last executing test programs: 2m26.541081294s ago: executing program 0 (id=4694): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/kernel/sched_rr_timeslice_ms\x00', 0x242, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) socket$nl_generic(0x10, 0x3, 0x10) r1 = fanotify_init$auto(0x5, 0x0) fanotify_mark$auto(r1, 0x205, 0xa, 0x4, 0x0) fchown$auto(r0, 0x0, 0x0) 2m26.269926524s ago: executing program 0 (id=4697): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 2m25.189393907s ago: executing program 0 (id=4705): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x3, 0x6) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x204000, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bond_slave_0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r1], 0x1ac}}, 0x40001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m24.952860812s ago: executing program 0 (id=4708): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 2m24.283290162s ago: executing program 0 (id=4713): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) listen$auto(0x3, 0x81) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x7) 2m20.319335779s ago: executing program 0 (id=4733): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB="e00013"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}, 0x1, 0x0, 0xfffff000}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m19.523302735s ago: executing program 32 (id=4733): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB="e00013"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}, 0x1, 0x0, 0xfffff000}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.894001933s ago: executing program 4 (id=5453): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b0004"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\n\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002d"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.517478039s ago: executing program 2 (id=5455): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) socket(0xa, 0x3, 0x3a) io_uring_setup$auto(0x401, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pnp0/00:01/resources\x00', 0x101804, 0x0) 3.4765222s ago: executing program 4 (id=5456): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x4, 0x8000000000001, 0xffff}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r1, 0x8, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 3.144661467s ago: executing program 2 (id=5458): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x80000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 3.144193532s ago: executing program 4 (id=5466): unshare$auto(0x40000080) futex$auto(0x0, 0x85, 0x104, 0x0, 0x0, 0x7fffffff) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x82800, 0x0) mq_notify$auto(0x4, 0x0) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/mm/transparent_hugepage/khugepaged/scan_sleep_millisecs\x00', 0xa0582, 0x0) write$auto(r0, 0x0, 0x2b6) 3.120540252s ago: executing program 1 (id=5459): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x3, 0x6) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x80000000004, 0xfffffffffffffffd, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x800000000100002, 0x40000406, 0x1, 0xc, 0x0, 0x11, 0x6, 0x7}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:01/status\x00', 0x100, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.574036977s ago: executing program 1 (id=5460): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(0x0, 0x9, 0x0) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) fchown$auto(r0, 0xffffffffffffffff, 0x0) 2.5493321s ago: executing program 3 (id=5461): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0xf, 0xdfffffffffffffff, 0x69c9, 0x2, 0xbcc) 2.251359789s ago: executing program 3 (id=5462): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x208002, 0x0) r0 = socket(0x18, 0x2, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x240600, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x18, 0x5, 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x80487436, 0x0) 2.124149674s ago: executing program 2 (id=5463): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)={0x14, 0x0, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.114112761s ago: executing program 4 (id=5472): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) fcntl$auto(r0, 0x5, 0x3) 2.079970497s ago: executing program 1 (id=5464): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) rt_sigaction$auto(0x5, &(0x7f0000000140)={&(0x7f0000000040)=0x0, 0x9, 0x0, {0x81}}, 0x0, 0x8) bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x9, "cc00000008f0ffffff000100"}, 0x6b) r0 = gettid() socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) ioperm$auto(0xefdd, 0x4, 0xfffffffa) rt_sigqueueinfo$auto(r0, 0x1, 0x0) 1.961689328s ago: executing program 3 (id=5465): close_range$auto(0x2, 0xfffffffffffff000, 0x2) bpf$auto(0x8000000000000020, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x9, 0x21e9, 0x7ff, 0x3, 0x100000000, 0xb, 0x2e, 0x0, 0x3}, 0x6f4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xf) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) 1.833440121s ago: executing program 4 (id=5467): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r0, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x100, 0x0) 1.739185857s ago: executing program 2 (id=5468): socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='@', @ANYRES16, @ANYBLOB="1b0026bd7400fddbdf250300000004"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x3, 0x0) 1.591260988s ago: executing program 1 (id=5469): mmap$auto(0x0, 0x2020009, 0x2000000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xc) 1.591166984s ago: executing program 3 (id=5470): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) 1.46591903s ago: executing program 2 (id=5471): sendmsg$auto_MACSEC_CMD_DEL_TXSA(0xffffffffffffffff, 0x0, 0x40094) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) read$auto(0x3, 0x0, 0xf34) close_range$auto(0x2, 0x8000, 0x0) open(0x0, 0xa22c0, 0x155) socket(0x11, 0x80003, 0x3ff) setsockopt$auto(r0, 0x107, 0xe, 0x0, 0x6) 1.274783948s ago: executing program 3 (id=5473): unshare$auto(0x40000080) futex$auto(0x0, 0x85, 0x104, 0x0, 0x0, 0x7fffffff) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x82800, 0x0) mq_notify$auto(0x4, 0x0) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/mm/transparent_hugepage/khugepaged/scan_sleep_millisecs\x00', 0xa0582, 0x0) write$auto(r0, 0x0, 0x2b6) 1.215520586s ago: executing program 1 (id=5474): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x80000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 924.453993ms ago: executing program 4 (id=5475): unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r0, 0x0, 0x6) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/dummy0/stable_secret\x00', 0x100, 0x0) read$auto(r2, 0x0, 0x7) 249.684882ms ago: executing program 3 (id=5476): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 249.575047ms ago: executing program 2 (id=5477): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x11, 0x5, 0x10300) socket(0x11, 0x80003, 0x300) madvise$auto(0x0, 0xffffffffffff0002, 0x2) mmap$auto(0x1, 0x9, 0xc, 0x8100000000000010, 0x401, 0x300000000000) landlock_restrict_self$auto(0x5, 0x1b7) madvise$auto(0x0, 0xffffffffffff0001, 0x9) mlockall$auto(0x3) 0s ago: executing program 1 (id=5478): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/smaps\x00', 0xc0000, 0x0) open(&(0x7f0000000100)='.\x00', 0x591083, 0x408) socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r0) kernel console output (not intermixed with test programs): page_alloc, interval 1, probability 0, space 0, times 0 [ 725.447880][T18397] CPU: 1 UID: 0 PID: 18397 Comm: syz.1.4862 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 725.447919][T18397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 725.447934][T18397] Call Trace: [ 725.447942][T18397] [ 725.447951][T18397] dump_stack_lvl+0x16c/0x1f0 [ 725.447989][T18397] should_fail_ex+0x512/0x640 [ 725.448028][T18397] should_fail_alloc_page+0xe7/0x130 [ 725.448061][T18397] prepare_alloc_pages+0x3c2/0x610 [ 725.448099][T18397] ? rcu_is_watching+0x12/0xc0 [ 725.448124][T18397] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 725.448156][T18397] ? is_bpf_text_address+0x94/0x1a0 [ 725.448186][T18397] ? kernel_text_address+0x8d/0x100 [ 725.448225][T18397] ? __kernel_text_address+0xd/0x40 [ 725.448276][T18397] ? unwind_get_return_address+0x59/0xa0 [ 725.448304][T18397] ? arch_stack_walk+0xa6/0x100 [ 725.448336][T18397] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 725.448374][T18397] ? stack_depot_save_flags+0x28/0xa50 [ 725.448410][T18397] ? stack_trace_save+0x8e/0xc0 [ 725.448435][T18397] ? __pfx_stack_trace_save+0x10/0x10 [ 725.448462][T18397] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 725.448497][T18397] ? policy_nodemask+0xea/0x4e0 [ 725.448529][T18397] alloc_pages_mpol+0x1fb/0x550 [ 725.448560][T18397] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 725.448598][T18397] alloc_pages_noprof+0x131/0x390 [ 725.448628][T18397] kimage_alloc_pages+0x75/0x300 [ 725.448666][T18397] kimage_alloc_control_pages+0x15d/0x910 [ 725.448709][T18397] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 725.448754][T18397] do_kexec_load+0x480/0x8d0 [ 725.448793][T18397] ? __pfx_do_kexec_load+0x10/0x10 [ 725.448832][T18397] ? _copy_from_user+0x59/0xd0 [ 725.448872][T18397] __x64_sys_kexec_load+0x1bf/0x230 [ 725.448917][T18397] do_syscall_64+0xcd/0x230 [ 725.448953][T18397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.448979][T18397] RIP: 0033:0x7ff5f9b8e969 [ 725.448998][T18397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 725.449022][T18397] RSP: 002b:00007ff5faa45038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 725.449046][T18397] RAX: ffffffffffffffda RBX: 00007ff5f9db5fa0 RCX: 00007ff5f9b8e969 [ 725.449062][T18397] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005 [ 725.449077][T18397] RBP: 00007ff5f9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 725.449093][T18397] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 725.449108][T18397] R13: 0000000000000000 R14: 00007ff5f9db5fa0 R15: 00007ffe19058ca8 [ 725.449138][T18397] [ 725.769536][T18397] kexec: Could not allocate control_code_buffer [ 726.214787][T18408] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 726.316185][T18408] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 726.376265][T18408] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 726.463681][T18408] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 727.270120][T18427] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4871'. [ 727.491612][T18425] FAULT_INJECTION: forcing a failure. [ 727.491612][T18425] name failslab, interval 1, probability 0, space 0, times 0 [ 727.548866][T18430] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4872'. [ 727.565217][T18432] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4873'. [ 727.588470][T18425] CPU: 1 UID: 0 PID: 18425 Comm: syz.1.4870 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 727.588506][T18425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 727.588521][T18425] Call Trace: [ 727.588529][T18425] [ 727.588538][T18425] dump_stack_lvl+0x16c/0x1f0 [ 727.588581][T18425] should_fail_ex+0x512/0x640 [ 727.588615][T18425] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 727.588647][T18425] should_failslab+0xc2/0x120 [ 727.588678][T18425] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 727.588706][T18425] ? sock_alloc_inode+0x25/0x1c0 [ 727.588751][T18425] ? __pfx_sock_alloc_inode+0x10/0x10 [ 727.588782][T18425] sock_alloc_inode+0x25/0x1c0 [ 727.588814][T18425] alloc_inode+0x61/0x240 [ 727.588845][T18425] sock_alloc+0x40/0x280 [ 727.588876][T18425] __sock_create+0xc1/0x8d0 [ 727.588916][T18425] __sys_socket+0x14d/0x260 [ 727.588952][T18425] ? __pfx___sys_socket+0x10/0x10 [ 727.588989][T18425] ? rcu_is_watching+0x12/0xc0 [ 727.589017][T18425] __x64_sys_socket+0x72/0xb0 [ 727.589052][T18425] ? lockdep_hardirqs_on+0x7c/0x110 [ 727.589084][T18425] do_syscall_64+0xcd/0x230 [ 727.589126][T18425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.589151][T18425] RIP: 0033:0x7ff5f9b8e969 [ 727.589171][T18425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.589195][T18425] RSP: 002b:00007ff5faa45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 727.589218][T18425] RAX: ffffffffffffffda RBX: 00007ff5f9db5fa0 RCX: 00007ff5f9b8e969 [ 727.589234][T18425] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 000000000000002c [ 727.589249][T18425] RBP: 00007ff5f9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 727.589264][T18425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 727.589279][T18425] R13: 0000000000000000 R14: 00007ff5f9db5fa0 R15: 00007ffe19058ca8 [ 727.589308][T18425] [ 727.589319][T18425] net_ratelimit: 20 callbacks suppressed [ 727.589332][T18425] socket: no more sockets [ 727.854234][T18434] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4874'. [ 727.870532][T18432] netlink: 214 bytes leftover after parsing attributes in process `syz.2.4873'. [ 727.895193][T18432] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 727.904379][T18432] IPv6: NLM_F_CREATE should be set when creating new route [ 727.913162][T18432] IPv6: NLM_F_CREATE should be set when creating new route [ 727.921856][T18432] IPv6: NLM_F_CREATE should be set when creating new route [ 728.755351][T18447] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 728.869500][T18447] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 728.900912][T18449] netlink: 266 bytes leftover after parsing attributes in process `syz.4.4880'. [ 728.967260][T18449] IPv6: NLM_F_CREATE should be specified when creating new route [ 728.981695][T18447] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 729.102447][T18447] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 729.397552][T18459] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4884'. [ 729.414700][T18454] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 729.482745][T18459] IPv6: NLM_F_CREATE should be specified when creating new route [ 729.526397][T18459] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 729.535162][T18459] IPv6: NLM_F_CREATE should be set when creating new route [ 729.543835][T18459] IPv6: NLM_F_CREATE should be set when creating new route [ 729.559761][T18454] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 729.642217][T18454] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 729.765061][T18454] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 730.032882][T18465] netlink: 146 bytes leftover after parsing attributes in process `syz.4.4887'. [ 730.327408][T18470] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 730.457427][T18470] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 730.514181][ T55] Bluetooth: hci0: unexpected event 0x05 length: 440 > 4 [ 730.555589][T18470] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 730.746656][T18470] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 731.041582][T18481] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 731.235377][T18481] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 731.321108][T18487] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4896'. [ 731.347418][T18481] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 731.495118][T18481] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 731.917453][T18497] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 732.045261][T18497] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 732.137154][T18497] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 732.266947][T18497] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 732.350247][T18500] FAULT_INJECTION: forcing a failure. [ 732.350247][T18500] name failslab, interval 1, probability 0, space 0, times 0 [ 732.450912][T18508] FAULT_INJECTION: forcing a failure. [ 732.450912][T18508] name failslab, interval 1, probability 0, space 0, times 0 [ 732.498237][T18500] CPU: 1 UID: 0 PID: 18500 Comm: syz.2.4900 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 732.498273][T18500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 732.498288][T18500] Call Trace: [ 732.498297][T18500] [ 732.498306][T18500] dump_stack_lvl+0x16c/0x1f0 [ 732.498346][T18500] should_fail_ex+0x512/0x640 [ 732.498382][T18500] ? fs_reclaim_acquire+0xae/0x150 [ 732.498422][T18500] should_failslab+0xc2/0x120 [ 732.498452][T18500] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 732.498481][T18500] ? security_inode_alloc+0x3b/0x2b0 [ 732.498512][T18500] security_inode_alloc+0x3b/0x2b0 [ 732.498539][T18500] inode_init_always_gfp+0xce4/0x1030 [ 732.498584][T18500] alloc_inode+0x86/0x240 [ 732.498614][T18500] new_inode+0x22/0x1c0 [ 732.498646][T18500] proc_pid_make_inode+0x22/0x160 [ 732.498687][T18500] proc_pident_instantiate+0x85/0x320 [ 732.498743][T18500] proc_pident_lookup+0x21d/0x290 [ 732.498789][T18500] __lookup_slow+0x24e/0x460 [ 732.498827][T18500] ? __pfx___lookup_slow+0x10/0x10 [ 732.498876][T18500] ? lookup_fast+0x156/0x610 [ 732.498915][T18500] walk_component+0x353/0x5b0 [ 732.498953][T18500] link_path_walk.part.0.constprop.0+0x685/0xd60 [ 732.499002][T18500] path_openat+0x227/0x2d40 [ 732.499022][T18500] ? __x64_sys_openat+0x174/0x210 [ 732.499065][T18500] ? __pfx_path_openat+0x10/0x10 [ 732.499095][T18500] do_filp_open+0x20b/0x470 [ 732.499118][T18500] ? __pfx_do_filp_open+0x10/0x10 [ 732.499151][T18500] ? __pfx_kfree_link+0x10/0x10 [ 732.499190][T18500] ? alloc_fd+0x471/0x7d0 [ 732.499234][T18500] do_sys_openat2+0x11b/0x1d0 [ 732.499265][T18500] ? __pfx_do_sys_openat2+0x10/0x10 [ 732.499298][T18500] ? find_held_lock+0x2b/0x80 [ 732.499328][T18500] __x64_sys_openat+0x174/0x210 [ 732.499360][T18500] ? __pfx___x64_sys_openat+0x10/0x10 [ 732.499394][T18500] ? rcu_is_watching+0x12/0xc0 [ 732.499424][T18500] do_syscall_64+0xcd/0x230 [ 732.499459][T18500] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 732.499484][T18500] RIP: 0033:0x7f2e09b8d2d0 [ 732.499503][T18500] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 732.499527][T18500] RSP: 002b:00007f2e0aa07f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 732.499549][T18500] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f2e09b8d2d0 [ 732.499565][T18500] RDX: 0000000000000002 RSI: 00007f2e0aa07fa0 RDI: 00000000ffffff9c [ 732.499580][T18500] RBP: 00007f2e0aa07fa0 R08: 0000000000000000 R09: 0000000000000000 [ 732.499595][T18500] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 732.499610][T18500] R13: 0000000000000000 R14: 00007f2e09db5fa0 R15: 00007fff6cb64f78 [ 732.499639][T18500] [ 732.837866][T18509] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 732.856917][T18509] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 732.873369][T18509] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 732.893816][T18509] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 733.155212][T18508] CPU: 1 UID: 0 PID: 18508 Comm: syz.1.4902 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 733.155251][T18508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 733.155266][T18508] Call Trace: [ 733.155274][T18508] [ 733.155284][T18508] dump_stack_lvl+0x16c/0x1f0 [ 733.155323][T18508] should_fail_ex+0x512/0x640 [ 733.155359][T18508] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 733.155403][T18508] should_failslab+0xc2/0x120 [ 733.155434][T18508] __kmalloc_cache_noprof+0x6a/0x3e0 [ 733.155474][T18508] ? ima_calc_file_hash_tfm+0x29f/0x3d0 [ 733.155519][T18508] ima_calc_file_hash_tfm+0x29f/0x3d0 [ 733.155561][T18508] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 733.155634][T18508] ? stack_trace_save+0x8e/0xc0 [ 733.155662][T18508] ? ima_alloc_tfm+0x21a/0x2e0 [ 733.155698][T18508] ? generic_fillattr+0x6bf/0x940 [ 733.155730][T18508] ima_calc_file_hash+0x1ba/0x490 [ 733.155783][T18508] ima_collect_measurement+0x897/0xa40 [ 733.155817][T18508] ? __pfx_ima_collect_measurement+0x10/0x10 [ 733.155859][T18508] ? trace_contention_end+0xdd/0x130 [ 733.155894][T18508] ? __mutex_lock+0x1ca/0xb90 [ 733.155928][T18508] ? is_bad_inode+0xd/0x40 [ 733.155962][T18508] ? xattr_resolve_name+0x27b/0x3f0 [ 733.156004][T18508] ? vfs_getxattr_alloc+0xec/0x340 [ 733.156049][T18508] ? ima_get_hash_algo+0x27c/0x400 [ 733.156083][T18508] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 733.156124][T18508] ? process_measurement+0x11fa/0x23e0 [ 733.156160][T18508] process_measurement+0x11fa/0x23e0 [ 733.156207][T18508] ? __pfx_process_measurement+0x10/0x10 [ 733.156242][T18508] ? __lock_acquire+0x5ca/0x1ba0 [ 733.156276][T18508] ? init_file+0x93/0x4c0 [ 733.156302][T18508] ? alloc_empty_file+0x73/0x1e0 [ 733.156332][T18508] ? hugetlb_file_setup+0x4cd/0x620 [ 733.156363][T18508] ? ksys_mmap_pgoff+0x189/0x5c0 [ 733.156397][T18508] ? __x64_sys_mmap+0x125/0x190 [ 733.156462][T18508] ima_file_mmap+0x1b1/0x1d0 [ 733.156498][T18508] ? __pfx_ima_file_mmap+0x10/0x10 [ 733.156542][T18508] security_mmap_file+0x88c/0x990 [ 733.156579][T18508] vm_mmap_pgoff+0xec/0x450 [ 733.156618][T18508] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 733.156652][T18508] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 733.156685][T18508] ? hugetlbfs_get_inode+0x31f/0x730 [ 733.156724][T18508] ksys_mmap_pgoff+0x1c8/0x5c0 [ 733.156766][T18508] ? rcu_is_watching+0x12/0xc0 [ 733.156792][T18508] __x64_sys_mmap+0x125/0x190 [ 733.156819][T18508] do_syscall_64+0xcd/0x230 [ 733.156856][T18508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 733.156881][T18508] RIP: 0033:0x7ff5f9b8e969 [ 733.156901][T18508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 733.156926][T18508] RSP: 002b:00007ff5faa45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 733.156948][T18508] RAX: ffffffffffffffda RBX: 00007ff5f9db5fa0 RCX: 00007ff5f9b8e969 [ 733.156964][T18508] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 733.156980][T18508] RBP: 00007ff5f9c10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 733.156996][T18508] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 733.157011][T18508] R13: 0000000000000000 R14: 00007ff5f9db5fa0 R15: 00007ffe19058ca8 [ 733.157042][T18508] [ 733.552956][ T30] audit: type=1800 audit(4294967761.388:14): pid=18508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4902" name="anon_hugepage" dev="hugetlbfs" ino=65595 res=0 errno=0 [ 733.766703][T18519] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4906'. [ 734.555830][T18533] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 734.595893][T18536] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4910'. [ 734.654975][T18536] netlink: 25 bytes leftover after parsing attributes in process `syz.2.4910'. [ 734.677101][T18533] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 734.777795][T18533] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 734.915138][T18533] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 735.120824][T18541] FAULT_INJECTION: forcing a failure. [ 735.120824][T18541] name failslab, interval 1, probability 0, space 0, times 0 [ 735.171761][T18541] CPU: 1 UID: 0 PID: 18541 Comm: syz.1.4912 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 735.171798][T18541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 735.171815][T18541] Call Trace: [ 735.171823][T18541] [ 735.171833][T18541] dump_stack_lvl+0x16c/0x1f0 [ 735.171872][T18541] should_fail_ex+0x512/0x640 [ 735.171906][T18541] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 735.171938][T18541] should_failslab+0xc2/0x120 [ 735.171969][T18541] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 735.171995][T18541] ? tipc_node_find+0x2dc/0x500 [ 735.172021][T18541] ? __d_alloc+0x31/0xaa0 [ 735.172050][T18541] __d_alloc+0x31/0xaa0 [ 735.172073][T18541] ? __pfx_tipc_node_find+0x10/0x10 [ 735.172102][T18541] d_alloc_pseudo+0x1c/0xc0 [ 735.172135][T18541] alloc_file_pseudo+0xcf/0x230 [ 735.172168][T18541] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 735.172200][T18541] ? tipc_sk_finish_conn+0x580/0x790 [ 735.172242][T18541] sock_alloc_file+0x50/0x210 [ 735.172274][T18541] __sys_socketpair+0x31c/0x5a0 [ 735.172313][T18541] ? __pfx___sys_socketpair+0x10/0x10 [ 735.172352][T18541] ? xfd_validate_state+0x5d/0x180 [ 735.172394][T18541] ? rcu_is_watching+0x12/0xc0 [ 735.172421][T18541] __x64_sys_socketpair+0x96/0x100 [ 735.172458][T18541] ? lockdep_hardirqs_on+0x7c/0x110 [ 735.172490][T18541] do_syscall_64+0xcd/0x230 [ 735.172526][T18541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 735.172551][T18541] RIP: 0033:0x7ff5f9b8e969 [ 735.172570][T18541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 735.172595][T18541] RSP: 002b:00007ff5faa45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 735.172627][T18541] RAX: ffffffffffffffda RBX: 00007ff5f9db5fa0 RCX: 00007ff5f9b8e969 [ 735.172643][T18541] RDX: 8000000000000000 RSI: 0000000000000004 RDI: 000000000000001e [ 735.172658][T18541] RBP: 00007ff5f9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 735.172672][T18541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 735.172687][T18541] R13: 0000000000000000 R14: 00007ff5f9db5fa0 R15: 00007ffe19058ca8 [ 735.172716][T18541] [ 736.048381][T18548] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4915'. [ 736.554756][T18550] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4916'. [ 736.624795][T18550] IPv6: Can't replace route, no match found [ 737.162844][T18558] sp0: Synchronizing with TNC [ 738.423434][T18579] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4927'. [ 738.643006][T18584] netlink: 'syz.1.4929': attribute type 5 has an invalid length. [ 738.679183][T18584] netlink: 314 bytes leftover after parsing attributes in process `syz.1.4929'. [ 738.901398][T18575] Process accounting paused [ 739.108032][T18591] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4932'. [ 