7/0x210 [ 1104.329370][T28409] do_syscall_64+0xcd/0xfa0 [ 1104.329391][T28409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1104.329406][T28409] RIP: 0033:0x7f3fa018efc9 [ 1104.329418][T28409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1104.329431][T28409] RSP: 002b:00007f3fa10df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1104.329445][T28409] RAX: ffffffffffffffda RBX: 00007f3fa03e6090 RCX: 00007f3fa018efc9 [ 1104.329456][T28409] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000003 [ 1104.329464][T28409] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1104.329473][T28409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1104.329481][T28409] R13: 00007f3fa03e6128 R14: 00007f3fa03e6090 R15: 00007ffcc3b1d2d8 [ 1104.329500][T28409] [ 1104.553003][ C0] vkms_vblank_simulate: vblank timer overrun [ 1104.601519][T28414] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5403'. [ 1104.735643][T28423] ima: policy update failed [ 1104.743080][T28423] netlink: 25 bytes leftover after parsing attributes in process `syz.6.5404'. [ 1104.883923][ T30] audit: type=1802 audit(8277292683.674:32): pid=28423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.6.5404" res=0 errno=0 [ 1105.480180][T28485] netlink: 13 bytes leftover after parsing attributes in process `syz.5.5408'. [ 1106.735580][T28521] sp0: Synchronizing with TNC [ 1106.768868][T28531] sp0: Found TNC [ 1107.278813][ T5841] Bluetooth: hci0: unexpected event 0x35 length: 13 > 6 [ 1108.146959][T28576] __vm_enough_memory: pid: 28576, comm: syz.0.5416, bytes: 4398046511104 not enough memory for the allocation [ 1108.195262][T28575] ERROR: Out of memory at tomoyo_memory_ok. [ 1108.543051][T28584] netlink: 342 bytes leftover after parsing attributes in process `syz.6.5418'. [ 1110.602617][T28609] netlink: 9 bytes leftover after parsing attributes in process `syz.6.5422'. [ 1112.059647][T28626] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5426'. [ 1112.263729][T28626] hsr_slave_0: left promiscuous mode [ 1112.332959][T28626] hsr_slave_1: left promiscuous mode [ 1112.370981][T28626] bridge0: port 3(hsr0) entered disabled state [ 1112.647047][T28626] hsr0 (unregistering): left allmulticast mode [ 1112.675406][T28626] hsr0 (unregistering): left promiscuous mode [ 1112.714910][T28626] bridge0: port 3(hsr0) entered disabled state [ 1112.832162][T28630] ERROR: Out of memory at tomoyo_memory_ok. [ 1117.406234][T28752] ERROR: Out of memory at tomoyo_memory_ok. [ 1117.644276][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1117.650660][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1118.857535][T28767] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5442'. [ 1119.041359][T28769] kafs: addr_prefs: Invalid Command [ 1119.391138][T28775] ERROR: Out of memory at tomoyo_memory_ok. [ 1121.757557][T28815] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5449'. [ 1121.933832][T28824] netlink: 93 bytes leftover after parsing attributes in process `syz.5.5449'. [ 1121.964957][T28823] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5450'. [ 1122.185318][T28823] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1122.334171][T28823] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1122.520546][T28823] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1122.665063][T28823] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1124.993927][T28884] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5457'. [ 1126.504860][T28929] ERROR: Out of memory at tomoyo_memory_ok. [ 1127.112558][T28942] zswap: compressor not available [ 1130.594066][T29022] ERROR: Out of memory at tomoyo_memory_ok. [ 1133.736268][T29114] ERROR: Out of memory at tomoyo_memory_ok. [ 1134.493321][T29143] FAULT_INJECTION: forcing a failure. [ 1134.493321][T29143] name failslab, interval 1, probability 0, space 0, times 0 [ 1134.608294][T29143] CPU: 0 UID: 0 PID: 29143 Comm: syz.1.5479 Tainted: G U syzkaller #0 PREEMPT(full) [ 1134.608321][T29143] Tainted: [U]=USER [ 1134.608326][T29143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1134.608336][T29143] Call Trace: [ 1134.608341][T29143] [ 1134.608348][T29143] dump_stack_lvl+0x16c/0x1f0 [ 1134.608374][T29143] should_fail_ex+0x512/0x640 [ 1134.608389][T29143] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1134.608410][T29143] should_failslab+0xc2/0x120 [ 1134.608450][T29143] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1134.608469][T29143] ? __kernfs_new_node+0xd2/0x8e0 [ 1134.608487][T29143] ? __kernfs_new_node+0xd2/0x8e0 [ 1134.608500][T29143] __kernfs_new_node+0xd2/0x8e0 [ 1134.608516][T29143] ? __pfx___kernfs_new_node+0x10/0x10 [ 1134.608534][T29143] ? find_held_lock+0x2b/0x80 [ 1134.608554][T29143] ? kernfs_root+0xee/0x2a0 [ 1134.608571][T29143] kernfs_new_node+0x13c/0x1e0 [ 1134.608590][T29143] __kernfs_create_file+0x53/0x350 [ 1134.608610][T29143] cgroup_addrm_files+0x546/0xc20 [ 1134.608635][T29143] ? __pfx_cgroup_addrm_files+0x10/0x10 [ 1134.608659][T29143] ? css_next_child+0xcf/0x2d0 [ 1134.608674][T29143] ? css_next_descendant_pre+0x58/0x1a0 [ 1134.608692][T29143] css_populate_dir+0x343/0x580 [ 1134.608714][T29143] cgroup_mkdir+0x5c4/0x12e0 [ 1134.608734][T29143] ? __pfx_cgroup_mkdir+0x10/0x10 [ 1134.608752][T29143] kernfs_iop_mkdir+0x111/0x190 [ 1134.608772][T29143] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 1134.608792][T29143] vfs_mkdir+0x593/0x8c0 [ 1134.608812][T29143] do_mkdirat+0x304/0x3e0 [ 1134.608833][T29143] ? __pfx_do_mkdirat+0x10/0x10 [ 1134.608854][T29143] ? getname_flags.part.0+0x1c5/0x550 [ 1134.608872][T29143] __x64_sys_mkdir+0xef/0x140 [ 1134.608892][T29143] do_syscall_64+0xcd/0xfa0 [ 1134.608914][T29143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1134.608929][T29143] RIP: 0033:0x7f3fa018efc9 [ 1134.608945][T29143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1134.608960][T29143] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1134.608975][T29143] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1134.608985][T29143] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 1134.608994][T29143] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1134.609004][T29143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1134.609012][T29143] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1134.609036][T29143] [ 1134.609058][T29143] cgroup: cgroup_addrm_files: failed to add cgroup.procs, err=-12 [ 1134.976269][T29144] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5478'. [ 1135.425792][ C0] sd 0:0:1:0: [sda] tag#2012 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 1135.436270][ C0] sd 0:0:1:0: [sda] tag#2012 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00 [ 1138.352361][T29249] netlink: 'syz.5.5493': attribute type 1 has an invalid length. [ 1140.722120][T29281] kexec: Could not allocate control_code_buffer [ 1141.843039][T29371] ERROR: Out of memory at tomoyo_memory_ok. [ 1144.347216][T29447] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1144.841046][T29464] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 1145.019341][ T5184] ERROR: Out of memory at tomoyo_memory_ok. [ 1145.212124][T29484] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5510'. [ 1145.295980][T29470] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 1147.549258][ T5841] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1148.052659][T29614] bond0: invalid ARP target specified [ 1148.198721][T29614] ERROR: Out of memory at tomoyo_memory_ok. [ 1148.516612][T29633] i2c i2c-0: new_device: Extra parameters [ 1149.028704][T29653] random: crng reseeded on system resumption [ 1149.086048][T29655] netlink: 'syz.6.5524': attribute type 1 has an invalid length. [ 1149.168012][T29645] Process accounting resumed [ 1149.405198][T29669] netlink: 25 bytes leftover after parsing attributes in process `syz.1.5528'. [ 1150.505496][T29721] FAULT_INJECTION: forcing a failure. [ 1150.505496][T29721] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1150.518387][T29721] CPU: 1 UID: 0 PID: 29721 Comm: syz.6.5533 Tainted: G U syzkaller #0 PREEMPT(full) [ 1150.518412][T29721] Tainted: [U]=USER [ 1150.518417][T29721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1150.518427][T29721] Call Trace: [ 1150.518432][T29721] [ 1150.518438][T29721] dump_stack_lvl+0x16c/0x1f0 [ 1150.518463][T29721] should_fail_ex+0x512/0x640 [ 1150.518480][T29721] should_fail_futex+0x4c/0x60 [ 1150.518501][T29721] futex_lock_pi_atomic+0x101/0xd50 [ 1150.518522][T29721] futex_lock_pi+0x23f/0x7c0 [ 1150.518543][T29721] ? __pfx_futex_lock_pi+0x10/0x10 [ 1150.518559][T29721] ? __futex_wait+0x24b/0x2f0 [ 1150.518589][T29721] ? futex_private_hash_put+0x18a/0x300 [ 1150.518613][T29721] ? __pfx_futex_wake_mark+0x10/0x10 [ 1150.518635][T29721] ? ksys_write+0x190/0x250 [ 1150.518658][T29721] do_futex+0x11a/0x350 [ 1150.518672][T29721] ? __pfx_do_futex+0x10/0x10 [ 1150.518690][T29721] __x64_sys_futex+0x1e0/0x4c0 [ 1150.518705][T29721] ? fput+0x9b/0xd0 [ 1150.518719][T29721] ? __pfx___x64_sys_futex+0x10/0x10 [ 1150.518733][T29721] ? xfd_validate_state+0x61/0x180 [ 1150.518748][T29721] ? __pfx_ksys_write+0x10/0x10 [ 1150.518777][T29721] do_syscall_64+0xcd/0xfa0 [ 