last executing test programs: 15.304328144s ago: executing program 3 (id=2177): sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20000000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x4000000000008000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETODELAY(r1, 0x80045017, &(0x7f0000000c00)) io_uring_setup$auto(0x6, 0x0) openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, 0x0, 0x800, 0x0) ioctl$auto(0x3, 0x80004509, 0x10000000000402) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) pwrite64$auto(0xffffffffffffffff, 0x0, 0x6bc, 0x5) 13.151203122s ago: executing program 0 (id=2183): mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto_PR_SET_NAME(0xf, 0x3, 0x0, 0x7ff, 0x2) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r1 = ioctl$auto_userfaultfd_dev_fops_userfaultfd(r0, 0xfffffffffffffff8, &(0x7f0000000340)) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x4b37, 0x1) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) pipe$auto(0x0) write$auto(0x3, 0x0, 0xffd8) pread64$auto(r1, &(0x7f0000000340)='/proc/thread-sel\b\x94!\ff/net/tcp6\x00\xd2)\x0e\x892\x82\x19\xfd\x03\xc3\x8du4\xdd\t\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\x01I3\x88;x\xe9\xdbk{F\x18G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\x97\fn\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\x00\x0f\xd6\x00\f57\x83\xdd\xaa\xf0\x9c\b\x00\xe1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00t\xf5+\t\xf0^X\xf3y&\xc7]\xcb\xef\xd6\xe4\a|\x87\xe6\xb68//1@\a.t\xac\xc6\xf54\x90\x196\x9c#6\xf8\x06\xf9\x04\xc3\x13c\x12v\x9a_o\xfe\xf0\xca\xee\x90\xbb3\xa8\xc8\xad\xab\xe9\xc7v\xd57\xb1\x04QN\x15O;\xc4\x0e\x10\xd1\x1e\x80\t]/l\x1f\xca\xf5W5}\x12%\x86\x88 \x1a{\xce\x8c\x9e3\x8fa\xcf\a\x06\xff\x1e\xcb[\xf5]\xd8\xbf2\xc38\xbd', 0x458, 0x1) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5\x85\x91p\xe6\x1eRN8\x90\x86\xdde\x1cJ\x99\x00\x11\x89\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) mq_notify$auto(0xffffffffffffffff, &(0x7f0000000180)={@sival_int=0xc7, @raw=0x8, 0x790, @_tid}) socket(0xa, 0x4, 0x84) clock_nanosleep$auto(0x5, 0x1ff, &(0x7f0000000000)={0x7, 0x8}, &(0x7f0000000040)={0x7, 0x7}) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 12.798726272s ago: executing program 2 (id=2184): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) fcntl$auto_F_DUPFD_QUERY(r0, 0x403, r0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8) bpf$auto(0x6, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0xfff, 0x5, 0x10, 0x0) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) sysfs$auto(0x2, 0x4d, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8000, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x8001, 0x2) 12.520300472s ago: executing program 3 (id=2186): openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/blkio.throttle.write_iops_device\x00', 0x121002, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$dir(0xffffffffffffff9c, 0x0, 0x840, 0xc) socket(0x2b, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x7a1000, 0x0) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, 0x0, 0xc0401, 0x0) socket(0x2, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/mnt\x00') socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) semctl$auto(0x204, 0xfffffffe, 0x3, 0x7) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 12.008209081s ago: executing program 3 (id=2188): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) read$auto(0x3, 0x0, 0x1f40) read$auto(0x4, 0x0, 0xfdef) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) munmap$auto(0x8000, 0xffffffff) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_STOP_POLL(0xffffffffffffffff, 0x0, 0x44084) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000) 11.460780027s ago: executing program 0 (id=2189): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x5, 0x4020009, 0xdf, 0xeb1, r0, 0x8000) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x81, 0x0, 0x0, 0x0, 0x0) write$auto(r1, &(0x7f0000000240)='//ev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_VHOST_SET_FEATURES2(r2, 0x4008af00, &(0x7f0000000300)=0x8) syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000000), r3) sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0, 0x20}, 0x1, 0x3000700, 0x0, 0x1}, 0x8010) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x1, 0x0) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0x902, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) 11.275743041s ago: executing program 1 (id=2190): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) mmap$auto(0x0, 0x2020009, 0x4, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0x20a803, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/system/cpu/cpu0/topology/core_siblings\x00', 0x6aa40, 0x0) read$auto(r4, 0x0, 0x3) ioctl$auto_USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000280)={0x9, 0xffffff93, 0x0}) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f00000001c0)) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000140), r5) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'bond_slave_1\x00', 0x0}) sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x20, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@MACSEC_ATTR_IFINDEX={0x8, 0x1, r8}, @MACSEC_ATTR_OFFLOAD={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x44080}, 0x24048000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'ipvlan1\x00'}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x14, 0x0, 0x1, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x44004811}, 0x40000c0) 10.258654795s ago: executing program 2 (id=2191): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x80, 0x0) read$auto(r0, 0x0, 0x200000fff) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bdi/1:9/power/autosuspend_delay_ms\x00', 0x8103, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x80a02, 0x0) openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x40802, 0x0) socket(0x10, 0x2, 0x0) open(0x0, 0x261c2, 0x84) io_uring_setup$auto(0xf, 0x0) socket(0x18, 0xa, 0x1) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$auto(0x1e, 0x0, 0x7, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa042, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 10.120624767s ago: executing program 2 (id=2192): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x1d, 0x3, 0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) memfd_secret$auto(0x0) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, &(0x7f0000000140)="d1807307", 0x4) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2081, 0x0) unshare$auto(0x40000080) pread64$auto(0xffffffffffffffff, 0x0, 0x8, 0x2aa00b6e) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5) poll$auto(0x0, 0x4, 0x100004) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=ANY=[@ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x40) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vidtv.0/i2c-0/delete_device\x00', 0x1, 0x0) 9.811297476s ago: executing program 1 (id=2193): openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x582, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) ioctl$auto(0x3, 0x4020565a, 0x38) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder0\x00', 0x800, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x101, 0x0) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x10303f, 0x0) ioctl$auto_SNAPSHOT_ATOMIC_RESTORE(r1, 0x3304, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x1, 0x84) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0) r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 9.760375391s ago: executing program 0 (id=2194): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vivid.0/video4linux/video10/dev_debug\x00', 0x40000, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r1, 0x0, 0x3) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r2, 0x0, 0xb4d3) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x400, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x80802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(0x0, 0x0) r5 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r5, 0x7a7, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0xcf}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xb}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) 9.752022991s ago: executing program 3 (id=2195): socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x20c01, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x50b880, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/cmdline\x00', 0x481, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/fib_trie\x00', 0x0, 0x0) pread64$auto(r2, 0x0, 0x8, 0x7fff) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, 0x0) unshare$auto(0x40000080) 8.077695681s ago: executing program 0 (id=2196): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6) unshare$auto(0x40000080) socket(0x1e, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) tgkill$auto(0x0, 0x1, 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x100000000021, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4) openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000080)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000040)={0x15, 0x3, 0x1}}) 8.057726614s ago: executing program 1 (id=2197): unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/thread-self/net/snmp\x00', 0x101100, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000140)=""/103, 0x67) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x9, 0x20000000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r1 = socket(0x2b, 0x1, 0x1) socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x89a0, 0x4) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) unshare$auto(0x40000080) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000280)="978693dc87b1c1fd2f1eb908a830a927", 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) 2.790146513s ago: executing program 3 (id=2198): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$dir(0xffffffffffffff9c, 0x0, 0x381000, 0x100) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r0, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(0x0, 0x6041, 0x0) socket(0x6, 0x2, 0x6) semctl$auto_SETVAL(0x4, 0xfffffff7, 0x10, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/ad_actor_system\x00', 0x0, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/lockd/nlm_end_grace\x00', 0x8282, 0x0) write$auto(0x3, 0x0, 0x7) 2.769381015s ago: executing program 2 (id=2199): mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, 0xffffffffffffffff, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) mmap$auto(0x3, 0x4, 0x0, 0x10, r0, 0x2) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000004c0)=""/244, 0xf4) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/module/i915/parameters/mitigations\x00', 0x88302, 0x0) sendfile$auto(r1, r1, 0x0, 0x7ffff000) socket$nl_generic(0x10, 0x3, 0x10) move_mount$auto(0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x77) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0xa02, 0x0) writev$auto(r3, &(0x7f0000000100)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080) socket(0x10, 0x2, 0x14) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f0000000100)={0x24100, 0x0, 0x0, 0x0, {0x3}, 0x0, 0xffffffffffffff3b, 0x0, 0x0}, 0x58) 2.658212172s ago: executing program 0 (id=2200): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x183941, 0x0) seccomp$auto(0x401, 0x10, 0x0) unshare$auto(0x40000080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x8) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa) madvise$auto(0x0, 0x1, 0x10) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) semctl$auto(0x1ff, 0x2, 0x13, 0x4) read$auto_ptdump_fops_(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x7fff, 0xeb1, 0x401, 0x9000) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x7d, 0x0, 0x0) 2.651344494s ago: executing program 1 (id=2201): r0 = open(&(0x7f0000000140)='./file0\x00', 0x161342, 0x100) write$auto(r0, &(0x7f0000000000)='}\x00', 0x5) unshare$auto(0x40000080) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000f00)={0x14, r2, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) r3 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000e00)='/sys/kernel/debug/kvm/halt_attempted_poll\x00', 0xc42, 0x0) flistxattr$auto(r3, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff) r5 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_WRITE(r5, 0x40085507, &(0x7f0000000080)={0x1, 0x0, 0x9}) semctl$auto_GETVAL(0x0, 0x1, 0xc, 0x10000) madvise$auto(0x0, 0x8, 0x6) ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(r0, 0xc0385868, &(0x7f0000000100)={r4, &(0x7f0000001400)="2c5bb551e04fb67b10dff9bba500a377aea5be75fb495b0e59f3a925fa2b89f6af1257fa6681ac35cf29afea3cf5e9297bcee7e84ffe8fad962a2d373d2a90c640ae66c272244abd9af5871acf2d9b88d48f27ac14a7f38332f5570b675123db389ed8b0a6586f919e768e9b09f43ad03d3fc006277229b7a960e985775646b8e19bc7522d9e470763f9a536989474339242850d98abce6827d1b9f62e146cda5688e623a6b196df3679260d2ad03ca2cb5846c5df0e15293d385810ed7493a085ff477a8341f014d827b4a5916560174eea9e3552b1789a2ca3cf436136055de5d6c999b6299aaa77e5959239c955b8a4716855032416d368165395a97fa7325f8c111b88c65bb2557d8edde4887515489f35adf63477b355b2160748b93583bddd64a6cf26eb6e0b4d341b0d29597f22a601651f7cb611796709d3f878d8f479c51e5c28de62ebbd3b8e893c8c2186834ae691f7afa8b9f3591cd52ceeb4424ff50118d0f0cd5e3d320695ab38f42d231873cb51f001f759c184be0768765a07aef54081524e08f381792b0d13d0e563ca7e0ebee3262ba8851cb1cb4fb2e14e1b27ca3acfee93d712ddb5250335834f74960b0aceab7f6d91b4d538cd81b8f412a4df5653fefc7e748ebd20918bda446173953598ed0c0d5735db7959dc7eb0315138d2c42dc24ead671f40e34b30f4952d92fe6c05964033006a211b2d20e715d55e4af0fdc295ea04f3a52ee499f839fe418b165f446bb9a1336d49eede0456b64e6c3c71a6ccc548c6fcf2c724f401543916376d30ca51e8f535b36c2a0547b250bbe204797abebb4f9e7efe0fefe406f56630d793977a5d3a9d88864de2389bc6e0ad2bb899ec14c2d6cf6663e80e6afd612cff2652e75701c1352fa4407b13da4cfd26d12008acc0b4f092f228ee96443e10ffe43221b9b7569dd91194ca8cf03209a1c121309febdf67d8867076c73c712e5220882e1e440648de6d2227243d6479604af5fb2dbeca739dbff8b418cc527f0ba85d67f9051466496d750bb4a1337ca05005b38ecd70ee8d6ec1353ee9e4a02c549408a39533adbda2b9dbb9d444954c3c0f67412a3a5ebdf8782edab56c5f1a3bfbedfaf26739cf699940b381827b2b386c1f5e3299ce603dc9a28c0800e4d69d499b09aafc024fadfbbd9b0b62b0e2e5155fe421be8b6b119c6e9cb574d1b56d90cd5465cf45b15e9c01ff8fbcc2e22c11265842c2129dcfed17e591fa5861816baff35d7c0c5223414db53a234d9a0a748602642a1ab5514a42e03356020ea03829dca5398de40bb7474bbe23a0fcbd1fc0abf54377245c5b7a5b83a0dbc3941a3e06cbda94aa287c728e972d3e8c90528fc4ca7dfb76028695f2752e6571ba0c7aba342641cda46dedf5991ea087ff29d7930619e44cad37f31a73855aa849d52264591d22cfdc89e9ff78b8d234046771bec99968310c1650e7c3a2f015b9cec33c79f7bc17b10b1d0e31086b5c98af89aa1b83f31313cb0dd5e81a70873990a1fbd88c754d106e1adb5ecc2da7254bb1bb498d48334443295099776846221915ca053decab532771cce6a672934b5794c1fa93b3dea9989a428ba61c064ee6b359c68bb1f1a126a46651ce6cff2d46b375f04f433147259686cb71917d655c5c7b38179745ba98fc929b155b7c895ef4797a24389cd3efbe3db1effa3493387dfa487dc9c50694f6413c31cc945c812f00dc9a40f79236e76ff0c32c65de77aa908600ac9fb77d99703f73543691c2b93a6e24b833f693033233aa1e85b921e28ee9a4f3f6e077c4e44d7c261bc979750d44c0f5a94052512570a60bf2bd3285b6c41178d653343b8d4b3d033b0ab4fc8107ed957b0f6624e960b01413b900a98ebe81cc60891f7fae0965bbc18dec1e6e6bc61ae30e46ac04c0fff9813c2dee47eef64beaec1ffcfd952fc3a556895a400464fbe5248202263946c0ad8e3952872834621d78e94c1cc506d154726d44e5f295eceeba44b2ac6636a40948c94f5d72f39ef02c04c0a1e97c547793c4407e3ac383a9e12835b2076dcbc80c57b35948bfd59638d5ef4df973d22746b990c0bd5b1b99b31e7a883c94924dff0c758c7ce8ed6439e0ec21933e5e36d9647a0fbba1b5fdeaf95eccc74182f46eba9f5e73fb09c4eb3edec255d4a6dba57accd8d161c94f515bd247852840ba36077f40e8d86b1d25b2e0e952af339b454cf75033c0887a5ce826b1bbb0aebd47856f30a848bb39e9fd5bbd080137133d9093b0a8a3ce79987c39f233630d0496af51788c8e96f66df74525bd9233fde8adebb8e0572758013c06bfa085447d741ac6d438c17cacf04190332fa4a2585d18e46d0a1c4875e885bf3537358d0ae514691d7268e2fd5dd420107994ddca55f98498ebba26e33355555a1952c37790a98f46bb266fd7d052f51c5879011720a119aeecfb9e7f2fd3187af3167a200df913574c6f4cbdbf5784cb56a893c093b38166dbbf19348acf67b79325bbc39336e0b32752e66f96e78cfae222bd0b5362341982ab98ddb4aa7b90b250093a13237515569b27cfe4489d0e7951bd9c3b65085cda29d0fd540d22d1ac7e141113f0dd7d50df603ff8f659652410e7408000bfde55617cb1cded308f682686f134201f7d549b99aff15c61866f5a7fd77d0cbd95398137d648be1db6ccc885f0306e64b0c9582d7a8c3cca52fda3c04f31709ccdc1cd3d8b13142bf1e343b85b5906a7a3efd77cd1946733c89af2f71bf70383d5e38c4cf14309d9e010721519f84341728f36a513022f53ea89ddf81900ebe994abb60b9359d2782e6219278f50722841e24f1816687befdd81c56bed8e52df06ec395e06027104eb01fbb2dc8ae310f4597ab046394b715134e79c4f88d3b41a77abfcc798cb9a9367adebc96307bb7cd95842d0b2a3f7750484774ff4a3e333707134dbee5fd1daa30b9ebca8b1f28445c88d09de402eb60f0bb5ee768eff981e05dd4a3856c220a7a70555fb1f5f33d95f2567efabaf85630f012c6c01f9f1df1debeb0bc3a4e6afaf14b6defd4ca56da49f5d8929a76f65ff63cb3d28bf977152d28a63b3ee8502ab6008d4a1a144167d0726896ed233f21b56f6ececb64f46bd51144ece5a672ba8f68eca487b0f637a82b9e9892f96734370fec7e4fc21cab78fa64f09eff370ce5a6c33c7c022552763fbd5ea05a8d3047284a734df325d2ac5019b27b026130fd05001f76f516ecf36bbdb22827e7fdfc507d60e7bfcaf805de49c8fa58aa3f75e2df8171a6f40e682cc1a8de7f20d68c40c6a7cb5a87877d772a3cb1eeb8b7ea5854908fa30a2bc2ef333722a288337cc326f2a17cd445ffd18d845f8c2dbcbce4824574126eb05757431c550a44364b359b82f39e2df723cd9116b3b62d66c49144fe1164f8c07edd034a8d21d376c4c501be65a27ce3ea2f36aacfa54ee7a1177bb1aa60f76d191cb80bc191396e9ece109937ff6a5922ed413b9fd3b5a790c8b160c6a0beae06c4271af55c9c1ab7f749a87ddb4919a50cb78073ffb5ef834a16d2c94c579f7311ce2195cec96311d8cdcd09582ef92b3761000dbe9eb8c60cb8b4fd8ce09dafb5a68cfef4b180a2ac75384cc52debac07ac5b40392f195f9be4b17810b3354936013ef7a2f689c115f19e2abc5264c79dc9f93bc4a0c35f8157e92be97f8908d3fed93a89fb1f66c33d7280ee66900c33065375d2c2436135615801f7048f5a537634a962ca9781a571cd871b8d1e7cc0e40cb59b8522e2e166074ab123a2243ef7d09e03fe74ebc3eb8331487c1c1e2db2f06837629d628f4010d6b9fef5c47803498620a60a4688705bab3c415541bca2242ddc0ba9b3fe70068c75955cbfa1e7fc33f614a5ba5788c10fd4929d6cc780515960478d6615e71e62d4b5930f7daf42076a5fac2c372c92cc306184c8195cfd19f5e98f73af12e7e14abfff6b93ce5e234ce0442824db8429e1e8c5bef4a28c3371bf30e98f50fcf942fcc6174aa03f44a77d66193c1a247384bc2c2fae36a02e3eafdc3094527d90401ec89484ec6a43b8f4e7ebaa04a5ec51cc2be9129679eb9bcaf81466d2b467a7cb6a0bb9e53e7b6dd0cea3de965917ccef1a6d941c609d43a2408a6136e3748b29e54b4e69c28be6620173a9893151d23891194e7ba9cf56cbe8cd30546b263b744efb5154e5a2e06adf509981f19dbb0feed7520c52c5a3ed62eed8cdf46e19eca8bc84d8f73e720256df4f716394aa6cb92a50c89ba2515cd946ff45aa35f895116a60120d832ce70c4277d45cb0dfb8afb246286ef75651f0b397f8d6f3c3ad7a9180152e8e4364884d84385ad74ba3d2dcaccf5e21d8e4810cd9959224d89fff89d60f97e8cf9c77382327ced8325ca1d2cecb143efa96f0b0301ed370db243f4deddfdc6ef791c1b4fe615bc5bf4949f00584fa28d261baf4945ef222ccff7bd18faf957e9d1c6d9499af2f7995837761a8152577aa77206a88901e69db0228406ec3140383dd63568bff61afc6efe183053795872cb9c182cb92b52ad15b41751817a633ca7632ac0aa2e5499cdb707201a4dac86533cc04c1f193e8924a5a324d86a5b5904b6f1860a6450feb38696990819e82b3a4f5384556cc24c85c80e8123156afa0c638ad227286e2a204b33f2d607a44e5ca499b9298bb16bfd58d27b59fae8fad50987933f3a4034528ef3733a442fa99ed1886cd9ac4d07ca86384c498f344368eaed895aa9566c775fcc70a3768f8205cf29d1f419a939dc56c2f7210d28e8ea6c337dcc2eb03d25ffc489aeae9d258871560d7d6429685aea4ddce53b847192699dfc02888d41b82ae60741bd3073dde05fce5969862766b9ab211e759dce510906c74ad13a325f721c6871ef142b3600df7a9098fa1be9f84767f7f7b5e7c14956b97717f06e6fd34641b820331feb28aa97ebf1a8d14f6d73a574020389933d7aaab1b0960c7aca7ee5eae13f957d0d5c04f441ad039d073a7d3630d84f4c5189ec186a89e6d5965cf53bbf0bd7b899379018da8b256e100049413036aafb52ae32d942666169eacdf241865526d004f61372851bdffede574003ad2c50ce0cc6808313f6f3d35c2b44d504b54911fc59e2e3fd08e0bd8e06cd917ba95df3c9f6a617c027a5c3d87b247d11828e07f5a6b30b3c6bea14cf17c6dc9693d36e0c4a9a932bd9e4a587b419d1c85912b9a236375624d51740b1c74701bf4a293a5063924b46edacf283e697d26165463e5c0c07b581dfec755351fa6537df8e485150c58f4cf3eeb089f89fb79a85db0370939ca89944bf652dec413a100905e6c572448ae38a0108c688f4f8cc7dabfb99e504ab984d462fffd16b172b1a7d6cb2761cfa0f3d1b02b6388df78ea3a3ec647e43176a189f9bede7de709efcb23ae359e1be6d7459dd76311b97edb789e7bc9ecd4b18cc8b060d0fa55d9cdf5addc28a0178c384ce6695775f5aecd8669f22911bec465f7cbce2de4e5a40ffc2ad9cce810a5228292cf180dcd536c905028c831f31c82b24fe9553d51f660b", 