last executing test programs: 10m11.977487302s ago: executing program 3 (id=2865): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/018/001\x00', 0x802, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x2, 0x10, 0x8, 0x7fb, &(0x7f00000002c0)}) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x40903, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0x1c, 0x92f1, 0x4}, 0xa) 10m10.559381198s ago: executing program 3 (id=2871): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f80, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0x40a0ae49, 0x38) close_range$auto(0x2, 0x8, 0x0) 10m10.347206754s ago: executing program 3 (id=2872): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) syz_clone(0x80000000, &(0x7f0000000000)="085a1056b6aa2f10d8ddee0633aea682a5ff", 0x12, 0x0, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x10, 0x2, 0xa) setsockopt$auto(r0, 0x104000000000010e, 0x1, 0x0, 0x16) r1 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c72da808bf8d5feacf8510"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c001) write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb) 10m9.899848895s ago: executing program 3 (id=2875): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 10m9.50005931s ago: executing program 3 (id=2876): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x29, 0x2, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0xfffffffffffffffd, 0x100, 0x0, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x0, 0x81, 0x8, 0x2, 0xfffffffffffffff8}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 10m8.337289502s ago: executing program 3 (id=2880): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) socket(0xa, 0x3, 0x100) socketpair$auto(0xb, 0xd, 0xfffffffd, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x88000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x8924, 0x0) 10m8.151301126s ago: executing program 32 (id=2880): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) socket(0xa, 0x3, 0x100) socketpair$auto(0xb, 0xd, 0xfffffffd, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x88000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x8924, 0x0) 5m47.951360807s ago: executing program 1 (id=4706): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x1, 0x106) sendmsg$auto_NL80211_CMD_COLOR_CHANGE_REQUEST(r0, 0x0, 0x2000c004) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x1ad240, 0x1b1) socket(0xa, 0x3, 0x3b) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) 5m47.662935991s ago: executing program 1 (id=4707): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) get_robust_list$auto(0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'dummy0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x5, r2, @relative_fd=r3, 0x100000000}, 0xf) bpf$auto(0x4, &(0x7f00000002c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) 5m47.46134863s ago: executing program 1 (id=4709): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x1f53, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) fanotify_mark$auto(0x0, 0x401, 0x6, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/cmdline\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/pids.events.local\x00', 0x103842, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 5m47.253992896s ago: executing program 1 (id=4711): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_ETHTOOL_MSG_FEC_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0xac8fe2812c61ec00) close_range$auto(0x2, 0x8, 0x0) setresuid$auto(0x0, 0x7, 0x8080) io_uring_setup$auto(0x9, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 5m47.10092732s ago: executing program 1 (id=4714): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}}) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 5m46.825811675s ago: executing program 1 (id=4718): r0 = socket(0x2, 0x1, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) bind$auto(0x3, 0x0, 0x6a) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xda, 0x1, 0xeb1, 0x40000000000a5, 0x8000) sendmmsg$auto(r0, 0x0, 0x5, 0x20000000) mmap$auto(0x0, 0xffffffffffffffff, 0x3, 0x110, 0xfffffffffffffffa, 0x8000) sendmsg$auto_OVS_FLOW_CMD_SET(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x801) setsockopt$auto(0x3, 0x6, 0x18, 0x0, 0xf33) 5m31.777323898s ago: executing program 33 (id=4718): r0 = socket(0x2, 0x1, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) bind$auto(0x3, 0x0, 0x6a) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xda, 0x1, 0xeb1, 0x40000000000a5, 0x8000) sendmmsg$auto(r0, 0x0, 0x5, 0x20000000) mmap$auto(0x0, 0xffffffffffffffff, 0x3, 0x110, 0xfffffffffffffffa, 0x8000) sendmsg$auto_OVS_FLOW_CMD_SET(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x801) setsockopt$auto(0x3, 0x6, 0x18, 0x0, 0xf33) 10.06916459s ago: executing program 5 (id=6501): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\x00\x80\x00\x00\x00\x00\x00\x00j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r1, 0x0, 0x3f1) getdents$auto(r1, 0x0, 0xa2b0) 7.888261423s ago: executing program 5 (id=6508): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) unshare$auto(0x40000080) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x7) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1f, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xe3a7) 7.794656523s ago: executing program 4 (id=6510): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x2) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xc048aeca, 0x0) 7.459984186s ago: executing program 4 (id=6512): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(0xffffffffffffffff, 0x80000000, 0x9) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x5608, r2) ioctl$auto(r0, 0x400c4d00, r0) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r2) sendmsg$auto_NL802154_CMD_NEW_SEC_DEV(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r3, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_PAN_ID={0x6, 0x9, 0x2}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x4814}, 0x0) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000) syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[], 0x44}}, 0xc80) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'bridge0\x00'}) sendmsg$auto_IEEE802154_SET_MACPARAMS(r2, 0x0, 0x4040) 7.183924871s ago: executing program 4 (id=6515): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) socket(0x2a, 0x2, 0x0) getpeername$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x4, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x400, 0x0) unshare$auto(0x40000080) r0 = socket(0x10, 0x2, 0xc) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x1c, r2, 0x10, 0x70bd2c, 0x25dfdbfa, {0xa, 0x0, 0xa00}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24050803}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004859}, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='q\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="4cb245184f86db27df250a000a"], 0xf8}}, 0x10044010) mmap$auto(0x0, 0x5, 0xffb, 0x8000000008011, 0x3, 0x0) socket(0x18, 0xa, 0x1) write$auto(0x3, 0x0, 0x100082) 6.451411233s ago: executing program 4 (id=6519): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) iopl$auto(0x0) bpf$auto(0x0, &(0x7f0000000300)=@bpf_attr_0={0x21, 0x538, 0x80, 0x10000, 0x4, 0xffffffffffffffff, 0x21000, "72fea04183dce563f03f2a25077b3383", 0x0, 0xffffffffffffffff, 0x7, 0x6, 0x101, 0x1000000000001}, 0x4) ioctl$auto(0x3, 0x80000541b, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x200007, 0x8) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) open(0x0, 0x261c2, 0x84) preadv$auto(0xffffffffffffffff, 0x0, 0xc, 0x9, 0x400) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) kcmp$auto_KCMP_FILE(r0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x5, 0x2, r0, 0x2f7, 0x6) 5.990278587s ago: executing program 5 (id=6520): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfs4.idtoname/content\x00', 0x80, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f00000005c0), 0x101080, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x8, 0xc, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x4, 0x0) setsockopt$auto(0x3, 0x6b, 0x4, 0x0, 0x4) 4.848808204s ago: executing program 0 (id=6525): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000040), 0x94000, 0x0) socket(0xa, 0x801, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0xb) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x46, 0x2b, 0x1000000000065f, 0x80000000, 0x40000007, 0x3, 0x20000002, 0x9, 0x1, 0x6, 0x4, 0xb4, 0x9, 0x4, 0x2, 0x80, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x80000001, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5cfe]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000400)={"f8ab071a", 0x5, 0x4, 0x3, 0x81, 0xaf06, "c27dd21e130257a235608f35b9ff46", "72d15067", "b8919662", "17aba429", ["74ea2a52b5d44affc0a38054", "f97aba2b29705640cf05bf58", "cf66ac3036b01605f0aad490", "e6c21d2bda70d054d9ad103c"]}) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 4.591027609s ago: executing program 5 (id=6526): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) setresuid$auto(0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f0000001900)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="04000d80a102eb8064aba5ec5f90e9fac103ed631d74a6cfba6bd220c97def1dcf2840e7550d84b02bc984ba3d650276d02d1c32e1fbd5f4a6196af2d442c534645a1c644f24e545511f55063d628381a3724fa186119459ce70eeabc2475bb40515a75479360cafb8c55b62a8b955d10b7b25722bc791312ce24e8df651b0a826ee6fe4fb780fada2a46acf82e27331ec50c3ed96e31fc2f7d5060434030b34f2bc7bc05aa7f024c1fbcc7af314178a1b3f115bf287243a1213ad33b376533f6e4dcdac84342a73e86b64e20706ec9525868eeab624ca0e8aecb7ad885fbaaaac342f89c953b7205f3d9610b7ed7561ddbee01d2c970e957e15e508669a0cd9eed4b0a172e9320f6fde0678cb8c37a994a9369a69cd1a3eadfa6c8f9b2d71c7f8d529ef75c4883a695c492c1cea554702da19d44cc2cbfb388feee942b58947b495383533056d6e75ab7aaecf4c5ebbdbb127c179c3c9e661d75268ad426e60151c82d09d3356f3b3bac0117367fd0ada0f35c8afcf1a6935fe2a576a6db95278d802292697e3ab6c53e2b05114fff8706bfb68c3ee56fbe5cede0a7561468966cbfd7de54214b7769aff377a858de3a294d73090822e392fec6f5777c2b0880044e6cb5f644249e69f8218f6abec8e15618a41f0ed6b2d85eeae7f5d1ac13734ee91b2576aa03733871645efebe468c0f8ce928b1879cc210e747ca7963a77b29fe259cf966dbc3761e0149e0f309c5f6ca4eb42f4c59824dd8b0a8f99426211182eed3c5f22083675b90b170a821ada334bd3c5eaae138a6f23b52c035f2fa40251573662d83daf7cd72a7eed723c4665302d28d64f45df5a7439bd4bc5abe8c56626e75a08a70dd4806237dd043a52f8dd1bac01386aecdaf7213b6fdc8506f5cc01fc650bf2d170d55f8e953e0c678342fc33"], 0x558}, 0x1, 0x0, 0x0, 0x8805}, 0x8000) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto_PR_SET_MM_START_STACK(0x80000000, 0x5, 0x0, 0x2, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) 4.032364982s ago: executing program 2 (id=6529): socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) socket(0x11, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) socket(0x11, 0x2, 0x73) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7e1b, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyde\x00', 0x1a9d02, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 3.642629262s ago: executing program 2 (id=6530): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x7) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1f, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xe3a7) 3.430550306s ago: executing program 0 (id=6531): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) unshare$auto(0x40000080) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8002, 0x0, 0x6) socket(0x11, 0x80003, 0x300) read$auto_tracing_entries_fops_trace(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x101, 0x9, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) ioctl$auto(r1, 0xc1205531, r0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x183042, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) bpf$auto(0x0, 0x0, 0x6f4) eventfd$auto(0x6) 2.858235602s ago: executing program 4 (id=6532): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) eventfd$auto(0x8c) socket(0x10, 0x2, 0x4) r0 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto_IORING_REGISTER_PROBE(r0, 0x8, &(0x7f0000000080)="c954f5c9dcfab05723f317c2ee518e256f716a57d11754cef02db01c50805a367e0ce66847f9ea64d469711dac4121a0d09ae7e893a6fa083c61fa9828e1bc19476448d653328b6b0a56ed3b59adf7a0c23f2980ef374e7f6b0dc0f6583ef57faa576f87ea5ac5daa82ad0f7953b37749f73b24af725bb0f85640d3f04", 0x800) io_uring_register$auto(0x2, 0x7, &(0x7f0000000180), 0x1) io_uring_register$auto(0x2, 0x7, 0x0, 0x1) prctl$auto(0x1000000001a, 0x1, 0x9, 0x7, 0x32) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/irq/2/name\x00', 0x800, 0x0) read$auto(r1, 0x0, 0x1) add_key$auto_KEY_SPEC_USER_KEYRING(&(0x7f0000001c80)='\\\x00', &(0x7f0000000080)='\x9f\x88/+\xa00R\r\xe9A@\x1b\x15\x02\b$\xa5\xb3\xac\xd7{*S\xce\x16\x9er\xa2:\x8em\x9aP\xf3=\xa02GK*KN\xffE\xd4\xebP\x97\x1f\x04\xcb#s\x80\xa6p\x17F3\x9b.\x87\x89\xf0\xd1\x10`H\x1f\x00\xfa*\x98\x9aSM\xf6\xfe~\xe7\x06J\xe5\x1cY\xafS\xdc\xb1\xf3\xe8\x95H\xca\xc8\xd9\xca\xbc\xf6\x04\xa9\x03\vaS`zY\xb2\xff\x15p\xcf\xfe\xfc\xa5\'\xfbz\xadI4\x00\x00\xce\"7\x17\xea@i,\x87CK\xb7\xe1\xe3\x88\xb6\x177\xd3\xcfM\xdcKn\xde\x19\xc3\xae\xd1\x81\xcf\xc5\xf3\xfe\x9bZK\xaa@\x99\x9e\xe2\x9f\xf36YIH\xfc=\xc8s\xbc', 0x0, 0x0, 0xfffffffffffffffc) 2.7602945s ago: executing program 0 (id=6533): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/extra\x00', 0xa142, 0x0) r0 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) r1 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_notify$auto(r1, &(0x7f0000000180)={@sival_ptr=0x0, @raw=0x1, 0x1, @_sigev_thread={0x0, 0x0}}) r2 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_notify$auto(r2, &(0x7f0000000180)={@sival_ptr=0x0, @inferred=r2, 0x0, @_sigev_thread={0x0, 0x0}}) futex$auto(0x0, 0x84, 0x2, 0x0, 0x0, 0x3) read$auto(r0, 0x0, 0x1) write$auto(0x3, 0x0, 0xffd8) r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0) ioctl$auto_RTC_IRQP_READ(r3, 0x8008700b, &(0x7f0000000200)=0x9) close_range$auto(0x2, 0xa, 0x0) socket(0x2, 0x1, 0x106) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/input/handlers\x00', 0x200, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 2.635396032s ago: executing program 2 (id=6534): r0 = socket(0x25, 0x1, 0x3) setsockopt$auto(r0, 0x116, 0x80, 0xfffffffffffffffd, 0x3) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) madvise$auto(0x0, 0x1ff, 0x1) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000001f00), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_ADD(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="01002cbd700001dcdf25020000000c0002002b6f2a2390808b000b0001006e65746465"], 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x40d0) sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c400000", @ANYRES16=r6, @ANYBLOB="01002bbd7000fbdbdf25020000000500040007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x2c, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x3}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) 2.264271088s ago: executing program 2 (id=6535): r0 = socket(0xa, 0x3, 0x3a) prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) socketpair$auto(0x20004, 0x1, 0x1, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) sendmsg$auto_L2TP_CMD_SESSION_GET(r0, 0x0, 0x4) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) mq_open$auto(0x0, 0x400056a, 0x9, 0x0) close_range$auto(0x2, 0xa, 0x0) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(0xffffffffffffffff, 0x0, 0x4008005) 2.156604437s ago: executing program 0 (id=6536): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x200009}, 0x1}, 0x2, 0x0) close_range$auto(0x0, 0xffffeffe, 0x2) openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000140), 0x101081, 0x0) pipe$auto(0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) 1.868522217s ago: executing program 4 (id=6537): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) iopl$auto(0x3) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) setsockopt$auto(0x3, 0x6, 0x15, 0x0, 0xfb3) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, 0x0, 0x8811) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0) read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000180)=""/190, 0xbe) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x1, 0x6, 0xffffffffffffffff, 0x30000000010, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) clone$auto(0x5, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4) 1.653165592s ago: executing program 5 (id=6538): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';') r2 = epoll_create$auto(0x8800001) epoll_ctl$auto(r2, 0x1, r0, 0x0) socket(0x25, 0x1, 0x0) r3 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f0000000200)={[0x1ff, 0x7, 0x3, 0x8fd6, 0x7, 0x3, 0x15f4da0a, 0x3, 0x3, 0x7f, 0x32, 0x7440, 0xd0, 0x6, 0x9, 0xdffffffffffffffe]}, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.482668426s ago: executing program 2 (id=6539): mmap$auto(0x0, 0xc, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x5014c0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x29202, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/cmdline\x00', 0x60502, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe\x00', 0x2000, 0x0) select$auto(0xd, 0x0, &(0x7f0000000100)={[0x4e, 0x203, 0x0, 0xc, 0x5, 0x3, 0x805, 0x2000000000000002, 0x9, 0xfffffffffffff75d, 0x103, 0xa, 0x4, 0x7fff, 0x5, 0x4006]}, 0x0, 0x0) read$auto_proc_pid_cmdline_ops_base(r0, 0x0, 0x0) 1.047294068s ago: executing program 0 (id=6540): r0 = socket(0xa, 0x5, 0x84) socket(0x2, 0x2, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r1, 0x0, 0x0) readv$auto(0xffffffffffffffff, &(0x7f0000003dc0)={0x0, 0x1}, 0xb) r2 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) writev$auto(r2, &(0x7f00000035c0)={0x0, 0x4}, 0x4000000000006) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) rename$auto(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') bpf$auto(0xfffffffd, &(0x7f0000000000)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x4, 0x6, 0xffffffffffffffff, @relative_id=0x2, 0x9}, 0xa3) sendto$auto(r0, 0x0, 0x401, 0xffff, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) close_range$auto(0x2, 0x8, 0x0) 971.168061ms ago: executing program 5 (id=6541): r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x0, 0x0) ioctl$auto_EVIOCGID(r0, 0x80084502, &(0x7f0000000140)={0x6, 0x8fc2, 0x8, 0x9}) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x20040, 0x0) lsetxattr$auto(0x0, &(0x7f0000005500)='[!