1150.518801][T29721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1150.518815][T29721] RIP: 0033:0x7f0836b8efc9 [ 1150.518829][T29721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1150.518843][T29721] RSP: 002b:00007f0834df6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1150.518857][T29721] RAX: ffffffffffffffda RBX: 00007f0836de5fa0 RCX: 00007f0836b8efc9 [ 1150.518868][T29721] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 1150.518877][T29721] RBP: 00007f0836c11f91 R08: 0000000000000000 R09: 000000008000fff5 [ 1150.518886][T29721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1150.518895][T29721] R13: 00007f0836de6038 R14: 00007f0836de5fa0 R15: 00007ffe2bcf8978 [ 1150.518913][T29721] [ 1151.275488][T29742] ERROR: Out of memory at tomoyo_memory_ok. [ 1153.017261][T29803] ERROR: Out of memory at tomoyo_memory_ok. [ 1153.173923][T29789] bond0: option all_slaves_active: invalid value () [ 1153.359692][T29790] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1153.379533][T29790] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1153.403905][T29790] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1153.425671][T29790] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1153.447304][T29790] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1153.755233][T29834] XFS: Clearing xfsstats [ 1154.263324][T29840] Falling back ldisc for pty66. [ 1154.814558][T29799] kexec: Could not allocate control_code_buffer [ 1154.985867][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 1155.384137][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 1155.463720][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 1155.469812][T25576] Bluetooth: hci3: command 0x0406 tx timeout [ 1157.007641][T23914] usb usb38-port5: attempt power cycle [ 1157.535881][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 1157.584850][T23914] usb usb38-port5: unable to enumerate USB device [ 1159.081453][T29893] kexec: Could not allocate control_code_buffer [ 1159.218790][T29917] ERROR: Out of memory at tomoyo_memory_ok. [ 1159.236921][T29907] ERROR: Out of memory at tomoyo_memory_ok. [ 1159.447730][T29925] nbd: socks must be embedded in a SOCK_ITEM attr [ 1160.327707][T29969] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5565'. [ 1160.414223][T29969] netlink: 93 bytes leftover after parsing attributes in process `syz.0.5565'. [ 1161.497104][T30036] random: crng reseeded on system resumption [ 1163.357287][T30091] zswap: compressor not available [ 1164.279926][T30135] ERROR: Out of memory at tomoyo_memory_ok. [ 1164.688181][ T5900] Process accounting resumed [ 1165.586238][T30187] random: crng reseeded on system resumption [ 1169.826553][T30317] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5594'. [ 1172.371300][T30354] FAULT_INJECTION: forcing a failure. [ 1172.371300][T30354] name failslab, interval 1, probability 0, space 0, times 0 [ 1172.384425][T30354] CPU: 0 UID: 0 PID: 30354 Comm: syz.6.5599 Tainted: G U syzkaller #0 PREEMPT(full) [ 1172.384472][T30354] Tainted: [U]=USER [ 1172.384481][T30354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1172.384499][T30354] Call Trace: [ 1172.384509][T30354] [ 1172.384520][T30354] dump_stack_lvl+0x16c/0x1f0 [ 1172.384568][T30354] should_fail_ex+0x512/0x640 [ 1172.384595][T30354] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1172.384636][T30354] should_failslab+0xc2/0x120 [ 1172.384664][T30354] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1172.384700][T30354] ? __proc_create+0x2ce/0x8e0 [ 1172.384743][T30354] ? __proc_create+0x2ce/0x8e0 [ 1172.384771][T30354] __proc_create+0x2ce/0x8e0 [ 1172.384803][T30354] ? __pfx___proc_create+0x10/0x10 [ 1172.384837][T30354] ? _raw_write_unlock+0x28/0x50 [ 1172.384876][T30354] ? proc_register+0x559/0x8b0 [ 1172.384912][T30354] proc_create_reg+0x7d/0x180 [ 1172.384948][T30354] proc_create_data+0x86/0x110 [ 1172.384980][T30354] ? __pfx_proc_create_data+0x10/0x10 [ 1172.385016][T30354] ? cache_register_net+0x137/0x5e0 [ 1172.385052][T30354] cache_register_net+0x25a/0x5e0 [ 1172.385083][T30354] nfsd_export_init+0xb6/0x250 [ 1172.385118][T30354] ? __pfx_nfsd_net_init+0x10/0x10 [ 1172.385148][T30354] nfsd_net_init+0x33/0x3d0 [ 1172.385180][T30354] ? __pfx_nfsd_net_init+0x10/0x10 [ 1172.385211][T30354] ops_init+0x1e2/0x5f0 [ 1172.385243][T30354] setup_net+0x100/0x390 [ 1172.385270][T30354] ? __pfx_setup_net+0x10/0x10 [ 1172.385298][T30354] ? debug_mutex_init+0x37/0x70 [ 1172.385339][T30354] copy_net_ns+0x2f8/0x690 [ 1172.385373][T30354] create_new_namespaces+0x3ea/0xa90 [ 1172.385424][T30354] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1172.385467][T30354] ksys_unshare+0x45b/0xa40 [ 1172.385493][T30354] ? native_tss_update_io_bitmap+0x3e1/0x770 [ 1172.385526][T30354] ? __pfx_ksys_unshare+0x10/0x10 [ 1172.385555][T30354] ? xfd_validate_state+0x61/0x180 [ 1172.385595][T30354] __x64_sys_unshare+0x31/0x40 [ 1172.385622][T30354] do_syscall_64+0xcd/0xfa0 [ 1172.385665][T30354] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1172.385693][T30354] RIP: 0033:0x7f0836b8efc9 [ 1172.385717][T30354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1172.385753][T30354] RSP: 002b:00007f0834df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1172.385788][T30354] RAX: ffffffffffffffda RBX: 00007f0836de5fa0 RCX: 00007f0836b8efc9 [ 1172.385808][T30354] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1172.385826][T30354] RBP: 00007f0836c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1172.385844][T30354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1172.385863][T30354] R13: 00007f0836de6038 R14: 00007f0836de5fa0 R15: 00007ffe2bcf8978 [ 1172.385904][T30354] [ 1172.979020][T30381] Invalid ELF header magic: != ELF [ 1173.801785][T30391] ERROR: Out of memory at tomoyo_memory_ok. [ 1173.851993][T30398] ERROR: Out of memory at tomoyo_memory_ok. [ 1174.538694][T30450] zswap: compressor not available [ 1175.160112][T30491] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1175.166578][T30491] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1175.179960][T30491] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1175.201336][T30491] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1175.553454][T30498] ERROR: Out of memory at tomoyo_memory_ok. [ 1175.948950][T30506] usb usb15: usbfs: process 30506 (syz.1.5611) did not claim interface 0 before use [ 1177.203266][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 1177.206402][T25576] Bluetooth: hci3: command 0x0406 tx timeout [ 1177.209330][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 1177.215892][T25576] Bluetooth: hci0: command 0x0406 tx timeout [ 1177.889452][T30589] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 1178.813823][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1178.820441][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1178.969759][T30641] Process accounting resumed [ 1180.893822][T30776] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 1181.074977][ T5184] ERROR: Out of memory at tomoyo_memory_ok. [ 1181.289925][T30797] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5624'. [ 1181.457102][T30778] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 1181.924932][T30828] random: crng reseeded on system resumption [ 1182.421698][T30834] Unrecognized hibernate image header format! [ 1182.463603][T30834] PM: hibernation: Image mismatch: architecture specific data [ 1182.879154][T30853] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5628'. [ 1183.787980][T30862] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5629'. [ 1185.497267][T30589] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 1185.809892][T30920] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5632'. [ 1186.219413][T30953] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1186.249427][T30953] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1186.360860][T30953] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1186.389112][T30953] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1186.399191][T30953] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1186.469930][T30953] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1186.857597][T30961] ERROR: Out of memory at tomoyo_memory_ok. [ 1187.291416][T30976] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 1187.550856][T30992] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5635'. [ 1187.652137][ T5184] ERROR: Out of memory at tomoyo_memory_ok. [ 1188.131348][T30982] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36 [ 1188.269845][T30589] Bluetooth: hci0: command 0x0406 tx timeout [ 1188.428714][T30589] Bluetooth: hci3: command 0x0406 tx timeout [ 1188.434082][T25576] Bluetooth: hci2: command 0x0406 tx timeout [ 1188.516154][T25576] Bluetooth: hci1: command 0x0406 tx timeout [ 1190.339855][T25576] Bluetooth: hci0: command 0x0406 tx timeout [ 1190.508952][T25576] Bluetooth: hci3: command 0x0406 tx timeout [ 1191.303475][T31087] zram0: detected capacity change from 0 to 8 [ 1191.366392][T31094] ERROR: Out of memory at tomoyo_memory_ok. [ 1191.436847][T31097] ERROR: Out of memory at tomoyo_memory_ok. [ 1191.460138][T31094] ERROR: Out of memory at tomoyo_memory_ok. [ 1196.324715][ T1158] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:6: bg 1: bad block bitmap checksum [ 1196.349499][ T1158] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1389 with max blocks 4 with error 74 [ 1196.400307][ T1158] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1196.400307][ T1158] [ 1196.967551][T31220] random: crng reseeded on system resumption [ 1197.523873][T31224] Unrecognized hibernate image header format! [ 1197.550279][T31224] PM: hibernation: Image mismatch: architecture specific data [ 1198.011758][T31230] ERROR: Out of memory at tomoyo_memory_ok. [ 1199.072524][T31258] zram: Cannot change disksize for initialized device [ 1199.288722][T31272] bridge0: port 3(veth0_to_bridge) entered blocking state [ 1199.314601][T31272] bridge0: port 3(veth0_to_bridge) entered disabled state [ 1199.485926][T31272] veth0_to_bridge: entered allmulticast mode [ 1199.677546][T31272] FAULT_INJECTION: forcing a failure. [ 1199.677546][T31272] name failslab, interval 1, probability 0, space 0, times 0 [ 1199.786037][T31272] CPU: 0 UID: 0 PID: 31272 Comm: syz.1.5662 Tainted: G U syzkaller #0 PREEMPT(full) [ 1199.786094][T31272] Tainted: [U]=USER [ 1199.786104][T31272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1199.786122][T31272] Call Trace: [ 1199.786131][T31272] [ 1199.786144][T31272] dump_stack_lvl+0x16c/0x1f0 [ 1199.786193][T31272] should_fail_ex+0x512/0x640 [ 1199.786221][T31272] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1199.786271][T31272] should_failslab+0xc2/0x120 [ 1199.786300][T31272] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1199.786342][T31272] ? __kernfs_new_node+0xd2/0x8e0 [ 1199.786378][T31272] ? __kernfs_new_node+0xd2/0x8e0 [ 1199.786402][T31272] __kernfs_new_node+0xd2/0x8e0 [ 1199.786433][T31272] ? __pfx___kernfs_new_node+0x10/0x10 [ 1199.786468][T31272] ? find_held_lock+0x2b/0x80 [ 1199.786507][T31272] ? kernfs_root+0xee/0x2a0 [ 1199.786540][T31272] kernfs_new_node+0x13c/0x1e0 [ 1199.786571][T31272] ? __pfx_map_id_range_down+0x10/0x10 [ 1199.786610][T31272] __kernfs_create_file+0x53/0x350 [ 1199.786649][T31272] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1199.786700][T31272] sysfs_create_file_ns+0x13d/0x1d0 [ 1199.786746][T31272] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 1199.786786][T31272] ? kernfs_create_link+0x1bd/0x240 [ 1199.786835][T31272] ? kernfs_put+0x35/0x60 [ 1199.786861][T31272] ? sysfs_do_create_link_sd+0xbb/0x140 [ 1199.786918][T31272] br_sysfs_addif+0xe4/0x220 [ 1199.786951][T31272] br_add_if+0x70d/0x1b70 [ 1199.786995][T31272] ? security_capable+0x7e/0x260 [ 1199.787030][T31272] add_del_if+0x114/0x160 [ 1199.787057][T31272] br_dev_siocdevprivate+0x908/0x1650 [ 1199.787089][T31272] ? __pfx_br_dev_siocdevprivate+0x10/0x10 [ 1199.787120][T31272] ? __lock_acquire+0xb8a/0x1c90 [ 1199.787160][T31272] ? __mutex_trylock_common+0xe9/0x250 [ 1199.787191][T31272] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1199.787226][T31272] ? netdev_name_node_lookup+0x127/0x180 [ 1199.787268][T31272] dev_ifsioc+0x8ee/0x1ee0 [ 1199.787312][T31272] ? __pfx_dev_ifsioc+0x10/0x10 [ 1199.787352][T31272] ? __pfx___mutex_lock+0x10/0x10 [ 1199.787391][T31272] ? dev_load+0x8e/0x240 [ 1199.787437][T31272] dev_ioctl+0x1b2/0x1060 [ 1199.787478][T31272] sock_ioctl+0x5b3/0x6b0 [ 1199.787512][T31272] ? __pfx_sock_ioctl+0x10/0x10 [ 1199.787543][T31272] ? hook_file_ioctl_common+0x145/0x410 [ 1199.787586][T31272] ? __fget_files+0x20e/0x3c0 [ 1199.787627][T31272] ? __pfx_sock_ioctl+0x10/0x10 [ 1199.787662][T31272] __x64_sys_ioctl+0x18e/0x210 [ 1199.787696][T31272] do_syscall_64+0xcd/0xfa0 [ 1199.787739][T31272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1199.787767][T31272] RIP: 0033:0x7f3fa018efc9 [ 1199.787791][T31272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1199.787825][T31272] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1199.787852][T31272] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1199.787872][T31272] RDX: 0000200000000040 RSI: 00000000000089fc RDI: 0000000000000006 [ 1199.787894][T31272] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1199.787912][T31272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1199.787928][T31272] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1199.787967][T31272] [ 1200.223811][T31272] veth0_to_bridge: left allmulticast mode [ 1200.405532][T31279] zram: Cannot change disksize for initialized device [ 1200.429784][T31287] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1201.194745][T31294] random: crng reseeded on system resumption [ 1201.232919][T31298] ubi0: attaching mtd0 [ 1201.264721][T31298] ubi0: scanning is finished [ 1201.300595][T31298] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1201.741468][T31298] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1202.615070][T31355] program syz.5.5673 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1204.569989][T31460] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1204.579503][T31460] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1204.615892][T31467] netlink: 17 bytes leftover after parsing attributes in process `syz.6.5682'. [ 1204.633312][T31460] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1204.651429][T31460] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1205.466357][T31476] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5683'. [ 1206.591632][T25576] Bluetooth: hci2: command 0x0406 tx timeout [ 1206.591696][T30589] Bluetooth: hci0: command 0x0406 tx timeout [ 1206.672966][T30589] Bluetooth: hci1: command 0x0406 tx timeout [ 1206.673146][T25576] Bluetooth: hci3: command 0x0406 tx timeout [ 1207.754381][T31531] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 1208.312338][ T5184] ERROR: Out of memory at tomoyo_memory_ok. [ 1208.426236][T31542] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5689'. [ 1208.739051][T31537] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 1208.769309][T31595] program syz.1.5690 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1209.306277][T31637] ERROR: Out of memory at tomoyo_memory_ok. [ 1209.712775][T31645] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 1209.712775][T31645] M' is too long [ 1209.748479][T31645] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 1209.748479][T31645] W ' is too long [ 1210.402245][T31646] ERROR: Out of memory at tomoyo_memory_ok. [ 1210.517698][T31666] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5696'. [ 1210.600239][T31666] netlink: 'syz.0.5696': attribute type 1 has an invalid length. [ 1210.608115][T31666] netlink: 'syz.0.5696': attribute type 6 has an invalid length. [ 1210.691795][T31670] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1210.736350][T31670] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1210.793360][T31670] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1210.799851][T31670] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1212.714558][T25576] Bluetooth: hci0: command 0x0406 tx timeout [ 1212.794269][T30589] Bluetooth: hci3: command 0x0406 tx timeout [ 1212.794277][T18161] Bluetooth: hci2: command 0x0406 tx timeout [ 1212.806359][T25576] Bluetooth: hci1: command 0x0406 tx timeout [ 1216.027968][T31763] FAULT_INJECTION: forcing a failure. [ 1216.027968][T31763] name failslab, interval 1, probability 0, space 0, times 0 [ 1216.041911][T31763] CPU: 1 UID: 0 PID: 31763 Comm: syz.6.5709 Tainted: G U syzkaller #0 PREEMPT(full) [ 1216.041958][T31763] Tainted: [U]=USER [ 1216.041967][T31763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1216.041984][T31763] Call Trace: [ 1216.041994][T31763] [ 1216.042006][T31763] dump_stack_lvl+0x16c/0x1f0 [ 1216.042046][T31763] should_fail_ex+0x512/0x640 [ 1216.042067][T31763] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1216.042100][T31763] should_failslab+0xc2/0x120 [ 1216.042133][T31763] __kmalloc_cache_noprof+0x72/0x780 [ 1216.042163][T31763] ? snd_card_file_add+0x52/0x340 [ 1216.042198][T31763] ? snd_card_file_add+0x52/0x340 [ 1216.042224][T31763] snd_card_file_add+0x52/0x340 [ 1216.042255][T31763] snd_rawmidi_open+0x2cc/0xbf0 [ 1216.042292][T31763] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1216.042328][T31763] ? kobject_get_unless_zero+0x156/0x1e0 [ 1216.042354][T31763] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1216.042384][T31763] snd_open+0x22d/0x4c0 [ 1216.042408][T31763] ? __pfx_snd_open+0x10/0x10 [ 1216.042432][T31763] chrdev_open+0x234/0x6a0 [ 1216.042462][T31763] ? __pfx_apparmor_file_open+0x10/0x10 [ 1216.042487][T31763] ? __pfx_chrdev_open+0x10/0x10 [ 1216.042520][T31763] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1216.042556][T31763] do_dentry_open+0x982/0x1530 [ 1216.042587][T31763] ? __pfx_chrdev_open+0x10/0x10 [ 1216.042626][T31763] vfs_open+0x82/0x3f0 [ 1216.042653][T31763] path_openat+0x1de4/0x2cb0 [ 1216.042692][T31763] ? __pfx_path_openat+0x10/0x10 [ 1216.042723][T31763] ? __lock_acquire+0xb8a/0x1c90 [ 1216.042749][T31763] do_filp_open+0x20b/0x470 [ 1216.042779][T31763] ? __pfx_do_filp_open+0x10/0x10 [ 1216.042829][T31763] ? alloc_fd+0x471/0x7d0 [ 1216.042865][T31763] do_sys_openat2+0x11b/0x1d0 [ 1216.042890][T31763] ? __pfx_do_sys_openat2+0x10/0x10 [ 