0xfffff596, 0x0, 0x5, &(0x7f0000000240)="e98d4fdb7ddab4e567ef3519ef0a3819d29b44a27fdaf919278950455925e516a151d3d40301ba963cd5cb744a39f2f9029d5ad58d1736a6344ec5ba7bd8c2bafa4d1baeb19336ed4994be3649d8df129bbdfd74a14bba07cfdcd92ac00916b1b5d240000946cd793aba9ea2ce11bc53a7e4dbb10de9d4ca0b8879d480dfc68f9ec73eb55f2368b108a9a4ad4d29", &(0x7f00000000c0)=0x3}) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r4, &(0x7f0000003480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40c4}, 0xc000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) lseek$auto(0x3, 0x2, 0x4) 1.696520615s ago: executing program 2 (id=2202): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0xd97f760c479e8c8e, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_ubifs_dir_operations_ubifs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/power\x00', 0x400, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r2, r2, 0x0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000200)='/dev/video47\x00', 0x380, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000600)='/sys/kernel/profiling\x00', 0xa001, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0x1, 0x1) ioctl$auto(r3, 0xc0585611, r3) r4 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000240), r2) sendmsg$auto_KSMBD_EVENT_SHUTTING_DOWN(r1, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r4, 0x4, 0x70bd29, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x280c8}, 0x800) r5 = socket(0x10, 0x2, 0x15) r6 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETFAMILY(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r6, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}}, 0x8080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x230000, 0x0) write$auto(r0, 0x0, 0x2197) 1.478057428s ago: executing program 1 (id=2203): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, r0, 0x8000) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0) sendmmsg$auto(0x3, 0x0, 0x7878, 0x7000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r1, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000000000)={0x38, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_FLAGS={0x8, 0x4, 0x1}, @HWSIM_ATTR_ADDR_TRANSMITTER={0x4}, @HWSIM_ATTR_COOKIE={0xc}, @HWSIM_ATTR_SIGNAL={0x8, 0x6, 0xffffffcc}, @HWSIM_ATTR_TX_INFO={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000041}, 0x800) sched_get_priority_min$auto(0x40) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) sysfs$auto(0x2, 0x3c, 0x0) r3 = fsopen$auto(0x0, 0x1) fsconfig$auto(r3, 0x6, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) getpriority$auto_PRIO_PGRP(0x1, 0x0) r4 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r4, &(0x7f0000000000), 0x0) r5 = socket(0xa, 0x5, 0x84) sendto$auto(r5, 0x0, 0x34000, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80fffe040100"}, 0x1c) 1.338779341s ago: executing program 0 (id=2204): socket(0x10, 0x3, 0x6) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x5, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x55) listen$auto(0x3, 0x81) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = gettid() kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x4) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioperm$auto(0x3, 0x5, 0x149) kill$auto(r0, 0x11) syz_clone3(&(0x7f0000000380)={0x4081080, 0x0, 0x0, 0x0, {0x37}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000640), 0x401, 0x0) write$auto_bm_register_operations_binfmt_misc(r1, &(0x7f0000000100)="b5fcb5114c179410cc977d", 0xb) prctl$auto(0x3e, 0x4000000000001, 0x0, 0x1, 0x0) sysfs$auto(0x2, 0x100000000000036, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) 163.95348ms ago: executing program 2 (id=2205): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x340, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) msgctl$auto(0x3, 0xb7, &(0x7f0000000180)={{0x4, 0x0, 0xffffffffffffffff, 0x3, 0x418, 0xf, 0x2}, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x8, 0x9, 0x967, 0xc, 0xffffffffffffffff, 0x6, 0x3, 0x11d4, 0x8, @raw=0x5, @inferred=0xffffffffffffffff}) msgctl$auto_IPC_STAT(0x3ff, 0x2, &(0x7f0000000280)={{0x9, 0xee01, 0xee01, 0x4, 0x5, 0x7f, 0x3}, &(0x7f0000000200)=0x7, &(0x7f0000000240)=0x1, 0x496, 0xd, 0x100, 0x7, 0x80000001, 0x5, 0xff00, 0x9, @inferred=0x0, @inferred=0xffffffffffffffff}) msgctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000000480)={{0x1, r2, r3, 0x10001, 0xfffffff7, 0x5, 0x6}, &(0x7f0000000380), &(0x7f00000003c0)=0x2, 0x0, 0x5, 0x9, 0x3, 0x8001, 0x1, 0xf72, 0x8, @inferred=r4, @raw=0x3}) socket(0x2, 0x1, 0x106) fcntl$auto(0x3, 0x4, 0xa553) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) getresuid$auto(0xfffffffffffffffc, 0xfffffffffffffffe, 0xfffffffffffffffc) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f0000001880)={0x3c0, r1, 0x20, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_MLO_LINKS={0x364, 0x138, 0x0, 0x1, [{0x360, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULES={0x10, 0x22, 0x0, 0x1, [@nested={0xc, 0x9c, 0x0, 0x1, [@generic, @generic, @nested={0x4, 0xf3}, @nested={0x4, 0x4}]}]}, @NL80211_ATTR_SCAN_SSIDS={0x34a, 0x2d, 0x0, 0x1, [@nested={0x1ae, 0xd1, 0x0, 0x1, [@generic="135c7bbec3a2d8138f0795b620e57bdc203bb28f9d262d8efe4eb98f54eb7e9e9a02825245a0f974a4841c97673cb55c3e9a317a2f7b8a877dd7853013e47220663d709e7ca942fe636e094645cf764e4ea3921a073f7dba7db11c6fce51b76ef91e746f0021cf67206dc9c823208a876dcd7d7e8070f2a0ec12ae4d1cb276bca12de5a7db8ce1f79d8002d767b3bc5a68320d5e856c2e373f8127bbdedd99a0", @generic="2e8ec4d04fbe750368f6155bea25f83deba909dca6c890f8ceeba60c01fe75013a2c913d793200b312", @generic="5709e05b5a1a9ce9c0bc43ebaba5f76e15df55510a1941b242b094a76d8c8ac7528854f88f2b5ea9bac12ce565e397f2f2a426b48a471cce7a520f0133a91b7955bef18004b9b329260de5f2ec29181e2282b04bbbc078b6c161a798ca783f227a55715dff808a33e9f997bea35811233eb4a7a77d19878784d1f90fb012d17cec0f9d9dcf143c97d0c170545a5bbd45", @generic="8a3e5b7a749500a7cbc816a64a055707cafe74fb12b515cceb8110ab66f424099929078111bbae094fb0de291751ce61d35887936355b22baaf740b880b992980de6e6c28a6d813ee8e8036bb6a52bc650"]}, @nested={0x34, 0xf7, 0x0, 0x1, [@typed={0x8, 0x30, 0x0, 0x0, @uid=r2}, @typed={0x8, 0x15, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x9, 0x0}}, @nested={0x4, 0xe0}, @nested={0x4, 0x89}, @typed={0x8, 0x97, 0x0, 0x0, @pid}, @typed={0x8, 0x53, 0x0, 0x0, @ipv4=@private=0xa010100}, @nested={0x4, 0x97}, @nested={0x4, 0xc8}]}, @nested={0x97, 0x135, 0x0, 0x1, [@generic="3e005002c992c6c4bc72f0c7b607cf5d24b21525647d081e9eaeb73abad9b0c3a035503deae0d1d1aa3b274a9f9bd80c74d8d1bcfeb98c904b32ba7ba740d4bcd5db502c0e549e1cf3cb28335b08dca1c7c9c95a1bbe9b20d004967f9393128beb078be9f7fc059040065e9316e075aa0b81176b4505a9aab0d2671a26f4e817abc2d4c0f9664c77f78be4235da507", @nested={0x4, 0x60}]}, @typed={0x8, 0x4a, 0x0, 0x0, @uid=r5}, @generic="74d3082ba4d43874b338915f88eb5b06a1774adee7dccb432405222f81c98f15159b135d0cca44518d5ef91c16b38fa1a01c4a6a1a7c84ae60d5109a5565d9da9ad357684df8d6bc65e104bc4c36d39d502c15da87a2e44c33103d581b2d0e148c999a53371816ceae0de22820e7630e9099f97eafea66c55d84c031b78d9ea94c50a0f69ebd2b4cd3b094c0e1a69edf53ceba6795e0fc11e392f90f35902d63e38f6406c9c7eb0be1b3159a74afaeb08ce5883fda09b807023638bfd9db0822049a"]}]}]}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6, 0x143, 0x9}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0xe2, 0xb}}, @NL80211_ATTR_WIPHY_NAME={0x5, 0x2, '\x00'}, @NL80211_ATTR_MLD_ADDR={0x30, 0x13a, "6c775a7b0f7d76366b313a9bb950fa8e4e60753f791b88277054b89fff3cc02154edc02e204952689dda3ce6"}]}, 0x3c0}, 0x1, 0x0, 0x0, 0x840}, 0x800) unshare$auto(0x40000080) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r7, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x2c, r8, 0x23, 0x70bd27, 0x25dfdbfe, {}, [@MACSEC_ATTR_SA_CONFIG={0xc, 0x3, 0x0, 0x1, [@nested={0x5, 0x1, 0x0, 0x1, [@generic="03"]}]}, @MACSEC_ATTR_RXSC_CONFIG={0x4}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008008}, 0x0) r9 = timerfd_create$auto(0x6b, 0x7fff) ioctl$auto_XFS_IOC_ALLOCSP(r9, 0x4030580a, &(0x7f0000000400)={0x2, 0x3, 0x8, 0x8, 0x4, r6}) ptrace$auto_PTRACE_SETREGS(0xd, r10, 0x5, 0xc) 19.528697ms ago: executing program 1 (id=2206): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x10, 0x2, 0x14) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x156) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) signalfd$auto(0xffffffff, 0x0, 0x8) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) socket(0x10, 0x2, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x40, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(0x0, 0x6) socket(0x21, 0x2, 0x2) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4010}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) 0s ago: executing program 3 (id=2207): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x1000c011) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="b6f0df4f0f1549c4bd712f6fd54a7a952f93af5de497bd07eeb893648e4cc4cd52faf37c8be75c643f6430cf2eeb64118411caf55ca132ebca62becd7c65f2012851d2c56b582a4320f0ad0e871866", @ANYBLOB="1a"], 0x1ac}}, 0x4048815) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYBLOB="19"], 0x1ac}}, 0x40000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r0, r1, 0x0, 0x3) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) semctl$auto(0xc, 0x2, 0x13, 0x100004) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/nfsfs/volumes\x00', 0x0, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0) poll$auto(&(0x7f0000000000)={0xffffffffffffffff, 0x3, 0x4}, 0xb, 0x7) write$auto(r0, 0x0, 0x9) kernel console output (not intermixed with test programs): 234423][T11066] ? css_rstat_updated+0x1c2/0x510 [ 494.234473][T11066] do_futex+0x11a/0x350 [ 494.234512][T11066] ? __pfx_do_futex+0x10/0x10 [ 494.234550][T11066] ? find_held_lock+0x2b/0x80 [ 494.234581][T11066] ? handle_mm_fault+0x2ab/0xd10 [ 494.234635][T11066] __x64_sys_futex+0x1e0/0x4c0 [ 494.234679][T11066] ? exc_page_fault+0x5c/0xb0 [ 494.234720][T11066] ? __pfx___x64_sys_futex+0x10/0x10 [ 494.234763][T11066] ? xfd_validate_state+0x61/0x180 [ 494.234834][T11066] do_syscall_64+0xcd/0x490 [ 494.234880][T11066] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 494.234911][T11066] RIP: 0033:0x7fd70218ebe9 [ 494.234935][T11066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 494.234965][T11066] RSP: 002b:00007fd702fd6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 494.234993][T11066] RAX: ffffffffffffffda RBX: 00007fd7023b5fa0 RCX: 00007fd70218ebe9 [ 494.235026][T11066] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000 [ 494.235042][T11066] RBP: 00007fd702211e19 R08: 0000000000000000 R09: 0000000000000006 [ 494.235059][T11066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 494.235075][T11066] R13: 00007fd7023b6038 R14: 00007fd7023b5fa0 R15: 00007ffc8c879e98 [ 494.235111][T11066] [ 494.799634][T11088] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1394'. [ 494.907917][T11088] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1394'. [ 497.254079][ T30] audit: type=1800 audit(4294967560.729:13): pid=11123 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1414" name="members" dev="configfs" ino=34270 res=0 errno=0 [ 498.885363][ T30] audit: type=1804 audit(4294967562.359:14): pid=11141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1408" name="/newroot/334/file0" dev="tmpfs" ino=1775 res=1 errno=0 [ 499.290662][ T30] audit: type=1804 audit(4294967562.749:15): pid=11133 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1408" name="/newroot/334/file0" dev="tmpfs" ino=1775 res=1 errno=0 [ 499.659010][T11150] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1420'. [ 503.058823][T11184] warning: `syz.0.1428' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 504.421408][T11190] kexec: Could not allocate control_code_buffer [ 506.544200][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.551046][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.968779][T11226] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 506.987394][T11226] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 506.996974][T11226] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 507.015124][T11226] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 507.098380][T11199] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 508.557943][T11244] ERROR: Out of memory at tomoyo_memory_ok. [ 508.790368][ T5864] Bluetooth: hci0: command 0x0406 tx timeout [ 509.028319][ T5864] Bluetooth: hci3: command 0x0406 tx timeout [ 509.031901][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 509.034441][ T5864] Bluetooth: hci1: command 0x0406 tx timeout [ 510.692253][ T30] audit: type=1800 audit(4294967574.169:16): pid=11259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1438" name="members" dev="configfs" ino=34552 res=0 errno=0 [ 513.227554][T11270] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1440'. [ 519.396552][T11345] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 519.442572][T11345] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 519.474384][T11345] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 519.586640][T11345] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 519.966841][T11385] ERROR: Out of memory at tomoyo_memory_ok. [ 520.090716][T11385] FAULT_INJECTION: forcing a failure. [ 520.090716][T11385] name failslab, interval 1, probability 0, space 0, times 0 [ 520.118320][T11385] CPU: 0 UID: 0 PID: 11385 Comm: syz.2.1464 Not tainted syzkaller #0 PREEMPT(full) [ 520.118362][T11385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 520.118381][T11385] Call Trace: [ 520.118391][T11385] [ 520.118403][T11385] dump_stack_lvl+0x16c/0x1f0 [ 520.118450][T11385] should_fail_ex+0x512/0x640 [ 520.118492][T11385] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 520.118533][T11385] should_failslab+0xc2/0x120 [ 520.118574][T11385] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 520.118612][T11385] ? __d_alloc+0x32/0xae0 [ 520.118656][T11385] __d_alloc+0x32/0xae0 [ 520.118699][T11385] d_alloc_parallel+0x111/0x1480 [ 520.118763][T11385] ? __pfx_d_alloc_parallel+0x10/0x10 [ 520.118834][T11385] ? lockdep_init_map_type+0x5c/0x280 [ 520.118883][T11385] ? lockdep_init_map_type+0x5c/0x280 [ 520.118936][T11385] __lookup_slow+0x193/0x460 [ 520.118997][T11385] ? __pfx___lookup_slow+0x10/0x10 [ 520.119068][T11385] ? perf_trace_mm_compaction_suitable_template+0x410/0x5e0 [ 520.119128][T11385] ? perf_trace_mm_compaction_suitable_template+0x410/0x5e0 [ 520.119191][T11385] ? d_lookup+0xe7/0x190 [ 520.119249][T11385] lookup_noperm+0xe1/0x110 [ 520.119301][T11385] simple_start_creating+0xd1/0x1b0 [ 520.119340][T11385] start_creating.part.0+0x82/0x190 [ 520.119378][T11385] __debugfs_create_file+0xa7/0x6b0 [ 520.119421][T11385] debugfs_create_file_full+0x41/0x60 [ 520.119463][T11385] ? __pfx_do_setup+0x10/0x10 [ 520.119505][T11385] ref_tracker_dir_debugfs+0x19d/0x290 [ 520.119556][T11385] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 520.119636][T11385] ? __kvmalloc_node_noprof+0x298/0x620 [ 520.119671][T11385] ? trace_kmalloc+0x2b/0xd0 [ 520.119720][T11385] ? lockdep_init_map_type+0x5c/0x280 [ 520.119773][T11385] alloc_netdev_mqs+0x30f/0x1530 [ 520.119829][T11385] internal_dev_create+0x8a/0x520 [ 520.119881][T11385] ovs_vport_add+0x144/0x4d0 [ 520.119929][T11385] new_vport+0x16/0x1d0 [ 520.119966][T11385] ovs_dp_cmd_new+0x6ba/0xe60 [ 520.120014][T11385] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 520.120062][T11385] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 520.120116][T11385] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 520.120186][T11385] genl_family_rcv_msg_doit+0x206/0x2f0 [ 520.120240][T11385] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 520.120307][T11385] ? bpf_lsm_capable+0x9/0x10 [ 520.120335][T11385] ? security_capable+0x7e/0x260 [ 520.120370][T11385] ? ns_capable+0xd7/0x110 [ 520.120407][T11385] genl_rcv_msg+0x55c/0x800 [ 520.120463][T11385] ? __pfx_genl_rcv_msg+0x10/0x10 [ 520.120516][T11385] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 520.120569][T11385] netlink_rcv_skb+0x155/0x420 [ 520.120614][T11385] ? __pfx_genl_rcv_msg+0x10/0x10 [ 520.120667][T11385] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 520.120730][T11385] ? netlink_deliver_tap+0x1ae/0xd30 [ 520.120779][T11385] genl_rcv+0x28/0x40 [ 520.120823][T11385] netlink_unicast+0x5aa/0x870 [ 520.120878][T11385] ? __pfx_netlink_unicast+0x10/0x10 [ 520.120923][T11385] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 520.120967][T11385] ? __lock_acquire+0xb97/0x1ce0 [ 520.121021][T11385] netlink_sendmsg+0x8d1/0xdd0 [ 520.121075][T11385] ? __pfx_netlink_sendmsg+0x10/0x10 [ 520.121128][T11385] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 520.121177][T11385] ____sys_sendmsg+0xa95/0xc70 [ 520.121211][T11385] ? copy_msghdr_from_user+0x10a/0x160 [ 520.121255][T11385] ? __pfx_____sys_sendmsg+0x10/0x10 [ 520.121307][T11385] ___sys_sendmsg+0x134/0x1d0 [ 520.121353][T11385] ? __pfx____sys_sendmsg+0x10/0x10 [ 520.121450][T11385] __sys_sendmsg+0x16d/0x220 [ 520.121494][T11385] ? __pfx___sys_sendmsg+0x10/0x10 [ 520.121538][T11385] ? __x64_sys_futex+0x1e0/0x4c0 [ 520.121607][T11385] do_syscall_64+0xcd/0x490 [ 520.121657][T11385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 520.121691][T11385] RIP: 0033:0x7f765078ebe9 [ 520.121716][T11385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 520.121749][T11385] RSP: 002b:00007f765155b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 520.121781][T11385] RAX: ffffffffffffffda RBX: 00007f76509b5fa0 RCX: 00007f765078ebe9 [ 520.121803][T11385] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000006 [ 520.121828][T11385] RBP: 00007f7650811e19 R08: 0000000000000000 R09: 0000000000000000 [ 520.121850][T11385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 520.121869][T11385] R13: 00007f76509b6038 R14: 00007f76509b5fa0 R15: 00007ffd14eb9108 [ 520.121913][T11385] [ 520.705405][T11385] HfR: entered promiscuous mode [ 521.341039][ T5864] Bluetooth: hci0: command 0x0406 tx timeout [ 521.498397][ T5864] Bluetooth: hci2: command 0x0406 tx timeout [ 521.504991][ T5864] Bluetooth: hci1: command 0x0406 tx timeout [ 521.658324][ T5864] Bluetooth: hci3: command 0x0406 tx timeout [ 522.572709][T11411] FAULT_INJECTION: forcing a failure. [ 522.572709][T11411] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 522.636066][T11411] CPU: 1 UID: 0 PID: 11411 Comm: syz.1.1467 Not tainted syzkaller #0 PREEMPT(full) [ 522.636109][T11411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 522.636135][T11411] Call Trace: [ 522.636145][T11411] [ 522.636158][T11411] dump_stack_lvl+0x16c/0x1f0 [ 522.636204][T11411] should_fail_ex+0x512/0x640 [ 522.636255][T11411] should_fail_alloc_page+0xe7/0x130 [ 522.636299][T11411] prepare_alloc_pages+0x3c2/0x610 [ 522.636355][T11411] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 522.636397][T11411] ? find_held_lock+0x2b/0x80 [ 522.636430][T11411] ? page_table_check_set+0x627/0x750 [ 522.636475][T11411] ? page_table_check_set+0x631/0x750 [ 522.636514][T11411] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 522.636559][T11411] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 522.636605][T11411] ? const_folio_flags+0x5b/0x100 [ 522.636654][T11411] ? const_folio_flags+0x5b/0x100 [ 522.636709][T11411] ? folio_remove_rmap_pmd+0x2eb/0x7d0 [ 522.636751][T11411] ? split_huge_pmd_locked+0x116/0x3a10 [ 522.636802][T11411] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 522.636861][T11411] ? policy_nodemask+0xea/0x4e0 [ 522.636928][T11411] alloc_pages_mpol+0x1fb/0x550 [ 522.636976][T11411] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 522.637021][T11411] ? __split_huge_pmd+0x203/0x350 [ 522.637079][T11411] folio_alloc_mpol_noprof+0x36/0x2f0 [ 522.637142][T11411] vma_alloc_folio_noprof+0xed/0x1e0 [ 522.637194][T11411] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 522.637246][T11411] ? rcu_read_unlock+0x2d/0xb0 [ 522.637293][T11411] do_wp_page+0x1e5b/0x4f00 [ 522.637367][T11411] ? __pfx_do_wp_page+0x10/0x10 [ 522.637420][T11411] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 522.637471][T11411] ? ___pte_offset_map+0x2ad/0x4f0 [ 522.637525][T11411] __handle_mm_fault+0x1b2d/0x2a50 [ 522.637570][T11411] ? __pfx___handle_mm_fault+0x10/0x10 [ 522.637610][T11411] ? __lock_acquire+0xb97/0x1ce0 [ 522.637677][T11411] handle_mm_fault+0x589/0xd10 [ 522.637721][T11411] __get_user_pages+0x551/0x34a0 [ 522.637790][T11411] ? __pfx___get_user_pages+0x10/0x10 [ 522.637851][T11411] __gup_longterm_locked+0xa92/0x17e0 [ 522.637908][T11411] ? is_bpf_text_address+0x8a/0x1a0 [ 522.637954][T11411] ? __pfx___gup_longterm_locked+0x10/0x10 [ 522.638032][T11411] ? find_held_lock+0x2b/0x80 [ 522.638077][T11411] gup_fast_fallback+0xf78/0x23f0 [ 522.638147][T11411] ? __pfx_stack_trace_save+0x10/0x10 [ 522.638201][T11411] ? __kasan_kmalloc+0xaa/0xb0 [ 522.638237][T11411] ? __pfx_gup_fast_fallback+0x10/0x10 [ 522.638288][T11411] ? __x64_sys_futex+0x1e0/0x4c0 [ 522.638330][T11411] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 522.638385][T11411] get_user_pages_fast+0xa7/0xf0 [ 522.638437][T11411] ? __pfx_get_user_pages_fast+0x10/0x10 [ 522.638502][T11411] get_futex_key+0x2c6/0x1560 [ 522.638547][T11411] ? __pfx_get_futex_key+0x10/0x10 [ 522.638592][T11411] ? kasan_save_track+0x14/0x30 [ 522.638630][T11411] ? __kasan_kmalloc+0xaa/0xb0 [ 522.638674][T11411] futex_lock_pi+0x1cc/0x7c0 [ 522.638730][T11411] ? __pfx_futex_lock_pi+0x10/0x10 [ 522.638779][T11411] ? __futex_wait+0x24c/0x2f0 [ 522.638835][T11411] ? lockdep_hardirqs_on+0x7c/0x110 [ 522.638908][T11411] ? futex_private_hash_put+0x18a/0x300 [ 522.638956][T11411] ? __pfx_futex_wake_mark+0x10/0x10 [ 522.639021][T11411] ? do_writev+0x218/0x340 [ 522.639066][T11411] do_futex+0x11a/0x350 [ 522.639111][T11411] ? __pfx_do_futex+0x10/0x10 [ 522.639158][T11411] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 522.639219][T11411] __x64_sys_futex+0x1e0/0x4c0 [ 522.639270][T11411] ? __pfx___x64_sys_futex+0x10/0x10 [ 522.639315][T11411] ? __pfx_do_writev+0x10/0x10 [ 522.639365][T11411] do_syscall_64+0xcd/0x490 [ 522.639415][T11411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 522.639449][T11411] RIP: 0033:0x7f3522b8ebe9 [ 522.639476][T11411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 522.639511][T11411] RSP: 002b:00007f35239ae038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 522.639544][T11411] RAX: ffffffffffffffda RBX: 00007f3522db5fa0 RCX: 00007f3522b8ebe9 [ 522.639568][T11411] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000 [ 522.639589][T11411] RBP: 00007f3522c11e19 R08: 0000000000000000 R09: 0000000000000006 [ 522.639611][T11411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 522.639632][T11411] R13: 00007f3522db6038 R14: 00007f3522db5fa0 R15: 00007ffd08251118 [ 522.639677][T11411] [ 523.982179][T11424] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 524.042180][T11424] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 524.118747][T11424] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 524.133247][T11424] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 525.900854][ T5864] Bluetooth: hci0: command 0x0406 tx timeout [ 526.058349][ T5864] Bluetooth: hci1: command 0x0406 tx timeout [ 526.139105][ T5864] Bluetooth: hci3: command 0x0406 tx timeout [ 526.145352][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 526.974944][T11466] FAULT_INJECTION: forcing a failure. [ 526.974944][T11466] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 527.000103][T11466] CPU: 1 UID: 0 PID: 11466 Comm: syz.3.1479 Not tainted syzkaller #0 PREEMPT(full) [ 527.000144][T11466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 527.000163][T11466] Call Trace: [ 527.000174][T11466] [ 527.000187][T11466] dump_stack_lvl+0x16c/0x1f0 [ 527.000236][T11466] should_fail_ex+0x512/0x640 [ 527.000283][T11466] should_fail_alloc_page+0xe7/0x130 [ 527.000328][T11466] prepare_alloc_pages+0x3c2/0x610 [ 527.000374][T11466] ? stack_trace_save+0x8e/0xc0 [ 527.000416][T11466] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 527.000464][T11466] ? kasan_save_stack+0x42/0x60 [ 527.000499][T11466] ? kasan_save_stack+0x33/0x60 [ 527.000533][T11466] ? kasan_save_track+0x14/0x30 [ 527.000567][T11466] ? __kasan_kmalloc+0xaa/0xb0 [ 527.000600][T11466] ? fuse_dev_alloc+0x8e/0x280 [ 527.000647][T11466] ? fuse_dev_alloc_install+0x13/0x40 [ 527.000704][T11466] ? cuse_channel_open+0x100/0x7f0 [ 527.000748][T11466] ? misc_open+0x35d/0x420 [ 527.000780][T11466] ? chrdev_open+0x234/0x6a0 [ 527.000819][T11466] ? do_dentry_open+0x982/0x1530 [ 527.000861][T11466] ? vfs_open+0x82/0x3f0 [ 527.000905][T11466] ? path_openat+0x1de4/0x2cb0 [ 527.000939][T11466] ? look_up_lock_class+0x6b/0x150 [ 527.000978][T11466] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 527.001043][T11466] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 527.001093][T11466] ? policy_nodemask+0xea/0x4e0 [ 527.001137][T11466] alloc_pages_mpol+0x1fb/0x550 [ 527.001180][T11466] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 527.001221][T11466] ? fuse_dev_alloc_install+0x2b/0x40 [ 527.001279][T11466] folio_alloc_noprof+0x20/0x2d0 [ 527.001326][T11466] cuse_channel_open+0x198/0x7f0 [ 527.001372][T11466] ? __pfx_cuse_channel_open+0x10/0x10 [ 527.001420][T11466] misc_open+0x35d/0x420 [ 527.001453][T11466] ? __pfx_misc_open+0x10/0x10 [ 527.001486][T11466] chrdev_open+0x234/0x6a0 [ 527.001528][T11466] ? __pfx_apparmor_file_open+0x10/0x10 [ 527.001563][T11466] ? __pfx_chrdev_open+0x10/0x10 [ 527.001605][T11466] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 527.001649][T11466] do_dentry_open+0x982/0x1530 [ 527.001698][T11466] ? __pfx_chrdev_open+0x10/0x10 [ 527.001747][T11466] vfs_open+0x82/0x3f0 [ 527.001798][T11466] path_openat+0x1de4/0x2cb0 [ 527.001849][T11466] ? __pfx_path_openat+0x10/0x10 [ 527.001896][T11466] do_filp_open+0x20b/0x470 [ 527.001934][T11466] ? __pfx_do_filp_open+0x10/0x10 [ 527.002003][T11466] ? alloc_fd+0x471/0x7d0 [ 527.002049][T11466] do_sys_openat2+0x11b/0x1d0 [ 527.002098][T11466] ? __pfx_do_sys_openat2+0x10/0x10 [ 527.002151][T11466] ? __pfx___might_resched+0x10/0x10 [ 527.002195][T11466] __x64_sys_openat+0x174/0x210 [ 527.002247][T11466] ? __pfx___x64_sys_openat+0x10/0x10 [ 527.002316][T11466] do_syscall_64+0xcd/0x490 [ 527.002365][T11466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.002397][T11466] RIP: 0033:0x7fd70218ebe9 [ 527.002423][T11466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 527.002455][T11466] RSP: 002b:00007fd702fb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 527.002487][T11466] RAX: ffffffffffffffda RBX: 00007fd7023b6090 RCX: 00007fd70218ebe9 [ 527.002508][T11466] RDX: 0000000000041000 RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 527.002530][T11466] RBP: 00007fd702211e19 R08: 0000000000000000 R09: 0000000000000000 [ 527.002550][T11466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 527.002570][T11466] R13: 00007fd7023b6128 R14: 00007fd7023b6090 R15: 00007ffc8c879e98 [ 527.002612][T11466] [ 527.535044][T11476] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78002 [ 527.544871][T11476] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 527.555809][T11476] memcg:ffff888076635701 [ 527.560463][T11476] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 527.568738][T11476] page_type: f5(slab) [ 527.572779][T11476] raw: 00fff00000000040 ffff88801b84b000 ffffea0001f4b780 dead000000000003 [ 527.582058][T11476] raw: 0000000000000000 0000000000100010 00000000f5000000 ffff888076635701 [ 527.591038][T11476] head: 00fff00000000040 ffff88801b84b000 ffffea0001f4b780 dead000000000003 [ 527.629791][T11476] head: 0000000000000000 0000000000100010 00000000f5000000 ffff888076635701 [ 527.648317][T11476] head: 00fff00000000001 ffffea0001e00081 00000000ffffffff 00000000ffffffff [ 527.688438][T11476] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 527.845009][T11476] page dumped because: unmovable page [ 527.908787][T11476] page_owner tracks the page as allocated [ 527.914915][T11476] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5871, tgid 5871 (syz-executor), ts 97412636526, free_ts 97281443579 [ 528.041331][T11476] post_alloc_hook+0x1c0/0x230 [ 528.071488][T11476] get_page_from_freelist+0x132b/0x38e0 [ 528.077263][T11476] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 528.084696][ T5216] ERROR: Out of memory at tomoyo_memory_ok. [ 528.122709][T11476] alloc_pages_mpol+0x1fb/0x550 [ 528.127965][T11476] new_slab+0x247/0x330 [ 528.151299][T11476] ___slab_alloc+0xcf2/0x1740 [ 528.172780][T11476] __slab_alloc.constprop.0+0x56/0xb0 [ 528.209589][T11476] __kmalloc_cache_noprof+0xfb/0x3e0 [ 528.215095][T11476] alloc_netdev_mqs+0xe58/0x1530 [ 528.240900][T11476] rtnl_create_link+0xc08/0xf90 [ 528.261348][T11476] rtnl_newlink+0xb69/0x2000 [ 528.280865][T11476] rtnetlink_rcv_msg+0x95b/0xe90 [ 528.289185][T11476] netlink_rcv_skb+0x155/0x420 [ 528.308456][T11476] netlink_unicast+0x5aa/0x870 [ 528.336780][T11476] netlink_sendmsg+0x8d1/0xdd0 [ 528.378291][T11476] __sys_sendto+0x4a0/0x520 [ 528.394669][T11476] page last free pid 5865 tgid 5865 stack trace: [ 528.414934][T11476] __free_frozen_pages+0x7d5/0x10f0 [ 528.423865][T11476] __put_partials+0x165/0x1c0 [ 528.428675][T11476] qlist_free_all+0x4d/0x120 [ 528.433280][T11476] kasan_quarantine_reduce+0x195/0x1e0 [ 528.438821][T11476] __kasan_slab_alloc+0x69/0x90 [ 528.443725][T11476] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 528.449320][T11476] __kernfs_new_node+0xd2/0x8e0 [ 528.454272][T11476] kernfs_new_node+0x13c/0x1e0 [ 528.461589][T11476] __kernfs_create_file+0x53/0x350 [ 528.467183][T11476] sysfs_add_file_mode_ns+0x207/0x3c0 [ 528.472710][T11476] internal_create_group+0x578/0xf30 [ 528.478041][T11476] internal_create_groups+0x9d/0x150 [ 528.483433][T11476] device_add+0x77f/0x1aa0 [ 528.487903][T11476] netdev_register_kobject+0x1a9/0x3d0 [ 528.493467][T11476] register_netdevice+0x13dc/0x2270 [ 528.498838][T11476] macsec_newlink+0x512/0x1d70 [ 530.586952][T11501] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 530.593486][T11501] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 530.616614][T11501] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 530.636921][T11501] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 531.507885][T11519] FAULT_INJECTION: forcing a failure. [ 531.507885][T11519] name failslab, interval 1, probability 0, space 0, times 0 [ 531.630312][T11519] CPU: 1 UID: 0 PID: 11519 Comm: syz.2.1491 Not tainted syzkaller #0 PREEMPT(full) [ 531.630354][T11519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 531.630372][T11519] Call Trace: [ 531.630383][T11519] [ 531.630396][T11519] dump_stack_lvl+0x16c/0x1f0 [ 531.630442][T11519] should_fail_ex+0x512/0x640 [ 531.630487][T11519] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 531.630530][T11519] should_failslab+0xc2/0x120 [ 531.630572][T11519] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 531.630610][T11519] ? __kernfs_new_node+0xd2/0x8e0 [ 531.630655][T11519] __kernfs_new_node+0xd2/0x8e0 [ 531.630699][T11519] ? __pfx___kernfs_new_node+0x10/0x10 [ 531.630750][T11519] ? find_held_lock+0x2b/0x80 [ 531.630800][T11519] ? kernfs_root+0xee/0x2a0 [ 531.630884][T11519] kernfs_new_node+0x13c/0x1e0 [ 531.630941][T11519] __kernfs_create_file+0x53/0x350 [ 531.630982][T11519] sysfs_add_file_mode_ns+0x207/0x3c0 [ 531.631034][T11519] internal_create_group+0x578/0xf30 [ 531.631090][T11519] ? __pfx_internal_create_group+0x10/0x10 [ 531.631158][T11519] sysfs_slab_add+0x1a3/0x1e0 [ 531.631197][T11519] do_kmem_cache_create+0x529/0x720 [ 531.631238][T11519] ? __kmem_cache_create_args+0x205/0x390 [ 531.631281][T11519] __kmem_cache_create_args+0x225/0x390 [ 531.631324][T11519] mon_text_open+0x313/0x4f0 [ 531.631363][T11519] ? __pfx_mon_text_open+0x10/0x10 [ 531.631398][T11519] ? __debugfs_file_get+0x1fe/0x840 [ 531.631449][T11519] ? __pfx_mon_text_ctor+0x10/0x10 [ 531.631485][T11519] ? __pfx_apparmor_file_open+0x10/0x10 [ 531.631519][T11519] ? lockdown_is_locked_down+0x3f/0x130 [ 531.631552][T11519] ? bpf_lsm_locked_down+0x9/0x10 [ 531.631589][T11519] ? __pfx_mon_text_open+0x10/0x10 [ 531.631624][T11519] full_proxy_open_regular+0x1b6/0x360 [ 531.631661][T11519] do_dentry_open+0x982/0x1530 [ 531.631703][T11519] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 531.631746][T11519] vfs_open+0x82/0x3f0 [ 531.631801][T11519] path_openat+0x1de4/0x2cb0 [ 531.631855][T11519] ? __pfx_path_openat+0x10/0x10 [ 531.631908][T11519] do_filp_open+0x20b/0x470 [ 531.631949][T11519] ? __pfx_do_filp_open+0x10/0x10 [ 531.632021][T11519] ? alloc_fd+0x471/0x7d0 [ 531.632069][T11519] do_sys_openat2+0x11b/0x1d0 [ 531.632120][T11519] ? __pfx_do_sys_openat2+0x10/0x10 [ 531.632195][T11519] __x64_sys_openat+0x174/0x210 [ 531.632248][T11519] ? __pfx___x64_sys_openat+0x10/0x10 [ 531.632318][T11519] do_syscall_64+0xcd/0x490 [ 531.632369][T11519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 531.632402][T11519] RIP: 0033:0x7f765078ebe9 [ 531.632429][T11519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 531.632462][T11519] RSP: 002b:00007f765155b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 531.632494][T11519] RAX: ffffffffffffffda RBX: 00007f76509b5fa0 RCX: 00007f765078ebe9 [ 531.632515][T11519] RDX: 0000000000026040 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 531.632536][T11519] RBP: 00007f7650811e19 R08: 0000000000000000 R09: 0000000000000000 [ 531.632556][T11519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 531.632575][T11519] R13: 00007f76509b6038 R14: 00007f76509b5fa0 R15: 00007ffd14eb9108 [ 531.632617][T11519] [ 532.159108][T11519] SLUB: Unable to add cache mon_text_ffff88807a8b2400 to sysfs [ 532.168666][ T5864] Bluetooth: hci0: command 0x0406 tx timeout [ 532.618764][ T5864] Bluetooth: hci2: command 0x0406 tx timeout [ 532.618784][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 532.698479][ T5864] Bluetooth: hci3: command 0x0406 tx timeout [ 534.908293][ T30] audit: type=1800 audit(4294967598.359:17): pid=11574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1501" name="file0" dev="tmpfs" ino=2030 res=0 errno=0 [ 535.166659][T11569] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1500'. [ 536.014909][T11585] ERROR: Out of memory at tomoyo_memory_ok. [ 536.900714][T11585] HfR: entered promiscuous mode [ 539.191712][T11614] usbcore.quirks: string doesn't fit in 127 chars. [ 539.436964][T11619] FAULT_INJECTION: forcing a failure. [ 539.436964][T11619] name failslab, interval 1, probability 0, space 0, times 0 [ 539.484634][T11619] CPU: 1 UID: 0 PID: 11619 Comm: syz.0.1519 Not tainted syzkaller #0 PREEMPT(full) [ 539.484663][T11619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 539.484677][T11619] Call Trace: [ 539.484685][T11619] [ 539.484692][T11619] dump_stack_lvl+0x16c/0x1f0 [ 539.484725][T11619] should_fail_ex+0x512/0x640 [ 539.484757][T11619] ? fs_reclaim_acquire+0xae/0x150 [ 539.484791][T11619] ? tomoyo_encode2+0x100/0x3e0 [ 539.484825][T11619] should_failslab+0xc2/0x120 [ 539.484854][T11619] __kmalloc_noprof+0xd2/0x510 [ 539.484879][T11619] ? d_absolute_path+0x136/0x1a0 [ 539.484915][T11619] tomoyo_encode2+0x100/0x3e0 [ 539.484949][T11619] tomoyo_encode+0x29/0x50 [ 539.484979][T11619] tomoyo_realpath_from_path+0x18f/0x6e0 [ 539.485019][T11619] tomoyo_check_open_permission+0x2ab/0x3c0 [ 539.485054][T11619] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 539.485109][T11619] ? do_raw_spin_lock+0x12c/0x2b0 [ 539.485150][T11619] tomoyo_file_open+0x6b/0x90 [ 539.485171][T11619] security_file_open+0x84/0x1e0 [ 539.485202][T11619] do_dentry_open+0x596/0x1530 [ 539.485237][T11619] vfs_open+0x82/0x3f0 [ 539.485273][T11619] path_openat+0x1de4/0x2cb0 [ 539.485310][T11619] ? __pfx_path_openat+0x10/0x10 [ 539.485343][T11619] do_filp_open+0x20b/0x470 [ 539.485370][T11619] ? __pfx_do_filp_open+0x10/0x10 [ 539.485415][T11619] ? alloc_fd+0x471/0x7d0 [ 539.485446][T11619] do_sys_openat2+0x11b/0x1d0 [ 539.485498][T11619] ? __pfx_do_sys_openat2+0x10/0x10 [ 539.485545][T11619] __x64_sys_openat+0x174/0x210 [ 539.485582][T11619] ? __pfx___x64_sys_openat+0x10/0x10 [ 539.485631][T11619] do_syscall_64+0xcd/0x490 [ 539.485665][T11619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 539.485688][T11619] RIP: 0033:0x7f3c7b18ebe9 [ 539.485706][T11619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 539.485730][T11619] RSP: 002b:00007f3c7bf7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 539.485752][T11619] RAX: ffffffffffffffda RBX: 00007f3c7b3b6090 RCX: 00007f3c7b18ebe9 [ 539.485767][T11619] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 539.485781][T11619] RBP: 00007f3c7b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 539.485795][T11619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 539.485809][T11619] R13: 00007f3c7b3b6128 R14: 00007f3c7b3b6090 R15: 00007ffdc2ecf408 [ 539.485838][T11619] [ 539.485905][T11619] ERROR: Out of memory at tomoyo_realpath_from_path. [ 546.265356][T11691] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1528'. [ 546.458433][T11691] hsr_slave_0: left promiscuous mode [ 546.504948][ T5864] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 546.505421][T11691] hsr_slave_1: left promiscuous mode [ 546.648387][ T30] audit: type=1804 audit(4294967610.119:18): pid=11697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1529" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 547.814403][T11711] netlink: 13 bytes leftover after parsing attributes in process `syz.2.1530'. [ 549.015155][T11715] sp0: Synchronizing with TNC [ 550.710965][T11741] sp0: Synchronizing with TNC [ 553.152224][T11770] zswap: compressor 000 not available [ 553.840263][T11786] ubi: mtd0 is already attached to ubi0 [ 554.063518][T11793] serio: Serial port ttyS0 [ 555.254130][T11807] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 555.462598][ T5219] ERROR: Out of memory at tomoyo_memory_ok. [ 557.038649][T11836] vhci_hcd: invalid port number 16 [ 557.070072][T11836] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 557.224298][T11842] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1556'. [ 559.248666][T11865] zswap: compressor not available [ 564.172459][T11928] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1575'. [ 565.271539][T11938] serio: Serial port ttyS0 [ 566.551798][T11945] usb usb36: usbfs: process 11945 (syz.2.1579) did not claim interface 0 before use [ 566.620004][T11948] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1578'. [ 566.678405][T11948] hsr_slave_0: left promiscuous mode [ 566.735828][T11948] hsr_slave_1: left promiscuous mode [ 567.985464][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 567.992636][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.010336][T12016] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1598'. [ 575.559396][T12045] serio: Serial port ttyS0 [ 576.676239][T12060] random: crng reseeded on system resumption [ 576.702170][T12060] FAULT_INJECTION: forcing a failure. [ 576.702170][T12060] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 576.726427][T12060] CPU: 0 UID: 0 PID: 12060 Comm: syz.2.1606 Not tainted syzkaller #0 PREEMPT(full) [ 576.726474][T12060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 576.726507][T12060] Call Trace: [ 576.726518][T12060] [ 576.726529][T12060] dump_stack_lvl+0x16c/0x1f0 [ 576.726579][T12060] should_fail_ex+0x512/0x640 [ 576.726628][T12060] should_fail_alloc_page+0xe7/0x130 [ 576.726673][T12060] prepare_alloc_pages+0x3c2/0x610 [ 576.726720][T12060] ? rcu_is_watching+0x12/0xc0 [ 576.726756][T12060] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 576.726806][T12060] ? stack_trace_save+0x8e/0xc0 [ 576.726841][T12060] ? __pfx_stack_trace_save+0x10/0x10 [ 576.726879][T12060] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 576.726922][T12060] ? kasan_save_stack+0x42/0x60 [ 576.726974][T12060] ? kasan_save_stack+0x33/0x60 [ 576.727016][T12060] ? do_dentry_open+0x982/0x1530 [ 576.727055][T12060] ? vfs_open+0x82/0x3f0 [ 576.727099][T12060] ? path_openat+0x1de4/0x2cb0 [ 576.727135][T12060] ? do_filp_open+0x20b/0x470 [ 576.727171][T12060] ? do_sys_openat2+0x11b/0x1d0 [ 576.727230][T12060] ? __x64_sys_openat+0x174/0x210 [ 576.727283][T12060] ? do_syscall_64+0xcd/0x490 [ 576.727325][T12060] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.727377][T12060] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 576.727426][T12060] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 576.727489][T12060] ? policy_nodemask+0xea/0x4e0 [ 576.727533][T12060] alloc_pages_mpol+0x1fb/0x550 [ 576.727575][T12060] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 576.727628][T12060] alloc_pages_noprof+0x131/0x390 [ 576.727670][T12060] get_zeroed_page_noprof+0x18/0xb0 [ 576.727715][T12060] get_image_page+0x18/0x190 [ 576.727747][T12060] alloc_rtree_node+0x3c/0xb0 [ 576.727778][T12060] memory_bm_create+0x519/0x810 [ 576.727825][T12060] create_basic_memory_bitmaps+0xbd/0x320 [ 576.727867][T12060] snapshot_open+0x235/0x2b0 [ 576.727904][T12060] ? __pfx_snapshot_open+0x10/0x10 [ 576.727942][T12060] misc_open+0x35d/0x420 [ 576.727995][T12060] ? __pfx_misc_open+0x10/0x10 [ 576.728030][T12060] chrdev_open+0x234/0x6a0 [ 576.728081][T12060] ? __pfx_apparmor_file_open+0x10/0x10 [ 576.728116][T12060] ? __pfx_chrdev_open+0x10/0x10 [ 576.728158][T12060] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 576.728199][T12060] do_dentry_open+0x982/0x1530 [ 576.728245][T12060] ? __pfx_chrdev_open+0x10/0x10 [ 576.728300][T12060] vfs_open+0x82/0x3f0 [ 576.728351][T12060] path_openat+0x1de4/0x2cb0 [ 576.728402][T12060] ? __pfx_path_openat+0x10/0x10 [ 576.728449][T12060] do_filp_open+0x20b/0x470 [ 576.728487][T12060] ? __pfx_do_filp_open+0x10/0x10 [ 576.728551][T12060] ? alloc_fd+0x471/0x7d0 [ 576.728593][T12060] do_sys_openat2+0x11b/0x1d0 [ 576.728641][T12060] ? __pfx_do_sys_openat2+0x10/0x10 [ 576.728706][T12060] __x64_sys_openat+0x174/0x210 [ 576.728756][T12060] ? __pfx___x64_sys_openat+0x10/0x10 [ 576.728821][T12060] do_syscall_64+0xcd/0x490 [ 576.728868][T12060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.728898][T12060] RIP: 0033:0x7f765078ebe9 [ 576.728923][T12060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 576.728954][T12060] RSP: 002b:00007f765155b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 576.728982][T12060] RAX: ffffffffffffffda RBX: 00007f76509b5fa0 RCX: 00007f765078ebe9 [ 576.729001][T12060] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 576.729022][T12060] RBP: 00007f7650811e19 R08: 0000000000000000 R09: 0000000000000000 [ 576.729041][T12060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 576.729059][T12060] R13: 00007f76509b6038 R14: 00007f76509b5fa0 R15: 00007ffd14eb9108 [ 576.729098][T12060] [ 577.560952][ T30] audit: type=1804 audit(4294967641.029:19): pid=12073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1608" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 579.262484][T12100] usb usb36: usbfs: process 12100 (syz.3.1612) did not claim interface 0 before use [ 582.754314][T12128] serio: Serial port ttyS0 [ 585.248043][T12148] hugetlbfs: syz.1.1623 (12148): Using mlock ulimits for SHM_HUGETLB is obsolete [ 585.465765][ T5864] Bluetooth: hci3: unexpected subevent 0x0c length: 0 < 5 [ 585.693315][T12169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1630'. [ 585.717525][T12169] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1630'. [ 589.202084][T12210] FAULT_INJECTION: forcing a failure. [ 589.202084][T12210] name failslab, interval 1, probability 0, space 0, times 0 [ 589.245163][T12210] CPU: 1 UID: 0 PID: 12210 Comm: syz.0.1639 Not tainted syzkaller #0 PREEMPT(full) [ 589.245207][T12210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 589.245227][T12210] Call Trace: [ 589.245238][T12210] [ 589.245250][T12210] dump_stack_lvl+0x16c/0x1f0 [ 589.245300][T12210] should_fail_ex+0x512/0x640 [ 589.245345][T12210] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 589.245387][T12210] should_failslab+0xc2/0x120 [ 589.245432][T12210] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 589.245473][T12210] ? shmem_alloc_inode+0x25/0x50 [ 589.245518][T12210] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 589.245556][T12210] shmem_alloc_inode+0x25/0x50 [ 589.245612][T12210] alloc_inode+0x64/0x240 [ 589.245666][T12210] new_inode+0x22/0x1c0 [ 589.245709][T12210] shmem_get_inode+0x19a/0xfb0 [ 589.245777][T12210] shmem_mknod+0x1a8/0x450 [ 589.245830][T12210] vfs_create+0x4e0/0x7a0 [ 589.245883][T12210] do_mknodat+0x3d3/0x5d0 [ 589.245924][T12210] ? __pfx_do_mknodat+0x10/0x10 [ 589.245961][T12210] ? getname_flags.part.0+0x1c5/0x550 [ 589.246023][T12210] __x64_sys_mknod+0x87/0xb0 [ 589.246074][T12210] do_syscall_64+0xcd/0x490 [ 589.246119][T12210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.246149][T12210] RIP: 0033:0x7f3c7b18ebe9 [ 589.246173][T12210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.246203][T12210] RSP: 002b:00007f3c7bf7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 589.246232][T12210] RAX: ffffffffffffffda RBX: 00007f3c7b3b6090 RCX: 00007f3c7b18ebe9 [ 589.246252][T12210] RDX: 00000000fffffffa RSI: 00000000000000cb RDI: 0000200000000180 [ 589.246272][T12210] RBP: 00007f3c7b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 589.246290][T12210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 589.246309][T12210] R13: 00007f3c7b3b6128 R14: 00007f3c7b3b6090 R15: 00007ffdc2ecf408 [ 589.246349][T12210] [ 590.498899][T12231] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 597.851364][T12269] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 604.009311][T12397] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 604.883838][T12411] rnbd_client L213: map_device: Parameters missing [ 605.209496][T12422] FAULT_INJECTION: forcing a failure. [ 605.209496][T12422] name failslab, interval 1, probability 0, space 0, times 0 [ 605.224082][T12422] CPU: 0 UID: 0 PID: 12422 Comm: syz.2.1682 Not tainted syzkaller #0 PREEMPT(full) [ 605.224127][T12422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 605.224148][T12422] Call Trace: [ 605.224160][T12422] [ 605.224172][T12422] dump_stack_lvl+0x16c/0x1f0 [ 605.224222][T12422] should_fail_ex+0x512/0x640 [ 605.224269][T12422] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 605.224314][T12422] should_failslab+0xc2/0x120 [ 605.224358][T12422] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 605.224399][T12422] ? d_lookup+0xe7/0x190 [ 605.224449][T12422] ? alloc_inode+0xc3/0x240 [ 605.224502][T12422] alloc_inode+0xc3/0x240 [ 605.224550][T12422] new_inode+0x22/0x1c0 [ 605.224603][T12422] binderfs_create_file+0xb2/0x3b0 [ 605.224653][T12422] binderfs_fill_super+0x9d7/0x1360 [ 605.224704][T12422] ? __pfx_binderfs_fill_super+0x10/0x10 [ 605.224779][T12422] ? shrinker_register+0x1a8/0x260 [ 605.224825][T12422] ? sget_fc+0x808/0xc20 [ 605.224861][T12422] ? apparmor_capable+0x114/0x1d0 [ 605.224896][T12422] ? __pfx_set_anon_super_fc+0x10/0x10 [ 605.224940][T12422] ? __pfx_binderfs_fill_super+0x10/0x10 [ 605.224982][T12422] get_tree_nodev+0xdd/0x190 [ 605.225022][T12422] vfs_get_tree+0x8b/0x340 [ 605.225052][T12422] vfs_cmd_create+0xd7/0x2a0 [ 605.225100][T12422] __do_sys_fsconfig+0x7b8/0xbe0 [ 605.225160][T12422] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 605.225221][T12422] do_syscall_64+0xcd/0x490 [ 605.225268][T12422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.225298][T12422] RIP: 0033:0x7f765078ebe9 [ 605.225322][T12422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 605.225352][T12422] RSP: 002b:00007f765155b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 605.225381][T12422] RAX: ffffffffffffffda RBX: 00007f76509b5fa0 RCX: 00007f765078ebe9 [ 605.225402][T12422] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000001 [ 605.225421][T12422] RBP: 00007f7650811e19 R08: 0000000000000000 R09: 0000000000000000 [ 605.225440][T12422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 605.225459][T12422] R13: 00007f76509b6038 R14: 00007f76509b5fa0 R15: 00007ffd14eb9108 [ 605.225499][T12422] [ 605.447905][ C0] vkms_vblank_simulate: vblank timer overrun [ 606.925379][T12439] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1687'. [ 610.710628][T12470] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1696'. [ 611.472509][T12461] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 611.813048][ T5864] Bluetooth: hci0: unexpected subevent 0x0c length: 0 < 5 [ 613.941707][T12513] random: crng reseeded on system resumption [ 614.008609][T12513] FAULT_INJECTION: forcing a failure. [ 614.008609][T12513] name failslab, interval 1, probability 0, space 0, times 0 [ 614.021681][T12513] CPU: 0 UID: 0 PID: 12513 Comm: syz.0.1703 Not tainted syzkaller #0 PREEMPT(full) [ 614.021719][T12513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 614.021736][T12513] Call Trace: [ 614.021746][T12513] [ 614.021757][T12513] dump_stack_lvl+0x116/0x1f0 [ 614.021803][T12513] should_fail_ex+0x512/0x640 [ 614.021843][T12513] ? __kmalloc_cache_noprof+0x108/0x3e0 [ 614.021876][T12513] should_failslab+0xc2/0x120 [ 614.021913][T12513] __kmalloc_cache_noprof+0x6a/0x3e0 [ 614.021941][T12513] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 614.021991][T12513] ? alloc_fw_cache_entry+0x3f/0xd0 [ 614.022025][T12513] ? __pfx_fw_name_devm_release+0x10/0x10 [ 614.022058][T12513] alloc_fw_cache_entry+0x3f/0xd0 [ 614.022090][T12513] dev_create_fw_entry+0x3d/0x150 [ 614.022122][T12513] ? __pfx_fw_name_devm_release+0x10/0x10 [ 614.022152][T12513] devres_for_each_res+0x173/0x1d0 [ 614.022192][T12513] ? __pfx_devm_name_match+0x10/0x10 [ 614.022220][T12513] ? __pfx_dev_create_fw_entry+0x10/0x10 [ 614.022254][T12513] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 614.022286][T12513] dev_cache_fw_image+0xa2/0x490 [ 614.022320][T12513] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 614.022357][T12513] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 614.022401][T12513] dpm_for_each_dev+0x5d/0xb0 [ 614.022428][T12513] fw_pm_notify+0x81/0x150 [ 614.022454][T12513] notifier_call_chain+0xbc/0x410 [ 614.022485][T12513] ? __pfx_fw_pm_notify+0x10/0x10 [ 614.022519][T12513] blocking_notifier_call_chain_robust+0xc8/0x160 [ 614.022574][T12513] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 614.022623][T12513] pm_notifier_call_chain_robust+0x27/0x60 [ 614.022663][T12513] snapshot_open+0x218/0x2b0 [ 614.022695][T12513] ? __pfx_snapshot_open+0x10/0x10 [ 614.022729][T12513] misc_open+0x35d/0x420 [ 614.022758][T12513] ? __pfx_misc_open+0x10/0x10 [ 614.022787][T12513] chrdev_open+0x234/0x6a0 [ 614.022826][T12513] ? __pfx_apparmor_file_open+0x10/0x10 [ 614.022856][T12513] ? __pfx_chrdev_open+0x10/0x10 [ 614.022893][T12513] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 614.022931][T12513] do_dentry_open+0x982/0x1530 [ 614.022973][T12513] ? __pfx_chrdev_open+0x10/0x10 [ 614.023015][T12513] vfs_open+0x82/0x3f0 [ 614.023061][T12513] path_openat+0x1de4/0x2cb0 [ 614.023106][T12513] ? __pfx_path_openat+0x10/0x10 [ 614.023148][T12513] do_filp_open+0x20b/0x470 [ 614.023182][T12513] ? __pfx_do_filp_open+0x10/0x10 [ 614.023240][T12513] ? alloc_fd+0x471/0x7d0 [ 614.023279][T12513] do_sys_openat2+0x11b/0x1d0 [ 614.023320][T12513] ? __pfx_do_sys_openat2+0x10/0x10 [ 614.023376][T12513] __x64_sys_openat+0x174/0x210 [ 614.023419][T12513] ? __pfx___x64_sys_openat+0x10/0x10 [ 614.023476][T12513] do_syscall_64+0xcd/0x490 [ 614.023516][T12513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 614.023542][T12513] RIP: 0033:0x7f3c7b18ebe9 [ 614.023565][T12513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 614.023592][T12513] RSP: 002b:00007f3c7bf9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 614.023619][T12513] RAX: ffffffffffffffda RBX: 00007f3c7b3b5fa0 RCX: 00007f3c7b18ebe9 [ 614.023637][T12513] RDX: 0000000000000101 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 614.023654][T12513] RBP: 00007f3c7b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 614.023670][T12513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 614.023687][T12513] R13: 00007f3c7b3b6038 R14: 00007f3c7b3b5fa0 R15: 00007ffdc2ecf408 [ 614.023721][T12513] [ 614.754109][ T30] audit: type=1804 audit(4294967678.229:20): pid=12528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1708" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 614.801598][ T5856] smpboot: CPU 1 is now offline [ 617.251118][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802a766400: rx timeout, send abort [ 617.268849][ T5216] ERROR: Out of memory at tomoyo_memory_ok. [ 617.759460][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802a766400: abort rx timeout. Force session deactivation [ 618.303178][T12581] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1718'. [ 618.354326][T12581] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1718'. [ 619.022157][ T30] audit: type=1800 audit(4294967682.499:21): pid=12591 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1720" name="dbroot" dev="configfs" ino=41442 res=0 errno=0 [ 619.658682][ T51] Bluetooth: hci4: command 0x1003 tx timeout [ 619.667865][ T5864] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 621.619107][T12623] netlink: 206 bytes leftover after parsing attributes in process `syz.3.1727'. [ 622.058566][T12627] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1726'. [ 622.120912][T12617] ima: policy update failed [ 622.125612][ T30] audit: type=1802 audit(4294967685.599:22): pid=12617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1726" res=0 errno=0 [ 622.798660][T12639] random: crng reseeded on system resumption [ 623.374146][T12645] Unrecognized hibernate image header format! [ 623.438412][T12645] PM: hibernation: Image mismatch: architecture specific data [ 627.984658][T12708] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 628.032454][T12708] FAULT_INJECTION: forcing a failure. [ 628.032454][T12708] name failslab, interval 1, probability 0, space 0, times 0 [ 628.095347][T12708] CPU: 0 UID: 0 PID: 12708 Comm: syz.0.1747 Not tainted syzkaller #0 PREEMPT(full) [ 628.095376][T12708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 628.095388][T12708] Call Trace: [ 628.095395][T12708] [ 628.095403][T12708] dump_stack_lvl+0x16c/0x1f0 [ 628.095437][T12708] should_fail_ex+0x512/0x640 [ 628.095474][T12708] ? fs_reclaim_acquire+0xae/0x150 [ 628.095509][T12708] should_failslab+0xc2/0x120 [ 628.095538][T12708] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 628.095565][T12708] ? security_inode_alloc+0x3b/0x2b0 [ 628.095593][T12708] security_inode_alloc+0x3b/0x2b0 [ 628.095618][T12708] inode_init_always_gfp+0xce4/0x1030 [ 628.095647][T12708] alloc_inode+0x86/0x240 [ 628.095678][T12708] sock_alloc+0x40/0x280 [ 628.095711][T12708] sock_create_lite+0x82/0x120 [ 628.095745][T12708] __netlink_kernel_create+0xbd/0x750 [ 628.095779][T12708] ? __pfx___netlink_kernel_create+0x10/0x10 [ 628.095816][T12708] ? __pfx_genl_pernet_init+0x10/0x10 [ 628.095849][T12708] genl_pernet_init+0xbd/0x170 [ 628.095882][T12708] ? __pfx_genl_pernet_init+0x10/0x10 [ 628.095915][T12708] ? lockdep_init_map_type+0x5c/0x280 [ 628.095945][T12708] ? __pfx_genl_rcv+0x10/0x10 [ 628.095975][T12708] ? __pfx_genl_bind+0x10/0x10 [ 628.096005][T12708] ? __pfx_genl_unbind+0x10/0x10 [ 628.096035][T12708] ? __pfx_genl_release+0x10/0x10 [ 628.096068][T12708] ? debug_mutex_init+0x37/0x70 [ 628.096091][T12708] ops_init+0x1e2/0x5f0 [ 628.096124][T12708] setup_net+0x10f/0x380 [ 628.096152][T12708] ? lockdep_init_map_type+0x5c/0x280 [ 628.096182][T12708] ? __pfx_setup_net+0x10/0x10 [ 628.096214][T12708] ? debug_mutex_init+0x37/0x70 [ 628.096237][T12708] copy_net_ns+0x2a6/0x5f0 [ 628.096274][T12708] create_new_namespaces+0x3ea/0xa90 [ 628.096304][T12708] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 628.096344][T12708] ksys_unshare+0x45b/0xa40 [ 628.096374][T12708] ? __pfx_ksys_unshare+0x10/0x10 [ 628.096424][T12708] ? xfd_validate_state+0x61/0x180 [ 628.096474][T12708] __x64_sys_unshare+0x31/0x40 [ 628.096506][T12708] do_syscall_64+0xcd/0x490 [ 628.096552][T12708] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.096575][T12708] RIP: 0033:0x7f3c7b18ebe9 [ 628.096592][T12708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 628.096612][T12708] RSP: 002b:00007f3c7bf9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 628.096632][T12708] RAX: ffffffffffffffda RBX: 00007f3c7b3b5fa0 RCX: 00007f3c7b18ebe9 [ 628.096646][T12708] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 628.096659][T12708] RBP: 00007f3c7b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 628.096672][T12708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 628.096685][T12708] R13: 00007f3c7b3b6038 R14: 00007f3c7b3b5fa0 R15: 00007ffdc2ecf408 [ 628.096711][T12708] [ 628.377602][ C0] vkms_vblank_simulate: vblank timer overrun [ 629.424210][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.439729][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 632.266263][T12726] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1749'. [ 633.329173][T12748] tipc: Started in network mode [ 633.334321][T12748] tipc: Node identity ee00, cluster identity 4711 [ 633.400166][T12748] tipc: Node number set to 60928 [ 636.779048][T12784] program syz.0.1758 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 638.303371][T12814] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1764'. [ 639.180906][ T37] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 639.252099][ T37] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 639.562090][ T37] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 639.638232][ T37] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 642.236540][T12849] FAULT_INJECTION: forcing a failure. [ 642.236540][T12849] name failslab, interval 1, probability 0, space 0, times 0 [ 642.313739][T12849] CPU: 0 UID: 0 PID: 12849 Comm: syz.2.1768 Not tainted syzkaller #0 PREEMPT(full) [ 642.313776][T12849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 642.313790][T12849] Call Trace: [ 642.313798][T12849] [ 642.313806][T12849] dump_stack_lvl+0x16c/0x1f0 [ 642.313842][T12849] should_fail_ex+0x512/0x640 [ 642.313875][T12849] ? __kmalloc_noprof+0xbf/0x510 [ 642.313904][T12849] ? binder_open+0x168/0xde0 [ 642.313946][T12849] should_failslab+0xc2/0x120 [ 642.313976][T12849] __kmalloc_noprof+0xd2/0x510 [ 642.314010][T12849] binder_open+0x168/0xde0 [ 642.314042][T12849] ? __pfx_apparmor_file_open+0x10/0x10 [ 642.314072][T12849] ? __pfx_binder_open+0x10/0x10 [ 642.314106][T12849] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 642.314138][T12849] do_dentry_open+0x982/0x1530 [ 642.314167][T12849] ? __pfx_binder_open+0x10/0x10 [ 642.314205][T12849] vfs_open+0x82/0x3f0 [ 642.314243][T12849] path_openat+0x1de4/0x2cb0 [ 642.314286][T12849] ? __pfx_path_openat+0x10/0x10 [ 642.314321][T12849] do_filp_open+0x20b/0x470 [ 642.314352][T12849] ? __pfx_do_filp_open+0x10/0x10 [ 642.314400][T12849] ? alloc_fd+0x471/0x7d0 [ 642.314437][T12849] do_sys_openat2+0x11b/0x1d0 [ 642.314472][T12849] ? __pfx_do_sys_openat2+0x10/0x10 [ 642.314522][T12849] __x64_sys_openat+0x174/0x210 [ 642.314559][T12849] ? __pfx___x64_sys_openat+0x10/0x10 [ 642.314607][T12849] do_syscall_64+0xcd/0x490 [ 642.314641][T12849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 642.314664][T12849] RIP: 0033:0x7f765078ebe9 [ 642.314682][T12849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 642.314705][T12849] RSP: 002b:00007f765155b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 642.314727][T12849] RAX: ffffffffffffffda RBX: 00007f76509b5fa0 RCX: 00007f765078ebe9 [ 642.314742][T12849] RDX: 0000000000002001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 642.314757][T12849] RBP: 00007f7650811e19 R08: 0000000000000000 R09: 0000000000000000 [ 642.314771][T12849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 642.314800][T12849] R13: 00007f76509b6038 R14: 00007f76509b5fa0 R15: 00007ffd14eb9108 [ 642.314829][T12849] [ 643.119906][T12860] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1771'. [ 643.163401][T12856] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1769'. [ 646.751129][T12893] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 648.497910][T12860] team0 (unregistering): Port device team_slave_0 removed [ 648.664380][T12910] ptrace attach of "./syz-executor exec"[5861] was attempted by ""[12910] [ 648.787143][T12860] team0 (unregistering): Port device team_slave_1 removed [ 649.500733][T12923] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 651.275738][T12954] FAULT_INJECTION: forcing a failure. [ 651.275738][T12954] name failslab, interval 1, probability 0, space 0, times 0 [ 651.350458][T12954] CPU: 0 UID: 0 PID: 12954 Comm: syz.3.1785 Not tainted syzkaller #0 PREEMPT(full) [ 651.350489][T12954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 651.350503][T12954] Call Trace: [ 651.350511][T12954] [ 651.350520][T12954] dump_stack_lvl+0x16c/0x1f0 [ 651.350555][T12954] should_fail_ex+0x512/0x640 [ 651.350588][T12954] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 651.350624][T12954] should_failslab+0xc2/0x120 [ 651.350654][T12954] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 651.350685][T12954] ? lockdep_hardirqs_on+0x7c/0x110 [ 651.350714][T12954] ? fib_notifier_ops_register+0x32/0x270 [ 651.350753][T12954] kmemdup_noprof+0x29/0x60 [ 651.350786][T12954] fib_notifier_ops_register+0x32/0x270 [ 651.350822][T12954] fib4_notifier_init+0x4f/0xd0 [ 651.350856][T12954] fib_net_init+0xbf/0x3f0 [ 651.350889][T12954] ? __pfx___register_sysctl_table+0x10/0x10 [ 651.350926][T12954] ? __pfx_fib_net_init+0x10/0x10 [ 651.350968][T12954] ? lockdep_init_map_type+0x5c/0x280 [ 651.351002][T12954] ? do_init_timer+0xc9/0x110 [ 651.351030][T12954] ? devinet_init_net+0x5c2/0x910 [ 651.351069][T12954] ? __pfx_fib_net_init+0x10/0x10 [ 651.351101][T12954] ops_init+0x1e2/0x5f0 [ 651.351137][T12954] setup_net+0x10f/0x380 [ 651.351167][T12954] ? lockdep_init_map_type+0x5c/0x280 [ 651.351199][T12954] ? __pfx_setup_net+0x10/0x10 [ 651.351233][T12954] ? debug_mutex_init+0x37/0x70 [ 651.351259][T12954] copy_net_ns+0x2a6/0x5f0 [ 651.351297][T12954] create_new_namespaces+0x3ea/0xa90 [ 651.351331][T12954] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 651.351360][T12954] ksys_unshare+0x45b/0xa40 [ 651.351412][T12954] ? __pfx_ksys_unshare+0x10/0x10 [ 651.351461][T12954] ? xfd_validate_state+0x61/0x180 [ 651.351504][T12954] __x64_sys_unshare+0x31/0x40 [ 651.351536][T12954] do_syscall_64+0xcd/0x490 [ 651.351571][T12954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.351595][T12954] RIP: 0033:0x7fd70218ebe9 [ 651.351613][T12954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.351636][T12954] RSP: 002b:00007fd702fd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 651.351657][T12954] RAX: ffffffffffffffda RBX: 00007fd7023b5fa0 RCX: 00007fd70218ebe9 [ 651.351673][T12954] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 651.351687][T12954] RBP: 00007fd702211e19 R08: 0000000000000000 R09: 0000000000000000 [ 651.351701][T12954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 651.351715][T12954] R13: 00007fd7023b6038 R14: 00007fd7023b5fa0 R15: 00007ffc8c879e98 [ 651.351744][T12954] [ 652.129330][T12951] syz.0.1784 (12951): /proc/12948/oom_adj is deprecated, please use /proc/12948/oom_score_adj instead. [ 653.496626][T12969] : Can't lookup blockdev [ 654.825880][T12960] kexec: Could not allocate control_code_buffer [ 655.143468][T12985] FAULT_INJECTION: forcing a failure. [ 655.143468][T12985] name failslab, interval 1, probability 0, space 0, times 0 [ 655.269433][T12985] CPU: 0 UID: 0 PID: 12985 Comm: syz.1.1793 Not tainted syzkaller #0 PREEMPT(full) [ 655.269467][T12985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 655.269481][T12985] Call Trace: [ 655.269488][T12985] [ 655.269498][T12985] dump_stack_lvl+0x16c/0x1f0 [ 655.269540][T12985] should_fail_ex+0x512/0x640 [ 655.269574][T12985] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 655.269606][T12985] should_failslab+0xc2/0x120 [ 655.269638][T12985] __kmalloc_cache_node_noprof+0x6d/0x420 [ 655.269666][T12985] ? mem_cgroup_css_alloc+0xa8f/0x1e80 [ 655.269692][T12985] ? mem_cgroup_css_alloc+0xac2/0x1e80 [ 655.269724][T12985] mem_cgroup_css_alloc+0xac2/0x1e80 [ 655.269760][T12985] cgroup_apply_control_enable+0x4b0/0xbb0 [ 655.269816][T12985] cgroup_mkdir+0x5e7/0x11f0 [ 655.269859][T12985] ? __pfx_cgroup_mkdir+0x10/0x10 [ 655.269901][T12985] kernfs_iop_mkdir+0x10e/0x190 [ 655.269935][T12985] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 655.269969][T12985] vfs_mkdir+0x590/0x8c0 [ 655.269995][T12985] do_mkdirat+0x304/0x3e0 [ 655.270026][T12985] ? __pfx_do_mkdirat+0x10/0x10 [ 655.270058][T12985] ? getname_flags.part.0+0x1c5/0x550 [ 655.270099][T12985] __x64_sys_mkdir+0xef/0x140 [ 655.270129][T12985] do_syscall_64+0xcd/0x490 [ 655.270164][T12985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.270188][T12985] RIP: 0033:0x7f3522b8ebe9 [ 655.270207][T12985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 655.270230][T12985] RSP: 002b:00007f35239ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 655.270253][T12985] RAX: ffffffffffffffda RBX: 00007f3522db5fa0 RCX: 00007f3522b8ebe9 [ 655.270269][T12985] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 655.270283][T12985] RBP: 00007f3522c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 655.270298][T12985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 655.270312][T12985] R13: 00007f3522db6038 R14: 00007f3522db5fa0 R15: 00007ffd08251118 [ 655.270342][T12985] [ 656.607871][ T1338] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:7: bg 2: bad block bitmap checksum [ 656.768565][ T1338] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 976 with max blocks 12 with error 74 [ 656.902966][ T1338] EXT4-fs (sda1): This should not happen!! Data will be lost [ 656.902966][ T1338] [ 658.910150][T13003] vhci_hcd: invalid port number 16 [ 658.915352][T13003] vhci_hcd: invalid port number 16 [ 665.021553][T13054] vhci_hcd: invalid port number 16 [ 665.052562][T13054] vhci_hcd: invalid port number 16 [ 665.236300][T13056] openvswitch: HfR: Dropping previously announced user features [ 665.283582][T13056] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1810'. [ 665.321785][T13056] HfR: left promiscuous mode [ 665.462905][T13058] HfR: entered promiscuous mode [ 666.477132][T13074] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 667.727682][T13086] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1815'. [ 667.824361][ T5219] ERROR: Out of memory at tomoyo_memory_ok. [ 668.316324][T13078] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 668.896247][ T5864] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 669.980617][T13102] Invalid ELF header magic: != ELF [ 673.385267][T13136] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1829'. [ 675.268913][T13145] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 675.303998][T13157] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1834'. [ 676.413213][T13162] zswap: compressor 000 not available [ 680.714529][T13196] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:7 is already present [ 682.131455][T13205] sp0: Synchronizing with TNC [ 682.915904][T13219] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1851'. [ 682.990141][T13219] net veth1_virt_wifi : renamed from virt_wifi0 [ 684.489970][T13221] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 684.531975][T13221] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 684.572503][T13221] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 684.597627][T13221] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 684.630452][T13221] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 685.100651][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 685.543266][T13262] ERROR: Out of memory at tomoyo_memory_ok. [ 686.538812][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 686.582800][T13272] Invalid ELF header magic: != ELF [ 686.618313][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 686.624446][ T5864] Bluetooth: hci2: command 0x0406 tx timeout [ 686.864201][T13277] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1866'. [ 686.933000][T13278] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1866'. [ 687.604718][T13282] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 687.659292][T13282] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 687.665423][T13282] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 688.462178][T13282] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 689.658294][ T5864] Bluetooth: hci0: command 0x0406 tx timeout [ 689.739907][ T5864] Bluetooth: hci2: command 0x0406 tx timeout [ 689.746801][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 690.539001][ T5864] Bluetooth: hci3: command 0x0406 tx timeout [ 690.862436][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 690.871995][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.365068][T13313] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1875'. [ 693.344409][T13324] FAULT_INJECTION: forcing a failure. [ 693.344409][T13324] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 693.477173][T13324] CPU: 0 UID: 0 PID: 13324 Comm: syz.2.1878 Not tainted syzkaller #0 PREEMPT(full) [ 693.477206][T13324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 693.477221][T13324] Call Trace: [ 693.477230][T13324] [ 693.477239][T13324] dump_stack_lvl+0x16c/0x1f0 [ 693.477288][T13324] should_fail_ex+0x512/0x640 [ 693.477327][T13324] should_fail_alloc_page+0xe7/0x130 [ 693.477361][T13324] prepare_alloc_pages+0x3c2/0x610 [ 693.477397][T13324] ? rcu_is_watching+0x12/0xc0 [ 693.477425][T13324] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 693.477463][T13324] ? kasan_save_stack+0x42/0x60 [ 693.477489][T13324] ? kasan_save_stack+0x33/0x60 [ 693.477514][T13324] ? kasan_save_track+0x14/0x30 [ 693.477540][T13324] ? __kasan_kmalloc+0xaa/0xb0 [ 693.477564][T13324] ? __kvmalloc_node_noprof+0x27b/0x620 [ 693.477590][T13324] ? relay_open_buf.part.0+0x18f/0xc30 [ 693.477620][T13324] ? relay_open+0x653/0xad0 [ 693.477647][T13324] ? do_blk_trace_setup+0x4c5/0xb00 [ 693.477669][T13324] ? blk_trace_setup+0xed/0x1b0 [ 693.477691][T13324] ? blk_trace_ioctl+0x146/0x280 [ 693.477716][T13324] ? blkdev_ioctl+0x108/0x6d0 [ 693.477740][T13324] ? __x64_sys_ioctl+0x18e/0x210 [ 693.477779][T13324] ? do_syscall_64+0xcd/0x490 [ 693.477809][T13324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.477837][T13324] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 693.477885][T13324] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 693.477923][T13324] ? policy_nodemask+0xea/0x4e0 [ 693.477956][T13324] alloc_pages_mpol+0x1fb/0x550 [ 693.477989][T13324] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 693.478020][T13324] ? trace_kmalloc+0x2b/0xd0 [ 693.478052][T13324] ? __kvmalloc_node_noprof+0x298/0x620 [ 693.478098][T13324] ? flush_all_cpus_locked+0x1e0/0x210 [ 693.478138][T13324] alloc_pages_noprof+0x131/0x390 [ 693.478186][T13324] relay_open_buf.part.0+0x25d/0xc30 [ 693.478227][T13324] relay_open+0x653/0xad0 [ 693.478257][T13324] ? debugfs_create_file_full+0x41/0x60 [ 693.478289][T13324] do_blk_trace_setup+0x4c5/0xb00 [ 693.478318][T13324] blk_trace_setup+0xed/0x1b0 [ 693.478344][T13324] ? __pfx_blk_trace_setup+0x10/0x10 [ 693.478369][T13324] ? __pfx_snprintf+0x10/0x10 [ 693.478406][T13324] ? do_vfs_ioctl+0x128/0x14f0 [ 693.478455][T13324] blk_trace_ioctl+0x146/0x280 [ 693.478482][T13324] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 693.478513][T13324] ? find_held_lock+0x2b/0x80 [ 693.478537][T13324] ? hook_file_ioctl_common+0x145/0x410 [ 693.478573][T13324] blkdev_ioctl+0x108/0x6d0 [ 693.478598][T13324] ? __pfx_blkdev_ioctl+0x10/0x10 [ 693.478629][T13324] ? __pfx_blkdev_ioctl+0x10/0x10 [ 693.478656][T13324] __x64_sys_ioctl+0x18e/0x210 [ 693.478696][T13324] do_syscall_64+0xcd/0x490 [ 693.478730][T13324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.478753][T13324] RIP: 0033:0x7f765078ebe9 [ 693.478772][T13324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 693.478796][T13324] RSP: 002b:00007f765153a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 693.478818][T13324] RAX: ffffffffffffffda RBX: 00007f76509b6090 RCX: 00007f765078ebe9 [ 693.478834][T13324] RDX: 0000200000000140 RSI: 00000000c0481273 RDI: 0000000000000007 [ 693.478849][T13324] RBP: 00007f7650811e19 R08: 0000000000000000 R09: 0000000000000000 [ 693.478863][T13324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 693.478877][T13324] R13: 00007f76509b6128 R14: 00007f76509b6090 R15: 00007ffd14eb9108 [ 693.478908][T13324] [ 694.300821][T13331] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1881'. [ 694.324491][T13331] bridge0: port 2(bridge_slave_1) entered disabled state [ 694.573271][T13331] bridge_slave_1 (unregistering): left allmulticast mode [ 694.580497][T13331] bridge_slave_1 (unregistering): left promiscuous mode [ 694.595456][T13331] bridge0: port 2(bridge_slave_1) entered disabled state [ 694.606733][T13334] vhci_hcd: invalid port number 23 [ 694.618356][T13334] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 695.143838][T13339] ima: policy update failed [ 695.167796][ T30] audit: type=1802 audit(4294967300.740:23): pid=13339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1883" res=0 errno=0 [ 695.201541][T13339] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1883'. [ 695.549720][T13348] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1886'. [ 697.727888][T13367] FAULT_INJECTION: forcing a failure. [ 697.727888][T13367] name failslab, interval 1, probability 0, space 0, times 0 [ 697.886649][T13367] CPU: 0 UID: 0 PID: 13367 Comm: syz.3.1891 Not tainted syzkaller #0 PREEMPT(full) [ 697.886683][T13367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 697.886699][T13367] Call Trace: [ 697.886708][T13367] [ 697.886717][T13367] dump_stack_lvl+0x16c/0x1f0 [ 697.886758][T13367] should_fail_ex+0x512/0x640 [ 697.886792][T13367] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 697.886826][T13367] should_failslab+0xc2/0x120 [ 697.886859][T13367] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 697.886889][T13367] ? __kernfs_new_node+0xd2/0x8e0 [ 697.886933][T13367] __kernfs_new_node+0xd2/0x8e0 [ 697.886968][T13367] ? __pfx___kernfs_new_node+0x10/0x10 [ 697.887014][T13367] ? find_held_lock+0x2b/0x80 [ 697.887052][T13367] ? kernfs_root+0xee/0x2a0 [ 697.887088][T13367] kernfs_new_node+0x13c/0x1e0 [ 697.887128][T13367] __kernfs_create_file+0x53/0x350 [ 697.887156][T13367] sysfs_add_file_mode_ns+0x207/0x3c0 [ 697.887193][T13367] internal_create_group+0x578/0xf30 [ 697.887232][T13367] ? __pfx_internal_create_group+0x10/0x10 [ 697.887274][T13367] sysfs_slab_add+0x1a3/0x1e0 [ 697.887301][T13367] do_kmem_cache_create+0x529/0x720 [ 697.887330][T13367] ? __kmem_cache_create_args+0x205/0x390 [ 697.887360][T13367] __kmem_cache_create_args+0x225/0x390 [ 697.887389][T13367] mon_text_open+0x313/0x4f0 [ 697.887416][T13367] ? __pfx_mon_text_open+0x10/0x10 [ 697.887441][T13367] ? __debugfs_file_get+0x1fe/0x840 [ 697.887478][T13367] ? __pfx_mon_text_ctor+0x10/0x10 [ 697.887503][T13367] ? __pfx_apparmor_file_open+0x10/0x10 [ 697.887528][T13367] ? lockdown_is_locked_down+0x3f/0x130 [ 697.887550][T13367] ? bpf_lsm_locked_down+0x9/0x10 [ 697.887577][T13367] ? __pfx_mon_text_open+0x10/0x10 [ 697.887602][T13367] full_proxy_open_regular+0x1b6/0x360 [ 697.887628][T13367] do_dentry_open+0x982/0x1530 [ 697.887659][T13367] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 697.887689][T13367] vfs_open+0x82/0x3f0 [ 697.887728][T13367] path_openat+0x1de4/0x2cb0 [ 697.887766][T13367] ? __pfx_path_openat+0x10/0x10 [ 697.887803][T13367] do_filp_open+0x20b/0x470 [ 697.887838][T13367] ? __pfx_do_filp_open+0x10/0x10 [ 697.887887][T13367] ? alloc_fd+0x471/0x7d0 [ 697.887921][T13367] do_sys_openat2+0x11b/0x1d0 [ 697.887961][T13367] ? __pfx_do_sys_openat2+0x10/0x10 [ 697.888000][T13367] ? __pfx___might_resched+0x10/0x10 [ 697.888031][T13367] __x64_sys_openat+0x174/0x210 [ 697.888069][T13367] ? __pfx___x64_sys_openat+0x10/0x10 [ 697.888119][T13367] do_syscall_64+0xcd/0x490 [ 697.888154][T13367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.888178][T13367] RIP: 0033:0x7fd70218ebe9 [ 697.888197][T13367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.888221][T13367] RSP: 002b:00007fd702fd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 697.888244][T13367] RAX: ffffffffffffffda RBX: 00007fd7023b5fa0 RCX: 00007fd70218ebe9 [ 697.888260][T13367] RDX: 0000000000101080 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 697.888276][T13367] RBP: 00007fd702211e19 R08: 0000000000000000 R09: 0000000000000000 [ 697.888291][T13367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.888305][T13367] R13: 00007fd7023b6038 R14: 00007fd7023b5fa0 R15: 00007ffc8c879e98 [ 697.888336][T13367] [ 698.558648][T13377] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1893'. [ 698.579481][T13377] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1893'. [ 699.077001][T13384] FAULT_INJECTION: forcing a failure. [ 699.077001][T13384] name failslab, interval 1, probability 0, space 0, times 0 [ 699.101444][T13384] CPU: 0 UID: 0 PID: 13384 Comm: syz.1.1895 Not tainted syzkaller #0 PREEMPT(full) [ 699.101477][T13384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 699.101492][T13384] Call Trace: [ 699.101501][T13384] [ 699.101510][T13384] dump_stack_lvl+0x16c/0x1f0 [ 699.101546][T13384] should_fail_ex+0x512/0x640 [ 699.101580][T13384] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 699.101609][T13384] should_failslab+0xc2/0x120 [ 699.101641][T13384] __kmalloc_cache_noprof+0x6a/0x3e0 [ 699.101664][T13384] ? down_write_killable+0x154/0x250 [ 699.101700][T13384] ? alloc_ldt_struct+0x5d/0x1a0 [ 699.101728][T13384] alloc_ldt_struct+0x5d/0x1a0 [ 699.101756][T13384] write_ldt+0x852/0xd20 [ 699.101785][T13384] ? __pfx_write_ldt+0x10/0x10 [ 699.101821][T13384] ? up_write+0x1b2/0x520 [ 699.101861][T13384] __x64_sys_modify_ldt+0xb1/0x170 [ 699.101887][T13384] do_syscall_64+0xcd/0x490 [ 699.101922][T13384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 699.101955][T13384] RIP: 0033:0x7f3522b8ebe9 [ 699.101973][T13384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 699.101997][T13384] RSP: 002b:00007f35239ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 699.102019][T13384] RAX: ffffffffffffffda RBX: 00007f3522db5fa0 RCX: 00007f3522b8ebe9 [ 699.102035][T13384] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000001 [ 699.102049][T13384] RBP: 00007f3522c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 699.102064][T13384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 699.102079][T13384] R13: 00007f3522db6038 R14: 00007f3522db5fa0 R15: 00007ffd08251118 [ 699.102108][T13384] [ 699.527050][T13367] SLUB: Unable to add cache mon_text_ffff888034f7b000 to sysfs [ 700.372870][T13394] kafs: addr_prefs: Invalid Command [ 702.387473][T13418] FAULT_INJECTION: forcing a failure. [ 702.387473][T13418] name failslab, interval 1, probability 0, space 0, times 0 [ 702.472078][T13418] CPU: 0 UID: 0 PID: 13418 Comm: syz.2.1902 Not tainted syzkaller #0 PREEMPT(full) [ 702.472110][T13418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 702.472124][T13418] Call Trace: [ 702.472132][T13418] [ 702.472140][T13418] dump_stack_lvl+0x16c/0x1f0 [ 702.472175][T13418] should_fail_ex+0x512/0x640 [ 702.472207][T13418] ? __kmalloc_noprof+0xbf/0x510 [ 702.472236][T13418] ? devlink_fmsg_put_name+0xf0/0x3f0 [ 702.472266][T13418] should_failslab+0xc2/0x120 [ 702.472296][T13418] __kmalloc_noprof+0xd2/0x510 [ 702.472347][T13418] devlink_fmsg_put_name+0xf0/0x3f0 [ 702.472382][T13418] devlink_fmsg_bool_pair_put+0xff/0x2f0 [ 702.472418][T13418] ? __pfx_devlink_fmsg_bool_pair_put+0x10/0x10 [ 702.472461][T13418] ? __kasan_kmalloc+0xaa/0xb0 [ 702.472489][T13418] ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0 [ 702.472528][T13418] nsim_dev_dummy_fmsg_put+0xe7/0x1e0 [ 