*)\x00', &(0x7f0000005540), 0xd843, 0x0) ioctl$auto_SG_NEXT_CMD_LEN(r1, 0x2283, &(0x7f0000000140)) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x80000, 0x61) fchdir$auto(r2) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/cgroup.type\x00', 0x103042, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @multicast}, 0x6a) close_range$auto(0x2, 0x8, 0x0) rmdir$auto(&(0x7f0000000300)='./cgroup\x00') statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x8, 0x7, 0x22, 0x7185, 0x1ffd7, 0x7, 0x4, 0x9, 0x9, 0x3, 0x2, 0x6, 0x5, 0x5, 0x8, 0x10003, 0x80, 0x4, 0x2, 0x7, 0x22004, 0x200, 0x0, 0x84, 0x0, 0x0, 0x7, 0x0, 0x4, [0x0, 0x40000000, 0x0, 0x800, 0x0, 0x0, 0x3, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffff9810, 0x20000000000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x0, 0x1, 0x0, 0xd, 0x0, 0x0, 0x4000000000b0ce, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x8c, 0x7fffffff, 0x0, 0x100000000000000]}, 0x1fe, 0xd) 286.010801ms ago: executing program 2 (id=6542): mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae80, 0x0) mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000) unshare$auto(0x40000080) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x200000000002d57, 0xeb1, 0xffffffffffffffff, 0x8000) mknod$auto(&(0x7f0000000080)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x1081, 0x8) io_uring_setup$auto(0x1, 0x0) uname$auto(0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x48a22, 0x0) write$auto(r0, 0x0, 0x3) 0s ago: executing program 0 (id=6543): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) gettid() ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/mountinfo\x00', 0xe0000, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x40, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x40000000000002e}, 0x8000040000000001) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) kernel console output (not intermixed with test programs): inactive [ 882.638579][T23312] vivid-003: RDS PS Name: inactive [ 882.712644][T23312] vivid-003: RDS Radio Text: inactive [ 882.758911][T23312] vivid-003: RDS Traffic Announcement: false inactive [ 882.789523][T23313] FAULT_INJECTION: forcing a failure. [ 882.789523][T23313] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 882.820765][T23312] vivid-003: RDS Traffic Program: false inactive [ 882.827133][T23312] vivid-003: RDS Music: false inactive [ 882.876214][T23313] CPU: 0 UID: 0 PID: 23313 Comm: syz.0.5836 Tainted: G U syzkaller #0 PREEMPT(full) [ 882.876241][T23313] Tainted: [U]=USER [ 882.876246][T23313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 882.876255][T23313] Call Trace: [ 882.876260][T23313] [ 882.876267][T23313] dump_stack_lvl+0x16c/0x1f0 [ 882.876287][T23313] should_fail_ex+0x512/0x640 [ 882.876311][T23313] should_fail_alloc_page+0xe7/0x130 [ 882.876332][T23313] prepare_alloc_pages+0x3c2/0x610 [ 882.876355][T23313] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 882.876370][T23313] ? __lock_acquire+0x622/0x1c90 [ 882.876394][T23313] ? __lock_acquire+0x622/0x1c90 [ 882.876415][T23313] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 882.876437][T23313] ? is_bpf_text_address+0x8a/0x1a0 [ 882.876457][T23313] ? bpf_ksym_find+0x124/0x1c0 [ 882.876473][T23313] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 882.876490][T23313] ? is_bpf_text_address+0x94/0x1a0 [ 882.876508][T23313] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 882.876533][T23313] ? policy_nodemask+0xea/0x4e0 [ 882.876554][T23313] alloc_pages_mpol+0x1fb/0x550 [ 882.876580][T23313] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 882.876605][T23313] folio_alloc_mpol_noprof+0x36/0x2f0 [ 882.876628][T23313] shmem_alloc_folio+0x135/0x160 [ 882.876650][T23313] shmem_alloc_and_add_folio+0x499/0xc20 [ 882.876679][T23313] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 882.876704][T23313] ? shmem_allowable_huge_orders+0xd4/0x3f0 [ 882.876722][T23313] shmem_get_folio_gfp+0x67f/0x1610 [ 882.876741][T23313] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 882.876761][T23313] shmem_fault+0x1fe/0xa30 [ 882.876776][T23313] ? __pfx_shmem_fault+0x10/0x10 [ 882.876789][T23313] ? trace_kmem_cache_alloc+0x28/0xc0 [ 882.876809][T23313] ? __lock_acquire+0xb8a/0x1c90 [ 882.876826][T23313] ? ptlock_alloc+0x1f/0x70 [ 882.876847][T23313] ? lockdep_init_map_type+0x5c/0x280 [ 882.876866][T23313] ? __raw_spin_lock_init+0x3a/0x110 [ 882.876891][T23313] ? __pfx_filemap_map_pages+0x10/0x10 [ 882.876904][T23313] __do_fault+0x10d/0x490 [ 882.876918][T23313] ? do_raw_spin_lock+0x12c/0x2b0 [ 882.876941][T23313] ? __pfx_filemap_map_pages+0x10/0x10 [ 882.876953][T23313] do_pte_missing+0x1a6/0x3ba0 [ 882.876975][T23313] ? __thp_vma_allowable_orders+0x1c8/0xcd0 [ 882.876996][T23313] ? __pmd_alloc+0x64f/0x8b0 [ 882.877017][T23313] __handle_mm_fault+0x1556/0x2aa0 [ 882.877041][T23313] ? mt_find+0x3e2/0xa20 [ 882.877059][T23313] ? __pfx___handle_mm_fault+0x10/0x10 [ 882.877078][T23313] ? __pfx_mt_find+0x10/0x10 [ 882.877105][T23313] ? find_vma+0xbf/0x140 [ 882.877120][T23313] ? __pfx_find_vma+0x10/0x10 [ 882.877138][T23313] handle_mm_fault+0x589/0xd10 [ 882.877160][T23313] ? __pkru_allows_pkey+0x11/0xb0 [ 882.877184][T23313] do_user_addr_fault+0x7a6/0x1370 [ 882.877199][T23313] ? rcu_is_watching+0x12/0xc0 [ 882.877216][T23313] exc_page_fault+0x64/0xc0 [ 882.877232][T23313] asm_exc_page_fault+0x26/0x30 [ 882.877246][T23313] RIP: 0010:__put_user_4+0xd/0x20 [ 882.877261][T23313] Code: 66 89 01 31 c9 0f 01 ca e9 c0 80 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 97 80 03 00 0f 1f 80 00 00 00 00 90 90 90 [ 882.877275][T23313] RSP: 0018:ffffc900045dfca0 EFLAGS: 00050246 [ 882.877288][T23313] RAX: 0000000000000ec4 RBX: 0000000000000000 RCX: 0000000000000000 [ 882.877297][T23313] RDX: 1ffff920008bbfc1 RSI: ffffffff817aca22 RDI: ffffc900045dfe08 [ 882.877306][T23313] RBP: ffff88802c320000 R08: edbc7214ceca522d R09: 0000000000000000 [ 882.877316][T23313] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000002360400 [ 882.877325][T23313] R13: 1ffff920008bbf99 R14: 0000000000000000 R15: 0000000000100000 [ 882.877341][T23313] ? kernel_clone+0x652/0x930 [ 882.877365][T23313] kernel_clone+0x67d/0x930 [ 882.877384][T23313] ? __pfx_kernel_clone+0x10/0x10 [ 882.877412][T23313] __do_sys_clone+0xce/0x120 [ 882.877429][T23313] ? __pfx___do_sys_clone+0x10/0x10 [ 882.877456][T23313] ? xfd_validate_state+0x61/0x180 [ 882.877475][T23313] ? __pfx_do_writev+0x10/0x10 [ 882.877494][T23313] do_syscall_64+0xcd/0xfa0 [ 882.877511][T23313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 882.877525][T23313] RIP: 0033:0x7fd4ed78efc9 [ 882.877537][T23313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 882.877550][T23313] RSP: 002b:00007fd4ee65cfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 882.877563][T23313] RAX: ffffffffffffffda RBX: 00007fd4ed9e5fa0 RCX: 00007fd4ed78efc9 [ 882.877581][T23313] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 882.877590][T23313] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 882.877599][T23313] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 882.877608][T23313] R13: 00007fd4ed9e6038 R14: 00007fd4ed9e5fa0 R15: 00007ffcc47d1ef8 [ 882.877628][T23313] [ 883.388124][T23312] vivid-003: ================== END STATUS ================== [ 884.620650][T23333] netlink: 302 bytes leftover after parsing attributes in process `syz.2.5831'. [ 884.962203][T23340] netlink: 25 bytes leftover after parsing attributes in process `syz.2.5834'. [ 888.057881][T23398] netlink: 354 bytes leftover after parsing attributes in process `syz.0.5853'. [ 888.221576][T23391] FAULT_INJECTION: forcing a failure. [ 888.221576][T23391] name failslab, interval 1, probability 0, space 0, times 0 [ 888.265502][T23391] CPU: 0 UID: 0 PID: 23391 Comm: syz.5.5850 Tainted: G U syzkaller #0 PREEMPT(full) [ 888.265529][T23391] Tainted: [U]=USER [ 888.265535][T23391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 888.265544][T23391] Call Trace: [ 888.265550][T23391] [ 888.265557][T23391] dump_stack_lvl+0x16c/0x1f0 [ 888.265578][T23391] should_fail_ex+0x512/0x640 [ 888.265601][T23391] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 888.265623][T23391] should_failslab+0xc2/0x120 [ 888.265642][T23391] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 888.265660][T23391] ? kstrdup_const+0x63/0x80 [ 888.265679][T23391] ? kstrdup+0x53/0x100 [ 888.265692][T23391] kstrdup+0x53/0x100 [ 888.265707][T23391] kstrdup_const+0x63/0x80 [ 888.265722][T23391] alloc_vfsmnt+0xea/0x6b0 [ 888.265742][T23391] clone_mnt+0x4b/0x930 [ 888.265764][T23391] copy_tree+0x31d/0xbd0 [ 888.265784][T23391] copy_mnt_ns+0x1a9/0xac0 [ 888.265799][T23391] ? rcu_is_watching+0x12/0xc0 [ 888.265820][T23391] create_new_namespaces+0xd3/0xa90 [ 888.265836][T23391] ? bpf_lsm_capable+0x9/0x10 [ 888.265855][T23391] ? security_capable+0x7e/0x260 [ 888.265877][T23391] copy_namespaces+0x468/0x560 [ 888.265894][T23391] copy_process+0x2828/0x76a0 [ 888.265920][T23391] ? __pfx_copy_process+0x10/0x10 [ 888.265947][T23391] ? futex_private_hash_put+0x176/0x300 [ 888.265970][T23391] ? futex_private_hash_put+0x18a/0x300 [ 888.265992][T23391] kernel_clone+0xfc/0x930 [ 888.266011][T23391] ? __pfx_kernel_clone+0x10/0x10 [ 888.266040][T23391] __do_sys_clone+0xce/0x120 [ 888.266058][T23391] ? __pfx___do_sys_clone+0x10/0x10 [ 888.266084][T23391] ? xfd_validate_state+0x61/0x180 [ 888.266103][T23391] ? __pfx_do_writev+0x10/0x10 [ 888.266123][T23391] do_syscall_64+0xcd/0xfa0 [ 888.266141][T23391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 888.266156][T23391] RIP: 0033:0x7f02b3f8efc9 [ 888.266168][T23391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 888.266183][T23391] RSP: 002b:00007f02b4ee4fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 888.266198][T23391] RAX: ffffffffffffffda RBX: 00007f02b41e5fa0 RCX: 00007f02b3f8efc9 [ 888.266208][T23391] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 888.266217][T23391] RBP: 00007f02b4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 888.266226][T23391] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 888.266235][T23391] R13: 00007f02b41e6038 R14: 00007f02b41e5fa0 R15: 00007ffe3049da48 [ 888.266256][T23391] [ 888.987408][T23403] ERROR: Out of memory at tomoyo_memory_ok. [ 889.064199][T23411] netlink: 252 bytes leftover after parsing attributes in process `syz.0.5857'. [ 889.116350][T23411] netlink: 252 bytes leftover after parsing attributes in process `syz.0.5857'. [ 891.793621][T23464] FAULT_INJECTION: forcing a failure. [ 891.793621][T23464] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 891.849774][T23464] CPU: 0 UID: 0 PID: 23464 Comm: syz.0.5873 Tainted: G U syzkaller #0 PREEMPT(full) [ 891.849801][T23464] Tainted: [U]=USER [ 891.849806][T23464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 891.849815][T23464] Call Trace: [ 891.849821][T23464] [ 891.849827][T23464] dump_stack_lvl+0x16c/0x1f0 [ 891.849849][T23464] should_fail_ex+0x512/0x640 [ 891.849874][T23464] should_fail_alloc_page+0xe7/0x130 [ 891.849896][T23464] prepare_alloc_pages+0x3c2/0x610 [ 891.849914][T23464] ? rcu_is_watching+0x12/0xc0 [ 891.849932][T23464] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 891.849950][T23464] ? rcu_is_watching+0x12/0xc0 [ 891.849964][T23464] ? trace_mm_page_alloc+0x11f/0x1a0 [ 891.849983][T23464] ? __alloc_frozen_pages_noprof+0x292/0x2470 [ 891.849999][T23464] ? __pfx_stack_trace_save+0x10/0x10 [ 891.850016][T23464] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 891.850030][T23464] ? stack_depot_save_flags+0x29/0x9c0 [ 891.850056][T23464] ? alloc_vmap_area+0x648/0x29e0 [ 891.850073][T23464] ? __vmalloc_node_range_noprof+0x271/0x1480 [ 891.850093][T23464] ? __do_sys_listmount+0x280/0xeb0 [ 891.850113][T23464] ? do_syscall_64+0xcd/0xfa0 [ 891.850128][T23464] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 891.850151][T23464] alloc_pages_bulk_noprof+0x71c/0x1410 [ 891.850165][T23464] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 891.850190][T23464] ? policy_nodemask+0xea/0x4e0 [ 891.850210][T23464] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 891.850225][T23464] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 891.850252][T23464] kasan_populate_vmalloc+0x112/0x2d0 [ 891.850268][T23464] ? alloc_vmap_area+0x8b5/0x29e0 [ 891.850288][T23464] alloc_vmap_area+0x960/0x29e0 [ 891.850313][T23464] ? __pfx_alloc_vmap_area+0x10/0x10 [ 891.850335][T23464] __get_vm_area_node+0x1ca/0x330 [ 891.850357][T23464] __vmalloc_node_range_noprof+0x271/0x1480 [ 891.850379][T23464] ? __do_sys_listmount+0x280/0xeb0 [ 891.850400][T23464] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 891.850423][T23464] ? policy_nodemask+0xea/0x4e0 [ 891.850443][T23464] ? __do_sys_listmount+0x280/0xeb0 [ 891.850468][T23464] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 891.850491][T23464] ? ___kmalloc_large_node+0xed/0x160 [ 891.850514][T23464] __kvmalloc_node_noprof+0x431/0x9c0 [ 891.850531][T23464] ? __do_sys_listmount+0x280/0xeb0 [ 891.850553][T23464] ? __do_sys_listmount+0x280/0xeb0 [ 891.850574][T23464] ? _copy_from_user+0x59/0xd0 [ 891.850598][T23464] ? __do_sys_listmount+0x280/0xeb0 [ 891.850628][T23464] __do_sys_listmount+0x280/0xeb0 [ 891.850655][T23464] ? __pfx___do_sys_listmount+0x10/0x10 [ 891.850689][T23464] do_syscall_64+0xcd/0xfa0 [ 891.850706][T23464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 891.850720][T23464] RIP: 0033:0x7fd4ed78efc9 [ 891.850733][T23464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 891.850749][T23464] RSP: 002b:00007fd4ee65d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 891.850765][T23464] RAX: ffffffffffffffda RBX: 00007fd4ed9e5fa0 RCX: 00007fd4ed78efc9 [ 891.850775][T23464] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 891.850784][T23464] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 891.850793][T23464] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 891.850801][T23464] R13: 00007fd4ed9e6038 R14: 00007fd4ed9e5fa0 R15: 00007ffcc47d1ef8 [ 891.850820][T23464] [ 892.219053][T23464] syz.0.5873: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 892.234532][T23464] CPU: 0 UID: 0 PID: 23464 Comm: syz.0.5873 Tainted: G U syzkaller #0 PREEMPT(full) [ 892.234557][T23464] Tainted: [U]=USER [ 892.234562][T23464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 892.234571][T23464] Call Trace: [ 892.234577][T23464] [ 892.234584][T23464] dump_stack_lvl+0x16c/0x1f0 [ 892.234626][T23464] warn_alloc+0x248/0x3a0 [ 892.234643][T23464] ? __pfx_warn_alloc+0x10/0x10 [ 892.234659][T23464] ? kfree+0x2b8/0x6d0 [ 892.234670][T23464] ? __get_vm_area_node+0x2cd/0x330 [ 892.234693][T23464] ? __get_vm_area_node+0x2cd/0x330 [ 892.234712][T23464] ? __get_vm_area_node+0x208/0x330 [ 892.234735][T23464] __vmalloc_node_range_noprof+0xaf5/0x1480 [ 892.234756][T23464] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 892.234781][T23464] ? policy_nodemask+0xea/0x4e0 [ 892.234801][T23464] ? __do_sys_listmount+0x280/0xeb0 [ 892.234827][T23464] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 892.234850][T23464] ? ___kmalloc_large_node+0xed/0x160 [ 892.234873][T23464] __kvmalloc_node_noprof+0x431/0x9c0 [ 892.234890][T23464] ? __do_sys_listmount+0x280/0xeb0 [ 892.234912][T23464] ? __do_sys_listmount+0x280/0xeb0 [ 892.234933][T23464] ? _copy_from_user+0x59/0xd0 [ 892.234960][T23464] ? __do_sys_listmount+0x280/0xeb0 [ 892.234981][T23464] __do_sys_listmount+0x280/0xeb0 [ 892.235007][T23464] ? __pfx___do_sys_listmount+0x10/0x10 [ 892.235041][T23464] do_syscall_64+0xcd/0xfa0 [ 892.235058][T23464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 892.235073][T23464] RIP: 0033:0x7fd4ed78efc9 [ 892.235086][T23464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 892.235099][T23464] RSP: 002b:00007fd4ee65d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 892.235113][T23464] RAX: ffffffffffffffda RBX: 00007fd4ed9e5fa0 RCX: 00007fd4ed78efc9 [ 892.235123][T23464] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 892.235132][T23464] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 892.235140][T23464] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 892.235149][T23464] R13: 00007fd4ed9e6038 R14: 00007fd4ed9e5fa0 R15: 00007ffcc47d1ef8 [ 892.235168][T23464] [ 892.235175][T23464] Mem-Info: [ 892.460483][T23464] active_anon:13959 inactive_anon:20142 isolated_anon:0 [ 892.460483][T23464] active_file:23002 inactive_file:37481 isolated_file:0 [ 892.460483][T23464] unevictable:768 dirty:361 writeback:0 [ 892.460483][T23464] slab_reclaimable:12475 slab_unreclaimable:94370 [ 892.460483][T23464] mapped:25425 shmem:18293 pagetables:1823 [ 892.460483][T23464] sec_pagetables:0 bounce:0 [ 892.460483][T23464] kernel_misc_reclaimable:0 [ 892.460483][T23464] free:1285391 free_pcp:14936 free_cma:0 [ 892.506872][T23464] Node 0 active_anon:55836kB inactive_anon:80568kB active_file:91956kB inactive_file:149788kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101696kB dirty:1444kB writeback:0kB shmem:71636kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12176kB pagetables:7188kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 892.539450][T23464] Node 1 active_anon:0kB inactive_anon:0kB active_file:52kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:104kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 892.569709][T23464] Node 0 DMA free:15352kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 892.604584][T23464] lowmem_reserve[]: 0 2485 2487 2487 2487 [ 892.610336][T23464] Node 0 DMA32 free:1219340kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:55836kB inactive_anon:80568kB active_file:91956kB inactive_file:149788kB unevictable:1536kB writepending:1444kB zspages:684kB present:3129332kB managed:2545108kB mlocked:0kB bounce:0kB free_pcp:52764kB