739.150991][T18586] binder: 18585:18586 ioctl c018620c 0 returned -1 [ 740.315726][T18618] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4942'. [ 740.400040][T18618] netlink: 'syz.1.4942': attribute type 3 has an invalid length. [ 740.437039][T18610] FAULT_INJECTION: forcing a failure. [ 740.437039][T18610] name failslab, interval 1, probability 0, space 0, times 0 [ 740.483077][T18618] netlink: 150 bytes leftover after parsing attributes in process `syz.1.4942'. [ 740.544446][T18610] CPU: 1 UID: 0 PID: 18610 Comm: syz.3.4939 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 740.544483][T18610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 740.544499][T18610] Call Trace: [ 740.544507][T18610] [ 740.544517][T18610] dump_stack_lvl+0x16c/0x1f0 [ 740.544555][T18610] should_fail_ex+0x512/0x640 [ 740.544590][T18610] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 740.544638][T18610] should_failslab+0xc2/0x120 [ 740.544668][T18610] __kmalloc_cache_noprof+0x6a/0x3e0 [ 740.544710][T18610] ? v4l2_fh_open+0x4c/0xc0 [ 740.544748][T18610] v4l2_fh_open+0x4c/0xc0 [ 740.544781][T18610] v4l2_open+0x222/0x490 [ 740.544810][T18610] ? __pfx_v4l2_open+0x10/0x10 [ 740.544840][T18610] chrdev_open+0x231/0x6a0 [ 740.544865][T18610] ? __pfx_apparmor_file_open+0x10/0x10 [ 740.544897][T18610] ? __pfx_chrdev_open+0x10/0x10 [ 740.544925][T18610] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 740.544967][T18610] do_dentry_open+0x741/0x1c10 [ 740.544992][T18610] ? __pfx_chrdev_open+0x10/0x10 [ 740.545024][T18610] vfs_open+0x82/0x3f0 [ 740.545059][T18610] path_openat+0x1e5e/0x2d40 [ 740.545092][T18610] ? __pfx_path_openat+0x10/0x10 [ 740.545123][T18610] do_filp_open+0x20b/0x470 [ 740.545146][T18610] ? __pfx_do_filp_open+0x10/0x10 [ 740.545189][T18610] ? alloc_fd+0x471/0x7d0 [ 740.545241][T18610] do_sys_openat2+0x11b/0x1d0 [ 740.545273][T18610] ? __pfx_do_sys_openat2+0x10/0x10 [ 740.545317][T18610] __x64_sys_openat+0x174/0x210 [ 740.545350][T18610] ? __pfx___x64_sys_openat+0x10/0x10 [ 740.545386][T18610] ? rcu_is_watching+0x12/0xc0 [ 740.545416][T18610] do_syscall_64+0xcd/0x230 [ 740.545453][T18610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.545478][T18610] RIP: 0033:0x7f4611d8e969 [ 740.545498][T18610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 740.545522][T18610] RSP: 002b:00007f4612c2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 740.545545][T18610] RAX: ffffffffffffffda RBX: 00007f4611fb5fa0 RCX: 00007f4611d8e969 [ 740.545561][T18610] RDX: 0000000000080382 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 740.545578][T18610] RBP: 00007f4611e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 740.545593][T18610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 740.545608][T18610] R13: 0000000000000000 R14: 00007f4611fb5fa0 R15: 00007fff072ca708 [ 740.545638][T18610] [ 741.724642][T18630] FAULT_INJECTION: forcing a failure. [ 741.724642][T18630] name failslab, interval 1, probability 0, space 0, times 0 [ 741.855106][T18630] CPU: 1 UID: 0 PID: 18630 Comm: syz.2.4946 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 741.855148][T18630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 741.855164][T18630] Call Trace: [ 741.855172][T18630] [ 741.855182][T18630] dump_stack_lvl+0x16c/0x1f0 [ 741.855220][T18630] should_fail_ex+0x512/0x640 [ 741.855255][T18630] ? __kvmalloc_node_noprof+0x122/0x600 [ 741.855285][T18630] should_failslab+0xc2/0x120 [ 741.855315][T18630] __kvmalloc_node_noprof+0x135/0x600 [ 741.855340][T18630] ? __pfx_net_ctl_permissions+0x10/0x10 [ 741.855383][T18630] ? proc_sys_call_handler+0x2a6/0x5c0 [ 741.855415][T18630] ? proc_sys_call_handler+0x2a6/0x5c0 [ 741.855439][T18630] proc_sys_call_handler+0x2a6/0x5c0 [ 741.855468][T18630] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 741.855501][T18630] ? rw_verify_area+0xcf/0x680 [ 741.855540][T18630] vfs_read+0x8c8/0xc70 [ 741.855566][T18630] ? __pfx___mutex_lock+0x10/0x10 [ 741.855601][T18630] ? __pfx_vfs_read+0x10/0x10 [ 741.855642][T18630] ksys_read+0x12a/0x240 [ 741.855665][T18630] ? __pfx_ksys_read+0x10/0x10 [ 741.855685][T18630] ? rcu_is_watching+0x12/0xc0 [ 741.855716][T18630] do_syscall_64+0xcd/0x230 [ 741.855753][T18630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.855777][T18630] RIP: 0033:0x7f2e09b8e969 [ 741.855796][T18630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 741.855820][T18630] RSP: 002b:00007f2e0a9e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 741.855843][T18630] RAX: ffffffffffffffda RBX: 00007f2e09db6080 RCX: 00007f2e09b8e969 [ 741.855859][T18630] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005 [ 741.855874][T18630] RBP: 00007f2e09c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 741.855888][T18630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 741.855903][T18630] R13: 0000000000000000 R14: 00007f2e09db6080 R15: 00007fff6cb64f78 [ 741.855933][T18630] [ 744.229220][T18656] FAULT_INJECTION: forcing a failure. [ 744.229220][T18656] name failslab, interval 1, probability 0, space 0, times 0 [ 744.310111][T18658] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4957'. [ 744.335614][T18656] CPU: 1 UID: 0 PID: 18656 Comm: syz.4.4956 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 744.335650][T18656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 744.335664][T18656] Call Trace: [ 744.335673][T18656] [ 744.335682][T18656] dump_stack_lvl+0x16c/0x1f0 [ 744.335719][T18656] should_fail_ex+0x512/0x640 [ 744.335754][T18656] ? fs_reclaim_acquire+0xae/0x150 [ 744.335794][T18656] should_failslab+0xc2/0x120 [ 744.335825][T18656] __kmalloc_cache_noprof+0x6a/0x3e0 [ 744.335868][T18656] ? tomoyo_init_log+0x197/0x2140 [ 744.335928][T18656] tomoyo_init_log+0x197/0x2140 [ 744.335959][T18656] ? format_decode+0x1ad/0xd40 [ 744.335992][T18656] ? __pfx_format_decode+0x10/0x10 [ 744.336028][T18656] ? __pfx_tomoyo_init_log+0x10/0x10 [ 744.336069][T18656] tomoyo_write_log2+0x2f7/0xc10 [ 744.336106][T18656] tomoyo_supervisor+0x15e/0x13b0 [ 744.336150][T18656] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 744.336200][T18656] ? lockdep_hardirqs_on+0x7c/0x110 [ 744.336256][T18656] ? tomoyo_check_path_acl+0xad/0x210 [ 744.336285][T18656] ? tomoyo_check_acl+0x1f7/0x410 [ 744.336314][T18656] tomoyo_path_permission+0x270/0x3b0 [ 744.336346][T18656] tomoyo_check_open_permission+0x349/0x3c0 [ 744.336376][T18656] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 744.336436][T18656] ? do_raw_spin_lock+0x12c/0x2b0 [ 744.336482][T18656] tomoyo_file_open+0x6b/0x90 [ 744.336521][T18656] security_file_open+0x84/0x1e0 [ 744.336555][T18656] do_dentry_open+0x596/0x1c10 [ 744.336589][T18656] vfs_open+0x82/0x3f0 [ 744.336624][T18656] path_openat+0x1e5e/0x2d40 [ 744.336659][T18656] ? __pfx_path_openat+0x10/0x10 [ 744.336690][T18656] do_filp_open+0x20b/0x470 [ 744.336714][T18656] ? __pfx_do_filp_open+0x10/0x10 [ 744.336758][T18656] ? alloc_fd+0x471/0x7d0 [ 744.336804][T18656] do_sys_openat2+0x11b/0x1d0 [ 744.336837][T18656] ? __pfx_do_sys_openat2+0x10/0x10 [ 744.336881][T18656] __x64_sys_openat+0x174/0x210 [ 744.336914][T18656] ? __pfx___x64_sys_openat+0x10/0x10 [ 744.336950][T18656] ? rcu_is_watching+0x12/0xc0 [ 744.336981][T18656] do_syscall_64+0xcd/0x230 [ 744.337024][T18656] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.337049][T18656] RIP: 0033:0x7f4cd9b8e969 [ 744.337068][T18656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 744.337092][T18656] RSP: 002b:00007f4cdaa8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 744.337114][T18656] RAX: ffffffffffffffda RBX: 00007f4cd9db5fa0 RCX: 00007f4cd9b8e969 [ 744.337131][T18656] RDX: 000000000002ab01 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 744.337147][T18656] RBP: 00007f4cd9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 744.337162][T18656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 744.337177][T18656] R13: 0000000000000000 R14: 00007f4cd9db5fa0 R15: 00007ffe584fbd58 [ 744.337207][T18656] [ 746.620215][T18677] netlink: 'syz.1.4965': attribute type 27 has an invalid length. [ 746.630771][T18676] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4966'. [ 746.657586][T18677] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4965'. [ 746.833017][T18674] Process accounting paused [ 748.113472][T18700] netlink: 'syz.1.4975': attribute type 19 has an invalid length. [ 748.153110][T18700] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4975'. [ 749.771912][T18737] netlink: 222 bytes leftover after parsing attributes in process `syz.3.4989'. [ 749.826550][T18737] netlink: 222 bytes leftover after parsing attributes in process `syz.3.4989'. [ 750.370594][T18745] ERROR: Out of memory at tomoyo_memory_ok. [ 751.594847][T18767] netlink: 186 bytes leftover after parsing attributes in process `syz.4.5002'. [ 751.688831][T18769] netlink: 'syz.1.5003': attribute type 17 has an invalid length. [ 751.745515][T18769] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5003'. [ 752.353495][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.364742][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 754.711717][T18822] FAULT_INJECTION: forcing a failure. [ 754.711717][T18822] name failslab, interval 1, probability 0, space 0, times 0 [ 754.782043][T18822] CPU: 1 UID: 0 PID: 18822 Comm: syz.1.5024 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 754.782078][T18822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 754.782093][T18822] Call Trace: [ 754.782102][T18822] [ 754.782111][T18822] dump_stack_lvl+0x16c/0x1f0 [ 754.782151][T18822] should_fail_ex+0x512/0x640 [ 754.782185][T18822] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 754.782217][T18822] should_failslab+0xc2/0x120 [ 754.782247][T18822] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 754.782275][T18822] ? __kernfs_new_node+0xd2/0x8a0 [ 754.782319][T18822] __kernfs_new_node+0xd2/0x8a0 [ 754.782362][T18822] ? __pfx___kernfs_new_node+0x10/0x10 [ 754.782409][T18822] ? find_held_lock+0x2b/0x80 [ 754.782434][T18822] ? kernfs_root+0xee/0x2a0 [ 754.782479][T18822] kernfs_new_node+0x13c/0x1e0 [ 754.782511][T18822] __kernfs_create_file+0x53/0x350 [ 754.782547][T18822] sysfs_add_file_mode_ns+0x207/0x3c0 [ 754.782592][T18822] internal_create_group+0x578/0xf30 [ 754.782632][T18822] ? __pfx_internal_create_group+0x10/0x10 [ 754.782679][T18822] ? kernfs_create_link+0x1bd/0x240 [ 754.782717][T18822] internal_create_groups+0x9d/0x150 [ 754.782744][T18822] device_add+0x6d1/0x1a70 [ 754.782780][T18822] ? __pfx_device_add+0x10/0x10 [ 754.782813][T18822] ? lockdep_init_map_type+0x5c/0x280 [ 754.782847][T18822] ? __init_waitqueue_head+0xca/0x150 [ 754.782893][T18822] netdev_register_kobject+0x182/0x3a0 [ 754.782930][T18822] register_netdevice+0x13dc/0x2270 [ 754.782967][T18822] ? __pfx_register_netdevice+0x10/0x10 [ 754.783006][T18822] __ip_tunnel_create+0x4a8/0x680 [ 754.783038][T18822] ? __pfx___ip_tunnel_create+0x10/0x10 [ 754.783081][T18822] ip_tunnel_init_net+0x22f/0x7d0 [ 754.783114][T18822] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 754.783150][T18822] ? trace_kmalloc+0x2b/0xd0 [ 754.783182][T18822] ? lockdep_init_map_type+0x5c/0x280 [ 754.783219][T18822] ? __pfx_ipgre_tap_init_net+0x10/0x10 [ 754.783260][T18822] ops_init+0x1df/0x5f0 [ 754.783292][T18822] setup_net+0x21e/0x850 [ 754.783324][T18822] ? __pfx_setup_net+0x10/0x10 [ 754.783352][T18822] ? lockdep_init_map_type+0x5c/0x280 [ 754.783384][T18822] ? __pfx_down_read_killable+0x10/0x10 [ 754.783427][T18822] ? debug_mutex_init+0x37/0x70 [ 754.783469][T18822] copy_net_ns+0x2a6/0x5f0 [ 754.783505][T18822] create_new_namespaces+0x3ea/0xad0 [ 754.783539][T18822] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 754.783570][T18822] ksys_unshare+0x45b/0xa40 [ 754.783608][T18822] ? __pfx_ksys_unshare+0x10/0x10 [ 754.783640][T18822] ? xfd_validate_state+0x5d/0x180 [ 754.783683][T18822] ? rcu_is_watching+0x12/0xc0 [ 754.783713][T18822] __x64_sys_unshare+0x31/0x40 [ 754.783746][T18822] do_syscall_64+0xcd/0x230 [ 754.783783][T18822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.783809][T18822] RIP: 0033:0x7ff5f9b8e969 [ 754.783828][T18822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 754.783853][T18822] RSP: 002b:00007ff5faa45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 754.783876][T18822] RAX: ffffffffffffffda RBX: 00007ff5f9db5fa0 RCX: 00007ff5f9b8e969 [ 754.783892][T18822] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 754.783907][T18822] RBP: 00007ff5f9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 754.783922][T18822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.783937][T18822] R13: 0000000000000000 R14: 00007ff5f9db5fa0 R15: 00007ffe19058ca8 [ 754.783968][T18822] [ 755.198123][ C1] vkms_vblank_simulate: vblank timer overrun [ 755.660226][T18824] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5025'. [ 755.916412][T18828] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5027'. [ 