last executing test programs: 12m47.749316654s ago: executing program 1 (id=741): io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x400, 0x7) r0 = socket(0xa, 0x5, 0x84) bpf$auto(0xfffffffd, &(0x7f0000000000)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x1d30, 0x6, 0xffffffffffffffff, @relative_id=0x2, 0x47}, 0xa3) sendto$auto(r0, 0x0, 0x401, 0xffff, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 12m46.671247985s ago: executing program 1 (id=745): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ptyv0/power/runtime_suspended_time\x00', 0x224980, 0x0) socket(0x10, 0x2, 0xa) io_uring_setup$auto(0x2, 0x0) setsockopt$auto(0x5, 0x104000000000010e, 0x2, 0x0, 0x16) 12m46.514952217s ago: executing program 1 (id=746): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) vmsplice$auto(0x2, &(0x7f00000000c0)={0x0, 0x7ff}, 0x8000000000000001, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) 12m45.458078666s ago: executing program 1 (id=754): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 12m45.059969796s ago: executing program 1 (id=757): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0xe2, 0xeb1, 0x405, 0xe) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, 0x0) mprotect$auto(0x0, 0x806121, 0x6) 12m44.437677364s ago: executing program 1 (id=759): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x8800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram9/queue/write_zeroes_max_bytes\x00', 0x20400, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi2\x00', 0xa200, 0x0) ioctl$auto(r1, 0xc0585611, r1) 12m43.96041714s ago: executing program 32 (id=759): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x8800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram9/queue/write_zeroes_max_bytes\x00', 0x20400, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi2\x00', 0xa200, 0x0) ioctl$auto(r1, 0xc0585611, r1) 9m1.391992113s ago: executing program 4 (id=2330): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x40000001) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000003c0)) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = getpgid(0x0) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r0, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={r0, 0x0, 0x401, 0x5, 0x3}}}) getsockopt$auto(0xffffffffffffffff, 0x107, 0xc, 0x0, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', &(0x7f0000000000)=&(0x7f0000000200)=' ') 9m1.086223145s ago: executing program 4 (id=2336): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0xc0000100, 0x400, 0x2}]}) 9m0.281601568s ago: executing program 4 (id=2343): sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="01002dbd7000ffdbdf25200000000c00038008000200b40300001800028014000200766c616e0000000000000000000000006556e2734ce96265af1b0f78efb3dd15baa4c1c33ccc2fd6c3a5d2a9ebc1"], 0x38}, 0x1, 0x0, 0x0, 0x4000844}, 0x4) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="000326bd7000fcdbdf2503000000790008805b4f2525b2dc3a73ec37e7122e6f0d55382854d419b883b7ed64bd3c7b9fb15273e787030718751e0a22cc6cabcae114aa6448d0356183e1ca7c01536c5c6f37915b26a3e75515ab02807fe932b8a415a581dcdc7800f91e231c001d800400d3800c002000f3000000002b3c0c7e9b"], 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x42) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 9m0.133470365s ago: executing program 4 (id=2346): openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd9\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) read$auto_ptdump_curusr_fops_(r0, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0) 8m59.100806024s ago: executing program 4 (id=2355): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 8m58.734896992s ago: executing program 4 (id=2357): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x801, 0x84) socket(0x2, 0x1, 0x0) socket(0x1, 0x2, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x0) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) 8m43.313264579s ago: executing program 33 (id=2357): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x801, 0x84) socket(0x2, 0x1, 0x0) socket(0x1, 0x2, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x0) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) 8m43.268572717s ago: executing program 0 (id=2412): mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) io_uring_setup$auto(0x89, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r1, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f00000009c0)={0x38, r2, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x20, 0x1, 0x0, 0x1, [@nested={0x1c, 0x2f, 0x0, 0x1, [@typed={0x14, 0x42, 0x0, 0x0, @ipv6=@local}, @nested={0x4, 0xf7}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40c4}, 0xc000) 8m42.632191749s ago: executing program 0 (id=2409): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r0, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x88c00, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_PAUSE2(r1, 0x40044145, 0x0) 8m41.783269572s ago: executing program 0 (id=2415): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x3ff, 0x2, 0x9, 0x10001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x8], {0x9, 0x4, 0x8, 0x0, 0x420, 0x1001, 0x3fdc, 0x3, 0x5}, {0xa, 0x140, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0x100000001}}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 8m41.617630274s ago: executing program 0 (id=2417): close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001180), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x48002, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x2, 0x179, [{0x40000004, 0x400, 0x9}]}) 8m41.209477742s ago: executing program 0 (id=2419): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 8m41.02751761s ago: executing program 0 (id=2420): write$auto(0xffffffffffffffff, &(0x7f0000000000)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x272) r0 = openat$auto_proc_sessionid_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/sessionid\x00', 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) r1 = prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) syz_clone3(&(0x7f0000000600)={0x100000, 0x0, 0x0, 0x0, {0x26}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) preadv$auto(r0, &(0x7f0000000080)={&(0x7f00000001c0)="2c7b3f88de5f52cadd24af51a01dd967088660c2e6d30c767c5ec003083dd1bcad249259ec2fd6e8632694c0a719fddf23821e32d3d91e0cb9d5476ffe"}, 0x9, 0x1, 0x9) read$auto_proc_sessionid_operations_base(r0, &(0x7f0000000100)=""/192, 0xc0) 8m36.727109866s ago: executing program 2 (id=2429): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0xc0000101, 0x400, 0xb1b}]}) 8m36.312438181s ago: executing program 2 (id=2423): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) r0 = socket(0x1e, 0x4, 0x0) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0x4, 0x0, 0x16, 0x2000000001001, 0xfffffffffffffffd, 0xf, 0x9, 0xb, 0x1, 0x7ff, 0x2e3, 0x5, 0x4, 0x1, 0x7fffffff]}, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) 8m36.027740126s ago: executing program 2 (id=2425): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB="0c001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 8m35.872462833s ago: executing program 2 (id=2426): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f00000000c0)={0x2, 0x0, [{0xce, 0x3, 0x6}]}) 8m35.59663566s ago: executing program 2 (id=2428): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 8m35.457501224s ago: executing program 2 (id=2432): close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x40000001, 0x400, 0x9}]}) 8m26.002932138s ago: executing program 34 (id=2420): write$auto(0xffffffffffffffff, &(0x7f0000000000)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x272) r0 = openat$auto_proc_sessionid_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/sessionid\x00', 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) r1 = prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) syz_clone3(&(0x7f0000000600)={0x100000, 0x0, 0x0, 0x0, {0x26}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) preadv$auto(r0, &(0x7f0000000080)={&(0x7f00000001c0)="2c7b3f88de5f52cadd24af51a01dd967088660c2e6d30c767c5ec003083dd1bcad249259ec2fd6e8632694c0a719fddf23821e32d3d91e0cb9d5476ffe"}, 0x9, 0x1, 0x9) read$auto_proc_sessionid_operations_base(r0, &(0x7f0000000100)=""/192, 0xc0) 8m20.26589364s ago: executing program 35 (id=2432): close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x40000001, 0x400, 0x9}]}) 11.129052616s ago: executing program 5 (id=4742): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r0, 0x0, 0x400c810) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0) read$auto(r1, 0x0, 0x7ff) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) write$auto(0x3, 0x0, 0x5c8) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r2, 0x0, 0xc08) write$auto(0x3, 0x0, 0x5c8) 9.82066321s ago: executing program 5 (id=4746): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000080), 0x6b) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x18, 0x5, 0x0) socket(0xa, 0x2, 0x73) socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x9, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000080), 0x6b) close_range$auto(0x2, 0x8, 0x0) 9.11120067s ago: executing program 5 (id=4750): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlockall$auto(0x7) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x2003f0, 0x15) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0) unshare$auto(0x9) ioctl$auto(r0, 0x40046207, 0x9) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy0/aqm\x00', 0x82, 0x0) preadv$auto(r0, &(0x7f0000000200)={&(0x7f00000002c0)="19ddae008caa9d3405ea9578e63699b846fe711634f8a29491e87ec0d1dab9e461d764d96a5a76379f237a2c428fb25a47b32d244a5cc6b23691ffca7dc1039a7c76b977c822203b7dc4aed420b9b7318b19f4b0845c25893e748b2edf5460c7b3c47d9d183e684978889ecf3cf45d40d2db08ad03cd4e7139fd98e6f4ce39fb28075e7c08420230a94e53b7af7b4148034160869389462399f4f1147b3685ea2bfc4f24b16cdb8aa1d202e1464ddf67b63cf34e9bfd3dde3b6a8a90e4574b3cbf4181fafba7bbcd2cc30a63c07c55945974c127540a89cf3cfb10a25a8023be86dd30e84ed6", 0x9}, 0x5, 0x56ab, 0x100003) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x40, 0x0) read$auto(0x3, 0x0, 0x80) 6.397432783s ago: executing program 6 (id=4758): mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/018/001\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/memory.kmem.tcp.limit_in_bytes\x00', 0xc2481, 0x0) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_score_adj\x00', 0xc0401, 0x0) socket(0x2, 0x5, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) semctl$auto(0x204, 0xfffffffe, 0x3, 0x4) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x1cb802, 0x0) write$auto(r0, 0x0, 0xc3) 6.191258021s ago: executing program 6 (id=4760): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000000340)="2a3f9218659200008a677517d554c80b25c30000000000000071dde0152c549d44cf790bd304059e64ec347e9b173c52324e7de19a503727fe47d78e0bc2c5590e61b5d86887240d03bca3460f12f2107274ade4e6e53a728e346cef781b623364989314a43e5fd9e20e24417d6b21117b3308557a7b2aa2cb541dea5cb3b6a521b869ac5ff14cb52c4487dd3a3f4a81ff5957aa1109af5a3a1ce466381cc21fea0c67d8a165f29a6b9537b178bfdd013443481ba707ba4632e0478b951e619775f83f13b36d6426", 0xc8) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) futex$auto(0x0, 0xfff, 0x5, 0x0, 0x0, 0x802) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000004c0), r3) sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000140)={0x20, r4, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_PAUSE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40080}, 0x0) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x2, 0x8000) r5 = getpgid$auto(0x0) getpriority$auto_PRIO_PGRP(0x1, r5) waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000140)={@_si_pad}, 0xfffffff4, &(0x7f00000001c0)={{0x8000, 0x8000000000000000}, {0xd976, 0x8}, 0x8, 0x4b, 0xffffffff7fffffff, 0x5, 0xa23, 0x3, 0x2, 0x5, 0x9, 0x3fd, 0x5, 0x6, 0x3, 0x7fffffffffffffff}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f00000000c0)={@raw=0x1, 0x101, 0x1, 0x9, "67afe370f4bae724f1374a54fd08d63d84ccd376c20810e1d018a9c09c2a9c7bb5cde71dc329c0d4e919922f"}) ioctl$auto(0x3, 0x402c542b, 0x38) 5.97568654s ago: executing program 3 (id=4761): openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48403, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0) write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x1e, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb02, 0x0) mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0x2, 0x7ffe) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x5ed900, 0x0) 5.9620614s ago: executing program 6 (id=4762): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x14) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x40, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4010}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) 5.650355484s ago: executing program 6 (id=4764): openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x1, 0x100) r2 = eventfd2$auto(0x6af3, 0x800) r3 = socket(0xa, 0x2, 0x0) setsockopt$auto(r3, 0x29, 0x11, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) r4 = socket(0x2, 0x800, 0x4) bpf$auto_BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000280)=@link_update={r4, @new_map_fd=r0, 0x3, @old_prog_fd=r1}, 0x1) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) pipe2$auto(&(0x7f0000000040)=r2, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) unshare$auto(0x40000080) bpf$auto(0x0, &(0x7f0000000580)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x0, 0xf, 0xffffffffffffffff, 0x1400000, 0x5}, 0x6f4) 5.470759743s ago: executing program 7 (id=4765): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0x0) prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff) setresuid$auto(0x8, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/saved_tgids\x00', 0x0, 0x0) close_range$auto(0x0, 0x5, 0x0) inotify_init1$auto(0x3000000000000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x2c, 0x940, 0x7ff, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400]}, 0x1fe, 0x7) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) pipe$auto(0x0) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x4, 0x0, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) 4.251629862s ago: executing program 5 (id=4766): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r0 = socket(0x22, 0x2, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x129000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) fstat$auto(r0, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) 4.018800369s ago: executing program 7 (id=4767): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x10, 0x3, 0x6) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) 3.727174298s ago: executing program 7 (id=4768): openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x141000, 0x0) open(0x0, 0x4242, 0xe1d2b27bdc14aabc) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0) prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xc0500, 0x0) setreuid$auto(0x0, 0x5) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/oom_adj\x00', 0x142, 0x0) read$auto(r0, 0x0, 0x4) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x9) unshare$auto(0x8000000) 3.574079968s ago: executing program 6 (id=4769): mmap$auto(0xfffffffffffffff8, 0x400028, 0xdf, 0x9b72, 0xffffffffffffffff, 0x3) membarrier$auto(0x2, 0x0, 0x1) prctl$auto(0x7f, 0x1, 0x0, 0xffffffffffffff80, 0xb) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000000a) read$auto(0xffffffffffffffff, 0x0, 0xa) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40800) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) ioctl$auto(0xffffffffffffffff, 0x4b67, r0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x0, 0x0) ioctl$auto(0xffffffffffffffff, 0xe, 0xffffffffffffffff) read$auto(r1, 0x0, 0x4) write$auto(r0, 0x0, 0xf9ef) 2.885490049s ago: executing program 3 (id=4770): mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x80002, 0x73) r1 = socket(0x10, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)={0x14, 0x0, 0x1, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8080}, 0x20000045) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x1b54}, 0x1, 0x0, 0x0, 0x4000004}, 0x5) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) recvmmsg$auto(r2, &(0x7f0000000180)={{0x0, 0x8, 0x0, 0x1, 0x0, 0x1000002, 0x8}, 0x800}, 0x4000005, 0x8, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) sendmmsg$auto(0x3, 0x0, 0x3, 0x2) 2.52173462s ago: executing program 3 (id=4771): r0 = socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, r0, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) mlock$auto(0x401, 0x439) sendmmsg$auto(0x3, 0x0, 0x40, 0x100) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, 0x0, 0x2008011) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x3c, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84}, 0x1fe, 0xd) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xfff, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x204}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x1}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x6}, @HSR_A_IF2_AGE={0x8, 0x4, 0x3}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.346117637s ago: executing program 6 (id=4772): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x20005, 0x4000000000dd, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto_BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) close_range$auto(0x0, 0x5, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000080)={0xffffffffffffffff}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) 2.230530071s ago: executing program 3 (id=4773): openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0x11, 0x3, 0x9) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0) socket(0xa, 0x2, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x2000c082) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 2.203223421s ago: executing program 5 (id=4774): pread64$auto(0xffffffffffffffff, 0x0, 0x800, 0x7ff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0) mincore$auto(0x8, 0x9, &(0x7f0000000040)='/dev/snd/pcmC1D1p\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r0, 0x104000000000010e, 0x4, 0x0, 0x2) r1 = socket(0x2, 0x1, 0x106) r2 = memfd_create$auto(&(0x7f00000008c0)='/sys/kernel/debug/x86/boot_params/data\x00', 0x0) r3 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) sendfile$auto(r3, r3, 0x0, 0x1) fallocate$auto(r2, 0x401, 0x9, 0x2000000004cbd5d) fallocate$auto(0x8000000000000003, 0x3, 0xa, 0x200000002) getsockopt$auto_SO_SNDLOWAT(r1, 0x3a9, 0x13, 0x0, &(0x7f0000000100)=0x9) ioctl$auto_SNDRV_PCM_IOCTL_PREPARE(r2, 0x4140, 0x0) rmdir$auto(&(0x7f0000000080)='./cgroup/../file0\x00') 2.175113511s ago: executing program 7 (id=4775): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmsg$auto_SMC_NETLINK_ENABLE_HS_LIMITATION(0xffffffffffffffff, 0x0, 