local_pcp:52764kB free_cma:0kB [ 892.681505][T23464] lowmem_reserve[]: 0 0 1 1 1 [ 892.686269][T23464] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 892.747150][T23464] lowmem_reserve[]: 0 0 0 0 0 [ 892.753218][T23464] Node 1 Normal free:3906916kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:52kB inactive_file:136kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:6968kB local_pcp:6968kB free_cma:0kB [ 892.809613][T23469] netlink: 338 bytes leftover after parsing attributes in process `syz.5.5876'. [ 892.825285][T23464] lowmem_reserve[]: 0 0 0 0 0 [ 892.832583][T23469] netlink: 314 bytes leftover after parsing attributes in process `syz.5.5876'. [ 892.842573][T23464] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15352kB [ 892.876126][T23464] Node 0 DMA32: 2280*4kB (UM) 786*8kB (UM) 456*16kB (UM) 731*32kB (UM) 369*64kB (UME) 333*128kB (UME) 250*256kB (UME) 107*512kB (UME) 53*1024kB (UME) 12*2048kB (UM) 224*4096kB (UM) = 1227472kB [ 892.902283][T23464] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 892.922520][T23464] Node 1 Normal: 3*4kB (ME) 5*8kB (E) 9*16kB (E) 189*32kB (UE) 100*64kB (UME) 28*128kB (UE) 14*256kB (UME) 6*512kB (UE) 1*1024kB (U) 2*2048kB (ME) 947*4096kB (M) = 3906916kB [ 892.959059][T23464] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 892.979160][T23464] Node 0 hugepages_total=6 hugepages_free=2 hugepages_surp=4 hugepages_size=2048kB [ 893.017342][T23464] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 893.045394][T23464] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 893.099507][T23464] 78825 total pagecache pages [ 893.104195][T23464] 55 pages in swap cache [ 893.123027][T23464] Free swap = 124472kB [ 893.127189][T23464] Total swap = 124996kB [ 893.159185][T23464] 2097051 pages RAM [ 893.174574][T23464] 0 pages HighMem/MovableOnly [ 893.187681][T23464] 428684 pages reserved [ 893.204737][T23464] 0 pages cma reserved [ 893.305328][T23464] Process accounting paused [ 893.593248][ T30] audit: type=1800 audit(8277292203.267:25): pid=23477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.5880" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 893.711986][T23490] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5883'. [ 894.604841][T23513] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 895.043630][T23526] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5896'. [ 895.064557][T23526] netlink: 25 bytes leftover after parsing attributes in process `syz.0.5896'. [ 895.348301][T23532] zswap: compressor not available [ 896.046811][T23558] netlink: 46 bytes leftover after parsing attributes in process `syz.0.5904'. [ 896.946277][T23575] netlink: 13 bytes leftover after parsing attributes in process `syz.2.5909'. [ 897.191166][T23584] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5914'. [ 897.773663][T23602] netlink: 186 bytes leftover after parsing attributes in process `syz.4.5918'. [ 898.146007][T23613] Dead loop on virtual device ip6_vti0, fix it urgently! [ 898.192748][T23613] Dead loop on virtual device ip6_vti0, fix it urgently! [ 898.220239][T23613] Dead loop on virtual device ip6_vti0, fix it urgently! [ 898.247224][T23613] Dead loop on virtual device ip6_vti0, fix it urgently! [ 898.265985][T23613] Dead loop on virtual device ip6_vti0, fix it urgently! [ 898.286915][T23613] Dead loop on virtual device ip6_vti0, fix it urgently! [ 898.801731][T23614] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 898.819652][T23614] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 898.854103][T23614] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 898.885212][T23614] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 899.936628][T23617] kexec: Could not allocate control_code_buffer [ 900.095396][T23647] ERROR: Out of memory at tomoyo_memory_ok. [ 900.146409][T17794] Bluetooth: hci0: command 0x0406 tx timeout [ 900.270441][T17794] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 900.559070][T23657] mkiss: ax0: crc mode is auto. [ 900.863160][ T5149] Bluetooth: hci4: command 0x0406 tx timeout [ 900.869218][ T5149] Bluetooth: hci3: command 0x0c1a tx timeout [ 900.875304][T17794] Bluetooth: hci2: command 0x0406 tx timeout [ 901.050181][T23665] random: crng reseeded on system resumption [ 901.387913][T23670] FAULT_INJECTION: forcing a failure. [ 901.387913][T23670] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 901.456306][T23670] CPU: 0 UID: 0 PID: 23670 Comm: syz.5.5941 Tainted: G U syzkaller #0 PREEMPT(full) [ 901.456333][T23670] Tainted: [U]=USER [ 901.456338][T23670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 901.456348][T23670] Call Trace: [ 901.456353][T23670] [ 901.456360][T23670] dump_stack_lvl+0x16c/0x1f0 [ 901.456381][T23670] should_fail_ex+0x512/0x640 [ 901.456406][T23670] should_fail_alloc_page+0xe7/0x130 [ 901.456427][T23670] prepare_alloc_pages+0x3c2/0x610 [ 901.456449][T23670] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 901.456466][T23670] ? stack_trace_save+0x8e/0xc0 [ 901.456483][T23670] ? __pfx_stack_trace_save+0x10/0x10 [ 901.456499][T23670] ? stack_depot_save_flags+0x29/0x9c0 [ 901.456519][T23670] ? trace_mm_page_alloc+0x11f/0x1a0 [ 901.456540][T23670] ? kasan_save_stack+0x42/0x60 [ 901.456557][T23670] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 901.456571][T23670] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 901.456585][T23670] ? __handle_mm_fault+0xada/0x2aa0 [ 901.456605][T23670] ? do_user_addr_fault+0x7a6/0x1370 [ 901.456626][T23670] ? exc_page_fault+0x64/0xc0 [ 901.456640][T23670] ? asm_exc_page_fault+0x26/0x30 [ 901.456654][T23670] ? rep_movs_alternative+0xf/0x90 [ 901.456673][T23670] ? _copy_from_user+0x98/0xd0 [ 901.456693][T23670] ? do_sock_getsockopt+0x3ca/0x440 [ 901.456709][T23670] ? __sys_getsockopt+0x123/0x1b0 [ 901.456737][T23670] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 901.456761][T23670] ? policy_nodemask+0xea/0x4e0 [ 901.456782][T23670] alloc_pages_mpol+0x1fb/0x550 [ 901.456801][T23670] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 901.456825][T23670] alloc_pages_noprof+0x131/0x390 [ 901.456845][T23670] pte_alloc_one+0x1e/0x350 [ 901.456861][T23670] do_pte_missing+0x1acf/0x3ba0 [ 901.456883][T23670] ? __thp_vma_allowable_orders+0x1c8/0xcd0 [ 901.456904][T23670] ? __pmd_alloc+0x64f/0x8b0 [ 901.456925][T23670] __handle_mm_fault+0x1556/0x2aa0 [ 901.456949][T23670] ? mt_find+0x3e2/0xa20 [ 901.456966][T23670] ? __pfx___handle_mm_fault+0x10/0x10 [ 901.456986][T23670] ? __pfx_mt_find+0x10/0x10 [ 901.457012][T23670] ? find_vma+0xbf/0x140 [ 901.457028][T23670] ? __pfx_find_vma+0x10/0x10 [ 901.457047][T23670] handle_mm_fault+0x589/0xd10 [ 901.457068][T23670] ? __pkru_allows_pkey+0x11/0xb0 [ 901.457091][T23670] do_user_addr_fault+0x7a6/0x1370 [ 901.457106][T23670] ? rcu_is_watching+0x12/0xc0 [ 901.457124][T23670] exc_page_fault+0x64/0xc0 [ 901.457140][T23670] asm_exc_page_fault+0x26/0x30 [ 901.457154][T23670] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 901.457174][T23670] Code: c4 10 e9 84 3c 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 3c 04 00 66 66 [ 901.457188][T23670] RSP: 0018:ffffc90003b7fd60 EFLAGS: 00050202 [ 901.457200][T23670] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 901.457209][T23670] RDX: fffff5200076ffba RSI: 0000000000000000 RDI: ffffc90003b7fdd0 [ 901.457218][T23670] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff5200076ffba [ 901.457227][T23670] R10: 0000000000000003 R11: 0000000000000001 R12: 0000000000000000 [ 901.457235][T23670] R13: ffffc90003b7fdd0 R14: 0000000000000000 R15: 0000000000000000 [ 901.457253][T23670] _copy_from_user+0x98/0xd0 [ 901.457276][T23670] do_sock_getsockopt+0x3ca/0x440 [ 901.457293][T23670] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 901.457308][T23670] ? __fget_files+0x204/0x3c0 [ 901.457323][T23670] ? 0xffffffffff600000 [ 901.457341][T23670] __sys_getsockopt+0x123/0x1b0 [ 901.457364][T23670] ? 0xffffffffff600000 [ 901.457377][T23670] __x64_sys_getsockopt+0xbd/0x160 [ 901.457398][T23670] ? do_syscall_64+0x91/0xfa0 [ 901.457412][T23670] ? lockdep_hardirqs_on+0x7c/0x110 [ 901.457427][T23670] do_syscall_64+0xcd/0xfa0 [ 901.457443][T23670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.457457][T23670] RIP: 0033:0x7f02b3f8efc9 [ 901.457468][T23670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 901.457481][T23670] RSP: 002b:00007f02b4ee5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 901.457494][T23670] RAX: ffffffffffffffda RBX: 00007f02b41e5fa0 RCX: 00007f02b3f8efc9 [ 901.457504][T23670] RDX: 0000000000000005 RSI: 0000000000000114 RDI: 0000000000000006 [ 901.457512][T23670] RBP: 00007f02b4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 901.457521][T23670] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000 [ 901.457529][T23670] R13: 00007f02b41e6038 R14: 00007f02b41e5fa0 R15: 00007ffe3049da48 [ 901.457542][T23670] ? 0xffffffffff600000 [ 901.457558][T23670] [ 901.983587][T23652] Process accounting paused [ 902.091380][T23675] netlink: 86 bytes leftover after parsing attributes in process `syz.0.5943'. [ 902.244347][T23683] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5946'. [ 902.254734][T23683] netlink: 354 bytes leftover after parsing attributes in process `syz.0.5946'. [ 902.340314][ T5149] Bluetooth: hci0: command 0x0406 tx timeout [ 902.354579][ T30] audit: type=1800 audit(8277292212.018:26): pid=23686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5947" name="lu_gp_id" dev="configfs" ino=114121 res=0 errno=0 [ 903.993436][T23710] Process accounting paused [ 905.578954][T23758] random: crng reseeded on system resumption [ 906.399435][T23779] vmstat_refresh: nr_hugetlb -37376 [ 908.445582][T23827] netlink: 25 bytes leftover after parsing attributes in process `syz.0.5988'. [ 910.984948][T23871] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 911.027224][T23871] Unable to find swap-space signature [ 911.155646][ T5831] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 911.209759][T23875] ERROR: Out of memory at tomoyo_memory_ok. [ 911.778444][T23896] netlink: 246 bytes leftover after parsing attributes in process `syz.5.6012'. [ 912.593099][T23903] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6015'. [ 913.207666][ T5831] Bluetooth: hci4: command 0x0406 tx timeout [ 913.591145][T23931] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6022'. [ 914.038477][T23936] FAULT_INJECTION: forcing a failure. [ 914.038477][T23936] name failslab, interval 1, probability 0, space 0, times 0 [ 914.125057][T23936] CPU: 0 UID: 0 PID: 23936 Comm: syz.5.6024 Tainted: G U syzkaller #0 PREEMPT(full) [ 914.125084][T23936] Tainted: [U]=USER [ 914.125089][T23936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 914.125099][T23936] Call Trace: [ 914.125104][T23936] [ 914.125111][T23936] dump_stack_lvl+0x16c/0x1f0 [ 914.125132][T23936] should_fail_ex+0x512/0x640 [ 914.125154][T23936] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 914.125172][T23936] should_failslab+0xc2/0x120 [ 914.125192][T23936] kmem_cache_alloc_noprof+0x75/0x6e0 [ 914.125207][T23936] ? __kernfs_new_node+0xd2/0x8e0 [ 914.125228][T23936] ? __kernfs_new_node+0xd2/0x8e0 [ 914.125245][T23936] __kernfs_new_node+0xd2/0x8e0 [ 914.125265][T23936] ? __pfx___kernfs_new_node+0x10/0x10 [ 914.125288][T23936] ? find_held_lock+0x2b/0x80 [ 914.125304][T23936] ? kernfs_root+0xee/0x2a0 [ 914.125325][T23936] kernfs_new_node+0x13c/0x1e0 [ 914.125355][T23936] __kernfs_create_file+0x53/0x350 [ 914.125373][T23936] sysfs_add_file_mode_ns+0x207/0x3c0 [ 914.125396][T23936] internal_create_group+0x578/0xf30 [ 914.125421][T23936] ? __pfx_internal_create_group+0x10/0x10 [ 914.125443][T23936] ? kernfs_create_link+0x1bd/0x240 [ 914.125461][T23936] internal_create_groups+0x9d/0x150 [ 914.125481][T23936] device_add+0x6d1/0x1aa0 [ 914.125506][T23936] ? __pfx_device_add+0x10/0x10 [ 914.125526][T23936] ? lockdep_init_map_type+0x5c/0x280 [ 914.125546][T23936] ? __init_waitqueue_head+0xca/0x150 [ 914.125573][T23936] rfkill_register+0x1ad/0xb40 [ 914.125597][T23936] nfc_register_device+0x11f/0x3c0 [ 914.125615][T23936] nci_register_device+0x7f1/0xb80 [ 914.125646][T23936] ? __pfx_nci_register_device+0x10/0x10 [ 914.125671][T23936] ? lockdep_init_map_type+0x5c/0x280 [ 914.125695][T23936] virtual_ncidev_open+0x141/0x220 [ 914.125711][T23936] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 914.125725][T23936] misc_open+0x26d/0x450 [ 914.125746][T23936] ? __pfx_misc_open+0x10/0x10 [ 914.125766][T23936] chrdev_open+0x234/0x6a0 [ 914.125783][T23936] ? __pfx_apparmor_file_open+0x10/0x10 [ 914.125804][T23936] ? __pfx_chrdev_open+0x10/0x10 [ 914.125822][T23936] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 914.125841][T23936] do_dentry_open+0x982/0x1530 [ 914.125858][T23936] ? __pfx_chrdev_open+0x10/0x10 [ 914.125878][T23936] vfs_open+0x82/0x3f0 [ 914.125900][T23936] path_openat+0x1de4/0x2cb0 [ 914.125923][T23936] ? __pfx_path_openat+0x10/0x10 [ 914.125939][T23936] ? __lock_acquire+0xb8a/0x1c90 [ 914.125960][T23936] do_filp_open+0x20b/0x470 [ 914.125976][T23936] ? __pfx_do_filp_open+0x10/0x10 [ 914.126006][T23936] ? alloc_fd+0x471/0x7d0 [ 914.126025][T23936] do_sys_openat2+0x11b/0x1d0 [ 914.126045][T23936] ? __pfx_do_sys_openat2+0x10/0x10 [ 914.126073][T23936] __x64_sys_openat+0x174/0x210 [ 914.126094][T23936] ? __pfx___x64_sys_openat+0x10/0x10 [ 914.126123][T23936] do_syscall_64+0xcd/0xfa0 [ 914.126140][T23936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 914.126155][T23936] RIP: 0033:0x7f02b3f8efc9 [ 914.126167][T23936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 914.126182][T23936] RSP: 002b:00007f02b4ee5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 914.126197][T23936] RAX: ffffffffffffffda RBX: 00007f02b41e5fa0 RCX: 00007f02b3f8efc9 [ 914.126206][T23936] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 914.126216][T23936] RBP: 00007f02b4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 914.126225][T23936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 914.126234][T23936] R13: 00007f02b41e6038 R14: 00007f02b41e5fa0 R15: 00007ffe3049da48 [ 914.126255][T23936] [ 914.595521][T23945] netlink: 93 bytes leftover after parsing attributes in process `syz.2.6026'. [ 915.107469][T23962] netlink: 13 bytes leftover after parsing attributes in process `syz.0.6032'. [ 915.196367][T23963] capability: warning: `syz.2.6031' uses deprecated v2 capabilities in a way that may be insecure [ 915.336255][T23966] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 916.384376][T23996] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6040'. [ 917.534297][T24029] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6047'. [ 917.591421][T24035] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6047'. [ 918.383515][T24046] netlink: 'syz.4.6050': attribute type 10 has an invalid length. [ 918.414962][T24046] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6050'. [ 919.578165][ T50] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:3: bg 2: bad block bitmap checksum [ 919.672885][ T50] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 923 with max blocks 44 with error 74 [ 919.781404][ T50] EXT4-fs (sda1): This should not happen!! Data will be lost [ 919.781404][ T50] [ 920.433539][T24092] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 920.487053][T24092] Unable to find swap-space signature [ 920.808880][T24098] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6063'. [ 920.831814][T24099] FAULT_INJECTION: forcing a failure. [ 920.831814][T24099] name failslab, interval 1, probability 0, space 0, times 0 [ 920.913314][T24099] CPU: 0 UID: 0 PID: 24099 Comm: syz.0.6062 Tainted: G U syzkaller #0 PREEMPT(full) [ 920.913342][T24099] Tainted: [U]=USER [ 920.913347][T24099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 920.913356][T24099] Call Trace: [ 920.913362][T24099] [ 920.913368][T24099] dump_stack_lvl+0x16c/0x1f0 [ 920.913389][T24099] should_fail_ex+0x512/0x640 [ 920.913413][T24099] should_failslab+0xc2/0x120 [ 920.913433][T24099] __kmalloc_cache_noprof+0x72/0x780 [ 920.913456][T24099] ? __task_pid_nr_ns+0x1f5/0x500 [ 920.913475][T24099] ? proc_self_get_link+0x1a9/0x230 [ 920.913496][T24099] ? proc_self_get_link+0x1a9/0x230 [ 920.913513][T24099] proc_self_get_link+0x1a9/0x230 [ 920.913530][T24099] ? __pfx_proc_self_get_link+0x10/0x10 [ 920.913547][T24099] step_into+0x189e/0x21a0 [ 920.913564][T24099] ? __pfx_step_into+0x10/0x10 [ 920.913581][T24099] ? lookup_fast+0x156/0x610 [ 920.913596][T24099] walk_component+0xfc/0x5b0 [ 920.913610][T24099] link_path_walk+0x627/0xe20 [ 920.913637][T24099] path_openat+0x1b0/0x2cb0 [ 920.913659][T24099] ? __pfx_path_openat+0x10/0x10 [ 920.913676][T24099] ? __lock_acquire+0xb8a/0x1c90 [ 920.913698][T24099] do_filp_open+0x20b/0x470 [ 920.913714][T24099] ? __pfx_do_filp_open+0x10/0x10 [ 920.913743][T24099] ? alloc_fd+0x471/0x7d0 [ 920.913763][T24099] do_sys_openat2+0x11b/0x1d0 [ 920.913783][T24099] ? __pfx_do_sys_openat2+0x10/0x10 [ 920.913810][T24099] __x64_sys_openat+0x174/0x210 [ 920.913830][T24099] ? __pfx___x64_sys_openat+0x10/0x10 [ 920.913859][T24099] do_syscall_64+0xcd/0xfa0 [ 920.913876][T24099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 920.913890][T24099] RIP: 0033:0x7fd4ed78efc9 [ 920.913903][T24099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 920.913917][T24099] RSP: 002b:00007fd4ee65d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 920.913932][T24099] RAX: ffffffffffffffda RBX: 00007fd4ed9e5fa0 RCX: 00007fd4ed78efc9 [ 920.913942][T24099] RDX: 0000000000109480 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 920.913951][T24099] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 920.913961][T24099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 920.913969][T24099] R13: 00007fd4ed9e6038 R14: 00007fd4ed9e5fa0 R15: 00007ffcc47d1ef8 [ 920.913989][T24099] [ 920.917533][T24098] vxcan1: entered promiscuous mode [ 921.647173][T24106] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6065'. [ 921.692870][T24106] netlink: 13 bytes leftover after parsing attributes in process `syz.5.6065'. [ 922.402429][T24118] ERROR: Out of memory at tomoyo_memory_ok. [ 923.620932][T24026] Process accounting resumed [ 924.823814][T24166] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6081'. [ 924.882638][T24166] netlink: 354 bytes leftover after parsing attributes in process `syz.2.6081'. [ 924.914541][ T1162] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 2 with max blocks 1 with error 117 [ 924.979668][ T1162] EXT4-fs (sda1): This should not happen!! Data will be lost [ 924.979668][ T1162] [ 925.189562][T24174] netlink: 252 bytes leftover after parsing attributes in process `syz.0.6083'. [ 925.293142][T24178] netlink: 252 bytes leftover after parsing attributes in process `syz.0.6083'. [ 925.529767][T24168] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 925.897373][T24187] FAULT_INJECTION: forcing a failure. [ 925.897373][T24187] name failslab, interval 1, probability 0, space 0, times 0 [ 925.996221][T24187] CPU: 0 UID: 0 PID: 24187 Comm: syz.2.6088 Tainted: G U syzkaller #0 PREEMPT(full) [ 925.996247][T24187] Tainted: [U]=USER [ 925.996253][T24187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 925.996262][T24187] Call Trace: [ 925.996268][T24187] [ 925.996274][T24187] dump_stack_lvl+0x16c/0x1f0 [ 925.996295][T24187] should_fail_ex+0x512/0x640 [ 925.996317][T24187] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 925.996335][T24187] should_failslab+0xc2/0x120 [ 925.996354][T24187] kmem_cache_alloc_noprof+0x75/0x6e0 [ 925.996369][T24187] ? __kernfs_new_node+0xd2/0x8e0 [ 925.996391][T24187] ? __kernfs_new_node+0xd2/0x8e0 [ 925.996407][T24187] __kernfs_new_node+0xd2/0x8e0 [ 925.996427][T24187] ? __pfx___kernfs_new_node+0x10/0x10 [ 925.996450][T24187] ? find_held_lock+0x2b/0x80 [ 925.996465][T24187] ? kernfs_root+0xee/0x2a0 [ 925.996487][T24187] kernfs_new_node+0x13c/0x1e0 [ 925.996511][T24187] kernfs_create_link+0xcc/0x240 [ 925.996528][T24187] sysfs_do_create_link_sd+0x90/0x140 [ 925.996547][T24187] sysfs_create_link+0x61/0xc0 [ 925.996565][T24187] device_add+0x62c/0x1aa0 [ 925.996588][T24187] ? __pfx_device_add+0x10/0x10 [ 925.996609][T24187] ? lockdep_init_map_type+0x5c/0x280 [ 925.996629][T24187] ? __init_waitqueue_head+0xca/0x150 [ 925.996656][T24187] rfkill_register+0x1ad/0xb40 [ 925.996680][T24187] nfc_register_device+0x11f/0x3c0 [ 925.996698][T24187] nci_register_device+0x7f1/0xb80 [ 925.996721][T24187] ? __pfx_nci_register_device+0x10/0x10 [ 925.996745][T24187] ? lockdep_init_map_type+0x5c/0x280 [ 925.996768][T24187] virtual_ncidev_open+0x141/0x220 [ 925.996784][T24187] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 925.996799][T24187] misc_open+0x26d/0x450 [ 925.996820][T24187] ? __pfx_misc_open+0x10/0x10 [ 925.996840][T24187] chrdev_open+0x234/0x6a0 [ 925.996857][T24187] ? __pfx_apparmor_file_open+0x10/0x10 [ 925.996878][T24187] ? __pfx_chrdev_open+0x10/0x10 [ 925.996896][T24187] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 925.996916][T24187] do_dentry_open+0x982/0x1530 [ 925.996933][T24187] ? __pfx_chrdev_open+0x10/0x10 [ 925.996954][T24187] vfs_open+0x82/0x3f0 [ 925.996976][T24187] path_openat+0x1de4/0x2cb0 [ 925.996998][T24187] ? __pfx_path_openat+0x10/0x10 [ 925.997015][T24187] ? __lock_acquire+0xb8a/0x1c90 [ 925.997036][T24187] do_filp_open+0x20b/0x470 [ 925.997052][T24187] ? __pfx_do_filp_open+0x10/0x10 [ 925.997082][T24187] ? alloc_fd+0x471/0x7d0 [ 925.997111][T24187] do_sys_openat2+0x11b/0x1d0 [ 925.997132][T24187] ? __pfx_do_sys_openat2+0x10/0x10 [ 925.997161][T24187] __x64_sys_openat+0x174/0x210 [ 925.997183][T24187] ? __pfx___x64_sys_openat+0x10/0x10 [ 925.997213][T24187] do_syscall_64+0xcd/0xfa0 [ 925.997230][T24187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 925.997245][T24187] RIP: 0033:0x7f5dafd8efc9 [ 925.997257][T24187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 925.997272][T24187] RSP: 002b:00007f5db0c0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 925.997286][T24187] RAX: ffffffffffffffda RBX: 00007f5daffe5fa0 RCX: 00007f5dafd8efc9 [ 925.997296][T24187] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 925.997306][T24187] RBP: 00007f5dafe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 925.997315][T24187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 925.997324][T24187] R13: 00007f5daffe6038 R14: 00007f5daffe5fa0 R15: 00007ffe50eee818 [ 925.997345][T24187] [ 927.733514][ T5831] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 927.733541][ T5831] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 927.749070][ T5831] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 927.749098][ T5831] Bluetooth: hci0: adv larger than maximum supported [ 927.756120][ T5831] Bluetooth: hci0: adv larger than maximum supported [ 927.763883][ T5831] Bluetooth: hci0: Malformed LE Event: 0x0d [ 928.988729][T24234] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6101'. [ 929.240615][T24225] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6098'. [ 929.319070][T24225] mac80211_hwsim hwsim24 wlan1: entered promiscuous mode [ 929.372008][T24243] __vm_enough_memory: pid: 24243, comm: syz.4.6103, bytes: 4398046511104 not enough memory for the allocation [ 929.391137][T24225] mac80211_hwsim hwsim24 wlan1: entered allmulticast mode [ 930.285425][T24256] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6110'. [ 930.325967][T24256] netlink: 'syz.0.6110': attribute type 1 has an invalid length. [ 930.348037][T24256] netlink: 13 bytes leftover after parsing attributes in process `syz.0.6110'. [ 930.539854][T24262] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6111'. [ 933.753513][T24288] ERROR: Out of memory at tomoyo_memory_ok. [ 934.683755][T24280] Process accounting resumed [ 935.346813][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 935.358003][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 935.375475][T24278] Process accounting resumed [ 935.596432][T24284] kexec: Could not allocate control_code_buffer [ 936.321399][T24312] netlink: 'syz.5.6127': attribute type 10 has an invalid length. [ 936.364185][T24312] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6127'. [ 936.559384][T24325] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6130'. [ 936.636972][T24327] FAULT_INJECTION: forcing a failure. [ 936.636972][T24327] name failslab, interval 1, probability 0, space 0, times 0 [ 936.680144][T24327] CPU: 0 UID: 0 PID: 24327 Comm: syz.5.6131 Tainted: G U syzkaller #0 PREEMPT(full) [ 936.680170][T24327] Tainted: [U]=USER [ 936.680175][T24327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 936.680185][T24327] Call Trace: [ 936.680191][T24327] [ 936.680198][T24327] dump_stack_lvl+0x16c/0x1f0 [ 936.680220][T24327] should_fail_ex+0x512/0x640 [ 936.680243][T24327] ? __kmalloc_noprof+0xca/0x880 [ 936.680269][T24327] should_failslab+0xc2/0x120 [ 936.680289][T24327] __kmalloc_noprof+0xdd/0x880 [ 936.680312][T24327] ? process_preds+0x46c/0x1c50 [ 936.680335][T24327] ? process_preds+0x46c/0x1c50 [ 936.680353][T24327] process_preds+0x46c/0x1c50 [ 936.680376][T24327] ? create_filter_start.constprop.0+0x56/0x300 [ 936.680398][T24327] create_filter+0x140/0x210 [ 936.680419][T24327] ? __pfx_create_filter+0x10/0x10 [ 936.680439][T24327] ? __pfx___mutex_lock+0x10/0x10 [ 936.680455][T24327] ? find_held_lock+0x2b/0x80 [ 936.680472][T24327] apply_event_filter+0x220/0x500 [ 936.680492][T24327] ? __pfx_apply_event_filter+0x10/0x10 [ 936.680518][T24327] event_filter_write+0x16d/0x290 [ 936.680534][T24327] ? __pfx_event_filter_write+0x10/0x10 [ 936.680547][T24327] vfs_write+0x2a0/0x11d0 [ 936.680566][T24327] ? __pfx___mutex_lock+0x10/0x10 [ 936.680582][T24327] ? __pfx_vfs_write+0x10/0x10 [ 936.680603][T24327] ? __fget_files+0x20e/0x3c0 [ 936.680623][T24327] ksys_write+0x12a/0x250 [ 936.680638][T24327] ? __pfx_ksys_write+0x10/0x10 [ 936.680659][T24327] do_syscall_64+0xcd/0xfa0 [ 936.680676][T24327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 936.680692][T24327] RIP: 0033:0x7f02b3f8efc9 [ 936.680704][T24327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 936.680718][T24327] RSP: 002b:00007f02b4ee5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 936.680733][T24327] RAX: ffffffffffffffda RBX: 00007f02b41e5fa0 RCX: 00007f02b3f8efc9 [ 936.680742][T24327] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 936.680751][T24327] RBP: 00007f02b4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 936.680760][T24327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 936.680769][T24327] R13: 00007f02b41e6038 R14: 00007f02b41e5fa0 R15: 00007ffe3049da48 [ 936.680790][T24327] [ 937.441234][T24335] FAULT_INJECTION: forcing a failure. [ 937.441234][T24335] name failslab, interval 1, probability 0, space 0, times 0 [ 937.484018][T24335] CPU: 0 UID: 0 PID: 24335 Comm: syz.5.6134 Tainted: G U syzkaller #0 PREEMPT(full) [ 937.484044][T24335] Tainted: [U]=USER [ 937.484050][T24335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 937.484059][T24335] Call Trace: [ 937.484064][T24335] [ 937.484070][T24335] dump_stack_lvl+0x16c/0x1f0 [ 937.484090][T24335] should_fail_ex+0x512/0x640 [ 937.484115][T24335] should_failslab+0xc2/0x120 [ 937.484135][T24335] __kmalloc_cache_noprof+0x72/0x780 [ 937.484158][T24335] ? __task_pid_nr_ns+0x1f5/0x500 [ 937.484177][T24335] ? proc_self_get_link+0x1a9/0x230 [ 937.484198][T24335] ? proc_self_get_link+0x1a9/0x230 [ 937.484215][T24335] proc_self_get_link+0x1a9/0x230 [ 937.484233][T24335] ? __pfx_proc_self_get_link+0x10/0x10 [ 937.484250][T24335] step_into+0x189e/0x21a0 [ 937.484268][T24335] ? __pfx_step_into+0x10/0x10 [ 937.484284][T24335] ? lookup_fast+0x156/0x610 [ 937.484299][T24335] walk_component+0xfc/0x5b0 [ 937.484314][T24335] link_path_walk+0x627/0xe20 [ 937.484334][T24335] path_openat+0x1b0/0x2cb0 [ 937.484355][T24335] ? __pfx_path_openat+0x10/0x10 [ 937.484372][T24335] ? __lock_acquire+0xb8a/0x1c90 [ 937.484393][T24335] do_filp_open+0x20b/0x470 [ 937.484409][T24335] ? __pfx_do_filp_open+0x10/0x10 [ 937.484438][T24335] ? alloc_fd+0x471/0x7d0 [ 937.484457][T24335] do_sys_openat2+0x11b/0x1d0 [ 937.484477][T24335] ? __pfx_do_sys_openat2+0x10/0x10 [ 937.484505][T24335] __x64_sys_openat+0x174/0x210 [ 937.484526][T24335] ? __pfx___x64_sys_openat+0x10/0x10 [ 937.484554][T24335] do_syscall_64+0xcd/0xfa0 [ 937.484571][T24335] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 937.484586][T24335] RIP: 0033:0x7f02b3f8efc9 [ 937.484602][T24335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 937.484616][T24335] RSP: 002b:00007f02b4ee5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 937.484631][T24335] RAX: ffffffffffffffda RBX: 00007f02b41e5fa0 RCX: 00007f02b3f8efc9 [ 937.484641][T24335] RDX: 0000000000109480 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 937.484651][T24335] RBP: 00007f02b4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 937.484661][T24335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 937.484671][T24335] R13: 00007f02b41e6038 R14: 00007f02b41e5fa0 R15: 00007ffe3049da48 [ 937.484691][T24335] [ 938.560172][T24342] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6135'. [ 938.596284][T24342] netlink: 'syz.5.6135': attribute type 1 has an invalid length. [ 938.645054][T24342] netlink: 'syz.5.6135': attribute type 6 has an invalid length. [ 940.067501][T24361] __vm_enough_memory: pid: 24361, comm: syz.5.6139, bytes: 4398046511104 not enough memory for the allocation [ 941.213792][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 941.220419][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 941.423652][T24378] netlink: 25 bytes leftover after parsing attributes in process `syz.0.6145'. [ 942.410395][T24401] warn_alloc: 1 callbacks suppressed [ 942.410408][T24401] syz.0.6152: vmalloc error: size 4096, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 942.524793][T24401] CPU: 0 UID: 0 PID: 24401 Comm: syz.0.6152 Tainted: G U syzkaller #0 PREEMPT(full) [ 942.524820][T24401] Tainted: [U]=USER [ 942.524826][T24401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 942.524834][T24401] Call Trace: [ 942.524840][T24401] [ 942.524846][T24401] dump_stack_lvl+0x16c/0x1f0 [ 942.524868][T24401] warn_alloc+0x248/0x3a0 [ 942.524885][T24401] ? __pfx_warn_alloc+0x10/0x10 [ 942.524901][T24401] ? alloc_pages_mpol+0x25a/0x550 [ 942.524922][T24401] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 942.524939][T24401] ? __pfx_alloc_pages_bulk_mempolicy_noprof+0x10/0x10 [ 942.524963][T24401] ? trace_kmalloc+0x2b/0xd0 [ 942.524980][T24401] ? __get_vm_area_node+0x1dc/0x330 [ 942.524998][T24401] ? __vmalloc_node_range_noprof+0x3e5/0x1480 [ 942.525023][T24401] __vmalloc_node_range_noprof+0x119b/0x1480 [ 942.525050][T24401] ? n_tty_open+0x1a/0x170 [ 942.525073][T24401] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 942.525092][T24401] ? console_unlock+0x184/0x210 [ 942.525107][T24401] ? __pfx_console_unlock+0x10/0x10 [ 942.525123][T24401] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 942.525145][T24401] ? n_tty_open+0x1a/0x170 [ 942.525161][T24401] __vmalloc_node_noprof+0xad/0xf0 [ 942.525181][T24401] ? n_tty_open+0x1a/0x170 [ 942.525198][T24401] ? __pfx_n_tty_open+0x10/0x10 [ 942.525216][T24401] n_tty_open+0x1a/0x170 [ 942.525233][T24401] ? __pfx_n_tty_open+0x10/0x10 [ 942.525249][T24401] tty_ldisc_open+0x9f/0x120 [ 942.525271][T24401] tty_ldisc_setup+0x40/0x100 [ 942.525285][T24401] tty_init_dev.part.0+0x1ec/0x500 [ 942.525303][T24401] tty_open+0xa4f/0xf90 [ 942.525323][T24401] ? __pfx_tty_open+0x10/0x10 [ 942.525339][T24401] ? chrdev_open+0x10b/0x6a0 [ 942.525358][T24401] ? __pfx_tty_open+0x10/0x10 [ 942.525374][T24401] chrdev_open+0x234/0x6a0 [ 942.525390][T24401] ? __pfx_apparmor_file_open+0x10/0x10 [ 942.525412][T24401] ? __pfx_chrdev_open+0x10/0x10 [ 942.525437][T24401] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 942.525458][T24401] do_dentry_open+0x982/0x1530 [ 942.525477][T24401] ? __pfx_chrdev_open+0x10/0x10 [ 942.525498][T24401] vfs_open+0x82/0x3f0 [ 942.525521][T24401] path_openat+0x1de4/0x2cb0 [ 942.525543][T24401] ? __pfx_path_openat+0x10/0x10 [ 942.525560][T24401] ? __lock_acquire+0xb8a/0x1c90 [ 942.525582][T24401] do_filp_open+0x20b/0x470 [ 942.525598][T24401] ? __pfx_do_filp_open+0x10/0x10 [ 942.525628][T24401] ? alloc_fd+0x471/0x7d0 [ 942.525648][T24401] do_sys_openat2+0x11b/0x1d0 [ 942.525667][T24401] ? __pfx_do_sys_openat2+0x10/0x10 [ 942.525695][T24401] __x64_sys_openat+0x174/0x210 [ 942.525716][T24401] ? __pfx___x64_sys_openat+0x10/0x10 [ 942.525745][T24401] do_syscall_64+0xcd/0xfa0 [ 942.525762][T24401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 942.525777][T24401] RIP: 0033:0x7fd4ed78efc9 [ 942.525790][T24401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 942.525805][T24401] RSP: 002b:00007fd4ee65d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 942.525819][T24401] RAX: ffffffffffffffda RBX: 00007fd4ed9e5fa0 RCX: 00007fd4ed78efc9 [ 942.525829][T24401] RDX: 0000000000000102 RSI: 0000200000000800 RDI: ffffffffffffff9c [ 942.525839][T24401] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 942.525848][T24401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 942.525857][T24401] R13: 00007fd4ed9e6038 R14: 00007fd4ed9e5fa0 R15: 00007ffcc47d1ef8 [ 942.525878][T24401] [ 942.525884][T24401] Mem-Info: [ 943.785762][T24401] active_anon:13361 inactive_anon:65975 isolated_anon:0 [ 943.785762][T24401] active_file:62628 inactive_file:42107 isolated_file:0 [ 943.785762][T24401] unevictable:768 dirty:792 writeback:0 [ 943.785762][T24401] slab_reclaimable:12499 slab_unreclaimable:96407 [ 943.785762][T24401] mapped:35122 shmem:65713 pagetables:1900 [ 943.785762][T24401] sec_pagetables:0 bounce:0 [ 943.785762][T24401] kernel_misc_reclaimable:0 [ 943.785762][T24401] free:1192566 free_pcp:13747 free_cma:0 [ 944.029725][T24401] Node 0 active_anon:53444kB inactive_anon:266604kB active_file:251680kB inactive_file:167072kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:139084kB dirty:3164kB writeback:0kB shmem:264124kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11904kB pagetables:7444kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 944.097809][T24401] Node 1 active_anon:0kB inactive_anon:0kB active_file:184kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:52kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:104kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 944.163081][T24401] Node 0 DMA free:15352kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 944.238773][T24401] lowmem_reserve[]: 0 2485 2487 2487 2487 [ 944.245016][T24401] Node 0 DMA32 free:844480kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:53444kB inactive_anon:260780kB active_file:251784kB inactive_file:166968kB unevictable:1536kB writepending:3164kB zspages:884kB present:3129332kB managed:2545108kB mlocked:0kB bounce:0kB free_pcp:55232kB local_pcp:55232kB free_cma:0kB [ 944.318859][T24401] lowmem_reserve[]: 0 0 1 1 1 [ 944.327154][T24401] Node 0 Normal free:12kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 944.389144][T24401] lowmem_reserve[]: 0 0 0 0 0 [ 944.393874][T24401] Node 1 Normal free:3908112kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:184kB inactive_file:4kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:5776kB local_pcp:5776kB free_cma:0kB [ 944.476925][T24401] lowmem_reserve[]: 0 0 0 0 0 [ 944.487006][T24401] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15352kB [ 944.517936][T24401] Node 0 DMA32: 1965*4kB (UM) 31*8kB (UME) 4*16kB (UM) 113*32kB (UM) 116*64kB (U) 84*128kB (UME) 32*256kB (UME) 6*512kB (UME) 42*1024kB (UM) 1*2048kB (U) 188*4096kB (M) = 856332kB [ 944.567489][T24401] Node 0 Normal: 1*4kB (U) 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 944.593711][T24401] Node 1 Normal: 2*4kB (E) 5*8kB (E) 10*16kB (UE) 196*32kB (UE) 99*64kB (UE) 28*128kB (UE) 14*256kB (UME) 6*512kB (UE) 2*1024kB (UM) 2*2048kB (ME) 947*4096kB (M) = 3908112kB [ 944.627339][T24401] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 944.658471][T24401] Node 0 hugepages_total=6 hugepages_free=2 hugepages_surp=6 hugepages_size=2048kB [ 944.677216][T24401] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 