755.941217][T18828] netlink: 354 bytes leftover after parsing attributes in process `syz.3.5027'. [ 756.222033][T18832] netlink: 146 bytes leftover after parsing attributes in process `syz.4.5029'. [ 757.427324][T18849] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5036'. [ 758.757428][T18869] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 758.878602][T18869] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 758.965100][T18869] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 759.065319][T18869] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 759.302619][T18874] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 759.412721][T18874] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 759.525664][T18874] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 759.676834][T18874] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 759.952807][T18883] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 760.082124][T18883] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 760.175645][T18883] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 760.269197][T18883] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 760.964763][T18896] FAULT_INJECTION: forcing a failure. [ 760.964763][T18896] name failslab, interval 1, probability 0, space 0, times 0 [ 761.054014][T18896] CPU: 1 UID: 0 PID: 18896 Comm: syz.3.5055 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 761.054050][T18896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 761.054066][T18896] Call Trace: [ 761.054073][T18896] [ 761.054083][T18896] dump_stack_lvl+0x16c/0x1f0 [ 761.054121][T18896] should_fail_ex+0x512/0x640 [ 761.054156][T18896] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 761.054187][T18896] should_failslab+0xc2/0x120 [ 761.054217][T18896] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 761.054245][T18896] ? security_file_alloc+0x34/0x2b0 [ 761.054282][T18896] security_file_alloc+0x34/0x2b0 [ 761.054314][T18896] init_file+0x93/0x4c0 [ 761.054344][T18896] alloc_empty_file+0x73/0x1e0 [ 761.054376][T18896] path_openat+0xe0/0x2d40 [ 761.054397][T18896] ? __x64_sys_openat+0x174/0x210 [ 761.054429][T18896] ? do_syscall_64+0xcd/0x230 [ 761.054462][T18896] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 761.054497][T18896] ? __pfx_path_openat+0x10/0x10 [ 761.054528][T18896] do_filp_open+0x20b/0x470 [ 761.054552][T18896] ? __pfx_do_filp_open+0x10/0x10 [ 761.054595][T18896] ? alloc_fd+0x471/0x7d0 [ 761.054641][T18896] do_sys_openat2+0x11b/0x1d0 [ 761.054673][T18896] ? __pfx_do_sys_openat2+0x10/0x10 [ 761.054718][T18896] __x64_sys_openat+0x174/0x210 [ 761.054751][T18896] ? __pfx___x64_sys_openat+0x10/0x10 [ 761.054787][T18896] ? rcu_is_watching+0x12/0xc0 [ 761.054818][T18896] do_syscall_64+0xcd/0x230 [ 761.054854][T18896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 761.054888][T18896] RIP: 0033:0x7f4611d8d2d0 [ 761.054908][T18896] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 761.054934][T18896] RSP: 002b:00007f4612c2df10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 761.054957][T18896] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4611d8d2d0 [ 761.054973][T18896] RDX: 0000000000000000 RSI: 00007f4612c2dfa0 RDI: 00000000ffffff9c [ 761.054989][T18896] RBP: 00007f4612c2dfa0 R08: 0000000000000000 R09: 0000000000000000 [ 761.055003][T18896] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 761.055017][T18896] R13: 0000000000000000 R14: 00007f4611fb5fa0 R15: 00007fff072ca708 [ 761.055047][T18896] [ 762.393030][T18915] FAULT_INJECTION: forcing a failure. [ 762.393030][T18915] name failslab, interval 1, probability 0, space 0, times 0 [ 762.519856][T18915] CPU: 1 UID: 0 PID: 18915 Comm: syz.2.5061 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 762.519893][T18915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 762.519908][T18915] Call Trace: [ 762.519917][T18915] [ 762.519926][T18915] dump_stack_lvl+0x16c/0x1f0 [ 762.519965][T18915] should_fail_ex+0x512/0x640 [ 762.520000][T18915] ? fs_reclaim_acquire+0xae/0x150 [ 762.520040][T18915] should_failslab+0xc2/0x120 [ 762.520070][T18915] __kmalloc_cache_noprof+0x6a/0x3e0 [ 762.520112][T18915] ? tomoyo_init_log+0x197/0x2140 [ 762.520148][T18915] tomoyo_init_log+0x197/0x2140 [ 762.520180][T18915] ? format_decode+0x1ad/0xd40 [ 762.520208][T18915] ? __pfx_format_decode+0x10/0x10 [ 762.520244][T18915] ? __pfx_tomoyo_init_log+0x10/0x10 [ 762.520285][T18915] tomoyo_write_log2+0x2f7/0xc10 [ 762.520317][T18915] ? tomoyo_domain_quota_is_ok+0x200/0x5a0 [ 762.520349][T18915] tomoyo_supervisor+0x15e/0x13b0 [ 762.520394][T18915] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 762.520445][T18915] ? lockdep_hardirqs_on+0x7c/0x110 [ 762.520483][T18915] ? tomoyo_check_path_acl+0xad/0x210 [ 762.520511][T18915] ? tomoyo_check_acl+0x1f7/0x410 [ 762.520540][T18915] tomoyo_path_permission+0x270/0x3b0 [ 762.520571][T18915] tomoyo_check_open_permission+0x349/0x3c0 [ 762.520602][T18915] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 762.520662][T18915] ? do_raw_spin_lock+0x12c/0x2b0 [ 762.520707][T18915] tomoyo_file_open+0x6b/0x90 [ 762.520747][T18915] security_file_open+0x84/0x1e0 [ 762.520780][T18915] do_dentry_open+0x596/0x1c10 [ 762.520819][T18915] vfs_open+0x82/0x3f0 [ 762.520861][T18915] path_openat+0x1e5e/0x2d40 [ 762.520896][T18915] ? __pfx_path_openat+0x10/0x10 [ 762.520928][T18915] do_filp_open+0x20b/0x470 [ 762.520952][T18915] ? __pfx_do_filp_open+0x10/0x10 [ 762.520997][T18915] ? alloc_fd+0x471/0x7d0 [ 762.521043][T18915] do_sys_openat2+0x11b/0x1d0 [ 762.521079][T18915] ? __pfx_do_sys_openat2+0x10/0x10 [ 762.521114][T18915] ? __might_fault+0xe3/0x190 [ 762.521149][T18915] __x64_sys_openat+0x174/0x210 [ 762.521183][T18915] ? __pfx___x64_sys_openat+0x10/0x10 [ 762.521218][T18915] ? rcu_is_watching+0x12/0xc0 [ 762.521249][T18915] do_syscall_64+0xcd/0x230 [ 762.521286][T18915] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 762.521311][T18915] RIP: 0033:0x7f2e09b8e969 [ 762.521332][T18915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 762.521356][T18915] RSP: 002b:00007f2e0aa08038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 762.521380][T18915] RAX: ffffffffffffffda RBX: 00007f2e09db5fa0 RCX: 00007f2e09b8e969 [ 762.521397][T18915] RDX: 000000000016b042 RSI: 0000200000005480 RDI: ffffffffffffff9c [ 762.521413][T18915] RBP: 00007f2e09c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 762.521428][T18915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 762.521443][T18915] R13: 0000000000000000 R14: 00007f2e09db5fa0 R15: 00007fff6cb64f78 [ 762.521474][T18915] [ 764.765137][T18940] FAULT_INJECTION: forcing a failure. [ 764.765137][T18940] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 764.937507][T18940] CPU: 1 UID: 0 PID: 18940 Comm: syz.1.5071 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 764.937544][T18940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 764.937560][T18940] Call Trace: [ 764.937568][T18940] [ 764.937578][T18940] dump_stack_lvl+0x16c/0x1f0 [ 764.937618][T18940] should_fail_ex+0x512/0x640 [ 764.937665][T18940] should_fail_alloc_page+0xe7/0x130 [ 764.937698][T18940] prepare_alloc_pages+0x3c2/0x610 [ 764.937736][T18940] ? rcu_is_watching+0x12/0xc0 [ 764.937762][T18940] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 764.937790][T18940] ? __kernel_text_address+0xd/0x40 [ 764.937829][T18940] ? unwind_get_return_address+0x59/0xa0 [ 764.937858][T18940] ? arch_stack_walk+0xa6/0x100 [ 764.937896][T18940] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 764.937925][T18940] ? stack_trace_save+0x8e/0xc0 [ 764.937949][T18940] ? __pfx_stack_trace_save+0x10/0x10 [ 764.937973][T18940] ? stack_depot_save_flags+0x28/0xa50 [ 764.938016][T18940] ? kasan_save_stack+0x42/0x60 [ 764.938044][T18940] ? __lock_acquire+0xaa4/0x1ba0 [ 764.938074][T18940] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 764.938109][T18940] ? policy_nodemask+0xea/0x4e0 [ 764.938141][T18940] alloc_pages_mpol+0x1fb/0x550 [ 764.938172][T18940] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 764.938200][T18940] ? __page_table_check_ptes_set+0x1ae/0x420 [ 764.938230][T18940] ? find_held_lock+0x2b/0x80 [ 764.938257][T18940] alloc_pages_noprof+0x131/0x390 [ 764.938287][T18940] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 764.938311][T18940] get_free_pages_noprof+0xc/0x40 [ 764.938342][T18940] kasan_populate_vmalloc_pte+0x2d/0x160 [ 764.938367][T18940] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 764.938391][T18940] __apply_to_page_range+0x617/0xd60 [ 764.938433][T18940] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 764.938462][T18940] ? __pfx___apply_to_page_range+0x10/0x10 [ 764.938501][T18940] ? alloc_vmap_area+0x872/0x2970 [ 764.938544][T18940] alloc_vmap_area+0x919/0x2970 [ 764.938591][T18940] ? __pfx_alloc_vmap_area+0x10/0x10 [ 764.938638][T18940] __get_vm_area_node+0x1a7/0x300 [ 764.938681][T18940] __vmalloc_node_range_noprof+0x277/0x1540 [ 764.938721][T18940] ? __do_sys_listmount+0x1c2/0xed0 [ 764.938767][T18940] ? __do_sys_listmount+0x1c2/0xed0 [ 764.938809][T18940] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 764.938861][T18940] __kvmalloc_node_noprof+0x2ff/0x600 [ 764.938887][T18940] ? __do_sys_listmount+0x1c2/0xed0 [ 764.938924][T18940] ? __do_sys_listmount+0x1c2/0xed0 [ 764.938965][T18940] ? __do_sys_listmount+0x1c2/0xed0 [ 764.938998][T18940] __do_sys_listmount+0x1c2/0xed0 [ 764.939038][T18940] ? __x64_sys_futex+0x1e0/0x4c0 [ 764.939064][T18940] ? __x64_sys_futex+0x1e9/0x4c0 [ 764.939091][T18940] ? __pfx___do_sys_listmount+0x10/0x10 [ 764.939126][T18940] ? xfd_validate_state+0x5d/0x180 [ 764.939177][T18940] do_syscall_64+0xcd/0x230 [ 764.939213][T18940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.939239][T18940] RIP: 0033:0x7ff5f9b8e969 [ 764.939258][T18940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 764.939283][T18940] RSP: 002b:00007ff5faa24038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 764.939306][T18940] RAX: ffffffffffffffda RBX: 00007ff5f9db6080 RCX: 00007ff5f9b8e969 [ 764.939322][T18940] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 764.939338][T18940] RBP: 00007ff5f9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 764.939353][T18940] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 764.939368][T18940] R13: 0000000000000000 R14: 00007ff5f9db6080 R15: 00007ffe19058ca8 [ 764.939397][T18940] [ 765.430179][T18940] syz.1.5071: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 765.486447][T18940] CPU: 1 UID: 0 PID: 18940 Comm: syz.1.5071 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 765.486484][T18940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 765.486499][T18940] Call Trace: [ 765.486507][T18940] [ 765.486517][T18940] dump_stack_lvl+0x16c/0x1f0 [ 765.486554][T18940] warn_alloc+0x248/0x3a0 [ 765.486593][T18940] ? __pfx_warn_alloc+0x10/0x10 [ 765.486622][T18940] ? kfree+0x2b6/0x4d0 [ 765.486668][T18940] ? __get_vm_area_node+0x1e5/0x300 [ 765.486711][T18940] __vmalloc_node_range_noprof+0xd31/0x1540 [ 765.486767][T18940] ? __do_sys_listmount+0x1c2/0xed0 [ 765.486810][T18940] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 765.486863][T18940] __kvmalloc_node_noprof+0x2ff/0x600 [ 765.486889][T18940] ? __do_sys_listmount+0x1c2/0xed0 [ 765.486926][T18940] ? __do_sys_listmount+0x1c2/0xed0 [ 765.486966][T18940] ? __do_sys_listmount+0x1c2/0xed0 [ 765.486999][T18940] __do_sys_listmount+0x1c2/0xed0 [ 765.487040][T18940] ? __x64_sys_futex+0x1e0/0x4c0 [ 765.487065][T18940] ? __x64_sys_futex+0x1e9/0x4c0 [ 765.487092][T18940] ? __pfx___do_sys_listmount+0x10/0x10 [ 765.487127][T18940] ? xfd_validate_state+0x5d/0x180 [ 765.487179][T18940] do_syscall_64+0xcd/0x230 [ 765.487216][T18940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 765.487250][T18940] RIP: 0033:0x7ff5f9b8e969 [ 765.487270][T18940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 765.487294][T18940] RSP: 002b:00007ff5faa24038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 765.487317][T18940] RAX: ffffffffffffffda RBX: 00007ff5f9db6080 RCX: 00007ff5f9b8e969 [ 765.487334][T18940] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 765.487350][T18940] RBP: 00007ff5f9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 765.487365][T18940] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 765.487380][T18940] R13: 0000000000000000 R14: 00007ff5f9db6080 R15: 00007ffe19058ca8 [ 765.487409][T18940] [ 765.487418][T18940] Mem-Info: [ 765.736334][T18940] active_anon:25324 inactive_anon:1 isolated_anon:0 [ 765.736334][T18940] active_file:15549 inactive_file:43076 isolated_file:0 [ 765.736334][T18940] unevictable:768 dirty:436 writeback:0 [ 765.736334][T18940] slab_reclaimable:10741 slab_unreclaimable:95146 [ 765.736334][T18940] mapped:24045 shmem:15171 pagetables:1110 [ 765.736334][T18940] sec_pagetables:0 bounce:0 [ 765.736334][T18940] kernel_misc_reclaimable:0 [ 