702.472563][T13418] devlink_health_do_dump+0x240/0x620 [ 702.472604][T13418] devlink_health_report+0x3c9/0x9c0 [ 702.472644][T13418] ? __pfx_devlink_health_report+0x10/0x10 [ 702.472688][T13418] nsim_dev_health_break_write+0x166/0x210 [ 702.472720][T13418] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 702.472764][T13418] full_proxy_write+0x131/0x1a0 [ 702.472803][T13418] ? __pfx_full_proxy_write+0x10/0x10 [ 702.472838][T13418] vfs_write+0x2a0/0x11d0 [ 702.472870][T13418] ? __pfx___mutex_lock+0x10/0x10 [ 702.472904][T13418] ? __pfx_vfs_write+0x10/0x10 [ 702.472941][T13418] ? __fget_files+0x20e/0x3c0 [ 702.472975][T13418] ksys_write+0x12a/0x250 [ 702.473002][T13418] ? __pfx_ksys_write+0x10/0x10 [ 702.473038][T13418] do_syscall_64+0xcd/0x490 [ 702.473074][T13418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.473098][T13418] RIP: 0033:0x7f765078ebe9 [ 702.473116][T13418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 702.473139][T13418] RSP: 002b:00007f765155b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 702.473162][T13418] RAX: ffffffffffffffda RBX: 00007f76509b5fa0 RCX: 00007f765078ebe9 [ 702.473177][T13418] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000006 [ 702.473191][T13418] RBP: 00007f7650811e19 R08: 0000000000000000 R09: 0000000000000000 [ 702.473206][T13418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 702.473220][T13418] R13: 00007f76509b6038 R14: 00007f76509b5fa0 R15: 00007ffd14eb9108 [ 702.473250][T13418] [ 703.342453][T13428] binder: 13427:13428 unknown command 4294967282 [ 703.355441][T13428] binder: 13427:13428 ioctl c0306201 2000000000c0 returned -22 [ 703.532696][T13436] __vm_enough_memory: pid: 13436, comm: syz.0.1905, bytes: 4398046511104 not enough memory for the allocation [ 704.285541][ T5864] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 704.932603][T13453] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1910'. [ 706.594658][T13475] QAT: Stopping all acceleration devices. [ 706.922581][T13460] could not allocate digest TFM handle [ 708.119229][T13485] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1917'. [ 708.604933][T13482] could not allocate digest TFM handle [ 714.901191][T13521] __vm_enough_memory: pid: 13521, comm: syz.0.1923, bytes: 4398046511104 not enough memory for the allocation [ 715.210453][T13526] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1924'. [ 716.203411][T13538] FAULT_INJECTION: forcing a failure. [ 716.203411][T13538] name failslab, interval 1, probability 0, space 0, times 0 [ 716.260043][T13538] CPU: 0 UID: 0 PID: 13538 Comm: syz.1.1930 Not tainted syzkaller #0 PREEMPT(full) [ 716.260094][T13538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 716.260109][T13538] Call Trace: [ 716.260118][T13538] [ 716.260128][T13538] dump_stack_lvl+0x16c/0x1f0 [ 716.260165][T13538] should_fail_ex+0x512/0x640 [ 716.260199][T13538] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 716.260232][T13538] should_failslab+0xc2/0x120 [ 716.260264][T13538] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 716.260293][T13538] ? d_instantiate+0x77/0x90 [ 716.260324][T13538] ? alloc_empty_file+0x55/0x1e0 [ 716.260364][T13538] alloc_empty_file+0x55/0x1e0 [ 716.260401][T13538] alloc_file_pseudo+0x13a/0x230 [ 716.260439][T13538] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 716.260478][T13538] ? __pfx_unix_socketpair+0x10/0x10 [ 716.260516][T13538] sock_alloc_file+0x50/0x210 [ 716.260552][T13538] __sys_socketpair+0x31c/0x5a0 [ 716.260580][T13538] ? __pfx___sys_socketpair+0x10/0x10 [ 716.260609][T13538] ? xfd_validate_state+0x61/0x180 [ 716.260645][T13538] ? getname_flags.part.0+0x1c5/0x550 [ 716.260688][T13538] __x64_sys_socketpair+0x96/0x100 [ 716.260714][T13538] ? lockdep_hardirqs_on+0x7c/0x110 [ 716.260755][T13538] do_syscall_64+0xcd/0x490 [ 716.260791][T13538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.260814][T13538] RIP: 0033:0x7f3522b8ebe9 [ 716.260831][T13538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 716.260854][T13538] RSP: 002b:00007f35239ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 716.260875][T13538] RAX: ffffffffffffffda RBX: 00007f3522db5fa0 RCX: 00007f3522b8ebe9 [ 716.260889][T13538] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 716.260903][T13538] RBP: 00007f3522c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 716.260916][T13538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.260929][T13538] R13: 00007f3522db6038 R14: 00007f3522db5fa0 R15: 00007ffd08251118 [ 716.260964][T13538] [ 716.481386][T13541] netlink: 'syz.3.1929': attribute type 1 has an invalid length. [ 717.201410][T13549] [U]  [ 717.204237][T13549] [U] [ 717.206963][T13549] [U] [ 717.209668][T13549] [U] [ 717.331423][T13549] [U] [ 717.334169][T13549] [U] [ 717.336888][T13549] [U] [ 717.339601][T13549] [U] [ 717.365014][T13554] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1933'. [ 717.463345][T13549] [U] [ 717.466107][T13549] [U] [ 717.468821][T13549] [U] [ 717.471559][T13549] [U] [ 717.524208][T13554] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 717.554104][T13554] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 717.600185][T13549] [U] [ 717.602937][T13549] [U] [ 717.605647][T13549] [U] [ 717.608356][T13549] [U] [ 717.620478][T13554] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 717.627968][T13554] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 717.650411][T13549] [U] [ 717.653173][T13549] [U] [ 717.655922][T13549] [U] [ 717.658660][T13549] [U] [ 717.679866][T13549] [U] [ 717.682600][T13549] [U] [ 717.685303][T13549] [U] [ 717.688008][T13549] [U] [ 717.776165][T13549] [U] [ 717.778932][T13549] [U] [ 717.781636][T13549] [U] [ 717.784338][T13549] [U] [ 717.841988][T13549] [U] [ 719.405203][T13580] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input22 [ 719.500127][ T5219] ERROR: Out of memory at tomoyo_memory_ok. [ 720.499655][T13589] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 720.533369][T13589] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 720.574981][T13589] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 720.631295][T13589] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 721.070959][T13589] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 721.863693][T13610] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input23 [ 722.538243][ T5864] Bluetooth: hci1: command 0x0406 tx timeout [ 722.544362][ T5864] Bluetooth: hci0: command 0x0406 tx timeout [ 722.618242][ T5864] Bluetooth: hci2: command 0x0406 tx timeout [ 723.003380][T13617] __vm_enough_memory: pid: 13617, comm: syz.1.1950, bytes: 4398046511104 not enough memory for the allocation [ 723.098484][ T5864] Bluetooth: hci3: command 0x0406 tx timeout [ 724.704793][ T5864] Bluetooth: hci2: command 0x0406 tx timeout [ 726.140292][T13648] FAULT_INJECTION: forcing a failure. [ 726.140292][T13648] name failslab, interval 1, probability 0, space 0, times 0 [ 726.187016][T13648] CPU: 0 UID: 0 PID: 13648 Comm: syz.2.1957 Not tainted syzkaller #0 PREEMPT(full) [ 726.187049][T13648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 726.187064][T13648] Call Trace: [ 726.187076][T13648] [ 726.187085][T13648] dump_stack_lvl+0x16c/0x1f0 [ 726.187122][T13648] should_fail_ex+0x512/0x640 [ 726.187157][T13648] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 726.187190][T13648] should_failslab+0xc2/0x120 [ 726.187221][T13648] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 726.187250][T13648] ? __pmd_alloc+0xbf/0x930 [ 726.187290][T13648] __pmd_alloc+0xbf/0x930 [ 726.187323][T13648] ? __pud_alloc+0x526/0x750 [ 726.187360][T13648] __handle_mm_fault+0xa06/0x2a50 [ 726.187393][T13648] ? __pfx___handle_mm_fault+0x10/0x10 [ 726.187443][T13648] handle_mm_fault+0x589/0xd10 [ 726.187473][T13648] __get_user_pages+0x551/0x34a0 [ 726.187515][T13648] ? __pfx_validate_mm+0x10/0x10 [ 726.187544][T13648] ? __pfx___get_user_pages+0x10/0x10 [ 726.187588][T13648] get_user_pages_remote+0x243/0xab0 [ 726.187630][T13648] ? __pfx_get_user_pages_remote+0x10/0x10 [ 726.187665][T13648] ? __pfx_vma_link+0x10/0x10 [ 726.187702][T13648] get_arg_page+0xf4/0x310 [ 726.187727][T13648] ? __pfx_get_arg_page+0x10/0x10 [ 726.187755][T13648] ? up_write+0x1b2/0x520 [ 726.187813][T13648] copy_string_kernel+0x182/0x520 [ 726.187847][T13648] do_execveat_common.isra.0+0x2ed/0x610 [ 726.187889][T13648] __x64_sys_execve+0x8e/0xb0 [ 726.187919][T13648] do_syscall_64+0xcd/0x490 [ 726.187955][T13648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.187980][T13648] RIP: 0033:0x7f765078ebe9 [ 726.187999][T13648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 726.188023][T13648] RSP: 002b:00007f765155b038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 726.188047][T13648] RAX: ffffffffffffffda RBX: 00007f76509b5fa0 RCX: 00007f765078ebe9 [ 726.188063][T13648] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 726.188080][T13648] RBP: 00007f7650811e19 R08: 0000000000000000 R09: 0000000000000000 [ 726.188095][T13648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 726.188110][T13648] R13: 00007f76509b6038 R14: 00007f76509b5fa0 R15: 00007ffd14eb9108 [ 726.188140][T13648] [ 726.968817][T13654] ACPI: Can not change Invalid GPE/Fixed Event status [ 727.142297][T13656] sysfs_service_op_show: Client not running :-5: [ 728.191924][T13673] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1964'. [ 728.445171][T13680] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1964'. [ 731.512787][T13686] erspan0: entered allmulticast mode [ 731.642778][T13686] usbip-vudc usbip-vudc.0: gadget not bound [ 734.931819][T13722] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1973'. [ 735.046048][T13726] ACPI: Can not change Invalid GPE/Fixed Event status [ 735.251524][T13728] netlink: 93 bytes leftover after parsing attributes in process `syz.3.1973'. [ 740.172383][T13763] usb usb36: usbfs: process 13763 (syz.3.1979) did not claim interface 0 before use [ 742.259402][T13751] kexec: Could not allocate control_code_buffer [ 745.552658][ T5864] Bluetooth: hci1: unexpected subevent 0x12 length: 123 > 5 [ 745.582810][T13800] Invalid ELF header magic: != ELF [ 746.817406][T13818] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1990'. [ 746.957304][T13818] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 746.965063][T13818] IPv6: NLM_F_CREATE should be set when creating new route [ 746.972363][T13818] IPv6: NLM_F_CREATE should be set when creating new route [ 747.238464][T13815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1988'. [ 747.283382][T13822] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1990'. [ 747.758587][T13829] netlink: 'syz.0.1992': attribute type 15 has an invalid length. [ 747.804513][T13829] netlink: 252 bytes leftover after parsing attributes in process `syz.0.1992'. [ 747.902503][T13831] netlink: 'syz.0.1992': attribute type 15 has an invalid length. [ 747.942546][T13831] netlink: 252 bytes leftover after parsing attributes in process `syz.0.1992'. [ 748.504956][ T30] audit: type=1804 audit(4294967354.080:24): pid=13843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1995" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=1062 res=1 errno=0 [ 748.972781][T13841] zswap: compressor not available [ 749.521224][T13856] FAULT_INJECTION: forcing a failure. [ 749.521224][T13856] name failslab, interval 1, probability 0, space 0, times 0 [ 749.659542][T13856] CPU: 0 UID: 0 PID: 13856 Comm: syz.2.1997 Not tainted syzkaller #0 PREEMPT(full) [ 749.659574][T13856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 749.659587][T13856] Call Trace: [ 749.659595][T13856] [ 749.659604][T13856] dump_stack_lvl+0x16c/0x1f0 [ 749.659637][T13856] should_fail_ex+0x512/0x640 [ 749.659669][T13856] ? fs_reclaim_acquire+0xae/0x150 [ 749.659706][T13856] should_failslab+0xc2/0x120 [ 749.659738][T13856] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 749.659765][T13856] ? security_inode_alloc+0x3b/0x2b0 [ 749.659794][T13856] security_inode_alloc+0x3b/0x2b0 [ 749.659839][T13856] inode_init_always_gfp+0xce4/0x1030 [ 749.659885][T13856] alloc_inode+0x86/0x240 [ 749.659917][T13856] path_from_stashed+0x25b/0x750 [ 749.659942][T13856] ? do_raw_spin_unlock+0x172/0x230 [ 749.659981][T13856] ns_get_path+0x5f/0x80 [ 749.660005][T13856] proc_ns_get_link+0x121/0x230 [ 749.660033][T13856] ? __pfx_proc_ns_get_link+0x10/0x10 [ 749.660062][T13856] ? atime_needs_update+0x8b/0x710 [ 749.660097][T13856] ? __pfx_proc_ns_get_link+0x10/0x10 [ 749.660125][T13856] step_into+0x1a2c/0x2270 [ 749.660153][T13856] ? __pfx_step_into+0x10/0x10 [ 749.660174][T13856] ? find_held_lock+0x2b/0x80 [ 749.660204][T13856] path_openat+0x6db/0x2cb0 [ 749.660238][T13856] ? __pfx_path_openat+0x10/0x10 [ 749.660271][T13856] do_filp_open+0x20b/0x470 [ 749.660298][T13856] ? __pfx_do_filp_open+0x10/0x10 [ 749.660348][T13856] ? alloc_fd+0x471/0x7d0 [ 749.660379][T13856] do_sys_openat2+0x11b/0x1d0 [ 749.660414][T13856] ? __pfx_do_sys_openat2+0x10/0x10 [ 749.660459][T13856] __x64_sys_openat+0x174/0x210 [ 749.660494][T13856] ? __pfx___x64_sys_openat+0x10/0x10 [ 749.660540][T13856] do_syscall_64+0xcd/0x490 [ 749.660572][T13856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.660594][T13856] RIP: 0033:0x7f765078d550 [ 749.660611][T13856] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 749.660644][T13856] RSP: 002b:00007f7651539f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 749.660664][T13856] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f765078d550 [ 749.660677][T13856] RDX: 0000000000000002 RSI: 00007f7651539fa0 RDI: 00000000ffffff9c [ 749.660691][T13856] RBP: 00007f7651539fa0 R08: 0000000000000000 R09: 0000000000000000 [ 749.660704][T13856] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 749.660716][T13856] R13: 00007f76509b6128 R14: 00007f76509b6090 R15: 00007ffd14eb9108 [ 749.660742][T13856] [ 750.669252][T13863] FAULT_INJECTION: forcing a failure. [ 750.669252][T13863] name failslab, interval 1, probability 0, space 0, times 0 [ 750.703816][T13863] CPU: 0 UID: 0 PID: 13863 Comm: syz.0.2000 Not tainted syzkaller #0 PREEMPT(full) [ 750.703848][T13863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 750.703863][T13863] Call Trace: [ 750.703873][T13863] [ 750.703883][T13863] dump_stack_lvl+0x16c/0x1f0 [ 750.703923][T13863] should_fail_ex+0x512/0x640 [ 750.703960][T13863] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 750.703992][T13863] should_failslab+0xc2/0x120 [ 750.704025][T13863] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 750.704053][T13863] ? __asan_memcpy+0x3c/0x60 [ 750.704081][T13863] ? __kernfs_new_node+0xd2/0x8e0 [ 750.704116][T13863] __kernfs_new_node+0xd2/0x8e0 [ 750.704153][T13863] ? __pfx___kernfs_new_node+0x10/0x10 [ 750.704198][T13863] ? find_held_lock+0x2b/0x80 [ 750.704282][T13863] ? kernfs_root+0xee/0x2a0 [ 750.704318][T13863] kernfs_new_node+0x13c/0x1e0 [ 750.704374][T13863] __kernfs_create_file+0x53/0x350 [ 750.704402][T13863] cgroup_addrm_files+0x546/0xc20 [ 750.704458][T13863] ? __pfx_cgroup_addrm_files+0x10/0x10 [ 750.704514][T13863] ? idr_replace+0xfa/0x170 [ 750.704542][T13863] ? __pfx_idr_replace+0x10/0x10 [ 750.704575][T13863] css_populate_dir+0x169/0x580 [ 750.704605][T13863] cgroup_apply_control_enable+0x3f3/0xbb0 [ 750.704652][T13863] cgroup_mkdir+0x5e7/0x11f0 [ 750.704693][T13863] ? __pfx_cgroup_mkdir+0x10/0x10 [ 750.704738][T13863] kernfs_iop_mkdir+0x10e/0x190 [ 750.704771][T13863] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 750.704805][T13863] vfs_mkdir+0x590/0x8c0 [ 750.704831][T13863] do_mkdirat+0x304/0x3e0 [ 750.704872][T13863] ? __pfx_do_mkdirat+0x10/0x10 [ 750.704906][T13863] ? getname_flags.part.0+0x1c5/0x550 [ 750.704948][T13863] __x64_sys_mkdir+0xef/0x140 [ 750.704977][T13863] do_syscall_64+0xcd/0x490 [ 750.705016][T13863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 750.705040][T13863] RIP: 0033:0x7f3c7b18ebe9 [ 750.705059][T13863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 750.705082][T13863] RSP: 002b:00007f3c7bf9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 750.705103][T13863] RAX: ffffffffffffffda RBX: 00007f3c7b3b5fa0 RCX: 00007f3c7b18ebe9 [ 750.705119][T13863] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 750.705134][T13863] RBP: 00007f3c7b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 750.705152][T13863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 750.705167][T13863] R13: 00007f3c7b3b6038 R14: 00007f3c7b3b5fa0 R15: 00007ffdc2ecf408 [ 750.705197][T13863] [ 750.705341][T13863] cgroup: cgroup_addrm_files: failed to add stat, err=-12 [ 751.288145][T13860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78002 [ 751.323806][T13860] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 751.343024][T13860] memcg:ffff888076635701 [ 751.357793][T13860] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 751.377256][T13860] page_type: f5(slab) [ 751.386884][T13860] raw: 00fff00000000040 ffff88801b84b000 0000000000000000 dead000000000001 [ 751.440186][T13860] raw: 0000000000000000 0000000000100010 00000000f5000000 ffff888076635701 [ 751.510514][T13860] head: 00fff00000000040 ffff88801b84b000 0000000000000000 dead000000000001 [ 751.539350][T13860] head: 0000000000000000 0000000000100010 00000000f5000000 ffff888076635701 [ 751.562822][T13860] head: 00fff00000000001 ffffea0001e00081 00000000ffffffff 00000000ffffffff [ 751.608778][T13860] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 751.651017][T13860] page dumped because: unmovable page [ 751.680967][T13860] page_owner tracks the page as allocated [ 751.691525][ T5216] ERROR: Out of memory at tomoyo_memory_ok. [ 751.724896][T13860] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5871, tgid 5871 (syz-executor), ts 97412636526, free_ts 97281443579 [ 751.854526][T13860] post_alloc_hook+0x1c0/0x230 [ 751.873089][T13860] get_page_from_freelist+0x132b/0x38e0 [ 751.897027][T13860] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 751.932477][T13860] alloc_pages_mpol+0x1fb/0x550 [ 751.954253][T13860] new_slab+0x247/0x330 [ 751.971612][T13860] ___slab_alloc+0xcf2/0x1740 [ 751.988277][T13860] __slab_alloc.constprop.0+0x56/0xb0 [ 752.014831][T13860] __kmalloc_cache_noprof+0xfb/0x3e0 [ 752.039270][T13860] alloc_netdev_mqs+0xe58/0x1530 [ 752.059247][T13860] rtnl_create_link+0xc08/0xf90 [ 752.064223][T13860] rtnl_newlink+0xb69/0x2000 [ 752.098870][T13860] rtnetlink_rcv_msg+0x95b/0xe90 [ 752.126228][T13860] netlink_rcv_skb+0x155/0x420 [ 752.156575][T13860] netlink_unicast+0x5aa/0x870 [ 752.172511][T13860] netlink_sendmsg+0x8d1/0xdd0 [ 752.197679][T13860] __sys_sendto+0x4a0/0x520 [ 752.212609][T13860] page last free pid 5865 tgid 5865 stack trace: [ 752.243004][T13860] __free_frozen_pages+0x7d5/0x10f0 [ 752.308554][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.323478][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.366157][T13860] __put_partials+0x165/0x1c0 [ 752.495689][T13860] qlist_free_all+0x4d/0x120 [ 752.514811][T13860] kasan_quarantine_reduce+0x195/0x1e0 [ 752.667747][T13860] __kasan_slab_alloc+0x69/0x90 [ 752.689494][T13860] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 752.792773][T13860] __kernfs_new_node+0xd2/0x8e0 [ 752.876659][T13860] kernfs_new_node+0x13c/0x1e0 [ 752.888331][T13860] __kernfs_create_file+0x53/0x350 [ 752.917155][T13860] sysfs_add_file_mode_ns+0x207/0x3c0 [ 752.934241][T13860] internal_create_group+0x578/0xf30 [ 752.960840][T13860] internal_create_groups+0x9d/0x150 [ 752.981093][T13860] device_add+0x77f/0x1aa0 [ 752.998793][T13860] netdev_register_kobject+0x1a9/0x3d0 [ 753.118191][T13860] register_netdevice+0x13dc/0x2270 [ 753.258624][T13860] macsec_newlink+0x512/0x1d70 [ 754.355996][T13886] blktrace: Concurrent blktraces are not allowed on ram4 [ 755.628763][T13907] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 755.840088][T13890] sp0: Synchronizing with TNC [ 756.873880][T13922] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2013'. [ 756.949850][T13924] netlink: 354 bytes leftover after parsing attributes in process `syz.1.2013'. [ 760.589167][T13943] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 