944.697114][T24401] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=2 hugepages_size=2048kB [ 944.716886][T24401] 156567 total pagecache pages [ 944.727139][T24401] 59 pages in swap cache [ 944.731387][T24401] Free swap = 124292kB [ 944.747015][T24401] Total swap = 124996kB [ 944.751174][T24401] 2097051 pages RAM [ 944.754956][T24401] 0 pages HighMem/MovableOnly [ 944.773699][T24401] 428684 pages reserved [ 944.782575][T24401] 0 pages cma reserved [ 944.796716][T24401] tty tty1: ldisc open failed (-12), clearing slot 0 [ 944.808157][T24404] pty pty131: ldisc open failed (-12), clearing slot 131 [ 944.846292][T24409] tty tty12: ldisc open failed (-12), clearing slot 11 [ 944.915625][T24419] netlink: 338 bytes leftover after parsing attributes in process `syz.5.6157'. [ 944.956215][T24419] bridge0: port 2(bridge_slave_1) entered disabled state [ 944.964516][T24419] bridge0: port 1(bridge_slave_0) entered disabled state [ 945.059037][T24420] ERROR: Out of memory at tomoyo_memory_ok. [ 945.532645][T24436] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6162'. [ 947.156056][T24454] netlink: 'syz.5.6169': attribute type 1 has an invalid length. [ 947.163790][T24454] netlink: 54 bytes leftover after parsing attributes in process `syz.5.6169'. [ 947.236163][T24453] ima: policy update failed [ 947.251122][ T30] audit: type=1802 audit(8277292257.179:27): pid=24453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.6169" res=0 errno=0 [ 947.509219][T24459] delete_channel: no stack [ 948.052331][T24470] FAULT_INJECTION: forcing a failure. [ 948.052331][T24470] name failslab, interval 1, probability 0, space 0, times 0 [ 948.141065][T24470] CPU: 0 UID: 0 PID: 24470 Comm: syz.5.6174 Tainted: G U syzkaller #0 PREEMPT(full) [ 948.141092][T24470] Tainted: [U]=USER [ 948.141097][T24470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 948.141107][T24470] Call Trace: [ 948.141112][T24470] [ 948.141118][T24470] dump_stack_lvl+0x16c/0x1f0 [ 948.141143][T24470] should_fail_ex+0x512/0x640 [ 948.141164][T24470] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 948.141183][T24470] should_failslab+0xc2/0x120 [ 948.141203][T24470] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 948.141217][T24470] ? find_inode_fast+0x1da/0x600 [ 948.141237][T24470] ? alloc_inode+0xc3/0x240 [ 948.141259][T24470] ? alloc_inode+0xc3/0x240 [ 948.141275][T24470] alloc_inode+0xc3/0x240 [ 948.141294][T24470] iget_locked+0x2fa/0x860 [ 948.141315][T24470] ? __pfx_iget_locked+0x10/0x10 [ 948.141335][T24470] ? find_held_lock+0x2b/0x80 [ 948.141351][T24470] ? kernfs_root+0xee/0x2a0 [ 948.141372][T24470] kernfs_get_inode+0x48/0x460 [ 948.141390][T24470] kernfs_iop_lookup+0x1a7/0x2d0 [ 948.141411][T24470] __lookup_slow+0x251/0x460 [ 948.141431][T24470] ? __pfx___lookup_slow+0x10/0x10 [ 948.141463][T24470] ? lookup_fast+0x156/0x610 [ 948.141475][T24470] ? __pfx_kernfs_iop_permission+0x10/0x10 [ 948.141494][T24470] walk_component+0x353/0x5b0 [ 948.141509][T24470] link_path_walk+0x627/0xe20 [ 948.141529][T24470] path_openat+0x1b0/0x2cb0 [ 948.141551][T24470] ? __pfx_path_openat+0x10/0x10 [ 948.141568][T24470] ? __lock_acquire+0xb8a/0x1c90 [ 948.141588][T24470] do_filp_open+0x20b/0x470 [ 948.141604][T24470] ? __pfx_do_filp_open+0x10/0x10 [ 948.141634][T24470] ? alloc_fd+0x471/0x7d0 [ 948.141653][T24470] do_sys_openat2+0x11b/0x1d0 [ 948.141673][T24470] ? __pfx_do_sys_openat2+0x10/0x10 [ 948.141701][T24470] __x64_sys_openat+0x174/0x210 [ 948.141722][T24470] ? __pfx___x64_sys_openat+0x10/0x10 [ 948.141751][T24470] do_syscall_64+0xcd/0xfa0 [ 948.141768][T24470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 948.141782][T24470] RIP: 0033:0x7f02b3f8efc9 [ 948.141795][T24470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 948.141809][T24470] RSP: 002b:00007f02b4ee5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 948.141823][T24470] RAX: ffffffffffffffda RBX: 00007f02b41e5fa0 RCX: 00007f02b3f8efc9 [ 948.141833][T24470] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 948.141842][T24470] RBP: 00007f02b4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 948.141850][T24470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 948.141859][T24470] R13: 00007f02b41e6038 R14: 00007f02b41e5fa0 R15: 00007ffe3049da48 [ 948.141886][T24470] [ 948.688619][T24426] kexec: Could not allocate control_code_buffer [ 949.846849][T24494] FAULT_INJECTION: forcing a failure. [ 949.846849][T24494] name failslab, interval 1, probability 0, space 0, times 0 [ 949.925977][T24494] CPU: 0 UID: 0 PID: 24494 Comm: syz.0.6181 Tainted: G U syzkaller #0 PREEMPT(full) [ 949.926004][T24494] Tainted: [U]=USER [ 949.926009][T24494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 949.926019][T24494] Call Trace: [ 949.926025][T24494] [ 949.926031][T24494] dump_stack_lvl+0x16c/0x1f0 [ 949.926052][T24494] should_fail_ex+0x512/0x640 [ 949.926074][T24494] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 949.926092][T24494] should_failslab+0xc2/0x120 [ 949.926112][T24494] kmem_cache_alloc_noprof+0x75/0x6e0 [ 949.926126][T24494] ? security_file_alloc+0x34/0x2b0 [ 949.926144][T24494] ? security_file_alloc+0x34/0x2b0 [ 949.926158][T24494] security_file_alloc+0x34/0x2b0 [ 949.926173][T24494] init_file+0x93/0x4c0 [ 949.926192][T24494] alloc_empty_file+0x73/0x1e0 [ 949.926212][T24494] path_openat+0xda/0x2cb0 [ 949.926233][T24494] ? __pfx_path_openat+0x10/0x10 [ 949.926250][T24494] ? __lock_acquire+0xb8a/0x1c90 [ 949.926271][T24494] do_filp_open+0x20b/0x470 [ 949.926287][T24494] ? __pfx_do_filp_open+0x10/0x10 [ 949.926315][T24494] ? alloc_fd+0x471/0x7d0 [ 949.926335][T24494] do_sys_openat2+0x11b/0x1d0 [ 949.926355][T24494] ? __pfx_do_sys_openat2+0x10/0x10 [ 949.926382][T24494] __x64_sys_openat+0x174/0x210 [ 949.926403][T24494] ? __pfx___x64_sys_openat+0x10/0x10 [ 949.926431][T24494] do_syscall_64+0xcd/0xfa0 [ 949.926447][T24494] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 949.926462][T24494] RIP: 0033:0x7fd4ed78efc9 [ 949.926474][T24494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 949.926488][T24494] RSP: 002b:00007fd4ee65d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 949.926502][T24494] RAX: ffffffffffffffda RBX: 00007fd4ed9e5fa0 RCX: 00007fd4ed78efc9 [ 949.926512][T24494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 949.926520][T24494] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 949.926529][T24494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 949.926537][T24494] R13: 00007fd4ed9e6038 R14: 00007fd4ed9e5fa0 R15: 00007ffcc47d1ef8 [ 949.926556][T24494] [ 950.206896][ T50] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 963 with max blocks 4 with error 117 [ 950.219782][ T50] EXT4-fs (sda1): This should not happen!! Data will be lost [ 950.219782][ T50] [ 950.239390][T24502] netlink: 186 bytes leftover after parsing attributes in process `syz.5.6183'. [ 951.302903][T24519] netlink: 25 bytes leftover after parsing attributes in process `syz.4.6188'. [ 952.909219][T24538] cougar: G6 mapped to space [ 954.279596][T24547] Process accounting paused [ 956.338994][T24580] ERROR: Out of memory at tomoyo_memory_ok. [ 956.671406][T24588] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6206'. [ 956.776348][T24591] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6207'. [ 956.965362][T24588] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 957.050240][T24595] netlink: 'syz.4.6208': attribute type 2 has an invalid length. [ 957.120914][T24595] netlink: 'syz.4.6208': attribute type 3 has an invalid length. [ 957.189696][T24595] netlink: 158 bytes leftover after parsing attributes in process `syz.4.6208'. [ 957.272542][T24595] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6208'. [ 958.056010][T24614] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6215'. [ 958.572476][T24626] program syz.5.6217 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 959.943535][T24642] random: crng reseeded on system resumption [ 959.977429][T24645] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6223'. [ 960.014468][ T5831] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 960.021469][T24646] blktrace: Concurrent blktraces are not allowed on loop12 [ 961.901782][T24683] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6234'. [ 961.954415][T24683] netlink: 'syz.0.6234': attribute type 1 has an invalid length. [ 961.980884][T24683] netlink: 'syz.0.6234': attribute type 6 has an invalid length. [ 962.355801][T24677] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 962.904817][T24708] netlink: 25 bytes leftover after parsing attributes in process `syz.2.6240'. [ 963.109089][T24710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 963.317110][T24710] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 963.879756][T24726] netlink: 206 bytes leftover after parsing attributes in process `syz.5.6247'. [ 964.216017][T24734] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6249'. [ 964.267408][T24735] netlink: 354 bytes leftover after parsing attributes in process `syz.0.6249'. [ 964.379686][T24737] __vm_enough_memory: pid: 24737, comm: syz.2.6250, bytes: 4398046511104 not enough memory for the allocation [ 964.725023][T24744] [U]  [ 964.727829][T24744] [U] [ 964.730502][T24744] [U] [ 964.733180][T24744] [U] [ 964.767231][ T30] audit: type=1326 audit(8277292274.771:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24746 comm="syz.0.6254" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd4ed78efc9 code=0x0 [ 964.847579][T24744] [U] [ 964.850293][T24744] [U] [ 964.852971][T24744] [U] [ 964.855643][T24744] [U] [ 964.869470][T24752] FAULT_INJECTION: forcing a failure. [ 964.869470][T24752] name failslab, interval 1, probability 0, space 0, times 0 [ 964.933181][T24744] [U] [ 964.935886][T24744] [U] [ 964.938554][T24744] [U] [ 964.941223][T24744] [U] [ 964.953961][T24752] CPU: 0 UID: 0 PID: 24752 Comm: syz.0.6254 Tainted: G U syzkaller #0 PREEMPT(full) [ 964.953987][T24752] Tainted: [U]=USER [ 964.953992][T24752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 964.954001][T24752] Call Trace: [ 964.954007][T24752] [ 964.954014][T24752] dump_stack_lvl+0x16c/0x1f0 [ 964.954036][T24752] should_fail_ex+0x512/0x640 [ 964.954059][T24752] ? __kmalloc_cache_noprof+0x5f/0x780 [ 964.954084][T24752] should_failslab+0xc2/0x120 [ 964.954103][T24752] __kmalloc_cache_noprof+0x72/0x780 [ 964.954125][T24752] ? snd_pcm_oss_change_params_locked+0x1db/0x3a30 [ 964.954148][T24752] ? snd_pcm_oss_change_params_locked+0x1db/0x3a30 [ 964.954174][T24752] snd_pcm_oss_change_params_locked+0x1db/0x3a30 [ 964.954198][T24752] ? trace_contention_end+0xdd/0x130 [ 964.954219][T24752] ? __mutex_lock+0x1c5/0x1060 [ 964.954238][T24752] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 964.954259][T24752] ? __pfx___mutex_lock+0x10/0x10 [ 964.954279][T24752] ? __fsnotify_parent+0x24b/0xc40 [ 964.954300][T24752] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 964.954320][T24752] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 964.954338][T24752] snd_pcm_oss_sync+0x1de/0x840 [ 964.954358][T24752] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 964.954376][T24752] snd_pcm_oss_release+0x28b/0x310 [ 964.954396][T24752] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 964.954414][T24752] __fput+0x402/0xb70 [ 964.954436][T24752] task_work_run+0x150/0x240 [ 964.954459][T24752] ? __pfx_task_work_run+0x10/0x10 [ 964.954481][T24752] ? __pfx___do_sys_close_range+0x10/0x10 [ 964.954501][T24752] exit_to_user_mode_loop+0xec/0x130 [ 964.954523][T24752] do_syscall_64+0x426/0xfa0 [ 964.954540][T24752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 964.954555][T24752] RIP: 0033:0x7fd4ed78efc9 [ 964.954567][T24752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 964.954581][T24752] RSP: 002b:00007fd4ee63c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 964.954595][T24752] RAX: 0000000000000000 RBX: 00007fd4ed9e6090 RCX: 00007fd4ed78efc9 [ 964.954604][T24752] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 964.954613][T24752] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 964.954622][T24752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 964.954631][T24752] R13: 00007fd4ed9e6128 R14: 00007fd4ed9e6090 R15: 00007ffcc47d1ef8 [ 964.954651][T24752] [ 965.205011][ C0] vkms_vblank_simulate: vblank timer overrun [ 965.353602][T24756] netlink: 268 bytes leftover after parsing attributes in process `syz.4.6255'. [ 965.477098][T24744] [U] [ 965.625898][T24758] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6256'. [ 965.640574][T24756] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6255: iget: checksum invalid [ 965.695815][T24760] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 965.721953][ C0] vkms_vblank_simulate: vblank timer overrun [ 965.738600][T24756] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 965.770252][T24756] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6255: iget: checksum invalid [ 965.788485][T24760] CIFS mount error: No usable UNC path provided in device string! [ 965.788485][T24760] [ 965.815631][T24760] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 965.850987][T24756] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 965.900628][T24756] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6255: iget: checksum invalid [ 965.948052][T24756] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 965.972575][T24756] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6255: iget: checksum invalid [ 966.024610][T24756] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 966.067875][T24756] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 966.220760][T24756] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 966.263117][T24768] FAULT_INJECTION: forcing a failure. [ 966.263117][T24768] name failslab, interval 1, probability 0, space 0, times 0 [ 966.276298][T24768] CPU: 0 UID: 0 PID: 24768 Comm: syz.2.6260 Tainted: G U syzkaller #0 PREEMPT(full) [ 966.276324][T24768] Tainted: [U]=USER [ 966.276329][T24768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 966.276338][T24768] Call Trace: [ 966.276344][T24768] [ 966.276351][T24768] dump_stack_lvl+0x16c/0x1f0 [ 966.276372][T24768] should_fail_ex+0x512/0x640 [ 966.276397][T24768] should_failslab+0xc2/0x120 [ 966.276417][T24768] kmem_cache_alloc_noprof+0x75/0x6e0 [ 966.276431][T24768] ? pcpu_alloc_noprof+0x949/0x14c0 [ 966.276446][T24768] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 966.276471][T24768] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 966.276491][T24768] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 966.276515][T24768] idr_get_free+0x528/0xa30 [ 966.276535][T24768] idr_alloc_u32+0x190/0x2f0 [ 966.276551][T24768] ? __pfx_idr_alloc_u32+0x10/0x10 [ 966.276566][T24768] ? lock_acquire+0x179/0x350 [ 966.276589][T24768] idr_alloc_cyclic+0x10b/0x230 [ 966.276604][T24768] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 966.276617][T24768] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 966.276638][T24768] ? lsm_blob_alloc+0x2b/0x90 [ 966.276659][T24768] map_create+0x143e/0x27e0 [ 966.276687][T24768] ? __pfx_map_create+0x10/0x10 [ 966.276708][T24768] ? __might_fault+0xe3/0x190 [ 966.276721][T24768] ? __might_fault+0xe3/0x190 [ 966.276734][T24768] ? __might_fault+0x13b/0x190 [ 966.276754][T24768] __sys_bpf+0x3d9d/0x4980 [ 966.276768][T24768] ? futex_private_hash_put+0x18a/0x300 [ 966.276788][T24768] ? __pfx___sys_bpf+0x10/0x10 [ 966.276804][T24768] ? __pfx_futex_wake+0x10/0x10 [ 966.276839][T24768] ? do_futex+0x122/0x350 [ 966.276867][T24768] ? fput+0x9b/0xd0 [ 966.276886][T24768] ? xfd_validate_state+0x61/0x180 [ 966.276906][T24768] ? __pfx_ksys_write+0x10/0x10 [ 966.276924][T24768] __x64_sys_bpf+0x78/0xc0 [ 966.276938][T24768] ? lockdep_hardirqs_on+0x7c/0x110 [ 966.276956][T24768] do_syscall_64+0xcd/0xfa0 [ 966.276973][T24768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 966.276988][T24768] RIP: 0033:0x7f5dafd8efc9 [ 966.277001][T24768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 966.277014][T24768] RSP: 002b:00007f5db0c0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 966.277028][T24768] RAX: ffffffffffffffda RBX: 00007f5daffe5fa0 RCX: 00007f5dafd8efc9 [ 966.277044][T24768] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000 [ 966.277055][T24768] RBP: 00007f5dafe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 966.277066][T24768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 966.277076][T24768] R13: 00007f5daffe6038 R14: 00007f5daffe5fa0 R15: 00007ffe50eee818 [ 966.277099][T24768] [ 966.554005][ C0] vkms_vblank_simulate: vblank timer overrun [ 967.135821][T24773] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6269'. [ 967.154990][T24777] FAULT_INJECTION: forcing a failure. [ 967.154990][T24777] name failslab, interval 1, probability 0, space 0, times 0 [ 967.221347][T24781] Invalid ELF header magic: != ELF [ 967.228670][T24777] CPU: 0 UID: 0 PID: 24777 Comm: syz.2.6262 Tainted: G U syzkaller #0 PREEMPT(full) [ 967.228696][T24777] Tainted: [U]=USER [ 967.228701][T24777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 967.228710][T24777] Call Trace: [ 967.228716][T24777] [ 967.228722][T24777] dump_stack_lvl+0x16c/0x1f0 [ 967.228743][T24777] should_fail_ex+0x512/0x640 [ 967.228764][T24777] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 967.228782][T24777] should_failslab+0xc2/0x120 [ 967.228801][T24777] kmem_cache_alloc_noprof+0x75/0x6e0 [ 967.228816][T24777] ? ptlock_alloc+0x1f/0x70 [ 967.228841][T24777] ? ptlock_alloc+0x1f/0x70 [ 967.228860][T24777] ptlock_alloc+0x1f/0x70 [ 967.228881][T24777] pte_alloc_one+0x84/0x350 [ 967.228898][T24777] __pte_alloc+0x6d/0x380 [ 967.228914][T24777] ? __pfx___pte_alloc+0x10/0x10 [ 967.228931][T24777] ? __pfx___might_resched+0x10/0x10 [ 967.228957][T24777] ? copy_page_range+0x1c69/0x6930 [ 967.228981][T24777] copy_page_range+0x44a1/0x6930 [ 967.229026][T24777] ? __pfx_copy_page_range+0x10/0x10 [ 967.229055][T24777] ? __pfx___might_resched+0x10/0x10 [ 967.229069][T24777] ? __pfx_mas_store+0x10/0x10 [ 967.229085][T24777] ? __vma_enter_locked+0x163/0x3f0 [ 967.229108][T24777] ? dup_mmap+0xe30/0x2280 [ 967.229127][T24777] ? down_write+0x14d/0x200 [ 967.229146][T24777] ? up_write+0x1b2/0x520 [ 967.229170][T24777] dup_mmap+0xe80/0x2280 [ 967.229196][T24777] ? __pfx_dup_mmap+0x10/0x10 [ 967.229229][T24777] copy_process+0x3f0c/0x76a0 [ 967.229258][T24777] ? __pfx_copy_process+0x10/0x10 [ 967.229275][T24777] ? futex_private_hash_put+0x176/0x300 [ 967.229296][T24777] ? futex_private_hash_put+0x18a/0x300 [ 967.229317][T24777] kernel_clone+0xfc/0x930 [ 967.229335][T24777] ? __pfx_futex_wake+0x10/0x10 [ 967.229356][T24777] ? __pfx_kernel_clone+0x10/0x10 [ 967.229373][T24777] ? __pfx_vfs_writev+0x10/0x10 [ 967.229400][T24777] __do_sys_clone+0xce/0x120 [ 967.229417][T24777] ? __pfx___do_sys_clone+0x10/0x10 [ 967.229443][T24777] ? xfd_validate_state+0x61/0x180 [ 967.229462][T24777] ? __pfx_do_writev+0x10/0x10 [ 967.229482][T24777] do_syscall_64+0xcd/0xfa0 [ 967.229499][T24777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 967.229514][T24777] RIP: 0033:0x7f5dafd8efc9 [ 967.229526][T24777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 967.229540][T24777] RSP: 002b:00007f5db0beafe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 967.229554][T24777] RAX: ffffffffffffffda RBX: 00007f5daffe6090 RCX: 00007f5dafd8efc9 [ 967.229564][T24777] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 967.229573][T24777] RBP: 00007f5dafe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 967.229581][T24777] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 967.229590][T24777] R13: 00007f5daffe6128 R14: 00007f5daffe6090 R15: 00007ffe50eee818 [ 967.229611][T24777] [ 967.588050][T24780] delete_channel: no stack [ 967.661584][T24786] ERROR: Out of memory at tomoyo_memory_ok. [ 968.431970][T24793] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.6265: iget: checksum invalid [ 968.565855][T24793] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 968.689731][T24793] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.6265: iget: checksum invalid [ 968.805985][T24793] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 968.995548][T24793] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.6265: iget: checksum invalid [ 969.154371][T24793] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 969.302673][T24793] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.6265: iget: checksum invalid [ 969.352577][T24793] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 969.395470][T24793] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 969.448729][T24793] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 969.777619][T24821] netlink: 'syz.5.6273': attribute type 2 has an invalid length. [ 969.803403][T24811] zswap: compressor not available [ 969.810200][T24821] netlink: 5 bytes leftover after parsing attributes in process `syz.5.6273'. [ 971.748285][T24847] FAULT_INJECTION: forcing a failure. [ 971.748285][T24847] name failslab, interval 1, probability 0, space 0, times 0 [ 971.839547][T24847] CPU: 0 UID: 0 PID: 24847 Comm: syz.5.6280 Tainted: G U syzkaller #0 PREEMPT(full) [ 971.839578][T24847] Tainted: [U]=USER [ 971.839584][T24847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 971.839593][T24847] Call Trace: [ 971.839598][T24847] [ 971.839605][T24847] dump_stack_lvl+0x16c/0x1f0 [ 971.839626][T24847] should_fail_ex+0x512/0x640 [ 971.839647][T24847] ? __kmalloc_noprof+0xca/0x880 [ 971.839671][T24847] should_failslab+0xc2/0x120 [ 971.839691][T24847] __kmalloc_noprof+0xdd/0x880 [ 971.839716][T24847] ? memcg_list_lru_alloc+0x4e9/0x740 [ 971.839735][T24847] ? memcg_list_lru_alloc+0x4e9/0x740 [ 971.839749][T24847] memcg_list_lru_alloc+0x4e9/0x740 [ 971.839769][T24847] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 971.839794][T24847] __memcg_slab_post_alloc_hook+0x133/0x940 [ 971.839817][T24847] ? kasan_save_track+0x14/0x30 [ 971.839835][T24847] kmem_cache_alloc_lru_noprof+0x556/0x6e0 [ 971.839850][T24847] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 971.839868][T24847] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 971.839881][T24847] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 971.839895][T24847] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 971.839910][T24847] alloc_inode+0x64/0x240 [ 971.839928][T24847] new_inode+0x22/0x1c0 [ 971.839949][T24847] hugetlbfs_get_inode+0x354/0x730 [ 971.839963][T24847] ? security_capable+0x7e/0x260 [ 971.839985][T24847] hugetlb_file_setup+0x38d/0x620 [ 971.840002][T24847] newseg+0xa74/0xe60 [ 971.840020][T24847] ? __pfx_newseg+0x10/0x10 [ 971.840036][T24847] ? ksys_write+0x190/0x250 [ 971.840053][T24847] ipcget+0xf6/0xfa0 [ 971.840068][T24847] ? do_futex+0x122/0x350 [ 971.840088][T24847] ? __pfx_do_futex+0x10/0x10 [ 971.840110][T24847] ? __pfx_ipcget+0x10/0x10 [ 971.840125][T24847] ? __x64_sys_futex+0x1e0/0x4c0 [ 971.840143][T24847] ? __x64_sys_futex+0x1e9/0x4c0 [ 971.840164][T24847] __x64_sys_shmget+0x13b/0x1b0 [ 971.840180][T24847] ? __pfx___x64_sys_shmget+0x10/0x10 [ 971.840198][T24847] ? rcu_is_watching+0x12/0xc0 [ 971.840215][T24847] do_syscall_64+0xcd/0xfa0 [ 971.840232][T24847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 971.840247][T24847] RIP: 0033:0x7f02b3f8efc9 [ 971.840260][T24847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 971.840273][T24847] RSP: 002b:00007f02b4ec4038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 971.840287][T24847] RAX: ffffffffffffffda RBX: 00007f02b41e6090 RCX: 00007f02b3f8efc9 [ 971.840297][T24847] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 971.840306][T24847] RBP: 00007f02b4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 971.840315][T24847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 971.840323][T24847] R13: 00007f02b41e6128 R14: 00007f02b41e6090 R15: 00007ffe3049da48 [ 971.840343][T24847] [ 972.192027][T24835] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 972.486881][T24855] FAULT_INJECTION: forcing a failure. [ 972.486881][T24855] name failslab, interval 1, probability 0, space 0, times 0 [ 972.538038][T24855] CPU: 0 UID: 0 PID: 24855 Comm: syz.0.6282 Tainted: G U syzkaller #0 PREEMPT(full) [ 972.538065][T24855] Tainted: [U]=USER [ 972.538070][T24855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 972.538079][T24855] Call Trace: [ 972.538085][T24855] [ 972.538091][T24855] dump_stack_lvl+0x16c/0x1f0 [ 972.538112][T24855] should_fail_ex+0x512/0x640 [ 972.538134][T24855] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 972.538155][T24855] should_failslab+0xc2/0x120 [ 972.538174][T24855] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 972.538193][T24855] ? xfrm_sysctl_init+0x10a/0x2d0 [ 972.538218][T24855] ? kmemdup_noprof+0x29/0x60 [ 972.538232][T24855] kmemdup_noprof+0x29/0x60 [ 972.538247][T24855] xfrm_sysctl_init+0x10a/0x2d0 [ 972.538270][T24855] xfrm_net_init+0x842/0xcc0 [ 972.538294][T24855] ? __pfx_xfrm_net_init+0x10/0x10 [ 972.538314][T24855] ops_init+0x1e2/0x5f0 [ 972.538331][T24855] setup_net+0x100/0x390 [ 972.538345][T24855] ? __pfx_setup_net+0x10/0x10 [ 972.538359][T24855] ? debug_mutex_init+0x37/0x70 [ 972.538377][T24855] copy_net_ns+0x2f8/0x690 [ 972.538394][T24855] create_new_namespaces+0x3ea/0xa90 [ 972.538422][T24855] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 972.538441][T24855] ksys_unshare+0x45b/0xa40 [ 972.538460][T24855] ? __pfx_ksys_unshare+0x10/0x10 [ 972.538480][T24855] ? xfd_validate_state+0x61/0x180 [ 972.538506][T24855] __x64_sys_unshare+0x31/0x40 [ 972.538524][T24855] do_syscall_64+0xcd/0xfa0 [ 972.538541][T24855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 972.538555][T24855] RIP: 0033:0x7fd4ed78efc9 [ 972.538567][T24855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 972.538581][T24855] RSP: 002b:00007fd4ee65d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 972.538595][T24855] RAX: ffffffffffffffda RBX: 00007fd4ed9e5fa0 RCX: 00007fd4ed78efc9 [ 972.538605][T24855] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 972.538613][T24855] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 972.538622][T24855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 972.538630][T24855] R13: 00007fd4ed9e6038 R14: 00007fd4ed9e5fa0 R15: 00007ffcc47d1ef8 [ 972.538650][T24855] [ 973.688889][T24868] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 963 with max blocks 4 with error 117 [ 973.799196][T24868] EXT4-fs (sda1): This should not happen!! Data will be lost [ 973.799196][T24868] [ 974.222178][T24876] sd 0:0:1:0: PR command failed: 1026 [ 974.244070][T24876] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 974.311030][T24876] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 974.578962][T24893] random: crng reseeded on system resumption [ 974.641369][ T5831] Bluetooth: hci3: unexpected event 0x3d length: 726 > 14 [ 974.641786][T24893] blktrace: Concurrent blktraces are not allowed on loop12 [ 975.437488][T24908] FAULT_INJECTION: forcing a failure. [ 975.437488][T24908] name failslab, interval 1, probability 0, space 0, times 0 [ 975.582370][T24908] CPU: 0 UID: 0 PID: 24908 Comm: syz.2.6292 Tainted: G U syzkaller #0 PREEMPT(full) [ 975.582397][T24908] Tainted: [U]=USER [ 975.582403][T24908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 975.582412][T24908] Call Trace: [ 975.582420][T24908] [ 975.582426][T24908] dump_stack_lvl+0x16c/0x1f0 [ 975.582447][T24908] should_fail_ex+0x512/0x640 [ 975.582469][T24908] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 975.582487][T24908] should_failslab+0xc2/0x120 [ 975.582507][T24908] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 975.582521][T24908] ? d_lookup+0xe7/0x190 [ 975.582541][T24908] ? alloc_inode+0x64/0x240 [ 975.582562][T24908] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 975.582584][T24908] ? alloc_inode+0x64/0x240 [ 975.582601][T24908] alloc_inode+0x64/0x240 [ 975.582620][T24908] new_inode+0x22/0x1c0 [ 975.582640][T24908] __debugfs_create_file+0x11c/0x6b0 [ 975.582656][T24908] debugfs_create_file_full+0x41/0x60 [ 975.582672][T24908] ref_tracker_dir_debugfs+0x19d/0x290 [ 975.582695][T24908] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 975.582734][T24908] ? lockdep_init_map_type+0x5c/0x280 [ 975.582758][T24908] preinit_net.part.0+0x24e/0x8a0 [ 975.582774][T24908] copy_net_ns+0x3ba/0x690 [ 975.582791][T24908] create_new_namespaces+0x3ea/0xa90 [ 975.582812][T24908] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 975.582830][T24908] ksys_unshare+0x45b/0xa40 [ 975.582849][T24908] ? __pfx_ksys_unshare+0x10/0x10 [ 975.582869][T24908] ? syscall_user_dispatch+0x78/0x140 [ 975.582896][T24908] __x64_sys_unshare+0x31/0x40 [ 975.582914][T24908] do_syscall_64+0xcd/0xfa0 [ 975.582931][T24908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 975.582945][T24908] RIP: 0033:0x7f5dafd8efc9 [ 975.582957][T24908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 975.582971][T24908] RSP: 002b:00007f5db0beb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 975.582985][T24908] RAX: ffffffffffffffda RBX: 00007f5daffe6090 RCX: 00007f5dafd8efc9 [ 975.582995][T24908] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 975.583003][T24908] RBP: 00007f5dafe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 975.583012][T24908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 975.583021][T24908] R13: 00007f5daffe6128 R14: 00007f5daffe6090 R15: 00007ffe50eee818 [ 975.583040][T24908] [ 975.588862][T24908] debugfs: out of free dentries, can not create file 'net_refcnt@ffff88805cffa628' [ 978.720442][T24978] ERROR: Out of memory at tomoyo_memory_ok. [ 978.764180][T24981] binder: 24980:24981 ioctl 5380 2000000000c0 returned -22 [ 978.794860][T24981] sd 0:0:1:0: PR command failed: 1026 [ 978.816316][T24981] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 978.843186][T24981] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 980.129230][T25000] netlink: 206 bytes leftover after parsing attributes in process `syz.0.6311'. [ 981.335346][T25018] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6316'. [ 983.129992][T25060] FAULT_INJECTION: forcing a failure. [ 983.129992][T25060] name failslab, interval 1, probability 0, space 0, times 0 [ 983.193886][T25056] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6325'. [ 983.240627][T25060] CPU: 0 UID: 0 PID: 25060 Comm: syz.2.6326 Tainted: G U syzkaller #0 PREEMPT(full) [ 983.240653][T25060] Tainted: [U]=USER [ 983.240659][T25060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 983.240668][T25060] Call Trace: [ 983.240673][T25060] [ 983.240680][T25060] dump_stack_lvl+0x16c/0x1f0 [ 983.240700][T25060] should_fail_ex+0x512/0x640 [ 983.240722][T25060] ? __kmalloc_cache_noprof+0x5f/0x780 [ 983.240748][T25060] should_failslab+0xc2/0x120 [ 983.240769][T25060] __kmalloc_cache_noprof+0x72/0x780 [ 983.240792][T25060] ? newseg+0x25a/0xe60 [ 983.240810][T25060] ? newseg+0x25a/0xe60 [ 983.240822][T25060] ? __pfx___might_resched+0x10/0x10 [ 983.240840][T25060] newseg+0x25a/0xe60 [ 983.240857][T25060] ? __pfx_newseg+0x10/0x10 [ 983.240870][T25060] ? find_held_lock+0x2b/0x80 [ 983.240886][T25060] ? ipcget+0xa98/0xfa0 [ 983.240904][T25060] ipcget+0xaf3/0xfa0 [ 983.240924][T25060] ? __pfx___might_resched+0x10/0x10 [ 983.240939][T25060] ? __pfx_ipcget+0x10/0x10 [ 983.240954][T25060] ? __x64_sys_futex+0x1e0/0x4c0 [ 983.240973][T25060] ? __x64_sys_futex+0x1e9/0x4c0 [ 983.240994][T25060] __x64_sys_shmget+0x13b/0x1b0 [ 983.241010][T25060] ? __pfx___x64_sys_shmget+0x10/0x10 [ 983.241028][T25060] ? rcu_is_watching+0x12/0xc0 [ 983.241045][T25060] do_syscall_64+0xcd/0xfa0 [ 983.241062][T25060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 983.241077][T25060] RIP: 0033:0x7f5dafd8efc9 [ 983.241089][T25060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 983.241103][T25060] RSP: 002b:00007f5db0beb038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 983.241117][T25060] RAX: ffffffffffffffda RBX: 00007f5daffe6090 RCX: 00007f5dafd8efc9 [ 983.241127][T25060] RDX: 000000000000ffff RSI: 0000000000000006 RDI: 0000000000000004 [ 983.241135][T25060] RBP: 00007f5dafe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 983.241144][T25060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 983.241152][T25060] R13: 00007f5daffe6128 R14: 00007f5daffe6090 R15: 00007ffe50eee818 [ 983.241171][T25060] [ 983.455895][ C0] vkms_vblank_simulate: vblank timer overrun [ 983.774519][T25063] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6327'. [ 984.084429][T25063] team0: Port device team_slave_1 removed [ 985.774790][T25067] Process accounting resumed [ 986.357235][T25112] block nbd7: not configured, cannot reconfigure [ 987.216014][T25124] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input21 [ 987.310659][ T5184] ERROR: Out of memory at tomoyo_memory_ok. [ 987.316878][T25124] FAULT_INJECTION: forcing a failure. [ 987.316878][T25124] name failslab, interval 1, probability 0, space 0, times 0 [ 987.409646][T25124] CPU: 0 UID: 0 PID: 25124 Comm: syz.5.6344 Tainted: G U syzkaller #0 PREEMPT(full) [ 987.409673][T25124] Tainted: [U]=USER [ 987.409678][T25124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 987.409687][T25124] Call Trace: [ 987.409693][T25124] [ 987.409699][T25124] dump_stack_lvl+0x16c/0x1f0 [ 987.409720][T25124] should_fail_ex+0x512/0x640 [ 987.409743][T25124] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 987.409760][T25124] should_failslab+0xc2/0x120 [ 987.409780][T25124] kmem_cache_alloc_noprof+0x75/0x6e0 [ 987.409795][T25124] ? skb_clone+0x190/0x3f0 [ 987.409813][T25124] ? skb_clone+0x190/0x3f0 [ 987.409824][T25124] skb_clone+0x190/0x3f0 [ 987.409839][T25124] netlink_broadcast_filtered+0xb76/0xf90 [ 987.409862][T25124] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 987.409882][T25124] ? sprintf+0xcc/0x100 [ 987.409902][T25124] ? netlink_has_listeners+0x20f/0x430 [ 987.409928][T25124] netlink_broadcast+0x39/0x50 [ 987.409944][T25124] kobject_uevent_env+0xc6a/0x1870 [ 987.409966][T25124] ? kernfs_put+0x35/0x60 [ 987.409985][T25124] ? sysfs_do_create_link_sd+0xbb/0x140 [ 987.410001][T25124] ? bus_to_subsys+0x131/0x160 [ 987.410021][T25124] device_add+0x10dd/0x1aa0 [ 987.410044][T25124] ? __pfx_device_add+0x10/0x10 [ 987.410065][T25124] ? __pfx_exact_lock+0x10/0x10 [ 987.410084][T25124] ? kobject_get+0xbb/0x150 [ 987.410102][T25124] cdev_device_add+0xc2/0x1e0 [ 987.410120][T25124] evdev_connect+0x3a4/0x4c0 [ 987.410138][T25124] input_attach_handler.isra.0+0x176/0x250 [ 987.410165][T25124] input_register_device+0xab9/0x1180 [ 987.410180][T25124] ? input_ff_create+0x221/0x350 [ 987.410200][T25124] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 987.410222][T25124] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 987.410242][T25124] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 987.410267][T25124] ? find_held_lock+0x2b/0x80 [ 987.410292][T25124] ? __pfx_uinput_ioctl+0x10/0x10 [ 987.410312][T25124] __x64_sys_ioctl+0x18e/0x210 [ 987.410334][T25124] do_syscall_64+0xcd/0xfa0 [ 987.410352][T25124] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 987.410366][T25124] RIP: 0033:0x7f02b3f8efc9 [ 987.410379][T25124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 987.410393][T25124] RSP: 002b:00007f02b4ee5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 987.410407][T25124] RAX: ffffffffffffffda RBX: 00007f02b41e5fa0 RCX: 00007f02b3f8efc9 [ 987.410416][T25124] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005 [ 987.410425][T25124] RBP: 00007f02b4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 987.410434][T25124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 987.410442][T25124] R13: 00007f02b41e6038 R14: 00007f02b41e5fa0 R15: 00007ffe3049da48 [ 987.410463][T25124] [ 988.046639][T25118] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 988.548922][T25138] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6349'. [ 989.207210][T25143] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6351'. [ 989.866493][T25157] ERROR: Out of memory at tomoyo_memory_ok. [ 990.839213][T25179] ERROR: Out of memory at tomoyo_memory_ok. [ 990.881333][T25175] ERROR: Out of memory at tomoyo_memory_ok. [ 991.142633][T25185] FAULT_INJECTION: forcing a failure. [ 991.142633][T25185] name