last executing test programs: 15.292197877s ago: executing program 1 (id=9751): socket$nl_generic(0x10, 0x3, 0x10) socket(0x22, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) socket(0xa, 0x2, 0x3a) ustat$auto(0x801, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) socket(0x11, 0x80003, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0xc6, 0x3, 0xfff, &(0x7f0000000000)=0x1) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, r0, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x14, 0x0, 0x4) sendmmsg$auto(r0, &(0x7f0000000400)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1060}, 0x5}, 0x2, 0x100) 13.702338732s ago: executing program 1 (id=9758): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101c40, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x541c, r1) socket(0x11, 0x3, 0xfffff958) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) ioctl$auto_MEMGETBADBLOCK(0xffffffffffffffff, 0x40084d0b, &(0x7f0000000040)=0x7) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x200007, 0x19) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x10001) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000240)={0x0, 0x7}, 0x2) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) 12.800702985s ago: executing program 3 (id=9761): r0 = epoll_create1$auto(0x9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(r0, 0x8, 0xffffffbf) r3 = ioctl$auto_NS_GET_TGID_IN_PIDNS(r0, 0x8004b709, &(0x7f0000000000)=0x10000) fstat$auto(r0, &(0x7f0000000040)={0x3, 0x400000, 0x0, 0x8, 0xee00, 0xee01, 0x0, 0x5, 0x3, 0x3, 0x7, 0x3, 0x3, 0x1ff, 0x4, 0x8, 0x51b}) pidfd_send_signal$auto_PIDFD_SIGNAL_PROCESS_GROUP(r0, 0x5b, &(0x7f0000000180)={@siginfo_0_0={0x7ff, 0x6, 0xfff, @_sigchld={r3, r4, 0x6, 0x8000, 0x401}}}, 0x4) close_range$auto(r0, r0, 0xd3) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/per_cpu/cpu0/trace\x00', 0x1a6b75d638828712, 0x0) 11.665967375s ago: executing program 0 (id=9762): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) write$auto_rb_simple_fops_trace(r2, &(0x7f0000000400)="416d23c22541f392ef9b29d44df98e49351b85c809c512284e46d404b144e21f1cd36a6c392840705d211b60c62a4b37d84c130c3f0cb3c5aacb4fb3724283c2c9915c78ac66f4de3ba2491f6bffc7fb0154f97b2e64c83f7eb1d9c3996d9489f485c5f4b008f906a770b540ded75019a985c451efe9b25ecd2c5844cc9083fb48cb600caa37d436794f907fc49ff7188239ce1bfac93bc822997943305444c5d5a71d76a86b68eb84c734c9e46a5d6da75edad04b8cd8db9276d05b258c5c3ce7f5eea45c6cbb4cabceba17b029d7c31c1a3472a72c594e86479c0eb25e93fc6e5738277af8d016a93599ab517b9ecec4a861e4da971794a5997c46", 0xfc) syz_genetlink_get_family_id$auto_nl80211(0x0, r3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r4 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = socket(0x15, 0x5, 0x0) getsockopt$auto(r5, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) 11.46850996s ago: executing program 3 (id=9763): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 11.33545979s ago: executing program 2 (id=9764): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/lockd/parameters/nlm_tcpport\x00', 0xc2481, 0x0) unshare$auto(0x40000080) r0 = socket(0xa, 0x5, 0x0) mmap$auto(0x4, 0xa020009, 0x3, 0xeb1, r0, 0x7ffe) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/machinecheck/machinecheck0/cmci_disabled\x00', 0x2062, 0x0) socket(0x15, 0x5, 0x0) sendfile$auto(r1, 0xffffffffffffffff, 0x0, 0x800) write$auto(0xffffffffffffffff, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) poll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0xfff7, 0x9816}, 0x7f, 0x9) migrate_pages$auto(0x0, 0xa, &(0x7f00000000c0)=0x52a6, &(0x7f0000000140)=0x2) ioctl$auto_VHOST_SET_LOG_FD2(0xffffffffffffffff, 0x4004af07, &(0x7f00000003c0)) unshare$auto(0x2) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/mcfilter6\x00', 0x103440, 0x0) pread64$auto(r2, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) 10.418834539s ago: executing program 3 (id=9765): openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x1, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24048801}, 0x40885) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x4611, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe\x00', 0x20100, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) close_range$auto(0x2, 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/module/i915/parameters/mitigations\x00', 0x88302, 0x0) 9.344496129s ago: executing program 3 (id=9766): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/mempolicy/weighted_interleave/node0\x00', 0xc2082, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone3(&(0x7f0000000100)={0x2100000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r1, 0x400, 0x1) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) sendmsg$auto_NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x70e27561f46c4c99}, 0x88e1) bind$auto(r0, &(0x7f0000000040)=@sco, 0x80) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000013c0), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_BIND_RX(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000001440)={0x14, r2, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001140), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x24, r3, 0x1, 0x70bd29, 0x25dfdbfb, {0x2, 0x0, 0x14}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x6}]}, 0x24}, 0x1, 0x1400, 0x0, 0x80}, 0x20000084) r6 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r6, 0x0, 0x1f40) r7 = openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0) writev$auto(r7, &(0x7f0000000200)={0x0, 0x9}, 0xa) 7.969141927s ago: executing program 0 (id=9767): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) write$auto(0x3, 0x0, 0xffd8) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r0 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x2000800) connect$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) 7.275499289s ago: executing program 1 (id=9768): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x1e, 0x1, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) r2 = getpid() process_vm_readv$auto(r2, 0x0, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) write$auto(r3, &(0x7f0000000300)='N\x00\x1c\x84\x04Y\x03\b\xc7k\x00\x00\x00\x00|x\xc8\v\xa3\"\xd7kp\\\xb8\xe1\x81\xdaR\xbc\xd0\xa0\xa1;l\x7f\x85D\r\x893_\xd4\xdf\xa5\xe6Vg\x8c\xce\f\xfa\xf3;\xed\xbd\xf8y\xb8\x92\xac\x97\xcb#\xd0R\x9a{\x02wCJ\r8\x11\v7\r\x82#\xd1\xc1\x9djK\x7f\xd7y@\v#\xfc)\x06\x9a\x81\x7fIz\x825\v \xdd\xb2<\xa9\xd1\x7f\xbfw\xfeq\xc9\xce\x86\x04\xe2j\x86\xf3\xd1\x85\xd9\x9e\x19\x1c\x9a\xa4\xcd\xbb\xd3\x99\xeb\x16\x0e\xde>\x10\x88{\xb1\xc4\xe0\x97\x92\xabd \xfdGsxA\x84\xfco\a\x1a\x94u\xe5\xe0%>\a\xaa\xf9kwwdb\xd0\xa0', 0x7ff) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x1000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 6.89129527s ago: executing program 3 (id=9769): openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x41a900, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000003640)='/proc/self/numa_maps\x00', 0x40080, 0x0) unshare$auto(0x1) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x1) r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents64$auto(r1, 0x0, 0x40002) getdents64$auto(r1, 0x0, 0x400) lseek$auto(r0, 0x7ff, 0x1) epoll_create1$auto(0x3) 6.248465993s ago: executing program 2 (id=9770): openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x4400, 0x0) 5.999440341s ago: executing program 1 (id=9771): r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) close_range$auto(0x2, r1, 0x0) socket(0xa, 0x5, 0x0) socket(0x11, 0x80003, 0x1d12) socket(0x2, 0x1, 0x0) ioctl$auto_FIGETBSZ(r0, 0x2, 0x81) setsockopt$auto(0x400000000000003, 0x29, 0xd3, 0x0, 0x567) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) r2 = socket(0x2, 0x1, 0x0) bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a) mmap$auto(0x0, 0x5, 0x9, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x2, 0x7) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x6, 0x20000000) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/cifsFYI\x00', 0x40c01, 0x0) write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(0x3, 0x0, 0x100082) close_range$auto(0x2, 0x8, 0x0) 5.974054369s ago: executing program 2 (id=9772): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) socket(0x11, 0x80003, 0x300) socket(0x1d, 0x2, 0x7) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) 5.397671338s ago: executing program 2 (id=9773): mmap$auto(0xfffffffffffffffe, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/time_for_children\x00') mmap$auto(0x0, 0x80004, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = socket(0x15, 0x5, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event_pid\x00', 0x22b01, 0x0) sendmsg$auto(r1, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) keyctl$auto(0x6, 0xfffffffffffffffd, 0xee01, 0x0, 0xfff) mprotect$auto(0x110c230000, 0x41, 0xc) unshare$auto(0x40000080) mremap$auto(0x0, 0xbfffffffffffffff, 0x401, 0x0, 0x7fffffffb000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) unshare$auto(0x40000080) 5.304644318s ago: executing program 0 (id=9774): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x242, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x800, 0x0) socket(0x2a, 0x2, 0x1) r0 = socket(0x28, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) prctl$auto_PR_SYS_DISPATCH_OFF(0x7c9dc94c, 0x0, 0xffffffffffffffff, 0x4, 0xffffffffffffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0) r4 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0) sendmsg$auto_NFC_CMD_ENABLE_SE(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r4, 0x100, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040}, 0x4004c) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r2, 0xc048aeca, 0x0) 5.268169241s ago: executing program 1 (id=9775): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/ping_group_range\x00', 0x202, 0x0) timer_create$auto_CLOCK_TAI(0xb, 0x0, &(0x7f0000000200)=0xfb) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0) setsockopt$auto_SO_BUSY_POLL(r0, 0x7, 0x2e, &(0x7f00000000c0)='\x00', 0x6) add_key$auto_KEY_SPEC_GROUP_KEYRING(&(0x7f0000001240)='.)},]+o)@}/^p,/\x00', 0x0, 0x0, 0x3, 0xfffffffffffffffa) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth1_macvtap/ioam6_id_wide\x00', 0x169002, 0x0) read$auto(r1, 0x0, 0x1ff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/erspan0/queues/tx-0/byte_queue_limits/hold_time\x00', 0x2, 0x0) write$auto(r2, &(0x7f0000000000)='][.\x1f![%\x00', 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) pwritev$auto(r3, 0x0, 0x4, 0xcee, 0x18a) unshare$auto(0x40000080) 4.645542702s ago: executing program 0 (id=9776): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r0, &(0x7f0000000180)={{&(0x7f0000000040), 0x200001, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x8000005}, 0x3b8b, 0xa) ioctl$auto(0x3, 0x80000541b, 0x38) mmap$auto(0x0, 0x0, 0xdd, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) socket(0x1, 0x2, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) io_uring_setup$auto(0x1d48, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/ram6/queue/max_hw_sectors_kb\x00', 0x80000, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x1007}, 0x4) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(r1, 0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) 3.641817494s ago: executing program 0 (id=9777): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x2, 0x0) setresuid$auto(0xfffffffffffffffd, 0xfdffffffffffffff, 0xffffffffffffffff) setresuid$auto(0x0, 0x2, 0x0) ppoll$auto(&(0x7f0000000140)={r0, 0x7, 0x4}, 0x7f, 0x0, 0x0, 0x8) madvise$auto(0x0, 0xffffffffffff0001, 0x15) write$auto(0x3, 0x0, 0xfdef) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sr0\x00', 0x8ee46, 0x0) mmap$auto(0x0, 0x10000, 0xde, 0x11, r2, 0x28000) getsockopt$auto_SO_LOCK_FILTER(r2, 0x4, 0x2c, &(0x7f0000000040)='+\x00', &(0x7f00000000c0)=0x1) madvise$auto(0x0, 0x400053, 0x9) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x169000, 0x0) sysfs$auto(0x2, 0x17, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) syz_clone3(0x0, 0x0) 550.945461ms ago: executing program 2 (id=9778): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mknod$auto(0x0, 0x1001, 0x8) ioctl$auto_BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mtd/mtd0/bitflip_threshold\x00', 0x2062, 0x0) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0xc000) syz_clone(0x80010000, 0x0, 0x0, &(0x7f00000007c0), 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20681, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xf1b, 0x10, 0x0, 0x7f, 0xfffe, r1, 0x97, "33ee9b00", 0x0, 0xffffffffffffffff, 0x2, 0x12, 0x1000, 0x100000000, r0}, 0x12) getpgid$auto(0x0) sendmsg$auto_IPVS_CMD_SET_SERVICE(0xffffffffffffffff, 0x0, 0x0) socket(0x2, 0x80002, 0x73) mmap$auto(0x3, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x2, 0x0) r2 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x8203, 0x0) unshare$auto(0x9) ioctl$auto(r2, 0x80046f45, 0x38) prctl$auto_PR_SET_CHILD_SUBREAPER(0x24, 0x0, 0x2, 0x5, 0x64) 455.646104ms ago: executing program 1 (id=9779): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f0000000100)='./file0/file0\x00', 0x222c0, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/filesystems\x00', 0x1c9802, 0x0) pread64$auto(r1, 0x0, 0x100000001, 0x100) fcntl$auto(r0, 0x400, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x5, 0x84) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000300)={{@raw=0x6, 0x0, 0x8001, 0x2, "da14cf93e7670976d4df4660872c34e34ab92824711bacf3578dcec408cf5180d03a4d126edb3169db6d48ac"}, 0x1, @iec958={"28f6a86309b1e098a7dfa272f95c4c28615313f81f02a4eb", "77a2e9b1b0224a8ef0ac25ff0db0b6ec20c55cccbf4e9b253241777363b62fbe19f64f49f5ed0205399a691cb53e4086d6ec9dcbc5173fee439c2db7f3d5f2d4dd2a267a11e3c0cc771cdddef6bdb02a85cf5ea2ecc26fa3fe291d1e45404619547117c0d45a0de14bc3b9c22d705152efa9d2cfb220c6210dd7606723fb4d6d8ea3e197b19203c65d90e3c761870cbd392bea", 0x0, "e8134be5"}, "a8949c7d9c57acd66da4c5f111166031ad47ebfed172b36a28d7b0204e3a90e9a6c41064df45da18212d9c4e61a29b8146bd0c0284d89751eb5c58cb32c2abf739599063c9a0820f08f1c1b3645f00006dcd033a712822785eeb6a2c41b6d7c00f5e965c1d0000000000000000000000000400"}) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r2, 0x0, 0x1ff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000800)={{@raw=0x1, 0x2a, 0x9, 0x8, "1fb8c66db3341cdd7c59af17e7b614aa3afcdeb461cadda10426d44d78a6ba746186ca630a6da69ee86ab53f"}, 0x5, 0x4, 0x5, @raw=0x7177, @integer64={0x4, 0xffffffffffff7b36, 0xa}, "cba6172b3efc8e802148850d899c7344d921d6500e1df65334791ec480e1f7d57f372e3ab8a1a0d9984325bf99e346b18bc1fd824548a13ab3cd10995fd5417b"}) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0x84, &(0x7f0000000080)={0x7fffffff, 0xd, 0x83000, 0x8000006, 0x4, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0xcb32dd6, 0x8c48, 0x29f, 0x100, 0x77fffffe, 0x101, 0xb0d, 0x3}, {0x100, 0x1, 0x20000052, 0x1, 0x2, 0x40, 0xc4, 0xb, 0x100000000}}) 441.450851ms ago: executing program 3 (id=9780): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2000000008000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x20, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) socket(0x2, 0x5, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0x15, 0x5, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, r0, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f6) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000180)={0x80040, 0x40, 0xc}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000000)={{0x0, 0x8, 0x0, 0x106, 0x0, 0x1, 0xfffffff3}, 0xed7138c}, 0x7, 0x0) r3 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r3, @new_prog_fd=0x4, 0x4, @old_map_fd=r1}, 0xa8) 15.920646ms ago: executing program 0 (id=9781): unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0xffffffffffffffff, 0xb, 0x24, 0x0, 0x9) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) setfsuid$auto(0xee00) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xf15a}, 0x6, 0x8, 0x5) write$auto(0x3, 0x0, 0xffd8) epoll_create$auto(0x3e) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) fadvise64$auto_POSIX_FADV_DONTNEED(r0, 0x6, 0x1800000000000000, 0x4) r1 = socketpair$auto(0x1f, 0x5, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000200) 0s ago: executing program 2 (id=9782): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x12b742, 0x0) msgctl$auto(0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0xffffffffffffffff, 0x8, 0x2) r1 = prctl$auto_PR_SYS_DISPATCH_ON(0x3, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000080)='/dev/usbmon0\x00', 0x200) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) r2 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0) mmap$auto(0x800000, 0x7, 0x1, 0x8400000008011, r2, 0x80000000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x6bbb) unshare$auto(0x40000080) write$auto(0xca, 0x0, 0x7f) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x282, 0x0) fdatasync$auto(r0) kernel console output (not intermixed with test programs): `syz.3.8511'. [ 1284.062199][T29951] netlink: 62 bytes leftover after parsing attributes in process `syz.3.8511'. [ 1284.371102][T29951] netlink: 62 bytes leftover after parsing attributes in process `syz.3.8511'. [ 1284.500352][T29951] netlink: 62 bytes leftover after parsing attributes in process `syz.3.8511'. [ 1284.672012][T29951] netlink: 62 bytes leftover after parsing attributes in process `syz.3.8511'. [ 1284.817993][T29951] netlink: 62 bytes leftover after parsing attributes in process `syz.3.8511'. [ 1285.031173][T29951] netlink: 62 bytes leftover after parsing attributes in process `syz.3.8511'. [ 1285.137950][T29973] netlink: 13 bytes leftover after parsing attributes in process `syz.0.8520'. [ 1285.183146][T29951] netlink: 62 bytes leftover after parsing attributes in process `syz.3.8511'. [ 1285.333149][T29951] netlink: 62 bytes leftover after parsing attributes in process `syz.3.8511'. [ 1289.498743][T30023] mkiss: ax0: crc mode is auto. [ 1289.949206][T30030] binder: 30029:30030 ioctl c018620b 0 returned -14 [ 1291.351285][T30046] __nla_validate_parse: 5 callbacks suppressed [ 1291.351301][T30046] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8541'. [ 1291.485927][T30051] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8544'. [ 1291.597451][T30051] netlink: 354 bytes leftover after parsing attributes in process `syz.0.8544'. [ 1291.611675][T30053] No such timeout policy "" [ 1291.671846][T30053] netlink: Failed to associated timeout policy '' [ 1291.912991][T30046] bridge_slave_0: left allmulticast mode [ 1291.955073][T30046] bridge_slave_0: left promiscuous mode [ 1292.075916][T30046] bridge0: port 1(bridge_slave_0) entered disabled state [ 1294.353213][ T29] audit: type=1800 audit(4294967418.730:28): pid=30079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.8551" name="dummy_udc" dev="gadgetfs" ino=6682 res=0 errno=0 [ 1294.385432][T30079] netlink: 'syz.2.8551': attribute type 1 has an invalid length. [ 1294.444584][T30079] netlink: 'syz.2.8551': attribute type 6 has an invalid length. [ 1296.264544][T30100] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8557'. [ 1299.230643][T30119] Process accounting resumed [ 1300.386368][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.392769][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1300.737513][T30145] netlink: 252 bytes leftover after parsing attributes in process `syz.2.8573'. [ 1300.815643][T30145] netlink: 252 bytes leftover after parsing attributes in process `syz.2.8573'. [ 1300.897532][T30143] netlink: 186 bytes leftover after parsing attributes in process `syz.1.8572'. [ 1300.966785][T30143] netlink: 186 bytes leftover after parsing attributes in process `syz.1.8572'. [ 1301.562101][T26382] Bluetooth: hci2: unexpected subevent 0x03 length: 253 > 9 [ 1303.559650][T30175] random: crng reseeded on system resumption [ 1304.010367][T20804] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 1304.383258][T26382] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1306.859863][T30211] RDS: rds_bind could not find a transport for ::ffff:172.20.20.35, load rds_tcp or rds_rdma? [ 1307.934128][T26382] Bluetooth: hci0: unexpected subevent 0x03 length: 253 > 9 [ 1309.313572][T30235] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8598'. [ 1310.784371][T20804] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1313.574259][T30277] ima: policy update failed [ 1313.579052][ T29] audit: type=1802 audit(4294967437.960:29): pid=30277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.8612" res=0 errno=0 [ 1313.695222][T30278] netlink: 'syz.2.8611': attribute type 10 has an invalid length. [ 1313.785703][T30278] netlink: 330 bytes leftover after parsing attributes in process `syz.2.8611'. [ 1314.218541][T30287] FAULT_INJECTION: forcing a failure. [ 1314.218541][T30287] name failslab, interval 1, probability 0, space 0, times 0 [ 1314.432979][T30287] CPU: 0 UID: 0 PID: 30287 Comm: syz.1.8613 Tainted: G L syzkaller #0 PREEMPT(full) [ 1314.433007][T30287] Tainted: [L]=SOFTLOCKUP [ 1314.433013][T30287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1314.433024][T30287] Call Trace: [ 1314.433030][T30287] [ 1314.433037][T30287] dump_stack_lvl+0x100/0x190 [ 1314.433068][T30287] should_fail_ex.cold+0x5/0xa [ 1314.433088][T30287] should_failslab+0xc2/0x120 [ 1314.433105][T30287] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1314.433126][T30287] ? percpu_ref_init+0xec/0x3f0 [ 1314.433148][T30287] ? __pfx_blk_queue_usage_counter_release+0x10/0x10 [ 1314.433171][T30287] percpu_ref_init+0xec/0x3f0 [ 1314.433193][T30287] blk_alloc_queue+0x574/0x790 [ 1314.433211][T30287] __blk_alloc_disk+0xa0/0x170 [ 1314.433231][T30287] ? __pfx___blk_alloc_disk+0x10/0x10 [ 1314.433262][T30287] ? __pfx_idr_alloc+0x10/0x10 [ 1314.433284][T30287] ? lockdep_init_map_type+0x5c/0x250 [ 1314.433306][T30287] ? __raw_spin_lock_init+0x3a/0x110 [ 1314.433330][T30287] ? __pfx_hot_add_show+0x10/0x10 [ 1314.433349][T30287] zram_add+0x1bf/0x610 [ 1314.433367][T30287] ? __pfx_zram_add+0x10/0x10 [ 1314.433397][T30287] ? find_held_lock+0x2b/0x80 [ 1314.433428][T30287] ? sysfs_file_kobj+0xe4/0x290 [ 1314.433452][T30287] ? __pfx_hot_add_show+0x10/0x10 [ 1314.433472][T30287] hot_add_show+0x21/0x80 [ 1314.433497][T30287] class_attr_show+0x72/0xa0 [ 1314.433514][T30287] ? __pfx_class_attr_show+0x10/0x10 [ 1314.433529][T30287] sysfs_kf_seq_show+0x217/0x3a0 [ 1314.433555][T30287] seq_read_iter+0x32f/0x1270 [ 1314.433578][T30287] kernfs_fop_read_iter+0x46c/0x610 [ 1314.433598][T30287] ? rw_verify_area+0xce/0x6d0 [ 1314.433620][T30287] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 1314.433641][T30287] vfs_read+0x825/0xb30 [ 1314.433658][T30287] ? __pfx_vfs_read+0x10/0x10 [ 1314.433685][T30287] ksys_read+0x12a/0x250 [ 1314.433699][T30287] ? __pfx_ksys_read+0x10/0x10 [ 1314.433719][T30287] do_syscall_64+0x10b/0xf80 [ 1314.433734][T30287] ? clear_bhb_loop+0x40/0x90 [ 1314.433752][T30287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1314.433769][T30287] RIP: 0033:0x7fbf4e59c819 [ 1314.433783][T30287] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1314.433799][T30287] RSP: 002b:00007fbf4f516028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1314.433815][T30287] RAX: ffffffffffffffda RBX: 00007fbf4e816090 RCX: 00007fbf4e59c819 [ 1314.433825][T30287] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000005 [ 1314.433835][T30287] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1314.433844][T30287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1314.433854][T30287] R13: 00007fbf4e816128 R14: 00007fbf4e816090 R15: 00007ffe9fdd5f08 [ 1314.433875][T30287] [ 1314.433944][T30287] zram: Error allocating disk structure for device 0 [ 1315.483099][T30297] netlink: 'syz.3.8617': attribute type 5 has an invalid length. [ 1315.490961][T30297] netlink: 'syz.3.8617': attribute type 1 has an invalid length. [ 1315.613057][T30297] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8617'. [ 1315.665396][T30301] netlink: 'syz.3.8617': attribute type 5 has an invalid length. [ 1315.736363][T30301] netlink: 'syz.3.8617': attribute type 1 has an invalid length. [ 1315.771990][T30301] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8617'. [ 1317.411771][T30308] zswap: compressor not available [ 1317.627412][T30316] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8623'. [ 1317.705682][T30322] netlink: 13 bytes leftover after parsing attributes in process `syz.1.8623'. [ 1318.734384][T30336] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8630'. [ 1319.561470][T20804] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 1319.890607][T30357] ima: policy update failed [ 1319.992217][ T29] audit: type=1802 audit(4294967444.370:30): pid=30357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.8636" res=0 errno=0 [ 1326.797996][T20804] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 1326.992868][T30421] ima: policy update failed [ 1327.031949][ T29] audit: type=1802 audit(4294967451.410:31): pid=30421 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.8651" res=0 errno=0 [ 1328.434916][T30433] ERROR: Out of memory at tomoyo_memory_ok. [ 1328.535598][T30430] ERROR: Out of memory at tomoyo_memory_ok. [ 1329.115207][T30443] netlink: 186 bytes leftover after parsing attributes in process `syz.2.8657'. [ 1329.374872][T30440] netlink: 186 bytes leftover after parsing attributes in process `syz.2.8657'. [ 1329.639193][T30446] netlink: 252 bytes leftover after parsing attributes in process `syz.3.8659'. [ 1329.745740][T30446] netlink: 252 bytes leftover after parsing attributes in process `syz.3.8659'. [ 1330.060840][T30449] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8668'. [ 1330.194857][T30434] Process accounting paused [ 1330.200259][T30449] bond0: (slave bond_slave_1): Releasing backup interface [ 1330.943937][T20804] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 1333.665737][T30492] FAULT_INJECTION: forcing a failure. [ 1333.665737][T30492] name failslab, interval 1, probability 0, space 0, times 0 [ 1333.776796][T30492] CPU: 0 UID: 0 PID: 30492 Comm: syz.1.8672 Tainted: G L syzkaller #0 PREEMPT(full) [ 1333.776825][T30492] Tainted: [L]=SOFTLOCKUP [ 1333.776831][T30492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1333.776841][T30492] Call Trace: [ 1333.776848][T30492] [ 1333.776855][T30492] dump_stack_lvl+0x100/0x190 [ 1333.776884][T30492] should_fail_ex.cold+0x5/0xa [ 1333.776904][T30492] should_failslab+0xc2/0x120 [ 1333.776922][T30492] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1333.776943][T30492] ? blk_alloc_queue_stats+0x3f/0x110 [ 1333.776964][T30492] ? kmem_cache_alloc_node_noprof+0x2a9/0x6f0 [ 1333.776988][T30492] ? blk_alloc_queue+0x31/0x790 [ 1333.777005][T30492] blk_alloc_queue_stats+0x3f/0x110 [ 1333.777028][T30492] blk_alloc_queue+0xda/0x790 [ 1333.777044][T30492] blk_mq_alloc_queue+0x174/0x290 [ 1333.777063][T30492] ? __pfx_blk_mq_alloc_queue+0x10/0x10 [ 1333.777095][T30492] ? blk_mq_alloc_tag_set+0xe2c/0x1330 [ 1333.777119][T30492] __blk_mq_alloc_disk+0x29/0x120 [ 1333.777138][T30492] loop_add+0x498/0xb60 [ 1333.777157][T30492] ? __pfx_loop_add+0x10/0x10 [ 1333.777187][T30492] ? find_held_lock+0x2b/0x80 [ 1333.777202][T30492] ? __fget_files+0x215/0x3d0 [ 1333.777220][T30492] loop_control_ioctl+0xae/0x620 [ 1333.777239][T30492] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1333.777261][T30492] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1333.777282][T30492] __x64_sys_ioctl+0x18e/0x210 [ 1333.777306][T30492] do_syscall_64+0x10b/0xf80 [ 1333.777320][T30492] ? clear_bhb_loop+0x40/0x90 [ 1333.777338][T30492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1333.777354][T30492] RIP: 0033:0x7fbf4e59c819 [ 1333.777369][T30492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1333.777383][T30492] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1333.777398][T30492] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1333.777408][T30492] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000009 [ 1333.777418][T30492] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1333.777427][T30492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1333.777437][T30492] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1333.777457][T30492] [ 1340.397214][T30577] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 1342.852114][T30596] FAULT_INJECTION: forcing a failure. [ 1342.852114][T30596] name failslab, interval 1, probability 0, space 0, times 0 [ 1343.033168][T30596] CPU: 0 UID: 0 PID: 30596 Comm: syz.0.8694 Tainted: G L syzkaller #0 PREEMPT(full) [ 1343.033197][T30596] Tainted: [L]=SOFTLOCKUP [ 1343.033203][T30596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1343.033213][T30596] Call Trace: [ 1343.033219][T30596] [ 1343.033227][T30596] dump_stack_lvl+0x100/0x190 [ 1343.033256][T30596] should_fail_ex.cold+0x5/0xa [ 1343.033277][T30596] ? __register_sysctl_table+0xbe4/0x1650 [ 1343.033296][T30596] should_failslab+0xc2/0x120 [ 1343.033314][T30596] __kmalloc_noprof+0xe0/0x850 [ 1343.033341][T30596] __register_sysctl_table+0xbe4/0x1650 [ 1343.033363][T30596] ? __pfx___register_sysctl_table+0x10/0x10 [ 1343.033381][T30596] ? is_module_address+0x69/0xf0 [ 1343.033400][T30596] ? register_net_sysctl_sz+0x222/0x430 [ 1343.033418][T30596] ? __asan_memcpy+0x3c/0x60 [ 1343.033441][T30596] sctp_sysctl_net_register+0x15e/0x200 [ 1343.033467][T30596] ? __pfx_sctp_defaults_init+0x10/0x10 [ 1343.033491][T30596] sctp_defaults_init+0x6d2/0xd90 [ 1343.033515][T30596] ? __pfx_sctp_defaults_init+0x10/0x10 [ 1343.033538][T30596] ops_init+0x1e2/0x5f0 [ 1343.033564][T30596] setup_net+0x118/0x3a0 [ 1343.033578][T30596] ? __pfx_setup_net+0x10/0x10 [ 1343.033591][T30596] ? lockdep_init_map_type+0x5c/0x250 [ 1343.033612][T30596] ? mutex_init_lockep+0x110/0x150 [ 1343.033637][T30596] copy_net_ns+0x46f/0x7c0 [ 1343.033654][T30596] create_new_namespaces+0x3ea/0xac0 [ 1343.033675][T30596] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1343.033704][T30596] ksys_unshare+0x473/0xad0 [ 1343.033726][T30596] ? __pfx_ksys_unshare+0x10/0x10 [ 1343.033754][T30596] __x64_sys_unshare+0x31/0x40 [ 1343.033773][T30596] do_syscall_64+0x10b/0xf80 [ 1343.033787][T30596] ? clear_bhb_loop+0x40/0x90 [ 1343.033805][T30596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1343.033821][T30596] RIP: 0033:0x7fb541b9c819 [ 1343.033835][T30596] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1343.033850][T30596] RSP: 002b:00007fb542a88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1343.033865][T30596] RAX: ffffffffffffffda RBX: 00007fb541e15fa0 RCX: 00007fb541b9c819 [ 1343.033875][T30596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1343.033884][T30596] RBP: 00007fb541c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1343.033893][T30596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1343.033902][T30596] R13: 00007fb541e16038 R14: 00007fb541e15fa0 R15: 00007fff346f1c28 [ 1343.033922][T30596] [ 1343.033929][T30596] sysctl could not get directory: /net/sctp -12 [ 1343.485232][T30603] netlink: 354 bytes leftover after parsing attributes in process `syz.2.8698'. [ 1343.734136][T30609] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8699'. [ 1343.750910][T30612] HfR: entered promiscuous mode [ 1343.875320][T30612] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8700'. [ 1344.458723][T30609] veth1_macvtap: left promiscuous mode [ 1344.612947][T30612] HfR: left promiscuous mode [ 1344.752228][T30622] netlink: 330 bytes leftover after parsing attributes in process `syz.1.8709'. [ 1344.940855][T30622] ›: renamed from bond_slave_0 (while UP) [ 1344.965564][T30622] netlink: 330 bytes leftover after parsing attributes in process `syz.1.8709'. [ 1345.134290][T30629] ERROR: Out of memory at tomoyo_memory_ok. [ 1345.193248][T30626] ERROR: Out of memory at tomoyo_memory_ok. [ 1345.283848][T30631] netlink: 25 bytes leftover after parsing attributes in process `syz.2.8702'. [ 1347.863894][T30648] [U] ^\ [ 1348.225124][T20804] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1349.683051][T30673] [U] [ 1349.685771][T30673] [U] [ 1349.688443][T30673] [U] [ 1349.691128][T30673] [U] [ 1349.779575][T30679] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8716'. [ 1349.864801][T30673] [U] [ 1349.867515][T30673] [U] [ 1349.870217][T30673] [U] [ 1349.872891][T30673] [U] [ 1349.984785][T30679] vlan1: entered promiscuous mode [ 1350.048953][T30679] vlan1: entered allmulticast mode [ 1350.342336][T30670] [U] [ 1352.258674][T30709] netlink: 330 bytes leftover after parsing attributes in process `syz.1.8734'. [ 1352.988550][T30720] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8728'. [ 1353.093337][T30720] unsupported nlmsg_type 40 [ 1355.107062][T30742] netlink: 13 bytes leftover after parsing attributes in process `syz.1.8735'. [ 1355.866260][T30748] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8737'. [ 1356.615677][T30755] netlink: 186 bytes leftover after parsing attributes in process `syz.3.8739'. [ 1356.664750][T30756] FAULT_INJECTION: forcing a failure. [ 1356.664750][T30756] name failslab, interval 1, probability 0, space 0, times 0 [ 1356.769220][T30756] CPU: 0 UID: 0 PID: 30756 Comm: syz.1.8740 Tainted: G L syzkaller #0 PREEMPT(full) [ 1356.769249][T30756] Tainted: [L]=SOFTLOCKUP [ 1356.769255][T30756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1356.769269][T30756] Call Trace: [ 1356.769293][T30756] [ 1356.769301][T30756] dump_stack_lvl+0x100/0x190 [ 1356.769333][T30756] should_fail_ex.cold+0x5/0xa [ 1356.769352][T30756] ? lsm_blob_alloc+0x68/0x90 [ 1356.769376][T30756] should_failslab+0xc2/0x120 [ 1356.769395][T30756] __kmalloc_noprof+0xe0/0x850 [ 1356.769418][T30756] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1356.769438][T30756] lsm_blob_alloc+0x68/0x90 [ 1356.769455][T30756] security_sk_alloc+0x2d/0x290 [ 1356.769476][T30756] sk_prot_alloc+0x1d1/0x2a0 [ 1356.769494][T30756] sk_alloc+0x36/0xe80 [ 1356.769515][T30756] inet6_create+0x385/0x12b0 [ 1356.769539][T30756] ? inet6_create+0x7f/0x12b0 [ 1356.769564][T30756] __sock_create+0x339/0x860 [ 1356.769586][T30756] udp_sock_create6+0xc7/0x6a0 [ 1356.769611][T30756] ? __pfx_udp_sock_create6+0x10/0x10 [ 1356.769637][T30756] ? crng_make_state+0x477/0x6c0 [ 1356.769658][T30756] ? lockdep_hardirqs_on+0x78/0x100 [ 1356.769681][T30756] ? crng_make_state+0x2b0/0x6c0 [ 1356.769705][T30756] rxrpc_open_socket+0x206/0x6b0 [ 1356.769724][T30756] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 1356.769752][T30756] ? rcu_is_watching+0x12/0xc0 [ 1356.769778][T30756] rxrpc_lookup_local+0xac7/0x1220 [ 1356.769801][T30756] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 1356.769822][T30756] ? __local_bh_enable_ip+0x9e/0x120 [ 1356.769840][T30756] rxrpc_sendmsg+0x34a/0x680 [ 1356.769863][T30756] sock_write_iter+0x524/0x5a0 [ 1356.769880][T30756] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 1356.769899][T30756] ? __pfx_sock_write_iter+0x10/0x10 [ 1356.769922][T30756] ? bpf_lsm_file_permission+0x9/0x10 [ 1356.769936][T30756] ? security_file_permission+0x76/0x210 [ 1356.769960][T30756] ? rw_verify_area+0xce/0x6d0 [ 1356.769984][T30756] vfs_write+0x6ac/0x1070 [ 1356.769999][T30756] ? __pfx_sock_write_iter+0x10/0x10 [ 1356.770018][T30756] ? __pfx_vfs_write+0x10/0x10 [ 1356.770031][T30756] ? find_held_lock+0x2b/0x80 [ 1356.770058][T30756] ksys_write+0x1f8/0x250 [ 1356.770072][T30756] ? __pfx_ksys_write+0x10/0x10 [ 1356.770093][T30756] do_syscall_64+0x10b/0xf80 [ 1356.770106][T30756] ? clear_bhb_loop+0x40/0x90 [ 1356.770124][T30756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1356.770140][T30756] RIP: 0033:0x7fbf4e59c819 [ 1356.770155][T30756] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1356.770176][T30756] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1356.770192][T30756] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1356.770202][T30756] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 1356.770213][T30756] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1356.770222][T30756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1356.770232][T30756] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1356.770253][T30756] [ 