765.736334][T18940] free:1307057 free_pcp:14309 free_cma:0 [ 765.791901][T18940] Node 0 active_anon:101296kB inactive_anon:4kB active_file:62196kB inactive_file:172300kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96180kB dirty:1740kB writeback:0kB shmem:59148kB shmem_thp:4096kB shmem_pmdmapped:2048kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10352kB pagetables:4440kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 765.858985][T18940] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 765.897230][T18940] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 765.939128][T18940] lowmem_reserve[]: 0 2484 2486 2486 2486 [ 765.983556][T18940] Node 0 DMA32 free:1349440kB boost:0kB min:34356kB low:42944kB high:51532kB reserved_highatomic:0KB active_anon:99032kB inactive_anon:4kB active_file:62196kB inactive_file:170500kB unevictable:1536kB writepending:1760kB present:3129332kB managed:2544168kB mlocked:0kB bounce:0kB free_pcp:2804kB local_pcp:2804kB free_cma:0kB [ 766.114091][T18940] lowmem_reserve[]: 0 0 1 1 1 [ 766.119806][T18940] Node 0 Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1800kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:24kB free_cma:0kB [ 766.168535][T18940] lowmem_reserve[]: 0 0 0 0 0 [ 766.177411][T18940] Node 1 Normal free:3862720kB boost:0kB min:55520kB low:69400kB high:83280kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:56564kB local_pcp:56564kB free_cma:0kB [ 766.260241][T18940] lowmem_reserve[]: 0 0 0 0 0 [ 766.280468][T18940] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 766.316639][T18940] Node 0 DMA32: 1351*4kB (UME) 1798*8kB (UME) 1562*16kB (UME) 1153*32kB (UME) 536*64kB (UME) 200*128kB (UME) 146*256kB (UME) 115*512kB (UME) 25*1024kB (UE) 23*2048kB (UME) 254*4096kB (UM) = 1350924kB [ 766.373806][T18940] Node 0 Normal: 1*4kB (M) 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB [ 766.403591][T18940] Node 1 Normal: 354*4kB (UME) 225*8kB (UME) 199*16kB (UM) 372*32kB (UME) 197*64kB (UME) 104*128kB (UME) 52*256kB (UM) 38*512kB (UM) 17*1024kB (UM) 10*2048kB (UM) 915*4096kB (ME) = 3862720kB [ 766.464282][T18940] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 766.487174][T18940] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 766.506892][T18940] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 766.524357][T18940] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 766.535854][T18940] 73276 total pagecache pages [ 766.541458][T18940] 1 pages in swap cache [ 766.553330][T18940] Free swap = 124992kB [ 766.558541][T18940] Total swap = 124996kB [ 766.563842][T18940] 2097051 pages RAM [ 766.571337][T18940] 0 pages HighMem/MovableOnly [ 766.577816][T18940] 428903 pages reserved [ 766.583071][T18940] 0 pages cma reserved [ 766.833607][T18956] FAULT_INJECTION: forcing a failure. [ 766.833607][T18956] name failslab, interval 1, probability 0, space 0, times 0 [ 766.924883][T18956] CPU: 1 UID: 0 PID: 18956 Comm: syz.2.5077 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 766.924919][T18956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 766.924935][T18956] Call Trace: [ 766.924942][T18956] [ 766.924952][T18956] dump_stack_lvl+0x16c/0x1f0 [ 766.924991][T18956] should_fail_ex+0x512/0x640 [ 766.925026][T18956] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 766.925058][T18956] should_failslab+0xc2/0x120 [ 766.925088][T18956] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 766.925115][T18956] ? __pfx___might_resched+0x10/0x10 [ 766.925142][T18956] ? __anon_vma_prepare+0xae/0x5e0 [ 766.925173][T18956] __anon_vma_prepare+0xae/0x5e0 [ 766.925197][T18956] ? __pfx___pte_alloc+0x10/0x10 [ 766.925233][T18956] __vmf_anon_prepare+0x11c/0x240 [ 766.925271][T18956] do_pte_missing+0x1194/0x3fb0 [ 766.925298][T18956] ? _raw_spin_unlock+0x28/0x50 [ 766.925326][T18956] ? __pmd_alloc+0x3c2/0x870 [ 766.925365][T18956] __handle_mm_fault+0x103d/0x2a40 [ 766.925398][T18956] ? __pfx___handle_mm_fault+0x10/0x10 [ 766.925448][T18956] handle_mm_fault+0x3fe/0xad0 [ 766.925485][T18956] __get_user_pages+0x771/0x36f0 [ 766.925532][T18956] ? __pfx_mt_find+0x10/0x10 [ 766.925570][T18956] ? __pfx___get_user_pages+0x10/0x10 [ 766.925620][T18956] populate_vma_page_range+0x278/0x3a0 [ 766.925646][T18956] ? __pfx_populate_vma_page_range+0x10/0x10 [ 766.925687][T18956] ? __pfx_find_vma_intersection+0x10/0x10 [ 766.925725][T18956] ? do_mmap+0x69c/0x11b0 [ 766.925764][T18956] __mm_populate+0x1d8/0x380 [ 766.925787][T18956] ? __pfx___mm_populate+0x10/0x10 [ 766.925813][T18956] ? up_write+0x1b2/0x520 [ 766.925851][T18956] vm_mmap_pgoff+0x362/0x450 [ 766.925890][T18956] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 766.925933][T18956] ? __x64_sys_futex+0x1e0/0x4c0 [ 766.925958][T18956] ? __x64_sys_futex+0x1e9/0x4c0 [ 766.925989][T18956] ksys_mmap_pgoff+0x7d/0x5c0 [ 766.926024][T18956] ? rcu_is_watching+0x12/0xc0 [ 766.926050][T18956] __x64_sys_mmap+0x125/0x190 [ 766.926077][T18956] do_syscall_64+0xcd/0x230 [ 766.926114][T18956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.926140][T18956] RIP: 0033:0x7f2e09b8e969 [ 766.926159][T18956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 766.926183][T18956] RSP: 002b:00007f2e0aa08038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 766.926205][T18956] RAX: ffffffffffffffda RBX: 00007f2e09db5fa0 RCX: 00007f2e09b8e969 [ 766.926222][T18956] RDX: 00800000000000df RSI: 0000000000400005 RDI: 0000000000000000 [ 766.926237][T18956] RBP: 00007f2e09c10ab1 R08: 0000000000000002 R09: 0000000000008000 [ 766.926252][T18956] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 766.926267][T18956] R13: 0000000000000000 R14: 00007f2e09db5fa0 R15: 00007fff6cb64f78 [ 766.926297][T18956] [ 767.862498][T18962] FAULT_INJECTION: forcing a failure. [ 767.862498][T18962] name failslab, interval 1, probability 0, space 0, times 0 [ 767.937625][T18962] CPU: 1 UID: 0 PID: 18962 Comm: syz.4.5081 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 767.937660][T18962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 767.937675][T18962] Call Trace: [ 767.937683][T18962] [ 767.937693][T18962] dump_stack_lvl+0x16c/0x1f0 [ 767.937732][T18962] should_fail_ex+0x512/0x640 [ 767.937767][T18962] ? fs_reclaim_acquire+0xae/0x150 [ 767.937807][T18962] ? ima_alloc_init_template+0x19d/0x720 [ 767.937830][T18962] should_failslab+0xc2/0x120 [ 767.937861][T18962] __kmalloc_noprof+0xd2/0x510 [ 767.937887][T18962] ? __print_lock_name+0xc1/0xe0 [ 767.937916][T18962] ima_alloc_init_template+0x19d/0x720 [ 767.937942][T18962] ? take_dentry_name_snapshot+0x319/0x7d0 [ 767.937977][T18962] ima_store_measurement+0x1eb/0x5c0 [ 767.938004][T18962] ? __pfx_ima_store_measurement+0x10/0x10 [ 767.938030][T18962] ? vfs_getxattr_alloc+0xec/0x340 [ 767.938078][T18962] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 767.938119][T18962] process_measurement+0x1ddb/0x23e0 [ 767.938167][T18962] ? __pfx_process_measurement+0x10/0x10 [ 767.938203][T18962] ? __lock_acquire+0x5ca/0x1ba0 [ 767.938237][T18962] ? init_file+0x93/0x4c0 [ 767.938263][T18962] ? alloc_empty_file+0x73/0x1e0 [ 767.938292][T18962] ? hugetlb_file_setup+0x4cd/0x620 [ 767.938322][T18962] ? ksys_mmap_pgoff+0x189/0x5c0 [ 767.938356][T18962] ? __x64_sys_mmap+0x125/0x190 [ 767.938432][T18962] ima_file_mmap+0x1b1/0x1d0 [ 767.938469][T18962] ? __pfx_ima_file_mmap+0x10/0x10 [ 767.938513][T18962] security_mmap_file+0x88c/0x990 [ 767.938547][T18962] vm_mmap_pgoff+0xec/0x450 [ 767.938587][T18962] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 767.938620][T18962] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 767.938658][T18962] ? hugetlbfs_get_inode+0x31f/0x730 [ 767.938698][T18962] ksys_mmap_pgoff+0x1c8/0x5c0 [ 767.938734][T18962] ? rcu_is_watching+0x12/0xc0 [ 767.938759][T18962] __x64_sys_mmap+0x125/0x190 [ 767.938786][T18962] do_syscall_64+0xcd/0x230 [ 767.938823][T18962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 767.938848][T18962] RIP: 0033:0x7f4cd9b8e969 [ 767.938868][T18962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 767.938892][T18962] RSP: 002b:00007f4cdaa8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 767.938915][T18962] RAX: ffffffffffffffda RBX: 00007f4cd9db5fa0 RCX: 00007f4cd9b8e969 [ 767.938932][T18962] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 767.938947][T18962] RBP: 00007f4cd9c10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 767.938964][T18962] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 767.938979][T18962] R13: 0000000000000000 R14: 00007f4cd9db5fa0 R15: 00007ffe584fbd58 [ 767.939009][T18962] [ 768.277437][ T30] audit: type=1804 audit(4294968819.162:15): pid=18962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.4.5081" name="anon_hugepage" dev="hugetlbfs" ino=68156 res=0 errno=0 [ 768.858458][T18975] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 768.866737][T18975] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 769.014841][T18975] Process accounting resumed [ 769.183466][T18980] ima: policy update failed [ 769.211575][ T30] audit: type=1802 audit(4294968820.432:16): pid=18980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.5088" res=0 errno=0 [ 769.907636][ T55] Bluetooth: hci0: unexpected event 0x07 length: 440 > 255 [ 769.908313][T18989] ima: policy update failed [ 770.009960][ T30] audit: type=1802 audit(4294968821.221:17): pid=18989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.5093" res=0 errno=0 [ 770.091342][T18992] netlink: 'syz.3.5094': attribute type 16 has an invalid length. [ 770.151308][T18992] netlink: 50 bytes leftover after parsing attributes in process `syz.3.5094'. [ 770.433201][T19002] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5098'. [ 770.593468][T19006] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5100'. [ 770.864747][T19014] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5104'. [ 772.357436][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 772.370115][T18994] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 773.142858][T18994] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 773.155258][T18994] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 773.163175][T18994] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 773.173212][T18994] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 773.185065][T18994] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 773.197463][T18994] CPU0 is offline. [ 773.405433][T19024] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5114'. [ 773.611826][T19024] bond0: (slave bond_slave_1): Releasing backup interface [ 774.005804][T19039] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5111'. [ 774.234851][T19046] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5115'. [ 774.287433][T19046] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5115'. [ 774.335295][T19046] netlink: 210 bytes leftover after parsing attributes in process `syz.1.5115'. [ 774.439760][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 775.158275][T19066] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5122'. [ 775.170055][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 775.239415][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 775.447665][ T55] Bluetooth: hci1: unexpected event 0x08 length: 11 > 4 [ 775.450688][T19072] ima: policy update failed [ 775.502293][ T30] audit: type=1802 audit(4294968826.719:18): pid=19072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.5125" res=0 errno=0 [ 775.927556][T19085] ERROR: Out of memory at tomoyo_memory_ok. [ 776.015817][T19087] netlink: 338 bytes leftover after parsing attributes in process `syz.4.5132'. [ 776.137804][T19089] netlink: 338 bytes leftover after parsing attributes in process `syz.4.5132'. [ 776.174038][T19087] netlink: 210 bytes leftover after parsing attributes in process `syz.4.5132'. [ 776.899334][T19109] FAULT_INJECTION: forcing a failure. [ 776.899334][T19109] name failslab, interval 1, probability 0, space 0, times 0 [ 776.926569][T19109] CPU: 1 UID: 0 PID: 19109 Comm: syz.2.5137 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 776.926606][T19109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 776.926621][T19109] Call Trace: [ 776.926629][T19109] [ 776.926638][T19109] dump_stack_lvl+0x16c/0x1f0 [ 776.926677][T19109] should_fail_ex+0x512/0x640 [ 776.926711][T19109] ? fs_reclaim_acquire+0xae/0x150 [ 776.926751][T19109] should_failslab+0xc2/0x120 [ 776.926782][T19109] __kmalloc_cache_noprof+0x6a/0x3e0 [ 776.926833][T19109] ? tomoyo_init_log+0x197/0x2140 [ 776.926871][T19109] tomoyo_init_log+0x197/0x2140 [ 776.926903][T19109] ? format_decode+0x1ad/0xd40 [ 776.926930][T19109] ? __pfx_format_decode+0x10/0x10 [ 776.926966][T19109] ? __pfx_tomoyo_init_log+0x10/0x10 [ 776.927007][T19109] tomoyo_write_log2+0x2f7/0xc10 [ 776.927046][T19109] tomoyo_supervisor+0x15e/0x13b0 [ 776.927089][T19109] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 776.927141][T19109] ? lockdep_hardirqs_on+0x7c/0x110 [ 776.927178][T19109] ? tomoyo_check_path_acl+0xad/0x210 [ 776.927207][T19109] ? tomoyo_check_acl+0x1f7/0x410 [ 776.927236][T19109] tomoyo_path_permission+0x270/0x3b0 [ 776.927267][T19109] tomoyo_check_open_permission+0x349/0x3c0 [ 776.927298][T19109] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 776.927358][T19109] ? do_raw_spin_lock+0x12c/0x2b0 [ 776.927403][T19109] tomoyo_file_open+0x6b/0x90 [ 776.927443][T19109] security_file_open+0x84/0x1e0 [ 776.927477][T19109] do_dentry_open+0x596/0x1c10 [ 776.927510][T19109] vfs_open+0x82/0x3f0 [ 776.927545][T19109] path_openat+0x1e5e/0x2d40 [ 776.927579][T19109] ? __pfx_path_openat+0x10/0x10 [ 776.927610][T19109] do_filp_open+0x20b/0x470 [ 776.927634][T19109] ? __pfx_do_filp_open+0x10/0x10 [ 776.927678][T19109] ? alloc_fd+0x471/0x7d0 [ 776.927724][T19109] do_sys_openat2+0x11b/0x1d0 [ 776.927756][T19109] ? __pfx_do_sys_openat2+0x10/0x10 [ 776.927790][T19109] ? __pfx___might_resched+0x10/0x10 [ 776.927830][T19109] __x64_sys_openat+0x174/0x210 [ 776.927864][T19109] ? __pfx___x64_sys_openat+0x10/0x10 [ 776.927899][T19109] ? rcu_is_watching+0x12/0xc0 [ 776.927930][T19109] do_syscall_64+0xcd/0x230 [ 776.927967][T19109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 776.927992][T19109] RIP: 0033:0x7f2e09b8e969 [ 776.928012][T19109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 776.928037][T19109] RSP: 002b:00007f2e0aa08038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 776.928060][T19109] RAX: ffffffffffffffda RBX: 00007f2e09db5fa0 RCX: 00007f2e09b8e969 [ 776.928076][T19109] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 776.928092][T19109] RBP: 00007f2e09c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 776.928108][T19109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 776.928123][T19109] R13: 0000000000000000 R14: 00007f2e09db5fa0 R15: 00007fff6cb64f78 [ 776.928153][T19109] [ 777.367951][T19102] Process accounting resumed [ 777.485232][T19113] ima: policy update failed [ 777.674918][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 777.682420][ T55] Bluetooth: hci0: unexpected event 0x08 length: 11 > 4 [ 777.706616][ T30] audit: type=1802 audit(4294968828.708:19): pid=19113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.5139" res=0 errno=0 [ 778.263880][T19136] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5149'. [ 778.498035][T19140] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5150'. [ 779.127513][T19148] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5153'. [ 779.722127][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout [ 780.117472][T19168] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5160'. [ 781.716543][T19195] FAULT_INJECTION: forcing a failure. [ 781.716543][T19195] name fail_futex, interval 1, probability 0, space 0, times 0 [ 781.778779][T19195] CPU: 1 UID: 0 PID: 19195 Comm: syz.4.5171 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 781.778815][T19195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 781.778831][T19195] Call Trace: [ 781.778839][T19195] [ 781.778849][T19195] dump_stack_lvl+0x16c/0x1f0 [ 781.778888][T19195] should_fail_ex+0x512/0x640 [ 781.778924][T19195] ? __pfx___futex_wait+0x10/0x10 [ 781.778960][T19195] get_futex_key+0x49e/0x1000 [ 781.778986][T19195] ? __pfx_futex_wake_mark+0x10/0x10 [ 781.779017][T19195] ? __pfx_get_futex_key+0x10/0x10 [ 781.779052][T19195] futex_wake+0xe7/0x4e0 [ 781.779080][T19195] ? apparmor_file_permission+0x251/0x400 [ 781.779109][T19195] ? bpf_lsm_file_permission+0x9/0x10 [ 781.779150][T19195] ? __pfx_futex_wake+0x10/0x10 [ 781.779180][T19195] ? __pfx_snd_ctl_read+0x10/0x10 [ 781.779222][T19195] ? vfs_read+0x238/0xc70 [ 781.779250][T19195] do_futex+0x1e3/0x350 [ 781.779277][T19195] ? __pfx_do_futex+0x10/0x10 [ 781.779316][T19195] __x64_sys_futex+0x1e0/0x4c0 [ 781.779345][T19195] ? fput+0x70/0xf0 [ 781.779372][T19195] ? __pfx___x64_sys_futex+0x10/0x10 [ 781.779398][T19195] ? ksys_read+0x1b9/0x240 [ 781.779420][T19195] ? __pfx_ksys_read+0x10/0x10 [ 781.779440][T19195] ? rcu_is_watching+0x12/0xc0 [ 781.779471][T19195] do_syscall_64+0xcd/0x230 [ 781.779507][T19195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 781.779533][T19195] RIP: 0033:0x7f4cd9b8e969 [ 781.779552][T19195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 781.779577][T19195] RSP: 002b:00007f4cdaa8e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 781.779600][T19195] RAX: ffffffffffffffda RBX: 00007f4cd9db5fa8 RCX: 00007f4cd9b8e969 [ 781.779622][T19195] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4cd9db5fac [ 781.779637][T19195] RBP: 00007f4cd9db5fa0 R08: 00007f4cdaa8f000 R09: 0000000000000000 [ 781.779659][T19195] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f4cd9db5fac [ 781.779675][T19195] R13: 0000000000000000 R14: 00007ffe584fbc70 R15: 00007ffe584fbd58 [ 781.779705][T19195] [ 782.811440][T19206] sp0: Synchronizing with TNC [ 783.332294][T19214] netlink: 186 bytes leftover after parsing attributes in process `syz.2.5178'. [ 783.431052][T19216] FAULT_INJECTION: forcing a failure. [ 783.431052][T19216] name failslab, interval 1, probability 0, space 0, times 0 [ 783.588187][T19216] CPU: 1 UID: 0 PID: 19216 Comm: syz.3.5173 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 783.588222][T19216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 783.588238][T19216] Call Trace: [ 783.588246][T19216] [ 783.588255][T19216] dump_stack_lvl+0x16c/0x1f0 [ 783.588294][T19216] should_fail_ex+0x512/0x640 [ 783.588329][T19216] ? fs_reclaim_acquire+0xae/0x150 [ 783.588377][T19216] should_failslab+0xc2/0x120 [ 783.588407][T19216] __kmalloc_cache_noprof+0x6a/0x3e0 [ 783.588449][T19216] ? tomoyo_init_log+0x197/0x2140 [ 783.588486][T19216] tomoyo_init_log+0x197/0x2140 [ 783.588518][T19216] ? format_decode+0x1ad/0xd40 [ 783.588545][T19216] ? __pfx_format_decode+0x10/0x10 [ 783.588582][T19216] ? __pfx_tomoyo_init_log+0x10/0x10 [ 783.588626][T19216] tomoyo_write_log2+0x2f7/0xc10 [ 783.588664][T19216] tomoyo_supervisor+0x15e/0x13b0 [ 783.588708][T19216] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 783.588759][T19216] ? lockdep_hardirqs_on+0x7c/0x110 [ 783.588796][T19216] ? tomoyo_check_path_acl+0xad/0x210 [ 783.588825][T19216] ? tomoyo_check_acl+0x1f7/0x410 [ 783.588854][T19216] tomoyo_path_permission+0x270/0x3b0 [ 783.588885][T19216] tomoyo_check_open_permission+0x349/0x3c0 [ 783.588915][T19216] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 783.588975][T19216] ? do_raw_spin_lock+0x12c/0x2b0 [ 783.589021][T19216] tomoyo_file_open+0x6b/0x90 [ 783.589060][T19216] security_file_open+0x84/0x1e0 [ 783.589094][T19216] do_dentry_open+0x596/0x1c10 [ 783.589127][T19216] vfs_open+0x82/0x3f0 [ 783.589162][T19216] path_openat+0x1e5e/0x2d40 [ 783.589201][T19216] ? __pfx_path_openat+0x10/0x10 [ 783.589232][T19216] do_filp_open+0x20b/0x470 [ 783.589256][T19216] ? __pfx_do_filp_open+0x10/0x10 [ 783.589300][T19216] ? alloc_fd+0x471/0x7d0 [ 783.589351][T19216] do_sys_openat2+0x11b/0x1d0 [ 783.589384][T19216] ? __pfx_do_sys_openat2+0x10/0x10 [ 783.589419][T19216] ? __pfx___might_resched+0x10/0x10 [ 783.589453][T19216] __x64_sys_openat+0x174/0x210 [ 783.589487][T19216] ? __pfx___x64_sys_openat+0x10/0x10 [ 783.589522][T19216] ? rcu_is_watching+0x12/0xc0 [ 783.589553][T19216] do_syscall_64+0xcd/0x230 [ 783.589590][T19216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 783.589615][T19216] RIP: 0033:0x7f4611d8e969 [ 783.589635][T19216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 783.589660][T19216] RSP: 002b:00007f4612c2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 783.589682][T19216] RAX: ffffffffffffffda RBX: 00007f4611fb5fa0 RCX: 00007f4611d8e969 [ 783.589699][T19216] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 783.589715][T19216] RBP: 00007f4611e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 783.589730][T19216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 783.589745][T19216] R13: 0000000000000000 R14: 00007f4611fb5fa0 R15: 00007fff072ca708 [ 783.589775][T19216] [ 785.046813][ T5837] Bluetooth: hci2: unexpected event 0x08 length: 11 > 4 [ 785.047548][T19226] ima: policy update failed [ 785.116058][ T30] audit: type=1802 audit(4294968836.334:20): pid=19226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.5181" res=0 errno=0 [ 788.584014][T19286] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5201'. [ 789.091608][T19292] netlink: 326 bytes leftover after parsing attributes in process `syz.4.5204'. [ 789.603156][T19299] FAULT_INJECTION: forcing a failure. [ 789.603156][T19299] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 789.795537][T19299] CPU: 1 UID: 0 PID: 19299 Comm: syz.3.5207 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 789.795574][T19299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 789.795589][T19299] Call Trace: [ 789.795599][T19299] [ 789.795609][T19299] dump_stack_lvl+0x16c/0x1f0 [ 789.795647][T19299] should_fail_ex+0x512/0x640 [ 789.795687][T19299] should_fail_alloc_page+0xe7/0x130 [ 789.795720][T19299] prepare_alloc_pages+0x3c2/0x610 [ 789.795758][T19299] ? rcu_is_watching+0x12/0xc0 [ 789.795784][T19299] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 789.795816][T19299] ? is_bpf_text_address+0x94/0x1a0 [ 789.795850][T19299] ? kernel_text_address+0x8d/0x100 [ 789.795889][T19299] ? __kernel_text_address+0xd/0x40 [ 789.795957][T19299] ? unwind_get_return_address+0x59/0xa0 [ 789.795987][T19299] ? arch_stack_walk+0xa6/0x100 [ 789.796019][T19299] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 789.796058][T19299] ? stack_depot_save_flags+0x28/0xa50 [ 789.796098][T19299] ? stack_trace_save+0x8e/0xc0 [ 789.796123][T19299] ? __pfx_stack_trace_save+0x10/0x10 [ 789.796150][T19299] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 789.796189][T19299] ? policy_nodemask+0xea/0x4e0 [ 789.796222][T19299] alloc_pages_mpol+0x1fb/0x550 [ 789.796253][T19299] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 789.796293][T19299] alloc_pages_noprof+0x131/0x390 [ 789.796325][T19299] kimage_alloc_pages+0x75/0x300 [ 789.796362][T19299] kimage_alloc_control_pages+0x15d/0x910 [ 789.796405][T19299] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 789.796450][T19299] do_kexec_load+0x480/0x8d0 [ 789.796497][T19299] ? __pfx_do_kexec_load+0x10/0x10 [ 789.796537][T19299] ? _copy_from_user+0x59/0xd0 [ 789.796577][T19299] __x64_sys_kexec_load+0x1bf/0x230 [ 789.796618][T19299] do_syscall_64+0xcd/0x230 [ 789.796655][T19299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 789.796681][T19299] RIP: 0033:0x7f4611d8e969 [ 789.796700][T19299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 789.796725][T19299] RSP: 002b:00007f4612c2e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 789.796749][T19299] RAX: ffffffffffffffda RBX: 00007f4611fb5fa0 RCX: 00007f4611d8e969 [ 789.796766][T19299] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005 [ 789.796781][T19299] RBP: 00007f4611e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 789.796796][T19299] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 789.796816][T19299] R13: 0000000000000000 R14: 00007f4611fb5fa0 R15: 00007fff072ca708 [ 789.796846][T19299] [ 790.524712][T19305] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 791.749149][T19326] sp0: Synchronizing with TNC [ 793.040336][T19299] kexec: Could not allocate control_code_buffer [ 793.517587][T19355] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5226'. [ 793.643174][T19359] netlink: 214 bytes leftover after parsing attributes in process `syz.3.5226'. [ 793.757239][T19359] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 793.766009][T19359] IPv6: NLM_F_CREATE should be set when creating new route [ 793.774711][T19359] IPv6: NLM_F_CREATE should be set when creating new route [ 793.783389][T19359] IPv6: NLM_F_CREATE should be set when creating new route [ 794.460913][T19373] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5232'. [ 794.934297][T19380] FAULT_INJECTION: forcing a failure. [ 794.934297][T19380] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 795.023236][T19380] CPU: 1 UID: 0 PID: 19380 Comm: syz.2.5235 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 795.023278][T19380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 795.023293][T19380] Call Trace: [ 795.023302][T19380] [ 795.023311][T19380] dump_stack_lvl+0x16c/0x1f0 [ 795.023349][T19380] should_fail_ex+0x512/0x640 [ 795.023389][T19380] should_fail_alloc_page+0xe7/0x130 [ 795.023425][T19380] prepare_alloc_pages+0x3c2/0x610 [ 795.023465][T19380] ? rcu_is_watching+0x12/0xc0 [ 795.023490][T19380] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 795.023522][T19380] ? is_bpf_text_address+0x94/0x1a0 [ 795.023552][T19380] ? kernel_text_address+0x8d/0x100 [ 795.023601][T19380] ? __kernel_text_address+0xd/0x40 [ 795.023639][T19380] ? unwind_get_return_address+0x59/0xa0 [ 795.023669][T19380] ? arch_stack_walk+0xa6/0x100 [ 