0x20048804) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, 0x0, 0x181002, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/jfs/loglevel\x00', 0xc0000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000180)=""/107, 0x6b) pidfd_open$auto(0x1, 0x0) socket(0xa, 0x1, 0x0) socket(0x2, 0x800, 0x84) listen$auto(0x3, 0x81) 1.84416211s ago: executing program 3 (id=4776): mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x7fb, 0xa70, 0x10000003, 0x17, 0xfffffffffffffffa, 0x8004) mmap$auto(0x7, 0x40009, 0xb41, 0x9b72, 0xffffffffffffffff, 0x28000) socketpair$auto(0x40000000, 0x202, 0x40, 0x0) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) setrlimit$auto(0x7, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0) mmap$auto(0x0, 0xfff, 0x8000000000df, 0x9b72, 0x400, 0x28000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80000, 0x0) 921.033587ms ago: executing program 5 (id=4777): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) recvmmsg$auto(0x3, 0x0, 0x10000, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x3c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x4}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0xffff}, @NFSD_A_SERVER_GRACETIME={0x8}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x6}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x1ff}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4002000}, 0x40040) prctl$auto_PR_SCHED_CORE_CREATE(0x8, 0x1, 0x0, 0x2, 0x3) setuid$auto(0xe) ioctl$auto(0x3, 0x800005411, 0x38) 681.69982ms ago: executing program 7 (id=4778): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto(0x3, 0xae41, r1) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyu3\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ubifs_dir_operations_ubifs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/power\x00', 0x400, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r2, r2, 0x0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video31\x00', 0x180, 0x0) ioctl$auto(r3, 0xc0585611, r3) 316.07927ms ago: executing program 7 (id=4779): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) syz_open_procfs$namespace(0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) getrusage$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mlockall$auto(0x7) mmap$auto(0x0, 0x5, 0x1, 0x40eb2, 0x3ff, 0x300000000000) bpf$auto(0x5, 0x0, 0x4a) shutdown$auto(0x200000003, 0x2) 0s ago: executing program 3 (id=4780): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x669400, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0p/sub3/xrun_injection\x00', 0x8a180, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/batadv_slave_0/proxy_ndp\x00', 0x382, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0) ioctl$auto(0x3, 0x80106f53, r0) kernel console output (not intermixed with test programs): full) [ 786.920923][T17939] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 786.920938][T17939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 786.920958][T17939] Call Trace: [ 786.920969][T17939] [ 786.920982][T17939] dump_stack_lvl+0x16c/0x1f0 [ 786.921034][T17939] should_fail_ex+0x512/0x640 [ 786.921090][T17939] should_fail_alloc_page+0xe7/0x130 [ 786.921139][T17939] prepare_alloc_pages+0x3c2/0x610 [ 786.921192][T17939] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 786.921239][T17939] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 786.921285][T17939] ? arch_stack_walk+0xa6/0x100 [ 786.921340][T17939] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 786.921379][T17939] ? stack_trace_save+0x8e/0xc0 [ 786.921441][T17939] ? fb_var_to_videomode+0x4c9/0x690 [ 786.921497][T17939] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 786.921551][T17939] ? policy_nodemask+0xea/0x4e0 [ 786.921599][T17939] alloc_pages_mpol+0x1fb/0x550 [ 786.921646][T17939] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 786.921693][T17939] ? lockdep_hardirqs_on+0x7c/0x110 [ 786.921743][T17939] ? vc_allocate+0x489/0x880 [ 786.921785][T17939] ___kmalloc_large_node+0xed/0x160 [ 786.921835][T17939] ? con_is_visible+0x65/0x150 [ 786.921873][T17939] ? vc_allocate+0x489/0x880 [ 786.921915][T17939] __kmalloc_large_node_noprof+0x1c/0x70 [ 786.921974][T17939] __kmalloc_noprof.cold+0xc/0x61 [ 786.922035][T17939] vc_allocate+0x489/0x880 [ 786.922081][T17939] ? __pfx_vc_allocate+0x10/0x10 [ 786.922140][T17939] con_install+0xa1/0x600 [ 786.922190][T17939] ? __pfx_con_install+0x10/0x10 [ 786.922242][T17939] ? __pfx_con_install+0x10/0x10 [ 786.922289][T17939] tty_init_dev.part.0+0x99/0x500 [ 786.922355][T17939] tty_open+0xa50/0xf90 [ 786.922414][T17939] ? __pfx_tty_open+0x10/0x10 [ 786.922462][T17939] ? chrdev_open+0x10b/0x6a0 [ 786.922526][T17939] ? __pfx_tty_open+0x10/0x10 [ 786.922574][T17939] chrdev_open+0x231/0x6a0 [ 786.922617][T17939] ? __pfx_apparmor_file_open+0x10/0x10 [ 786.922656][T17939] ? __pfx_chrdev_open+0x10/0x10 [ 786.922703][T17939] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 786.922750][T17939] do_dentry_open+0x97f/0x1530 [ 786.922793][T17939] ? __pfx_chrdev_open+0x10/0x10 [ 786.922847][T17939] vfs_open+0x82/0x3f0 [ 786.922902][T17939] path_openat+0x1de4/0x2cb0 [ 786.922964][T17939] ? __pfx_path_openat+0x10/0x10 [ 786.923018][T17939] do_filp_open+0x20b/0x470 [ 786.923060][T17939] ? __pfx_do_filp_open+0x10/0x10 [ 786.923134][T17939] ? alloc_fd+0x471/0x7d0 [ 786.923184][T17939] do_sys_openat2+0x11b/0x1d0 [ 786.923238][T17939] ? __pfx_do_sys_openat2+0x10/0x10 [ 786.923309][T17939] __x64_sys_openat+0x174/0x210 [ 786.923364][T17939] ? __pfx___x64_sys_openat+0x10/0x10 [ 786.923436][T17939] do_syscall_64+0xcd/0x490 [ 786.923500][T17939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 786.923537][T17939] RIP: 0033:0x7f5105d8ebe9 [ 786.923564][T17939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 786.923599][T17939] RSP: 002b:00007f5106c50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 786.923632][T17939] RAX: ffffffffffffffda RBX: 00007f5105fc6090 RCX: 00007f5105d8ebe9 [ 786.923655][T17939] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 786.923679][T17939] RBP: 00007f5105e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 786.923700][T17939] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 786.923721][T17939] R13: 00007f5105fc6128 R14: 00007f5105fc6090 R15: 00007ffd0d33c3b8 [ 786.923767][T17939] [ 786.976891][T17948] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries [ 787.386036][T17955] netlink: 62 bytes leftover after parsing attributes in process `syz.6.4055'. [ 788.412740][T17945] tty tty12: ldisc open failed (-12), clearing slot 11 [ 788.996050][T17977] netlink: 330 bytes leftover after parsing attributes in process `syz.5.4063'. [ 789.023321][T17980] netlink: 330 bytes leftover after parsing attributes in process `syz.7.4062'. [ 789.034828][T17980] : renamed from bond0 (while UP) [ 789.214455][T17985] random: crng reseeded on system resumption [ 790.108149][T18004] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries [ 790.175791][T18008] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries [ 790.220687][T18011] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries [ 790.238811][T18009] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:3: corrupted xattr entries [ 790.371355][T18013] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 790.390454][T18016] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries [ 790.614352][T18021] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries [ 790.654420][T18023] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries [ 790.688254][T18020] zswap: compressor not available [ 791.040015][T18017] FAULT_INJECTION: forcing a failure. [ 791.040015][T18017] name fail_page_alloc, interval 1, probability 0, space 0, times 393176 [ 791.040076][T18017] CPU: 0 UID: 0 PID: 18017 Comm: syz.5.4072 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 791.040145][T18017] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 791.040163][T18017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 791.040183][T18017] Call Trace: [ 791.040195][T18017] [ 791.040208][T18017] dump_stack_lvl+0x16c/0x1f0 [ 791.040260][T18017] should_fail_ex+0x512/0x640 [ 791.040315][T18017] should_fail_alloc_page+0xe7/0x130 [ 791.040365][T18017] prepare_alloc_pages+0x3c2/0x610 [ 791.040415][T18017] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 791.040463][T18017] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 791.040509][T18017] ? arch_stack_walk+0xa6/0x100 [ 791.040563][T18017] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 791.040603][T18017] ? stack_trace_save+0x8e/0xc0 [ 791.040665][T18017] ? fb_var_to_videomode+0x4c9/0x690 [ 791.040713][T18017] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 791.040767][T18017] ? policy_nodemask+0xea/0x4e0 [ 791.040816][T18017] alloc_pages_mpol+0x1fb/0x550 [ 791.040862][T18017] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 791.040908][T18017] ? lockdep_hardirqs_on+0x7c/0x110 [ 791.040961][T18017] ? vc_allocate+0x489/0x880 [ 791.041002][T18017] ___kmalloc_large_node+0xed/0x160 [ 791.041053][T18017] ? con_is_visible+0x65/0x150 [ 791.041090][T18017] ? vc_allocate+0x489/0x880 [ 791.041137][T18017] __kmalloc_large_node_noprof+0x1c/0x70 [ 791.041196][T18017] __kmalloc_noprof.cold+0xc/0x61 [ 791.041259][T18017] vc_allocate+0x489/0x880 [ 791.041303][T18017] ? __pfx_vc_allocate+0x10/0x10 [ 791.041360][T18017] con_install+0xa1/0x600 [ 791.041408][T18017] ? __pfx_con_install+0x10/0x10 [ 791.041461][T18017] ? __pfx_con_install+0x10/0x10 [ 791.041509][T18017] tty_init_dev.part.0+0x99/0x500 [ 791.041561][T18017] tty_open+0xa50/0xf90 [ 791.041618][T18017] ? __pfx_tty_open+0x10/0x10 [ 791.041666][T18017] ? chrdev_open+0x10b/0x6a0 [ 791.041716][T18017] ? __pfx_tty_open+0x10/0x10 [ 791.041764][T18017] chrdev_open+0x231/0x6a0 [ 791.041806][T18017] ? __pfx_apparmor_file_open+0x10/0x10 [ 791.041845][T18017] ? __pfx_chrdev_open+0x10/0x10 [ 791.041891][T18017] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 791.041939][T18017] do_dentry_open+0x97f/0x1530 [ 791.041981][T18017] ? __pfx_chrdev_open+0x10/0x10 [ 791.042034][T18017] vfs_open+0x82/0x3f0 [ 791.042090][T18017] path_openat+0x1de4/0x2cb0 [ 791.042151][T18017] ? __pfx_path_openat+0x10/0x10 [ 791.042205][T18017] do_filp_open+0x20b/0x470 [ 791.042247][T18017] ? __pfx_do_filp_open+0x10/0x10 [ 791.042320][T18017] ? alloc_fd+0x471/0x7d0 [ 791.042369][T18017] do_sys_openat2+0x11b/0x1d0 [ 791.042420][T18017] ? __pfx_do_sys_openat2+0x10/0x10 [ 791.042490][T18017] __x64_sys_openat+0x174/0x210 [ 791.042544][T18017] ? __pfx___x64_sys_openat+0x10/0x10 [ 791.042615][T18017] do_syscall_64+0xcd/0x490 [ 791.042664][T18017] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 791.042698][T18017] RIP: 0033:0x7f5105d8ebe9 [ 791.042725][T18017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 791.042760][T18017] RSP: 002b:00007f5106c71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 791.042793][T18017] RAX: ffffffffffffffda RBX: 00007f5105fc5fa0 RCX: 00007f5105d8ebe9 [ 791.042816][T18017] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 791.042838][T18017] RBP: 00007f5105e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 791.042859][T18017] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 791.042879][T18017] R13: 00007f5105fc6038 R14: 00007f5105fc5fa0 R15: 00007ffd0d33c3b8 [ 791.042923][T18017] [ 792.448127][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1407 with max blocks 27 with error 117 [ 792.448324][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 792.448324][ T13] [ 793.301133][T18061] FAULT_INJECTION: forcing a failure. [ 793.301133][T18061] name failslab, interval 1, probability 0, space 0, times 0 [ 793.314243][T18061] CPU: 1 UID: 0 PID: 18061 Comm: syz.5.4081 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 793.314304][T18061] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 793.314321][T18061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 793.314342][T18061] Call Trace: [ 793.314355][T18061] [ 793.314369][T18061] dump_stack_lvl+0x16c/0x1f0 [ 793.314422][T18061] should_fail_ex+0x512/0x640 [ 793.314473][T18061] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 793.314521][T18061] should_failslab+0xc2/0x120 [ 793.314569][T18061] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 793.314611][T18061] ? acpi_ut_allocate_owner_id+0x2d6/0x3a0 [ 793.314646][T18061] ? acpi_ps_alloc_op+0xf1/0x310 [ 793.314700][T18061] acpi_ps_alloc_op+0xf1/0x310 [ 793.314751][T18061] acpi_ps_create_scope_op+0x1a/0x70 [ 793.314799][T18061] acpi_ps_execute_method+0x1b1/0xb30 [ 793.314869][T18061] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 793.314929][T18061] acpi_ns_evaluate+0x76c/0xca0 [ 793.314982][T18061] ? kasan_save_track+0x14/0x30 [ 793.315027][T18061] acpi_evaluate_object+0x1fa/0xa90 [ 793.315073][T18061] ? do_syscall_64+0xcd/0x490 [ 793.315120][T18061] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.315158][T18061] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 793.315201][T18061] ? __mutex_trylock_common+0xe9/0x250 [ 793.315257][T18061] acpi_evaluate_integer+0xdd/0x200 [ 793.315293][T18061] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 793.315349][T18061] ? __pfx_status_show+0x10/0x10 [ 793.315390][T18061] status_show+0xa0/0x120 [ 793.315433][T18061] ? __pfx_status_show+0x10/0x10 [ 793.315487][T18061] dev_attr_show+0x53/0xe0 [ 793.315544][T18061] ? __pfx_dev_attr_show+0x10/0x10 [ 793.315595][T18061] sysfs_kf_seq_show+0x213/0x3e0 [ 793.315644][T18061] seq_read_iter+0x506/0x12c0 [ 793.315681][T18061] ? __mutex_trylock_common+0xe9/0x250 [ 793.315743][T18061] kernfs_fop_read_iter+0x40f/0x5a0 [ 793.315776][T18061] ? rw_verify_area+0xcf/0x6c0 [ 793.315816][T18061] vfs_read+0x8bf/0xcf0 [ 793.315870][T18061] ? __pfx___mutex_lock+0x10/0x10 [ 793.315921][T18061] ? __pfx_vfs_read+0x10/0x10 [ 793.315991][T18061] ksys_read+0x12a/0x250 [ 793.316031][T18061] ? __pfx_ksys_read+0x10/0x10 [ 793.316084][T18061] do_syscall_64+0xcd/0x490 [ 793.316135][T18061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.316171][T18061] RIP: 0033:0x7f5105d8ebe9 [ 793.316199][T18061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 793.316244][T18061] RSP: 002b:00007f5106c50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 793.316278][T18061] RAX: ffffffffffffffda RBX: 00007f5105fc6090 RCX: 00007f5105d8ebe9 [ 793.316302][T18061] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000004 [ 793.316324][T18061] RBP: 00007f5105e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 793.316347][T18061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 793.316368][T18061] R13: 00007f5105fc6128 R14: 00007f5105fc6090 R15: 00007ffd0d33c3b8 [ 793.316417][T18061] [ 794.816630][T18081] FAULT_INJECTION: forcing a failure. [ 794.816630][T18081] name failslab, interval 1, probability 0, space 0, times 0 [ 794.816684][T18081] CPU: 0 UID: 0 PID: 18081 Comm: syz.5.4091 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 794.816736][T18081] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 794.816752][T18081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 794.816780][T18081] Call Trace: [ 794.816793][T18081] [ 794.816806][T18081] dump_stack_lvl+0x16c/0x1f0 [ 794.816857][T18081] should_fail_ex+0x512/0x640 [ 794.816905][T18081] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 794.816944][T18081] should_failslab+0xc2/0x120 [ 794.816988][T18081] __kmalloc_cache_noprof+0x6a/0x3e0 [ 794.817023][T18081] ? device_create_groups_vargs+0x8a/0x270 [ 794.817064][T18081] device_create_groups_vargs+0x8a/0x270 [ 794.817103][T18081] device_create+0xed/0x130 [ 794.817135][T18081] ? __pfx_device_create+0x10/0x10 [ 794.817164][T18081] ? do_raw_spin_lock+0x12c/0x2b0 [ 794.817217][T18081] ? is_console_locked+0x9/0x20 [ 794.817254][T18081] ? con_is_visible+0x65/0x150 [ 794.817286][T18081] ? csi_J+0x54a/0xad0 [ 794.817334][T18081] vcs_make_sysfs+0x32/0x80 [ 794.817375][T18081] vc_allocate+0x501/0x880 [ 794.817421][T18081] ? __pfx_vc_allocate+0x10/0x10 [ 794.817476][T18081] con_install+0xa1/0x600 [ 794.817522][T18081] ? __pfx_con_install+0x10/0x10 [ 794.817570][T18081] ? __pfx_con_install+0x10/0x10 [ 794.817618][T18081] tty_init_dev.part.0+0x99/0x500 [ 794.817670][T18081] tty_open+0xa50/0xf90 [ 794.817726][T18081] ? __pfx_tty_open+0x10/0x10 [ 794.817787][T18081] ? chrdev_open+0x10b/0x6a0 [ 794.817839][T18081] ? __pfx_tty_open+0x10/0x10 [ 794.817887][T18081] chrdev_open+0x231/0x6a0 [ 794.817928][T18081] ? __pfx_apparmor_file_open+0x10/0x10 [ 794.817967][T18081] ? __pfx_chrdev_open+0x10/0x10 [ 794.818013][T18081] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 794.818060][T18081] do_dentry_open+0x97f/0x1530 [ 794.818104][T18081] ? __pfx_chrdev_open+0x10/0x10 [ 794.818158][T18081] vfs_open+0x82/0x3f0 [ 794.818213][T18081] path_openat+0x1de4/0x2cb0 [ 794.818267][T18081] ? __pfx_path_openat+0x10/0x10 [ 794.818320][T18081] do_filp_open+0x20b/0x470 [ 794.818363][T18081] ? __pfx_do_filp_open+0x10/0x10 [ 794.818434][T18081] ? alloc_fd+0x471/0x7d0 [ 794.818482][T18081] do_sys_openat2+0x11b/0x1d0 [ 794.818536][T18081] ? __pfx_do_sys_openat2+0x10/0x10 [ 794.818602][T18081] __x64_sys_openat+0x174/0x210 [ 794.818653][T18081] ? __pfx___x64_sys_openat+0x10/0x10 [ 794.818725][T18081] do_syscall_64+0xcd/0x490 [ 794.818787][T18081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 794.818823][T18081] RIP: 0033:0x7f5105d8ebe9 [ 794.818852][T18081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 794.818892][T18081] RSP: 002b:00007f5106c71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 794.818925][T18081] RAX: ffffffffffffffda RBX: 00007f5105fc5fa0 RCX: 00007f5105d8ebe9 [ 794.818947][T18081] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 794.818969][T18081] RBP: 00007f5105e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 794.818989][T18081] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 794.819008][T18081] R13: 00007f5105fc6038 R14: 00007f5105fc5fa0 R15: 00007ffd0d33c3b8 [ 794.819052][T18081] [ 794.896194][T18094] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4095'. [ 795.040727][T18097] netlink: 13 bytes leftover after parsing attributes in process `syz.7.4095'. [ 798.291232][T18125] sp0: Synchronizing with TNC [ 799.651841][T18145] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4108'. [ 801.125577][T18165] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries [ 801.535894][ T5870] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 801.960284][T18180] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 802.949195][T18193] netlink: 25 bytes leftover after parsing attributes in process `syz.7.4126'. [ 803.370107][T18206] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries [ 803.425285][T18209] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries [ 804.154730][T18227] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 