1359.843096][T30793] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8744'. [ 1360.858292][T30804] FAULT_INJECTION: forcing a failure. [ 1360.858292][T30804] name failslab, interval 1, probability 0, space 0, times 0 [ 1360.947963][T30802] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8747'. [ 1360.993017][T30804] CPU: 0 UID: 0 PID: 30804 Comm: syz.1.8750 Tainted: G L syzkaller #0 PREEMPT(full) [ 1360.993046][T30804] Tainted: [L]=SOFTLOCKUP [ 1360.993052][T30804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1360.993062][T30804] Call Trace: [ 1360.993068][T30804] [ 1360.993076][T30804] dump_stack_lvl+0x100/0x190 [ 1360.993105][T30804] should_fail_ex.cold+0x5/0xa [ 1360.993126][T30804] should_failslab+0xc2/0x120 [ 1360.993144][T30804] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1360.993183][T30804] ? __proc_create+0x2cb/0x8c0 [ 1360.993206][T30804] __proc_create+0x2cb/0x8c0 [ 1360.993223][T30804] ? __pfx___proc_create+0x10/0x10 [ 1360.993240][T30804] ? do_syscall_64+0x10b/0xf80 [ 1360.993261][T30804] proc_create_reg+0x75/0x170 [ 1360.993280][T30804] proc_create_net_data+0x8e/0x1c0 [ 1360.993298][T30804] ? __pfx_proc_create_net_data+0x10/0x10 [ 1360.993321][T30804] xt_proto_init+0x24e/0xb80 [ 1360.993341][T30804] ? __pfx_xt_proto_init+0x10/0x10 [ 1360.993360][T30804] ? net_generic+0xf4/0x2a0 [ 1360.993383][T30804] ? __pfx_ip6_tables_net_init+0x10/0x10 [ 1360.993400][T30804] ops_init+0x1e2/0x5f0 [ 1360.993425][T30804] setup_net+0x118/0x3a0 [ 1360.993439][T30804] ? __pfx_setup_net+0x10/0x10 [ 1360.993452][T30804] ? lockdep_init_map_type+0x5c/0x250 [ 1360.993472][T30804] ? mutex_init_lockep+0x110/0x150 [ 1360.993495][T30804] copy_net_ns+0x46f/0x7c0 [ 1360.993512][T30804] create_new_namespaces+0x3ea/0xac0 [ 1360.993533][T30804] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1360.993551][T30804] ksys_unshare+0x473/0xad0 [ 1360.993571][T30804] ? __pfx_ksys_unshare+0x10/0x10 [ 1360.993597][T30804] __x64_sys_unshare+0x31/0x40 [ 1360.993615][T30804] do_syscall_64+0x10b/0xf80 [ 1360.993629][T30804] ? clear_bhb_loop+0x40/0x90 [ 1360.993647][T30804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1360.993663][T30804] RIP: 0033:0x7fbf4e59c819 [ 1360.993677][T30804] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1360.993692][T30804] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1360.993708][T30804] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1360.993718][T30804] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1360.993727][T30804] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1360.993736][T30804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1360.993745][T30804] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1360.993765][T30804] [ 1361.835747][T30672] Process accounting resumed [ 1361.884894][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.894424][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1362.183966][T30816] netlink: 25 bytes leftover after parsing attributes in process `syz.3.8756'. [ 1363.975347][T30833] netlink: 25 bytes leftover after parsing attributes in process `syz.1.8762'. [ 1364.674285][T30842] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8763'. [ 1365.376828][T30847] netlink: 'syz.3.8764': attribute type 29 has an invalid length. [ 1365.453126][T30847] netlink: 'syz.3.8764': attribute type 30 has an invalid length. [ 1365.460971][T30847] netlink: 'syz.3.8764': attribute type 31 has an invalid length. [ 1365.593445][T30847] netlink: 'syz.3.8764': attribute type 32 has an invalid length. [ 1365.643237][T30847] netlink: 'syz.3.8764': attribute type 33 has an invalid length. [ 1365.702536][T30847] netlink: 'syz.3.8764': attribute type 35 has an invalid length. [ 1365.793959][T30847] netlink: 'syz.3.8764': attribute type 37 has an invalid length. [ 1365.853026][T30847] netlink: 18 bytes leftover after parsing attributes in process `syz.3.8764'. [ 1367.245447][T30866] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8772'. [ 1367.481962][T30861] zswap: compressor not available [ 1368.127646][T30879] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8776'. [ 1368.331584][T30884] netlink: 25 bytes leftover after parsing attributes in process `syz.3.8776'. [ 1369.229464][T30894] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8782'. [ 1372.018548][T30927] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8793'. [ 1375.145519][T30952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8799'. [ 1375.252919][T30952] netlink: 13 bytes leftover after parsing attributes in process `syz.0.8799'. [ 1377.144680][T20804] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 1377.282269][T30976] FAULT_INJECTION: forcing a failure. [ 1377.282269][T30976] name failslab, interval 1, probability 0, space 0, times 0 [ 1377.377208][T30980] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8808'. [ 1377.481078][T30980] netlink: 25 bytes leftover after parsing attributes in process `syz.1.8808'. [ 1377.511997][T30984] futex_wake_op: syz.2.8806 tries to shift op by -2048; fix this program [ 1377.661299][T30976] CPU: 0 UID: 0 PID: 30976 Comm: syz.2.8806 Tainted: G L syzkaller #0 PREEMPT(full) [ 1377.661327][T30976] Tainted: [L]=SOFTLOCKUP [ 1377.661333][T30976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1377.661343][T30976] Call Trace: [ 1377.661349][T30976] [ 1377.661356][T30976] dump_stack_lvl+0x100/0x190 [ 1377.661385][T30976] should_fail_ex.cold+0x5/0xa [ 1377.661405][T30976] should_failslab+0xc2/0x120 [ 1377.661423][T30976] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1377.661446][T30976] ? __kernfs_new_node+0xd2/0x9f0 [ 1377.661478][T30976] __kernfs_new_node+0xd2/0x9f0 [ 1377.661503][T30976] ? __pfx___kernfs_new_node+0x10/0x10 [ 1377.661531][T30976] ? find_held_lock+0x2b/0x80 [ 1377.661546][T30976] ? kernfs_root+0xee/0x2a0 [ 1377.661559][T30976] ? kernfs_root+0xee/0x2a0 [ 1377.661576][T30976] kernfs_new_node+0x11b/0x1a0 [ 1377.661601][T30976] __kernfs_create_file+0x53/0x350 [ 1377.661623][T30976] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1377.661650][T30976] sysfs_merge_group+0x194/0x340 [ 1377.661664][T30976] ? kernfs_add_one+0x214/0x850 [ 1377.661680][T30976] ? __pfx_sysfs_merge_group+0x10/0x10 [ 1377.661695][T30976] ? bus_add_device+0x368/0x6b0 [ 1377.661716][T30976] ? __pfx_bus_add_device+0x10/0x10 [ 1377.661734][T30976] ? __pfx_dev_add_physical_location+0x10/0x10 [ 1377.661755][T30976] dpm_sysfs_add+0x237/0x280 [ 1377.661772][T30976] device_add+0x9ef/0x1950 [ 1377.661790][T30976] ? __pfx_device_add+0x10/0x10 [ 1377.661812][T30976] nfc_register_device+0x41/0x3e0 [ 1377.661838][T30976] nci_register_device+0x7f1/0xb80 [ 1377.661859][T30976] ? __pfx_nci_register_device+0x10/0x10 [ 1377.661882][T30976] ? lockdep_init_map_type+0x5c/0x250 [ 1377.661906][T30976] virtual_ncidev_open+0x141/0x220 [ 1377.661926][T30976] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1377.661945][T30976] misc_open+0x26d/0x450 [ 1377.661961][T30976] ? __pfx_misc_open+0x10/0x10 [ 1377.661976][T30976] chrdev_open+0x234/0x6a0 [ 1377.661993][T30976] ? __pfx_apparmor_file_open+0x10/0x10 [ 1377.662014][T30976] ? __pfx_chrdev_open+0x10/0x10 [ 1377.662032][T30976] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1377.662054][T30976] do_dentry_open+0x6d8/0x1660 [ 1377.662070][T30976] ? __pfx_chrdev_open+0x10/0x10 [ 1377.662090][T30976] vfs_open+0x82/0x3f0 [ 1377.662112][T30976] path_openat+0x208c/0x31a0 [ 1377.662135][T30976] ? __pfx_path_openat+0x10/0x10 [ 1377.662158][T30976] do_file_open+0x20e/0x430 [ 1377.662176][T30976] ? __pfx_do_file_open+0x10/0x10 [ 1377.662206][T30976] ? alloc_fd+0x476/0x790 [ 1377.662223][T30976] ? do_getname+0x191/0x390 [ 1377.662253][T30976] do_sys_openat2+0x10d/0x1e0 [ 1377.662274][T30976] ? __pfx_do_sys_openat2+0x10/0x10 [ 1377.662296][T30976] ? __fget_files+0x21f/0x3d0 [ 1377.662316][T30976] __x64_sys_openat+0x12d/0x210 [ 1377.662337][T30976] ? __pfx___x64_sys_openat+0x10/0x10 [ 1377.662366][T30976] do_syscall_64+0x10b/0xf80 [ 1377.662380][T30976] ? clear_bhb_loop+0x40/0x90 [ 1377.662398][T30976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1377.662414][T30976] RIP: 0033:0x7f75e779c819 [ 1377.662428][T30976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1377.662443][T30976] RSP: 002b:00007f75e868d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1377.662459][T30976] RAX: ffffffffffffffda RBX: 00007f75e7a15fa0 RCX: 00007f75e779c819 [ 1377.662469][T30976] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1377.662479][T30976] RBP: 00007f75e7832c91 R08: 0000000000000000 R09: 0000000000000000 [ 1377.662489][T30976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1377.662498][T30976] R13: 00007f75e7a16038 R14: 00007f75e7a15fa0 R15: 00007ffeef778548 [ 1377.662526][T30976] [ 1378.049943][T30984] futex_wake_op: syz.2.8806 tries to shift op by -2048; fix this program [ 1378.603541][T30989] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 1380.484131][T31015] veth1_to_batadv: entered promiscuous mode [ 1381.040341][T31006] veth1_to_batadv: left promiscuous mode [ 1381.060666][T31020] FAULT_INJECTION: forcing a failure. [ 1381.060666][T31020] name failslab, interval 1, probability 0, space 0, times 0 [ 1381.142892][T31020] CPU: 0 UID: 0 PID: 31020 Comm: syz.2.8819 Tainted: G L syzkaller #0 PREEMPT(full) [ 1381.142930][T31020] Tainted: [L]=SOFTLOCKUP [ 1381.142937][T31020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1381.142947][T31020] Call Trace: [ 1381.142953][T31020] [ 1381.142960][T31020] dump_stack_lvl+0x100/0x190 [ 1381.142989][T31020] should_fail_ex.cold+0x5/0xa [ 1381.143010][T31020] should_failslab+0xc2/0x120 [ 1381.143028][T31020] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1381.143049][T31020] ? alloc_ldt_struct+0x5d/0x1b0 [ 1381.143064][T31020] ? __pfx_down_write_killable+0x10/0x10 [ 1381.143085][T31020] alloc_ldt_struct+0x5d/0x1b0 [ 1381.143101][T31020] write_ldt+0x62b/0xd40 [ 1381.143120][T31020] ? __pfx_write_ldt+0x10/0x10 [ 1381.143137][T31020] ? xfd_validate_state+0x129/0x190 [ 1381.143163][T31020] __x64_sys_modify_ldt+0xb1/0x170 [ 1381.143181][T31020] do_syscall_64+0x10b/0xf80 [ 1381.143195][T31020] ? clear_bhb_loop+0x40/0x90 [ 1381.143213][T31020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1381.143228][T31020] RIP: 0033:0x7f75e779c819 [ 1381.143242][T31020] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1381.143256][T31020] RSP: 002b:00007f75e866c028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 1381.143271][T31020] RAX: ffffffffffffffda RBX: 00007f75e7a16090 RCX: 00007f75e779c819 [ 1381.143282][T31020] RDX: 0000000000000010 RSI: 0000200000000140 RDI: 0000000000000001 [ 1381.143291][T31020] RBP: 00007f75e7832c91 R08: 0000000000000000 R09: 0000000000000000 [ 1381.143300][T31020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1381.143309][T31020] R13: 00007f75e7a16128 R14: 00007f75e7a16090 R15: 00007ffeef778548 [ 1381.143329][T31020] [ 1383.494563][ T29] audit: type=1800 audit(4294967507.880:32): pid=31047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.8827" name="discovery_nqn" dev="configfs" ino=751651 res=0 errno=0 [ 1383.554713][T31049] netlink: 'syz.3.8828': attribute type 4 has an invalid length. [ 1383.611025][T31049] netlink: 'syz.3.8828': attribute type 5 has an invalid length. [ 1383.695174][T31049] netlink: 10 bytes leftover after parsing attributes in process `syz.3.8828'. [ 1384.832628][T31075] netlink: 246 bytes leftover after parsing attributes in process `syz.0.8835'. [ 1386.670044][T31092] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8841'. [ 1386.774254][T31092] netlink: 13 bytes leftover after parsing attributes in process `syz.0.8841'. [ 1387.253276][T31103] sd 0:0:1:0: PR command failed: 1026 [ 1387.303134][T31103] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1387.309887][T31103] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1390.056273][T31123] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8849'. [ 1390.130105][T31123] netlink: 17 bytes leftover after parsing attributes in process `syz.0.8849'. [ 1390.195114][T31127] netlink: 342 bytes leftover after parsing attributes in process `syz.1.8851'. [ 1390.233180][T31123] netlink: 2 bytes leftover after parsing attributes in process `syz.0.8849'. [ 1390.384538][T31129] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8853'. [ 1390.461456][T31129] netlink: 'syz.3.8853': attribute type 1 has an invalid length. [ 1390.553153][T31129] netlink: 'syz.3.8853': attribute type 6 has an invalid length. [ 1392.080365][T31133] Process accounting paused [ 1392.335102][T31155] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8861'. [ 1392.426570][T31155] netlink: 25 bytes leftover after parsing attributes in process `syz.3.8861'. [ 1397.637355][T31204] FAULT_INJECTION: forcing a failure. [ 1397.637355][T31204] name failslab, interval 1, probability 0, space 0, times 0 [ 1397.764506][T31204] CPU: 0 UID: 0 PID: 31204 Comm: syz.0.8873 Tainted: G L syzkaller #0 PREEMPT(full) [ 1397.764534][T31204] Tainted: [L]=SOFTLOCKUP [ 1397.764546][T31204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1397.764555][T31204] Call Trace: [ 1397.764561][T31204] [ 1397.764568][T31204] dump_stack_lvl+0x100/0x190 [ 1397.764597][T31204] should_fail_ex.cold+0x5/0xa [ 1397.764616][T31204] ? group_cpus_evenly+0x195/0x660 [ 1397.764637][T31204] should_failslab+0xc2/0x120 [ 1397.764654][T31204] __kmalloc_noprof+0xe0/0x850 [ 1397.764681][T31204] group_cpus_evenly+0x195/0x660 [ 1397.764703][T31204] ? __pfx_group_cpus_evenly+0x10/0x10 [ 1397.764730][T31204] blk_mq_map_queues+0x9d/0x430 [ 1397.764747][T31204] ? __pfx_blk_mq_map_queues+0x10/0x10 [ 1397.764760][T31204] ? rcu_is_watching+0x12/0xc0 [ 1397.764783][T31204] ? trace_kmalloc+0x101/0x130 [ 1397.764799][T31204] ? __kasan_kmalloc+0xaa/0xb0 [ 1397.764815][T31204] blk_mq_update_queue_map+0x305/0x3a0 [ 1397.764839][T31204] blk_mq_alloc_tag_set+0x660/0x1330 [ 1397.764858][T31204] ? idr_alloc+0x77/0x130 [ 1397.764886][T31204] loop_add+0x3b7/0xb60 [ 1397.764907][T31204] ? __pfx_loop_add+0x10/0x10 [ 1397.764936][T31204] ? find_held_lock+0x2b/0x80 [ 1397.764951][T31204] ? __fget_files+0x215/0x3d0 [ 1397.764969][T31204] loop_control_ioctl+0xae/0x620 [ 1397.764990][T31204] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1397.765012][T31204] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1397.765032][T31204] __x64_sys_ioctl+0x18e/0x210 [ 1397.765055][T31204] do_syscall_64+0x10b/0xf80 [ 1397.765069][T31204] ? clear_bhb_loop+0x40/0x90 [ 1397.765087][T31204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1397.765103][T31204] RIP: 0033:0x7fb541b9c819 [ 1397.765117][T31204] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1397.765132][T31204] RSP: 002b:00007fb542a88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1397.765147][T31204] RAX: ffffffffffffffda RBX: 00007fb541e15fa0 RCX: 00007fb541b9c819 [ 1397.765157][T31204] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 1397.765168][T31204] RBP: 00007fb541c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1397.765177][T31204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1397.765186][T31204] R13: 00007fb541e16038 R14: 00007fb541e15fa0 R15: 00007fff346f1c28 [ 1397.765206][T31204] [ 1398.711638][T31208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8875'. [ 1398.771596][T31211] netlink: 354 bytes leftover after parsing attributes in process `syz.3.8875'. [ 1399.213645][T31213] netlink: 'syz.3.8876': attribute type 4 has an invalid length. [ 1399.221407][T31213] netlink: 'syz.3.8876': attribute type 5 has an invalid length. [ 1399.302907][T31213] netlink: 10 bytes leftover after parsing attributes in process `syz.3.8876'. [ 1400.166113][T31224] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8880'. [ 1400.241065][T31224] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8880'. [ 1400.656158][T31226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8882'. [ 1400.766482][T31230] netlink: 354 bytes leftover after parsing attributes in process `syz.0.8882'. [ 1400.956493][T31233] futex_wake_op: syz.1.8884 tries to shift op by -2048; fix this program [ 1401.035724][T31233] futex_wake_op: syz.1.8884 tries to shift op by -2048; fix this program [ 1405.963380][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1405.969739][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1406.346134][T31295] FAULT_INJECTION: forcing a failure. [ 1406.346134][T31295] name failslab, interval 1, probability 0, space 0, times 0 [ 1406.465287][T31295] CPU: 0 UID: 0 PID: 31295 Comm: syz.0.8900 Tainted: G L syzkaller #0 PREEMPT(full) [ 1406.465316][T31295] Tainted: [L]=SOFTLOCKUP [ 1406.465322][T31295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1406.465331][T31295] Call Trace: [ 1406.465337][T31295] [ 1406.465345][T31295] dump_stack_lvl+0x100/0x190 [ 1406.465374][T31295] should_fail_ex.cold+0x5/0xa [ 1406.465394][T31295] should_failslab+0xc2/0x120 [ 1406.465413][T31295] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1406.465433][T31295] ? tomoyo_init_log+0x1a0/0x20c0 [ 1406.465463][T31295] tomoyo_init_log+0x1a0/0x20c0 [ 1406.465480][T31295] ? __pfx_format_decode+0x10/0x10 [ 1406.465502][T31295] ? number+0x983/0xc90 [ 1406.465518][T31295] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1406.465539][T31295] ? __pfx_tomoyo_init_log+0x10/0x10 [ 1406.465561][T31295] tomoyo_write_log2+0x2ed/0xbc0 [ 1406.465580][T31295] tomoyo_supervisor+0x15e/0x1340 [ 1406.465602][T31295] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 1406.465622][T31295] ? tomoyo_realpath_from_path+0x19c/0x690 [ 1406.465644][T31295] ? tomoyo_realpath_from_path+0x19c/0x690 [ 1406.465659][T31295] ? kfree+0x1f6/0x6b0 [ 1406.465680][T31295] ? tomoyo_check_path_number_acl+0x1e6/0x2f0 [ 1406.465708][T31295] tomoyo_path_number_perm+0x445/0x580 [ 1406.465731][T31295] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1406.465771][T31295] ? current_check_access_path+0x269/0x430 [ 1406.465792][T31295] ? d_alloc_parallel+0x864/0x14e0 [ 1406.465817][T31295] tomoyo_path_mknod+0x164/0x190 [ 1406.465836][T31295] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 1406.465853][T31295] ? find_held_lock+0x2b/0x80 [ 1406.465869][T31295] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1406.465887][T31295] security_path_mknod+0x161/0x300 [ 1406.465905][T31295] may_o_create+0x30/0x3a0 [ 1406.465929][T31295] lookup_open.isra.0+0xa0d/0x11b0 [ 1406.465955][T31295] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1406.465980][T31295] ? __pfx___might_resched+0x10/0x10 [ 1406.466001][T31295] ? mnt_get_write_access+0x52/0x2f0 [ 1406.466026][T31295] ? __pfx_down_write+0x10/0x10 [ 1406.466041][T31295] ? mnt_get_write_access+0x1e9/0x2f0 [ 1406.466064][T31295] path_openat+0x2291/0x31a0 [ 1406.466087][T31295] ? __pfx_path_openat+0x10/0x10 [ 1406.466110][T31295] do_file_open+0x20e/0x430 [ 1406.466128][T31295] ? __pfx_do_file_open+0x10/0x10 [ 1406.466158][T31295] ? alloc_fd+0x476/0x790 [ 1406.466175][T31295] ? do_getname+0x191/0x390 [ 1406.466196][T31295] do_sys_openat2+0x10d/0x1e0 [ 1406.466216][T31295] ? __pfx_do_sys_openat2+0x10/0x10 [ 1406.466243][T31295] __x64_sys_openat+0x12d/0x210 [ 1406.466264][T31295] ? __pfx___x64_sys_openat+0x10/0x10 [ 1406.466291][T31295] do_syscall_64+0x10b/0xf80 [ 1406.466305][T31295] ? clear_bhb_loop+0x40/0x90 [ 1406.466324][T31295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1406.466339][T31295] RIP: 0033:0x7fb541b9c819 [ 1406.466354][T31295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1406.466369][T31295] RSP: 002b:00007fb542a88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1406.466385][T31295] RAX: ffffffffffffffda RBX: 00007fb541e15fa0 RCX: 00007fb541b9c819 [ 1406.466397][T31295] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 1406.466407][T31295] RBP: 00007fb541c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1406.466417][T31295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1406.466426][T31295] R13: 00007fb541e16038 R14: 00007fb541e15fa0 R15: 00007fff346f1c28 [ 1406.466460][T31295] [ 1409.293474][T31318] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8906'. [ 1409.374414][T31318] netlink: 354 bytes leftover after parsing attributes in process `syz.1.8906'. [ 1409.985160][T31322] sp0: Synchronizing with TNC [ 1411.081165][T31333] netlink: 9 bytes leftover after parsing attributes in process `syz.3.8909'. [ 1414.511554][T31354] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8915'. [ 1414.707562][T31356] netlink: 25 bytes leftover after parsing attributes in process `syz.2.8915'. [ 1415.304072][T31360] netlink: 186 bytes leftover after parsing attributes in process `syz.1.8916'. [ 1417.126584][T31372] netlink: 286 bytes leftover after parsing attributes in process `syz.2.8919'. [ 1420.013105][T31409] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 1422.034525][T31429] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8944'. [ 1422.705164][T31429] macvlan1: entered promiscuous mode [ 1422.741539][T31429] macvlan1: entered allmulticast mode [ 1422.855516][T31429] veth1_vlan: entered allmulticast mode [ 1423.266780][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1423.273212][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1423.290418][T31425] Process accounting resumed [ 1426.384035][T31460] FAULT_INJECTION: forcing a failure. [ 1426.384035][T31460] name failslab, interval 1, probability 0, space 0, times 0 [ 1426.467570][T31460] CPU: 0 UID: 0 PID: 31460 Comm: syz.0.8942 Tainted: G L syzkaller #0 PREEMPT(full) [ 1426.467599][T31460] Tainted: [L]=SOFTLOCKUP [ 1426.467605][T31460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1426.467615][T31460] Call Trace: [ 1426.467621][T31460] [ 1426.467628][T31460] dump_stack_lvl+0x100/0x190 [ 1426.467656][T31460] should_fail_ex.cold+0x5/0xa [ 1426.467676][T31460] should_failslab+0xc2/0x120 [ 1426.467693][T31460] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1426.467716][T31460] ? __mpol_dup+0x74/0x390 [ 1426.467738][T31460] __mpol_dup+0x74/0x390 [ 1426.467756][T31460] ? __pfx___mpol_dup+0x10/0x10 [ 1426.467774][T31460] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 1426.467796][T31460] ? sp_alloc+0x27/0x160 [ 1426.467817][T31460] sp_alloc+0x4d/0x160 [ 1426.467835][T31460] mpol_set_shared_policy+0xa5/0x890 [ 1426.467858][T31460] ? __pfx_shmem_set_policy+0x10/0x10 [ 1426.467876][T31460] mbind_range+0x339/0x550 [ 1426.467897][T31460] do_mbind+0x7dc/0xfd0 [ 1426.467919][T31460] ? __might_fault+0xc5/0x140 [ 1426.467941][T31460] ? __pfx_do_mbind+0x10/0x10 [ 1426.467963][T31460] ? _copy_from_user+0x59/0xd0 [ 1426.467992][T31460] ? __pfx_get_nodes+0x10/0x10 [ 1426.468011][T31460] kernel_mbind+0x1b7/0x200 [ 1426.468031][T31460] ? __pfx_kernel_mbind+0x10/0x10 [ 1426.468056][T31460] do_syscall_64+0x10b/0xf80 [ 1426.468071][T31460] ? clear_bhb_loop+0x40/0x90 [ 1426.468089][T31460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1426.468105][T31460] RIP: 0033:0x7fb541b9c819 [ 1426.468119][T31460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1426.468135][T31460] RSP: 002b:00007fb542a88028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 1426.468151][T31460] RAX: ffffffffffffffda RBX: 00007fb541e15fa0 RCX: 00007fb541b9c819 [ 1426.468161][T31460] RDX: 0000000000008003 RSI: 0000000000800605 RDI: 0000000000000000 [ 1426.468170][T31460] RBP: 00007fb541c32c91 R08: 0000000000000003 R09: 0000000000000003 [ 1426.468179][T31460] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000 [ 1426.468189][T31460] R13: 00007fb541e16038 R14: 00007fb541e15fa0 R15: 00007fff346f1c28 [ 1426.468209][T31460] [ 1427.519771][T31482] random: crng reseeded on system resumption [ 1429.319879][T31492] FAULT_INJECTION: forcing a failure. [ 1429.319879][T31492] name failslab, interval 1, probability 0, space 0, times 0 [ 1429.444066][T31492] CPU: 0 UID: 0 PID: 31492 Comm: syz.1.8952 Tainted: G L syzkaller #0 PREEMPT(full) [ 1429.444094][T31492] Tainted: [L]=SOFTLOCKUP [ 1429.444100][T31492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1429.444110][T31492] Call Trace: [ 1429.444116][T31492] [ 1429.444123][T31492] dump_stack_lvl+0x100/0x190 [ 1429.444153][T31492] should_fail_ex.cold+0x5/0xa [ 1429.444173][T31492] ? tracing_log_err+0xb9/0x6d0 [ 1429.444194][T31492] should_failslab+0xc2/0x120 [ 1429.444211][T31492] __kmalloc_noprof+0xe0/0x850 [ 1429.444247][T31492] tracing_log_err+0xb9/0x6d0 [ 1429.444273][T31492] append_filter_err+0x399/0x620 [ 1429.444299][T31492] create_filter+0x1a6/0x210 [ 1429.444322][T31492] ? __pfx_create_filter+0x10/0x10 [ 1429.444347][T31492] ? find_held_lock+0x2b/0x80 [ 1429.444364][T31492] apply_event_filter+0x220/0x500 [ 1429.444388][T31492] ? __pfx_apply_event_filter+0x10/0x10 [ 1429.444416][T31492] event_filter_write+0x16d/0x290 [ 1429.444436][T31492] vfs_write+0x2aa/0x1070 [ 1429.444452][T31492] ? __pfx_event_filter_write+0x10/0x10 [ 1429.444472][T31492] ? __pfx_vfs_write+0x10/0x10 [ 1429.444486][T31492] ? __fget_files+0x215/0x3d0 [ 1429.444506][T31492] ? __fget_files+0x21f/0x3d0 [ 1429.444526][T31492] ksys_write+0x12a/0x250 [ 1429.444540][T31492] ? __pfx_ksys_write+0x10/0x10 [ 1429.444561][T31492] do_syscall_64+0x10b/0xf80 [ 1429.444575][T31492] ? clear_bhb_loop+0x40/0x90 [ 1429.444594][T31492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1429.444610][T31492] RIP: 0033:0x7fbf4e59c819 [ 1429.444624][T31492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1429.444639][T31492] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1429.444654][T31492] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1429.444665][T31492] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1429.444674][T31492] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1429.444683][T31492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1429.444692][T31492] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1429.444712][T31492] [ 1438.503610][T31550] netlink: 330 bytes leftover after parsing attributes in process `syz.2.8966'. [ 1443.196681][T31600] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 1443.572437][ T5181] ERROR: Out of memory at tomoyo_memory_ok. [ 1445.377501][T31629] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8992'. [ 1445.428967][T31630] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input29 [ 1449.893274][T31672] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9002'. [ 1450.003066][T31672] netlink: 25 bytes leftover after parsing attributes in process `syz.1.9002'. [ 1452.481762][T20804] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1452.592342][T31714] futex_wake_op: syz.1.9011 tries to shift op by -2048; fix this program [ 1452.629856][T31710] mkiss: ax0: crc mode is auto. [ 1452.782505][T31714] futex_wake_op: syz.1.9011 tries to shift op by -2048; fix this program [ 1454.614003][T31730] FAULT_INJECTION: forcing a failure. [ 1454.614003][T31730] name failslab, interval 1, probability 0, space 0, times 0 [ 1454.792911][T31730] CPU: 0 UID: 0 PID: 31730 Comm: syz.0.9022 Tainted: G L syzkaller #0 PREEMPT(full) [ 1454.792940][T31730] Tainted: [L]=SOFTLOCKUP [ 1454.792946][T31730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1454.792955][T31730] Call Trace: [ 1454.792962][T31730] [ 1454.792969][T31730] dump_stack_lvl+0x100/0x190 [ 1454.792997][T31730] should_fail_ex.cold+0x5/0xa [ 1454.793017][T31730] should_failslab+0xc2/0x120 [ 1454.793035][T31730] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1454.793055][T31730] ? blk_mq_init_allocated_queue+0xcf/0x1440 [ 1454.793080][T31730] blk_mq_init_allocated_queue+0xcf/0x1440 [ 1454.793102][T31730] ? blk_alloc_queue+0x627/0x790 [ 1454.793116][T31730] ? blk_alloc_queue+0x1a3/0x790 [ 1454.793132][T31730] blk_mq_alloc_queue+0x1bd/0x290 [ 1454.793151][T31730] ? __pfx_blk_mq_alloc_queue+0x10/0x10 [ 1454.793183][T31730] ? blk_mq_alloc_tag_set+0xe2c/0x1330 [ 1454.793206][T31730] __blk_mq_alloc_disk+0x29/0x120 [ 1454.793226][T31730] loop_add+0x498/0xb60 [ 1454.793245][T31730] ? __pfx_loop_add+0x10/0x10 [ 1454.793275][T31730] ? find_held_lock+0x2b/0x80 [ 1454.793290][T31730] ? __fget_files+0x215/0x3d0 [ 1454.793308][T31730] loop_control_ioctl+0xae/0x620 [ 1454.793329][T31730] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1454.793351][T31730] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1454.793371][T31730] __x64_sys_ioctl+0x18e/0x210 [ 1454.793394][T31730] do_syscall_64+0x10b/0xf80 [ 1454.793409][T31730] ? clear_bhb_loop+0x40/0x90 [ 1454.793428][T31730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1454.793444][T31730] RIP: 0033:0x7fb541b9c819 [ 1454.793458][T31730] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1454.793474][T31730] RSP: 002b:00007fb542a88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1454.793489][T31730] RAX: ffffffffffffffda RBX: 00007fb541e15fa0 RCX: 00007fb541b9c819 [ 1454.793500][T31730] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000009 [ 1454.793509][T31730] RBP: 00007fb541c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1454.793518][T31730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1454.793527][T31730] R13: 00007fb541e16038 R14: 00007fb541e15fa0 R15: 00007fff346f1c28 [ 1454.793546][T31730] [ 1455.865934][T31730] Process accounting paused [ 1458.053364][T31769] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9021'. [ 1458.141782][T31769] netlink: 25 bytes leftover after parsing attributes in process `syz.0.9021'. [ 1461.258811][T31809] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input30 [ 1462.913714][T20804] Bluetooth: hci0: unexpected event 0x05 length: 43 > 4 [ 1466.535929][T31881] blktrace: Concurrent blktraces are not allowed on nbd8 [ 1466.900232][T31883] can: request_module (can-proto-5) failed. [ 1471.438639][T31942] blktrace: Concurrent blktraces are not allowed on nbd8 [ 1473.415104][T31962] cougar: G6 mapped to space [ 1474.319758][T31969] ERROR: Out of memory at tomoyo_memory_ok. [ 1475.805363][T31969] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1479.937554][T32013] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9077'. [ 1480.030545][T32013] netlink: 'syz.2.9077': attribute type 1 has an invalid length. [ 1480.076272][T32013] netlink: 'syz.2.9077': attribute type 6 has an invalid length. [ 1480.571702][T32017] netlink: 354 bytes leftover after parsing attributes in process `syz.0.9078'. [ 1481.303003][T32025] netlink: 330 bytes leftover after parsing attributes in process `syz.0.9080'. [ 1482.977550][ T29] audit: type=1800 audit(2147483676.260:33): pid=32041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.9084" name="discovery_nqn" dev="configfs" ino=839300 res=0 errno=0 [ 1483.794987][T32046] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9085'. [ 1483.894202][T32046] i: entered promiscuous mode [ 1484.057908][T32046] HfR: entered promiscuous mode [ 1484.146800][T32051] input: f¬ as /devices/virtual/input/input31 [ 1484.208815][ T5181] ERROR: Out of memory at tomoyo_memory_ok. [ 1484.708041][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1484.717757][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1484.811218][T32060] sp0: Synchronizing with TNC [ 1486.055860][T32076] FAULT_INJECTION: forcing a failure. [ 1486.055860][T32076] name failslab, interval 1, probability 0, space 0, times 0 [ 1486.098833][T32081] sp0: Synchronizing with TNC [ 1486.153119][T32068] Process accounting resumed [ 1486.329711][T32080] netlink: 'syz.3.9096': attribute type 2 has an invalid length. [ 1486.376502][T32076] CPU: 0 UID: 0 PID: 32076 Comm: syz.2.9095 Tainted: G L syzkaller #0 PREEMPT(full) [ 1486.376530][T32076] Tainted: [L]=SOFTLOCKUP [ 1486.376536][T32076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1486.376546][T32076] Call Trace: [ 1486.376552][T32076] [ 1486.376560][T32076] dump_stack_lvl+0x100/0x190 [ 1486.376590][T32076] should_fail_ex.cold+0x5/0xa [ 1486.376624][T32076] ? __register_sysctl_table+0xbe4/0x1650 [ 1486.376642][T32076] should_failslab+0xc2/0x120 [ 1486.376667][T32076] __kmalloc_noprof+0xe0/0x850 [ 1486.376696][T32076] __register_sysctl_table+0xbe4/0x1650 [ 1486.376722][T32076] ? __pfx___register_sysctl_table+0x10/0x10 [ 1486.376739][T32076] ? is_module_address+0x69/0xf0 [ 1486.376758][T32076] ? register_net_sysctl_sz+0x222/0x430 [ 1486.376775][T32076] ? __asan_memmove+0x10/0x60 [ 1486.376795][T32076] ? kmemdup_noprof+0x49/0x60 [ 1486.376812][T32076] ipv6_sysctl_net_init+0x136/0x2b0 [ 1486.376830][T32076] ? __pfx_ipv6_sysctl_net_init+0x10/0x10 [ 1486.376847][T32076] ops_init+0x1e2/0x5f0 [ 1486.376872][T32076] setup_net+0x118/0x3a0 [ 1486.376887][T32076] ? __pfx_setup_net+0x10/0x10 [ 1486.376899][T32076] ? lockdep_init_map_type+0x5c/0x250 [ 1486.376920][T32076] ? mutex_init_lockep+0x110/0x150 [ 1486.376943][T32076] copy_net_ns+0x46f/0x7c0 [ 1486.376961][T32076] create_new_namespaces+0x3ea/0xac0 [ 1486.376982][T32076] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1486.377000][T32076] ksys_unshare+0x473/0xad0 [ 1486.377020][T32076] ? __pfx_ksys_unshare+0x10/0x10 [ 1486.377046][T32076] __x64_sys_unshare+0x31/0x40 [ 1486.377064][T32076] do_syscall_64+0x10b/0xf80 [ 1486.377078][T32076] ? clear_bhb_loop+0x40/0x90 [ 1486.377097][T32076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1486.377113][T32076] RIP: 0033:0x7f75e779c819 [ 1486.377126][T32076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1486.377141][T32076] RSP: 002b:00007f75e868d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1486.377156][T32076] RAX: ffffffffffffffda RBX: 00007f75e7a15fa0 RCX: 00007f75e779c819 [ 1486.377166][T32076] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1486.377176][T32076] RBP: 00007f75e7832c91 R08: 0000000000000000 R09: 0000000000000000 [ 1486.377185][T32076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1486.377194][T32076] R13: 00007f75e7a16038 R14: 00007f75e7a15fa0 R15: 00007ffeef778548 [ 1486.377214][T32076] [ 1486.377222][T32076] sysctl could not get directory: /net/ipv6/route -12 [ 1486.723245][T32080] netlink: 'syz.3.9096': attribute type 3 has an invalid length. [ 1486.812858][T32080] netlink: 158 bytes leftover after parsing attributes in process `syz.3.9096'. [ 1486.883333][T32080] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9096'. [ 1488.860047][T32108] FAULT_INJECTION: forcing a failure. [ 1488.860047][T32108] name failslab, interval 1, probability 0, space 0, times 0 [ 1488.993150][T32108] CPU: 0 UID: 0 PID: 32108 Comm: syz.0.9105 Tainted: G L syzkaller #0 PREEMPT(full) [ 1488.993178][T32108] Tainted: [L]=SOFTLOCKUP [ 1488.993184][T32108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1488.993194][T32108] Call Trace: [ 1488.993200][T32108] [ 1488.993207][T32108] dump_stack_lvl+0x100/0x190 [ 1488.993236][T32108] should_fail_ex.cold+0x5/0xa [ 1488.993256][T32108] ? tomoyo_realpath_from_path+0xb6/0x690 [ 1488.993273][T32108] should_failslab+0xc2/0x120 [ 1488.993291][T32108] __kmalloc_noprof+0xe0/0x850 [ 1488.993319][T32108] tomoyo_realpath_from_path+0xb6/0x690 [ 1488.993340][T32108] tomoyo_check_open_permission+0x2af/0x3c0 [ 1488.993365][T32108] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1488.993394][T32108] ? hook_file_open+0x24e/0x7a0 [ 1488.993416][T32108] ? lock_acquire+0x1cf/0x380 [ 1488.993440][T32108] tomoyo_file_open+0x6b/0x90 [ 1488.993459][T32108] security_file_open+0xb5/0x1e0 [ 1488.993475][T32108] do_dentry_open+0x5aa/0x1660 [ 1488.993497][T32108] vfs_open+0x82/0x3f0 [ 1488.993518][T32108] path_openat+0x208c/0x31a0 [ 1488.993541][T32108] ? __pfx_path_openat+0x10/0x10 [ 1488.993564][T32108] do_file_open+0x20e/0x430 [ 1488.993582][T32108] ? __pfx_do_file_open+0x10/0x10 [ 1488.993611][T32108] ? alloc_fd+0x476/0x790 [ 1488.993629][T32108] ? do_getname+0x191/0x390 [ 1488.993650][T32108] do_sys_openat2+0x10d/0x1e0 [ 1488.993670][T32108] ? __pfx_do_sys_openat2+0x10/0x10 [ 1488.993701][T32108] ? blkcg_maybe_throttle_current+0x5e7/0xeb0 [ 1488.993725][T32108] __x64_sys_openat+0x12d/0x210 [ 1488.993750][T32108] ? __pfx___x64_sys_openat+0x10/0x10 [ 1488.993777][T32108] do_syscall_64+0x10b/0xf80 [ 1488.993793][T32108] ? clear_bhb_loop+0x40/0x90 [ 1488.993811][T32108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1488.993828][T32108] RIP: 