1216.042915][T31763] ? __pfx___might_resched+0x10/0x10 [ 1216.042954][T31763] __x64_sys_openat+0x174/0x210 [ 1216.042981][T31763] ? __pfx___x64_sys_openat+0x10/0x10 [ 1216.043017][T31763] do_syscall_64+0xcd/0xfa0 [ 1216.043051][T31763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1216.043074][T31763] RIP: 0033:0x7f0836b8efc9 [ 1216.043093][T31763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1216.043120][T31763] RSP: 002b:00007f0834dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1216.043144][T31763] RAX: ffffffffffffffda RBX: 00007f0836de6090 RCX: 00007f0836b8efc9 [ 1216.043160][T31763] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1216.043175][T31763] RBP: 00007f0836c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1216.043190][T31763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1216.043204][T31763] R13: 00007f0836de6128 R14: 00007f0836de6090 R15: 00007ffe2bcf8978 [ 1216.043236][T31763] [ 1219.864489][T31853] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5713'. [ 1220.632404][T31868] ERROR: Out of memory at tomoyo_memory_ok. [ 1222.123987][T31895] ERROR: Out of memory at tomoyo_memory_ok. [ 1222.133333][T31885] ERROR: Out of memory at tomoyo_memory_ok. [ 1222.948138][T31923] ERROR: Out of memory at tomoyo_memory_ok. [ 1223.804523][T31973] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5732'. [ 1224.213040][T31965] FAULT_INJECTION: forcing a failure. [ 1224.213040][T31965] name failslab, interval 1, probability 0, space 0, times 0 [ 1224.236515][T31965] CPU: 1 UID: 0 PID: 31965 Comm: syz.1.5730 Tainted: G U syzkaller #0 PREEMPT(full) [ 1224.236551][T31965] Tainted: [U]=USER [ 1224.236556][T31965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1224.236565][T31965] Call Trace: [ 1224.236572][T31965] [ 1224.236579][T31965] dump_stack_lvl+0x16c/0x1f0 [ 1224.236606][T31965] should_fail_ex+0x512/0x640 [ 1224.236621][T31965] ? __kmalloc_noprof+0xca/0x880 [ 1224.236641][T31965] should_failslab+0xc2/0x120 [ 1224.236656][T31965] __kmalloc_noprof+0xdd/0x880 [ 1224.236674][T31965] ? group_cpus_evenly+0xeb/0x650 [ 1224.236696][T31965] ? group_cpus_evenly+0xeb/0x650 [ 1224.236713][T31965] group_cpus_evenly+0xeb/0x650 [ 1224.236733][T31965] ? __pfx_group_cpus_evenly+0x10/0x10 [ 1224.236758][T31965] blk_mq_map_queues+0xa5/0x4d0 [ 1224.236777][T31965] ? __pfx_blk_mq_map_queues+0x10/0x10 [ 1224.236796][T31965] ? rcu_is_watching+0x12/0xc0 [ 1224.236817][T31965] blk_mq_update_queue_map+0x34a/0x3e0 [ 1224.236842][T31965] blk_mq_alloc_tag_set+0x662/0x12e0 [ 1224.236865][T31965] ? idr_alloc_u32+0x263/0x2f0 [ 1224.236893][T31965] loop_add+0x3b2/0xb70 [ 1224.236911][T31965] ? __pfx_loop_add+0x10/0x10 [ 1224.236949][T31965] ? find_held_lock+0x2b/0x80 [ 1224.236972][T31965] loop_control_ioctl+0x13e/0x630 [ 1224.236989][T31965] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1224.237011][T31965] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1224.237028][T31965] __x64_sys_ioctl+0x18e/0x210 [ 1224.237046][T31965] do_syscall_64+0xcd/0xfa0 [ 1224.237067][T31965] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1224.237083][T31965] RIP: 0033:0x7f3fa018efc9 [ 1224.237095][T31965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1224.237109][T31965] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1224.237123][T31965] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1224.237133][T31965] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 1224.237142][T31965] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1224.237150][T31965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1224.237159][T31965] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1224.237180][T31965] [ 1228.798129][T32047] ERROR: Out of memory at tomoyo_memory_ok. [ 1228.971704][T32038] ERROR: Out of memory at tomoyo_memory_ok. [ 1229.345403][T32032] blktrace: Concurrent blktraces are not allowed on sg0 [ 1229.459390][T32070] sysfs_service_op_show: Client not running :-5: [ 1230.019521][T32102] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1230.025951][T32102] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1230.136057][T32102] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1230.212854][T32102] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1231.874987][ T30] audit: type=1800 audit(4294967317.988:33): pid=32137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5750" name="features" dev="configfs" ino=291859 res=0 errno=0 [ 1231.895426][ C0] vkms_vblank_simulate: vblank timer overrun [ 1232.064866][T30589] Bluetooth: hci2: command 0x0406 tx timeout [ 1232.064872][T25576] Bluetooth: hci0: command 0x0406 tx timeout [ 1232.153195][T25576] Bluetooth: hci3: command 0x0406 tx timeout [ 1232.305643][T25576] Bluetooth: hci1: command 0x0406 tx timeout [ 1232.599806][T32140] ERROR: Out of memory at tomoyo_memory_ok. [ 1233.061260][T32146] zswap: compressor 000 not available [ 1236.301659][T32265] netlink: 9 bytes leftover after parsing attributes in process `syz.5.5760'. [ 1236.979075][T32269] ERROR: Out of memory at tomoyo_memory_ok. [ 1237.004626][T32269] openvswitch: HfR: Dropping previously announced user features [ 1238.524627][T32297] ERROR: Out of memory at tomoyo_memory_ok. [ 1238.546079][T32297] openvswitch: HfR: Dropping previously announced user features [ 1238.556709][T32297] FAULT_INJECTION: forcing a failure. [ 1238.556709][T32297] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1238.577522][T32297] CPU: 1 UID: 0 PID: 32297 Comm: syz.6.5767 Tainted: G U syzkaller #0 PREEMPT(full) [ 1238.577567][T32297] Tainted: [U]=USER [ 1238.577578][T32297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1238.577595][T32297] Call Trace: [ 1238.577604][T32297] [ 1238.577616][T32297] dump_stack_lvl+0x16c/0x1f0 [ 1238.577665][T32297] should_fail_ex+0x512/0x640 [ 1238.577707][T32297] get_futex_key+0x1d0/0x1560 [ 1238.577756][T32297] ? __pfx_get_futex_key+0x10/0x10 [ 1238.577796][T32297] ? __pfx___schedule+0x10/0x10 [ 1238.577832][T32297] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 1238.577873][T32297] futex_wait_setup+0x9d/0x550 [ 1238.577914][T32297] __futex_wait+0x193/0x2f0 [ 1238.577949][T32297] ? __pfx___futex_wait+0x10/0x10 [ 1238.577985][T32297] ? __pfx_futex_wake_mark+0x10/0x10 [ 1238.578024][T32297] ? futex_private_hash_put+0x176/0x300 [ 1238.578067][T32297] ? futex_private_hash_put+0x18a/0x300 [ 1238.578110][T32297] futex_wait+0xe8/0x380 [ 1238.578143][T32297] ? __pfx_futex_wait+0x10/0x10 [ 1238.578193][T32297] do_futex+0x229/0x350 [ 1238.578222][T32297] ? __pfx_do_futex+0x10/0x10 [ 1238.578249][T32297] ? fput+0x9b/0xd0 [ 1238.578277][T32297] ? __sys_sendmsg+0x18c/0x220 [ 1238.578322][T32297] __x64_sys_futex+0x1e0/0x4c0 [ 1238.578356][T32297] ? __pfx___x64_sys_futex+0x10/0x10 [ 1238.578385][T32297] ? xfd_validate_state+0x61/0x180 [ 1238.578425][T32297] do_syscall_64+0xcd/0xfa0 [ 1238.578468][T32297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1238.578496][T32297] RIP: 0033:0x7f0836b8efc9 [ 1238.578519][T32297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1238.578545][T32297] RSP: 002b:00007f0834df60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1238.578573][T32297] RAX: ffffffffffffffda RBX: 00007f0836de5fa8 RCX: 00007f0836b8efc9 [ 1238.578592][T32297] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0836de5fa8 [ 1238.578610][T32297] RBP: 00007f0836de5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1238.578628][T32297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1238.578645][T32297] R13: 00007f0836de6038 R14: 00007ffe2bcf8890 R15: 00007ffe2bcf8978 [ 1238.578692][T32297] [ 1238.832628][T32300] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5768'. [ 1239.127672][T32286] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1239.138222][T32286] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1239.171940][T32286] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1239.222258][T32286] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1239.954733][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1239.961564][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1240.185448][T25576] Bluetooth: hci0: command 0x0406 tx timeout [ 1240.356829][T32353] zswap: compressor 000 not available [ 1241.141030][T25576] Bluetooth: hci2: command 0x0406 tx timeout [ 1241.230969][T25576] Bluetooth: hci1: command 0x0406 tx timeout [ 1241.237137][T30589] Bluetooth: hci3: command 0x0406 tx timeout [ 1241.291084][ T30] audit: type=1800 audit(4294967327.442:34): pid=32386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.5776" name="features" dev="configfs" ino=293682 res=0 errno=0 [ 1242.353088][T32408] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1242.360688][T32408] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1242.367181][T32408] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1242.373627][T32408] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1242.552307][T32401] FAULT_INJECTION: forcing a failure. [ 1242.552307][T32401] name failslab, interval 1, probability 0, space 0, times 0 [ 1242.571875][T32401] CPU: 1 UID: 0 PID: 32401 Comm: syz.5.5778 Tainted: G U syzkaller #0 PREEMPT(full) [ 1242.571920][T32401] Tainted: [U]=USER [ 