804.238478][T18228] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 804.942812][T18234] FAULT_INJECTION: forcing a failure. [ 804.942812][T18234] name failslab, interval 1, probability 0, space 0, times 0 [ 805.002270][T18234] CPU: 1 UID: 0 PID: 18234 Comm: syz.6.4135 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 805.002331][T18234] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 805.002347][T18234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 805.002367][T18234] Call Trace: [ 805.002379][T18234] [ 805.002393][T18234] dump_stack_lvl+0x16c/0x1f0 [ 805.002444][T18234] should_fail_ex+0x512/0x640 [ 805.002491][T18234] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 805.002541][T18234] should_failslab+0xc2/0x120 [ 805.002586][T18234] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 805.002628][T18234] ? proc_alloc_inode+0x25/0x200 [ 805.002680][T18234] ? __pfx_proc_alloc_inode+0x10/0x10 [ 805.002742][T18234] proc_alloc_inode+0x25/0x200 [ 805.002785][T18234] alloc_inode+0x61/0x240 [ 805.002835][T18234] new_inode+0x22/0x1c0 [ 805.002889][T18234] proc_pid_make_inode+0x22/0x160 [ 805.002935][T18234] proc_pident_instantiate+0x85/0x310 [ 805.002985][T18234] proc_fill_cache+0x35e/0x470 [ 805.003029][T18234] ? __pfx_proc_pident_instantiate+0x10/0x10 [ 805.003077][T18234] ? __pfx_proc_fill_cache+0x10/0x10 [ 805.003163][T18234] proc_pident_readdir+0x1bc/0x530 [ 805.003220][T18234] iterate_dir+0x293/0xaf0 [ 805.003263][T18234] __x64_sys_getdents+0x13c/0x2b0 [ 805.003298][T18234] ? __pfx___x64_sys_getdents+0x10/0x10 [ 805.003329][T18234] ? __x64_sys_openat+0x174/0x210 [ 805.003380][T18234] ? __pfx_filldir+0x10/0x10 [ 805.003425][T18234] do_syscall_64+0xcd/0x490 [ 805.003474][T18234] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 805.003508][T18234] RIP: 0033:0x7f8ad858ebe9 [ 805.003535][T18234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 805.003569][T18234] RSP: 002b:00007f8ad93be038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 805.003601][T18234] RAX: ffffffffffffffda RBX: 00007f8ad87c6090 RCX: 00007f8ad858ebe9 [ 805.003644][T18234] RDX: 0000000000000c08 RSI: 0000000000000000 RDI: 0000000000000005 [ 805.003664][T18234] RBP: 00007f8ad8611e19 R08: 0000000000000000 R09: 0000000000000000 [ 805.003684][T18234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 805.003704][T18234] R13: 00007f8ad87c6128 R14: 00007f8ad87c6090 R15: 00007ffc2cc8bb28 [ 805.003755][T18234] [ 805.834718][T18247] : Can't lookup blockdev [ 807.309597][T18268] FAULT_INJECTION: forcing a failure. [ 807.309597][T18268] name failslab, interval 1, probability 0, space 0, times 0 [ 807.341328][T18268] CPU: 0 UID: 0 PID: 18268 Comm: syz.5.4153 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 807.341397][T18268] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 807.341413][T18268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 807.341432][T18268] Call Trace: [ 807.341443][T18268] [ 807.341457][T18268] dump_stack_lvl+0x16c/0x1f0 [ 807.341509][T18268] should_fail_ex+0x512/0x640 [ 807.341558][T18268] ? fs_reclaim_acquire+0xae/0x150 [ 807.341623][T18268] should_failslab+0xc2/0x120 [ 807.341670][T18268] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 807.341713][T18268] ? __kernfs_new_node+0xd2/0x8e0 [ 807.341762][T18268] __kernfs_new_node+0xd2/0x8e0 [ 807.341812][T18268] ? __pfx___kernfs_new_node+0x10/0x10 [ 807.341867][T18268] ? find_held_lock+0x2b/0x80 [ 807.341902][T18268] ? kernfs_root+0xee/0x2a0 [ 807.341951][T18268] kernfs_new_node+0x13c/0x1e0 [ 807.342005][T18268] kernfs_create_link+0xcc/0x240 [ 807.342043][T18268] sysfs_do_create_link_sd+0x90/0x140 [ 807.342087][T18268] sysfs_create_link+0x61/0xc0 [ 807.342127][T18268] __add_disk+0x61e/0xf00 [ 807.342179][T18268] add_disk_fwnode+0x13f/0x5d0 [ 807.342227][T18268] loop_add+0x903/0xb70 [ 807.342263][T18268] ? __pfx_loop_add+0x10/0x10 [ 807.342328][T18268] ? find_held_lock+0x2b/0x80 [ 807.342367][T18268] loop_control_ioctl+0x13e/0x630 [ 807.342407][T18268] ? __pfx_loop_control_ioctl+0x10/0x10 [ 807.342452][T18268] ? __pfx_loop_control_ioctl+0x10/0x10 [ 807.342492][T18268] __x64_sys_ioctl+0x18b/0x210 [ 807.342549][T18268] do_syscall_64+0xcd/0x490 [ 807.342608][T18268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 807.342642][T18268] RIP: 0033:0x7f5105d8ebe9 [ 807.342670][T18268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 807.342703][T18268] RSP: 002b:00007f5106c71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 807.342733][T18268] RAX: ffffffffffffffda RBX: 00007f5105fc5fa0 RCX: 00007f5105d8ebe9 [ 807.342756][T18268] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006 [ 807.342777][T18268] RBP: 00007f5105e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 807.342797][T18268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 807.342817][T18268] R13: 00007f5105fc6038 R14: 00007f5105fc5fa0 R15: 00007ffd0d33c3b8 [ 807.342861][T18268] [ 808.031395][T18269] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input15 [ 809.656169][T18289] FAULT_INJECTION: forcing a failure. [ 809.656169][T18289] name failslab, interval 1, probability 0, space 0, times 0 [ 809.684853][T18289] CPU: 0 UID: 0 PID: 18289 Comm: syz.7.4152 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 809.684915][T18289] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 809.684930][T18289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 809.684950][T18289] Call Trace: [ 809.684962][T18289] [ 809.684975][T18289] dump_stack_lvl+0x16c/0x1f0 [ 809.685029][T18289] should_fail_ex+0x512/0x640 [ 809.685076][T18289] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 809.685123][T18289] should_failslab+0xc2/0x120 [ 809.685169][T18289] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 809.685209][T18289] ? d_instantiate+0x77/0x90 [ 809.685252][T18289] ? alloc_empty_file+0x55/0x1e0 [ 809.685308][T18289] alloc_empty_file+0x55/0x1e0 [ 809.685372][T18289] alloc_file_pseudo+0x13a/0x230 [ 809.685426][T18289] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 809.685494][T18289] ioctx_alloc+0x5ab/0x2120 [ 809.685551][T18289] ? find_held_lock+0x2b/0x80 [ 809.685588][T18289] ? __pfx_ioctx_alloc+0x10/0x10 [ 809.685623][T18289] ? __might_fault+0x13b/0x190 [ 809.685687][T18289] __x64_sys_io_setup+0xc9/0x210 [ 809.685732][T18289] do_syscall_64+0xcd/0x490 [ 809.685784][T18289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.685819][T18289] RIP: 0033:0x7f0f6378ebe9 [ 809.685847][T18289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 809.685881][T18289] RSP: 002b:00007f0f646a3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 809.685913][T18289] RAX: ffffffffffffffda RBX: 00007f0f639c5fa0 RCX: 00007f0f6378ebe9 [ 809.685936][T18289] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 809.685957][T18289] RBP: 00007f0f63811e19 R08: 0000000000000000 R09: 0000000000000000 [ 809.685979][T18289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 809.685999][T18289] R13: 00007f0f639c6038 R14: 00007f0f639c5fa0 R15: 00007fffbb9ee508 [ 809.686043][T18289] [ 810.207397][T18297] sp0: Synchronizing with TNC [ 810.675449][T18302] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4156'. [ 810.748424][T18301] ima: policy update failed [ 810.755836][ T30] audit: type=1802 audit(6051889884.316:19): pid=18301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.4156" res=0 errno=0 [ 811.090596][T18306] FAULT_INJECTION: forcing a failure. [ 811.090596][T18306] name failslab, interval 1, probability 0, space 0, times 0 [ 811.153057][T18306] CPU: 0 UID: 0 PID: 18306 Comm: syz.6.4157 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 811.153125][T18306] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 811.153142][T18306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 811.153163][T18306] Call Trace: [ 811.153175][T18306] [ 811.153191][T18306] dump_stack_lvl+0x16c/0x1f0 [ 811.153246][T18306] should_fail_ex+0x512/0x640 [ 811.153295][T18306] ? fs_reclaim_acquire+0xae/0x150 [ 811.153353][T18306] should_failslab+0xc2/0x120 [ 811.153400][T18306] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 811.153444][T18306] ? inode_set_ctime_current+0x2a1/0x8f0 [ 811.153501][T18306] ? jbd2__journal_start+0x193/0x6a0 [ 811.153564][T18306] jbd2__journal_start+0x193/0x6a0 [ 811.153625][T18306] __ext4_journal_start_sb+0x195/0x690 [ 811.153673][T18306] ? ext4_dirty_inode+0xa1/0x130 [ 811.153720][T18306] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 811.153766][T18306] ext4_dirty_inode+0xa1/0x130 [ 811.153812][T18306] ? rcu_is_watching+0x12/0xc0 [ 811.153846][T18306] __mark_inode_dirty+0x1eb/0xe40 [ 811.153899][T18306] generic_update_time+0xcf/0xf0 [ 811.153946][T18306] file_modified+0x207/0x240 [ 811.153996][T18306] ext4_fallocate+0x24a/0x37a0 [ 811.154063][T18306] ? __pfx_ext4_fallocate+0x10/0x10 [ 811.154113][T18306] vfs_fallocate+0x5b1/0x10e0 [ 811.154159][T18306] ? __pfx_vfs_fallocate+0x10/0x10 [ 811.154202][T18306] ? madvise_vma_behavior+0x2b20/0x2d60 [ 811.154263][T18306] madvise_vma_behavior+0x2ad7/0x2d60 [ 811.154318][T18306] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 811.154364][T18306] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 811.154418][T18306] ? __pfx_mas_prev+0x10/0x10 [ 811.154482][T18306] ? find_vma_prev+0xda/0x160 [ 811.154530][T18306] ? find_held_lock+0x2b/0x80 [ 811.154563][T18306] ? __pfx_find_vma_prev+0x10/0x10 [ 811.154611][T18306] ? futex_unqueue+0x133/0x2c0 [ 811.154666][T18306] ? __futex_wait+0x24c/0x2f0 [ 811.154723][T18306] madvise_walk_vmas+0x31f/0x9c0 [ 811.154780][T18306] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 811.154842][T18306] madvise_do_behavior+0x1e2/0x530 [ 811.154888][T18306] ? futex_private_hash_put+0x18a/0x300 [ 811.154929][T18306] ? __pfx_madvise_do_behavior+0x10/0x10 [ 811.154982][T18306] ? down_read+0x13d/0x480 [ 811.155051][T18306] do_madvise+0x176/0x240 [ 811.155100][T18306] ? __pfx_do_madvise+0x10/0x10 [ 811.155147][T18306] ? do_futex+0x122/0x350 [ 811.155219][T18306] ? xfd_validate_state+0x61/0x180 [ 811.155267][T18306] ? __pfx_ksys_write+0x10/0x10 [ 811.155315][T18306] __x64_sys_madvise+0xa9/0x110 [ 811.155361][T18306] ? lockdep_hardirqs_on+0x7c/0x110 [ 811.155406][T18306] do_syscall_64+0xcd/0x490 [ 811.155454][T18306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.155497][T18306] RIP: 0033:0x7f8ad858ebe9 [ 811.155525][T18306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 811.155559][T18306] RSP: 002b:00007f8ad93df038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 811.155593][T18306] RAX: ffffffffffffffda RBX: 00007f8ad87c5fa0 RCX: 00007f8ad858ebe9 [ 811.155616][T18306] RDX: 0000000000000009 RSI: 0000000000000001 RDI: 000000110c230000 [ 811.155638][T18306] RBP: 00007f8ad8611e19 R08: 0000000000000000 R09: 0000000000000000 [ 811.155659][T18306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 811.155681][T18306] R13: 00007f8ad87c6038 R14: 00007f8ad87c5fa0 R15: 00007ffc2cc8bb28 [ 811.155726][T18306] [ 811.830421][T18311] sp0: Synchronizing with TNC [ 812.045822][T18311] sp0: Synchronizing with TNC [ 812.117619][T18315] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4161'. [ 812.381300][T18315] team0: Port device team_slave_0 removed [ 815.323746][T18371] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries [ 815.697334][T18382] binder: 18380:18382 ioctl 40046210 0 returned -14 [ 815.969535][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 815.976115][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 817.270333][T18416] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries [ 818.142217][T18427] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4194'. [ 818.341665][T18436] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4197'. [ 819.164822][T18452] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4202'. [ 819.192367][T18452] netlink: 13 bytes leftover after parsing attributes in process `syz.7.4202'. [ 819.351424][T18457] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 819.367617][T18458] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries [ 819.417146][T18462] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 819.947104][T18468] sp0: Synchronizing with TNC [ 820.973834][T18482] binder: 18481:18482 ioctl c00c6211 0 returned -14 [ 821.143166][T18490] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4209'. [ 822.339988][T18512] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2138594265 (136870032960 ns) > initial count (92633972288 ns). Using initial count to start timer. [ 822.558048][T18518] sp0: Synchronizing with TNC [ 822.731916][T18521] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4222'. [ 822.937993][ T59] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 974 with max blocks 1 with error 117 [ 823.037795][ T59] EXT4-fs (sda1): This should not happen!! Data will be lost [ 823.037795][ T59] [ 824.320923][T18533] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4226'. [ 824.861482][T18546] netlink: 252 bytes leftover after parsing attributes in process `syz.3.4229'. [ 824.920534][T18549] netlink: 252 bytes leftover after parsing attributes in process `syz.3.4229'. [ 825.558747][T18558] bridge0: port 3(vlan1) entered blocking state [ 825.566305][T18558] bridge0: port 3(vlan1) entered disabled state [ 825.573573][T18558] vlan1: entered allmulticast mode [ 825.578903][T18558] veth0_vlan: entered allmulticast mode [ 825.587190][T18558] vlan1: entered promiscuous mode [ 825.593816][T18558] bridge0: port 3(vlan1) entered blocking state [ 825.600296][T18558] bridge0: port 3(vlan1) entered forwarding state [ 827.645843][T18589] sp0: Synchronizing with TNC [ 828.139625][T18602] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4245'. [ 828.155752][T18602] netlink: 13 bytes leftover after parsing attributes in process `syz.5.4245'. [ 828.213136][T18601] FAULT_INJECTION: forcing a failure. [ 828.213136][T18601] name failslab, interval 1, probability 0, space 0, times 0 [ 828.227411][T18601] CPU: 0 UID: 0 PID: 18601 Comm: syz.7.4246 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 828.227472][T18601] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 828.227488][T18601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 828.227508][T18601] Call Trace: [ 828.227520][T18601] [ 828.227532][T18601] dump_stack_lvl+0x16c/0x1f0 [ 828.227605][T18601] should_fail_ex+0x512/0x640 [ 828.227653][T18601] ? __kmalloc_noprof+0xbf/0x510 [ 828.227696][T18601] ? do_handle_open+0x545/0xc50 [ 828.227729][T18601] should_failslab+0xc2/0x120 [ 828.227775][T18601] __kmalloc_noprof+0xd2/0x510 [ 828.227814][T18601] ? bpf_lsm_capable+0x9/0x10 [ 828.227855][T18601] do_handle_open+0x545/0xc50 [ 828.227892][T18601] ? __pfx_do_handle_open+0x10/0x10 [ 828.227926][T18601] ? __x64_sys_futex+0x1e0/0x4c0 [ 828.227981][T18601] ? xfd_validate_state+0x61/0x180 [ 828.228044][T18601] ? do_syscall_64+0xcd/0x490 [ 828.228088][T18601] do_syscall_64+0xcd/0x490 [ 828.228138][T18601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 828.228172][T18601] RIP: 0033:0x7f0f6378ebe9 [ 828.228198][T18601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 828.228232][T18601] RSP: 002b:00007f0f646a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 828.228264][T18601] RAX: ffffffffffffffda RBX: 00007f0f639c5fa0 RCX: 00007f0f6378ebe9 [ 828.228286][T18601] RDX: 0000000000000002 RSI: 0000200000000040 RDI: 0000000000000005 [ 828.228308][T18601] RBP: 00007f0f63811e19 R08: 0000000000000000 R09: 0000000000000000 [ 828.228330][T18601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 828.228351][T18601] R13: 00007f0f639c6038 R14: 00007f0f639c5fa0 R15: 00007fffbb9ee508 [ 828.228395][T18601] [ 828.620972][T18610] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4249'. [ 828.968102][T18621] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries [ 829.691252][T18636] blktrace: Concurrent blktraces are not allowed on loop2 [ 830.610241][T18655] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4262'. [ 832.064280][T18679] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4268'. [ 832.706771][T18691] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries [ 832.826314][T18692] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4272'. [ 832.947967][T18693] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 835.032344][T18724] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries [ 835.191347][T18725] netlink: 342 bytes leftover after parsing attributes in process `syz.7.4281'. [ 835.274001][T18725] netlink: 342 bytes leftover after parsing attributes in process `syz.7.4281'. [ 835.307899][T18728] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries [ 835.326786][T18723] zswap: compressor not available [ 835.449317][T18727] Setting dangerous option i915.mitigations - tainting kernel [ 835.857431][T18732] netlink: 'syz.7.4283': attribute type 10 has an invalid length. [ 835.896435][T18732] netlink: 230 bytes leftover after parsing attributes in process `syz.7.4283'. [ 835.957374][T18732] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 836.370519][T18742] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 836.495664][T18744] netlink: 'syz.7.4286': attribute type 3 has an invalid length. [ 836.796753][T13235] smpboot: CPU 1 is now offline [ 837.678961][T18766] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries [ 838.472072][T18771] Invalid ELF header magic: != ELF [ 839.411310][ T30] audit: type=1806 audit(6051889913.125:20): xattr="." res=0 [ 840.330187][T18801] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4302'. [ 841.000214][T18811] netlink: 330 bytes leftover after parsing attributes in process `syz.5.4304'. [ 843.344274][T18844] netlink: 'syz.3.4317': attribute type 29 has an invalid length. [ 843.392989][T18844] netlink: 'syz.3.4317': attribute type 30 has an invalid length. [ 843.430078][T18844] netlink: 'syz.3.4317': attribute type 31 has an invalid length. [ 843.474767][T18844] netlink: 'syz.3.4317': attribute type 32 has an invalid length. [ 843.523593][T18844] netlink: 'syz.3.4317': attribute type 33 has an invalid length. [ 843.557427][T18844] netlink: 'syz.3.4317': attribute type 35 has an invalid length. [ 843.602402][T18844] netlink: 'syz.3.4317': attribute type 37 has an invalid length. [ 843.652704][T18844] netlink: 18 bytes leftover after parsing attributes in process `syz.3.4317'. [ 843.902799][T18850] __vm_enough_memory: pid: 18850, comm: syz.5.4318, bytes: 4398046511104 not enough memory for the allocation [ 843.923826][T18849] netlink: 186 bytes leftover after parsing attributes in process `syz.6.4319'. [ 843.960597][T18849] netlink: 186 bytes leftover after parsing attributes in process `syz.6.4319'. [ 844.365923][T18858] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4322'. [ 844.754629][T18865] FAULT_INJECTION: forcing a failure. [ 844.754629][T18865] name failslab, interval 1, probability 0, space 0, times 0 [ 