failslab, interval 1, probability 0, space 0, times 0 [ 991.218466][T25185] CPU: 0 UID: 0 PID: 25185 Comm: syz.0.6362 Tainted: G U syzkaller #0 PREEMPT(full) [ 991.218494][T25185] Tainted: [U]=USER [ 991.218499][T25185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 991.218509][T25185] Call Trace: [ 991.218515][T25185] [ 991.218521][T25185] dump_stack_lvl+0x16c/0x1f0 [ 991.218541][T25185] should_fail_ex+0x512/0x640 [ 991.218571][T25185] ? __kmalloc_noprof+0xca/0x880 [ 991.218595][T25185] should_failslab+0xc2/0x120 [ 991.218614][T25185] __kmalloc_noprof+0xdd/0x880 [ 991.218635][T25185] ? __kernel_text_address+0xd/0x40 [ 991.218648][T25185] ? constrain_params_by_rules+0x175/0xca0 [ 991.218672][T25185] ? constrain_params_by_rules+0x175/0xca0 [ 991.218690][T25185] constrain_params_by_rules+0x175/0xca0 [ 991.218714][T25185] ? stack_trace_save+0x8e/0xc0 [ 991.218734][T25185] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 991.218758][T25185] ? __kasan_kmalloc+0xaa/0xb0 [ 991.218773][T25185] ? snd_pcm_oss_change_params_locked+0x247/0x3a30 [ 991.218791][T25185] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 991.218809][T25185] ? snd_pcm_oss_sync+0x32e/0x840 [ 991.218832][T25185] ? rcu_is_watching+0x12/0xc0 [ 991.218847][T25185] ? snd_interval_refine+0x2fa/0x580 [ 991.218863][T25185] snd_pcm_hw_refine+0x7de/0xad0 [ 991.218886][T25185] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 991.218912][T25185] ? __asan_memset+0x23/0x50 [ 991.218926][T25185] ? _snd_pcm_hw_param_min+0x259/0x630 [ 991.218946][T25185] snd_pcm_oss_change_params_locked+0x65e/0x3a30 [ 991.218972][T25185] ? __mutex_lock+0x1c5/0x1060 [ 991.218989][T25185] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 991.219023][T25185] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 991.219044][T25185] snd_pcm_oss_sync+0x32e/0x840 [ 991.219064][T25185] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 991.219083][T25185] snd_pcm_oss_release+0x28b/0x310 [ 991.219102][T25185] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 991.219120][T25185] __fput+0x402/0xb70 [ 991.219143][T25185] task_work_run+0x150/0x240 [ 991.219165][T25185] ? __pfx_task_work_run+0x10/0x10 [ 991.219186][T25185] ? __pfx___do_sys_close_range+0x10/0x10 [ 991.219207][T25185] exit_to_user_mode_loop+0xec/0x130 [ 991.219229][T25185] do_syscall_64+0x426/0xfa0 [ 991.219246][T25185] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.219264][T25185] RIP: 0033:0x7fd4ed78efc9 [ 991.219277][T25185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 991.219291][T25185] RSP: 002b:00007fd4ee65d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 991.219306][T25185] RAX: 0000000000000000 RBX: 00007fd4ed9e5fa0 RCX: 00007fd4ed78efc9 [ 991.219316][T25185] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 991.219324][T25185] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 991.219333][T25185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 991.219354][T25185] R13: 00007fd4ed9e6038 R14: 00007fd4ed9e5fa0 R15: 00007ffcc47d1ef8 [ 991.219373][T25185] [ 992.579433][T25183] random: crng reseeded on system resumption [ 994.167031][ T30] audit: type=1800 audit(8277292304.319:29): pid=25213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6368" name="dbroot" dev="configfs" ino=123969 res=0 errno=0 [ 995.728904][T25228] futex_wake_op: syz.5.6373 tries to shift op by -2048; fix this program [ 996.498189][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 996.524324][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 997.395375][T25242] netlink: 268 bytes leftover after parsing attributes in process `syz.4.6376'. [ 997.690814][T25242] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6376: iget: checksum invalid [ 997.803333][T25242] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 997.826911][T25254] FAULT_INJECTION: forcing a failure. [ 997.826911][T25254] name failslab, interval 1, probability 0, space 0, times 0 [ 997.947449][T25254] CPU: 0 UID: 0 PID: 25254 Comm: syz.5.6380 Tainted: G U syzkaller #0 PREEMPT(full) [ 997.947475][T25254] Tainted: [U]=USER [ 997.947480][T25254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 997.947490][T25254] Call Trace: [ 997.947496][T25254] [ 997.947502][T25254] dump_stack_lvl+0x16c/0x1f0 [ 997.947523][T25254] should_fail_ex+0x512/0x640 [ 997.947545][T25254] ? __kmalloc_cache_noprof+0x5f/0x780 [ 997.947571][T25254] should_failslab+0xc2/0x120 [ 997.947590][T25254] __kmalloc_cache_noprof+0x72/0x780 [ 997.947613][T25254] ? resv_map_alloc+0x7e/0x400 [ 997.947634][T25254] ? resv_map_alloc+0x7e/0x400 [ 997.947652][T25254] resv_map_alloc+0x7e/0x400 [ 997.947671][T25254] hugetlbfs_get_inode+0x33f/0x730 [ 997.947691][T25254] hugetlb_file_setup+0x15b/0x620 [ 997.947708][T25254] ksys_mmap_pgoff+0x189/0x5c0 [ 997.947729][T25254] __x64_sys_mmap+0x125/0x190 [ 997.947752][T25254] do_syscall_64+0xcd/0xfa0 [ 997.947769][T25254] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 997.947784][T25254] RIP: 0033:0x7f02b3f8efc9 [ 997.947796][T25254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 997.947810][T25254] RSP: 002b:00007f02b4ee5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 997.947825][T25254] RAX: ffffffffffffffda RBX: 00007f02b41e5fa0 RCX: 00007f02b3f8efc9 [ 997.947840][T25254] RDX: 0000000000000002 RSI: 0000000000000005 RDI: 0000000000000000 [ 997.947849][T25254] RBP: 00007f02b4011f91 R08: 0000000000000401 R09: 0000300000000000 [ 997.947858][T25254] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 997.947868][T25254] R13: 00007f02b41e6038 R14: 00007f02b41e5fa0 R15: 00007ffe3049da48 [ 997.947888][T25254] [ 998.131078][ C0] vkms_vblank_simulate: vblank timer overrun [ 998.374845][T25242] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6376: iget: checksum invalid [ 998.447179][T25242] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 998.603881][T25242] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6376: iget: checksum invalid [ 998.663606][T25242] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 998.782911][T25242] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6376: iget: checksum invalid [ 998.914628][T25242] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 999.065883][T25242] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 999.270075][T25262] FAULT_INJECTION: forcing a failure. [ 999.270075][T25262] name failslab, interval 1, probability 0, space 0, times 0 [ 999.300380][T25242] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 999.499432][T25262] CPU: 0 UID: 0 PID: 25262 Comm: syz.5.6383 Tainted: G U syzkaller #0 PREEMPT(full) [ 999.499458][T25262] Tainted: [U]=USER [ 999.499464][T25262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 999.499474][T25262] Call Trace: [ 999.499479][T25262] [ 999.499486][T25262] dump_stack_lvl+0x16c/0x1f0 [ 999.499507][T25262] should_fail_ex+0x512/0x640 [ 999.499528][T25262] ? __kmalloc_noprof+0xca/0x880 [ 999.499553][T25262] should_failslab+0xc2/0x120 [ 999.499573][T25262] __kmalloc_noprof+0xdd/0x880 [ 999.499594][T25262] ? __register_sysctl_table+0xb3/0x1900 [ 999.499619][T25262] ? __register_sysctl_table+0xb3/0x1900 [ 999.499639][T25262] __register_sysctl_table+0xb3/0x1900 [ 999.499667][T25262] ? is_module_address+0x5f/0xf0 [ 999.499691][T25262] ? __pfx___register_sysctl_table+0x10/0x10 [ 999.499711][T25262] ? is_module_address+0x69/0xf0 [ 999.499730][T25262] ? register_net_sysctl_sz+0x228/0x3e0 [ 999.499750][T25262] ? __asan_memcpy+0x3c/0x60 [ 999.499766][T25262] xfrm4_net_init+0xf0/0x1c0 [ 999.499786][T25262] ? __pfx_xfrm4_net_init+0x10/0x10 [ 999.499803][T25262] ops_init+0x1e2/0x5f0 [ 999.499820][T25262] setup_net+0x100/0x390 [ 999.499834][T25262] ? __pfx_setup_net+0x10/0x10 [ 999.499849][T25262] ? debug_mutex_init+0x37/0x70 [ 999.499867][T25262] copy_net_ns+0x2f8/0x690 [ 999.499884][T25262] create_new_namespaces+0x3ea/0xa90 [ 999.499905][T25262] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 999.499923][T25262] ksys_unshare+0x45b/0xa40 [ 999.499942][T25262] ? __pfx_ksys_unshare+0x10/0x10 [ 999.499962][T25262] ? xfd_validate_state+0x61/0x180 [ 999.499987][T25262] __x64_sys_unshare+0x31/0x40 [ 999.500005][T25262] do_syscall_64+0xcd/0xfa0 [ 999.500022][T25262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 999.500037][T25262] RIP: 0033:0x7f02b3f8efc9 [ 999.500049][T25262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 999.500064][T25262] RSP: 002b:00007f02b4ee5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 999.500078][T25262] RAX: ffffffffffffffda RBX: 00007f02b41e5fa0 RCX: 00007f02b3f8efc9 [ 999.500087][T25262] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 999.500096][T25262] RBP: 00007f02b4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 999.500104][T25262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 999.500113][T25262] R13: 00007f02b41e6038 R14: 00007f02b41e5fa0 R15: 00007ffe3049da48 [ 999.500136][T25262] [ 1000.584442][T25275] netlink: zone id is out of range [ 1000.684452][T25275] netlink: del zone limit has 4 unknown bytes [ 1000.737869][T25276] HfR: entered promiscuous mode [ 1000.779460][T25271] netlink: set zone limit has 8 unknown bytes [ 1001.159071][T25284] FAULT_INJECTION: forcing a failure. [ 1001.159071][T25284] name failslab, interval 1, probability 0, space 0, times 0 [ 1001.299447][T25284] CPU: 0 UID: 0 PID: 25284 Comm: syz.0.6387 Tainted: G U syzkaller #0 PREEMPT(full) [ 1001.299475][T25284] Tainted: [U]=USER [ 1001.299480][T25284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1001.299489][T25284] Call Trace: [ 1001.299502][T25284] [ 1001.299509][T25284] dump_stack_lvl+0x16c/0x1f0 [ 1001.299530][T25284] should_fail_ex+0x512/0x640 [ 1001.299552][T25284] ? fs_reclaim_acquire+0xae/0x150 [ 1001.299573][T25284] should_failslab+0xc2/0x120 [ 1001.299591][T25284] __kmalloc_noprof+0xdd/0x880 [ 1001.299614][T25284] ? usb_alloc_urb+0x66/0xa0 [ 1001.299635][T25284] ? usb_alloc_urb+0x66/0xa0 [ 1001.299649][T25284] usb_alloc_urb+0x66/0xa0 [ 1001.299666][T25284] usb_control_msg+0x1d3/0x4a0 [ 1001.299687][T25284] ? __pfx_usb_control_msg+0x10/0x10 [ 1001.299712][T25284] hub_ext_port_status+0x14e/0x670 [ 1001.299738][T25284] hub_activate+0x6e5/0x1d60 [ 1001.299763][T25284] ? __pfx_hub_activate+0x10/0x10 [ 1001.299781][T25284] ? find_held_lock+0x2b/0x80 [ 1001.299797][T25284] ? async_completed+0xb10/0xc60 [ 1001.299818][T25284] hub_resume+0xa8/0x3f0 [ 1001.299838][T25284] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1001.299856][T25284] ? __pfx_hub_resume+0x10/0x10 [ 1001.299875][T25284] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1001.299896][T25284] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1001.299915][T25284] usb_resume_both+0x237/0x960 [ 1001.299930][T25284] ? __pfx_usb_resume_both+0x10/0x10 [ 1001.299946][T25284] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1001.299964][T25284] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1001.299980][T25284] __rpm_callback+0xc8/0x610 [ 1001.300001][T25284] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1001.300017][T25284] rpm_callback+0x1b7/0x200 [ 1001.300034][T25284] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1001.300051][T25284] rpm_resume+0xd16/0x1320 [ 1001.300073][T25284] ? __pfx_rpm_resume+0x10/0x10 [ 1001.300090][T25284] ? do_raw_spin_lock+0x12c/0x2b0 [ 1001.300112][T25284] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1001.300141][T25284] __pm_runtime_resume+0xb6/0x170 [ 1001.300161][T25284] usb_autoresume_device+0x23/0xe0 [ 1001.300178][T25284] usbdev_open+0x228/0x8b0 [ 1001.300195][T25284] ? kobject_get_unless_zero+0x156/0x1e0 [ 1001.300212][T25284] ? __pfx_usbdev_open+0x10/0x10 [ 1001.300229][T25284] ? chrdev_open+0x10b/0x6a0 [ 1001.300248][T25284] ? __pfx_usbdev_open+0x10/0x10 [ 1001.300268][T25284] chrdev_open+0x234/0x6a0 [ 1001.300284][T25284] ? __pfx_apparmor_file_open+0x10/0x10 [ 1001.300306][T25284] ? __pfx_chrdev_open+0x10/0x10 [ 1001.300324][T25284] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1001.300344][T25284] do_dentry_open+0x982/0x1530 [ 1001.300361][T25284] ? __pfx_chrdev_open+0x10/0x10 [ 1001.300382][T25284] vfs_open+0x82/0x3f0 [ 1001.300404][T25284] path_openat+0x1de4/0x2cb0 [ 1001.300426][T25284] ? __pfx_path_openat+0x10/0x10 [ 1001.300442][T25284] ? __lock_acquire+0xb8a/0x1c90 [ 1001.300463][T25284] do_filp_open+0x20b/0x470 [ 1001.300480][T25284] ? __pfx_do_filp_open+0x10/0x10 [ 1001.300515][T25284] ? alloc_fd+0x471/0x7d0 [ 1001.300535][T25284] do_sys_openat2+0x11b/0x1d0 [ 1001.300555][T25284] ? __pfx_do_sys_openat2+0x10/0x10 [ 1001.300584][T25284] __x64_sys_openat+0x174/0x210 [ 1001.300605][T25284] ? __pfx___x64_sys_openat+0x10/0x10 [ 1001.300634][T25284] do_syscall_64+0xcd/0xfa0 [ 1001.300650][T25284] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1001.300665][T25284] RIP: 0033:0x7fd4ed78efc9 [ 1001.300678][T25284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1001.300693][T25284] RSP: 002b:00007fd4ee61b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1001.300707][T25284] RAX: ffffffffffffffda RBX: 00007fd4ed9e6180 RCX: 00007fd4ed78efc9 [ 1001.300718][T25284] RDX: 0000000000040a02 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1001.300727][T25284] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1001.300736][T25284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1001.300745][T25284] R13: 00007fd4ed9e6218 R14: 00007fd4ed9e6180 R15: 00007ffcc47d1ef8 [ 1001.300766][T25284] [ 1002.129741][T25286] ERROR: Out of memory at tomoyo_memory_ok. [ 1002.168181][T25282] FAULT_INJECTION: forcing a failure. [ 1002.168181][T25282] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1002.226857][T25282] CPU: 0 UID: 0 PID: 25282 Comm: syz.2.6388 Tainted: G U syzkaller #0 PREEMPT(full) [ 1002.226884][T25282] Tainted: [U]=USER [ 1002.226890][T25282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1002.226899][T25282] Call Trace: [ 1002.226904][T25282] [ 1002.226911][T25282] dump_stack_lvl+0x16c/0x1f0 [ 1002.226932][T25282] should_fail_ex+0x512/0x640 [ 1002.226958][T25282] _copy_from_user+0x2e/0xd0 [ 1002.226980][T25282] iommufd_fops_ioctl+0x2f5/0x540 [ 1002.226999][T25282] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 1002.227016][T25282] ? hook_file_ioctl_common+0x145/0x410 [ 1002.227039][T25282] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 1002.227055][T25282] __x64_sys_ioctl+0x18e/0x210 [ 1002.227078][T25282] do_syscall_64+0xcd/0xfa0 [ 1002.227095][T25282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1002.227109][T25282] RIP: 0033:0x7f5dafd8efc9 [ 1002.227121][T25282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1002.227135][T25282] RSP: 002b:00007f5db0c0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1002.227149][T25282] RAX: ffffffffffffffda RBX: 00007f5daffe5fa0 RCX: 00007f5dafd8efc9 [ 1002.227159][T25282] RDX: 0000000000000003 RSI: 0000000000003b8e RDI: 0000000000000006 [ 1002.227168][T25282] RBP: 00007f5dafe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1002.227176][T25282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1002.227185][T25282] R13: 00007f5daffe6038 R14: 00007f5daffe5fa0 R15: 00007ffe50eee818 [ 1002.227203][T25282] [ 1003.603416][T25299] netlink: 25 bytes leftover after parsing attributes in process `syz.4.6392'. [ 1003.714093][T25284] hub 37-0:1.0: hub_ext_port_status failed (err = -12) [ 1004.047105][T25305] hub 8-0:1.0: USB hub found [ 1004.082305][T25305] hub 8-0:1.0: 1 port detected [ 1005.823667][T25325] FAULT_INJECTION: forcing a failure. [ 1005.823667][T25325] name failslab, interval 1, probability 0, space 0, times 0 [ 1005.920395][T25325] CPU: 0 UID: 0 PID: 25325 Comm: syz.2.6400 Tainted: G U syzkaller #0 PREEMPT(full) [ 1005.920423][T25325] Tainted: [U]=USER [ 1005.920428][T25325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1005.920438][T25325] Call Trace: [ 1005.920443][T25325] [ 1005.920450][T25325] dump_stack_lvl+0x16c/0x1f0 [ 1005.920472][T25325] should_fail_ex+0x512/0x640 [ 1005.920493][T25325] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1005.920519][T25325] should_failslab+0xc2/0x120 [ 1005.920537][T25325] __kmalloc_cache_noprof+0x72/0x780 [ 1005.920562][T25325] ? resv_map_alloc+0x7e/0x400 [ 1005.920583][T25325] ? resv_map_alloc+0x7e/0x400 [ 1005.920601][T25325] resv_map_alloc+0x7e/0x400 [ 1005.920621][T25325] hugetlbfs_get_inode+0x33f/0x730 [ 1005.920640][T25325] hugetlb_file_setup+0x15b/0x620 [ 1005.920658][T25325] ksys_mmap_pgoff+0x189/0x5c0 [ 1005.920679][T25325] __x64_sys_mmap+0x125/0x190 [ 1005.920703][T25325] do_syscall_64+0xcd/0xfa0 [ 1005.920719][T25325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.920734][T25325] RIP: 0033:0x7f5dafd8efc9 [ 1005.920746][T25325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1005.920760][T25325] RSP: 002b:00007f5db0c0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1005.920773][T25325] RAX: ffffffffffffffda RBX: 00007f5daffe5fa0 RCX: 00007f5dafd8efc9 [ 1005.920783][T25325] RDX: 0000000000000002 RSI: 0000000000000005 RDI: 0000000000000000 [ 1005.920792][T25325] RBP: 00007f5dafe11f91 R08: 0000000000000401 R09: 0000300000000000 [ 1005.920801][T25325] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1005.920809][T25325] R13: 00007f5daffe6038 R14: 00007f5daffe5fa0 R15: 00007ffe50eee818 [ 1005.920828][T25325] [ 1007.313355][T25327] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1008.959640][T25379] futex_wake_op: syz.0.6415 tries to shift op by -2048; fix this program [ 1009.907311][T25387] netlink: 146 bytes leftover after parsing attributes in process `syz.0.6417'. [ 1012.064338][T25415] random: crng reseeded on system resumption [ 1013.242344][T25434] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input24 [ 1013.291818][T25433] ERROR: Out of memory at tomoyo_memory_ok. [ 1013.340175][T25434] FAULT_INJECTION: forcing a failure. [ 1013.340175][T25434] name failslab, interval 1, probability 0, space 0, times 0 [ 1013.355740][ T5184] ERROR: Out of memory at tomoyo_memory_ok. [ 1013.385420][T25439] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 1013.428250][T25434] CPU: 0 UID: 0 PID: 25434 Comm: syz.2.6430 Tainted: G U syzkaller #0 PREEMPT(full) [ 1013.428283][T25434] Tainted: [U]=USER [ 1013.428288][T25434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1013.428297][T25434] Call Trace: [ 1013.428303][T25434] [ 1013.428310][T25434] dump_stack_lvl+0x16c/0x1f0 [ 1013.428331][T25434] should_fail_ex+0x512/0x640 [ 1013.428353][T25434] ? fs_reclaim_acquire+0xae/0x150 [ 1013.428374][T25434] should_failslab+0xc2/0x120 [ 1013.428394][T25434] __kmalloc_cache_noprof+0x72/0x780 [ 1013.428418][T25434] ? kobject_uevent_env+0x265/0x1870 [ 1013.428440][T25434] ? kobject_uevent_env+0x265/0x1870 [ 1013.428459][T25434] kobject_uevent_env+0x265/0x1870 [ 1013.428477][T25434] ? __pfx_dev_uevent_name+0x10/0x10 [ 1013.428496][T25434] ? bus_to_subsys+0x131/0x160 [ 1013.428512][T25434] device_del+0x623/0x9f0 [ 1013.428532][T25434] ? __pfx_device_del+0x10/0x10 [ 1013.428551][T25434] ? find_held_lock+0x2b/0x80 [ 1013.428568][T25434] cdev_device_del+0x1d/0x110 [ 1013.428586][T25434] evdev_disconnect+0x40/0xb0 [ 1013.428602][T25434] __input_unregister_device+0x226/0x4d0 [ 1013.428620][T25434] input_unregister_device+0xb9/0x100 [ 1013.428636][T25434] uinput_destroy_device+0x1f4/0x260 [ 1013.428659][T25434] ? __pfx_uinput_release+0x10/0x10 [ 1013.428677][T25434] uinput_release+0x34/0x50 [ 1013.428694][T25434] __fput+0x402/0xb70 [ 1013.428717][T25434] task_work_run+0x150/0x240 [ 1013.428740][T25434] ? __pfx_task_work_run+0x10/0x10 [ 1013.428767][T25434] exit_to_user_mode_loop+0xec/0x130 [ 1013.428789][T25434] do_syscall_64+0x426/0xfa0 [ 1013.428806][T25434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1013.428821][T25434] RIP: 0033:0x7f5dafd8efc9 [ 1013.428833][T25434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1013.428847][T25434] RSP: 002b:00007f5db0c0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1013.428866][T25434] RAX: 0000000000000000 RBX: 00007f5daffe5fa0 RCX: 00007f5dafd8efc9 [ 1013.428875][T25434] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005 [ 1013.428883][T25434] RBP: 00007f5dafe11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1013.428892][T25434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1013.428900][T25434] R13: 00007f5daffe6038 R14: 00007f5daffe5fa0 R15: 00007ffe50eee818 [ 1013.428920][T25434] [ 1014.433341][T25448] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6435'. [ 1015.012689][T25465] netlink: 186 bytes leftover after parsing attributes in process `syz.2.6438'. [ 1016.632064][T25467] Process accounting paused [ 1017.514651][ C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 21080 ms [ 1017.523230][ C0] sl0: transmit timed out, bad line quality? [ 1018.082440][T25505] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1018.098989][T25505] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1018.183987][T25505] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1018.209832][T25505] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1018.255470][T25505] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1018.307676][T25505] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1018.642732][T25516] FAULT_INJECTION: forcing a failure. [ 1018.642732][T25516] name failslab, interval 1, probability 0, space 0, times 0 [ 1018.799703][T25516] CPU: 0 UID: 0 PID: 25516 Comm: syz.0.6451 Tainted: G U syzkaller #0 PREEMPT(full) [ 1018.799730][T25516] Tainted: [U]=USER [ 1018.799742][T25516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1018.799751][T25516] Call Trace: [ 1018.799757][T25516] [ 1018.799763][T25516] dump_stack_lvl+0x16c/0x1f0 [ 1018.799785][T25516] should_fail_ex+0x512/0x640 [ 1018.799806][T25516] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1018.799832][T25516] should_failslab+0xc2/0x120 [ 1018.799851][T25516] __kmalloc_cache_noprof+0x72/0x780 [ 1018.799873][T25516] ? lockdep_hardirqs_on+0x7c/0x110 [ 1018.799888][T25516] ? sctp_endpoint_new+0xfc/0xb20 [ 1018.799908][T25516] ? sctp_endpoint_new+0xfc/0xb20 [ 1018.799923][T25516] sctp_endpoint_new+0xfc/0xb20 [ 1018.799942][T25516] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 1018.799959][T25516] ? lockdep_init_map_type+0x5c/0x280 [ 1018.799980][T25516] ? lockdep_init_map_type+0x5c/0x280 [ 1018.800002][T25516] sctp_init_sock+0xe2b/0x12f0 [ 1018.800017][T25516] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 1018.800040][T25516] sctp_v6_init_sock+0x16/0x70 [ 1018.800055][T25516] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 1018.800071][T25516] inet6_create+0xb30/0x12b0 [ 1018.800091][T25516] ? inet6_create+0x7f/0x12b0 [ 1018.800110][T25516] __sock_create+0x338/0x8d0 [ 1018.800132][T25516] __sys_socket+0x14d/0x260 [ 1018.800150][T25516] ? __pfx___sys_socket+0x10/0x10 [ 1018.800168][T25516] ? xfd_validate_state+0x61/0x180 [ 1018.800188][T25516] ? __pfx_ksys_write+0x10/0x10 [ 1018.800207][T25516] __x64_sys_socket+0x72/0xb0 [ 1018.800224][T25516] ? lockdep_hardirqs_on+0x7c/0x110 [ 1018.800239][T25516] do_syscall_64+0xcd/0xfa0 [ 1018.800256][T25516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.800270][T25516] RIP: 0033:0x7fd4ed78efc9 [ 1018.800282][T25516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1018.800296][T25516] RSP: 002b:00007fd4ee63c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1018.800311][T25516] RAX: ffffffffffffffda RBX: 00007fd4ed9e6090 RCX: 00007fd4ed78efc9 [ 1018.800321][T25516] RDX: 0000000000000084 RSI: 0000000000000005 RDI: 000000000000000a [ 1018.800330][T25516] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1018.800339][T25516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1018.800347][T25516] R13: 00007fd4ed9e6128 R14: 00007fd4ed9e6090 R15: 00007ffcc47d1ef8 [ 1018.800366][T25516] [ 1019.468035][T25521] kAFS: unparsable volume name [ 1020.142775][ T5831] Bluetooth: hci0: command 0x0406 tx timeout [ 1020.223177][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 1020.229197][ T5831] Bluetooth: hci2: command 0x0406 tx timeout [ 1020.262602][ T5831] Bluetooth: hci0: unexpected event 0x14 length: 16 > 6 [ 1020.303898][ T5831] Bluetooth: hci4: command 0x0406 tx timeout [ 1021.471533][T25541] netlink: 354 bytes leftover after parsing attributes in process `syz.0.6460'. [ 1022.212671][ T5831] Bluetooth: hci0: command 0x0406 tx timeout [ 1022.373294][ T5831] Bluetooth: hci4: command 0x0406 tx timeout [ 1022.591643][T25562] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6466'. [ 1022.638274][T25562] netlink: 'syz.4.6466': attribute type 2 has an invalid length. [ 1024.428013][T25593] ERROR: Out of memory at tomoyo_memory_ok. [ 1027.768371][T25648] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1027.800912][T25648] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1027.831865][T25648] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1027.867726][T25648] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1029.532882][T25680] netlink: 268 bytes leftover after parsing attributes in process `syz.0.6498'. [ 1029.617183][T25680] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.6498: iget: checksum invalid [ 1029.709065][T25680] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1029.775688][T25680] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.6498: iget: checksum invalid [ 1029.792647][ T5831] Bluetooth: hci0: command 0x0406 tx timeout [ 1029.858266][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 1029.864367][ T5149] Bluetooth: hci2: command 0x0406 tx timeout [ 1029.887035][T25680] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1029.936694][ T5831] Bluetooth: hci4: command 0x0406 tx timeout [ 1029.956696][T25680] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.6498: iget: checksum invalid [ 1030.016172][T25680] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1030.080614][T25680] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.6498: iget: checksum invalid [ 1030.155573][T25680] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1030.294362][T25680] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1030.364397][T25680] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1030.931812][T25692] svc: failed to register nfsdv3 RPC service (errno 22). [ 1031.051445][T25692] svc: failed to register nfsaclv3 RPC service (errno 22). [ 1032.246468][T25713] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input25 [ 1032.297057][ T5184] ERROR: Out of memory at tomoyo_memory_ok. [ 1033.360540][T25739] netlink: 93 bytes leftover after parsing attributes in process `syz.4.6515'. [ 1033.482792][T25742] netlink: 186 bytes leftover after parsing attributes in process `syz.0.6517'. [ 1033.755063][T25747] FAULT_INJECTION: forcing a failure. [ 1033.755063][T25747] name failslab, interval 1, probability 0, space 0, times 0 [ 1033.839091][T25747] CPU: 0 UID: 0 PID: 25747 Comm: syz.0.6518 Tainted: G U syzkaller #0 PREEMPT(full) [ 1033.839118][T25747] Tainted: [U]=USER [ 1033.839123][T25747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1033.839133][T25747] Call Trace: [ 1033.839138][T25747] [ 1033.839145][T25747] dump_stack_lvl+0x16c/0x1f0 [ 1033.839165][T25747] should_fail_ex+0x512/0x640 [ 1033.839196][T25747] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1033.839213][T25747] should_failslab+0xc2/0x120 [ 1033.839232][T25747] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1033.839250][T25747] ? prepare_creds+0x2c/0x7d0 [ 1033.839274][T25747] ? prepare_creds+0x2c/0x7d0 [ 1033.839293][T25747] prepare_creds+0x2c/0x7d0 [ 1033.839315][T25747] __sys_setresuid+0x46d/0x1160 [ 1033.839335][T25747] do_syscall_64+0xcd/0xfa0 [ 1033.839352][T25747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1033.839367][T25747] RIP: 0033:0x7fd4ed78efc9 [ 1033.839378][T25747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1033.839393][T25747] RSP: 002b:00007fd4ee63c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 1033.839407][T25747] RAX: ffffffffffffffda RBX: 00007fd4ed9e6090 RCX: 00007fd4ed78efc9 [ 1033.839417][T25747] RDX: 0000000000008000 RSI: 0000000000000008 RDI: 0000000000000000 [ 1033.839426][T25747] RBP: 00007fd4ed811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1033.839435][T25747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1033.839444][T25747] R13: 00007fd4ed9e6128 R14: 00007fd4ed9e6090 R15: 00007ffcc47d1ef8 [ 1033.839463][T25747] [ 1035.641898][T25772] ERROR: Out of memory at tomoyo_memory_ok. [ 1036.088865][T25771] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6525'. [ 1036.197109][T25771] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1036.400971][T25771] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1037.652314][T25799] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 1038.572314][T25807] mkiss: ax0: crc mode is auto. [ 1040.498122][T25846] [ 1040.500464][T25846] ====================================================== [ 1040.507460][T25846] WARNING: possible circular locking dependency detected [ 1040.514459][T25846] syzkaller #0 Tainted: G U [ 1040.520420][T25846] ------------------------------------------------------ [ 1040.527413][T25846] syz.5.6541/25846 is trying to acquire lock: [ 1040.533449][T25846] ffffffff8e41fd48 (cgroup_mutex){+.+.}-{4:4}, at: cgroup_kn_lock_live+0x116/0x520 [ 1040.542747][T25846] [ 1040.542747][T25846] but task is already holding lock: [ 1040.550084][T25846] ffff888038fdd0c8 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: vfs_rmdir+0xe9/0x690 [ 1040.559469][T25846] [ 1040.559469][T25846] which lock already depends on the new lock. [ 1040.559469][T25846] [ 1040.569855][T25846] [ 1040.569855][T25846] the existing dependency chain (in reverse order) is: [ 1040.578856][T25846] [ 1040.578856][T25846] -> #3 (&type->i_mutex_dir_key#6){++++}-{4:4}: [ 1040.587274][T25846] down_read+0x9b/0x480 [ 1040.591939][T25846] walk_component+0x345/0x5b0 [ 1040.597122][T25846] path_lookupat+0x142/0x6d0 [ 1040.602214][T25846] filename_lookup+0x224/0x5f0 [ 1040.607479][T25846] kern_path+0x35/0x50 [ 1040.612045][T25846] lookup_bdev+0xd8/0x280 [ 1040.616880][T25846] bdev_file_open_by_path+0x82/0x330 [ 1040.622661][T25846] block2mtd_setup2+0x317/0xe10 [ 1040.628013][T25846] block2mtd_setup+0xbd/0x110 [ 1040.633194][T25846] param_attr_store+0x199/0x300 [ 1040.638545][T25846] module_attr_store+0x58/0x80 [ 1040.643803][T25846] sysfs_kf_write+0xf2/0x150 [ 1040.648891][T25846] kernfs_fop_write_iter+0x3af/0x570 [ 1040.654681][T25846] vfs_write+0x7d3/0x11d0 [ 1040.659508][T25846] ksys_write+0x12a/0x250 [ 1040.664335][T25846] do_syscall_64+0xcd/0xfa0 [ 1040.669336][T25846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.675727][T25846] [ 1040.675727][T25846] -> #2 (param_lock){+.+.}-{4:4}: [ 1040.682913][T25846] __mutex_lock+0x193/0x1060 [ 1040.688003][T25846] ieee80211_init_rate_ctrl_alg+0x18d/0x6b0 [ 1040.694400][T25846] ieee80211_register_hw+0x21b5/0x4120 [ 1040.700361][T25846] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 1040.706579][T25846] init_mac80211_hwsim+0x44e/0x900 [ 1040.712265][T25846] do_one_initcall+0x123/0x6e0 [ 1040.717531][T25846] kernel_init_freeable+0x5c8/0x920 [ 1040.723302][T25846] kernel_init+0x1c/0x2b0 [ 1040.728134][T25846] ret_from_fork+0x675/0x7d0 [ 1040.733229][T25846] ret_from_fork_asm+0x1a/0x30 [ 1040.738497][T25846] [ 1040.738497][T25846] -> #1 (rtnl_mutex){+.+.}-{4:4}: [ 1040.745683][T25846] __mutex_lock+0x193/0x1060 [ 1040.750777][T25846] cgrp_css_online+0xa2/0x1f0 [ 1040.755953][T25846] online_css+0xb2/0x350 [ 1040.760700][T25846] cgroup_apply_control_enable+0x702/0xbb0 [ 1040.767011][T25846] cgroup_mkdir+0x5e0/0x1310 [ 1040.772096][T25846] kernfs_iop_mkdir+0x111/0x190 [ 1040.777450][T25846] vfs_mkdir+0x593/0x8c0 [ 1040.782215][T25846] do_mkdirat+0x304/0x3e0 [ 1040.787045][T25846] __x64_sys_mkdirat+0x83/0xb0 [ 1040.792305][T25846] do_syscall_64+0xcd/0xfa0 [ 1040.797307][T25846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.803699][T25846] [ 1040.803699][T25846] -> #0 (cgroup_mutex){+.+.}-{4:4}: [ 1040.811061][T25846] __lock_acquire+0x126f/0x1c90 [ 1040.816414][T25846] lock_acquire+0x179/0x350 [ 1040.821418][T25846] __mutex_lock+0x193/0x1060 [ 1040.826530][T25846] cgroup_kn_lock_live+0x116/0x520 [ 1040.832146][T25846] cgroup_rmdir+0x20/0x2b0 [ 1040.837057][T25846] kernfs_iop_rmdir+0x106/0x170 [ 1040.842412][T25846] vfs_rmdir+0x206/0x690 [ 1040.847168][T25846] do_rmdir+0x2e8/0x3c0 [ 1040.851822][T25846] __x64_sys_rmdir+0xc5/0x110 [ 1040.856998][T25846] do_syscall_64+0xcd/0xfa0 [ 1040.862001][T25846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.868392][T25846] [ 1040.868392][T25846] other info that might help us debug this: [ 1040.868392][T25846] [ 1040.878594][T25846] Chain exists of: [ 1040.878594][T25846] cgroup_mutex --> param_lock --> &type->i_mutex_dir_key#6 [ 1040.878594][T25846] [ 1040.891693][T25846] Possible unsafe locking scenario: [ 1040.891693][T25846] [ 1040.899112][T25846] CPU0 CPU1 [ 1040.904458][T25846] ---- ---- [ 1040.909796][T25846] lock(&type->i_mutex_dir_key#6); [ 1040.915061][T25846] lock(param_lock); [ 1040.921537][T25846] lock(&type->i_mutex_dir_key#6); [ 1040.929233][T25846] lock(cgroup_mutex); [ 1040.933366][T25846] [ 1040.933366][T25846] *** DEADLOCK *** [ 1040.933366][T25846] [ 1040.941504][T25846] 3 locks held by syz.5.6541/25846: [ 1040.946674][T25846] #0: ffff888033b9a420 (sb_writers#9){.+.+}-{0:0}, at: do_rmdir+0x1e2/0x3c0 [ 1040.955447][T25846] #1: ffff88805fb0b7f0 (&type->i_mutex_dir_key#6/1){+.+.}-{4:4}, at: do_rmdir+0x233/0x3c0 [ 1040.965435][T25846] #2: ffff888038fdd0c8 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: vfs_rmdir+0xe9/0x690 [ 1040.975257][T25846] [ 1040.975257][T25846] stack backtrace: [ 1040.981124][T25846] CPU: 0 UID: 0 PID: 25846 Comm: syz.5.6541 Tainted: G U syzkaller #0 PREEMPT(full) [ 1040.981145][T25846] Tainted: [U]=USER [ 1040.981150][T25846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1040.981159][T25846] Call Trace: [ 1040.981166][T25846] [ 1040.981172][T25846] dump_stack_lvl+0x116/0x1f0 [ 1040.981190][T25846] print_circular_bug+0x275/0x350 [ 1040.981210][T25846] check_noncircular+0x14c/0x170 [ 1040.981230][T25846] __lock_acquire+0x126f/0x1c90 [ 1040.981251][T25846] lock_acquire+0x179/0x350 [ 1040.981270][T25846] ? cgroup_kn_lock_live+0x116/0x520 [ 1040.981292][T25846] ? __pfx___might_resched+0x10/0x10 [ 1040.981307][T25846] ? check_path.constprop.0+0x24/0x50 [ 1040.981324][T25846] ? cgroup_kn_lock_live+0x116/0x520 [ 1040.981344][T25846] __mutex_lock+0x193/0x1060 [ 1040.981360][T25846] ? cgroup_kn_lock_live+0x116/0x520 [ 1040.981383][T25846] ? __pfx___mutex_lock+0x10/0x10 [ 1040.981399][T25846] ? __lock_acquire+0x622/0x1c90 [ 1040.981418][T25846] ? find_held_lock+0x2b/0x80 [ 1040.981433][T25846] ? cgroup_kn_lock_live+0x116/0x520 [ 1040.981458][T25846] cgroup_kn_lock_live+0x116/0x520 [ 1040.981479][T25846] ? kernfs_root+0xee/0x2a0 [ 1040.981497][T25846] cgroup_rmdir+0x20/0x2b0 [ 1040.981510][T25846] kernfs_iop_rmdir+0x106/0x170 [ 1040.981529][T25846] ? security_inode_rmdir+0xe2/0x290 [ 1040.981552][T25846] vfs_rmdir+0x206/0x690 [ 1040.981572][T25846] do_rmdir+0x2e8/0x3c0 [ 1040.981587][T25846] ? __pfx_do_rmdir+0x10/0x10 [ 1040.981605][T25846] ? getname_flags.part.0+0x1c5/0x550 [ 1040.981626][T25846] __x64_sys_rmdir+0xc5/0x110 [ 1040.981641][T25846] do_syscall_64+0xcd/0xfa0 [ 1040.981657][T25846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.981672][T25846] RIP: 0033:0x7f02b3f8efc9 [ 1040.981685][T25846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1040.981700][T25846] RSP: 002b:00007f02b4ee5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054 [ 1040.981713][T25846] RAX: ffffffffffffffda RBX: 00007f02b41e5fa0 RCX: 00007f02b3f8efc9 [ 1040.981722][T25846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000300 [ 1040.981731][T25846] RBP: 00007f02b4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 1040.981740][T25846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1040.981748][T25846] R13: 00007f02b41e6038 R14: 00007f02b41e5fa0 R15: 00007ffe3049da48 [ 1040.981762][T25846] [ 1040.981821][ C0] vkms_vblank_simulate: vblank timer overrun [ 1041.225672][ C0] vkms_vblank_simulate: vblank timer overrun [ 1046.696878][T25874] ERROR: Out of memory at tomoyo_memory_ok.