795.023700][T19380] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 795.023738][T19380] ? stack_depot_save_flags+0x28/0xa50 [ 795.023774][T19380] ? stack_trace_save+0x8e/0xc0 [ 795.023802][T19380] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 795.023838][T19380] ? policy_nodemask+0xea/0x4e0 [ 795.023871][T19380] alloc_pages_mpol+0x1fb/0x550 [ 795.023901][T19380] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 795.023939][T19380] alloc_pages_noprof+0x131/0x390 [ 795.023970][T19380] kimage_alloc_pages+0x75/0x300 [ 795.024008][T19380] kimage_alloc_control_pages+0x15d/0x910 [ 795.024051][T19380] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 795.024096][T19380] do_kexec_load+0x480/0x8d0 [ 795.024135][T19380] ? __pfx_do_kexec_load+0x10/0x10 [ 795.024174][T19380] ? _copy_from_user+0x59/0xd0 [ 795.024214][T19380] __x64_sys_kexec_load+0x1bf/0x230 [ 795.024254][T19380] do_syscall_64+0xcd/0x230 [ 795.024297][T19380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 795.024322][T19380] RIP: 0033:0x7f2e09b8e969 [ 795.024342][T19380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 795.024366][T19380] RSP: 002b:00007f2e0aa08038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 795.024390][T19380] RAX: ffffffffffffffda RBX: 00007f2e09db5fa0 RCX: 00007f2e09b8e969 [ 795.024406][T19380] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005 [ 795.024421][T19380] RBP: 00007f2e09c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 795.024437][T19380] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 795.024452][T19380] R13: 0000000000000000 R14: 00007f2e09db5fa0 R15: 00007fff6cb64f78 [ 795.024482][T19380] [ 795.335260][T19380] kexec: Could not allocate control_code_buffer [ 795.831214][T19387] netlink: 266 bytes leftover after parsing attributes in process `syz.3.5237'. [ 796.137262][T19394] FAULT_INJECTION: forcing a failure. [ 796.137262][T19394] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 796.195867][T19394] CPU: 1 UID: 0 PID: 19394 Comm: syz.4.5249 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 796.195902][T19394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 796.195918][T19394] Call Trace: [ 796.195926][T19394] [ 796.195935][T19394] dump_stack_lvl+0x16c/0x1f0 [ 796.195974][T19394] should_fail_ex+0x512/0x640 [ 796.196013][T19394] should_fail_alloc_page+0xe7/0x130 [ 796.196046][T19394] prepare_alloc_pages+0x3c2/0x610 [ 796.196084][T19394] ? rcu_is_watching+0x12/0xc0 [ 796.196110][T19394] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 796.196140][T19394] ? finish_task_switch.isra.0+0x221/0xc10 [ 796.196165][T19394] ? lockdep_hardirqs_on+0x7c/0x110 [ 796.196197][T19394] ? finish_task_switch.isra.0+0x221/0xc10 [ 796.196222][T19394] ? rcu_is_watching+0x12/0xc0 [ 796.196244][T19394] ? trace_sched_exit_tp+0xde/0x130 [ 796.196273][T19394] ? __schedule+0x1186/0x5de0 [ 796.196302][T19394] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 796.196356][T19394] ? __pfx___schedule+0x10/0x10 [ 796.196385][T19394] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 796.196419][T19394] ? policy_nodemask+0xea/0x4e0 [ 796.196450][T19394] alloc_pages_mpol+0x1fb/0x550 [ 796.196479][T19394] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 796.196526][T19394] ? irqentry_exit+0x3b/0x90 [ 796.196557][T19394] ? lockdep_hardirqs_on+0x7c/0x110 [ 796.196595][T19394] alloc_pages_noprof+0x131/0x390 [ 796.196625][T19394] kimage_alloc_pages+0x75/0x300 [ 796.196661][T19394] kimage_alloc_control_pages+0x15d/0x910 [ 796.196703][T19394] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 796.196746][T19394] do_kexec_load+0x480/0x8d0 [ 796.196783][T19394] ? __pfx_do_kexec_load+0x10/0x10 [ 796.196821][T19394] ? _copy_from_user+0x59/0xd0 [ 796.196860][T19394] __x64_sys_kexec_load+0x1bf/0x230 [ 796.196903][T19394] do_syscall_64+0xcd/0x230 [ 796.196938][T19394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 796.196962][T19394] RIP: 0033:0x7f4cd9b8e969 [ 796.196982][T19394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 796.197004][T19394] RSP: 002b:00007f4cdaa8e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 796.197027][T19394] RAX: ffffffffffffffda RBX: 00007f4cd9db5fa0 RCX: 00007f4cd9b8e969 [ 796.197043][T19394] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005 [ 796.197057][T19394] RBP: 00007f4cd9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 796.197073][T19394] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 796.197087][T19394] R13: 0000000000000000 R14: 00007f4cd9db5fa0 R15: 00007ffe584fbd58 [ 796.197116][T19394] [ 796.837439][T19394] kexec: Could not allocate control_code_buffer [ 797.006224][T19408] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5243'. [ 797.312228][T19416] netlink: 266 bytes leftover after parsing attributes in process `syz.1.5250'. [ 797.939762][T19427] netlink: 338 bytes leftover after parsing attributes in process `syz.4.5253'. [ 798.011722][T19427] bridge0: port 2(bridge_slave_1) entered disabled state [ 798.020813][T19427] bridge0: port 1(bridge_slave_0) entered disabled state [ 799.072111][T19446] Process accounting paused [ 799.239909][T19453] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5265'. [ 799.735150][T19459] zram: Cannot change disksize for initialized device [ 799.794411][T19466] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5269'. [ 799.999145][T19468] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5270'. [ 800.078936][T19471] FAULT_INJECTION: forcing a failure. [ 800.078936][T19471] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 800.183148][T19471] CPU: 1 UID: 0 PID: 19471 Comm: syz.4.5271 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 800.183183][T19471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 800.183198][T19471] Call Trace: [ 800.183221][T19471] [ 800.183231][T19471] dump_stack_lvl+0x16c/0x1f0 [ 800.183270][T19471] should_fail_ex+0x512/0x640 [ 800.183309][T19471] should_fail_alloc_page+0xe7/0x130 [ 800.183342][T19471] prepare_alloc_pages+0x3c2/0x610 [ 800.183380][T19471] ? rcu_is_watching+0x12/0xc0 [ 800.183406][T19471] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 800.183437][T19471] ? is_bpf_text_address+0x94/0x1a0 [ 800.183468][T19471] ? kernel_text_address+0x8d/0x100 [ 800.183506][T19471] ? __kernel_text_address+0xd/0x40 [ 800.183544][T19471] ? unwind_get_return_address+0x59/0xa0 [ 800.183572][T19471] ? arch_stack_walk+0xa6/0x100 [ 800.183603][T19471] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 800.183642][T19471] ? stack_depot_save_flags+0x28/0xa50 [ 800.183678][T19471] ? find_held_lock+0x2b/0x80 [ 800.183703][T19471] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 800.183738][T19471] ? policy_nodemask+0xea/0x4e0 [ 800.183770][T19471] alloc_pages_mpol+0x1fb/0x550 [ 800.183801][T19471] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 800.183839][T19471] alloc_pages_noprof+0x131/0x390 [ 800.183870][T19471] kimage_alloc_pages+0x75/0x300 [ 800.183907][T19471] kimage_alloc_control_pages+0x15d/0x910 [ 800.183951][T19471] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 800.183996][T19471] do_kexec_load+0x480/0x8d0 [ 800.184034][T19471] ? __pfx_do_kexec_load+0x10/0x10 [ 800.184074][T19471] ? _copy_from_user+0x59/0xd0 [ 800.184114][T19471] __x64_sys_kexec_load+0x1bf/0x230 [ 800.184154][T19471] do_syscall_64+0xcd/0x230 [ 800.184195][T19471] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 800.184225][T19471] RIP: 0033:0x7f4cd9b8e969 [ 800.184245][T19471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 800.184270][T19471] RSP: 002b:00007f4cdaa8e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 800.184293][T19471] RAX: ffffffffffffffda RBX: 00007f4cd9db5fa0 RCX: 00007f4cd9b8e969 [ 800.184310][T19471] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005 [ 800.184325][T19471] RBP: 00007f4cd9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 800.184340][T19471] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 800.184355][T19471] R13: 0000000000000000 R14: 00007f4cd9db5fa0 R15: 00007ffe584fbd58 [ 800.184385][T19471] [ 800.526437][T19471] kexec: Could not allocate control_code_buffer [ 800.679279][T19478] FAULT_INJECTION: forcing a failure. [ 800.679279][T19478] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 800.695843][T19478] CPU: 1 UID: 0 PID: 19478 Comm: syz.4.5282 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 800.695877][T19478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 800.695892][T19478] Call Trace: [ 800.695900][T19478] [ 800.695909][T19478] dump_stack_lvl+0x16c/0x1f0 [ 800.695948][T19478] should_fail_ex+0x512/0x640 [ 800.695987][T19478] should_fail_alloc_page+0xe7/0x130 [ 800.696020][T19478] prepare_alloc_pages+0x3c2/0x610 [ 800.696058][T19478] ? rcu_is_watching+0x12/0xc0 [ 800.696084][T19478] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 800.696116][T19478] ? is_bpf_text_address+0x94/0x1a0 [ 800.696146][T19478] ? kernel_text_address+0x8d/0x100 [ 800.696185][T19478] ? __kernel_text_address+0xd/0x40 [ 800.696223][T19478] ? unwind_get_return_address+0x59/0xa0 [ 800.696251][T19478] ? arch_stack_walk+0xa6/0x100 [ 800.696282][T19478] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 800.696321][T19478] ? stack_depot_save_flags+0x28/0xa50 [ 800.696357][T19478] ? stack_trace_save+0x8e/0xc0 [ 800.696385][T19478] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 800.696420][T19478] ? policy_nodemask+0xea/0x4e0 [ 800.696452][T19478] alloc_pages_mpol+0x1fb/0x550 [ 800.696490][T19478] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 800.696529][T19478] alloc_pages_noprof+0x131/0x390 [ 800.696560][T19478] kimage_alloc_pages+0x75/0x300 [ 800.696597][T19478] kimage_alloc_control_pages+0x15d/0x910 [ 800.696640][T19478] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 800.696685][T19478] do_kexec_load+0x480/0x8d0 [ 800.696724][T19478] ? __pfx_do_kexec_load+0x10/0x10 [ 800.696763][T19478] ? _copy_from_user+0x59/0xd0 [ 800.696803][T19478] __x64_sys_kexec_load+0x1bf/0x230 [ 800.696843][T19478] do_syscall_64+0xcd/0x230 [ 800.696879][T19478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 800.696904][T19478] RIP: 0033:0x7f4cd9b8e969 [ 800.696924][T19478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 800.696949][T19478] RSP: 002b:00007f4cdaa8e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 800.696972][T19478] RAX: ffffffffffffffda RBX: 00007f4cd9db5fa0 RCX: 00007f4cd9b8e969 [ 800.696988][T19478] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005 [ 800.697004][T19478] RBP: 00007f4cd9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 800.697018][T19478] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 800.697033][T19478] R13: 0000000000000000 R14: 00007f4cd9db5fa0 R15: 00007ffe584fbd58 [ 800.697063][T19478] [ 801.412319][T19482] FAULT_INJECTION: forcing a failure. [ 801.412319][T19482] name failslab, interval 1, probability 0, space 0, times 0 [ 801.450262][T19478] kexec: Could not allocate control_code_buffer [ 801.480012][T19482] CPU: 1 UID: 0 PID: 19482 Comm: syz.1.5275 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 801.480049][T19482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 801.480064][T19482] Call Trace: [ 801.480073][T19482] [ 801.480083][T19482] dump_stack_lvl+0x16c/0x1f0 [ 801.480123][T19482] should_fail_ex+0x512/0x640 [ 801.480166][T19482] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 801.480199][T19482] should_failslab+0xc2/0x120 [ 801.480229][T19482] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 801.480258][T19482] ? proc_alloc_inode+0x25/0x200 [ 801.480285][T19482] ? __pfx_proc_alloc_inode+0x10/0x10 [ 801.480307][T19482] proc_alloc_inode+0x25/0x200 [ 801.480329][T19482] alloc_inode+0x61/0x240 [ 801.480360][T19482] new_inode+0x22/0x1c0 [ 801.480392][T19482] proc_pid_make_inode+0x22/0x160 [ 801.480433][T19482] proc_pident_instantiate+0x85/0x320 [ 801.480477][T19482] proc_pident_lookup+0x21d/0x290 [ 801.480524][T19482] __lookup_slow+0x24e/0x460 [ 801.480558][T19482] ? __pfx___lookup_slow+0x10/0x10 [ 801.480608][T19482] ? lookup_fast+0x156/0x610 [ 801.480647][T19482] walk_component+0x353/0x5b0 [ 801.480685][T19482] link_path_walk.part.0.constprop.0+0x685/0xd60 [ 801.480735][T19482] path_openat+0x227/0x2d40 [ 801.480756][T19482] ? __x64_sys_openat+0x174/0x210 [ 801.480801][T19482] ? __pfx_path_openat+0x10/0x10 [ 801.480832][T19482] do_filp_open+0x20b/0x470 [ 801.480855][T19482] ? __pfx_do_filp_open+0x10/0x10 [ 801.480889][T19482] ? __pfx_kfree_link+0x10/0x10 [ 801.480929][T19482] ? alloc_fd+0x471/0x7d0 [ 801.480975][T19482] do_sys_openat2+0x11b/0x1d0 [ 801.481007][T19482] ? __pfx_do_sys_openat2+0x10/0x10 [ 801.481041][T19482] ? find_held_lock+0x2b/0x80 [ 801.481072][T19482] __x64_sys_openat+0x174/0x210 [ 801.481109][T19482] ? __pfx___x64_sys_openat+0x10/0x10 [ 801.481145][T19482] ? rcu_is_watching+0x12/0xc0 [ 801.481180][T19482] do_syscall_64+0xcd/0x230 [ 