844.806576][T18865] CPU: 0 UID: 0 PID: 18865 Comm: syz.3.4324 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 844.806621][T18865] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 844.806633][T18865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 844.806648][T18865] Call Trace: [ 844.806658][T18865] [ 844.806669][T18865] dump_stack_lvl+0x16c/0x1f0 [ 844.806706][T18865] should_fail_ex+0x512/0x640 [ 844.806740][T18865] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 844.806776][T18865] should_failslab+0xc2/0x120 [ 844.806808][T18865] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 844.806841][T18865] ? __kthread_create_on_node+0x186/0x3f0 [ 844.806878][T18865] kvasprintf+0xbc/0x160 [ 844.806900][T18865] ? __pfx_kvasprintf+0x10/0x10 [ 844.806937][T18865] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 844.806970][T18865] __kthread_create_on_node+0x186/0x3f0 [ 844.807004][T18865] ? __pfx___kthread_create_on_node+0x10/0x10 [ 844.807128][T18865] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 844.807159][T18865] kthread_create_on_node+0xc7/0x100 [ 844.807191][T18865] ? __pfx_kthread_create_on_node+0x10/0x10 [ 844.807222][T18865] ? kasan_quarantine_put+0x10a/0x240 [ 844.807253][T18865] ? find_held_lock+0x2b/0x80 [ 844.807277][T18865] ? tomoyo_notify_gc+0xc6/0x470 [ 844.807313][T18865] tomoyo_notify_gc+0xea/0x470 [ 844.807341][T18865] ? ima_iint_find+0xea/0x130 [ 844.807366][T18865] ? __pfx_tomoyo_release+0x10/0x10 [ 844.807400][T18865] tomoyo_release+0x31/0x40 [ 844.807433][T18865] __fput+0x3ff/0xb70 [ 844.807474][T18865] task_work_run+0x14d/0x240 [ 844.807513][T18865] ? __pfx_task_work_run+0x10/0x10 [ 844.807557][T18865] ? __pfx___do_sys_close_range+0x10/0x10 [ 844.807598][T18865] exit_to_user_mode_loop+0xeb/0x110 [ 844.807636][T18865] do_syscall_64+0x3f6/0x490 [ 844.807672][T18865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 844.807697][T18865] RIP: 0033:0x7fe8fed8ebe9 [ 844.807717][T18865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 844.807741][T18865] RSP: 002b:00007fe8ffcd6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 844.807764][T18865] RAX: 0000000000000000 RBX: 00007fe8fefc5fa0 RCX: 00007fe8fed8ebe9 [ 844.807779][T18865] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 844.807793][T18865] RBP: 00007fe8fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 844.807808][T18865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 844.807823][T18865] R13: 00007fe8fefc6038 R14: 00007fe8fefc5fa0 R15: 00007ffee323dd58 [ 844.807853][T18865] [ 845.657894][T18869] netlink: 'syz.3.4326': attribute type 3 has an invalid length. [ 848.868044][T18897] Invalid ELF header magic: != ELF [ 849.042195][T18906] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4338'. [ 849.117354][T18908] netlink: 25 bytes leftover after parsing attributes in process `syz.7.4338'. [ 850.373106][T18913] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 851.376862][T18927] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4345'. [ 851.462628][T18932] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 851.495411][T18927] netlink: 25 bytes leftover after parsing attributes in process `syz.7.4345'. [ 852.010635][T18942] FAULT_INJECTION: forcing a failure. [ 852.010635][T18942] name failslab, interval 1, probability 0, space 0, times 0 [ 852.079143][T18942] CPU: 0 UID: 0 PID: 18942 Comm: syz.7.4349 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 852.079188][T18942] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 852.079200][T18942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 852.079228][T18942] Call Trace: [ 852.079238][T18942] [ 852.079247][T18942] dump_stack_lvl+0x16c/0x1f0 [ 852.079285][T18942] should_fail_ex+0x512/0x640 [ 852.079319][T18942] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 852.079347][T18942] should_failslab+0xc2/0x120 [ 852.079379][T18942] __kmalloc_cache_noprof+0x6a/0x3e0 [ 852.079406][T18942] ? netdev_create_hash+0x3c/0xc0 [ 852.079451][T18942] ? __pfx_netdev_init+0x10/0x10 [ 852.079494][T18942] netdev_create_hash+0x3c/0xc0 [ 852.079533][T18942] ? __pfx_netdev_init+0x10/0x10 [ 852.079570][T18942] netdev_init+0x70/0x230 [ 852.079608][T18942] ops_init+0x1df/0x5f0 [ 852.079645][T18942] setup_net+0x10f/0x380 [ 852.079677][T18942] ? lockdep_init_map_type+0x5c/0x280 [ 852.079712][T18942] ? __pfx_setup_net+0x10/0x10 [ 852.079749][T18942] ? debug_mutex_init+0x37/0x70 [ 852.079776][T18942] copy_net_ns+0x2a6/0x5f0 [ 852.079817][T18942] create_new_namespaces+0x3ea/0xa90 [ 852.079852][T18942] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 852.079883][T18942] ksys_unshare+0x45b/0xa40 [ 852.079918][T18942] ? __pfx_ksys_unshare+0x10/0x10 [ 852.079953][T18942] ? xfd_validate_state+0x61/0x180 [ 852.079997][T18942] __x64_sys_unshare+0x31/0x40 [ 852.080029][T18942] do_syscall_64+0xcd/0x490 [ 852.080064][T18942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 852.080088][T18942] RIP: 0033:0x7f0f6378ebe9 [ 852.080107][T18942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 852.080131][T18942] RSP: 002b:00007f0f646a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 852.080153][T18942] RAX: ffffffffffffffda RBX: 00007f0f639c5fa0 RCX: 00007f0f6378ebe9 [ 852.080175][T18942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 852.080189][T18942] RBP: 00007f0f63811e19 R08: 0000000000000000 R09: 0000000000000000 [ 852.080204][T18942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 852.080218][T18942] R13: 00007f0f639c6038 R14: 00007f0f639c5fa0 R15: 00007fffbb9ee508 [ 852.080248][T18942] [ 853.471934][ T3492] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 974 with max blocks 1 with error 117 [ 853.619202][ T3492] EXT4-fs (sda1): This should not happen!! Data will be lost [ 853.619202][ T3492] [ 853.897019][ T3492] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 955 with max blocks 19 with error 117 [ 854.050740][ T3492] EXT4-fs (sda1): This should not happen!! Data will be lost [ 854.050740][ T3492] [ 854.786139][T18959] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries [ 854.909647][T18960] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries [ 854.987804][T18958] could not allocate digest TFM handle [ 855.014292][T18962] netlink: 'syz.5.4354': attribute type 19 has an invalid length. [ 855.065596][T18962] netlink: 226 bytes leftover after parsing attributes in process `syz.5.4354'. [ 855.421387][T18969] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:3: corrupted xattr entries [ 856.928411][T18982] netlink: 306 bytes leftover after parsing attributes in process `syz.7.4361'. [ 860.317728][T19018] netlink: 338 bytes leftover after parsing attributes in process `syz.7.4373'. [ 860.386549][T19018] netlink: 314 bytes leftover after parsing attributes in process `syz.7.4373'. [ 862.901895][T19050] __vm_enough_memory: pid: 19050, comm: syz.3.4384, bytes: 4398046511104 not enough memory for the allocation [ 867.059356][T19089] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 867.162942][T19089] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 868.921620][T19113] netlink: 354 bytes leftover after parsing attributes in process `syz.5.4400'. [ 872.346044][T19136] FAULT_INJECTION: forcing a failure. [ 872.346044][T19136] name fail_page_alloc, interval 1, probability 0, space 0, times 393174 [ 872.523888][T19136] CPU: 0 UID: 0 PID: 19136 Comm: syz.5.4408 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 872.523933][T19136] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 872.523944][T19136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 872.523959][T19136] Call Trace: [ 872.523967][T19136] [ 872.523978][T19136] dump_stack_lvl+0x16c/0x1f0 [ 872.524015][T19136] should_fail_ex+0x512/0x640 [ 872.524055][T19136] should_fail_alloc_page+0xe7/0x130 [ 872.524091][T19136] prepare_alloc_pages+0x3c2/0x610 [ 872.524133][T19136] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 872.524167][T19136] ? rcu_is_watching+0x12/0xc0 [ 872.524193][T19136] ? trace_mm_page_alloc+0x11f/0x1a0 [ 872.524231][T19136] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 872.524265][T19136] ? stack_depot_save_flags+0x29/0x9c0 [ 872.524303][T19136] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 872.524336][T19136] ? kasan_save_stack+0x42/0x60 [ 872.524362][T19136] ? kasan_save_stack+0x33/0x60 [ 872.524388][T19136] ? kasan_save_track+0x14/0x30 [ 872.524414][T19136] ? __kasan_kmalloc+0xaa/0xb0 [ 872.524440][T19136] ? __kmalloc_noprof+0x223/0x510 [ 872.524467][T19136] ? vhost_dev_set_owner+0x287/0xa50 [ 872.524493][T19136] ? vhost_dev_ioctl+0x2eb/0xe20 [ 872.524533][T19136] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 872.524573][T19136] ? policy_nodemask+0xea/0x4e0 [ 872.524613][T19136] alloc_pages_mpol+0x1fb/0x550 [ 872.524653][T19136] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 872.524688][T19136] ? find_held_lock+0x2b/0x80 [ 872.524715][T19136] ? vhost_dev_set_owner+0x191/0xa50 [ 872.524737][T19136] ___kmalloc_large_node+0xed/0x160 [ 872.524781][T19136] ? vhost_dev_set_owner+0x191/0xa50 [ 872.524812][T19136] __kmalloc_large_node_noprof+0x1c/0x70 [ 872.524854][T19136] __kmalloc_noprof.cold+0xc/0x61 [ 872.524891][T19136] ? rcu_is_watching+0x12/0xc0 [ 872.524920][T19136] vhost_dev_set_owner+0x191/0xa50 [ 872.524954][T19136] vhost_dev_ioctl+0x2eb/0xe20 [ 872.524976][T19136] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 872.525016][T19136] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 872.525051][T19136] vhost_vsock_dev_ioctl+0x3a5/0xb30 [ 872.525088][T19136] ? hook_file_ioctl_common+0x145/0x410 [ 872.525122][T19136] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 872.525163][T19136] ? __fget_files+0x20e/0x3c0 [ 872.525194][T19136] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 872.525234][T19136] __x64_sys_ioctl+0x18b/0x210 [ 872.525280][T19136] do_syscall_64+0xcd/0x490 [ 872.525317][T19136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 872.525342][T19136] RIP: 0033:0x7f5105d8ebe9 [ 872.525361][T19136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 872.525385][T19136] RSP: 002b:00007f5106c71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 872.525408][T19136] RAX: ffffffffffffffda RBX: 00007f5105fc5fa0 RCX: 00007f5105d8ebe9 [ 872.525424][T19136] RDX: 0000000000000003 RSI: 000000000000af01 RDI: 0000000000000003 [ 872.525439][T19136] RBP: 00007f5105e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 872.525453][T19136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 872.525467][T19136] R13: 00007f5105fc6038 R14: 00007f5105fc5fa0 R15: 00007ffd0d33c3b8 [ 872.525498][T19136] [ 875.232434][T19162] binder: 19156:19162 ioctl c00c620f 200000000180 returned -22 [ 877.065329][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 877.080244][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 878.013990][T19168] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4415'. [ 880.435134][T19210] netlink: 186 bytes leftover after parsing attributes in process `syz.3.4430'. [ 884.563244][T19262] netlink: 'syz.6.4447': attribute type 6 has an invalid length. [ 884.608615][T19262] netlink: 13 bytes leftover after parsing attributes in process `syz.6.4447'. [ 884.685580][T19260] sp0: Synchronizing with TNC [ 886.019769][T19275] FAULT_INJECTION: forcing a failure. [ 886.019769][T19275] name failslab, interval 1, probability 0, space 0, times 0 [ 886.083952][T19275] CPU: 0 UID: 0 PID: 19275 Comm: syz.6.4451 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 886.084002][T19275] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 886.084013][T19275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 886.084029][T19275] Call Trace: [ 886.084038][T19275] [ 886.084049][T19275] dump_stack_lvl+0x16c/0x1f0 [ 886.084087][T19275] should_fail_ex+0x512/0x640 [ 886.084121][T19275] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 886.084157][T19275] should_failslab+0xc2/0x120 [ 886.084191][T19275] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 886.084223][T19275] ? find_held_lock+0x2b/0x80 [ 886.084246][T19275] ? kstrdup_const+0x63/0x80 [ 886.084279][T19275] kstrdup+0x53/0x100 [ 886.084310][T19275] kstrdup_const+0x63/0x80 [ 886.084343][T19275] __kernfs_new_node+0x9b/0x8e0 [ 886.084378][T19275] ? __pfx___kernfs_new_node+0x10/0x10 [ 886.084417][T19275] ? find_held_lock+0x2b/0x80 [ 886.084441][T19275] ? kernfs_root+0xee/0x2a0 [ 886.084486][T19275] kernfs_new_node+0x13c/0x1e0 [ 886.084527][T19275] kernfs_create_dir_ns+0x4c/0x1a0 [ 886.084566][T19275] sysfs_create_dir_ns+0x13a/0x2b0 [ 886.084597][T19275] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 886.084626][T19275] ? find_held_lock+0x2b/0x80 [ 886.084654][T19275] ? class_dir_child_ns_type+0xd/0x60 [ 886.084694][T19275] kobject_add_internal+0x2c4/0x9b0 [ 886.084736][T19275] kobject_add+0x16e/0x240 [ 886.084772][T19275] ? __pfx_kobject_add+0x10/0x10 [ 886.084809][T19275] ? get_device_parent+0x1c5/0x4e0 [ 886.084844][T19275] ? kobject_put+0xab/0x5a0 [ 886.084886][T19275] device_add+0x288/0x1aa0 [ 886.084909][T19275] ? rcu_is_watching+0x12/0xc0 [ 886.084933][T19275] ? __pfx_device_add+0x10/0x10 [ 886.084966][T19275] device_create_groups_vargs+0x1f8/0x270 [ 886.084995][T19275] device_create+0xed/0x130 [ 886.085018][T19275] ? __pfx_device_create+0x10/0x10 [ 886.085043][T19275] ? do_init_timer+0xc9/0x110 [ 886.085073][T19275] ? ieee80211_roc_setup+0x136/0x270 [ 886.085101][T19275] ? ieee80211_alloc_hw_nm+0x231/0x2260 [ 886.085139][T19275] mac80211_hwsim_new_radio+0x369/0x54d0 [ 886.085178][T19275] ? __asan_memset+0x23/0x50 [ 886.085203][T19275] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 886.085238][T19275] hwsim_new_radio_nl+0xb51/0x12c0 [ 886.085265][T19275] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 886.085299][T19275] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 886.085341][T19275] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 886.085389][T19275] genl_family_rcv_msg_doit+0x206/0x2f0 [ 886.085430][T19275] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 886.085487][T19275] ? bpf_lsm_capable+0x9/0x10 [ 886.085510][T19275] ? security_capable+0x7e/0x260 [ 886.085535][T19275] ? ns_capable+0xd7/0x110 [ 886.085565][T19275] genl_rcv_msg+0x55c/0x800 [ 886.085608][T19275] ? __pfx_genl_rcv_msg+0x10/0x10 [ 886.085647][T19275] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 886.085683][T19275] netlink_rcv_skb+0x155/0x420 [ 886.085717][T19275] ? __pfx_genl_rcv_msg+0x10/0x10 [ 886.085757][T19275] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 886.085804][T19275] ? netlink_deliver_tap+0x1ae/0xd30 [ 886.085841][T19275] genl_rcv+0x28/0x40 [ 886.085875][T19275] netlink_unicast+0x5aa/0x870 [ 886.085920][T19275] ? __pfx_netlink_unicast+0x10/0x10 [ 886.085954][T19275] ? __pfx___might_resched+0x10/0x10 [ 886.085978][T19275] ? __lock_acquire+0xb97/0x1ce0 [ 886.086019][T19275] netlink_sendmsg+0x8d1/0xdd0 [ 886.086058][T19275] ? __pfx_netlink_sendmsg+0x10/0x10 [ 886.086096][T19275] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 886.086128][T19275] ____sys_sendmsg+0xa95/0xc70 [ 886.086153][T19275] ? copy_msghdr_from_user+0x10a/0x160 [ 886.086186][T19275] ? __pfx_____sys_sendmsg+0x10/0x10 [ 886.086217][T19275] ? __pfx_futex_wake_mark+0x10/0x10 [ 886.086257][T19275] ___sys_sendmsg+0x134/0x1d0 [ 886.086292][T19275] ? __pfx____sys_sendmsg+0x10/0x10 [ 886.086362][T19275] __sys_sendmsg+0x16d/0x220 [ 886.086396][T19275] ? __pfx___sys_sendmsg+0x10/0x10 [ 886.086429][T19275] ? __x64_sys_futex+0x1e0/0x4c0 [ 886.086485][T19275] do_syscall_64+0xcd/0x490 [ 886.086523][T19275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 886.086548][T19275] RIP: 0033:0x7f8ad858ebe9 [ 886.086568][T19275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 886.086593][T19275] RSP: 002b:00007f8ad93df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 886.086616][T19275] RAX: ffffffffffffffda RBX: 00007f8ad87c5fa0 RCX: 00007f8ad858ebe9 [ 886.086633][T19275] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000005 [ 886.086648][T19275] RBP: 00007f8ad8611e19 R08: 0000000000000000 R09: 0000000000000000 [ 886.086663][T19275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 886.086678][T19275] R13: 00007f8ad87c6038 R14: 00007f8ad87c5fa0 R15: 00007ffc2cc8bb28 [ 886.086709][T19275] [ 887.809689][T19281] netlink: 25 bytes leftover after parsing attributes in process `syz.7.4452'. [ 888.062919][T19282] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4453'. [ 888.079993][T19282] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4453'. [ 888.317577][T19275] kobject: kobject_add_internal failed for hwsim38 (error: -12 parent: mac80211_hwsim) [ 888.730165][T19292] FAULT_INJECTION: forcing a failure. [ 888.730165][T19292] name failslab, interval 1, probability 0, space 0, times 0 [ 888.779901][T19292] CPU: 0 UID: 0 PID: 19292 Comm: syz.3.4456 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 888.779948][T19292] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 888.779959][T19292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 888.779979][T19292] Call Trace: [ 888.779987][T19292] [ 888.779997][T19292] dump_stack_lvl+0x16c/0x1f0 [ 888.780035][T19292] should_fail_ex+0x512/0x640 [ 888.780071][T19292] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 888.780104][T19292] should_failslab+0xc2/0x120 [ 888.780137][T19292] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 888.780165][T19292] ? _raw_spin_unlock+0x28/0x50 [ 888.780194][T19292] ? alloc_inode+0xc3/0x240 [ 888.780233][T19292] alloc_inode+0xc3/0x240 [ 888.780268][T19292] new_inode+0x22/0x1c0 [ 888.780306][T19292] simple_fill_super+0x306/0x720 [ 888.780337][T19292] ? __pfx_nfsd_fill_super+0x10/0x10 [ 888.780366][T19292] nfsd_fill_super+0x90/0x530 [ 888.780393][T19292] ? __pfx_set_anon_super_fc+0x10/0x10 [ 888.780418][T19292] ? __pfx_nfsd_fill_super+0x10/0x10 [ 888.780445][T19292] get_tree_keyed+0x10b/0x1d0 [ 888.780474][T19292] vfs_get_tree+0x8e/0x340 [ 888.780496][T19292] path_mount+0x1513/0x2000 [ 888.780533][T19292] ? __pfx_path_mount+0x10/0x10 [ 888.780565][T19292] ? kmem_cache_free+0x2d1/0x4d0 [ 888.780592][T19292] ? putname+0x154/0x1a0 [ 888.780628][T19292] ? putname+0x154/0x1a0 [ 888.780664][T19292] ? __x64_sys_mount+0x28d/0x310 [ 888.780693][T19292] __x64_sys_mount+0x28d/0x310 [ 888.780725][T19292] ? __pfx___x64_sys_mount+0x10/0x10 [ 888.780766][T19292] do_syscall_64+0xcd/0x490 [ 888.780801][T19292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 888.780827][T19292] RIP: 0033:0x7fe8fed8ebe9 [ 888.780846][T19292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 888.780870][T19292] RSP: 002b:00007fe8ffcd6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 888.780892][T19292] RAX: ffffffffffffffda RBX: 00007fe8fefc5fa0 RCX: 00007fe8fed8ebe9 [ 888.780909][T19292] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000 [ 888.780925][T19292] RBP: 