0033:0x7fb541b9c819 [ 1488.993842][T32108] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1488.993857][T32108] RSP: 002b:00007fb542a88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1488.993872][T32108] RAX: ffffffffffffffda RBX: 00007fb541e15fa0 RCX: 00007fb541b9c819 [ 1488.993883][T32108] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1488.993892][T32108] RBP: 00007fb541c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1488.993902][T32108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1488.993912][T32108] R13: 00007fb541e16038 R14: 00007fb541e15fa0 R15: 00007fff346f1c28 [ 1488.993932][T32108] [ 1488.994250][T32108] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1490.645044][ T29] audit: type=1804 audit(2147483683.840:34): pid=32116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.9107" name="/newroot/1083/file0" dev="tmpfs" ino=5620 res=1 errno=0 [ 1490.834216][ T29] audit: type=1804 audit(2147483683.890:35): pid=32117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.9107" name="/newroot/1083/file0" dev="tmpfs" ino=5620 res=1 errno=0 [ 1492.371086][T32128] netlink: 25 bytes leftover after parsing attributes in process `syz.1.9111'. [ 1493.284886][T32146] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9117'. [ 1493.415109][T32152] netlink: 13 bytes leftover after parsing attributes in process `syz.3.9117'. [ 1494.982894][T32172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9125'. [ 1495.140169][T32176] netlink: 25 bytes leftover after parsing attributes in process `syz.3.9125'. [ 1496.936967][T32192] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9131'. [ 1497.014271][T32192] netlink: 13 bytes leftover after parsing attributes in process `syz.1.9131'. [ 1497.564751][T32198] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9134'. [ 1497.937811][T32198] bond0: (slave bond_slave_0): Releasing backup interface [ 1499.453191][T32211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9137'. [ 1499.722983][T32218] netlink: 25 bytes leftover after parsing attributes in process `syz.2.9137'. [ 1499.948251][T32217] vivid-007: ================= START STATUS ================= [ 1500.042889][T32217] vivid-007: Generate PTS: true [ 1500.047789][T32217] vivid-007: Generate SCR: true [ 1500.052640][T32217] tpg source WxH: 320x240 (Y'CbCr) [ 1500.157417][T32217] tpg field: 1 [ 1500.160813][T32217] tpg crop: (0,0)/320x240 [ 1500.286855][T32217] tpg compose: (0,0)/320x240 [ 1500.291477][T32217] tpg colorspace: 8 [ 1500.372834][T32217] tpg transfer function: 0/0 [ 1500.377457][T32217] tpg Y'CbCr encoding: 0/0 [ 1500.381860][T32217] tpg quantization: 0/0 [ 1500.491220][T32217] tpg RGB range: 0/2 [ 1500.543161][T32217] vivid-007: ================== END STATUS ================== [ 1500.866158][T32227] netlink: 'syz.3.9143': attribute type 2 has an invalid length. [ 1501.026068][T32227] netlink: 5 bytes leftover after parsing attributes in process `syz.3.9143'. [ 1503.033446][T32243] zswap: compressor not available [ 1505.805223][T32283] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 1506.323331][T32283] PCI: Can't parse resource_alignment parameter: 1 [ 1508.767540][T32305] mkiss: ax0: crc mode is auto. [ 1508.851134][T32313] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 1509.047703][T32315] ERROR: Out of memory at tomoyo_memory_ok. [ 1509.863009][T32323] netlink: 25 bytes leftover after parsing attributes in process `syz.2.9167'. [ 1510.335134][T32318] hub 1-0:1.0: USB hub found [ 1510.522667][T32318] hub 1-0:1.0: 1 port detected [ 1510.674777][T32335] netlink: 13 bytes leftover after parsing attributes in process `syz.2.9171'. [ 1511.291473][T32332] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1514.005423][ T29] audit: type=1800 audit(2147483707.290:36): pid=32359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.9177" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 1514.354254][T32361] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9179'. [ 1514.465542][T32366] netlink: 'syz.3.9179': attribute type 3 has an invalid length. [ 1514.646586][T32366] netlink: 17 bytes leftover after parsing attributes in process `syz.3.9179'. [ 1516.012006][T32370] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32 [ 1517.636045][ T5181] ERROR: Out of memory at tomoyo_memory_ok. [ 1517.835663][T32392] hub 1-0:1.0: USB hub found [ 1517.893306][T32392] hub 1-0:1.0: 1 port detected [ 1519.276776][T32398] Invalid ELF header magic: != ELF [ 1519.571067][T32376] Process accounting paused [ 1520.495754][T32404] ERROR: Out of memory at tomoyo_memory_ok. [ 1523.825678][T32426] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9194'. [ 1523.962633][T32430] netlink: 'syz.3.9194': attribute type 1 has an invalid length. [ 1524.224436][T32430] netlink: 5 bytes leftover after parsing attributes in process `syz.3.9194'. [ 1525.112918][T32437] FAULT_INJECTION: forcing a failure. [ 1525.112918][T32437] name failslab, interval 1, probability 0, space 0, times 0 [ 1525.265342][T32437] CPU: 0 UID: 0 PID: 32437 Comm: syz.2.9197 Tainted: G L syzkaller #0 PREEMPT(full) [ 1525.265370][T32437] Tainted: [L]=SOFTLOCKUP [ 1525.265376][T32437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1525.265386][T32437] Call Trace: [ 1525.265392][T32437] [ 1525.265399][T32437] dump_stack_lvl+0x100/0x190 [ 1525.265427][T32437] should_fail_ex.cold+0x5/0xa [ 1525.265446][T32437] ? sk_prot_alloc+0x10b/0x2a0 [ 1525.265463][T32437] should_failslab+0xc2/0x120 [ 1525.265480][T32437] __kmalloc_noprof+0xe0/0x850 [ 1525.265503][T32437] ? security_inode_alloc+0xcf/0x2c0 [ 1525.265527][T32437] sk_prot_alloc+0x10b/0x2a0 [ 1525.265545][T32437] sk_alloc+0x36/0xe80 [ 1525.265565][T32437] __netlink_create+0x5e/0x2c0 [ 1525.265588][T32437] __netlink_kernel_create+0xed/0x750 [ 1525.265613][T32437] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1525.265642][T32437] uevent_net_init+0xf8/0x330 [ 1525.265661][T32437] ? __pfx_uevent_net_init+0x10/0x10 [ 1525.265688][T32437] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1525.265707][T32437] ? __kmalloc_noprof+0x320/0x850 [ 1525.265734][T32437] ? __pfx_uevent_net_init+0x10/0x10 [ 1525.265752][T32437] ops_init+0x1e2/0x5f0 [ 1525.265777][T32437] setup_net+0x118/0x3a0 [ 1525.265791][T32437] ? __pfx_setup_net+0x10/0x10 [ 1525.265804][T32437] ? lockdep_init_map_type+0x5c/0x250 [ 1525.265831][T32437] ? mutex_init_lockep+0x110/0x150 [ 1525.265856][T32437] copy_net_ns+0x46f/0x7c0 [ 1525.265874][T32437] create_new_namespaces+0x3ea/0xac0 [ 1525.265896][T32437] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1525.265915][T32437] ksys_unshare+0x473/0xad0 [ 1525.265936][T32437] ? __pfx_ksys_unshare+0x10/0x10 [ 1525.265961][T32437] __x64_sys_unshare+0x31/0x40 [ 1525.265979][T32437] do_syscall_64+0x10b/0xf80 [ 1525.265992][T32437] ? clear_bhb_loop+0x40/0x90 [ 1525.266011][T32437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1525.266026][T32437] RIP: 0033:0x7f75e779c819 [ 1525.266040][T32437] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1525.266055][T32437] RSP: 002b:00007f75e866c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1525.266070][T32437] RAX: ffffffffffffffda RBX: 00007f75e7a16090 RCX: 00007f75e779c819 [ 1525.266080][T32437] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1525.266089][T32437] RBP: 00007f75e7832c91 R08: 0000000000000000 R09: 0000000000000000 [ 1525.266098][T32437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1525.266107][T32437] R13: 00007f75e7a16128 R14: 00007f75e7a16090 R15: 00007ffeef778548 [ 1525.266127][T32437] [ 1525.266171][T32437] kobject_uevent: unable to create netlink socket! [ 1527.687594][T32452] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9200'. [ 1529.111117][T32460] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9203'. [ 1529.184698][T32460] bridge_slave_0: left allmulticast mode [ 1529.190370][T32460] bridge_slave_0: left promiscuous mode [ 1529.283594][T32460] bridge0: port 1(bridge_slave_0) entered disabled state [ 1530.092229][T32470] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=538976288 (1077952576 ns) > initial count (3830 ns). Using initial count to start timer. [ 1531.249909][T32485] netlink: 354 bytes leftover after parsing attributes in process `syz.2.9211'. [ 1531.812235][T32490] ERROR: Out of memory at tomoyo_memory_ok. [ 1532.192989][T32499] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9214'. [ 1532.274437][T32499] netlink: 'syz.2.9214': attribute type 1 has an invalid length. [ 1532.335337][T32499] netlink: 5 bytes leftover after parsing attributes in process `syz.2.9214'. [ 1532.764956][T32486] hub 1-0:1.0: USB hub found [ 1532.828262][T32486] hub 1-0:1.0: 1 port detected [ 1533.182215][T32508] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9217'. [ 1533.840250][T32518] netlink: 25 bytes leftover after parsing attributes in process `syz.1.9218'. [ 1533.894471][T32517] FAULT_INJECTION: forcing a failure. [ 1533.894471][T32517] name failslab, interval 1, probability 0, space 0, times 0 [ 1534.009190][T32517] CPU: 0 UID: 0 PID: 32517 Comm: syz.2.9220 Tainted: G L syzkaller #0 PREEMPT(full) [ 1534.009219][T32517] Tainted: [L]=SOFTLOCKUP [ 1534.009226][T32517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1534.009234][T32517] Call Trace: [ 1534.009240][T32517] [ 1534.009247][T32517] dump_stack_lvl+0x100/0x190 [ 1534.009275][T32517] should_fail_ex.cold+0x5/0xa [ 1534.009296][T32517] should_failslab+0xc2/0x120 [ 1534.009314][T32517] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1534.009337][T32517] ? __kernfs_new_node+0xd2/0x9f0 [ 1534.009364][T32517] __kernfs_new_node+0xd2/0x9f0 [ 1534.009387][T32517] ? kernfs_add_one+0x214/0x850 [ 1534.009404][T32517] ? __pfx___kernfs_new_node+0x10/0x10 [ 1534.009431][T32517] ? find_held_lock+0x2b/0x80 [ 1534.009447][T32517] ? kernfs_root+0xee/0x2a0 [ 1534.009460][T32517] ? kernfs_root+0xee/0x2a0 [ 1534.009478][T32517] kernfs_new_node+0x11b/0x1a0 [ 1534.009497][T32517] kernfs_create_link+0xcc/0x240 [ 1534.009518][T32517] sysfs_do_create_link_sd+0x90/0x140 [ 1534.009544][T32517] sysfs_create_link+0x61/0xc0 [ 1534.009568][T32517] device_add+0x553/0x1950 [ 1534.009585][T32517] ? alloc_workqueue_noprof+0x198/0x200 [ 1534.009604][T32517] ? __pfx_device_add+0x10/0x10 [ 1534.009627][T32517] nfc_register_device+0x41/0x3e0 [ 1534.009653][T32517] nci_register_device+0x7f1/0xb80 [ 1534.009675][T32517] ? __pfx_nci_register_device+0x10/0x10 [ 1534.009697][T32517] ? lockdep_init_map_type+0x5c/0x250 [ 1534.009721][T32517] virtual_ncidev_open+0x141/0x220 [ 1534.009741][T32517] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1534.009760][T32517] misc_open+0x26d/0x450 [ 1534.009776][T32517] ? __pfx_misc_open+0x10/0x10 [ 1534.009790][T32517] chrdev_open+0x234/0x6a0 [ 1534.009806][T32517] ? __pfx_apparmor_file_open+0x10/0x10 [ 1534.009827][T32517] ? __pfx_chrdev_open+0x10/0x10 [ 1534.009844][T32517] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1534.009866][T32517] do_dentry_open+0x6d8/0x1660 [ 1534.009883][T32517] ? __pfx_chrdev_open+0x10/0x10 [ 1534.009904][T32517] vfs_open+0x82/0x3f0 [ 1534.009926][T32517] path_openat+0x208c/0x31a0 [ 1534.009949][T32517] ? __pfx_path_openat+0x10/0x10 [ 1534.009982][T32517] do_file_open+0x20e/0x430 [ 1534.010000][T32517] ? __pfx_do_file_open+0x10/0x10 [ 1534.010031][T32517] ? alloc_fd+0x476/0x790 [ 1534.010050][T32517] ? do_getname+0x191/0x390 [ 1534.010072][T32517] do_sys_openat2+0x10d/0x1e0 [ 1534.010093][T32517] ? __pfx_do_sys_openat2+0x10/0x10 [ 1534.010120][T32517] __x64_sys_openat+0x12d/0x210 [ 1534.010141][T32517] ? __pfx___x64_sys_openat+0x10/0x10 [ 1534.010168][T32517] do_syscall_64+0x10b/0xf80 [ 1534.010182][T32517] ? clear_bhb_loop+0x40/0x90 [ 1534.010200][T32517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1534.010220][T32517] RIP: 0033:0x7f75e779c819 [ 1534.010234][T32517] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1534.010250][T32517] RSP: 002b:00007f75e868d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1534.010266][T32517] RAX: ffffffffffffffda RBX: 00007f75e7a15fa0 RCX: 00007f75e779c819 [ 1534.010277][T32517] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1534.010287][T32517] RBP: 00007f75e7832c91 R08: 0000000000000000 R09: 0000000000000000 [ 1534.010297][T32517] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 1534.010307][T32517] R13: 00007f75e7a16038 R14: 00007f75e7a15fa0 R15: 00007ffeef778548 [ 1534.010327][T32517] [ 1536.863443][T20804] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1537.459491][T32539] Device name cannot be null; rc = [-22] [ 1539.850290][ T29] audit: type=1804 audit(2147483733.130:37): pid=32550 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.9227" name="/newroot/1245/file0" dev="tmpfs" ino=6419 res=1 errno=0 [ 1540.032827][ T29] audit: type=1804 audit(2147483733.250:38): pid=32551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.9227" name="/newroot/1245/file0" dev="tmpfs" ino=6419 res=1 errno=0 [ 1541.541372][T32558] Invalid ELF header magic: != ELF [ 1542.713336][T32570] usbip-vudc usbip-vudc.0: gadget not bound [ 1543.300572][T32572] ERROR: Out of memory at tomoyo_memory_ok. [ 1545.433288][T32599] netlink: 25 bytes leftover after parsing attributes in process `syz.2.9239'. [ 1546.145777][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1546.152118][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1546.337486][T32604] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=538976288 (1077952576 ns) > initial count (3830 ns). Using initial count to start timer. [ 1548.465673][T20804] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1550.402626][T32628] Process accounting resumed [ 1554.492557][T32691] ERROR: Out of memory at tomoyo_memory_ok. [ 1557.363636][T32716] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1557.406418][T32716] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1557.479716][T32716] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1557.514613][T32716] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1557.520575][T32716] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1558.093590][T32720] tipc: Withdrawal distribution failure [ 1558.221256][T32716] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1558.783029][T20804] Bluetooth: hci3: command 0x0406 tx timeout [ 1559.511460][T20804] Bluetooth: hci0: command 0x0c1a tx timeout [ 1559.583883][T20804] Bluetooth: hci1: command 0x0406 tx timeout [ 1560.303128][T20804] Bluetooth: hci2: command 0x0419 tx timeout [ 1560.866356][T20804] Bluetooth: hci3: command 0x0406 tx timeout [ 1561.685642][T20804] Bluetooth: hci1: command 0x0406 tx timeout [ 1565.859727][ T312] ERROR: Out of memory at tomoyo_memory_ok. [ 1566.396080][ T314] netlink: 5 bytes leftover after parsing attributes in process `syz.2.9283'. [ 1566.548924][ T314] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9283'. [ 1567.346011][ T327] netlink: 342 bytes leftover after parsing attributes in process `syz.2.9287'. [ 1569.745463][ T355] netlink: 25 bytes leftover after parsing attributes in process `syz.3.9294'. [ 1570.450170][ T364] FAULT_INJECTION: forcing a failure. [ 1570.450170][ T364] name failslab, interval 1, probability 0, space 0, times 0 [ 1570.561287][ T364] CPU: 0 UID: 0 PID: 364 Comm: syz.1.9297 Tainted: G L syzkaller #0 PREEMPT(full) [ 1570.561315][ T364] Tainted: [L]=SOFTLOCKUP [ 1570.561321][ T364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1570.561331][ T364] Call Trace: [ 1570.561338][ T364] [ 1570.561344][ T364] dump_stack_lvl+0x100/0x190 [ 1570.561373][ T364] should_fail_ex.cold+0x5/0xa [ 1570.561394][ T364] should_failslab+0xc2/0x120 [ 1570.561420][ T364] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1570.561445][ T364] ? alloc_uid+0x13d/0x4c0 [ 1570.561462][ T364] ? rcu_is_watching+0x12/0xc0 [ 1570.561490][ T364] alloc_uid+0x13d/0x4c0 [ 1570.561508][ T364] ? __pfx_alloc_uid+0x10/0x10 [ 1570.561527][ T364] ? bpf_lsm_capable+0x9/0x10 [ 1570.561543][ T364] ? security_capable+0x80/0x260 [ 1570.561564][ T364] __sys_setreuid+0x63c/0xb00 [ 1570.561583][ T364] do_syscall_64+0x10b/0xf80 [ 1570.561597][ T364] ? clear_bhb_loop+0x40/0x90 [ 1570.561616][ T364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1570.561632][ T364] RIP: 0033:0x7fbf4e59c819 [ 1570.561645][ T364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1570.561661][ T364] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 1570.561676][ T364] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1570.561686][ T364] RDX: 0000000000000000 RSI: 00000000000009d7 RDI: 0000000000000008 [ 1570.561695][ T364] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1570.561704][ T364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1570.561713][ T364] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1570.561732][ T364] [ 1572.623719][T20804] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1572.823761][ T377] netlink: 202 bytes leftover after parsing attributes in process `syz.3.9300'. [ 1573.956095][ T381] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9302'. [ 1574.163226][T20804] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 1574.523246][ T393] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9306'. [ 1574.614208][ T393] netlink: 354 bytes leftover after parsing attributes in process `syz.0.9306'. [ 1576.287493][ T409] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9310'. [ 1577.121998][ T421] ERROR: Out of memory at tomoyo_memory_ok. [ 1580.586441][ T457] Process accounting paused [ 1581.442210][ T473] netlink: 'syz.2.9325': attribute type 1 has an invalid length. [ 1581.532909][ T473] netlink: 9 bytes leftover after parsing attributes in process `syz.2.9325'. [ 1582.433899][ T480] FAULT_INJECTION: forcing a failure. [ 1582.433899][ T480] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1582.714586][ T480] CPU: 0 UID: 0 PID: 480 Comm: syz.2.9326 Tainted: G L syzkaller #0 PREEMPT(full) [ 1582.714615][ T480] Tainted: [L]=SOFTLOCKUP [ 1582.714621][ T480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1582.714631][ T480] Call Trace: [ 1582.714637][ T480] [ 1582.714644][ T480] dump_stack_lvl+0x100/0x190 [ 1582.714673][ T480] should_fail_ex.cold+0x5/0xa [ 1582.714692][ T480] ? prepare_alloc_pages+0x16d/0x5f0 [ 1582.714712][ T480] should_fail_alloc_page+0xeb/0x140 [ 1582.714730][ T480] prepare_alloc_pages+0x1f0/0x5f0 [ 1582.714751][ T480] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1582.714778][ T480] ? try_to_migrate_one+0x13fd/0x3860 [ 1582.714804][ T480] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1582.714834][ T480] ? reacquire_held_locks+0xce/0x1e0 [ 1582.714854][ T480] ? folio_lock_anon_vma_read+0x348/0xe30 [ 1582.714877][ T480] ? folio_lock_anon_vma_read+0x348/0xe30 [ 1582.714899][ T480] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1582.714916][ T480] ? policy_nodemask+0xed/0x4f0 [ 1582.714934][ T480] alloc_pages_mpol+0x1fb/0x550 [ 1582.714951][ T480] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1582.714973][ T480] folio_alloc_mpol_noprof+0x36/0x340 [ 1582.714993][ T480] alloc_migration_target_by_mpol+0x2c1/0x650 [ 1582.715015][ T480] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 1582.715035][ T480] ? __pfx___might_resched+0x10/0x10 [ 1582.715057][ T480] ? folio_get_anon_vma+0x16b/0x980 [ 1582.715080][ T480] migrate_pages_batch+0x4f2/0x4530 [ 1582.715099][ T480] ? kernel_text_address+0x20/0x100 [ 1582.715120][ T480] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 1582.715147][ T480] ? __pfx_migrate_pages_batch+0x10/0x10 [ 1582.715167][ T480] ? __pfx_stack_trace_save+0x10/0x10 [ 1582.715183][ T480] ? stack_depot_save_flags+0x27/0x9d0 [ 1582.715200][ T480] ? __split_vma+0x392/0xd90 [ 1582.715222][ T480] ? kasan_save_stack+0x3f/0x50 [ 1582.715236][ T480] ? kasan_save_stack+0x30/0x50 [ 1582.715249][ T480] ? kasan_save_track+0x14/0x30 [ 1582.715271][ T480] ? __kasan_slab_alloc+0x89/0x90 [ 1582.715286][ T480] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1582.715310][ T480] ? __mpol_dup+0x74/0x390 [ 1582.715327][ T480] ? mbind_range+0x2ad/0x550 [ 1582.715347][ T480] migrate_pages_sync+0x12c/0x880 [ 1582.715367][ T480] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 1582.715392][ T480] ? __pfx_migrate_pages_sync+0x10/0x10 [ 1582.715413][ T480] ? __lock_acquire+0x4a5/0x2630 [ 1582.715436][ T480] migrate_pages+0x1aae/0x28a0 [ 1582.715458][ T480] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 1582.715482][ T480] ? __pfx_migrate_pages+0x10/0x10 [ 1582.715502][ T480] ? find_held_lock+0x2b/0x80 [ 1582.715517][ T480] ? do_mbind+0x555/0xfd0 [ 1582.715539][ T480] ? up_write+0x290/0x4f0 [ 1582.715561][ T480] do_mbind+0x5a4/0xfd0 [ 1582.715585][ T480] ? __pfx_do_mbind+0x10/0x10 [ 1582.715603][ T480] ? ksys_write+0x190/0x250 [ 1582.715618][ T480] ? ksys_write+0x190/0x250 [ 1582.715640][ T480] ? __pfx_get_nodes+0x10/0x10 [ 1582.715659][ T480] kernel_mbind+0x1b7/0x200 [ 1582.715680][ T480] ? __pfx_kernel_mbind+0x10/0x10 [ 1582.715704][ T480] do_syscall_64+0x10b/0xf80 [ 1582.715718][ T480] ? clear_bhb_loop+0x40/0x90 [ 1582.715737][ T480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1582.715754][ T480] RIP: 0033:0x7f75e779c819 [ 1582.715768][ T480] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1582.715784][ T480] RSP: 002b:00007f75e864b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 1582.715799][ T480] RAX: ffffffffffffffda RBX: 00007f75e7a16180 RCX: 00007f75e779c819 [ 1582.715809][ T480] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 1582.715818][ T480] RBP: 00007f75e7832c91 R08: 0000002000000006 R09: 0000000000000002 [ 1582.715827][ T480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1582.715836][ T480] R13: 00007f75e7a16218 R14: 00007f75e7a16180 R15: 00007ffeef778548 [ 1582.715856][ T480] [ 1588.472432][ T530] ERROR: Out of memory at tomoyo_memory_ok. [ 1588.727566][ T534] ubi0: attaching mtd0 [ 1588.775632][ T534] ubi0: scanning is finished [ 1588.853934][ T534] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1588.903234][ T519] serio: Serial port ttyS0 [ 1589.442112][ T534] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1590.908982][ T541] random: crng reseeded on system resumption [ 1592.230179][ T550] sg_write: data in/out 262108/65454 bytes for SCSI command 0x0-- guessing data in; [ 1592.230179][ T550] program syz.3.9344 not setting count and/or reply_len properly [ 1595.918119][ T608] netlink: 9 bytes leftover after parsing attributes in process `syz.3.9356'. [ 1599.438253][ T640] netlink: 25 bytes leftover after parsing attributes in process `syz.1.9365'. [ 1599.781315][ T644] ERROR: Out of memory at tomoyo_memory_ok. [ 1603.873775][ T663] can0: slcan on ttyS2. [ 1604.176403][ T662] can0 (unregistered): slcan off ttyS2. [ 1607.590788][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1607.603052][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1609.818298][ T707] serio: Serial port ttyS0 [ 1611.155619][ T728] ERROR: Out of memory at tomoyo_memory_ok. [ 1611.448864][ T727] Process accounting resumed [ 1612.378859][ T733] netlink: zone id is out of range [ 1612.418926][ T733] netlink: zone id is out of range [ 1612.468187][ T733] netlink: zone id is out of range [ 1612.527050][ T734] netlink: zone id is out of range [ 1612.532197][ T734] netlink: zone id is out of range [ 1612.640772][ T733] netlink: zone id is out of range [ 1612.684550][ T733] netlink: zone id is out of range [ 1612.735385][ T734] netlink: zone id is out of range [ 1612.768815][ T733] netlink: zone id is out of range [ 1612.834294][ T734] netlink: zone id is out of range [ 1614.237230][ T755] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 1616.513649][ T782] vivid-007: ================= START STATUS ================= [ 1616.685014][ T782] vivid-007: Generate PTS: true [ 1616.819092][ T782] vivid-007: Generate SCR: true [ 1616.923100][ T782] tpg source WxH: 320x240 (Y'CbCr) [ 1617.088764][ T782] tpg field: 1 [ 1617.133081][ T782] tpg crop: (0,0)/320x240 [ 1617.250288][ T782] tpg compose: (0,0)/320x240 [ 1617.320202][ T782] tpg colorspace: 8 [ 1617.372322][ T782] tpg transfer function: 0/0 [ 1617.454215][ T782] tpg Y'CbCr encoding: 0/0 [ 1617.517801][ T782] tpg quantization: 0/0 [ 1617.592234][ T782] tpg RGB range: 0/2 [ 1617.666361][ T782] vivid-007: ================== END STATUS ================== [ 1618.406077][ T797] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9399'. [ 1618.985356][ T806] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 1619.253214][ T803] FAULT_INJECTION: forcing a failure. [ 1619.253214][ T803] name failslab, interval 1, probability 0, space 0, times 0 [ 1619.363218][ T803] CPU: 0 UID: 0 PID: 803 Comm: syz.0.9401 Tainted: G L syzkaller #0 PREEMPT(full) [ 1619.363247][ T803] Tainted: [L]=SOFTLOCKUP [ 1619.363253][ T803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1619.363263][ T803] Call Trace: [ 1619.363269][ T803] [ 1619.363275][ T803] dump_stack_lvl+0x100/0x190 [ 1619.363317][ T803] should_fail_ex.cold+0x5/0xa [ 1619.363337][ T803] should_failslab+0xc2/0x120 [ 1619.363355][ T803] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1619.363379][ T803] ? vm_area_dup+0x27/0x8e0 [ 1619.363402][ T803] vm_area_dup+0x27/0x8e0 [ 1619.363423][ T803] copy_vma+0x643/0xac0 [ 1619.363448][ T803] ? __pfx_copy_vma+0x10/0x10 [ 1619.363485][ T803] ? __lock_acquire+0x4a5/0x2630 [ 1619.363505][ T803] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 1619.363531][ T803] copy_vma_and_data+0x1cf/0x7c0 [ 1619.363555][ T803] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1619.363577][ T803] ? mtree_load+0x311/0xa40 [ 1619.363596][ T803] ? rcu_is_watching+0x12/0xc0 [ 1619.363639][ T803] ? percpu_counter_add_batch+0xb9/0x230 [ 1619.363668][ T803] ? __vm_enough_memory+0x184/0x390 [ 1619.363690][ T803] move_vma+0x51b/0x1890 [ 1619.363716][ T803] ? __pfx_move_vma+0x10/0x10 [ 1619.363740][ T803] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 1619.363759][ T803] ? cap_mmap_addr+0x4b/0x120 [ 1619.363777][ T803] ? bpf_lsm_mmap_addr+0x9/0x30 [ 1619.363791][ T803] ? security_mmap_addr+0x71/0x1e0 [ 1619.363806][ T803] ? __get_unmapped_area+0x255/0x3e0 [ 1619.363826][ T803] ? vrm_set_new_addr+0x204/0x290 [ 1619.363849][ T803] mremap_to+0x1b7/0x450 [ 1619.363872][ T803] do_mremap+0xd8d/0x2130 [ 1619.363895][ T803] ? futex_private_hash_put+0x107/0x1c0 [ 1619.363914][ T803] ? futex_hash_put+0x43/0x50 [ 1619.363931][ T803] ? futex_wake+0x1ad/0x530 [ 1619.363954][ T803] ? __pfx_do_mremap+0x10/0x10 [ 1619.363975][ T803] ? __pfx_futex_wake+0x10/0x10 [ 1619.363999][ T803] ? ksys_write+0x190/0x250 [ 1619.364013][ T803] ? ksys_write+0x190/0x250 [ 1619.364032][ T803] __do_sys_mremap+0x126/0x170 [ 1619.364054][ T803] ? __pfx___do_sys_mremap+0x10/0x10 [ 1619.364081][ T803] ? __x64_sys_futex+0x34f/0x4d0 [ 1619.364110][ T803] do_syscall_64+0x10b/0xf80 [ 1619.364125][ T803] ? clear_bhb_loop+0x40/0x90 [ 1619.364143][ T803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1619.364166][ T803] RIP: 0033:0x7fb541b9c819 [ 1619.364188][ T803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1619.364203][ T803] RSP: 002b:00007fb542a88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1619.364219][ T803] RAX: ffffffffffffffda RBX: 00007fb541e15fa0 RCX: 00007fb541b9c819 [ 1619.364230][ T803] RDX: 0000000000000004 RSI: 0000000020000004 RDI: 0000200000000000 [ 1619.364243][ T803] RBP: 00007fb541c32c91 R08: 0000000100000000 R09: 0000000000000000 [ 1619.364253][ T803] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1619.364262][ T803] R13: 00007fb541e16038 R14: 00007fb541e15fa0 R15: 00007fff346f1c28 [ 1619.364281][ T803] [ 1620.322945][ T818] FAULT_INJECTION: forcing a failure. [ 1620.322945][ T818] name failslab, interval 1, probability 0, space 0, times 0 [ 1620.382991][ T818] CPU: 0 UID: 0 PID: 818 Comm: syz.0.9404 Tainted: G L syzkaller #0 PREEMPT(full) [ 1620.383020][ T818] Tainted: [L]=SOFTLOCKUP [ 1620.383025][ T818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1620.383035][ T818] Call Trace: [ 1620.383041][ T818] [ 1620.383048][ T818] dump_stack_lvl+0x100/0x190 [ 1620.383076][ T818] should_fail_ex.cold+0x5/0xa [ 1620.383097][ T818] should_failslab+0xc2/0x120 [ 1620.383115][ T818] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1620.383136][ T818] ? trace_pid_list_alloc+0x2fe/0x480 [ 1620.383164][ T818] trace_pid_list_alloc+0x2fe/0x480 [ 1620.383189][ T818] trace_pid_write+0x110/0x460 [ 1620.383213][ T818] ? __pfx_trace_pid_write+0x10/0x10 [ 1620.383247][ T818] event_pid_write.isra.0+0x1e4/0x800 [ 1620.383267][ T818] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 1620.383289][ T818] vfs_write+0x2aa/0x1070 [ 1620.383306][ T818] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 1620.383324][ T818] ? __pfx_vfs_write+0x10/0x10 [ 1620.383340][ T818] ? __fget_files+0x215/0x3d0 [ 1620.383360][ T818] ? __fget_files+0x21f/0x3d0 [ 1620.383381][ T818] ksys_write+0x12a/0x250 [ 1620.383396][ T818] ? __pfx_ksys_write+0x10/0x10 [ 1620.383416][ T818] do_syscall_64+0x10b/0xf80 [ 1620.383431][ T818] ? clear_bhb_loop+0x40/0x90 [ 1620.383450][ T818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1620.383466][ T818] RIP: 0033:0x7fb541b9c819 [ 1620.383480][ T818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1620.383495][ T818] RSP: 002b:00007fb542a67028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1620.383510][ T818] RAX: ffffffffffffffda RBX: 00007fb541e16090 RCX: 00007fb541b9c819 [ 1620.383535][ T818] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1620.383551][ T818] RBP: 00007fb541c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1620.383561][ T818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1620.383570][ T818] R13: 00007fb541e16128 R14: 00007fb541e16090 R15: 00007fff346f1c28 [ 1620.383592][ T818] [ 1622.471934][ T835] ERROR: Out of memory at tomoyo_memory_ok. [ 1626.166428][ T877] netlink: 13 bytes leftover after parsing attributes in process `syz.0.9420'. [ 1627.389286][ T894] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9424'. [ 1627.481805][ T894] HfR: entered promiscuous mode [ 1627.506003][ T895] netlink: 25 bytes leftover after parsing attributes in process `syz.1.9426'. [ 1628.220896][ T913] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1628.483965][ T918] netlink: 25 bytes leftover after parsing attributes in process `syz.1.9430'. [ 1628.943023][ T879] can: request_module (can-proto-3) failed. [ 1631.956764][ T957] random: crng reseeded on system resumption [ 1633.815990][ T974] ERROR: Out of memory at tomoyo_memory_ok. [ 1637.917126][ T1029] netlink: 'syz.2.9452': attribute type 1 has an invalid length. [ 1638.008047][ T1029] netlink: 9 bytes leftover after parsing attributes in process `syz.2.9452'. [ 1638.837829][ T1023] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 1639.264401][ T1023] File: /dev/nullb0 PID: 1023 Comm: syz.1.9450 [ 1639.657848][ T1042] Invalid ELF header magic: != ELF [ 1640.294197][ T1056] random: crng reseeded on system resumption [ 1640.495845][ T1056] hub 1-0:1.0: USB hub found [ 1640.568061][ T1056] hub 1-0:1.0: 1 port detected [ 1641.765102][ T1071] binder: 1067:1071 ioctl c00c620f 2000000001c0 returned -22 [ 1642.534900][ T1075] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9462'. [ 1642.556659][ T1062] Process accounting paused [ 1642.616235][ T1075] netlink: 'syz.1.9462': attribute type 1 has an invalid length. [ 1642.739117][ T1075] netlink: 5 bytes leftover after parsing attributes in process `syz.1.9462'. [ 1644.863225][ T1102] sp0: Synchronizing with TNC [ 1645.100934][ T1103] ERROR: Out of memory at tomoyo_memory_ok. [ 1649.780844][ T1138] Invalid ELF header magic: != ELF [ 1654.412950][ T1201] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1654.419020][ T1201] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1654.913983][ T1201] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1655.232047][ T1201] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1656.458284][ T1220] ERROR: Out of memory at tomoyo_memory_ok. [ 1656.464367][T30230] Bluetooth: hci0: command 0x0c1a tx timeout [ 1656.470697][T30230] Bluetooth: hci3: command 0x0406 tx timeout [ 1656.943402][ T1221] Bluetooth: hci1: command 0x0406 tx timeout [ 1657.262972][ T1221] Bluetooth: hci2: command 0x0419 tx timeout [ 1658.923228][ T1251] Falling back ldisc for ttyS2. [ 1661.270401][ T1221] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 1663.399864][ T1300] FAULT_INJECTION: forcing a failure. [ 1663.399864][ T1300] name failslab, interval 1, probability 0, space 0, times 0 [ 1663.539178][ T1300] CPU: 0 UID: 0 PID: 1300 Comm: syz.1.9515 Tainted: G L syzkaller #0 PREEMPT(full) [ 1663.539208][ T1300] Tainted: [L]=SOFTLOCKUP [ 1663.539214][ T1300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1663.539223][ T1300] Call Trace: [ 1663.539229][ T1300] [ 1663.539237][ T1300] dump_stack_lvl+0x100/0x190 [ 1663.539267][ T1300] should_fail_ex.cold+0x5/0xa [ 1663.539288][ T1300] should_failslab+0xc2/0x120 [ 1663.539320][ T1300] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1663.539337][ T1300] ? __addrconf_sysctl_register+0xbb/0x360 [ 1663.539371][ T1300] kmemdup_noprof+0x29/0x60 [ 1663.539388][ T1300] __addrconf_sysctl_register+0xbb/0x360 [ 1663.539415][ T1300] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 1663.539443][ T1300] ? __asan_memcpy+0x3c/0x60 [ 1663.539466][ T1300] addrconf_init_net+0x5dd/0x8e0 [ 1663.539489][ T1300] ? __pfx_addrconf_init_net+0x10/0x10 [ 1663.539511][ T1300] ops_init+0x1e2/0x5f0 [ 1663.539537][ T1300] setup_net+0x118/0x3a0 [ 1663.539551][ T1300] ? __pfx_setup_net+0x10/0x10 [ 1663.539564][ T1300] ? lockdep_init_map_type+0x5c/0x250 [ 1663.539586][ T1300] ? mutex_init_lockep+0x110/0x150 [ 1663.539609][ T1300] copy_net_ns+0x46f/0x7c0 [ 1663.539627][ T1300] create_new_namespaces+0x3ea/0xac0 [ 1663.539647][ T1300] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1663.539666][ T1300] ksys_unshare+0x473/0xad0 [ 1663.539686][ T1300] ? __pfx_ksys_unshare+0x10/0x10 [ 1663.539711][ T1300] __x64_sys_unshare+0x31/0x40 [ 1663.539730][ T1300] do_syscall_64+0x10b/0xf80 [ 1663.539743][ T1300] ? clear_bhb_loop+0x40/0x90 [ 1663.539762][ T1300] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1663.539777][ T1300] RIP: 0033:0x7fbf4e59c819 [ 1663.539791][ T1300] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1663.539806][ T1300] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1663.539821][ T1300] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1663.539832][ T1300] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1663.539841][ T1300] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1663.539850][ T1300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1663.539859][ T1300] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1663.539880][ T1300] [ 1665.051702][ T1324] FAULT_INJECTION: forcing a failure. [ 1665.051702][ T1324] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1665.181740][ T1324] CPU: 0 UID: 0 PID: 1324 Comm: syz.1.9521 Tainted: G L syzkaller #0 PREEMPT(full) [ 1665.181768][ T1324] Tainted: [L]=SOFTLOCKUP [ 1665.181774][ T1324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1665.181784][ T1324] Call Trace: [ 1665.181790][ T1324] [ 1665.181797][ T1324] dump_stack_lvl+0x100/0x190 [ 1665.181826][ T1324] should_fail_ex.cold+0x5/0xa [ 1665.181846][ T1324] _copy_from_user+0x2e/0xd0 [ 1665.181871][ T1324] do_handle_open+0x60e/0xce0 [ 1665.181893][ T1324] ? __pfx_do_handle_open+0x10/0x10 [ 1665.181911][ T1324] ? __x64_sys_futex+0x34f/0x4d0 [ 1665.181934][ T1324] ? xfd_validate_state+0x129/0x190 [ 1665.181962][ T1324] ? do_syscall_64+0x10b/0xf80 [ 1665.181983][ T1324] do_syscall_64+0x10b/0xf80 [ 1665.181997][ T1324] ? clear_bhb_loop+0x40/0x90 [ 1665.182016][ T1324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1665.182033][ T1324] RIP: 0033:0x7fbf4e59c819 [ 1665.182047][ T1324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1665.182061][ T1324] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 1665.182076][ T1324] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1665.182086][ T1324] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000004 [ 1665.182095][ T1324] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1665.182104][ T1324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1665.182113][ T1324] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1665.182131][ T1324] [ 1665.735058][ T1331] netlink: 'syz.2.9524': attribute type 2 has an invalid length. [ 1666.349811][ T1329] Invalid ELF header magic: != ELF [ 1667.811404][ T1346] ERROR: Out of memory at tomoyo_memory_ok. [ 1668.124004][ T1354] random: crng reseeded on system resumption [ 1668.368209][ T1354] hub 1-0:1.0: USB hub found [ 1668.553715][ T1354] hub 1-0:1.0: 1 port detected [ 1669.035421][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1669.042424][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1671.855974][ T1378] sp0: Synchronizing with TNC [ 1674.212289][ T1389] Process accounting resumed [ 1674.526793][ T1410] random: crng reseeded on system resumption [ 1674.563572][ T1411] __vm_enough_memory: pid: 1411, comm: syz.1.9539, bytes: 4398046511104 not enough memory for the allocation [ 1675.802065][ T1423] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9550'. [ 1675.996735][ T1425] blktrace: Concurrent blktraces are not allowed on loop2 [ 1679.041845][ T1454] ERROR: Out of memory at tomoyo_memory_ok. [ 1681.145971][ T1470] netlink: 'syz.0.9556': attribute type 1 has an invalid length. [ 1681.223460][ T1470] netlink: 9 bytes leftover after parsing attributes in process `syz.0.9556'. [ 1682.461174][ T1484] sp0: Synchronizing with TNC [ 1685.774207][ T1524] random: crng reseeded on system resumption [ 1685.950778][ T1524] hub 1-0:1.0: USB hub found [ 1686.025228][ T1524] hub 1-0:1.0: 1 port detected [ 1686.585204][ T1530] netlink: 186 bytes leftover after parsing attributes in process `syz.1.9573'. [ 1686.675831][ T1530] netlink: 186 bytes leftover after parsing attributes in process `syz.1.9573'. [ 1690.368802][ T1573] ERROR: Out of memory at tomoyo_memory_ok. [ 1693.410198][ T1603] FAULT_INJECTION: forcing a failure. [ 1693.410198][ T1603] name failslab, interval 1, probability 0, space 0, times 0 [ 1693.516061][ T1603] CPU: 0 UID: 0 PID: 1603 Comm: syz.1.9588 Tainted: G L syzkaller #0 PREEMPT(full) [ 1693.516088][ T1603] Tainted: [L]=SOFTLOCKUP [ 1693.516094][ T1603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1693.516105][ T1603] Call Trace: [ 1693.516110][ T1603] [ 1693.516117][ T1603] dump_stack_lvl+0x100/0x190 [ 1693.516146][ T1603] should_fail_ex.cold+0x5/0xa [ 1693.516166][ T1603] ? __register_sysctl_table+0xbe4/0x1650 [ 1693.516183][ T1603] should_failslab+0xc2/0x120 [ 1693.516201][ T1603] __kmalloc_noprof+0xe0/0x850 [ 1693.516228][ T1603] __register_sysctl_table+0xbe4/0x1650 [ 1693.516249][ T1603] ? __pfx___register_sysctl_table+0x10/0x10 [ 1693.516267][ T1603] ? is_module_address+0x69/0xf0 [ 1693.516286][ T1603] ? register_net_sysctl_sz+0x222/0x430 [ 1693.516305][ T1603] ? __asan_memcpy+0x3c/0x60 [ 1693.516326][ T1603] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 1693.516350][ T1603] nf_lwtunnel_net_init+0x60/0xf0 [ 1693.516395][ T1603] ops_init+0x1e2/0x5f0 [ 1693.516421][ T1603] setup_net+0x118/0x3a0 [ 1693.516436][ T1603] ? __pfx_setup_net+0x10/0x10 [ 1693.516449][ T1603] ? lockdep_init_map_type+0x5c/0x250 [ 1693.516470][ T1603] ? mutex_init_lockep+0x110/0x150 [ 1693.516493][ T1603] copy_net_ns+0x46f/0x7c0 [ 1693.516511][ T1603] create_new_namespaces+0x3ea/0xac0 [ 1693.516532][ T1603] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1693.516550][ T1603] ksys_unshare+0x473/0xad0 [ 1693.516570][ T1603] ? __pfx_ksys_unshare+0x10/0x10 [ 1693.516596][ T1603] __x64_sys_unshare+0x31/0x40 [ 1693.516614][ T1603] do_syscall_64+0x10b/0xf80 [ 1693.516628][ T1603] ? clear_bhb_loop+0x40/0x90 [ 1693.516646][ T1603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1693.516661][ T1603] RIP: 0033:0x7fbf4e59c819 [ 1693.516675][ T1603] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1693.516690][ T1603] RSP: 002b:00007fbf4f516028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1693.516706][ T1603] RAX: ffffffffffffffda RBX: 00007fbf4e816090 RCX: 00007fbf4e59c819 [ 1693.516716][ T1603] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1693.516725][ T1603] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1693.516734][ T1603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1693.516743][ T1603] R13: 00007fbf4e816128 R14: 00007fbf4e816090 R15: 00007ffe9fdd5f08 [ 1693.516762][ T1603] [ 1693.516770][ T1603] sysctl could not get directory: /net -12 [ 1695.031559][ T1613] netlink: 'syz.3.9590': attribute type 1 has an invalid length. [ 1695.099739][ T1613] netlink: 9 bytes leftover after parsing attributes in process `syz.3.9590'. [ 1695.193117][ T1615] FAULT_INJECTION: forcing a failure. [ 1695.193117][ T1615] name failslab, interval 1, probability 0, space 0, times 0 [ 1695.322977][ T1615] CPU: 0 UID: 0 PID: 1615 Comm: syz.0.9591 Tainted: G L syzkaller #0 PREEMPT(full) [ 1695.323006][ T1615] Tainted: [L]=SOFTLOCKUP [ 1695.323012][ T1615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1695.323022][ T1615] Call Trace: [ 1695.323028][ T1615] [ 1695.323035][ T1615] dump_stack_lvl+0x100/0x190 [ 1695.323064][ T1615] should_fail_ex.cold+0x5/0xa [ 1695.323084][ T1615] ? __register_sysctl_table+0xac/0x1650 [ 1695.323102][ T1615] should_failslab+0xc2/0x120 [ 1695.323119][ T1615] __kmalloc_noprof+0xe0/0x850 [ 1695.323146][ T1615] __register_sysctl_table+0xac/0x1650 [ 1695.323163][ T1615] ? is_module_address+0x5f/0xf0 [ 1695.323186][ T1615] ? __pfx___register_sysctl_table+0x10/0x10 [ 1695.323215][ T1615] ? is_module_address+0x69/0xf0 [ 1695.323234][ T1615] ? register_net_sysctl_sz+0x222/0x430 [ 1695.323254][ T1615] ? __asan_memcpy+0x3c/0x60 [ 1695.323276][ T1615] nf_log_net_init+0x109/0x450 [ 1695.323294][ T1615] ? __pfx_nf_log_net_init+0x10/0x10 [ 1695.323309][ T1615] ops_init+0x1e2/0x5f0 [ 1695.323334][ T1615] setup_net+0x118/0x3a0 [ 1695.323350][ T1615] ? __pfx_setup_net+0x10/0x10 [ 1695.323364][ T1615] ? lockdep_init_map_type+0x5c/0x250 [ 1695.323385][ T1615] ? mutex_init_lockep+0x110/0x150 [ 1695.323408][ T1615] copy_net_ns+0x46f/0x7c0 [ 1695.323426][ T1615] create_new_namespaces+0x3ea/0xac0 [ 1695.323446][ T1615] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1695.323464][ T1615] ksys_unshare+0x473/0xad0 [ 1695.323484][ T1615] ? __pfx_ksys_unshare+0x10/0x10 [ 1695.323515][ T1615] __x64_sys_unshare+0x31/0x40 [ 1695.323534][ T1615] do_syscall_64+0x10b/0xf80 [ 1695.323549][ T1615] ? clear_bhb_loop+0x40/0x90 [ 1695.323568][ T1615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1695.323584][ T1615] RIP: 0033:0x7fb541b9c819 [ 1695.323598][ T1615] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1695.323613][ T1615] RSP: 002b:00007fb542a67028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1695.323628][ T1615] RAX: ffffffffffffffda RBX: 00007fb541e16090 RCX: 00007fb541b9c819 [ 1695.323639][ T1615] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1695.323648][ T1615] RBP: 00007fb541c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1695.323656][ T1615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1695.323666][ T1615] R13: 00007fb541e16128 R14: 00007fb541e16090 R15: 00007fff346f1c28 [ 1695.323686][ T1615] [ 1699.735143][ T1221] Bluetooth: hci2: unexpected subevent 0x03 length: 253 > 9 [ 1701.619840][ T1673] ERROR: Out of memory at tomoyo_memory_ok. [ 1701.835066][ T1677] QAT: Invalid ioctl 35077 [ 1702.784296][ T1221] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1703.261410][ T1685] netlink: 17 bytes leftover after parsing attributes in process `syz.1.9612'. [ 1703.424967][ T1685] netlink: 2 bytes leftover after parsing attributes in process `syz.1.9612'. [ 1703.514528][ T1684] netlink: 186 bytes leftover after parsing attributes in process `syz.3.9604'. [ 1703.597763][ T1684] netlink: 186 bytes leftover after parsing attributes in process `syz.3.9604'. [ 1703.822873][T20804] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 1705.207358][ T1702] can0: slcan on pty238. [ 1705.561826][ T1690] Process accounting paused [ 1705.577368][ T1699] can0 (unregistered): slcan off pty238. [ 1709.950558][ T1762] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1710.006076][ T1762] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1710.063189][ T1762] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1710.347603][ T1762] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1710.379249][ T1762] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1710.878878][ T29] audit: type=1807 audit(2147483904.160:39): UNKNOWN= res=0 [ 1710.960353][ T29] audit: type=1802 audit(2147483904.190:40): pid=1778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.9621" res=0 errno=0 [ 1711.138529][ T1779] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9621'. [ 1711.609026][ T1777] ima: policy update failed [ 1711.623770][ T29] audit: type=1802 audit(2147483904.910:41): pid=1777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.9621" res=0 errno=0 [ 1711.982658][T20804] Bluetooth: hci3: command 0x0406 tx timeout [ 1711.991084][ T29] audit: type=1800 audit(2147483905.270:42): pid=1783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.9623" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 1712.075655][T20804] Bluetooth: hci0: command 0x0c1a tx timeout [ 1712.382673][T20804] Bluetooth: hci1: command 0x0406 tx timeout [ 1712.462756][T20804] Bluetooth: hci2: command 0x0419 tx timeout [ 1712.925151][ T1789] ERROR: Out of memory at tomoyo_memory_ok. [ 1714.142903][T20804] Bluetooth: hci0: command 0x0c1a tx timeout [ 1716.049533][ T1825] netlink: 17 bytes leftover after parsing attributes in process `syz.0.9632'. [ 1716.143180][ T1813] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1716.278192][ T1813] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1716.319120][ T1813] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1716.451304][ T1813] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1717.663589][T20804] Bluetooth: hci3: command 0x0406 tx timeout [ 1718.223989][T20804] Bluetooth: hci0: command 0x0c1a tx timeout [ 1718.382759][T20804] Bluetooth: hci1: command 0x0406 tx timeout [ 1718.462934][T20804] Bluetooth: hci2: command 0x0419 tx timeout [ 1719.242892][ T29] audit: type=1800 audit(2147483912.520:43): pid=1846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9634" name="sr0" dev="devtmpfs" ino=2881 res=0 errno=0 [ 1724.263445][ T1881] ERROR: Out of memory at tomoyo_memory_ok. [ 1728.498151][ T1908] FAULT_INJECTION: forcing a failure. [ 1728.498151][ T1908] name failslab, interval 1, probability 0, space 0, times 0 [ 1728.686687][ T1908] CPU: 0 UID: 0 PID: 1908 Comm: syz.2.9650 Tainted: G L syzkaller #0 PREEMPT(full) [ 1728.686715][ T1908] Tainted: [L]=SOFTLOCKUP [ 1728.686721][ T1908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1728.686732][ T1908] Call Trace: [ 1728.686738][ T1908] [ 1728.686745][ T1908] dump_stack_lvl+0x100/0x190 [ 1728.686774][ T1908] should_fail_ex.cold+0x5/0xa [ 1728.686794][ T1908] should_failslab+0xc2/0x120 [ 1728.686812][ T1908] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1728.686834][ T1908] ? tomoyo_init_log+0x1a0/0x20c0 [ 1728.686854][ T1908] tomoyo_init_log+0x1a0/0x20c0 [ 1728.686869][ T1908] ? __pfx_format_decode+0x10/0x10 [ 1728.686892][ T1908] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1728.686912][ T1908] ? __pfx_tomoyo_init_log+0x10/0x10 [ 1728.686933][ T1908] tomoyo_write_log2+0x2ed/0xbc0 [ 1728.686959][ T1908] tomoyo_supervisor+0x15e/0x1340 [ 1728.686982][ T1908] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 1728.687009][ T1908] ? kasan_quarantine_put+0x104/0x240 [ 1728.687036][ T1908] ? tomoyo_check_path_acl+0x141/0x210 [ 1728.687058][ T1908] ? tomoyo_check_acl+0x1f7/0x410 [ 1728.687081][ T1908] tomoyo_path_permission+0x270/0x3b0 [ 1728.687104][ T1908] tomoyo_check_open_permission+0x37f/0x3c0 [ 1728.687128][ T1908] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1728.687157][ T1908] ? hook_file_open+0x24e/0x7a0 [ 1728.687179][ T1908] ? lock_acquire+0x1cf/0x380 [ 1728.687204][ T1908] tomoyo_file_open+0x6b/0x90 [ 1728.687223][ T1908] security_file_open+0xb5/0x1e0 [ 1728.687239][ T1908] do_dentry_open+0x5aa/0x1660 [ 1728.687261][ T1908] vfs_open+0x82/0x3f0 [ 1728.687282][ T1908] path_openat+0x208c/0x31a0 [ 1728.687305][ T1908] ? __pfx_path_openat+0x10/0x10 [ 1728.687328][ T1908] do_file_open+0x20e/0x430 [ 1728.687345][ T1908] ? __pfx_do_file_open+0x10/0x10 [ 1728.687374][ T1908] ? alloc_fd+0x476/0x790 [ 1728.687392][ T1908] ? do_getname+0x191/0x390 [ 1728.687413][ T1908] do_sys_openat2+0x10d/0x1e0 [ 1728.687433][ T1908] ? __pfx_do_sys_openat2+0x10/0x10 [ 1728.687454][ T1908] ? find_held_lock+0x2b/0x80 [ 1728.687474][ T1908] __x64_sys_openat+0x12d/0x210 [ 1728.687495][ T1908] ? __pfx___x64_sys_openat+0x10/0x10 [ 1728.687522][ T1908] do_syscall_64+0x10b/0xf80 [ 1728.687536][ T1908] ? clear_bhb_loop+0x40/0x90 [ 1728.687554][ T1908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1728.687570][ T1908] RIP: 0033:0x7f75e779c819 [ 1728.687584][ T1908] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1728.687600][ T1908] RSP: 002b:00007f75e868d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1728.687615][ T1908] RAX: ffffffffffffffda RBX: 00007f75e7a15fa0 RCX: 00007f75e779c819 [ 1728.687626][ T1908] RDX: 0000000000082002 RSI: 0000200000000480 RDI: ffffffffffffff9c [ 1728.687636][ T1908] RBP: 00007f75e7832c91 R08: 0000000000000000 R09: 0000000000000000 [ 1728.687646][ T1908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1728.687655][ T1908] R13: 00007f75e7a16038 R14: 00007f75e7a15fa0 R15: 00007ffeef778548 [ 1728.687675][ T1908] [ 1730.248319][ T1912] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1730.319268][ T1912] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1730.333231][ T1912] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1730.345275][ T1912] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1730.473117][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1730.481803][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1730.804341][ T1922] netlink: 'syz.0.9654': attribute type 1 has an invalid length. [ 1730.858672][ T1922] netlink: 9 bytes leftover after parsing attributes in process `syz.0.9654'. [ 1731.625312][ T1930] hub 1-0:1.0: USB hub found [ 1731.673905][ T1930] hub 1-0:1.0: 1 port detected [ 1732.391011][T20804] Bluetooth: hci2: command 0x0419 tx timeout [ 1732.397678][ T1221] Bluetooth: hci1: command 0x0406 tx timeout [ 1732.405353][ T1675] Bluetooth: hci0: command 0x0c1a tx timeout [ 1732.411374][ T1675] Bluetooth: hci3: command 0x0406 tx timeout [ 1735.546770][ T1979] ERROR: Out of memory at tomoyo_memory_ok. [ 1736.480892][ T1951] Process accounting resumed [ 1737.165221][ T1985] FAULT_INJECTION: forcing a failure. [ 1737.165221][ T1985] name failslab, interval 1, probability 0, space 0, times 0 [ 1737.233920][ T1985] CPU: 0 UID: 8 PID: 1985 Comm: syz.1.9667 Tainted: G L syzkaller #0 PREEMPT(full) [ 1737.233946][ T1985] Tainted: [L]=SOFTLOCKUP [ 1737.233952][ T1985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1737.233961][ T1985] Call Trace: [ 1737.233966][ T1985] [ 1737.233972][ T1985] dump_stack_lvl+0x100/0x190 [ 1737.234000][ T1985] should_fail_ex.cold+0x5/0xa [ 1737.234019][ T1985] should_failslab+0xc2/0x120 [ 1737.234037][ T1985] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1737.234060][ T1985] ? taskstats_exit+0x650/0xbd0 [ 1737.234078][ T1985] taskstats_exit+0x650/0xbd0 [ 1737.234092][ T1985] ? __pfx_acct_update_integrals+0x10/0x10 [ 1737.234108][ T1985] ? __pfx_taskstats_exit+0x10/0x10 [ 1737.234122][ T1985] ? rcu_read_lock_any_held+0x6a/0xa0 [ 1737.234138][ T1985] ? exit_signals+0x395/0xaf0 [ 1737.234156][ T1985] do_exit+0x659/0x2b60 [ 1737.234186][ T1985] ? __pfx_do_exit+0x10/0x10 [ 1737.234205][ T1985] ? do_raw_spin_lock+0x128/0x260 [ 1737.234227][ T1985] ? find_held_lock+0x2b/0x80 [ 1737.234241][ T1985] ? get_signal+0x7e0/0x21e0 [ 1737.234258][ T1985] do_group_exit+0xd5/0x2a0 [ 1737.234279][ T1985] get_signal+0x1ec7/0x21e0 [ 1737.234301][ T1985] ? __pfx_get_signal+0x10/0x10 [ 1737.234317][ T1985] ? do_futex+0x192/0x350 [ 1737.234339][ T1985] arch_do_signal_or_restart+0x91/0x770 [ 1737.234359][ T1985] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1737.234383][ T1985] ? __pfx___x64_sys_futex+0x10/0x10 [ 1737.234406][ T1985] exit_to_user_mode_loop+0x86/0x4a0 [ 1737.234428][ T1985] do_syscall_64+0x6f2/0xf80 [ 1737.234442][ T1985] ? clear_bhb_loop+0x40/0x90 [ 1737.234459][ T1985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1737.234475][ T1985] RIP: 0033:0x7fbf4e59c819 [ 1737.234488][ T1985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1737.234503][ T1985] RSP: 002b:00007fbf4f4f50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1737.234518][ T1985] RAX: fffffffffffffe00 RBX: 00007fbf4e816188 RCX: 00007fbf4e59c819 [ 1737.234528][ T1985] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbf4e816188 [ 1737.234537][ T1985] RBP: 00007fbf4e816180 R08: 0000000000000000 R09: 0000000000000000 [ 1737.234546][ T1985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1737.234555][ T1985] R13: 00007fbf4e816218 R14: 00007ffe9fdd5e20 R15: 00007ffe9fdd5f08 [ 1737.234573][ T1985] [ 1740.449658][ T1997] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1740.817974][ T2008] netlink: 25 bytes leftover after parsing attributes in process `syz.3.9672'. [ 1741.286610][ T2016] random: crng reseeded on system resumption [ 1745.070441][ T2075] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9686'. [ 1745.137208][ T2078] netlink: 25 bytes leftover after parsing attributes in process `syz.2.9686'. [ 1746.857467][ T2088] ERROR: Out of memory at tomoyo_memory_ok. [ 1747.484062][ T2099] netlink: 25 bytes leftover after parsing attributes in process `syz.0.9690'. [ 1750.063432][ T1948] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1750.623333][ T2120] usb usb3: usbfs: process 2120 (syz.3.9696) did not claim interface 