1242.571929][T32401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1242.571942][T32401] Call Trace: [ 1242.571951][T32401] [ 1242.571960][T32401] dump_stack_lvl+0x16c/0x1f0 [ 1242.572001][T32401] should_fail_ex+0x512/0x640 [ 1242.572023][T32401] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1242.572054][T32401] should_failslab+0xc2/0x120 [ 1242.572076][T32401] __kmalloc_cache_noprof+0x72/0x780 [ 1242.572104][T32401] ? sctp_datamsg_from_user+0x8d/0x1330 [ 1242.572134][T32401] ? __lock_acquire+0x622/0x1c90 [ 1242.572159][T32401] ? sctp_datamsg_from_user+0x8d/0x1330 [ 1242.572188][T32401] sctp_datamsg_from_user+0x8d/0x1330 [ 1242.572225][T32401] ? find_held_lock+0x2b/0x80 [ 1242.572252][T32401] ? __genradix_ptr+0x148/0x1a0 [ 1242.572286][T32401] sctp_sendmsg_to_asoc+0xae2/0x1bd0 [ 1242.572323][T32401] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 1242.572346][T32401] ? do_raw_spin_lock+0x12c/0x2b0 [ 1242.572374][T32401] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1242.572409][T32401] ? sctp_sendmsg_check_sflags+0x176/0x320 [ 1242.572447][T32401] sctp_sendmsg+0xe99/0x1e00 [ 1242.572481][T32401] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1242.572505][T32401] ? __pfx___might_resched+0x10/0x10 [ 1242.572541][T32401] ? aa_sk_perm+0x2f4/0xb10 [ 1242.572572][T32401] ? __pfx_aa_sk_perm+0x10/0x10 [ 1242.572597][T32401] ? import_ubuf+0x1b6/0x220 [ 1242.572626][T32401] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1242.572653][T32401] inet_sendmsg+0x11c/0x140 [ 1242.572683][T32401] ____sys_sendmsg+0x973/0xc70 [ 1242.572710][T32401] ? copy_msghdr_from_user+0x10a/0x160 [ 1242.572742][T32401] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1242.572766][T32401] ? lockdep_hardirqs_on+0x7c/0x110 [ 1242.572802][T32401] ? kfree+0x2b8/0x6d0 [ 1242.572825][T32401] ? ___sys_sendmsg+0x141/0x1d0 [ 1242.572862][T32401] ___sys_sendmsg+0x134/0x1d0 [ 1242.572896][T32401] ? __pfx____sys_sendmsg+0x10/0x10 [ 1242.572955][T32401] ? __pfx___might_resched+0x10/0x10 [ 1242.572989][T32401] __sys_sendmmsg+0x200/0x420 [ 1242.573014][T32401] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1242.573044][T32401] ? __pfx_do_futex+0x10/0x10 [ 1242.573083][T32401] ? xfd_validate_state+0x61/0x180 [ 1242.573114][T32401] __x64_sys_sendmmsg+0x9c/0x100 [ 1242.573134][T32401] ? lockdep_hardirqs_on+0x7c/0x110 [ 1242.573165][T32401] do_syscall_64+0xcd/0xfa0 [ 1242.573198][T32401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1242.573221][T32401] RIP: 0033:0x7faaffd8efc9 [ 1242.573240][T32401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1242.573262][T32401] RSP: 002b:00007fab00b5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1242.573290][T32401] RAX: ffffffffffffffda RBX: 00007faafffe5fa0 RCX: 00007faaffd8efc9 [ 1242.573307][T32401] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1242.573321][T32401] RBP: 00007faaffe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1242.573336][T32401] R10: 000000000000e3a7 R11: 0000000000000246 R12: 0000000000000000 [ 1242.573351][T32401] R13: 00007faafffe6038 R14: 00007faafffe5fa0 R15: 00007fff608aa728 [ 1242.573383][T32401] [ 1244.252394][T32468] ERROR: Out of memory at tomoyo_memory_ok. [ 1244.405703][T30589] Bluetooth: hci1: command 0x0406 tx timeout [ 1244.411870][T30589] Bluetooth: hci3: command 0x0406 tx timeout [ 1244.418061][T25576] Bluetooth: hci2: command 0x0406 tx timeout [ 1244.425524][T18161] Bluetooth: hci0: command 0x0406 tx timeout [ 1249.196838][T32636] binder: 32633:32636 ioctl 400c620e 0 returned -22 [ 1250.981957][T32663] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5803'. [ 1250.998760][T32663] netlink: 354 bytes leftover after parsing attributes in process `syz.6.5803'. [ 1251.548054][T32665] FAULT_INJECTION: forcing a failure. [ 1251.548054][T32665] name failslab, interval 1, probability 0, space 0, times 0 [ 1251.563633][T32665] CPU: 0 UID: 0 PID: 32665 Comm: syz.5.5802 Tainted: G U syzkaller #0 PREEMPT(full) [ 1251.563677][T32665] Tainted: [U]=USER [ 1251.563687][T32665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1251.563704][T32665] Call Trace: [ 1251.563713][T32665] [ 1251.563725][T32665] dump_stack_lvl+0x16c/0x1f0 [ 1251.563770][T32665] should_fail_ex+0x512/0x640 [ 1251.563794][T32665] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1251.563832][T32665] should_failslab+0xc2/0x120 [ 1251.563856][T32665] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1251.563891][T32665] ? vm_area_dup+0x27/0x8d0 [ 1251.563928][T32665] ? vm_area_dup+0x27/0x8d0 [ 1251.563957][T32665] vm_area_dup+0x27/0x8d0 [ 1251.563992][T32665] dup_mmap+0x86f/0x2280 [ 1251.564032][T32665] ? __pfx_dup_mmap+0x10/0x10 [ 1251.564083][T32665] copy_process+0x3f0c/0x76a0 [ 1251.564108][T32665] ? __pfx___futex_wait+0x10/0x10 [ 1251.564154][T32665] ? __pfx_copy_process+0x10/0x10 [ 1251.564194][T32665] ? futex_private_hash_put+0x176/0x300 [ 1251.564241][T32665] ? futex_private_hash_put+0x18a/0x300 [ 1251.564300][T32665] kernel_clone+0xfc/0x930 [ 1251.564329][T32665] ? __pfx_kernel_clone+0x10/0x10 [ 1251.564378][T32665] __do_sys_clone+0xce/0x120 [ 1251.564400][T32665] ? __pfx___do_sys_clone+0x10/0x10 [ 1251.564424][T32665] ? ksys_unshare+0x687/0xa40 [ 1251.564465][T32665] ? xfd_validate_state+0x61/0x180 [ 1251.564505][T32665] do_syscall_64+0xcd/0xfa0 [ 1251.564548][T32665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1251.564576][T32665] RIP: 0033:0x7faaffd8efc9 [ 1251.564598][T32665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1251.564625][T32665] RSP: 002b:00007fab00b5bfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1251.564651][T32665] RAX: ffffffffffffffda RBX: 00007faafffe5fa0 RCX: 00007faaffd8efc9 [ 1251.564668][T32665] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1251.564683][T32665] RBP: 00007faaffe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1251.564699][T32665] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1251.564715][T32665] R13: 00007faafffe6038 R14: 00007faafffe5fa0 R15: 00007fff608aa728 [ 1251.564752][T32665] [ 1251.854513][T32715] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5807'. [ 1253.549958][T32722] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5809'. [ 1253.588018][T32722] bond0: entered allmulticast mode [ 1253.601751][T32722] bond_slave_1: entered allmulticast mode [ 1253.644325][T32722] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1253.678948][ T338] FAULT_INJECTION: forcing a failure. [ 1253.678948][ T338] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1253.720835][ T338] CPU: 1 UID: 0 PID: 338 Comm: syz.6.5812 Tainted: G U syzkaller #0 PREEMPT(full) [ 1253.720883][ T338] Tainted: [U]=USER [ 1253.720893][ T338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1253.720911][ T338] Call Trace: [ 1253.720921][ T338] [ 1253.720933][ T338] dump_stack_lvl+0x16c/0x1f0 [ 1253.720978][ T338] should_fail_ex+0x512/0x640 [ 1253.721008][ T338] get_futex_key+0x1d0/0x1560 [ 1253.721052][ T338] ? arch_stack_walk+0xa6/0x100 [ 1253.721086][ T338] ? __pfx_get_futex_key+0x10/0x10 [ 1253.721136][ T338] futex_wait_setup+0x9d/0x550 [ 1253.721180][ T338] __futex_wait+0x193/0x2f0 [ 1253.721214][ T338] ? __pfx___futex_wait+0x10/0x10 [ 1253.721251][ T338] ? __pfx_futex_wake_mark+0x10/0x10 [ 1253.721289][ T338] ? futex_private_hash_put+0x176/0x300 [ 1253.721335][ T338] ? futex_private_hash_put+0x18a/0x300 [ 1253.721380][ T338] futex_wait+0xe8/0x380 [ 1253.721413][ T338] ? __pfx_futex_wait+0x10/0x10 [ 1253.721454][ T338] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 1253.721488][ T338] ? lockdep_hardirqs_on+0x7c/0x110 [ 1253.721536][ T338] do_futex+0x229/0x350 [ 1253.721564][ T338] ? __pfx_do_futex+0x10/0x10 [ 1253.721596][ T338] ? __fput+0x68d/0xb70 [ 1253.721628][ T338] __x64_sys_futex+0x1e0/0x4c0 [ 1253.721665][ T338] ? __pfx___x64_sys_futex+0x10/0x10 [ 1253.721690][ T338] ? dnotify_flush+0x79/0x4c0 [ 1253.721724][ T338] do_syscall_64+0xcd/0xfa0 [ 1253.721784][ T338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1253.721811][ T338] RIP: 0033:0x7f0836b8efc9 [ 1253.721830][ T338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1253.721858][ T338] RSP: 002b:00007f0834df60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1253.721884][ T338] RAX: ffffffffffffffda RBX: 00007f0836de5fa8 RCX: 00007f0836b8efc9 [ 1253.721902][ T338] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0836de5fa8 [ 1253.721920][ T338] RBP: 00007f0836de5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1253.721936][ T338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1253.721953][ T338] R13: 00007f0836de6038 R14: 00007ffe2bcf8890 R15: 00007ffe2bcf8978 [ 1253.721989][ T338] [ 1254.089724][ T340] ERROR: Out of memory at tomoyo_memory_ok. [ 1255.436752][ T360] ERROR: Out of memory at tomoyo_memory_ok. [ 1255.611766][ T1325] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:7: bg 2: bad block bitmap checksum [ 1255.659497][ T1325] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1390 with max blocks 3 with error 74 [ 1255.689802][ T1325] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1255.689802][ T1325] [ 1255.712020][ T365] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1255.746539][ T368] Console: switching to colour VGA+ 80x25 [ 1256.676024][ T409] zram: Added device: zram1 [ 1258.126529][ T472] netlink: 25 bytes leftover after parsing attributes in process `syz.1.5827'. [ 1259.038801][ T499] ERROR: Out of memory at tomoyo_memory_ok. [ 1262.488120][ T640] sd 0:0:1:0: PR command failed: 1026 [ 1262.494236][ T640] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1262.501438][ T640] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1264.432406][ T698] netlink: zone id is out of range [ 1264.437632][ T698] netlink: zone id is out of range [ 1264.443131][ T698] netlink: zone id is out of range [ 1264.448233][ T698] netlink: zone id is out of range [ 1264.494990][ T698] netlink: zone id is out of range [ 1264.525941][ T698] netlink: zone id is out of range [ 1264.572690][ T698] netlink: zone id is out of range [ 1264.577844][ T698] netlink: zone id is out of range [ 1264.700314][ T698] netlink: zone id is out of range [ 1264.705448][ T698] netlink: zone id is out of range [ 1264.828492][ T706] FAULT_INJECTION: forcing a failure. [ 1264.828492][ T706] name failslab, interval 1, probability 0, space 0, times 0 [ 1264.841479][ T706] CPU: 1 UID: 0 PID: 706 Comm: syz.5.5845 Tainted: G U syzkaller #0 PREEMPT(full) [ 1264.841524][ T706] Tainted: [U]=USER [ 1264.841534][ T706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1264.841550][ T706] Call Trace: [ 1264.841559][ T706] [ 1264.841570][ T706] dump_stack_lvl+0x16c/0x1f0 [ 1264.841632][ T706] should_fail_ex+0x512/0x640 [ 1264.841659][ T706] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1264.841701][ T706] should_failslab+0xc2/0x120 [ 1264.841728][ T706] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1264.841764][ T706] ? d_lookup+0xe7/0x190 [ 1264.841793][ T706] ? alloc_inode+0x64/0x240 [ 1264.841825][ T706] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 1264.841856][ T706] ? alloc_inode+0x64/0x240 [ 1264.841882][ T706] alloc_inode+0x64/0x240 [ 1264.841909][ T706] new_inode+0x22/0x1c0 [ 1264.841940][ T706] __debugfs_create_file+0x11c/0x6b0 [ 1264.841978][ T706] debugfs_create_file_full+0x41/0x60 [ 1264.842017][ T706] ref_tracker_dir_debugfs+0x19d/0x290 [ 1264.842046][ T706] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 1264.842109][ T706] ? lockdep_init_map_type+0x5c/0x280 [ 1264.842146][ T706] preinit_net.part.0+0x437/0x8a0 [ 1264.842175][ T706] copy_net_ns+0x3ba/0x690 [ 1264.842208][ T706] create_new_namespaces+0x3ea/0xa90 [ 1264.842252][ T706] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1264.842286][ T706] ksys_unshare+0x45b/0xa40 [ 1264.842311][ T706] ? __pfx_ksys_unshare+0x10/0x10 [ 1264.842338][ T706] ? xfd_validate_state+0x61/0x180 [ 1264.842372][ T706] __x64_sys_unshare+0x31/0x40 [ 1264.842397][ T706] do_syscall_64+0xcd/0xfa0 [ 1264.842438][ T706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1264.842463][ T706] RIP: 0033:0x7faaffd8efc9 [ 1264.842484][ T706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1264.842509][ T706] RSP: 002b:00007fab00b5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1264.842536][ T706] RAX: ffffffffffffffda RBX: 00007faafffe5fa0 RCX: 00007faaffd8efc9 [ 1264.842554][ T706] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1264.842570][ T706] RBP: 00007faaffe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1264.842598][ T706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1264.842616][ T706] R13: 00007faafffe6038 R14: 00007faafffe5fa0 R15: 00007fff608aa728 [ 1264.842655][ T706] [ 1264.842666][ T706] debugfs: out of free dentries, can not create file 'net_notrefcnt@ffff8880789a0220' [ 1265.463047][ T698] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1265.618020][ T698] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1265.788449][ T698] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1265.933299][ T698] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1266.266646][ T702] Format for deleting device is "id" (uint). [ 1266.628512][ T775] FAULT_INJECTION: forcing a failure. [ 1266.628512][ T775] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1266.647924][ T778] FAULT_INJECTION: forcing a failure. [ 1266.647924][ T778] name failslab, interval 1, probability 0, space 0, times 0 [ 1266.674105][ T777] ERROR: Out of memory at tomoyo_memory_ok. [ 1266.678659][ T778] CPU: 0 UID: 0 PID: 778 Comm: syz.1.5846 Tainted: G U syzkaller #0 PREEMPT(full) [ 1266.678702][ T778] Tainted: [U]=USER [ 1266.678712][ T778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1266.678729][ T778] Call Trace: [ 1266.678739][ T778] [ 1266.678749][ T778] dump_stack_lvl+0x16c/0x1f0 [ 1266.678795][ T778] should_fail_ex+0x512/0x640 [ 1266.678820][ T778] ? fs_reclaim_acquire+0xae/0x150 [ 1266.678852][ T778] should_failslab+0xc2/0x120 [ 1266.678878][ T778] __kmalloc_cache_noprof+0x72/0x780 [ 1266.678917][ T778] ? __pfx_tomoyo_init_log+0x10/0x10 [ 1266.678962][ T778] ? tomoyo_write_log2+0x33d/0xc10 [ 1266.679004][ T778] ? tomoyo_write_log2+0x33d/0xc10 [ 1266.679041][ T778] tomoyo_write_log2+0x33d/0xc10 [ 1266.679084][ T778] tomoyo_supervisor+0x15e/0x13b0 [ 1266.679117][ T778] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 1266.679141][ T778] ? __pfx_vsnprintf+0x10/0x10 [ 1266.679201][ T778] ? tomoyo_check_path_number_acl+0xa6/0x2f0 [ 1266.679246][ T778] tomoyo_path_number_perm+0x448/0x580 [ 1266.679282][ T778] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1266.679317][ T778] ? rcu_read_unlock+0x17/0x60 [ 1266.679351][ T778] ? do_raw_spin_lock+0x12c/0x2b0 [ 1266.679382][ T778] ? find_held_lock+0x2b/0x80 [ 1266.679440][ T778] ? find_held_lock+0x2b/0x80 [ 1266.679474][ T778] ? __pfx___d_add+0x10/0x10 [ 1266.679499][ T778] ? d_alloc+0x176/0x1e0 [ 1266.679536][ T778] ? current_check_access_path+0x33c/0x460 [ 1266.679583][ T778] ? simple_lookup+0x105/0x1d0 [ 1266.679622][ T778] tomoyo_path_mknod+0x10c/0x190 [ 1266.679648][ T778] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 1266.679677][ T778] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1266.679717][ T778] security_path_mknod+0x161/0x310 [ 1266.679753][ T778] do_mknodat+0x239/0x5d0 [ 1266.679793][ T778] ? __pfx_do_mknodat+0x10/0x10 [ 1266.679827][ T778] ? getname_flags.part.0+0x1c5/0x550 [ 1266.679863][ T778] __x64_sys_mknod+0x87/0xb0 [ 1266.679901][ T778] do_syscall_64+0xcd/0xfa0 [ 1266.679941][ T778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1266.679968][ T778] RIP: 0033:0x7f3fa018efc9 [ 1266.679990][ T778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1266.680016][ T778] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 1266.680041][ T778] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1266.680059][ T778] RDX: 00000000fffffffa RSI: 00000000000000cb RDI: 0000200000000180 [ 1266.680077][ T778] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1266.680095][ T778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1266.680109][ T778] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1266.680141][ T778] [ 1266.757730][ T775] CPU: 0 UID: 0 PID: 775 Comm: syz.6.5847 Tainted: G U syzkaller #0 PREEMPT(full) [ 1266.757773][ T775] Tainted: [U]=USER [ 1266.757782][ T775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1266.757799][ T775] Call Trace: [ 1266.757809][ T775] [ 1266.757820][ T775] dump_stack_lvl+0x16c/0x1f0 [ 1266.757865][ T775] should_fail_ex+0x512/0x640 [ 1266.757897][ T775] should_fail_alloc_page+0xe7/0x130 [ 1266.757927][ T775] prepare_alloc_pages+0x3c2/0x610 [ 1266.757954][ T775] ? rcu_is_watching+0x12/0xc0 [ 1266.758005][ T775] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1266.758049][ T775] ? __lock_acquire+0xb8a/0x1c90 [ 1266.758090][ T775] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1266.758126][ T775] ? do_raw_spin_lock+0x12c/0x2b0 [ 1266.758159][ T775] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1266.758192][ T775] ? find_held_lock+0x2b/0x80 [ 1266.758237][ T775] ? __lock_acquire+0xb8a/0x1c90 [ 1266.758262][ T775] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1266.758299][ T775] ? policy_nodemask+0xea/0x4e0 [ 1266.758335][ T775] alloc_pages_mpol+0x1fb/0x550 [ 1266.758363][ T775] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1266.758410][ T775] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1266.758446][ T775] shmem_alloc_folio+0x135/0x160 [ 1266.758480][ T775] shmem_alloc_and_add_folio+0x499/0xc20 [ 1266.758532][ T775] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1266.758569][ T775] ? shmem_allowable_huge_orders+0xd4/0x3f0 [ 1266.758614][ T775] shmem_get_folio_gfp+0x67f/0x1610 [ 1266.758656][ T775] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1266.758692][ T775] ? __pfx_timestamp_truncate+0x10/0x10 [ 1266.758735][ T775] shmem_fault+0x1fe/0xa30 [ 1266.758776][ T775] ? __pfx_shmem_fault+0x10/0x10 [ 1266.758815][ T775] ? __pfx___up_read+0x10/0x10 [ 1266.758845][ T775] ? inode_to_bdi+0x9e/0x160 [ 1266.758892][ T775] ? __pfx_filemap_map_pages+0x10/0x10 [ 1266.758923][ T775] __do_fault+0x10d/0x490 [ 1266.758961][ T775] ? __pfx_filemap_map_pages+0x10/0x10 [ 1266.758993][ T775] do_pte_missing+0x1a6/0x3ba0 [ 1266.759024][ T775] ? find_held_lock+0x2b/0x80 [ 1266.759060][ T775] ? __handle_mm_fault+0x1529/0x2aa0 [ 1266.759102][ T775] __handle_mm_fault+0x1556/0x2aa0 [ 1266.759146][ T775] ? __pfx___handle_mm_fault+0x10/0x10 [ 1266.759182][ T775] ? __pte_offset_map_lock+0x174/0x310 [ 1266.759224][ T775] ? find_held_lock+0x2b/0x80 [ 1266.759270][ T775] ? follow_page_pte+0x5cf/0x1390 [ 1266.759311][ T775] handle_mm_fault+0x589/0xd10 [ 1266.759351][ T775] __get_user_pages+0x54e/0x3530 [ 1266.759399][ T775] ? down_read_killable+0x220/0x4b0 [ 1266.759433][ T775] ? __pfx___get_user_pages+0x10/0x10 [ 1266.759471][ T775] faultin_page_range+0x338/0x940 [ 1266.759509][ T775] madvise_do_behavior+0x34c/0x530 [ 1266.759544][ T775] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1266.759574][ T775] ? down_read+0x13d/0x480 [ 1266.759618][ T775] do_madvise+0x176/0x240 [ 1266.759646][ T775] ? __pfx_do_madvise+0x10/0x10 [ 1266.759672][ T775] ? do_futex+0x122/0x350 [ 1266.759723][ T775] ? xfd_validate_state+0x61/0x180 [ 1266.759751][ T775] ? __pfx_do_writev+0x10/0x10 [ 1266.759790][ T775] __x64_sys_madvise+0xa9/0x110 [ 1266.759818][ T775] ? lockdep_hardirqs_on+0x7c/0x110 [ 1266.759855][ T775] do_syscall_64+0xcd/0xfa0 [ 1266.759897][ T775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1266.759925][ T775] RIP: 0033:0x7f0836b8efc9 [ 1266.759948][ T775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1266.759973][ T775] RSP: 002b:00007f0834df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1266.759999][ T775] RAX: ffffffffffffffda RBX: 00007f0836de5fa0 RCX: 00007f0836b8efc9 [ 1266.760017][ T775] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 1266.760034][ T775] RBP: 00007f0836c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1266.760052][ T775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1266.760068][ T775] R13: 00007f0836de6038 R14: 00007f0836de5fa0 R15: 00007ffe2bcf8978 [ 1266.760106][ T775] [ 1267.394812][ T778] ERROR: Out of memory at tomoyo_memory_ok. [ 1267.884856][T30589] Bluetooth: hci1: unexpected subevent 0x12 length: 123 > 5 [ 1268.431031][ T829] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5851'. [ 1268.471848][ T829] netlink: 354 bytes leftover after parsing attributes in process `syz.0.5851'. [ 1271.741587][ T1002] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 954 with max blocks 9 with error 117 [ 1271.776128][ T1002] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1271.776128][ T1002] [ 1273.405705][ T1107] netlink: 'syz.0.5871': attribute type 15 has an invalid length. [ 1273.417625][ T1107] netlink: 252 bytes leftover after parsing attributes in process `syz.0.5871'. [ 1273.444740][ T1107] netlink: 'syz.0.5871': attribute type 15 has an invalid length. [ 1273.464930][ T1107] netlink: 252 bytes leftover after parsing attributes in process `syz.0.5871'. [ 1274.588323][ T1131] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1274.725836][ T1131] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1274.732322][ T1131] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1274.738634][ T1131] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1276.646771][T30589] Bluetooth: hci0: command 0x0406 tx timeout [ 1276.726757][T30589] Bluetooth: hci3: command 0x0406 tx timeout [ 1276.727019][T25576] Bluetooth: hci2: command 0x0406 tx timeout [ 1276.815848][T25576] Bluetooth: hci1: command 0x0406 tx timeout [ 1277.053658][ T1151] FAULT_INJECTION: forcing a failure. [ 1277.053658][ T1151] name failslab, interval 1, probability 0, space 0, times 0 [ 1277.081541][ T1151] CPU: 1 UID: 0 PID: 1151 Comm: syz.1.5868 Tainted: G U syzkaller #0 PREEMPT(full) [ 1277.081586][ T1151] Tainted: [U]=USER [ 1277.081596][ T1151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1277.081620][ T1151] Call Trace: [ 1277.081630][ T1151] [ 1277.081641][ T1151] dump_stack_lvl+0x16c/0x1f0 [ 1277.081690][ T1151] should_fail_ex+0x512/0x640 [ 1277.081716][ T1151] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1277.081758][ T1151] should_failslab+0xc2/0x120 [ 1277.081786][ T1151] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1277.081823][ T1151] ? ptlock_alloc+0x1f/0x70 [ 1277.081862][ T1151] ? ptlock_alloc+0x1f/0x70 [ 1277.081892][ T1151] ptlock_alloc+0x1f/0x70 [ 1277.081922][ T1151] pte_alloc_one+0x84/0x350 [ 1277.081964][ T1151] __pte_alloc+0x6d/0x380 [ 1277.082004][ T1151] ? __pfx___pte_alloc+0x10/0x10 [ 1277.082045][ T1151] ? _raw_spin_unlock+0x28/0x50 [ 1277.082082][ T1151] ? __pmd_alloc+0x64f/0x8b0 [ 1277.082113][ T1151] copy_page_range+0x44a1/0x6930 [ 1277.082192][ T1151] ? __pfx_copy_page_range+0x10/0x10 [ 1277.082229][ T1151] ? mas_store+0x860/0x1030 [ 1277.082255][ T1151] ? __pfx___might_resched+0x10/0x10 [ 1277.082294][ T1151] ? find_held_lock+0x2b/0x80 [ 1277.082332][ T1151] ? __pfx_mas_store+0x10/0x10 [ 1277.082357][ T1151] ? __vma_enter_locked+0x163/0x3f0 [ 1277.082414][ T1151] dup_mmap+0xe80/0x2280 [ 1277.082458][ T1151] ? __pfx_dup_mmap+0x10/0x10 [ 1277.082513][ T1151] copy_process+0x3f0c/0x76a0 [ 1277.082539][ T1151] ? __pfx___futex_wait+0x10/0x10 [ 1277.082589][ T1151] ? __pfx_copy_process+0x10/0x10 [ 1277.082641][ T1151] ? futex_private_hash_put+0x176/0x300 [ 1277.082692][ T1151] ? futex_private_hash_put+0x18a/0x300 [ 1277.082743][ T1151] kernel_clone+0xfc/0x930 [ 1277.082772][ T1151] ? __pfx_kernel_clone+0x10/0x10 [ 1277.082821][ T1151] __do_sys_clone+0xce/0x120 [ 1277.082846][ T1151] ? __pfx___do_sys_clone+0x10/0x10 [ 1277.082871][ T1151] ? ksys_unshare+0x687/0xa40 [ 1277.082915][ T1151] ? xfd_validate_state+0x61/0x180 [ 1277.082958][ T1151] do_syscall_64+0xcd/0xfa0 [ 1277.083001][ T1151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1277.083030][ T1151] RIP: 0033:0x7f3fa018efc9 [ 1277.083053][ T1151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1277.083080][ T1151] RSP: 002b:00007f3fa10fffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1277.083106][ T1151] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1277.083126][ T1151] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1277.083143][ T1151] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1277.083161][ T1151] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1277.083179][ T1151] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1277.083220][ T1151] [ 1277.361176][ C1] vkms_vblank_simulate: vblank timer overrun [ 1278.852635][ T1196] ERROR: Out of memory at tomoyo_memory_ok. [ 1279.859242][ T1173] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1282.064947][ T1036] EXT4-fs (sda1): Delayed block allocation failed for inode 2028 at logical offset 3 with max blocks 1 with error 117 [ 1282.073495][ T1272] vivid-007: ================= START STATUS ================= [ 1282.095888][ T1036] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1282.095888][ T1036] [ 1282.098369][ T1272] vivid-007: Generate PTS: true [ 1282.250637][ T1272] vivid-007: Generate SCR: true [ 1282.275711][ T1272] tpg source WxH: 320x240 (Y'CbCr) [ 1282.289787][ T1260] ================================================================== [ 1282.289807][ T1260] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70 [ 1282.289857][ T1260] Read of size 2 at addr ffff888028925152 by task syz.1.5881/1260 [ 1282.289882][ T1260] [ 1282.289897][ T1260] CPU: 1 UID: 0 PID: 1260 Comm: syz.1.5881 Tainted: G U syzkaller #0 PREEMPT(full) [ 1282.289937][ T1260] Tainted: [U]=USER [ 1282.289947][ T1260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1282.289965][ T1260] Call Trace: [ 1282.289974][ T1260] [ 1282.289984][ T1260] dump_stack_lvl+0x116/0x1f0 [ 1282.290026][ T1260] print_report+0xcd/0x630 [ 1282.290051][ T1260] ? __virt_addr_valid+0x81/0x610 [ 1282.290084][ T1260] ? __phys_addr+0xe8/0x180 [ 1282.290110][ T1260] ? fbcon_prepare_logo+0xa03/0xc70 [ 1282.290149][ T1260] kasan_report+0xe0/0x110 [ 1282.290176][ T1260] ? fbcon_prepare_logo+0xa03/0xc70 [ 1282.290220][ T1260] kasan_check_range+0x100/0x1b0 [ 1282.290251][ T1260] __asan_memcpy+0x23/0x60 [ 1282.290286][ T1260] fbcon_prepare_logo+0xa03/0xc70 [ 1282.290333][ T1260] fbcon_init+0xd77/0x1900 [ 1282.290376][ T1260] visual_init+0x320/0x620 [ 1282.290402][ T1260] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1282.290439][ T1260] store_bind+0x61d/0x760 [ 1282.290466][ T1260] ? sysfs_file_kobj+0xe4/0x290 [ 1282.290500][ T1260] ? __pfx_store_bind+0x10/0x10 [ 1282.290527][ T1260] dev_attr_store+0x58/0x80 [ 1282.290567][ T1260] ? __pfx_dev_attr_store+0x10/0x10 [ 1282.290606][ T1260] sysfs_kf_write+0xf2/0x150 [ 1282.290643][ T1260] kernfs_fop_write_iter+0x3af/0x570 [ 1282.290675][ T1260] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1282.290714][ T1260] iter_file_splice_write+0xa24/0x12e0 [ 1282.290758][ T1260] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1282.290797][ T1260] ? __pfx_copy_splice_read+0x10/0x10 [ 1282.290837][ T1260] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1282.290874][ T1260] direct_splice_actor+0x192/0x6c0 [ 1282.290911][ T1260] splice_direct_to_actor+0x345/0xa30 [ 1282.290946][ T1260] ? __pfx_direct_splice_actor+0x10/0x10 [ 1282.290983][ T1260] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1282.291023][ T1260] do_splice_direct+0x174/0x240 [ 1282.291069][ T1260] ? __pfx_do_splice_direct+0x10/0x10 [ 1282.291105][ T1260] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1282.291143][ T1260] ? rw_verify_area+0xcf/0x6c0 [ 1282.291179][ T1260] do_sendfile+0xb06/0xe50 [ 1282.291218][ T1260] ? __pfx_do_sendfile+0x10/0x10 [ 1282.291255][ T1260] ? __x64_sys_futex+0x1e0/0x4c0 [ 1282.291282][ T1260] ? __x64_sys_futex+0x1e9/0x4c0 [ 1282.291311][ T1260] __x64_sys_sendfile64+0x1d8/0x220 [ 1282.291338][ T1260] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1282.291370][ T1260] do_syscall_64+0xcd/0xfa0 [ 1282.291411][ T1260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1282.291440][ T1260] RIP: 0033:0x7f3fa018efc9 [ 1282.291462][ T1260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1282.291490][ T1260] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1282.291517][ T1260] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1282.291537][ T1260] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000003 [ 1282.291554][ T1260] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1282.291572][ T1260] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1282.291589][ T1260] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1282.291617][ T1260] [ 1282.291627][ T1260] [ 1282.291634][ T1260] Allocated by task 909: [ 1282.291649][ T1260] kasan_save_stack+0x33/0x60 [ 1282.291687][ T1260] kasan_save_track+0x14/0x30 [ 1282.291725][ T1260] __kasan_kmalloc+0xaa/0xb0 [ 1282.291762][ T1260] __kmalloc_node_track_caller_noprof+0x345/0x8a0 [ 1282.291803][ T1260] kstrdup+0x53/0x100 [ 1282.291835][ T1260] kstrdup_const+0x63/0x80 [ 1282.291869][ T1260] kvasprintf_const+0x10f/0x1a0 [ 1282.291897][ T1260] kobject_set_name_vargs+0x5a/0x140 [ 1282.291925][ T1260] dev_set_name+0xc7/0x100 [ 1282.291951][ T1260] netdev_register_kobject+0xc5/0x3d0 [ 1282.291980][ T1260] register_netdevice+0x13dc/0x2270 [ 1282.292005][ T1260] __ip_tunnel_create+0x540/0x6e0 [ 1282.292029][ T1260] ip_tunnel_init_net+0x22f/0x7d0 [ 1282.292062][ T1260] ops_init+0x1e2/0x5f0 [ 1282.292081][ T1260] setup_net+0x100/0x390 [ 1282.292101][ T1260] copy_net_ns+0x2f8/0x690 [ 1282.292123][ T1260] create_new_namespaces+0x3ea/0xa90 [ 1282.292154][ T1260] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1282.292186][ T1260] ksys_unshare+0x45b/0xa40 [ 1282.292207][ T1260] __x64_sys_unshare+0x31/0x40 [ 1282.292228][ T1260] do_syscall_64+0xcd/0xfa0 [ 1282.292263][ T1260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1282.292286][ T1260] [ 1282.292293][ T1260] Freed by task 9504: [ 1282.292305][ T1260] kasan_save_stack+0x33/0x60 [ 1282.292340][ T1260] kasan_save_track+0x14/0x30 [ 1282.292375][ T1260] __kasan_save_free_info+0x3b/0x60 [ 1282.292405][ T1260] __kasan_slab_free+0x5f/0x80 [ 1282.292426][ T1260] kfree+0x2b8/0x6d0 [ 1282.292450][ T1260] kfree_const+0x55/0x60 [ 1282.292481][ T1260] kobject_put+0x20b/0x5a0 [ 1282.292503][ T1260] netdev_run_todo+0x7e9/0x1320 [ 1282.292527][ T1260] ops_undo_list+0x901/0xab0 [ 1282.292547][ T1260] cleanup_net+0x41b/0x8b0 [ 1282.292569][ T1260] process_one_work+0x9cf/0x1b70 [ 1282.292596][ T1260] worker_thread+0x6c8/0xf10 [ 1282.292622][ T1260] kthread+0x3c5/0x780 [ 1282.292646][ T1260] ret_from_fork+0x675/0x7d0 [ 1282.292673][ T1260] ret_from_fork_asm+0x1a/0x30 [ 1282.292698][ T1260] [ 1282.292705][ T1260] The buggy address belongs to the object at ffff888028925140 [ 1282.292705][ T1260] which belongs to the cache kmalloc-8 of size 8 [ 1282.292752][ T1260] The buggy address is located 10 bytes to the right of [ 1282.292752][ T1260] allocated 8-byte region [ffff888028925140, ffff888028925148) [ 1282.292781][ T1260] [ 1282.292789][ T1260] The buggy address belongs to the physical page: [ 1282.292802][ T1260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28925 [ 1282.292826][ T1260] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 1282.292846][ T1260] page_type: f5(slab) [ 1282.292870][ T1260] raw: 00fff00000000000 ffff88813ffa6500 dead000000000100 dead000000000122 [ 1282.292895][ T1260] raw: 0000000000000000 0000000000800080 00000000f5000000 0000000000000000 [ 1282.292911][ T1260] page dumped because: kasan: bad access detected [ 1282.292924][ T1260] page_owner tracks the page as allocated [ 1282.292934][ T1260] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 13574886856, free_ts 0 [ 1282.292977][ T1260] post_alloc_hook+0x1c0/0x230 [ 1282.293006][ T1260] get_page_from_freelist+0x10a3/0x3a30 [ 1282.293039][ T1260] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 1282.293081][ T1260] alloc_pages_mpol+0x1fb/0x550 [ 1282.293106][ T1260] new_slab+0x24a/0x360 [ 1282.293134][ T1260] ___slab_alloc+0xdc4/0x1ae0 [ 1282.293162][ T1260] __slab_alloc.constprop.0+0x63/0x110 [ 1282.293191][ T1260] __kmalloc_node_track_caller_noprof+0x4db/0x8a0 [ 1282.293228][ T1260] kvasprintf+0xbc/0x160 [ 1282.293253][ T1260] kvasprintf_const+0x66/0x1a0 [ 1282.293279][ T1260] kobject_set_name_vargs+0x5a/0x140 [ 1282.293305][ T1260] dev_set_name+0xc7/0x100 [ 1282.293331][ T1260] usb_create_ep_devs+0x158/0x2b0 [ 1282.293357][ T1260] create_intf_ep_devs.isra.0+0x161/0x200 [ 1282.293394][ T1260] usb_set_configuration+0x11a7/0x1e20 [ 1282.293419][ T1260] usb_generic_driver_probe+0xb1/0x110 [ 1282.293454][ T1260] page_owner free stack trace missing [ 1282.293463][ T1260] [ 1282.293470][ T1260] Memory state around the buggy address: [ 1282.293483][ T1260] ffff888028925000: 06 fc fc fc 06 fc fc fc 06 fc fc fc 06 fc fc fc [ 1282.293500][ T1260] ffff888028925080: 06 fc fc fc 00 fc fc fc 00 fc fc fc 00 fc fc fc [ 1282.293520][ T1260] >ffff888028925100: 06 fc fc fc 05 fc fc fc fa fc fc fc 00 fc fc fc [ 1282.293534][ T1260] ^ [ 1282.293548][ T1260] ffff888028925180: 06 fc fc fc 06 fc fc fc 04 fc fc fc fa fc fc fc [ 1282.293567][ T1260] ffff888028925200: fa fc fc fc 06 fc fc fc 05 fc fc fc 05 fc fc fc [ 1282.293581][ T1260] ================================================================== [ 1282.293597][ T1260] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1282.293619][ T1260] CPU: 1 UID: 0 PID: 1260 Comm: syz.1.5881 Tainted: G U syzkaller #0 PREEMPT(full) [ 1282.293657][ T1260] Tainted: [U]=USER [ 1282.293667][ T1260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1282.293685][ T1260] Call Trace: [ 1282.293695][ T1260] [ 1282.293706][ T1260] dump_stack_lvl+0x3d/0x1f0 [ 1282.293747][ T1260] vpanic+0x640/0x6f0 [ 1282.293778][ T1260] panic+0xca/0xd0 [ 1282.293803][ T1260] ? __pfx_panic+0x10/0x10 [ 1282.293838][ T1260] check_panic_on_warn+0xab/0xb0 [ 1282.293867][ T1260] end_report+0x107/0x170 [ 1282.293891][ T1260] kasan_report+0xee/0x110 [ 1282.293918][ T1260] ? fbcon_prepare_logo+0xa03/0xc70 [ 1282.293964][ T1260] kasan_check_range+0x100/0x1b0 [ 1282.293995][ T1260] __asan_memcpy+0x23/0x60 [ 1282.294028][ T1260] fbcon_prepare_logo+0xa03/0xc70 [ 1282.294084][ T1260] fbcon_init+0xd77/0x1900 [ 1282.294126][ T1260] visual_init+0x320/0x620 [ 1282.294151][ T1260] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1282.294187][ T1260] store_bind+0x61d/0x760 [ 1282.294216][ T1260] ? sysfs_file_kobj+0xe4/0x290 [ 1282.294253][ T1260] ? __pfx_store_bind+0x10/0x10 [ 1282.294280][ T1260] dev_attr_store+0x58/0x80 [ 1282.294319][ T1260] ? __pfx_dev_attr_store+0x10/0x10 [ 1282.294358][ T1260] sysfs_kf_write+0xf2/0x150 [ 1282.294394][ T1260] kernfs_fop_write_iter+0x3af/0x570 [ 1282.294424][ T1260] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1282.294460][ T1260] iter_file_splice_write+0xa24/0x12e0 [ 1282.294507][ T1260] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1282.294545][ T1260] ? __pfx_copy_splice_read+0x10/0x10 [ 1282.294585][ T1260] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1282.294623][ T1260] direct_splice_actor+0x192/0x6c0 [ 1282.294659][ T1260] splice_direct_to_actor+0x345/0xa30 [ 1282.294694][ T1260] ? __pfx_direct_splice_actor+0x10/0x10 [ 1282.294731][ T1260] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1282.294771][ T1260] do_splice_direct+0x174/0x240 [ 1282.294803][ T1260] ? __pfx_do_splice_direct+0x10/0x10 [ 1282.294835][ T1260] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1282.294872][ T1260] ? rw_verify_area+0xcf/0x6c0 [ 1282.294906][ T1260] do_sendfile+0xb06/0xe50 [ 1282.294943][ T1260] ? __pfx_do_sendfile+0x10/0x10 [ 1282.294980][ T1260] ? __x64_sys_futex+0x1e0/0x4c0 [ 1282.295008][ T1260] ? __x64_sys_futex+0x1e9/0x4c0 [ 1282.295037][ T1260] __x64_sys_sendfile64+0x1d8/0x220 [ 1282.295073][ T1260] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1282.295107][ T1260] do_syscall_64+0xcd/0xfa0 [ 1282.295149][ T1260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1282.295177][ T1260] RIP: 0033:0x7f3fa018efc9 [ 1282.295200][ T1260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1282.295230][ T1260] RSP: 002b:00007f3fa1100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1282.295258][ T1260] RAX: ffffffffffffffda RBX: 00007f3fa03e5fa0 RCX: 00007f3fa018efc9 [ 1282.295278][ T1260] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000003 [ 1282.295295][ T1260] RBP: 00007f3fa0211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1282.295313][ T1260] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1282.295331][ T1260] R13: 00007f3fa03e6038 R14: 00007f3fa03e5fa0 R15: 00007ffcc3b1d2d8 [ 1282.295359][ T1260] [ 1282.295619][ T1260] Kernel Offset: disabled