00007fe8fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 888.780940][T19292] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000000 [ 888.780954][T19292] R13: 00007fe8fefc6038 R14: 00007fe8fefc5fa0 R15: 00007ffee323dd58 [ 888.780994][T19292] [ 889.583834][T19298] netlink: 13 bytes leftover after parsing attributes in process `syz.5.4458'. [ 890.609953][T19303] netlink: 334 bytes leftover after parsing attributes in process `syz.5.4460'. [ 890.630230][T19314] random: crng reseeded on system resumption [ 892.121972][T19336] netlink: 13 bytes leftover after parsing attributes in process `syz.6.4470'. [ 892.628019][T19338] netlink: 186 bytes leftover after parsing attributes in process `syz.5.4471'. [ 894.198389][T19364] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries [ 894.257682][T19367] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries [ 894.298764][T19369] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries [ 894.707061][T19375] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4482'. [ 894.804278][T19375] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4482'. [ 895.590934][T19382] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4483'. [ 895.712795][T19384] netlink: 25 bytes leftover after parsing attributes in process `syz.7.4483'. [ 895.964982][T19388] ICMPv6: process `syz.6.4486' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 896.341858][T19387] FAULT_INJECTION: forcing a failure. [ 896.341858][T19387] name fail_page_alloc, interval 1, probability 0, space 0, times 393173 [ 896.419640][T19387] CPU: 0 UID: 0 PID: 19387 Comm: syz.5.4487 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 896.419685][T19387] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 896.419696][T19387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 896.419711][T19387] Call Trace: [ 896.419719][T19387] [ 896.419730][T19387] dump_stack_lvl+0x16c/0x1f0 [ 896.419767][T19387] should_fail_ex+0x512/0x640 [ 896.419806][T19387] should_fail_alloc_page+0xe7/0x130 [ 896.419842][T19387] prepare_alloc_pages+0x3c2/0x610 [ 896.419883][T19387] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 896.419917][T19387] ? stack_trace_save+0x8e/0xc0 [ 896.419944][T19387] ? __pfx_stack_trace_save+0x10/0x10 [ 896.419970][T19387] ? __pfx_stack_trace_save+0x10/0x10 [ 896.419997][T19387] ? stack_depot_save_flags+0x29/0x9c0 [ 896.420037][T19387] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 896.420066][T19387] ? kasan_save_stack+0x42/0x60 [ 896.420093][T19387] ? kasan_save_track+0x14/0x30 [ 896.420119][T19387] ? snd_pcm_attach_substream+0x441/0xd60 [ 896.420150][T19387] ? snd_pcm_open_substream+0x8d/0x17f0 [ 896.420178][T19387] ? snd_pcm_oss_open+0x735/0x1400 [ 896.420198][T19387] ? soundcore_open+0x409/0x580 [ 896.420235][T19387] ? chrdev_open+0x231/0x6a0 [ 896.420264][T19387] ? do_dentry_open+0x97f/0x1530 [ 896.420295][T19387] ? vfs_open+0x82/0x3f0 [ 896.420331][T19387] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 896.420364][T19387] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 896.420402][T19387] ? policy_nodemask+0xea/0x4e0 [ 896.420436][T19387] alloc_pages_mpol+0x1fb/0x550 [ 896.420469][T19387] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 896.420510][T19387] alloc_pages_noprof+0x131/0x390 [ 896.420550][T19387] alloc_pages_exact_noprof+0x37/0xe0 [ 896.420575][T19387] snd_pcm_attach_substream+0x468/0xd60 [ 896.420614][T19387] snd_pcm_open_substream+0x8d/0x17f0 [ 896.420645][T19387] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 896.420673][T19387] ? lockdep_init_map_type+0x5c/0x280 [ 896.420709][T19387] ? lockdep_init_map_type+0x5c/0x280 [ 896.420747][T19387] snd_pcm_oss_open+0x735/0x1400 [ 896.420781][T19387] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 896.420805][T19387] ? __lock_acquire+0xb97/0x1ce0 [ 896.420838][T19387] ? __pfx_default_wake_function+0x10/0x10 [ 896.420864][T19387] ? __lock_acquire+0xb97/0x1ce0 [ 896.420903][T19387] ? do_raw_spin_lock+0x12c/0x2b0 [ 896.420942][T19387] ? soundcore_open+0x35a/0x580 [ 896.420978][T19387] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 896.421003][T19387] soundcore_open+0x409/0x580 [ 896.421039][T19387] ? __pfx_soundcore_open+0x10/0x10 [ 896.421073][T19387] chrdev_open+0x231/0x6a0 [ 896.421104][T19387] ? __pfx_apparmor_file_open+0x10/0x10 [ 896.421131][T19387] ? __pfx_chrdev_open+0x10/0x10 [ 896.421164][T19387] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 896.421198][T19387] do_dentry_open+0x97f/0x1530 [ 896.421228][T19387] ? __pfx_chrdev_open+0x10/0x10 [ 896.421265][T19387] vfs_open+0x82/0x3f0 [ 896.421305][T19387] path_openat+0x1de4/0x2cb0 [ 896.421343][T19387] ? __pfx_path_openat+0x10/0x10 [ 896.421380][T19387] do_filp_open+0x20b/0x470 [ 896.421410][T19387] ? __pfx_do_filp_open+0x10/0x10 [ 896.421460][T19387] ? alloc_fd+0x471/0x7d0 [ 896.421494][T19387] do_sys_openat2+0x11b/0x1d0 [ 896.421531][T19387] ? __pfx_do_sys_openat2+0x10/0x10 [ 896.421578][T19387] ? __pfx___might_resched+0x10/0x10 [ 896.421611][T19387] __x64_sys_openat+0x174/0x210 [ 896.421649][T19387] ? __pfx___x64_sys_openat+0x10/0x10 [ 896.421699][T19387] do_syscall_64+0xcd/0x490 [ 896.421736][T19387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 896.421760][T19387] RIP: 0033:0x7f5105d8ebe9 [ 896.421780][T19387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 896.421804][T19387] RSP: 002b:00007f5106c71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 896.421835][T19387] RAX: ffffffffffffffda RBX: 00007f5105fc5fa0 RCX: 00007f5105d8ebe9 [ 896.421851][T19387] RDX: 0000000000000102 RSI: 0000200000004000 RDI: ffffffffffffff9c [ 896.421867][T19387] RBP: 00007f5105e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 896.421882][T19387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 896.421896][T19387] R13: 00007f5105fc6038 R14: 00007f5105fc5fa0 R15: 00007ffd0d33c3b8 [ 896.421927][T19387] [ 898.397998][T19412] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries [ 900.464781][T19443] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries [ 901.771129][T19455] [U]  [ 901.774221][T19455] [U] [ 901.777083][T19455] [U] [ 901.779817][T19455] [U] [ 901.829211][T19455] [U] [ 901.832366][T19455] [U] [ 901.835128][T19455] [U] [ 901.838184][T19455] [U] [ 901.908931][T19455] [U] [ 901.912294][T19455] [U] [ 901.915220][T19455] [U] [ 901.918232][T19455] [U] [ 901.946958][T19461] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 901.988359][T19455] [U] [ 901.991477][T19455] [U] [ 901.994684][T19455] [U] [ 901.997433][T19455] [U] [ 902.017452][T19460] FAULT_INJECTION: forcing a failure. [ 902.017452][T19460] name failslab, interval 1, probability 0, space 0, times 0 [ 902.097125][T19455] [U] [ 902.099978][T19455] [U] [ 902.102877][T19455] [U] [ 902.105844][T19455] [U] [ 902.130072][T19460] CPU: 0 UID: 0 PID: 19460 Comm: syz.6.4506 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 902.130116][T19460] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 902.130128][T19460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 902.130143][T19460] Call Trace: [ 902.130152][T19460] [ 902.130161][T19460] dump_stack_lvl+0x16c/0x1f0 [ 902.130199][T19460] should_fail_ex+0x512/0x640 [ 902.130234][T19460] ? fs_reclaim_acquire+0xae/0x150 [ 902.130275][T19460] should_failslab+0xc2/0x120 [ 902.130309][T19460] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 902.130341][T19460] ? security_inode_alloc+0x3b/0x2b0 [ 902.130374][T19460] security_inode_alloc+0x3b/0x2b0 [ 902.130403][T19460] inode_init_always_gfp+0xce4/0x1030 [ 902.130437][T19460] alloc_inode+0x86/0x240 [ 902.130474][T19460] new_inode+0x22/0x1c0 [ 902.130512][T19460] simple_fill_super+0x306/0x720 [ 902.130548][T19460] ? __pfx_nfsd_fill_super+0x10/0x10 [ 902.130577][T19460] nfsd_fill_super+0x90/0x530 [ 902.130604][T19460] ? __pfx_set_anon_super_fc+0x10/0x10 [ 902.130630][T19460] ? __pfx_nfsd_fill_super+0x10/0x10 [ 902.130657][T19460] get_tree_keyed+0x10b/0x1d0 [ 902.130687][T19460] vfs_get_tree+0x8e/0x340 [ 902.130709][T19460] path_mount+0x1513/0x2000 [ 902.130753][T19460] ? __pfx_path_mount+0x10/0x10 [ 902.130786][T19460] ? kmem_cache_free+0x2d1/0x4d0 [ 902.130814][T19460] ? putname+0x154/0x1a0 [ 902.130851][T19460] ? putname+0x154/0x1a0 [ 902.130891][T19460] ? __x64_sys_mount+0x28d/0x310 [ 902.130927][T19460] __x64_sys_mount+0x28d/0x310 [ 902.130959][T19460] ? __pfx___x64_sys_mount+0x10/0x10 [ 902.131003][T19460] do_syscall_64+0xcd/0x490 [ 902.131039][T19460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 902.131063][T19460] RIP: 0033:0x7f8ad858ebe9 [ 902.131082][T19460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 902.131106][T19460] RSP: 002b:00007f8ad93df038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 902.131128][T19460] RAX: ffffffffffffffda RBX: 00007f8ad87c5fa0 RCX: 00007f8ad858ebe9 [ 902.131144][T19460] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000 [ 902.131159][T19460] RBP: 00007f8ad8611e19 R08: 0000000000000000 R09: 0000000000000000 [ 902.131174][T19460] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000000 [ 902.131189][T19460] R13: 00007f8ad87c6038 R14: 00007f8ad87c5fa0 R15: 00007ffc2cc8bb28 [ 902.131219][T19460] [ 902.658722][T19455] [U] [ 903.077390][T19466] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4508'. [ 903.120926][T19466] netlink: 298 bytes leftover after parsing attributes in process `syz.3.4508'. [ 903.494681][T19476] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4511'. [ 903.544477][T19476] netlink: 13 bytes leftover after parsing attributes in process `syz.3.4511'. [ 903.654334][T19481] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries [ 904.258518][T19482] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 904.300617][T19482] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 904.358012][T19482] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 904.397074][T19482] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 904.430017][T19482] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 904.880426][T19500] FAULT_INJECTION: forcing a failure. [ 904.880426][T19500] name failslab, interval 1, probability 0, space 0, times 0 [ 904.945741][T19500] CPU: 0 UID: 0 PID: 19500 Comm: syz.3.4517 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 904.945786][T19500] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 904.945797][T19500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 904.945811][T19500] Call Trace: [ 904.945820][T19500] [ 904.945830][T19500] dump_stack_lvl+0x16c/0x1f0 [ 904.945866][T19500] should_fail_ex+0x512/0x640 [ 904.945904][T19500] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 904.945937][T19500] should_failslab+0xc2/0x120 [ 904.945969][T19500] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 904.945997][T19500] ? __proc_create+0xc3/0x8e0 [ 904.946031][T19500] ? __proc_create+0x2ce/0x8e0 [ 904.946070][T19500] __proc_create+0x2ce/0x8e0 [ 904.946107][T19500] ? __pfx___proc_create+0x10/0x10 [ 904.946146][T19500] ? __pfx___netlink_kernel_create+0x10/0x10 [ 904.946179][T19500] ? fib4_semantics_init+0x25/0x100 [ 904.946213][T19500] proc_create_reg+0x7d/0x180 [ 904.946252][T19500] proc_create_seq_private+0x8e/0x180 [ 904.946292][T19500] ? __pfx_proc_create_seq_private+0x10/0x10 [ 904.946331][T19500] ? __pfx_nl_fib_input+0x10/0x10 [ 904.946372][T19500] ? __pfx_ip_rt_do_proc_init+0x10/0x10 [ 904.946410][T19500] ip_rt_do_proc_init+0x57/0x1b0 [ 904.946448][T19500] ops_init+0x1df/0x5f0 [ 904.946496][T19500] setup_net+0x10f/0x380 [ 904.946528][T19500] ? lockdep_init_map_type+0x5c/0x280 [ 904.946564][T19500] ? __pfx_setup_net+0x10/0x10 [ 904.946600][T19500] ? debug_mutex_init+0x37/0x70 [ 904.946627][T19500] copy_net_ns+0x2a6/0x5f0 [ 904.946668][T19500] create_new_namespaces+0x3ea/0xa90 [ 904.946703][T19500] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 904.946734][T19500] ksys_unshare+0x45b/0xa40 [ 904.946769][T19500] ? __pfx_ksys_unshare+0x10/0x10 [ 904.946804][T19500] ? xfd_validate_state+0x61/0x180 [ 904.946848][T19500] __x64_sys_unshare+0x31/0x40 [ 904.946881][T19500] do_syscall_64+0xcd/0x490 [ 904.946917][T19500] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 904.946942][T19500] RIP: 0033:0x7fe8fed8ebe9 [ 904.946962][T19500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 904.946986][T19500] RSP: 002b:00007fe8ffcd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 904.947009][T19500] RAX: ffffffffffffffda RBX: 00007fe8fefc5fa0 RCX: 00007fe8fed8ebe9 [ 904.947025][T19500] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 904.947040][T19500] RBP: 00007fe8fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 904.947055][T19500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 904.947070][T19500] R13: 00007fe8fefc6038 R14: 00007fe8fefc5fa0 R15: 00007ffee323dd58 [ 904.947100][T19500] [ 905.692435][ T5870] Bluetooth: hci4: unexpected event 0x3e length: 508 > 260 [ 905.692467][ T5870] Bluetooth: hci4: unexpected subevent 0x02 length: 507 > 260 [ 905.708798][ T5870] Bluetooth: hci4: Dropping invalid advertising data [ 905.717446][ T5870] Bluetooth: hci4: unknown advertising packet type: 0xe9 [ 905.717483][ T5870] Bluetooth: hci4: Dropping invalid advertising data [ 905.732033][ T5870] Bluetooth: hci4: Malformed LE Event: 0x02 [ 905.936532][ T5870] Bluetooth: hci4: command 0x0406 tx timeout [ 906.024814][T19506] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4518'. [ 906.357010][ T5870] Bluetooth: hci0: command 0x0406 tx timeout [ 906.429130][ T5871] Bluetooth: hci1: command 0x0406 tx timeout [ 907.307756][T19493] kexec: Could not allocate control_code_buffer [ 907.673165][ C0] sd 0:0:1:0: [sda] tag#3127 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 907.683989][ C0] sd 0:0:1:0: [sda] tag#3127 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00 [ 907.941125][ T5871] Bluetooth: hci4: command 0x0406 tx timeout [ 908.054984][T19527] FAULT_INJECTION: forcing a failure. [ 908.054984][T19527] name failslab, interval 1, probability 0, space 0, times 0 [ 908.098282][T19529] FAULT_INJECTION: forcing a failure. [ 908.098282][T19529] name failslab, interval 1, probability 0, space 0, times 0 [ 908.165691][T19527] CPU: 0 UID: 0 PID: 19527 Comm: syz.7.4525 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 908.165738][T19527] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 908.165749][T19527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 908.165764][T19527] Call Trace: [ 908.165773][T19527] [ 908.165782][T19527] dump_stack_lvl+0x16c/0x1f0 [ 908.165825][T19527] should_fail_ex+0x512/0x640 [ 908.165860][T19527] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 908.165893][T19527] should_failslab+0xc2/0x120 [ 908.165925][T19527] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 908.165954][T19527] ? __kernfs_new_node+0xd2/0x8e0 [ 908.165990][T19527] __kernfs_new_node+0xd2/0x8e0 [ 908.166024][T19527] ? __pfx___kernfs_new_node+0x10/0x10 [ 908.166063][T19527] ? find_held_lock+0x2b/0x80 [ 908.166087][T19527] ? kernfs_root+0xee/0x2a0 [ 908.166123][T19527] kernfs_new_node+0x13c/0x1e0 [ 908.166177][T19527] __kernfs_create_file+0x53/0x350 [ 908.166205][T19527] sysfs_add_file_mode_ns+0x207/0x3c0 [ 908.166242][T19527] internal_create_group+0x578/0xf30 [ 908.166282][T19527] ? __pfx_internal_create_group+0x10/0x10 [ 908.166319][T19527] ? kernfs_create_link+0x1bd/0x240 [ 908.166348][T19527] internal_create_groups+0x9d/0x150 [ 908.166384][T19527] device_add+0x6d1/0x1aa0 [ 908.166409][T19527] ? __pfx_device_add+0x10/0x10 [ 908.166431][T19527] ? lockdep_init_map_type+0x5c/0x280 [ 908.166465][T19527] ? __init_waitqueue_head+0xca/0x150 [ 908.166510][T19527] netdev_register_kobject+0x1a9/0x3d0 [ 908.166554][T19527] register_netdevice+0x13dc/0x2270 [ 908.166596][T19527] ? __pfx_register_netdevice+0x10/0x10 [ 908.166634][T19527] ? dev_addr_mod+0x316/0x540 [ 908.166665][T19527] __tun_chr_ioctl+0x1ed9/0x48b0 [ 908.166687][T19527] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 908.166734][T19527] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 908.166760][T19527] ? hook_file_ioctl_common+0x145/0x410 [ 908.166799][T19527] ? __fget_files+0x20e/0x3c0 [ 908.166829][T19527] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 908.166853][T19527] __x64_sys_ioctl+0x18b/0x210 [ 908.166898][T19527] do_syscall_64+0xcd/0x490 [ 908.166934][T19527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.166959][T19527] RIP: 0033:0x7f0f6378ebe9 [ 908.166978][T19527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 908.167001][T19527] RSP: 002b:00007f0f646a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 908.167023][T19527] RAX: ffffffffffffffda RBX: 00007f0f639c5fa0 RCX: 00007f0f6378ebe9 [ 908.167040][T19527] RDX: 0000000000000038 RSI: 00000000400454ca RDI: 0000000000000003 [ 908.167054][T19527] RBP: 00007f0f63811e19 R08: 0000000000000000 R09: 0000000000000000 [ 908.167069][T19527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 908.167083][T19527] R13: 00007f0f639c6038 R14: 00007f0f639c5fa0 R15: 00007fffbb9ee508 [ 908.167114][T19527] [ 908.790646][T19529] CPU: 0 UID: 0 PID: 19529 Comm: syz.5.4524 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 908.790692][T19529] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 908.790703][T19529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 908.790718][T19529] Call Trace: [ 908.790726][T19529] [ 908.790736][T19529] dump_stack_lvl+0x16c/0x1f0 [ 908.790774][T19529] should_fail_ex+0x512/0x640 [ 908.790808][T19529] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 908.790845][T19529] should_failslab+0xc2/0x120 [ 908.790877][T19529] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 908.790907][T19529] ? prepare_creds+0x2c/0x7d0 [ 908.790947][T19529] prepare_creds+0x2c/0x7d0 [ 908.790984][T19529] __do_sys_capset+0x26c/0x460 [ 908.791010][T19529] ? __pfx___do_sys_capset+0x10/0x10 [ 908.791038][T19529] ? __x64_sys_futex+0x1e0/0x4c0 [ 908.791075][T19529] ? xfd_validate_state+0x61/0x180 [ 908.791123][T19529] ? rcu_is_watching+0x12/0xc0 [ 908.791151][T19529] do_syscall_64+0xcd/0x490 [ 908.791188][T19529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.791212][T19529] RIP: 0033:0x7f5105d8ebe9 [ 908.791231][T19529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 908.791256][T19529] RSP: 002b:00007f5106c50038 EFLAGS: 00000246 ORIG_RAX: 000000000000007e [ 908.791278][T19529] RAX: ffffffffffffffda RBX: 00007f5105fc6090 RCX: 00007f5105d8ebe9 [ 908.791294][T19529] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000 [ 908.791308][T19529] RBP: 00007f5105e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 908.791323][T19529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 908.791337][T19529] R13: 00007f5105fc6128 R14: 00007f5105fc6090 R15: 00007ffd0d33c3b8 [ 908.791367][T19529] [ 909.022174][ T5871] Bluetooth: hci1: command 0x0406 tx timeout [ 909.335256][T19540] FAULT_INJECTION: forcing a failure. [ 909.335256][T19540] name failslab, interval 1, probability 0, space 0, times 0 [ 909.413368][T19540] CPU: 0 UID: 0 PID: 19540 Comm: syz.6.4528 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 909.413413][T19540] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 909.413424][T19540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 909.413438][T19540] Call Trace: [ 909.413446][T19540] [ 909.413456][T19540] dump_stack_lvl+0x16c/0x1f0 [ 909.413493][T19540] should_fail_ex+0x512/0x640 [ 909.413527][T19540] ? fs_reclaim_acquire+0xae/0x150 [ 909.413567][T19540] should_failslab+0xc2/0x120 [ 909.413599][T19540] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 909.413630][T19540] ? security_inode_alloc+0x3b/0x2b0 [ 909.413663][T19540] security_inode_alloc+0x3b/0x2b0 [ 909.413692][T19540] inode_init_always_gfp+0xce4/0x1030 [ 909.413724][T19540] alloc_inode+0x86/0x240 [ 909.413760][T19540] new_inode+0x22/0x1c0 [ 909.413797][T19540] __debugfs_create_file+0x11c/0x6b0 [ 909.413831][T19540] debugfs_create_file_full+0x41/0x60 [ 909.413862][T19540] ref_tracker_dir_debugfs+0x19d/0x290 [ 909.413917][T19540] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 909.413983][T19540] ? lockdep_init_map_type+0x5c/0x280 [ 909.414022][T19540] preinit_net+0x296/0x8f0 [ 909.414058][T19540] copy_net_ns+0x1da/0x5f0 [ 909.414099][T19540] create_new_namespaces+0x3ea/0xa90 [ 909.414134][T19540] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 909.414165][T19540] ksys_unshare+0x45b/0xa40 [ 909.414199][T19540] ? __pfx_ksys_unshare+0x10/0x10 [ 909.414233][T19540] ? xfd_validate_state+0x61/0x180 [ 909.414282][T19540] __x64_sys_unshare+0x31/0x40 [ 909.414314][T19540] do_syscall_64+0xcd/0x490 [ 909.414358][T19540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 909.414384][T19540] RIP: 0033:0x7f8ad858ebe9 [ 909.414403][T19540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 909.414428][T19540] RSP: 002b:00007f8ad93be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 909.414451][T19540] RAX: ffffffffffffffda RBX: 00007f8ad87c6090 RCX: 00007f8ad858ebe9 [ 909.414467][T19540] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 909.414482][T19540] RBP: 00007f8ad8611e19 R08: 0000000000000000 R09: 0000000000000000 [ 909.414497][T19540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 909.414512][T19540] R13: 00007f8ad87c6128 R14: 00007f8ad87c6090 R15: 00007ffc2cc8bb28 [ 909.414543][T19540] [ 909.414596][T19540] debugfs: out of free dentries, can not create file 'net_refcnt@ffff8880594125b0' [ 909.889176][T19547] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4530'. [ 914.233021][T19589] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4541'. [ 916.517208][T19617] netlink: 50 bytes leftover after parsing attributes in process `syz.7.4550'. [ 916.771937][T19621] FAULT_INJECTION: forcing a failure. [ 916.771937][T19621] name failslab, interval 1, probability 0, space 0, times 0 [ 916.887895][T19626] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 916.922805][T19621] CPU: 0 UID: 0 PID: 19621 Comm: syz.3.4551 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 916.922851][T19621] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 916.922862][T19621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 916.922877][T19621] Call Trace: [ 916.922885][T19621] [ 916.922895][T19621] dump_stack_lvl+0x16c/0x1f0 [ 916.922932][T19621] should_fail_ex+0x512/0x640 [ 916.922966][T19621] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 916.923000][T19621] should_failslab+0xc2/0x120 [ 916.923032][T19621] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 916.923062][T19621] ? proc_alloc_inode+0x25/0x200 [ 916.923098][T19621] ? __pfx_proc_alloc_inode+0x10/0x10 [ 916.923128][T19621] proc_alloc_inode+0x25/0x200 [ 916.923158][T19621] alloc_inode+0x61/0x240 [ 916.923194][T19621] new_inode+0x22/0x1c0 [ 916.923230][T19621] proc_pid_make_inode+0x22/0x160 [ 916.923262][T19621] proc_pident_instantiate+0x85/0x310 [ 916.923298][T19621] proc_fill_cache+0x35e/0x470 [ 916.923329][T19621] ? __pfx_proc_pident_instantiate+0x10/0x10 [ 916.923363][T19621] ? __pfx_proc_fill_cache+0x10/0x10 [ 916.923430][T19621] proc_pident_readdir+0x1bc/0x530 [ 916.923470][T19621] iterate_dir+0x293/0xaf0 [ 916.923498][T19621] __x64_sys_getdents+0x13c/0x2b0 [ 916.923523][T19621] ? __pfx___x64_sys_getdents+0x10/0x10 [ 916.923545][T19621] ? __x64_sys_openat+0x174/0x210 [ 916.923589][T19621] ? __pfx_filldir+0x10/0x10 [ 916.923622][T19621] do_syscall_64+0xcd/0x490 [ 916.923659][T19621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 916.923684][T19621] RIP: 0033:0x7fe8fed8ebe9 [ 916.923703][T19621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 916.923727][T19621] RSP: 002b:00007fe8ffcb5038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 916.923751][T19621] RAX: ffffffffffffffda RBX: 00007fe8fefc6090 RCX: 00007fe8fed8ebe9 [ 916.923767][T19621] RDX: 0000000000000c08 RSI: 0000000000000000 RDI: 0000000000000005 [ 916.923781][T19621] RBP: 00007fe8fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 916.923796][T19621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 916.923811][T19621] R13: 00007fe8fefc6128 R14: 00007fe8fefc6090 R15: 00007ffee323dd58 [ 916.923841][T19621] [ 917.681268][T19632] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries [ 920.568304][T19650] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4559'. [ 921.764027][T19666] netlink: 'syz.3.4564': attribute type 5 has an invalid length. [ 921.851360][T19667] netlink: 'syz.3.4564': attribute type 5 has an invalid length. [ 921.903081][T19666] netlink: 'syz.3.4564': attribute type 1 has an invalid length. [ 921.969369][T19667] netlink: 'syz.3.4564': attribute type 1 has an invalid length. [ 922.013039][T19666] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4564'. [ 922.128569][T19667] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4564'. [ 922.640662][ T5871] Bluetooth: hci1: unexpected event 0x36 length: 123 > 7 [ 922.900141][T19678] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4568'. [ 922.958938][T19673] sp0: Synchronizing with TNC [ 923.545127][T19687] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 923.671798][T19688] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 926.611275][T19722] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries [ 927.364756][T19734] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries [ 927.985468][T19742] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries [ 928.030424][T19741] sctp: [Deprecated]: syz.3.4582 (pid 19741) Use of struct sctp_assoc_value in delayed_ack socket option. [ 928.030424][T19741] Use struct sctp_sack_info instead [ 928.863603][T19754] FAULT_INJECTION: forcing a failure. [ 928.863603][T19754] name fail_page_alloc, interval 1, probability 0, space 0, times 393172 [ 928.991552][T19754] CPU: 0 UID: 0 PID: 19754 Comm: syz.5.4586 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 928.991599][T19754] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 928.991610][T19754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 928.991626][T19754] Call Trace: [ 928.991634][T19754] [ 928.991644][T19754] dump_stack_lvl+0x16c/0x1f0 [ 928.991683][T19754] should_fail_ex+0x512/0x640 [ 928.991721][T19754] should_fail_alloc_page+0xe7/0x130 [ 928.991757][T19754] prepare_alloc_pages+0x3c2/0x610 [ 928.991795][T19754] ? arch_stack_walk+0xa6/0x100 [ 928.991824][T19754] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 928.991862][T19754] ? stack_trace_save+0x8e/0xc0 [ 928.991890][T19754] ? __pfx_stack_trace_save+0x10/0x10 [ 928.991918][T19754] ? stack_depot_save_flags+0x29/0x9c0 [ 928.991955][T19754] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 928.991988][T19754] ? kasan_save_stack+0x42/0x60 [ 928.992014][T19754] ? kasan_save_stack+0x33/0x60 [ 928.992040][T19754] ? kasan_save_track+0x14/0x30 [ 928.992084][T19754] ? __kasan_slab_alloc+0x89/0x90 [ 928.992113][T19754] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 928.992141][T19754] ? security_inode_alloc+0x3b/0x2b0 [ 928.992167][T19754] ? inode_init_always_gfp+0xce4/0x1030 [ 928.992206][T19754] ? do_syscall_64+0xcd/0x490 [ 928.992242][T19754] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 928.992274][T19754] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 928.992314][T19754] ? policy_nodemask+0xea/0x4e0 [ 928.992348][T19754] alloc_pages_mpol+0x1fb/0x550 [ 928.992382][T19754] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 928.992422][T19754] ? sk_prot_alloc+0x1a8/0x2a0 [ 928.992444][T19754] ___kmalloc_large_node+0xed/0x160 [ 928.992486][T19754] ? sk_prot_alloc+0x1a8/0x2a0 [ 928.992506][T19754] __kmalloc_large_node_noprof+0x1c/0x70 [ 928.992547][T19754] __kmalloc_noprof.cold+0xc/0x61 [ 928.992594][T19754] sk_prot_alloc+0x1a8/0x2a0 [ 928.992618][T19754] sk_alloc+0x36/0xc20 [ 928.992649][T19754] can_create+0x1e5/0x600 [ 928.992682][T19754] __sock_create+0x338/0x8d0 [ 928.992712][T19754] __sys_socket+0x14d/0x260 [ 928.992737][T19754] ? __pfx___sys_socket+0x10/0x10 [ 928.992761][T19754] ? xfd_validate_state+0x61/0x180 [ 928.992796][T19754] ? __pfx_ksys_write+0x10/0x10 [ 928.992830][T19754] __x64_sys_socket+0x72/0xb0 [ 928.992854][T19754] ? lockdep_hardirqs_on+0x7c/0x110 [ 928.992891][T19754] do_syscall_64+0xcd/0x490 [ 928.992928][T19754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 928.992952][T19754] RIP: 0033:0x7f5105d8ebe9 [ 928.992971][T19754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 928.992995][T19754] RSP: 002b:00007f5106c50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 928.993017][T19754] RAX: ffffffffffffffda RBX: 00007f5105fc6090 RCX: 00007f5105d8ebe9 [ 928.993034][T19754] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 000000000000001d [ 928.993049][T19754] RBP: 00007f5105e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 928.993064][T19754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 928.993079][T19754] R13: 00007f5105fc6128 R14: 00007f5105fc6090 R15: 00007ffd0d33c3b8 [ 928.993109][T19754] [ 931.106323][T19788] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4598'. [ 932.916797][T19815] netlink: 'syz.7.4604': attribute type 16 has an invalid length. [ 932.945406][ T5871] Bluetooth: hci0: Malformed Event: 0x02 [ 932.972381][T19815] netlink: 226 bytes leftover after parsing attributes in process `syz.7.4604'. [ 933.030451][T19815] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4604'. [ 933.316311][T19823] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4606'. [ 934.248393][T19839] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries [ 934.630590][T19847] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries [ 934.706010][T19844] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 934.723311][T19850] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4615'. [ 934.742571][T19851] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries [ 935.129867][T19854] ERROR: Out of memory at tomoyo_memory_ok. [ 935.282205][T19865] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries [ 935.902678][T19876] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries [ 936.027508][T19879] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries [ 936.356225][T19873] FAULT_INJECTION: forcing a failure. [ 936.356225][T19873] name failslab, interval 1, probability 0, space 0, times 0 [ 936.370684][T19883] netlink: 330 bytes leftover after parsing attributes in process `syz.6.4623'. [ 936.432598][T19873] CPU: 0 UID: 0 PID: 19873 Comm: syz.3.4621 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 936.432642][T19873] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 936.432653][T19873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 936.432668][T19873] Call Trace: [ 936.432676][T19873] [ 936.432685][T19873] dump_stack_lvl+0x16c/0x1f0 [ 936.432722][T19873] should_fail_ex+0x512/0x640 [ 936.432756][T19873] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 936.432784][T19873] should_failslab+0xc2/0x120 [ 936.432817][T19873] __kmalloc_cache_noprof+0x6a/0x3e0 [ 936.432847][T19873] ? kvm_uevent_notify_change.part.0+0x93/0x450 [ 936.432882][T19873] kvm_uevent_notify_change.part.0+0x93/0x450 [ 936.432913][T19873] ? __pfx_kvm_vm_release+0x10/0x10 [ 936.432936][T19873] kvm_put_kvm+0xe4/0xb40 [ 936.432958][T19873] ? lockdep_hardirqs_on+0x7c/0x110 [ 936.432994][T19873] ? __pfx_kvm_vm_release+0x10/0x10 [ 936.433017][T19873] kvm_vm_release+0x3c/0x50 [ 936.433039][T19873] __fput+0x3ff/0xb70 [ 936.433080][T19873] task_work_run+0x14d/0x240 [ 936.433120][T19873] ? __pfx_task_work_run+0x10/0x10 [ 936.433158][T19873] ? __pfx___do_sys_close_range+0x10/0x10 [ 936.433195][T19873] exit_to_user_mode_loop+0xeb/0x110 [ 936.433232][T19873] do_syscall_64+0x3f6/0x490 [ 936.433269][T19873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 936.433293][T19873] RIP: 0033:0x7fe8fed8ebe9 [ 936.433312][T19873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 936.433336][T19873] RSP: 002b:00007fe8ffcd6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 936.433358][T19873] RAX: 0000000000000000 RBX: 00007fe8fefc5fa0 RCX: 00007fe8fed8ebe9 [ 936.433374][T19873] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 936.433389][T19873] RBP: 00007fe8fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 936.433403][T19873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 936.433418][T19873] R13: 00007fe8fefc6038 R14: 00007fe8fefc5fa0 R15: 00007ffee323dd58 [ 936.433448][T19873] [ 937.848438][T19902] netlink: 186 bytes leftover after parsing attributes in process `syz.5.4630'. [ 938.192671][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 938.203530][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 938.495250][T19911] netlink: 354 bytes leftover after parsing attributes in process `syz.6.4633'. [ 939.039894][T19924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 939.084393][T19924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 939.132747][T19924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 939.171406][T19924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 939.210148][T19924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 939.256125][T19924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 939.304957][T19924] Dead loop on virtual device ip6_vti0, fix it urgently! [ 940.451503][T19943] netlink: 252 bytes leftover after parsing attributes in process `syz.7.4645'. [ 940.557374][T19943] netlink: 252 bytes leftover after parsing attributes in process `syz.7.4645'. [ 941.809842][ T30] audit: type=1804 audit(6051890016.057:21): pid=19957 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.4648" name="/newroot/536/file0" dev="tmpfs" ino=2823 res=1 errno=0 [ 943.621516][T19983] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4656'. [ 943.642937][T19985] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4658'. [ 943.700512][T19985] netlink: 'syz.5.4658': attribute type 3 has an invalid length. [ 943.744591][T19985] netlink: 298 bytes leftover after parsing attributes in process `syz.5.4658'. [ 943.784203][T19983] bond_slave_1: entered allmulticast mode [ 943.794505][T19985] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 943.802003][T19985] IPv6: NLM_F_CREATE should be set when creating new route [ 943.809718][T19985] IPv6: NLM_F_CREATE should be set when creating new route [ 944.077395][T19987] netlink: 86 bytes leftover after parsing attributes in process `syz.7.4659'. [ 944.215067][T19991] netlink: 'syz.3.4661': attribute type 3 has an invalid length. [ 944.254129][T19991] netlink: 306 bytes leftover after parsing attributes in process `syz.3.4661'. [ 946.997481][T20024] FAULT_INJECTION: forcing a failure. [ 946.997481][T20024] name fail_futex, interval 1, probability 0, space 0, times 0 [ 947.151476][T20024] CPU: 0 UID: 0 PID: 20024 Comm: syz.7.4671 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 947.151522][T20024] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 947.151533][T20024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 947.151548][T20024] Call Trace: [ 947.151557][T20024] [ 947.151567][T20024] dump_stack_lvl+0x16c/0x1f0 [ 947.151604][T20024] should_fail_ex+0x512/0x640 [ 947.151642][T20024] get_futex_key+0x1d0/0x1560 [ 947.151676][T20024] ? __pfx_get_futex_key+0x10/0x10 [ 947.151702][T20024] ? __lock_acquire+0xb97/0x1ce0 [ 947.151745][T20024] futex_wake+0xea/0x530 [ 947.151789][T20024] ? __pfx_futex_wake+0x10/0x10 [ 947.151838][T20024] do_futex+0x1e3/0x350 [ 947.151869][T20024] ? __pfx_do_futex+0x10/0x10 [ 947.151908][T20024] __x64_sys_futex+0x1e0/0x4c0 [ 947.151944][T20024] ? __pfx___x64_sys_futex+0x10/0x10 [ 947.151987][T20024] do_syscall_64+0xcd/0x490 [ 947.152023][T20024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 947.152048][T20024] RIP: 0033:0x7f0f6378ebe9 [ 947.152066][T20024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 947.152090][T20024] RSP: 002b:00007f0f646a30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 947.152113][T20024] RAX: ffffffffffffffda RBX: 00007f0f639c5fa8 RCX: 00007f0f6378ebe9 [ 947.152129][T20024] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0f639c5fac [ 947.152144][T20024] RBP: 00007f0f639c5fa0 R08: 00007f0f646a4000 R09: 0000000000000000 [ 947.152160][T20024] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 947.152175][T20024] R13: 00007f0f639c6038 R14: 00007fffbb9ee420 R15: 00007fffbb9ee508 [ 947.152204][T20024] [ 948.375446][T20042] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078001a00 pfn:0x78000 [ 948.375537][T20042] flags: 0xfff00000000004(referenced|node=0|zone=1|lastcpupid=0x7ff) [ 948.375571][T20042] raw: 00fff00000000004 0000000000000000 dead000000000122 0000000000000000 [ 948.375595][T20042] raw: ffff888078001a00 0000000000000000 00000001ffffffff 0000000000000000 [ 948.375611][T20042] page dumped because: unmovable page [ 948.375628][T20042] page_owner tracks the page as allocated [ 948.375692][T20042] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 12773, tgid 12773 (syz-executor), ts 458381571410, free_ts 116093437904 [ 948.375735][T20042] post_alloc_hook+0x1c0/0x230 [ 948.375764][T20042] get_page_from_freelist+0x132b/0x38e0 [ 948.375792][T20042] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 948.375827][T20042] alloc_pages_mpol+0x1fb/0x550 [ 948.375857][T20042] alloc_pages_noprof+0x131/0x390 [ 948.375888][T20042] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 948.375915][T20042] vmalloc_user_noprof+0x9e/0xe0 [ 948.375936][T20042] kcov_ioctl+0x4c/0x730 [ 948.375970][T20042] __x64_sys_ioctl+0x18b/0x210 [ 948.376008][T20042] do_syscall_64+0xcd/0x490 [ 948.376042][T20042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 948.376067][T20042] page last free pid 6037 tgid 6037 stack trace: [ 948.376082][T20042] __free_frozen_pages+0x7d5/0x10f0 [ 948.376105][T20042] __put_partials+0x165/0x1c0 [ 948.376129][T20042] qlist_free_all+0x4d/0x120 [ 948.376154][T20042] kasan_quarantine_reduce+0x195/0x1e0 [ 948.376182][T20042] __kasan_slab_alloc+0x69/0x90 [ 948.376211][T20042] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 948.376239][T20042] ptlock_alloc+0x1f/0x70 [ 948.376262][T20042] pte_alloc_one+0x82/0x3a0 [ 948.376287][T20042] do_pte_missing+0x1afc/0x3ba0 [ 948.376310][T20042] __handle_mm_fault+0x152a/0x2a50 [ 948.376334][T20042] handle_mm_fault+0x589/0xd10 [ 948.376357][T20042] do_user_addr_fault+0x60c/0x1370 [ 948.376433][T20042] exc_page_fault+0x5c/0xb0 [ 948.376471][T20042] asm_exc_page_fault+0x26/0x30 [ 949.963695][T20057] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4678'. [ 950.403032][T20067] ERROR: Out of memory at tomoyo_memory_ok. [ 950.467913][T20067] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /sbin/start-stop-daemon /usr/sbin/sshd /usr/libexec/sshd-session /bin/sh /root/syz-executor /root/syz-executor /newroot/594/:,' not defined. [ 950.490645][ C0] vkms_vblank_simulate: vblank timer overrun [ 950.810475][T20067] FAULT_INJECTION: forcing a failure. [ 950.810475][T20067] name failslab, interval 1, probability 0, space 0, times 0 [ 950.924152][T20067] CPU: 0 UID: 0 PID: 20067 Comm: syz.5.4681 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 950.924210][T20067] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 950.924221][T20067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 950.924236][T20067] Call Trace: [ 950.924244][T20067] [ 950.924254][T20067] dump_stack_lvl+0x16c/0x1f0 [ 950.924291][T20067] should_fail_ex+0x512/0x640 [ 950.924326][T20067] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 950.924355][T20067] should_failslab+0xc2/0x120 [ 950.924388][T20067] __kmalloc_cache_noprof+0x6a/0x3e0 [ 950.924413][T20067] ? alloc_netdev_mqs+0xec4/0x1530 [ 950.924451][T20067] alloc_netdev_mqs+0xec4/0x1530 [ 950.924491][T20067] internal_dev_create+0x8a/0x520 [ 950.924530][T20067] ovs_vport_add+0x147/0x4d0 [ 950.924566][T20067] new_vport+0x16/0x1d0 [ 950.924592][T20067] ovs_dp_cmd_new+0x6ba/0xe60 [ 950.924629][T20067] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 950.924665][T20067] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 950.924707][T20067] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 950.924753][T20067] genl_family_rcv_msg_doit+0x206/0x2f0 [ 950.924795][T20067] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 950.924844][T20067] ? bpf_lsm_capable+0x9/0x10 [ 950.924866][T20067] ? security_capable+0x7e/0x260 [ 950.924891][T20067] ? ns_capable+0xd7/0x110 [ 950.924920][T20067] genl_rcv_msg+0x55c/0x800 [ 950.924962][T20067] ? __pfx_genl_rcv_msg+0x10/0x10 [ 950.925001][T20067] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 950.925041][T20067] netlink_rcv_skb+0x155/0x420 [ 950.925075][T20067] ? __pfx_genl_rcv_msg+0x10/0x10 [ 950.925115][T20067] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 950.925162][T20067] ? netlink_deliver_tap+0x1ae/0xd30 [ 950.925204][T20067] genl_rcv+0x28/0x40 [ 950.925238][T20067] netlink_unicast+0x5aa/0x870 [ 950.925277][T20067] ? __pfx_netlink_unicast+0x10/0x10 [ 950.925313][T20067] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 950.925345][T20067] ? __lock_acquire+0xb97/0x1ce0 [ 950.925385][T20067] netlink_sendmsg+0x8d1/0xdd0 [ 950.925424][T20067] ? __pfx_netlink_sendmsg+0x10/0x10 [ 950.925463][T20067] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 950.925494][T20067] ____sys_sendmsg+0xa95/0xc70 [ 950.925519][T20067] ? copy_msghdr_from_user+0x10a/0x160 [ 950.925551][T20067] ? __pfx_____sys_sendmsg+0x10/0x10 [ 950.925581][T20067] ? __pfx_futex_wake_mark+0x10/0x10 [ 950.925636][T20067] ___sys_sendmsg+0x134/0x1d0 [ 950.925671][T20067] ? __pfx____sys_sendmsg+0x10/0x10 [ 950.925747][T20067] __sys_sendmsg+0x16d/0x220 [ 950.925781][T20067] ? __pfx___sys_sendmsg+0x10/0x10 [ 950.925813][T20067] ? __x64_sys_futex+0x1e0/0x4c0 [ 950.925862][T20067] do_syscall_64+0xcd/0x490 [ 950.925899][T20067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 950.925924][T20067] RIP: 0033:0x7f5105d8ebe9 [ 950.925942][T20067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 950.925967][T20067] RSP: 002b:00007f5106c71038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 950.925990][T20067] RAX: ffffffffffffffda RBX: 00007f5105fc5fa0 RCX: 00007f5105d8ebe9 [ 950.926007][T20067] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000006 [ 950.926022][T20067] RBP: 00007f5105e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 950.926037][T20067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 950.926052][T20067] R13: 00007f5105fc6038 R14: 00007f5105fc5fa0 R15: 00007ffd0d33c3b8 [ 950.926083][T20067] [ 951.866797][T20069] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 952.086864][T20079] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4686'. [ 952.171593][T20082] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4687'. [ 952.213349][T20082] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4687'. [ 956.071113][T20112] netlink: 246 bytes leftover after parsing attributes in process `syz.3.4695'. [ 956.395441][T20118] mkiss: ax0: crc mode is auto. [ 956.516217][T20115] FAULT_INJECTION: forcing a failure. [ 956.516217][T20115] name failslab, interval 1, probability 0, space 0, times 0 [ 956.743599][T20115] CPU: 0 UID: 0 PID: 20115 Comm: syz.6.4696 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 956.743652][T20115] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 956.743664][T20115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 956.743679][T20115] Call Trace: [ 956.743687][T20115] [ 956.743697][T20115] dump_stack_lvl+0x16c/0x1f0 [ 956.743734][T20115] should_fail_ex+0x512/0x640 [ 956.743772][T20115] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 956.743801][T20115] should_failslab+0xc2/0x120 [ 956.743833][T20115] __kmalloc_cache_noprof+0x6a/0x3e0 [ 956.743859][T20115] ? kvm_uevent_notify_change.part.0+0x93/0x450 [ 956.743895][T20115] kvm_uevent_notify_change.part.0+0x93/0x450 [ 956.743927][T20115] ? __pfx_kvm_vm_release+0x10/0x10 [ 956.743950][T20115] kvm_put_kvm+0xe4/0xb40 [ 956.743972][T20115] ? lockdep_hardirqs_on+0x7c/0x110 [ 956.744008][T20115] ? __pfx_kvm_vm_release+0x10/0x10 [ 956.744031][T20115] kvm_vm_release+0x3c/0x50 [ 956.744053][T20115] __fput+0x3ff/0xb70 [ 956.744094][T20115] task_work_run+0x14d/0x240 [ 956.744134][T20115] ? __pfx_task_work_run+0x10/0x10 [ 956.744173][T20115] ? __pfx___do_sys_close_range+0x10/0x10 [ 956.744209][T20115] exit_to_user_mode_loop+0xeb/0x110 [ 956.744247][T20115] do_syscall_64+0x3f6/0x490 [ 956.744282][T20115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 956.744307][T20115] RIP: 0033:0x7f8ad858ebe9 [ 956.744326][T20115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 956.744350][T20115] RSP: 002b:00007f8ad93df038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 956.744372][T20115] RAX: 0000000000000000 RBX: 00007f8ad87c5fa0 RCX: 00007f8ad858ebe9 [ 956.744388][T20115] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 956.744402][T20115] RBP: 00007f8ad8611e19 R08: 0000000000000000 R09: 0000000000000000 [ 956.744417][T20115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 956.744431][T20115] R13: 00007f8ad87c6038 R14: 00007f8ad87c5fa0 R15: 00007ffc2cc8bb28 [ 956.744461][T20115] [ 957.392301][ T72] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1414 with max blocks 20 with error 117 [ 957.455198][ T72] EXT4-fs (sda1): This should not happen!! Data will be lost [ 957.455198][ T72] [ 961.292343][T20148] kexec: Could not allocate control_code_buffer [ 963.140580][T20187] netlink: 'syz.5.4714': attribute type 33 has an invalid length. [ 963.532763][ T5871] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 963.532796][ T5871] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260 [ 963.551220][ T5871] Bluetooth: hci4: Unknown advertising packet type: 0x7f [ 963.551252][ T5871] Bluetooth: hci4: adv larger than maximum supported [ 963.558518][ T5871] Bluetooth: hci4: adv larger than maximum supported [ 963.565761][ T5871] Bluetooth: hci4: Malformed LE Event: 0x0d [ 965.477592][T20229] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4728'. [ 965.532402][T20229] netlink: 13 bytes leftover after parsing attributes in process `syz.3.4728'. [ 966.014039][T20237] [U] [ 966.585179][T20241] netlink: 186 bytes leftover after parsing attributes in process `syz.6.4731'. [ 967.333856][T20253] FAULT_INJECTION: forcing a failure. [ 967.333856][T20253] name failslab, interval 1, probability 0, space 0, times 0 [ 967.406772][T20253] CPU: 0 UID: 0 PID: 20253 Comm: syz.3.4735 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 967.406817][T20253] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 967.406827][T20253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 967.406843][T20253] Call Trace: [ 967.406852][T20253] [ 967.406863][T20253] dump_stack_lvl+0x16c/0x1f0 [ 967.406908][T20253] should_fail_ex+0x512/0x640 [ 967.406942][T20253] ? __kmalloc_noprof+0xbf/0x510 [ 967.406974][T20253] ? __alloc_workqueue+0xd5c/0x1810 [ 967.407005][T20253] should_failslab+0xc2/0x120 [ 967.407037][T20253] __kmalloc_noprof+0xd2/0x510 [ 967.407065][T20253] ? vsnprintf+0x318/0x1160 [ 967.407099][T20253] __alloc_workqueue+0xd5c/0x1810 [ 967.407131][T20253] ? __pfx_vsnprintf+0x10/0x10 [ 967.407160][T20253] ? lockdep_hardirqs_on+0x7c/0x110 [ 967.407192][T20253] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 967.407225][T20253] alloc_workqueue_noprof+0xd2/0x200 [ 967.407257][T20253] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 967.407298][T20253] ? __pfx___debug_object_init+0x10/0x10 [ 967.407333][T20253] nci_register_device+0x511/0xb80 [ 967.407363][T20253] ? __pfx_nci_register_device+0x10/0x10 [ 967.407401][T20253] ? lockdep_init_map_type+0x5c/0x280 [ 967.407441][T20253] virtual_ncidev_open+0x141/0x220 [ 967.407470][T20253] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 967.407498][T20253] misc_open+0x35d/0x420 [ 967.407523][T20253] ? __pfx_misc_open+0x10/0x10 [ 967.407549][T20253] chrdev_open+0x231/0x6a0 [ 967.407580][T20253] ? __pfx_apparmor_file_open+0x10/0x10 [ 967.407608][T20253] ? __pfx_chrdev_open+0x10/0x10 [ 967.407641][T20253] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 967.407675][T20253] do_dentry_open+0x97f/0x1530 [ 967.407705][T20253] ? __pfx_chrdev_open+0x10/0x10 [ 967.407747][T20253] vfs_open+0x82/0x3f0 [ 967.407788][T20253] path_openat+0x1de4/0x2cb0 [ 967.407830][T20253] ? __pfx_path_openat+0x10/0x10 [ 967.407867][T20253] do_filp_open+0x20b/0x470 [ 967.407905][T20253] ? __pfx_do_filp_open+0x10/0x10 [ 967.407955][T20253] ? alloc_fd+0x471/0x7d0 [ 967.407989][T20253] do_sys_openat2+0x11b/0x1d0 [ 967.408027][T20253] ? __pfx_do_sys_openat2+0x10/0x10 [ 967.408076][T20253] __x64_sys_openat+0x174/0x210 [ 967.408115][T20253] ? __pfx___x64_sys_openat+0x10/0x10 [ 967.408165][T20253] do_syscall_64+0xcd/0x490 [ 967.408202][T20253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 967.408226][T20253] RIP: 0033:0x7fe8fed8ebe9 [ 967.408246][T20253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 967.408271][T20253] RSP: 002b:00007fe8ffcd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 967.408294][T20253] RAX: ffffffffffffffda RBX: 00007fe8fefc5fa0 RCX: 00007fe8fed8ebe9 [ 967.408310][T20253] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 967.408325][T20253] RBP: 00007fe8fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 967.408339][T20253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 967.408353][T20253] R13: 00007fe8fefc6038 R14: 00007fe8fefc5fa0 R15: 00007ffee323dd58 [ 967.408383][T20253] [ 968.727406][T20262] FAULT_INJECTION: forcing a failure. [ 968.727406][T20262] name failslab, interval 1, probability 0, space 0, times 0 [ 968.862230][T20262] CPU: 0 UID: 0 PID: 20262 Comm: syz.6.4736 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 968.862274][T20262] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 968.862286][T20262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 968.862301][T20262] Call Trace: [ 968.862309][T20262] [ 968.862318][T20262] dump_stack_lvl+0x16c/0x1f0 [ 968.862355][T20262] should_fail_ex+0x512/0x640 [ 968.862388][T20262] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 968.862420][T20262] should_failslab+0xc2/0x120 [ 968.862451][T20262] __kmalloc_cache_node_noprof+0x6d/0x420 [ 968.862479][T20262] ? lockdep_init_map_type+0x5c/0x280 [ 968.862521][T20262] ? __alloc_workqueue+0x506/0x1810 [ 968.862557][T20262] __alloc_workqueue+0x506/0x1810 [ 968.862594][T20262] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 968.862628][T20262] alloc_workqueue_noprof+0xd2/0x200 [ 968.862661][T20262] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 968.862702][T20262] ? __pfx___debug_object_init+0x10/0x10 [ 968.862736][T20262] nci_register_device+0x511/0xb80 [ 968.862766][T20262] ? __pfx_nci_register_device+0x10/0x10 [ 968.862798][T20262] ? lockdep_init_map_type+0x5c/0x280 [ 968.862836][T20262] virtual_ncidev_open+0x141/0x220 [ 968.862864][T20262] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 968.862890][T20262] misc_open+0x35d/0x420 [ 968.862916][T20262] ? __pfx_misc_open+0x10/0x10 [ 968.862941][T20262] chrdev_open+0x231/0x6a0 [ 968.862971][T20262] ? __pfx_apparmor_file_open+0x10/0x10 [ 968.862998][T20262] ? __pfx_chrdev_open+0x10/0x10 [ 968.863034][T20262] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 968.863069][T20262] do_dentry_open+0x97f/0x1530 [ 968.863100][T20262] ? __pfx_chrdev_open+0x10/0x10 [ 968.863137][T20262] vfs_open+0x82/0x3f0 [ 968.863177][T20262] path_openat+0x1de4/0x2cb0 [ 968.863218][T20262] ? __pfx_path_openat+0x10/0x10 [ 968.863259][T20262] do_filp_open+0x20b/0x470 [ 968.863289][T20262] ? __pfx_do_filp_open+0x10/0x10 [ 968.863339][T20262] ? alloc_fd+0x471/0x7d0 [ 968.863373][T20262] do_sys_openat2+0x11b/0x1d0 [ 968.863410][T20262] ? __pfx_do_sys_openat2+0x10/0x10 [ 968.863459][T20262] __x64_sys_openat+0x174/0x210 [ 968.863503][T20262] ? __pfx___x64_sys_openat+0x10/0x10 [ 968.863554][T20262] do_syscall_64+0xcd/0x490 [ 968.863590][T20262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 968.863614][T20262] RIP: 0033:0x7f8ad858ebe9 [ 968.863634][T20262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 968.863658][T20262] RSP: 002b:00007f8ad93be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 968.863681][T20262] RAX: ffffffffffffffda RBX: 00007f8ad87c6090 RCX: 00007f8ad858ebe9 [ 968.863697][T20262] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 968.863712][T20262] RBP: 00007f8ad8611e19 R08: 0000000000000000 R09: 0000000000000000 [ 968.863727][T20262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 968.863741][T20262] R13: 00007f8ad87c6128 R14: 00007f8ad87c6090 R15: 00007ffc2cc8bb28 [ 968.863771][T20262] [ 969.180239][T20267] mkiss: ax0: crc mode is auto. [ 971.614438][T20296] netlink: 252 bytes leftover after parsing attributes in process `syz.6.4747'. [ 971.707167][T20296] netlink: 252 bytes leftover after parsing attributes in process `syz.6.4747'. [ 973.697915][T20317] FAULT_INJECTION: forcing a failure. [ 973.697915][T20317] name failslab, interval 1, probability 0, space 0, times 0 [ 973.820239][T20317] CPU: 0 UID: 0 PID: 20317 Comm: syz.6.4755 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 973.820285][T20317] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 973.820295][T20317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 973.820310][T20317] Call Trace: [ 973.820319][T20317] [ 973.820328][T20317] dump_stack_lvl+0x16c/0x1f0 [ 973.820365][T20317] should_fail_ex+0x512/0x640 [ 973.820400][T20317] ? __kmalloc_noprof+0xbf/0x510 [ 973.820430][T20317] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 973.820456][T20317] should_failslab+0xc2/0x120 [ 973.820488][T20317] __kmalloc_noprof+0xd2/0x510 [ 973.820524][T20317] apply_wqattrs_prepare+0xf8/0xbd0 [ 973.820562][T20317] apply_workqueue_attrs_locked+0x64/0xe0 [ 973.820591][T20317] __alloc_workqueue+0xf41/0x1810 [ 973.820628][T20317] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 973.820661][T20317] alloc_workqueue_noprof+0xd2/0x200 [ 973.820696][T20317] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 973.820737][T20317] ? __pfx___debug_object_init+0x10/0x10 [ 973.820772][T20317] nci_register_device+0x394/0xb80 [ 973.820802][T20317] ? __pfx_nci_register_device+0x10/0x10 [ 973.820834][T20317] ? lockdep_init_map_type+0x5c/0x280 [ 973.820874][T20317] virtual_ncidev_open+0x141/0x220 [ 973.820902][T20317] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 973.820928][T20317] misc_open+0x35d/0x420 [ 973.820954][T20317] ? __pfx_misc_open+0x10/0x10 [ 973.820979][T20317] chrdev_open+0x231/0x6a0 [ 973.821010][T20317] ? __pfx_apparmor_file_open+0x10/0x10 [ 973.821037][T20317] ? __pfx_chrdev_open+0x10/0x10 [ 973.821078][T20317] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 973.821120][T20317] do_dentry_open+0x97f/0x1530 [ 973.821151][T20317] ? __pfx_chrdev_open+0x10/0x10 [ 973.821189][T20317] vfs_open+0x82/0x3f0 [ 973.821229][T20317] path_openat+0x1de4/0x2cb0 [ 973.821273][T20317] ? __pfx_path_openat+0x10/0x10 [ 973.821311][T20317] do_filp_open+0x20b/0x470 [ 973.821340][T20317] ? __pfx_do_filp_open+0x10/0x10 [ 973.821391][T20317] ? alloc_fd+0x471/0x7d0 [ 973.821426][T20317] do_sys_openat2+0x11b/0x1d0 [ 973.821464][T20317] ? __pfx_do_sys_openat2+0x10/0x10 [ 973.821514][T20317] __x64_sys_openat+0x174/0x210 [ 973.821552][T20317] ? __pfx___x64_sys_openat+0x10/0x10 [ 973.821603][T20317] do_syscall_64+0xcd/0x490 [ 973.821639][T20317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 973.821665][T20317] RIP: 0033:0x7f8ad858ebe9 [ 973.821685][T20317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 973.821709][T20317] RSP: 002b:00007f8ad93df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 973.821739][T20317] RAX: ffffffffffffffda RBX: 00007f8ad87c5fa0 RCX: 00007f8ad858ebe9 [ 973.821761][T20317] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 973.821783][T20317] RBP: 00007f8ad8611e19 R08: 0000000000000000 R09: 0000000000000000 [ 973.821801][T20317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 973.821819][T20317] R13: 00007f8ad87c6038 R14: 00007f8ad87c5fa0 R15: 00007ffc2cc8bb28 [ 973.821870][T20317] [ 974.495246][T20322] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 975.162237][T20339] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4762'. [ 975.186258][T20339] netlink: 354 bytes leftover after parsing attributes in process `syz.6.4762'. [ 975.521762][T20346] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries [ 975.601074][T20348] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries [ 975.700325][T20351] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4765'. [ 976.860945][T20338] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078001a00 pfn:0x78000 [ 976.886737][T20338] flags: 