0 before use [ 1754.743159][ T2174] QAT: Invalid ioctl 35077 [ 1756.703662][ T1948] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1758.215737][ T2199] ERROR: Out of memory at tomoyo_memory_ok. [ 1759.976343][ T2213] netlink: 186 bytes leftover after parsing attributes in process `syz.1.9715'. [ 1761.795367][ T29] audit: type=1807 audit(4294967300.878:44): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 1761.853575][ T2229] ima: policy update failed [ 1761.921412][ T29] audit: type=1802 audit(4294967300.878:45): pid=2228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.9719" res=0 errno=0 [ 1762.113949][ T29] audit: type=1802 audit(4294967300.988:46): pid=2229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.9719" res=0 errno=0 [ 1762.591559][ T2231] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9720'. [ 1762.696640][ T2231] netlink: 'syz.2.9720': attribute type 1 has an invalid length. [ 1762.704385][ T2231] netlink: 13 bytes leftover after parsing attributes in process `syz.2.9720'. [ 1763.140497][ T2240] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9721'. [ 1763.250142][ T2240] netlink: 'syz.3.9721': attribute type 1 has an invalid length. [ 1763.320506][ T2240] netlink: 'syz.3.9721': attribute type 6 has an invalid length. [ 1764.094638][ T2252] debugfs: '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211' [ 1765.250451][ T2266] random: crng reseeded on system resumption [ 1767.360631][ T2286] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 1767.921651][ T5181] ERROR: Out of memory at tomoyo_memory_ok. [ 1767.930554][ T2289] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9736'. [ 1768.726336][ T2277] Process accounting paused [ 1769.528112][ T2306] ERROR: Out of memory at tomoyo_memory_ok. [ 1771.480281][ T2332] program syz.3.9745 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1772.126385][ T2339] netlink: 326 bytes leftover after parsing attributes in process `syz.1.9747'. [ 1772.350779][ T2344] FAULT_INJECTION: forcing a failure. [ 1772.350779][ T2344] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1772.498015][ T2339] FAULT_INJECTION: forcing a failure. [ 1772.498015][ T2339] name failslab, interval 1, probability 0, space 0, times 0 [ 1772.712735][ T2344] CPU: 0 UID: 0 PID: 2344 Comm: syz.1.9747 Tainted: G L syzkaller #0 PREEMPT(full) [ 1772.712786][ T2344] Tainted: [L]=SOFTLOCKUP [ 1772.712798][ T2344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1772.712818][ T2344] Call Trace: [ 1772.712829][ T2344] [ 1772.712842][ T2344] dump_stack_lvl+0x100/0x190 [ 1772.712873][ T2344] should_fail_ex.cold+0x5/0xa [ 1772.712894][ T2344] core_sys_select+0x9b9/0xbb0 [ 1772.712915][ T2344] ? __pfx_core_sys_select+0x10/0x10 [ 1772.712949][ T2344] ? ktime_get_ts64+0x2d2/0x3f0 [ 1772.712968][ T2344] ? read_tsc+0x9/0x20 [ 1772.712985][ T2344] ? ktime_get_ts64+0x256/0x3f0 [ 1772.713004][ T2344] kern_select+0x20c/0x270 [ 1772.713020][ T2344] ? __pfx_kern_select+0x10/0x10 [ 1772.713042][ T2344] __x64_sys_select+0xbd/0x160 [ 1772.713057][ T2344] ? do_syscall_64+0x90/0xf80 [ 1772.713072][ T2344] ? lockdep_hardirqs_on+0x78/0x100 [ 1772.713094][ T2344] do_syscall_64+0x10b/0xf80 [ 1772.713108][ T2344] ? clear_bhb_loop+0x40/0x90 [ 1772.713127][ T2344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1772.713143][ T2344] RIP: 0033:0x7fbf4e59c819 [ 1772.713156][ T2344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1772.713171][ T2344] RSP: 002b:00007fbf4f516028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 1772.713186][ T2344] RAX: ffffffffffffffda RBX: 00007fbf4e816090 RCX: 00007fbf4e59c819 [ 1772.713196][ T2344] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 1772.713206][ T2344] RBP: 00007fbf4e632c91 R08: 00002000000001c0 R09: 0000000000000000 [ 1772.713215][ T2344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1772.713224][ T2344] R13: 00007fbf4e816128 R14: 00007fbf4e816090 R15: 00007ffe9fdd5f08 [ 1772.713243][ T2344] [ 1774.695333][ T2339] CPU: 0 UID: 0 PID: 2339 Comm: syz.1.9747 Tainted: G L syzkaller #0 PREEMPT(full) [ 1774.695362][ T2339] Tainted: [L]=SOFTLOCKUP [ 1774.695368][ T2339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1774.695378][ T2339] Call Trace: [ 1774.695384][ T2339] [ 1774.695391][ T2339] dump_stack_lvl+0x100/0x190 [ 1774.695420][ T2339] should_fail_ex.cold+0x5/0xa [ 1774.695441][ T2339] should_failslab+0xc2/0x120 [ 1774.695459][ T2339] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1774.695490][ T2339] ? call_usermodehelper_setup+0xaf/0x360 [ 1774.695518][ T2339] ? __pfx_free_modprobe_argv+0x10/0x10 [ 1774.695540][ T2339] call_usermodehelper_setup+0xaf/0x360 [ 1774.695568][ T2339] __request_module+0x3c7/0x6c0 [ 1774.695590][ T2339] ? __pfx___request_module+0x10/0x10 [ 1774.695616][ T2339] ? __get_fs_type+0x12c/0x170 [ 1774.695635][ T2339] ? __get_fs_type+0x12c/0x170 [ 1774.695659][ T2339] get_fs_type+0xd7/0x190 [ 1774.695678][ T2339] __x64_sys_fsopen+0xca/0x220 [ 1774.695700][ T2339] do_syscall_64+0x10b/0xf80 [ 1774.695714][ T2339] ? clear_bhb_loop+0x40/0x90 [ 1774.695732][ T2339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1774.695747][ T2339] RIP: 0033:0x7fbf4e59c819 [ 1774.695761][ T2339] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1774.695776][ T2339] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 1774.695791][ T2339] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1774.695801][ T2339] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1774.695810][ T2339] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1774.695819][ T2339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1774.695828][ T2339] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1774.695847][ T2339] [ 1777.775732][ T2368] kexec: Could not allocate control_code_buffer [ 1780.288634][ T2390] FAULT_INJECTION: forcing a failure. [ 1780.288634][ T2390] name failslab, interval 1, probability 0, space 0, times 0 [ 1780.538596][ T2390] CPU: 0 UID: 0 PID: 2390 Comm: syz.1.9758 Tainted: G L syzkaller #0 PREEMPT(full) [ 1780.538625][ T2390] Tainted: [L]=SOFTLOCKUP [ 1780.538631][ T2390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1780.538641][ T2390] Call Trace: [ 1780.538647][ T2390] [ 1780.538653][ T2390] dump_stack_lvl+0x100/0x190 [ 1780.538682][ T2390] should_fail_ex.cold+0x5/0xa [ 1780.538703][ T2390] should_failslab+0xc2/0x120 [ 1780.538721][ T2390] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1780.538743][ T2390] ? vm_area_dup+0x27/0x8e0 [ 1780.538763][ T2390] ? __vma_start_write+0x17f/0x280 [ 1780.538787][ T2390] vm_area_dup+0x27/0x8e0 [ 1780.538808][ T2390] dup_mmap+0x6f6/0x2180 [ 1780.538835][ T2390] ? __pfx_dup_mmap+0x10/0x10 [ 1780.538852][ T2390] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1780.538878][ T2390] ? __lock_acquire+0x4a5/0x2630 [ 1780.538904][ T2390] ? find_held_lock+0x2b/0x80 [ 1780.538919][ T2390] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 1780.538959][ T2390] copy_process+0x4875/0x7e30 [ 1780.538989][ T2390] ? __pfx_copy_process+0x10/0x10 [ 1780.539008][ T2390] ? find_held_lock+0x2b/0x80 [ 1780.539032][ T2390] kernel_clone+0xfc/0x9a0 [ 1780.539049][ T2390] ? __pfx_futex_wait+0x10/0x10 [ 1780.539073][ T2390] ? __pfx_kernel_clone+0x10/0x10 [ 1780.539102][ T2390] __do_sys_clone+0xd9/0x120 [ 1780.539120][ T2390] ? __pfx___do_sys_clone+0x10/0x10 [ 1780.539137][ T2390] ? __fget_files+0x21f/0x3d0 [ 1780.539167][ T2390] do_syscall_64+0x10b/0xf80 [ 1780.539181][ T2390] ? clear_bhb_loop+0x40/0x90 [ 1780.539199][ T2390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1780.539215][ T2390] RIP: 0033:0x7fbf4e59c819 [ 1780.539229][ T2390] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1780.539244][ T2390] RSP: 002b:00007fbf4f536fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1780.539259][ T2390] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1780.539270][ T2390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1780.539279][ T2390] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1780.539289][ T2390] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1780.539298][ T2390] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1780.539319][ T2390] [ 1781.343634][ T2433] ERROR: Out of memory at tomoyo_memory_ok. [ 1785.751866][ T2465] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9772'. [ 1785.861919][ T2465] netlink: 354 bytes leftover after parsing attributes in process `syz.2.9772'. [ 1789.289334][ T29] audit: type=1800 audit(4294967328.364:47): pid=2493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.9777" name="sr0" dev="devtmpfs" ino=2881 res=0 errno=0 [ 1791.628432][ T2507] random: crng reseeded on system resumption [ 1791.908811][ T2502] FAULT_INJECTION: forcing a failure. [ 1791.908811][ T2502] name failslab, interval 1, probability 0, space 0, times 0 [ 1791.952019][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1791.958363][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1792.078168][ T2502] CPU: 0 UID: 0 PID: 2502 Comm: syz.1.9779 Tainted: G L syzkaller #0 PREEMPT(full) [ 1792.078196][ T2502] Tainted: [L]=SOFTLOCKUP [ 1792.078202][ T2502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1792.078212][ T2502] Call Trace: [ 1792.078218][ T2502] [ 1792.078225][ T2502] dump_stack_lvl+0x100/0x190 [ 1792.078255][ T2502] should_fail_ex.cold+0x5/0xa [ 1792.078275][ T2502] should_failslab+0xc2/0x120 [ 1792.078292][ T2502] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1792.078312][ T2502] ? __io_uring_add_tctx_node+0x1ac/0x4c0 [ 1792.078335][ T2502] ? alloc_file_pseudo+0x1a5/0x230 [ 1792.078357][ T2502] __io_uring_add_tctx_node+0x1ac/0x4c0 [ 1792.078381][ T2502] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 1792.078406][ T2502] ? __anon_inode_getfile+0x17c/0x280 [ 1792.078427][ T2502] io_uring_setup.cold+0x1993/0x1c7e [ 1792.078453][ T2502] ? __pfx_io_uring_setup+0x10/0x10 [ 1792.078473][ T2502] ? __pfx_do_futex+0x10/0x10 [ 1792.078500][ T2502] ? xfd_validate_state+0x129/0x190 [ 1792.078528][ T2502] __x64_sys_io_uring_setup+0xc2/0x170 [ 1792.078546][ T2502] do_syscall_64+0x10b/0xf80 [ 1792.078560][ T2502] ? clear_bhb_loop+0x40/0x90 [ 1792.078579][ T2502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1792.078596][ T2502] RIP: 0033:0x7fbf4e59c819 [ 1792.078610][ T2502] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1792.078625][ T2502] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1792.078641][ T2502] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1792.078652][ T2502] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000084 [ 1792.078661][ T2502] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1792.078670][ T2502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1792.078679][ T2502] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1792.078699][ T2502] [ 1792.079106][ T2502] ------------[ cut here ]------------ [ 1792.285221][ T2502] !test_bit(IO_WQ_BIT_EXIT, &wq->state) [ 1792.285233][ T2502] WARNING: io_uring/io-wq.c:1396 at io_wq_put_and_exit+0x8a7/0x9d0, CPU#0: syz.1.9779/2502 [ 1792.300899][ T2502] Modules linked in: [ 1792.304807][ T2502] CPU: 0 UID: 0 PID: 2502 Comm: syz.1.9779 Tainted: G L syzkaller #0 PREEMPT(full) [ 1792.315742][ T2502] Tainted: [L]=SOFTLOCKUP [ 1792.320884][ T2502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1792.331731][ T2502] RIP: 0010:io_wq_put_and_exit+0x8a7/0x9d0 [ 1792.337544][ T2502] Code: ff e8 7d bf 17 fd 44 0f b6 74 24 78 31 ff 44 89 f6 e8 bd b9 17 fd 45 84 f6 0f 85 1a fd ff ff e9 67 fd ff ff e8 5a bf 17 fd 90 <0f> 0b 90 e9 00 f8 ff ff e8 8c 5e 83 fd e9 72 f8 ff ff 48 8b 3c 24 [ 1792.358798][ T2502] RSP: 0018:ffffc90005207b50 EFLAGS: 00010283 [ 1792.365381][ T2502] RAX: 0000000000014e76 RBX: ffff88807803c000 RCX: ffffc90005731000 [ 1792.373398][ T2502] RDX: 0000000000080000 RSI: ffffffff84f04b26 RDI: ffff88807dc89e80 [ 1792.381395][ T2502] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 1792.389440][ T2502] R10: 0000000000000000 R11: 0000000000025b48 R12: 1ffff92000a40f8c [ 1792.397433][ T2502] R13: 0000000000000000 R14: ffff88807dc8a7f0 R15: ffff888059a80c18 [ 1792.405603][ T2502] FS: 00007fbf4f5376c0(0000) GS:ffff888124332000(0000) knlGS:0000000000000000 [ 1792.415061][ T2502] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1792.421672][ T2502] CR2: 0000001b3131bff8 CR3: 00000000ae2d0000 CR4: 00000000003526f0 [ 1792.430265][ T2502] Call Trace: [ 1792.433543][ T2502] [ 1792.436456][ T2502] ? dump_stack_lvl+0x17c/0x190 [ 1792.441767][ T2502] ? __pfx_io_wq_put_and_exit+0x10/0x10 [ 1792.447718][ T2502] ? rcu_is_watching+0x12/0xc0 [ 1792.452793][ T2502] ? trace_kmalloc+0x101/0x130 [ 1792.457561][ T2502] ? __kmalloc_cache_noprof+0x298/0x6f0 [ 1792.463569][ T2502] ? __io_uring_add_tctx_node+0x1ac/0x4c0 [ 1792.469291][ T2502] __io_uring_add_tctx_node+0x3e8/0x4c0 [ 1792.475162][ T2502] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 1792.481432][ T2502] ? __anon_inode_getfile+0x17c/0x280 [ 1792.486811][ T2502] io_uring_setup.cold+0x1993/0x1c7e [ 1792.492174][ T2502] ? __pfx_io_uring_setup+0x10/0x10 [ 1792.497365][ T2502] ? __pfx_do_futex+0x10/0x10 [ 1792.502089][ T2502] ? xfd_validate_state+0x129/0x190 [ 1792.507309][ T2502] __x64_sys_io_uring_setup+0xc2/0x170 [ 1792.512797][ T2502] do_syscall_64+0x10b/0xf80 [ 1792.517376][ T2502] ? clear_bhb_loop+0x40/0x90 [ 1792.522128][ T2502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1792.528655][ T2502] RIP: 0033:0x7fbf4e59c819 [ 1792.533566][ T2502] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1792.553685][ T2502] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1792.563002][ T2502] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1792.571384][ T2502] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000084 [ 1792.579346][ T2502] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1792.587356][ T2502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1792.595357][ T2502] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1792.603361][ T2502] [ 1792.606426][ T2502] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1792.613690][ T2502] CPU: 0 UID: 0 PID: 2502 Comm: syz.1.9779 Tainted: G L syzkaller #0 PREEMPT(full) [ 1792.624524][ T2502] Tainted: [L]=SOFTLOCKUP [ 1792.628827][ T2502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1792.638878][ T2502] Call Trace: [ 1792.642143][ T2502] [ 1792.645060][ T2502] dump_stack_lvl+0x100/0x190 [ 1792.649735][ T2502] vpanic+0x552/0x970 [ 1792.653749][ T2502] ? __pfx_vpanic+0x10/0x10 [ 1792.658242][ T2502] panic+0xd1/0xe0 [ 1792.661949][ T2502] ? __pfx_panic+0x10/0x10 [ 1792.666355][ T2502] check_panic_on_warn.cold+0x19/0x34 [ 1792.671713][ T2502] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 1792.676898][ T2502] __warn.cold+0x191/0x348 [ 1792.681302][ T2502] __report_bug+0x296/0x3d0 [ 1792.685795][ T2502] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 1792.691002][ T2502] ? __pfx___report_bug+0x10/0x10 [ 1792.696016][ T2502] ? _printk+0xcf/0x110 [ 1792.700265][ T2502] ? __pfx__printk+0x10/0x10 [ 1792.704836][ T2502] ? find_held_lock+0x2b/0x80 [ 1792.709498][ T2502] ? is_bpf_text_address+0x8a/0x1a0 [ 1792.714794][ T2502] ? bpf_ksym_find+0x124/0x1c0 [ 1792.719642][ T2502] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 1792.724856][ T2502] report_bug+0xb2/0x220 [ 1792.729095][ T2502] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 1792.734311][ T2502] handle_bug+0x16a/0x2a0 [ 1792.738670][ T2502] exc_invalid_op+0x17/0x50 [ 1792.743228][ T2502] asm_exc_invalid_op+0x1a/0x20 [ 1792.748090][ T2502] RIP: 0010:io_wq_put_and_exit+0x8a7/0x9d0 [ 1792.753913][ T2502] Code: ff e8 7d bf 17 fd 44 0f b6 74 24 78 31 ff 44 89 f6 e8 bd b9 17 fd 45 84 f6 0f 85 1a fd ff ff e9 67 fd ff ff e8 5a bf 17 fd 90 <0f> 0b 90 e9 00 f8 ff ff e8 8c 5e 83 fd e9 72 f8 ff ff 48 8b 3c 24 [ 1792.773547][ T2502] RSP: 0018:ffffc90005207b50 EFLAGS: 00010283 [ 1792.779616][ T2502] RAX: 0000000000014e76 RBX: ffff88807803c000 RCX: ffffc90005731000 [ 1792.787604][ T2502] RDX: 0000000000080000 RSI: ffffffff84f04b26 RDI: ffff88807dc89e80 [ 1792.795570][ T2502] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 1792.803546][ T2502] R10: 0000000000000000 R11: 0000000000025b48 R12: 1ffff92000a40f8c [ 1792.811507][ T2502] R13: 0000000000000000 R14: ffff88807dc8a7f0 R15: ffff888059a80c18 [ 1792.819562][ T2502] ? io_wq_put_and_exit+0x8a6/0x9d0 [ 1792.824763][ T2502] ? dump_stack_lvl+0x17c/0x190 [ 1792.829607][ T2502] ? __pfx_io_wq_put_and_exit+0x10/0x10 [ 1792.835139][ T2502] ? rcu_is_watching+0x12/0xc0 [ 1792.839922][ T2502] ? trace_kmalloc+0x101/0x130 [ 1792.844688][ T2502] ? __kmalloc_cache_noprof+0x298/0x6f0 [ 1792.850234][ T2502] ? __io_uring_add_tctx_node+0x1ac/0x4c0 [ 1792.856045][ T2502] __io_uring_add_tctx_node+0x3e8/0x4c0 [ 1792.861668][ T2502] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 1792.867740][ T2502] ? __anon_inode_getfile+0x17c/0x280 [ 1792.873108][ T2502] io_uring_setup.cold+0x1993/0x1c7e [ 1792.878563][ T2502] ? __pfx_io_uring_setup+0x10/0x10 [ 1792.883776][ T2502] ? __pfx_do_futex+0x10/0x10 [ 1792.888472][ T2502] ? xfd_validate_state+0x129/0x190 [ 1792.893671][ T2502] __x64_sys_io_uring_setup+0xc2/0x170 [ 1792.899115][ T2502] do_syscall_64+0x10b/0xf80 [ 1792.903692][ T2502] ? clear_bhb_loop+0x40/0x90 [ 1792.908375][ T2502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1792.914253][ T2502] RIP: 0033:0x7fbf4e59c819 [ 1792.918664][ T2502] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1792.938255][ T2502] RSP: 002b:00007fbf4f537028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1792.946661][ T2502] RAX: ffffffffffffffda RBX: 00007fbf4e815fa0 RCX: 00007fbf4e59c819 [ 1792.954616][ T2502] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000084 [ 1792.962569][ T2502] RBP: 00007fbf4e632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1792.970543][ T2502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1792.978516][ T2502] R13: 00007fbf4e816038 R14: 00007fbf4e815fa0 R15: 00007ffe9fdd5f08 [ 1792.986481][ T2502] [ 1792.989566][ T2502] Kernel Offset: disabled [ 1792.993898][ T2502] Rebooting in 86400 seconds..