760.596588][T13943] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 763.502547][T13964] input: f as /devices/virtual/input/input24 [ 763.574862][ T5219] ERROR: Out of memory at tomoyo_memory_ok. [ 764.079285][T13961] bond0: Unable to set peer notification delay as MII monitoring is disabled [ 774.589266][T14029] random: crng reseeded on system resumption [ 776.234467][T14052] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 776.601899][ T5864] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 778.835518][T14074] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2047'. [ 778.852651][T14075] random: crng reseeded on system resumption [ 778.970476][T14074] vlan1: left allmulticast mode [ 779.020630][T14074] veth0_vlan: left allmulticast mode [ 779.041146][T14074] vlan1: left promiscuous mode [ 779.061772][T14074] bridge0: port 3(vlan1) entered disabled state [ 779.159140][T14074] bridge_slave_1: left allmulticast mode [ 779.202007][T14074] bridge_slave_1: left promiscuous mode [ 779.223116][T14074] bridge0: port 2(bridge_slave_1) entered disabled state [ 779.313820][T14074] bridge_slave_0: left allmulticast mode [ 779.338878][T14074] bridge_slave_0: left promiscuous mode [ 779.379545][T14074] bridge0: port 1(bridge_slave_0) entered disabled state [ 782.204794][T14090] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 785.071440][T14133] ERROR: Out of memory at tomoyo_memory_ok. [ 795.322972][T14221] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 795.354326][T14221] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 795.381630][T14221] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 795.406949][T14221] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 795.673663][T14220] ERROR: Out of memory at tomoyo_memory_ok. [ 797.187414][ T5864] Bluetooth: hci0: command 0x0406 tx timeout [ 797.419578][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 797.425667][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 797.432336][ T5864] Bluetooth: hci3: command 0x0406 tx timeout [ 797.991353][T14258] FAULT_INJECTION: forcing a failure. [ 797.991353][T14258] name failslab, interval 1, probability 0, space 0, times 0 [ 798.171073][T14258] CPU: 0 UID: 0 PID: 14258 Comm: syz.0.2088 Not tainted syzkaller #0 PREEMPT(full) [ 798.171114][T14258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 798.171129][T14258] Call Trace: [ 798.171139][T14258] [ 798.171149][T14258] dump_stack_lvl+0x16c/0x1f0 [ 798.171186][T14258] should_fail_ex+0x512/0x640 [ 798.171221][T14258] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 798.171258][T14258] should_failslab+0xc2/0x120 [ 798.171291][T14258] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 798.171325][T14258] ? kstrdup_const+0x63/0x80 [ 798.171359][T14258] kstrdup+0x53/0x100 [ 798.171389][T14258] kstrdup_const+0x63/0x80 [ 798.171419][T14258] __kernfs_new_node+0x9b/0x8e0 [ 798.171454][T14258] ? __pfx___kernfs_new_node+0x10/0x10 [ 798.171493][T14258] ? find_held_lock+0x2b/0x80 [ 798.171519][T14258] ? kernfs_root+0xee/0x2a0 [ 798.171555][T14258] kernfs_new_node+0x13c/0x1e0 [ 798.171596][T14258] __kernfs_create_file+0x53/0x350 [ 798.171624][T14258] cgroup_addrm_files+0x546/0xc20 [ 798.171673][T14258] ? __pfx_cgroup_addrm_files+0x10/0x10 [ 798.171726][T14258] ? idr_replace+0xfa/0x170 [ 798.171756][T14258] ? __pfx_idr_replace+0x10/0x10 [ 798.171795][T14258] css_populate_dir+0x169/0x580 [ 798.171827][T14258] cgroup_apply_control_enable+0x3f3/0xbb0 [ 798.171875][T14258] cgroup_mkdir+0x5e7/0x11f0 [ 798.171917][T14258] ? __pfx_cgroup_mkdir+0x10/0x10 [ 798.171957][T14258] kernfs_iop_mkdir+0x10e/0x190 [ 798.171990][T14258] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 798.172031][T14258] vfs_mkdir+0x590/0x8c0 [ 798.172058][T14258] do_mkdirat+0x304/0x3e0 [ 798.172096][T14258] ? __pfx_do_mkdirat+0x10/0x10 [ 798.172129][T14258] ? getname_flags.part.0+0x1c5/0x550 [ 798.172171][T14258] __x64_sys_mkdir+0xef/0x140 [ 798.172202][T14258] do_syscall_64+0xcd/0x490 [ 798.172238][T14258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 798.172263][T14258] RIP: 0033:0x7f3c7b18ebe9 [ 798.172283][T14258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 798.172308][T14258] RSP: 002b:00007f3c7bf9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 798.172332][T14258] RAX: ffffffffffffffda RBX: 00007f3c7b3b5fa0 RCX: 00007f3c7b18ebe9 [ 798.172349][T14258] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 798.172364][T14258] RBP: 00007f3c7b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 798.172379][T14258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 798.172394][T14258] R13: 00007f3c7b3b6038 R14: 00007f3c7b3b5fa0 R15: 00007ffdc2ecf408 [ 798.172426][T14258] [ 798.172459][T14258] cgroup: cgroup_addrm_files: failed to add usage_all, err=-12 [ 798.657561][T14238] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2083'. [ 798.676922][T14238] : left promiscuous mode [ 798.687336][T14238] bond_slave_0: left promiscuous mode [ 798.707813][T14238] bond_slave_1: left promiscuous mode [ 798.723885][T14238] : entered allmulticast mode [ 798.738233][T14238] bond_slave_0: entered allmulticast mode [ 798.749269][T14238] bond_slave_1: entered allmulticast mode [ 798.767513][T14238] 8021q: adding VLAN 0 to HW filter on device  [ 804.585044][T14294] ima: policy update failed [ 804.659303][ T30] audit: type=1802 audit(4294967410.239:25): pid=14294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2094" res=0 errno=0 [ 806.072356][T14310] random: crng reseeded on system resumption [ 807.446185][T14305] Restarting kernel threads ... [ 807.500666][T14305] Done restarting kernel threads. [ 809.717524][T14340] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2105'. [ 809.738237][ C0] sd 0:0:1:0: [sda] tag#4069 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 809.748792][ C0] sd 0:0:1:0: [sda] tag#4069 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00 [ 810.985773][T14349] sd 0:0:1:0: PR command failed: 1026 [ 811.339833][T14349] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 811.401904][T14349] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 813.741062][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.788100][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.735959][T14369] FAULT_INJECTION: forcing a failure. [ 814.735959][T14369] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 814.881533][T14369] CPU: 0 UID: 0 PID: 14369 Comm: syz.3.2111 Not tainted syzkaller #0 PREEMPT(full) [ 814.881567][T14369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 814.881583][T14369] Call Trace: [ 814.881592][T14369] [ 814.881601][T14369] dump_stack_lvl+0x16c/0x1f0 [ 814.881640][T14369] should_fail_ex+0x512/0x640 [ 814.881679][T14369] should_fail_alloc_page+0xe7/0x130 [ 814.881718][T14369] prepare_alloc_pages+0x3c2/0x610 [ 814.881760][T14369] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 814.881790][T14369] ? stack_trace_save+0x8e/0xc0 [ 814.881818][T14369] ? __pfx_stack_trace_save+0x10/0x10 [ 814.881844][T14369] ? rcu_is_watching+0x12/0xc0 [ 814.881869][T14369] ? stack_depot_save_flags+0x29/0x9c0 [ 814.881910][T14369] ? kasan_save_stack+0x42/0x60 [ 814.881937][T14369] ? kasan_save_stack+0x33/0x60 [ 814.881963][T14369] ? kasan_save_track+0x14/0x30 [ 814.881991][T14369] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 814.882020][T14369] ? walk_pgd_range+0x88b/0x1f50 [ 814.882049][T14369] ? walk_page_range_mm+0x461/0xb40 [ 814.882078][T14369] ? madvise_walk_vmas+0x31f/0x9c0 [ 814.882111][T14369] ? madvise_do_behavior+0x1e2/0x530 [ 814.882145][T14369] ? do_madvise+0x176/0x240 [ 814.882178][T14369] ? __x64_sys_madvise+0xa9/0x110 [ 814.882211][T14369] ? do_syscall_64+0xcd/0x490 [ 814.882243][T14369] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 814.882280][T14369] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 814.882326][T14369] ? policy_nodemask+0xea/0x4e0 [ 814.882362][T14369] alloc_pages_mpol+0x1fb/0x550 [ 814.882397][T14369] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 814.882438][T14369] alloc_pages_noprof+0x131/0x390 [ 814.882472][T14369] pte_alloc_one+0x1c/0x3a0 [ 814.882499][T14369] __pte_alloc+0x6d/0x3c0 [ 814.882532][T14369] ? __pfx___pte_alloc+0x10/0x10 [ 814.882566][T14369] ? _raw_spin_unlock+0x28/0x50 [ 814.882593][T14369] ? __pmd_alloc+0x3fb/0x930 [ 814.882632][T14369] walk_pgd_range+0xb84/0x1f50 [ 814.882665][T14369] ? __pfx_guard_install_set_pte+0x10/0x10 [ 814.882698][T14369] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 814.882733][T14369] ? __pfx_guard_install_set_pte+0x10/0x10 [ 814.882770][T14369] ? __pfx_guard_install_set_pte+0x10/0x10 [ 814.882804][T14369] ? __pfx_guard_install_set_pte+0x10/0x10 [ 814.882838][T14369] ? __pfx_walk_pgd_range+0x10/0x10 [ 814.882877][T14369] __walk_page_range+0x163/0x820 [ 814.882910][T14369] ? find_vma+0xbf/0x140 [ 814.882942][T14369] ? __pfx_find_vma+0x10/0x10 [ 814.882977][T14369] ? walk_page_test+0x9b/0x180 [ 814.883008][T14369] walk_page_range_mm+0x461/0xb40 [ 814.883043][T14369] ? __pfx_walk_page_range_mm+0x10/0x10 [ 814.883082][T14369] ? __anon_vma_prepare+0x2e2/0x5e0 [ 814.883113][T14369] madvise_vma_behavior+0xa62/0x2d60 [ 814.883152][T14369] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 814.883186][T14369] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 814.883225][T14369] ? __pfx_mas_prev+0x10/0x10 [ 814.883264][T14369] ? find_vma_prev+0xda/0x160 [ 814.883297][T14369] ? find_held_lock+0x2b/0x80 [ 814.883328][T14369] ? __pfx_find_vma_prev+0x10/0x10 [ 814.883364][T14369] ? futex_unqueue+0x133/0x2c0 [ 814.883402][T14369] ? __futex_wait+0x24c/0x2f0 [ 814.883443][T14369] madvise_walk_vmas+0x31f/0x9c0 [ 814.883484][T14369] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 814.883529][T14369] madvise_do_behavior+0x1e2/0x530 [ 814.883564][T14369] ? futex_private_hash_put+0x18a/0x300 [ 814.883594][T14369] ? __pfx_madvise_do_behavior+0x10/0x10 [ 814.883631][T14369] ? down_read+0x13d/0x480 [ 814.883681][T14369] do_madvise+0x176/0x240 [ 814.883715][T14369] ? __pfx_do_madvise+0x10/0x10 [ 814.883749][T14369] ? do_futex+0x122/0x350 [ 814.883799][T14369] ? xfd_validate_state+0x61/0x180 [ 814.883834][T14369] ? __pfx_ksys_write+0x10/0x10 [ 814.883869][T14369] __x64_sys_madvise+0xa9/0x110 [ 814.883904][T14369] ? lockdep_hardirqs_on+0x7c/0x110 [ 814.883935][T14369] do_syscall_64+0xcd/0x490 [ 814.883970][T14369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 814.883995][T14369] RIP: 0033:0x7fd70218ebe9 [ 814.884014][T14369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 814.884039][T14369] RSP: 002b:00007fd702fd6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 814.884061][T14369] RAX: ffffffffffffffda RBX: 00007fd7023b5fa0 RCX: 00007fd70218ebe9 [ 814.884078][T14369] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 814.884093][T14369] RBP: 00007fd702211e19 R08: 0000000000000000 R09: 0000000000000000 [ 814.884108][T14369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 814.884123][T14369] R13: 00007fd7023b6038 R14: 00007fd7023b5fa0 R15: 00007ffc8c879e98 [ 814.884154][T14369] [ 816.059674][ T30] audit: type=1800 audit(4294967421.319:26): pid=14374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2111" name="features" dev="configfs" ino=49990 res=0 errno=0 [ 817.691952][T14386] random: crng reseeded on system resumption [ 820.273770][T14408] FAULT_INJECTION: forcing a failure. [ 820.273770][T14408] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 820.410566][T14408] CPU: 0 UID: 0 PID: 14408 Comm: syz.2.2119 Not tainted syzkaller #0 PREEMPT(full) [ 820.410604][T14408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 820.410620][T14408] Call Trace: [ 820.410629][T14408] [ 820.410645][T14408] dump_stack_lvl+0x16c/0x1f0 [ 820.410732][T14408] should_fail_ex+0x512/0x640 [ 820.410775][T14408] should_fail_alloc_page+0xe7/0x130 [ 820.410818][T14408] prepare_alloc_pages+0x3c2/0x610 [ 820.410859][T14408] ? mas_ascend+0x4f6/0x900 [ 820.410899][T14408] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 820.410931][T14408] ? find_held_lock+0x2b/0x80 [ 820.410956][T14408] ? mm_drop_all_locks+0x395/0x4c0 [ 820.410990][T14408] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 820.411026][T14408] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 820.411063][T14408] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 820.411116][T14408] ? mm_drop_all_locks+0x395/0x4c0 [ 820.411146][T14408] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 820.411189][T14408] ? policy_nodemask+0xea/0x4e0 [ 820.411224][T14408] alloc_pages_mpol+0x1fb/0x550 [ 820.411258][T14408] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 820.411302][T14408] alloc_pages_noprof+0x131/0x390 [ 820.411336][T14408] kvm_coalesced_mmio_init+0x1a/0x170 [ 820.411369][T14408] kvm_dev_ioctl+0xe82/0x1af0 [ 820.411398][T14408] ? find_held_lock+0x2b/0x80 [ 820.411421][T14408] ? hook_file_ioctl_common+0x145/0x410 [ 820.411455][T14408] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 820.411483][T14408] ? __fget_files+0x20e/0x3c0 [ 820.411514][T14408] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 820.411541][T14408] __x64_sys_ioctl+0x18e/0x210 [ 820.411585][T14408] do_syscall_64+0xcd/0x490 [ 820.411624][T14408] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.411652][T14408] RIP: 0033:0x7f765078ebe9 [ 820.411671][T14408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 820.411702][T14408] RSP: 002b:00007f765153a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 820.411729][T14408] RAX: ffffffffffffffda RBX: 00007f76509b6090 RCX: 00007f765078ebe9 [ 820.411746][T14408] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000004 [ 820.411761][T14408] RBP: 00007f7650811e19 R08: 0000000000000000 R09: 0000000000000000 [ 820.411776][T14408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 820.411791][T14408] R13: 00007f76509b6128 R14: 00007f76509b6090 R15: 00007ffd14eb9108 [ 820.411821][T14408] [ 820.982287][T14407] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2118'. [ 821.018576][T14407] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode [ 821.575716][T14420] __vm_enough_memory: pid: 14420, comm: syz.1.2122, bytes: 4398046511104 not enough memory for the allocation [ 826.489186][T14461] WARNING! power/level is deprecated; use power/control instead [ 826.552729][T14461] ICMPv6: process `syz.2.2132' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 827.081157][T14475] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2136'. [ 829.089959][T14494] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1) [ 830.539647][T14494] ERROR: Out of memory at tomoyo_memory_ok. [ 832.365747][T14477] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 833.913316][T14526] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 834.074425][ T5219] ERROR: Out of memory at tomoyo_memory_ok. [ 834.482464][T14517] raw_sendmsg: syz.1.2145 forgot to set AF_INET. Fix it! [ 838.191628][T14550] kexec: Could not allocate control_code_buffer [ 839.242299][T14580] random: crng reseeded on system resumption [ 839.257621][T14581] FAULT_INJECTION: forcing a failure. [ 839.257621][T14581] name failslab, interval 1, probability 0, space 0, times 0 [ 839.344215][T14581] CPU: 0 UID: 0 PID: 14581 Comm: syz.0.2158 Not tainted syzkaller #0 PREEMPT(full) [ 839.344248][T14581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 839.344264][T14581] Call Trace: [ 839.344273][T14581] [ 839.344283][T14581] dump_stack_lvl+0x16c/0x1f0 [ 839.344320][T14581] should_fail_ex+0x512/0x640 [ 839.344354][T14581] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 839.344387][T14581] should_failslab+0xc2/0x120 [ 839.344420][T14581] __kmalloc_cache_node_noprof+0x6d/0x420 [ 839.344449][T14581] ? alloc_shrinker_info+0x18c/0x470 [ 839.344481][T14581] ? kasan_save_track+0x14/0x30 [ 839.344512][T14581] alloc_shrinker_info+0x18c/0x470 [ 839.344552][T14581] mem_cgroup_css_online+0x217/0x640 [ 839.344592][T14581] ? __pfx_mem_cgroup_css_online+0x10/0x10 [ 839.344633][T14581] online_css+0xb2/0x350 [ 839.344666][T14581] cgroup_apply_control_enable+0x702/0xbb0 [ 839.344724][T14581] cgroup_mkdir+0x5e7/0x11f0 [ 839.344767][T14581] ? __pfx_cgroup_mkdir+0x10/0x10 [ 839.344806][T14581] kernfs_iop_mkdir+0x10e/0x190 [ 839.344842][T14581] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 839.344876][T14581] vfs_mkdir+0x590/0x8c0 [ 839.344903][T14581] do_mkdirat+0x304/0x3e0 [ 839.344940][T14581] ? __pfx_do_mkdirat+0x10/0x10 [ 839.344973][T14581] ? getname_flags.part.0+0x1c5/0x550 [ 839.345019][T14581] __x64_sys_mkdir+0xef/0x140 [ 839.345050][T14581] do_syscall_64+0xcd/0x490 [ 839.345086][T14581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 839.345111][T14581] RIP: 0033:0x7f3c7b18ebe9 [ 839.345130][T14581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 839.345155][T14581] RSP: 002b:00007f3c7bf9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 839.345190][T14581] RAX: ffffffffffffffda RBX: 00007f3c7b3b5fa0 RCX: 00007f3c7b18ebe9 [ 839.345206][T14581] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 839.345221][T14581] RBP: 00007f3c7b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 839.345236][T14581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 839.345250][T14581] R13: 00007f3c7b3b6038 R14: 00007f3c7b3b5fa0 R15: 00007ffdc2ecf408 [ 839.345280][T14581] [ 839.640500][T14548] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 844.983229][T14608] FAULT_INJECTION: forcing a failure. [ 844.983229][T14608] name failslab, interval 1, probability 0, space 0, times 0 [ 845.048202][T14608] CPU: 0 UID: 0 PID: 14608 Comm: syz.0.2170 Not tainted syzkaller #0 PREEMPT(full) [ 845.048248][T14608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 845.048262][T14608] Call Trace: [ 845.048270][T14608] [ 845.048279][T14608] dump_stack_lvl+0x16c/0x1f0 [ 845.048313][T14608] should_fail_ex+0x512/0x640 [ 845.048345][T14608] ? fs_reclaim_acquire+0xae/0x150 [ 845.048393][T14608] ? security_inode_init_security+0x13f/0x390 [ 845.048427][T14608] should_failslab+0xc2/0x120 [ 845.048472][T14608] __kmalloc_noprof+0xd2/0x510 [ 845.048504][T14608] security_inode_init_security+0x13f/0x390 [ 845.048542][T14608] ? __pfx_shmem_initxattrs+0x10/0x10 [ 845.048575][T14608] ? __pfx_security_inode_init_security+0x10/0x10 [ 845.048612][T14608] ? shmem_get_inode+0x73a/0xfb0 [ 845.048651][T14608] shmem_symlink+0x135/0x9f0 [ 845.048681][T14608] ? __pfx_shmem_symlink+0x10/0x10 [ 845.048707][T14608] ? bpf_lsm_inode_permission+0x9/0x10 [ 845.048740][T14608] ? security_inode_permission+0xbf/0x260 [ 845.048769][T14608] ? inode_permission+0x156/0x630 [ 845.048806][T14608] vfs_symlink+0x403/0x680 [ 845.048830][T14608] do_symlinkat+0x261/0x310 [ 845.048860][T14608] ? __pfx_do_symlinkat+0x10/0x10 [ 845.048888][T14608] ? getname_flags.part.0+0x1c5/0x550 [ 845.048928][T14608] __x64_sys_symlink+0x75/0x90 [ 845.048958][T14608] do_syscall_64+0xcd/0x490 [ 845.048990][T14608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 845.049012][T14608] RIP: 0033:0x7f3c7b18ebe9 [ 845.049029][T14608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 845.049057][T14608] RSP: 002b:00007f3c7bf9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 845.049078][T14608] RAX: ffffffffffffffda RBX: 00007f3c7b3b5fa0 RCX: 00007f3c7b18ebe9 [ 845.049093][T14608] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180 [ 845.049107][T14608] RBP: 00007f3c7b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 845.049121][T14608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 845.049134][T14608] R13: 00007f3c7b3b6038 R14: 00007f3c7b3b5fa0 R15: 00007ffdc2ecf408 [ 845.049161][T14608] [ 849.537841][T14644] bond0: option all_slaves_active: invalid value () [ 852.472517][T14671] zero sized request [ 854.284734][T14674] FAULT_INJECTION: forcing a failure. [ 854.284734][T14674] name failslab, interval 1, probability 0, space 0, times 0 [ 854.391948][T14674] CPU: 0 UID: 0 PID: 14674 Comm: syz.2.2176 Not tainted syzkaller #0 PREEMPT(full) [ 854.391977][T14674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 854.391991][T14674] Call Trace: [ 854.391999][T14674] [ 