0xfff00000000004(referenced|node=0|zone=1|lastcpupid=0x7ff) [ 976.951604][T20338] raw: 00fff00000000004 0000000000000000 dead000000000122 0000000000000000 [ 977.005737][T20338] raw: ffff888078001a00 0000000000000000 00000001ffffffff 0000000000000000 [ 977.046400][T20338] page dumped because: unmovable page [ 977.075182][T20338] page_owner tracks the page as allocated [ 977.125436][T20338] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 12773, tgid 12773 (syz-executor), ts 458381571410, free_ts 116093437904 [ 977.232760][T20338] post_alloc_hook+0x1c0/0x230 [ 977.237832][T20338] get_page_from_freelist+0x132b/0x38e0 [ 977.298975][T20338] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 977.328280][T20338] alloc_pages_mpol+0x1fb/0x550 [ 977.342812][T20338] alloc_pages_noprof+0x131/0x390 [ 977.371561][T20338] __vmalloc_node_range_noprof+0x72f/0x14b0 [ 977.401378][T20362] FAULT_INJECTION: forcing a failure. [ 977.401378][T20362] name failslab, interval 1, probability 0, space 0, times 0 [ 977.415304][T20338] vmalloc_user_noprof+0x9e/0xe0 [ 977.452747][T20338] kcov_ioctl+0x4c/0x730 [ 977.457203][T20338] __x64_sys_ioctl+0x18b/0x210 [ 977.499845][T20362] CPU: 0 UID: 5 PID: 20362 Comm: syz.7.4768 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 977.499890][T20362] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 977.499901][T20362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 977.499916][T20362] Call Trace: [ 977.499925][T20362] [ 977.499934][T20362] dump_stack_lvl+0x16c/0x1f0 [ 977.499972][T20362] should_fail_ex+0x512/0x640 [ 977.500006][T20362] ? __kmalloc_noprof+0xbf/0x510 [ 977.500038][T20362] ? lsm_blob_alloc+0x68/0x90 [ 977.500074][T20362] should_failslab+0xc2/0x120 [ 977.500107][T20362] __kmalloc_noprof+0xd2/0x510 [ 977.500135][T20362] ? down_write_nested+0x151/0x210 [ 977.500176][T20362] lsm_blob_alloc+0x68/0x90 [ 977.500215][T20362] security_sb_alloc+0x28/0x230 [ 977.500241][T20362] alloc_super+0x23d/0xbd0 [ 977.500266][T20362] ? sget_fc+0xd3/0xc20 [ 977.500297][T20362] sget_fc+0x116/0xc20 [ 977.500323][T20362] ? __pfx_set_anon_super_fc+0x10/0x10 [ 977.500349][T20362] ? __pfx_mqueue_fill_super+0x10/0x10 [ 977.500371][T20362] get_tree_nodev+0x28/0x190 [ 977.500400][T20362] mqueue_get_tree+0xf1/0x130 [ 977.500423][T20362] vfs_get_tree+0x8e/0x340 [ 977.500445][T20362] fc_mount_longterm+0x18/0x160 [ 977.500484][T20362] mq_init_ns+0x426/0x620 [ 977.500514][T20362] copy_ipcs+0x383/0x610 [ 977.500539][T20362] ? copy_utsname+0xab/0x470 [ 977.500574][T20362] create_new_namespaces+0x20a/0xa90 [ 977.500602][T20362] ? security_capable+0x7e/0x260 [ 977.500630][T20362] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 977.500661][T20362] ksys_unshare+0x45b/0xa40 [ 977.500695][T20362] ? __pfx_ksys_unshare+0x10/0x10 [ 977.500840][T20362] ? xfd_validate_state+0x61/0x180 [ 977.500890][T20362] __x64_sys_unshare+0x31/0x40 [ 977.500952][T20362] do_syscall_64+0xcd/0x490 [ 977.500990][T20362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 977.501015][T20362] RIP: 0033:0x7f0f6378ebe9 [ 977.501035][T20362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 977.501060][T20362] RSP: 002b:00007f0f646a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 977.501083][T20362] RAX: ffffffffffffffda RBX: 00007f0f639c5fa0 RCX: 00007f0f6378ebe9 [ 977.501100][T20362] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 977.501115][T20362] RBP: 00007f0f63811e19 R08: 0000000000000000 R09: 0000000000000000 [ 977.501130][T20362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 977.501145][T20362] R13: 00007f0f639c6038 R14: 00007f0f639c5fa0 R15: 00007fffbb9ee508 [ 977.501178][T20362] [ 977.782248][T20338] do_syscall_64+0xcd/0x490 [ 977.786878][T20338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 977.793083][T20338] page last free pid 6037 tgid 6037 stack trace: [ 977.799929][T20338] __free_frozen_pages+0x7d5/0x10f0 [ 977.805856][T20338] __put_partials+0x165/0x1c0 [ 977.810798][T20338] qlist_free_all+0x4d/0x120 [ 977.815445][T20338] kasan_quarantine_reduce+0x195/0x1e0 [ 977.821945][T20338] __kasan_slab_alloc+0x69/0x90 [ 977.826999][T20338] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 977.833360][T20338] ptlock_alloc+0x1f/0x70 [ 977.838532][T20338] pte_alloc_one+0x82/0x3a0 [ 977.843191][T20338] do_pte_missing+0x1afc/0x3ba0 [ 977.848268][T20338] __handle_mm_fault+0x152a/0x2a50 [ 977.853413][T20338] handle_mm_fault+0x589/0xd10 [ 977.858335][T20338] do_user_addr_fault+0x60c/0x1370 [ 977.864102][T20338] exc_page_fault+0x5c/0xb0 [ 977.869051][T20338] asm_exc_page_fault+0x26/0x30 [ 978.547714][T20370] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4771'. [ 979.002627][T20374] netlink: 25 bytes leftover after parsing attributes in process `syz.3.4773'. [ 979.330354][T20383] FAULT_INJECTION: forcing a failure. [ 979.330354][T20383] name failslab, interval 1, probability 0, space 0, times 0 [ 979.408871][T20383] CPU: 0 UID: 0 PID: 20383 Comm: syz.3.4776 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 979.408916][T20383] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 979.408928][T20383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 979.408942][T20383] Call Trace: [ 979.408951][T20383] [ 979.408962][T20383] dump_stack_lvl+0x16c/0x1f0 [ 979.408999][T20383] should_fail_ex+0x512/0x640 [ 979.409032][T20383] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 979.409060][T20383] should_failslab+0xc2/0x120 [ 979.409092][T20383] __kmalloc_cache_noprof+0x6a/0x3e0 [ 979.409117][T20383] ? sw_sync_debugfs_open+0x177/0x410 [ 979.409156][T20383] sw_sync_debugfs_open+0x177/0x410 [ 979.409187][T20383] ? __debugfs_file_get+0x1fe/0x840 [ 979.409224][T20383] ? __pfx_sw_sync_debugfs_open+0x10/0x10 [ 979.409255][T20383] ? do_raw_spin_lock+0x12c/0x2b0 [ 979.409293][T20383] ? lockdown_is_locked_down+0x3f/0x130 [ 979.409317][T20383] ? bpf_lsm_locked_down+0x9/0x10 [ 979.409343][T20383] ? __pfx_sw_sync_debugfs_open+0x10/0x10 [ 979.409375][T20383] open_proxy_open+0x21f/0x320 [ 979.409400][T20383] do_dentry_open+0x97f/0x1530 [ 979.409431][T20383] ? __pfx_open_proxy_open+0x10/0x10 [ 979.409459][T20383] vfs_open+0x82/0x3f0 [ 979.409498][T20383] path_openat+0x1de4/0x2cb0 [ 979.409546][T20383] ? __pfx_path_openat+0x10/0x10 [ 979.409583][T20383] do_filp_open+0x20b/0x470 [ 979.409612][T20383] ? __pfx_do_filp_open+0x10/0x10 [ 979.409662][T20383] ? alloc_fd+0x471/0x7d0 [ 979.409696][T20383] do_sys_openat2+0x11b/0x1d0 [ 979.409733][T20383] ? __pfx_do_sys_openat2+0x10/0x10 [ 979.409782][T20383] __x64_sys_openat+0x174/0x210 [ 979.409820][T20383] ? __pfx___x64_sys_openat+0x10/0x10 [ 979.409870][T20383] do_syscall_64+0xcd/0x490 [ 979.409905][T20383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 979.409931][T20383] RIP: 0033:0x7fe8fed8ebe9 [ 979.409950][T20383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 979.409974][T20383] RSP: 002b:00007fe8ffcd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 979.409997][T20383] RAX: ffffffffffffffda RBX: 00007fe8fefc5fa0 RCX: 00007fe8fed8ebe9 [ 979.410014][T20383] RDX: 0000000000002000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 979.410029][T20383] RBP: 00007fe8fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 979.410044][T20383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 979.410059][T20383] R13: 00007fe8fefc6038 R14: 00007fe8fefc5fa0 R15: 00007ffee323dd58 [ 979.410099][T20383] [ 980.235396][T20386] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries [ 980.287000][T20387] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries [ 981.155327][T20400] ================================================================== [ 981.164077][T20400] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 981.172023][T20400] Read of size 8 at addr ffff88802a042618 by task syz.3.4780/20400 [ 981.180038][T20400] [ 981.182499][T20400] CPU: 0 UID: 0 PID: 20400 Comm: syz.3.4780 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 981.182542][T20400] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 981.182554][T20400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 981.182570][T20400] Call Trace: [ 981.182581][T20400] [ 981.182591][T20400] dump_stack_lvl+0x116/0x1f0 [ 981.182628][T20400] print_report+0xcd/0x630 [ 981.182659][T20400] ? __virt_addr_valid+0x81/0x610 [ 981.182689][T20400] ? __phys_addr+0xe8/0x180 [ 981.182718][T20400] ? dvb_device_open+0x36a/0x3b0 [ 981.182751][T20400] kasan_report+0xe0/0x110 [ 981.182785][T20400] ? dvb_device_open+0x36a/0x3b0 [ 981.182822][T20400] ? __pfx_dvb_device_open+0x10/0x10 [ 981.182856][T20400] dvb_device_open+0x36a/0x3b0 [ 981.182891][T20400] ? __pfx_dvb_device_open+0x10/0x10 [ 981.182925][T20400] chrdev_open+0x231/0x6a0 [ 981.182956][T20400] ? __pfx_apparmor_file_open+0x10/0x10 [ 981.182983][T20400] ? __pfx_chrdev_open+0x10/0x10 [ 981.183015][T20400] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 981.183045][T20400] do_dentry_open+0x97f/0x1530 [ 981.183075][T20400] ? __pfx_chrdev_open+0x10/0x10 [ 981.183109][T20400] vfs_open+0x82/0x3f0 [ 981.183145][T20400] path_openat+0x1de4/0x2cb0 [ 981.183178][T20400] ? __pfx_path_openat+0x10/0x10 [ 981.183210][T20400] do_filp_open+0x20b/0x470 [ 981.183238][T20400] ? __pfx_do_filp_open+0x10/0x10 [ 981.183277][T20400] ? alloc_fd+0x471/0x7d0 [ 981.183306][T20400] do_sys_openat2+0x11b/0x1d0 [ 981.183343][T20400] ? __pfx_do_sys_openat2+0x10/0x10 [ 981.183394][T20400] ? __pfx_do_sys_openat2+0x10/0x10 [ 981.183432][T20400] ? __pfx___might_resched+0x10/0x10 [ 981.183462][T20400] __x64_sys_openat+0x174/0x210 [ 981.183500][T20400] ? __pfx___x64_sys_openat+0x10/0x10 [ 981.183545][T20400] do_syscall_64+0xcd/0x490 [ 981.183579][T20400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.183604][T20400] RIP: 0033:0x7fe8fed8ebe9 [ 981.183623][T20400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 981.183648][T20400] RSP: 002b:00007fe8ffcd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 981.183671][T20400] RAX: ffffffffffffffda RBX: 00007fe8fefc5fa0 RCX: 00007fe8fed8ebe9 [ 981.183687][T20400] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 981.183703][T20400] RBP: 00007fe8fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 981.183718][T20400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 981.183733][T20400] R13: 00007fe8fefc6038 R14: 00007fe8fefc5fa0 R15: 00007ffee323dd58 [ 981.183756][T20400] [ 981.183765][T20400] [ 981.453407][T20400] Allocated by task 1: [ 981.457520][T20400] kasan_save_stack+0x33/0x60 [ 981.462327][T20400] kasan_save_track+0x14/0x30 [ 981.467094][T20400] __kasan_kmalloc+0xaa/0xb0 [ 981.471930][T20400] dvb_register_device+0x1e4/0x2370 [ 981.477416][T20400] dvb_register_frontend+0x5a6/0x880 [ 981.482758][T20400] vidtv_bridge_probe+0x459/0xa90 [ 981.487812][T20400] platform_probe+0x106/0x1d0 [ 981.492624][T20400] really_probe+0x23e/0xa90 [ 981.497263][T20400] __driver_probe_device+0x1de/0x440 [ 981.502788][T20400] driver_probe_device+0x4c/0x1b0 [ 981.507940][T20400] __driver_attach+0x283/0x580 [ 981.512856][T20400] bus_for_each_dev+0x13b/0x1d0 [ 981.517849][T20400] bus_add_driver+0x2e9/0x690 [ 981.522586][T20400] driver_register+0x15c/0x4b0 [ 981.527441][T20400] vidtv_bridge_init+0x45/0x80 [ 981.532668][T20400] do_one_initcall+0x120/0x6e0 [ 981.537463][T20400] kernel_init_freeable+0x5c2/0x910 [ 981.543121][T20400] kernel_init+0x1c/0x2b0 [ 981.547826][T20400] ret_from_fork+0x5d7/0x6f0 [ 981.553236][T20400] ret_from_fork_asm+0x1a/0x30 [ 981.558308][T20400] [ 981.560673][T20400] Freed by task 20322: [ 981.564867][T20400] kasan_save_stack+0x33/0x60 [ 981.569767][T20400] kasan_save_track+0x14/0x30 [ 981.574492][T20400] kasan_save_free_info+0x3b/0x60 [ 981.579673][T20400] __kasan_slab_free+0x60/0x70 [ 981.585102][T20400] kfree+0x2b4/0x4d0 [ 981.589030][T20400] dvb_device_put.part.0+0x60/0x90 [ 981.594328][T20400] dvb_device_open+0x2a4/0x3b0 [ 981.599313][T20400] chrdev_open+0x231/0x6a0 [ 981.603891][T20400] do_dentry_open+0x97f/0x1530 [ 981.608687][T20400] vfs_open+0x82/0x3f0 [ 981.612887][T20400] path_openat+0x1de4/0x2cb0 [ 981.617885][T20400] do_filp_open+0x20b/0x470 [ 981.622611][T20400] do_sys_openat2+0x11b/0x1d0 [ 981.627505][T20400] __x64_sys_openat+0x174/0x210 [ 981.632579][T20400] do_syscall_64+0xcd/0x490 [ 981.637194][T20400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.643186][T20400] [ 981.645537][T20400] The buggy address belongs to the object at ffff88802a042600 [ 981.645537][T20400] which belongs to the cache kmalloc-256 of size 256 [ 981.659863][T20400] The buggy address is located 24 bytes inside of [ 981.659863][T20400] freed 256-byte region [ffff88802a042600, ffff88802a042700) [ 981.674037][T20400] [ 981.676521][T20400] The buggy address belongs to the physical page: [ 981.683042][T20400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a042 [ 981.691939][T20400] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 981.700476][T20400] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 981.708220][T20400] page_type: f5(slab) [ 981.712411][T20400] raw: 00fff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 981.721203][T20400] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 981.730181][T20400] head: 00fff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 981.738895][T20400] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 981.748126][T20400] head: 00fff00000000001 ffffea0000a81081 00000000ffffffff 00000000ffffffff [ 981.757109][T20400] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 981.766199][T20400] page dumped because: kasan: bad access detected [ 981.772833][T20400] page_owner tracks the page as allocated [ 981.778773][T20400] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 27323938288, free_ts 0 [ 981.799932][T20400] post_alloc_hook+0x1c0/0x230 [ 981.805013][T20400] get_page_from_freelist+0x132b/0x38e0 [ 981.810674][T20400] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 981.816768][T20400] alloc_pages_mpol+0x1fb/0x550 [ 981.822430][T20400] new_slab+0x247/0x330 [ 981.826695][T20400] ___slab_alloc+0xcf2/0x1740 [ 981.831410][T20400] __slab_alloc.constprop.0+0x56/0xb0 [ 981.836891][T20400] __kmalloc_cache_noprof+0xfb/0x3e0 [ 981.842667][T20400] bus_add_driver+0x92/0x690 [ 981.847421][T20400] driver_register+0x15c/0x4b0 [ 981.852386][T20400] do_one_initcall+0x120/0x6e0 [ 981.857565][T20400] kernel_init_freeable+0x5c2/0x910 [ 981.862973][T20400] kernel_init+0x1c/0x2b0 [ 981.867504][T20400] ret_from_fork+0x5d7/0x6f0 [ 981.872314][T20400] ret_from_fork_asm+0x1a/0x30 [ 981.877472][T20400] page_owner free stack trace missing [ 981.883037][T20400] [ 981.885373][T20400] Memory state around the buggy address: [ 981.891028][T20400] ffff88802a042500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 981.899365][T20400] ffff88802a042580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 981.907814][T20400] >ffff88802a042600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 981.916118][T20400] ^ [ 981.921454][T20400] ffff88802a042680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 981.929692][T20400] ffff88802a042700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 981.937776][T20400] ================================================================== SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 984.067850][T15906] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz.7.3418: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 984.149671][T15906] EXT4-fs error (device sda1) in ext4_free_inode:361: Filesystem failed CRC [ 984.257925][T15906] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 984.513799][T20234] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 984.626409][T20234] EXT4-fs error (device sda1): ext4_discard_preallocations:5671: comm syz.5.4729: Error -117 reading block bitmap for 2 [ 984.685782][T16723] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 984.794727][T20400] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 984.801970][T20400] CPU: 0 UID: 0 PID: 20400 Comm: syz.3.4780 Tainted: GF R U syzkaller #0 PREEMPT(full) [ 984.812936][T20400] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [U]=USER [ 984.820055][T20400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 984.830557][T20400] Call Trace: [ 984.834052][T20400] [ 984.837018][T20400] dump_stack_lvl+0x3d/0x1f0 [ 984.841735][T20400] vpanic+0x6e8/0x7a0 [ 984.845850][T20400] ? __pfx_vpanic+0x10/0x10 [ 984.850422][T20400] ? __pfx_vprintk_emit+0x10/0x10 [ 984.855477][T20400] ? dvb_device_open+0x36a/0x3b0 [ 984.860458][T20400] panic+0xca/0xd0 [ 984.864301][T20400] ? __pfx_panic+0x10/0x10 [ 984.868759][T20400] ? dvb_device_open+0x36a/0x3b0 [ 984.873975][T20400] ? preempt_schedule_common+0x44/0xc0 [ 984.879525][T20400] ? preempt_schedule_thunk+0x16/0x30 [ 984.884936][T20400] check_panic_on_warn+0xab/0xb0 [ 984.890267][T20400] end_report+0x107/0x170 [ 984.894803][T20400] kasan_report+0xee/0x110 [ 984.899242][T20400] ? dvb_device_open+0x36a/0x3b0 [ 984.904399][T20400] ? __pfx_dvb_device_open+0x10/0x10 [ 984.909819][T20400] dvb_device_open+0x36a/0x3b0 [ 984.914711][T20400] ? __pfx_dvb_device_open+0x10/0x10 [ 984.920449][T20400] chrdev_open+0x231/0x6a0 [ 984.925107][T20400] ? __pfx_apparmor_file_open+0x10/0x10 [ 984.930700][T20400] ? __pfx_chrdev_open+0x10/0x10 [ 984.935755][T20400] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 984.942203][T20400] do_dentry_open+0x97f/0x1530 [ 984.947167][T20400] ? __pfx_chrdev_open+0x10/0x10 [ 984.952132][T20400] vfs_open+0x82/0x3f0 [ 984.956323][T20400] path_openat+0x1de4/0x2cb0 [ 984.961030][T20400] ? __pfx_path_openat+0x10/0x10 [ 984.966029][T20400] do_filp_open+0x20b/0x470 [ 984.970585][T20400] ? __pfx_do_filp_open+0x10/0x10 [ 984.976014][T20400] ? alloc_fd+0x471/0x7d0 [ 984.980391][T20400] do_sys_openat2+0x11b/0x1d0 [ 984.985327][T20400] ? __pfx_do_sys_openat2+0x10/0x10 [ 984.991130][T20400] ? __pfx_do_sys_openat2+0x10/0x10 [ 984.996488][T20400] ? __pfx___might_resched+0x10/0x10 [ 985.002076][T20400] __x64_sys_openat+0x174/0x210 [ 985.007137][T20400] ? __pfx___x64_sys_openat+0x10/0x10 [ 985.012556][T20400] do_syscall_64+0xcd/0x490 [ 985.017214][T20400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 985.023140][T20400] RIP: 0033:0x7fe8fed8ebe9 [ 985.027571][T20400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 985.047550][T20400] RSP: 002b:00007fe8ffcd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 985.056250][T20400] RAX: ffffffffffffffda RBX: 00007fe8fefc5fa0 RCX: 00007fe8fed8ebe9 [ 985.064515][T20400] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 985.072785][T20400] RBP: 00007fe8fee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 985.080952][T20400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 985.089033][T20400] R13: 00007fe8fefc6038 R14: 00007fe8fefc5fa0 R15: 00007ffee323dd58 [ 985.097098][T20400] [ 985.100690][T20400] Kernel Offset: disabled [ 985.106553][T20400] Rebooting in 86400 seconds..