854.392008][T14674] dump_stack_lvl+0x16c/0x1f0 [ 854.392046][T14674] should_fail_ex+0x512/0x640 [ 854.392079][T14674] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 854.392110][T14674] should_failslab+0xc2/0x120 [ 854.392140][T14674] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 854.392168][T14674] ? sock_alloc_inode+0x25/0x1c0 [ 854.392228][T14674] ? __pfx_sock_alloc_inode+0x10/0x10 [ 854.392275][T14674] sock_alloc_inode+0x25/0x1c0 [ 854.392308][T14674] alloc_inode+0x64/0x240 [ 854.392341][T14674] sock_alloc+0x40/0x280 [ 854.392393][T14674] sock_create_lite+0x82/0x120 [ 854.392430][T14674] __netlink_kernel_create+0xbd/0x750 [ 854.392466][T14674] ? __pfx___netlink_kernel_create+0x10/0x10 [ 854.392508][T14674] uevent_net_init+0xf8/0x350 [ 854.392545][T14674] ? __pfx_uevent_net_init+0x10/0x10 [ 854.392583][T14674] ? __pfx_uevent_net_rcv+0x10/0x10 [ 854.392628][T14674] ? __pfx_uevent_net_init+0x10/0x10 [ 854.392663][T14674] ops_init+0x1e2/0x5f0 [ 854.392699][T14674] setup_net+0x10f/0x380 [ 854.392733][T14674] ? lockdep_init_map_type+0x5c/0x280 [ 854.392767][T14674] ? __pfx_setup_net+0x10/0x10 [ 854.392801][T14674] ? debug_mutex_init+0x37/0x70 [ 854.392827][T14674] copy_net_ns+0x2a6/0x5f0 [ 854.392867][T14674] create_new_namespaces+0x3ea/0xa90 [ 854.392901][T14674] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 854.392931][T14674] ksys_unshare+0x45b/0xa40 [ 854.392964][T14674] ? __pfx_ksys_unshare+0x10/0x10 [ 854.392997][T14674] ? xfd_validate_state+0x61/0x180 [ 854.393046][T14674] __x64_sys_unshare+0x31/0x40 [ 854.393078][T14674] do_syscall_64+0xcd/0x490 [ 854.393124][T14674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 854.393147][T14674] RIP: 0033:0x7f765078ebe9 [ 854.393165][T14674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 854.393186][T14674] RSP: 002b:00007f765155b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 854.393207][T14674] RAX: ffffffffffffffda RBX: 00007f76509b5fa0 RCX: 00007f765078ebe9 [ 854.393223][T14674] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 854.393236][T14674] RBP: 00007f7650811e19 R08: 0000000000000000 R09: 0000000000000000 [ 854.393250][T14674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 854.393264][T14674] R13: 00007f76509b6038 R14: 00007f76509b5fa0 R15: 00007ffd14eb9108 [ 854.393292][T14674] [ 854.393319][T14674] kobject_uevent: unable to create netlink socket! [ 855.125611][T14689] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2180'. [ 855.160508][T14689] netlink: 'syz.1.2180': attribute type 1 has an invalid length. [ 855.214262][T14689] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2180'. [ 857.944776][T14731] FAULT_INJECTION: forcing a failure. [ 857.944776][T14731] name failslab, interval 1, probability 0, space 0, times 0 [ 857.986461][T14732] bond0: option all_slaves_active: invalid value () [ 858.013142][T14731] CPU: 0 UID: 0 PID: 14731 Comm: syz.1.2190 Not tainted syzkaller #0 PREEMPT(full) [ 858.013172][T14731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 858.013186][T14731] Call Trace: [ 858.013193][T14731] [ 858.013202][T14731] dump_stack_lvl+0x16c/0x1f0 [ 858.013236][T14731] should_fail_ex+0x512/0x640 [ 858.013268][T14731] ? fs_reclaim_acquire+0xae/0x150 [ 858.013304][T14731] ? tomoyo_encode2+0x100/0x3e0 [ 858.013336][T14731] should_failslab+0xc2/0x120 [ 858.013365][T14731] __kmalloc_noprof+0xd2/0x510 [ 858.013391][T14731] ? d_absolute_path+0x136/0x1a0 [ 858.013428][T14731] tomoyo_encode2+0x100/0x3e0 [ 858.013463][T14731] tomoyo_encode+0x29/0x50 [ 858.013494][T14731] tomoyo_realpath_from_path+0x18f/0x6e0 [ 858.013535][T14731] tomoyo_mount_acl+0x1ae/0x850 [ 858.013564][T14731] ? bpf_ksym_find+0x124/0x1c0 [ 858.013587][T14731] ? is_bpf_text_address+0x94/0x1a0 [ 858.013617][T14731] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 858.013646][T14731] ? __kernel_text_address+0xd/0x40 [ 858.013666][T14731] ? unwind_get_return_address+0x59/0xa0 [ 858.013700][T14731] ? arch_stack_walk+0xa6/0x100 [ 858.013750][T14731] ? tomoyo_domain+0xbb/0x150 [ 858.013769][T14731] ? tomoyo_profile+0x47/0x60 [ 858.013792][T14731] tomoyo_mount_permission+0x16d/0x420 [ 858.013821][T14731] ? tomoyo_mount_permission+0x14f/0x420 [ 858.013853][T14731] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 858.013899][T14731] security_sb_mount+0x9b/0x260 [ 858.013926][T14731] path_mount+0x15f/0x2000 [ 858.013959][T14731] ? __pfx_path_mount+0x10/0x10 [ 858.014000][T14731] ? kmem_cache_free+0x2d1/0x4d0 [ 858.014023][T14731] ? putname+0x154/0x1a0 [ 858.014054][T14731] ? putname+0x154/0x1a0 [ 858.014085][T14731] ? __x64_sys_mount+0x28d/0x310 [ 858.014110][T14731] __x64_sys_mount+0x28d/0x310 [ 858.014156][T14731] ? __pfx___x64_sys_mount+0x10/0x10 [ 858.014193][T14731] do_syscall_64+0xcd/0x490 [ 858.014226][T14731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 858.014248][T14731] RIP: 0033:0x7f3522b8ebe9 [ 858.014266][T14731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 858.014288][T14731] RSP: 002b:00007f35239ae038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 858.014309][T14731] RAX: ffffffffffffffda RBX: 00007f3522db5fa0 RCX: 00007f3522b8ebe9 [ 858.014323][T14731] RDX: 0000200000000140 RSI: 0000200000000080 RDI: 0000000000000000 [ 858.014338][T14731] RBP: 00007f3522c11e19 R08: 00002000000001c0 R09: 0000000000000000 [ 858.014352][T14731] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 858.014366][T14731] R13: 00007f3522db6038 R14: 00007f3522db5fa0 R15: 00007ffd08251118 [ 858.014394][T14731] [ 858.014432][T14731] ERROR: Out of memory at tomoyo_realpath_from_path. [ 860.318483][T14752] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input26 [ 860.694922][ T5219] ERROR: Out of memory at tomoyo_memory_ok. [ 866.537152][T14785] FAULT_INJECTION: forcing a failure. [ 866.537152][T14785] name failslab, interval 1, probability 0, space 0, times 0 [ 866.621429][T14785] CPU: 0 UID: 0 PID: 14785 Comm: syz.0.2200 Not tainted syzkaller #0 PREEMPT(full) [ 866.621462][T14785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 866.621477][T14785] Call Trace: [ 866.621485][T14785] [ 866.621495][T14785] dump_stack_lvl+0x16c/0x1f0 [ 866.621537][T14785] should_fail_ex+0x512/0x640 [ 866.621570][T14785] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 866.621602][T14785] should_failslab+0xc2/0x120 [ 866.621637][T14785] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 866.621665][T14785] ? __proc_create+0xc3/0x8e0 [ 866.621703][T14785] ? __proc_create+0x2ce/0x8e0 [ 866.621780][T14785] __proc_create+0x2ce/0x8e0 [ 866.621816][T14785] ? __pfx___proc_create+0x10/0x10 [ 866.621849][T14785] ? proc_register+0x30f/0x5f0 [ 866.621888][T14785] ? _raw_write_unlock+0x28/0x50 [ 866.621921][T14785] proc_create_reg+0x7d/0x180 [ 866.621960][T14785] proc_create_net_data+0x8e/0x1c0 [ 866.621997][T14785] ? __pfx_proc_create_net_data+0x10/0x10 [ 866.622034][T14785] ? __pfx___netlink_kernel_create+0x10/0x10 [ 866.622078][T14785] ? fib4_semantics_init+0x25/0x100 [ 866.622109][T14785] fib_proc_init+0xf4/0x1b0 [ 866.622158][T14785] fib_net_init+0x2af/0x3f0 [ 866.622191][T14785] ? __pfx___register_sysctl_table+0x10/0x10 [ 866.622227][T14785] ? __pfx_fib_net_init+0x10/0x10 [ 866.622261][T14785] ? lockdep_init_map_type+0x5c/0x280 [ 866.622295][T14785] ? __pfx_nl_fib_input+0x10/0x10 [ 866.622340][T14785] ? devinet_init_net+0x5c2/0x910 [ 866.622381][T14785] ? __pfx_fib_net_init+0x10/0x10 [ 866.622414][T14785] ops_init+0x1e2/0x5f0 [ 866.622451][T14785] setup_net+0x10f/0x380 [ 866.622482][T14785] ? lockdep_init_map_type+0x5c/0x280 [ 866.622515][T14785] ? __pfx_setup_net+0x10/0x10 [ 866.622550][T14785] ? debug_mutex_init+0x37/0x70 [ 866.622575][T14785] copy_net_ns+0x2a6/0x5f0 [ 866.622614][T14785] create_new_namespaces+0x3ea/0xa90 [ 866.622652][T14785] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 866.622682][T14785] ksys_unshare+0x45b/0xa40 [ 866.622722][T14785] ? __pfx_ksys_unshare+0x10/0x10 [ 866.622756][T14785] ? xfd_validate_state+0x61/0x180 [ 866.622801][T14785] __x64_sys_unshare+0x31/0x40 [ 866.622832][T14785] do_syscall_64+0xcd/0x490 [ 866.622868][T14785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 866.622892][T14785] RIP: 0033:0x7f3c7b18ebe9 [ 866.622911][T14785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 866.622935][T14785] RSP: 002b:00007f3c7bf9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 866.622957][T14785] RAX: ffffffffffffffda RBX: 00007f3c7b3b5fa0 RCX: 00007f3c7b18ebe9 [ 866.622973][T14785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 866.622987][T14785] RBP: 00007f3c7b211e19 R08: 0000000000000000 R09: 0000000000000000 [ 866.623002][T14785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 866.623016][T14785] R13: 00007f3c7b3b6038 R14: 00007f3c7b3b5fa0 R15: 00007ffdc2ecf408 [ 866.623045][T14785] [ 867.165334][T14779] zswap: compressor not available [ 867.173984][T14786] Setting dangerous option i915.mitigations - tainting kernel [ 867.916319][T14801] kernel profiling enabled (shift: 7) [ 869.220761][T14821] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2206'. [ 869.221513][T14821] netlink: 354 bytes leftover after parsing attributes in process `syz.1.2206'. [ 869.257386][T14823] ================================================================== [ 869.257402][T14823] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70 [ 869.257449][T14823] Read of size 2 at addr ffff88801e2e6592 by task syz.3.2207/14823 [ 869.257469][T14823] [ 869.257482][T14823] CPU: 0 UID: 0 PID: 14823 Comm: syz.3.2207 Tainted: G U syzkaller #0 PREEMPT(full) [ 869.257516][T14823] Tainted: [U]=USER [ 869.257524][T14823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 869.257539][T14823] Call Trace: [ 869.257547][T14823] [ 869.257556][T14823] dump_stack_lvl+0x116/0x1f0 [ 869.257588][T14823] print_report+0xcd/0x630 [ 869.257619][T14823] ? __virt_addr_valid+0x81/0x610 [ 869.257648][T14823] ? __phys_addr+0xe8/0x180 [ 869.257680][T14823] ? fbcon_prepare_logo+0xa03/0xc70 [ 869.257709][T14823] kasan_report+0xe0/0x110 [ 869.257739][T14823] ? fbcon_prepare_logo+0xa03/0xc70 [ 869.257773][T14823] kasan_check_range+0x100/0x1b0 [ 869.257808][T14823] __asan_memcpy+0x23/0x60 [ 869.257843][T14823] fbcon_prepare_logo+0xa03/0xc70 [ 869.257877][T14823] fbcon_init+0xd77/0x1900 [ 869.257906][T14823] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 869.257931][T14823] visual_init+0x320/0x620 [ 869.257955][T14823] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 869.257988][T14823] store_bind+0x61d/0x760 [ 869.258017][T14823] ? sysfs_file_kobj+0xe4/0x290 [ 869.258041][T14823] ? __pfx_store_bind+0x10/0x10 [ 869.258068][T14823] dev_attr_store+0x58/0x80 [ 869.258101][T14823] ? __pfx_dev_attr_store+0x10/0x10 [ 869.258136][T14823] sysfs_kf_write+0xf2/0x150 [ 869.258160][T14823] kernfs_fop_write_iter+0x354/0x510 [ 869.258199][T14823] ? __pfx_sysfs_kf_write+0x10/0x10 [ 869.258226][T14823] iter_file_splice_write+0xa24/0x12e0 [ 869.258260][T14823] ? __pfx_iter_file_splice_write+0x10/0x10 [ 869.258302][T14823] ? __pfx_copy_splice_read+0x10/0x10 [ 869.258330][T14823] ? __pfx_iter_file_splice_write+0x10/0x10 [ 869.258355][T14823] direct_splice_actor+0x18f/0x6c0 [ 869.258379][T14823] splice_direct_to_actor+0x345/0xa30 [ 869.258402][T14823] ? __pfx_direct_splice_actor+0x10/0x10 [ 869.258428][T14823] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 869.258461][T14823] do_splice_direct+0x174/0x240 [ 869.258483][T14823] ? __pfx_do_splice_direct+0x10/0x10 [ 869.258506][T14823] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 869.258530][T14823] ? rw_verify_area+0xcf/0x6c0 [ 869.258553][T14823] do_sendfile+0xb06/0xe50 [ 869.258580][T14823] ? __pfx_do_sendfile+0x10/0x10 [ 869.258603][T14823] ? __sys_sendmsg+0x18c/0x220 [ 869.258639][T14823] ? __x64_sys_futex+0x1e0/0x4c0 [ 869.258668][T14823] ? __x64_sys_futex+0x1e9/0x4c0 [ 869.258697][T14823] __x64_sys_sendfile64+0x1d8/0x220 [ 869.258730][T14823] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 869.258766][T14823] do_syscall_64+0xcd/0x490 [ 869.258799][T14823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 869.258823][T14823] RIP: 0033:0x7fd70218ebe9 [ 869.258840][T14823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 869.258863][T14823] RSP: 002b:00007fd702fd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 869.258884][T14823] RAX: ffffffffffffffda RBX: 00007fd7023b5fa0 RCX: 00007fd70218ebe9 [ 869.258900][T14823] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 869.258914][T14823] RBP: 00007fd702211e19 R08: 0000000000000000 R09: 0000000000000000 [ 869.258929][T14823] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 869.258943][T14823] R13: 00007fd7023b6038 R14: 00007fd7023b5fa0 R15: 00007ffc8c879e98 [ 869.258965][T14823] [ 869.258974][T14823] [ 869.258979][T14823] Allocated by task 14823: [ 869.258991][T14823] kasan_save_stack+0x33/0x60 [ 869.259016][T14823] kasan_save_track+0x14/0x30 [ 869.259040][T14823] __kasan_kmalloc+0xaa/0xb0 [ 869.259063][T14823] __kmalloc_noprof+0x223/0x510 [ 869.259087][T14823] kernfs_fop_write_iter+0x237/0x510 [ 869.259106][T14823] iter_file_splice_write+0xa24/0x12e0 [ 869.259129][T14823] direct_splice_actor+0x18f/0x6c0 [ 869.259151][T14823] splice_direct_to_actor+0x345/0xa30 [ 869.259172][T14823] do_splice_direct+0x174/0x240 [ 869.259192][T14823] do_sendfile+0xb06/0xe50 [ 869.259214][T14823] __x64_sys_sendfile64+0x1d8/0x220 [ 869.259243][T14823] do_syscall_64+0xcd/0x490 [ 869.259271][T14823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 869.259292][T14823] [ 869.259297][T14823] The buggy address belongs to the object at ffff88801e2e6580 [ 869.259297][T14823] which belongs to the cache kmalloc-8 of size 8 [ 869.259315][T14823] The buggy address is located 15 bytes to the right of [ 869.259315][T14823] allocated 3-byte region [ffff88801e2e6580, ffff88801e2e6583) [ 869.259356][T14823] [ 869.259363][T14823] The buggy address belongs to the physical page: [ 869.259374][T14823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e2e6 [ 869.259394][T14823] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 869.259413][T14823] page_type: f5(slab) [ 869.259433][T14823] raw: 00fff00000000000 ffff88801b841500 dead000000000122 0000000000000000 [ 869.259461][T14823] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 869.259475][T14823] page dumped because: kasan: bad access detected [ 869.259487][T14823] page_owner tracks the page as allocated [ 869.259495][T14823] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 14807, tgid 14803 (syz.1.2203), ts 867793482399, free_ts 867359845845 [ 869.259535][T14823] post_alloc_hook+0x1c0/0x230 [ 869.259560][T14823] get_page_from_freelist+0x132b/0x38e0 [ 869.259588][T14823] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 869.259615][T14823] alloc_pages_mpol+0x1fb/0x550 [ 869.259645][T14823] new_slab+0x247/0x330 [ 869.259664][T14823] ___slab_alloc+0xcf2/0x1740 [ 869.259684][T14823] __slab_alloc.constprop.0+0x56/0xb0 [ 869.259707][T14823] __kmalloc_node_track_caller_noprof+0x2ee/0x510 [ 869.259737][T14823] memdup_user+0x2a/0xe0 [ 869.259764][T14823] strndup_user+0x78/0xe0 [ 869.259791][T14823] __x64_sys_fsopen+0x9c/0x240 [ 869.259822][T14823] do_syscall_64+0xcd/0x490 [ 869.259852][T14823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 869.259875][T14823] page last free pid 5856 tgid 5856 stack trace: [ 869.259888][T14823] __free_frozen_pages+0x7d5/0x10f0 [ 869.259909][T14823] vfree+0x1fd/0xb50 [ 869.259942][T14823] delayed_vfree_work+0x56/0x70 [ 869.259979][T14823] process_one_work+0x9cf/0x1b70 [ 869.260015][T14823] worker_thread+0x6c8/0xf10 [ 869.260034][T14823] kthread+0x3c5/0x780 [ 869.260065][T14823] ret_from_fork+0x5d4/0x6f0 [ 869.260100][T14823] ret_from_fork_asm+0x1a/0x30 [ 869.260127][T14823] [ 869.260133][T14823] Memory state around the buggy address: [ 869.260144][T14823] ffff88801e2e6480: fa fc fc fc 05 fc fc fc 00 fc fc fc fa fc fc fc [ 869.260161][T14823] ffff88801e2e6500: 05 fc fc fc 00 fc fc fc fa fc fc fc fa fc fc fc [ 869.260178][T14823] >ffff88801e2e6580: 03 fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 869.260192][T14823] ^ [ 869.260204][T14823] ffff88801e2e6600: 04 fc fc fc 00 fc fc fc 00 fc fc fc 00 fc fc fc [ 869.260221][T14823] ffff88801e2e6680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 869.260253][T14823] ================================================================== [ 869.267937][ T5216] ERROR: Out of memory at tomoyo_memory_ok. [ 869.403349][T14823] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 869.403373][T14823] CPU: 0 UID: 0 PID: 14823 Comm: syz.3.2207 Tainted: G U syzkaller #0 PREEMPT(full) [ 869.403407][T14823] Tainted: [U]=USER [ 869.403416][T14823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 869.403431][T14823] Call Trace: [ 869.403439][T14823] [ 869.403449][T14823] dump_stack_lvl+0x3d/0x1f0 [ 869.403492][T14823] vpanic+0x6e8/0x7a0 [ 869.403529][T14823] ? __pfx_vpanic+0x10/0x10 [ 869.403566][T14823] ? fbcon_prepare_logo+0xa03/0xc70 [ 869.403597][T14823] panic+0xca/0xd0 [ 869.403629][T14823] ? __pfx_panic+0x10/0x10 [ 869.403663][T14823] ? fbcon_prepare_logo+0xa03/0xc70 [ 869.403696][T14823] ? preempt_schedule_common+0x44/0xc0 [ 869.403726][T14823] ? preempt_schedule_thunk+0x16/0x30 [ 869.403761][T14823] check_panic_on_warn+0xab/0xb0 [ 869.403797][T14823] end_report+0x107/0x170 [ 869.403828][T14823] kasan_report+0xee/0x110 [ 869.403859][T14823] ? fbcon_prepare_logo+0xa03/0xc70 [ 869.403892][T14823] kasan_check_range+0x100/0x1b0 [ 869.403928][T14823] __asan_memcpy+0x23/0x60 [ 869.403951][T14823] fbcon_prepare_logo+0xa03/0xc70 [ 869.403988][T14823] fbcon_init+0xd77/0x1900 [ 869.404018][T14823] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 869.404045][T14823] visual_init+0x320/0x620 [ 869.404070][T14823] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 869.404106][T14823] store_bind+0x61d/0x760 [ 869.404137][T14823] ? sysfs_file_kobj+0xe4/0x290 [ 869.404162][T14823] ? __pfx_store_bind+0x10/0x10 [ 869.404190][T14823] dev_attr_store+0x58/0x80 [ 869.404226][T14823] ? __pfx_dev_attr_store+0x10/0x10 [ 869.404262][T14823] sysfs_kf_write+0xf2/0x150 [ 869.404288][T14823] kernfs_fop_write_iter+0x354/0x510 [ 869.404310][T14823] ? __pfx_sysfs_kf_write+0x10/0x10 [ 869.404337][T14823] iter_file_splice_write+0xa24/0x12e0 [ 869.404372][T14823] ? __pfx_iter_file_splice_write+0x10/0x10 [ 869.404401][T14823] ? __pfx_copy_splice_read+0x10/0x10 [ 869.404443][T14823] ? __pfx_iter_file_splice_write+0x10/0x10 [ 869.404475][T14823] direct_splice_actor+0x18f/0x6c0 [ 869.404499][T14823] splice_direct_to_actor+0x345/0xa30 [ 869.404523][T14823] ? __pfx_direct_splice_actor+0x10/0x10 [ 869.404550][T14823] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 869.404577][T14823] do_splice_direct+0x174/0x240 [ 869.404600][T14823] ? __pfx_do_splice_direct+0x10/0x10 [ 869.404623][T14823] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 869.404647][T14823] ? rw_verify_area+0xcf/0x6c0 [ 869.404671][T14823] do_sendfile+0xb06/0xe50 [ 869.404697][T14823] ? __pfx_do_sendfile+0x10/0x10 [ 869.404720][T14823] ? __sys_sendmsg+0x18c/0x220 [ 869.404751][T14823] ? __x64_sys_futex+0x1e0/0x4c0 [ 869.404779][T14823] ? __x64_sys_futex+0x1e9/0x4c0 [ 869.404827][T14823] __x64_sys_sendfile64+0x1d8/0x220 [ 869.404860][T14823] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 869.404898][T14823] do_syscall_64+0xcd/0x490 [ 869.404931][T14823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 869.404955][T14823] RIP: 0033:0x7fd70218ebe9 [ 869.404974][T14823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 869.404998][T14823] RSP: 002b:00007fd702fd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 869.405022][T14823] RAX: ffffffffffffffda RBX: 00007fd7023b5fa0 RCX: 00007fd70218ebe9 [ 869.405038][T14823] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 869.405053][T14823] RBP: 00007fd702211e19 R08: 0000000000000000 R09: 0000000000000000 [ 869.405068][T14823] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 869.405083][T14823] R13: 00007fd7023b6038 R14: 00007fd7023b5fa0 R15: 00007ffc8c879e98 [ 869.405107][T14823] [ 869.405174][T14823] Kernel Offset: disabled