801.481217][T19482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 801.481242][T19482] RIP: 0033:0x7ff5f9b8d2d0 [ 801.481261][T19482] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 801.481286][T19482] RSP: 002b:00007ff5faa44f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 801.481309][T19482] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007ff5f9b8d2d0 [ 801.481325][T19482] RDX: 0000000000000002 RSI: 00007ff5faa44fa0 RDI: 00000000ffffff9c [ 801.481340][T19482] RBP: 00007ff5faa44fa0 R08: 0000000000000000 R09: 0000000000000000 [ 801.481355][T19482] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 801.481370][T19482] R13: 0000000000000000 R14: 00007ff5f9db5fa0 R15: 00007ffe19058ca8 [ 801.481401][T19482] [ 802.209809][T19488] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5276'. [ 802.440913][T19488] bond0: (slave bond_slave_1): Releasing backup interface [ 802.896540][T19496] zram: Cannot change disksize for initialized device [ 803.000875][T19501] netlink: 'syz.1.5281': attribute type 4 has an invalid length. [ 803.061239][T19501] netlink: 314 bytes leftover after parsing attributes in process `syz.1.5281'. [ 803.133946][T19504] netlink: 'syz.1.5281': attribute type 4 has an invalid length. [ 803.205805][T19504] netlink: 314 bytes leftover after parsing attributes in process `syz.1.5281'. [ 803.305417][T19506] FAULT_INJECTION: forcing a failure. [ 803.305417][T19506] name failslab, interval 1, probability 0, space 0, times 0 [ 803.393379][T19506] CPU: 1 UID: 0 PID: 19506 Comm: syz.2.5292 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 803.393414][T19506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 803.393429][T19506] Call Trace: [ 803.393446][T19506] [ 803.393456][T19506] dump_stack_lvl+0x16c/0x1f0 [ 803.393495][T19506] should_fail_ex+0x512/0x640 [ 803.393530][T19506] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 803.393562][T19506] should_failslab+0xc2/0x120 [ 803.393593][T19506] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 803.393620][T19506] ? tipc_node_find+0x2dc/0x500 [ 803.393646][T19506] ? __d_alloc+0x31/0xaa0 [ 803.393675][T19506] __d_alloc+0x31/0xaa0 [ 803.393698][T19506] ? __pfx_tipc_node_find+0x10/0x10 [ 803.393727][T19506] d_alloc_pseudo+0x1c/0xc0 [ 803.393759][T19506] alloc_file_pseudo+0xcf/0x230 [ 803.393794][T19506] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 803.393826][T19506] ? tipc_sk_finish_conn+0x580/0x790 [ 803.393868][T19506] sock_alloc_file+0x50/0x210 [ 803.393900][T19506] __sys_socketpair+0x31c/0x5a0 [ 803.393939][T19506] ? __pfx___sys_socketpair+0x10/0x10 [ 803.393988][T19506] ? xfd_validate_state+0x5d/0x180 [ 803.394031][T19506] ? rcu_is_watching+0x12/0xc0 [ 803.394059][T19506] __x64_sys_socketpair+0x96/0x100 [ 803.394096][T19506] ? lockdep_hardirqs_on+0x7c/0x110 [ 803.394130][T19506] do_syscall_64+0xcd/0x230 [ 803.394166][T19506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 803.394191][T19506] RIP: 0033:0x7f2e09b8e969 [ 803.394210][T19506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 803.394235][T19506] RSP: 002b:00007f2e0aa08038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 803.394257][T19506] RAX: ffffffffffffffda RBX: 00007f2e09db5fa0 RCX: 00007f2e09b8e969 [ 803.394274][T19506] RDX: 8000000000000000 RSI: 0000000000000004 RDI: 000000000000001e [ 803.394289][T19506] RBP: 00007f2e09c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 803.394305][T19506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 803.394319][T19506] R13: 0000000000000000 R14: 00007f2e09db5fa0 R15: 00007fff6cb64f78 [ 803.394349][T19506] [ 804.923229][T19539] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5293'. [ 805.359683][T19548] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5298'. [ 805.428957][T19548] IPv6: Can't replace route, no match found [ 805.629184][T19545] binder: 19544:19545 ioctl c018620c 0 returned -1 [ 806.164369][T19561] FAULT_INJECTION: forcing a failure. [ 806.164369][T19561] name failslab, interval 1, probability 0, space 0, times 0 [ 806.185042][T19563] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5307'. [ 806.217575][T19561] CPU: 1 UID: 0 PID: 19561 Comm: syz.4.5306 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 806.217612][T19561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 806.217627][T19561] Call Trace: [ 806.217635][T19561] [ 806.217645][T19561] dump_stack_lvl+0x16c/0x1f0 [ 806.217683][T19561] should_fail_ex+0x512/0x640 [ 806.217718][T19561] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 806.217762][T19561] should_failslab+0xc2/0x120 [ 806.217792][T19561] __kmalloc_cache_noprof+0x6a/0x3e0 [ 806.217833][T19561] ? ima_calc_file_hash_tfm+0x29f/0x3d0 [ 806.217878][T19561] ima_calc_file_hash_tfm+0x29f/0x3d0 [ 806.217919][T19561] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 806.218003][T19561] ? stack_trace_save+0x8e/0xc0 [ 806.218029][T19561] ? ima_alloc_tfm+0x21a/0x2e0 [ 806.218064][T19561] ? generic_fillattr+0x6bf/0x940 [ 806.218094][T19561] ima_calc_file_hash+0x1ba/0x490 [ 806.218142][T19561] ima_collect_measurement+0x897/0xa40 [ 806.218175][T19561] ? __pfx_ima_collect_measurement+0x10/0x10 [ 806.218215][T19561] ? trace_contention_end+0xdd/0x130 [ 806.218249][T19561] ? __mutex_lock+0x1ca/0xb90 [ 806.218280][T19561] ? is_bad_inode+0xd/0x40 [ 806.218313][T19561] ? xattr_resolve_name+0x27b/0x3f0 [ 806.218353][T19561] ? vfs_getxattr_alloc+0xec/0x340 [ 806.218395][T19561] ? ima_get_hash_algo+0x27c/0x400 [ 806.218434][T19561] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 806.218475][T19561] ? process_measurement+0x11fa/0x23e0 [ 806.218510][T19561] process_measurement+0x11fa/0x23e0 [ 806.218556][T19561] ? __pfx_process_measurement+0x10/0x10 [ 806.218591][T19561] ? __lock_acquire+0x5ca/0x1ba0 [ 806.218624][T19561] ? init_file+0x93/0x4c0 [ 806.218649][T19561] ? alloc_empty_file+0x73/0x1e0 [ 806.218678][T19561] ? hugetlb_file_setup+0x4cd/0x620 [ 806.218707][T19561] ? ksys_mmap_pgoff+0x189/0x5c0 [ 806.218739][T19561] ? __x64_sys_mmap+0x125/0x190 [ 806.218802][T19561] ima_file_mmap+0x1b1/0x1d0 [ 806.218837][T19561] ? __pfx_ima_file_mmap+0x10/0x10 [ 806.218880][T19561] security_mmap_file+0x88c/0x990 [ 806.218913][T19561] vm_mmap_pgoff+0xec/0x450 [ 806.218951][T19561] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 806.218983][T19561] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 806.219015][T19561] ? hugetlbfs_get_inode+0x31f/0x730 [ 806.219051][T19561] ksys_mmap_pgoff+0x1c8/0x5c0 [ 806.219086][T19561] ? rcu_is_watching+0x12/0xc0 [ 806.219110][T19561] __x64_sys_mmap+0x125/0x190 [ 806.219146][T19561] do_syscall_64+0xcd/0x230 [ 806.219182][T19561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 806.219207][T19561] RIP: 0033:0x7f4cd9b8e969 [ 806.219225][T19561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 806.219249][T19561] RSP: 002b:00007f4cdaa8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 806.219271][T19561] RAX: ffffffffffffffda RBX: 00007f4cd9db5fa0 RCX: 00007f4cd9b8e969 [ 806.219287][T19561] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 806.219302][T19561] RBP: 00007f4cd9c10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 806.219318][T19561] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 806.219333][T19561] R13: 0000000000000000 R14: 00007f4cd9db5fa0 R15: 00007ffe584fbd58 [ 806.219381][T19561] [ 806.223839][ T30] audit: type=1800 audit(4294968857.423:21): pid=19561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.5306" name="anon_hugepage" dev="hugetlbfs" ino=71775 res=0 errno=0 [ 806.867528][T19568] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5308'. [ 807.104066][T19575] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5311'. [ 807.115397][T19573] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5312'. [ 807.139135][T19575] netlink: 25 bytes leftover after parsing attributes in process `syz.4.5311'. [ 807.485538][T19583] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5315'. [ 808.457502][T19582] Process accounting paused [ 809.489346][T19617] netlink: 'syz.3.5328': attribute type 5 has an invalid length. [ 809.541061][T19617] netlink: 314 bytes leftover after parsing attributes in process `syz.3.5328'. [ 810.559485][T19634] netlink: 'syz.3.5332': attribute type 32 has an invalid length. [ 810.614479][T19634] netlink: 'syz.3.5332': attribute type 33 has an invalid length. [ 810.664646][T19634] netlink: 'syz.3.5332': attribute type 35 has an invalid length. [ 810.695734][T19634] netlink: 'syz.3.5332': attribute type 37 has an invalid length. [ 810.755288][T19634] netlink: 'syz.3.5332': attribute type 39 has an invalid length. [ 810.803503][T19634] netlink: 'syz.3.5332': attribute type 40 has an invalid length. [ 810.856208][T19634] netlink: 'syz.3.5332': attribute type 41 has an invalid length. [ 810.902228][T19634] netlink: 'syz.3.5332': attribute type 44 has an invalid length. [ 810.963734][T19634] netlink: 'syz.3.5332': attribute type 46 has an invalid length. [ 811.009079][T19634] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5332'. [ 811.453205][T19644] FAULT_INJECTION: forcing a failure. [ 811.453205][T19644] name failslab, interval 1, probability 0, space 0, times 0 [ 811.529750][T19644] CPU: 1 UID: 0 PID: 19644 Comm: syz.4.5336 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 811.529786][T19644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 811.529802][T19644] Call Trace: [ 811.529810][T19644] [ 811.529819][T19644] dump_stack_lvl+0x16c/0x1f0 [ 811.529859][T19644] should_fail_ex+0x512/0x640 [ 811.529894][T19644] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 811.529925][T19644] should_failslab+0xc2/0x120 [ 811.529956][T19644] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 811.529983][T19644] ? find_held_lock+0x2b/0x80 [ 811.530006][T19644] ? pidfs_alloc_inode+0x25/0x80 [ 811.530039][T19644] ? stashed_dentry_get+0xec/0x2a0 [ 811.530063][T19644] ? __pfx_pidfs_alloc_inode+0x10/0x10 [ 811.530095][T19644] pidfs_alloc_inode+0x25/0x80 [ 811.530127][T19644] alloc_inode+0x61/0x240 [ 811.530157][T19644] path_from_stashed+0x2be/0xb00 [ 811.530185][T19644] ? __pfx_path_from_stashed+0x10/0x10 [ 811.530206][T19644] ? find_held_lock+0x2b/0x80 [ 811.530230][T19644] ? alloc_fd+0x471/0x7d0 [ 811.530271][T19644] pidfs_alloc_file+0xf8/0x320 [ 811.530304][T19644] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 811.530341][T19644] ? find_get_pid+0x19b/0x310 [ 811.530378][T19644] pidfd_prepare+0xa8/0x130 [ 811.530411][T19644] __x64_sys_pidfd_open+0x105/0x1a0 [ 811.530456][T19644] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 811.530496][T19644] ? rcu_is_watching+0x12/0xc0 [ 811.530521][T19644] do_syscall_64+0xcd/0x230 [ 811.530558][T19644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.530583][T19644] RIP: 0033:0x7f4cd9b8e969 [ 811.530602][T19644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 811.530626][T19644] RSP: 002b:00007f4cdaa8e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 811.530649][T19644] RAX: ffffffffffffffda RBX: 00007f4cd9db5fa0 RCX: 00007f4cd9b8e969 [ 811.530666][T19644] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000014d [ 811.530681][T19644] RBP: 00007f4cd9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 811.530696][T19644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 811.530710][T19644] R13: 0000000000000000 R14: 00007f4cd9db5fa0 R15: 00007ffe584fbd58 [ 811.530739][T19644] [ 812.211553][T19651] program syz.2.5339 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 812.541000][T19660] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5342'. [ 812.620722][T19660] netlink: 25 bytes leftover after parsing attributes in process `syz.3.5342'. [ 813.830539][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.841602][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.445090][T19690] erspan0: entered allmulticast mode [ 814.545573][T19700] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5358'. [ 815.560542][T19707] FAULT_INJECTION: forcing a failure. [ 815.560542][T19707] name failslab, interval 1, probability 0, space 0, times 0 [ 815.704735][T19707] CPU: 1 UID: 0 PID: 19707 Comm: syz.4.5361 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 815.704771][T19707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 815.704786][T19707] Call Trace: [ 815.704794][T19707] [ 815.704803][T19707] dump_stack_lvl+0x16c/0x1f0 [ 815.704843][T19707] should_fail_ex+0x512/0x640 [ 815.704878][T19707] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 815.704922][T19707] should_failslab+0xc2/0x120 [ 815.704952][T19707] __kmalloc_cache_noprof+0x6a/0x3e0 [ 815.704994][T19707] ? v4l2_fh_open+0x4c/0xc0 [ 815.705031][T19707] v4l2_fh_open+0x4c/0xc0 [ 815.705065][T19707] v4l2_open+0x222/0x490 [ 815.705094][T19707] ? __pfx_v4l2_open+0x10/0x10 [ 815.705122][T19707] chrdev_open+0x231/0x6a0 [ 815.705150][T19707] ? __pfx_apparmor_file_open+0x10/0x10 [ 815.705181][T19707] ? __pfx_chrdev_open+0x10/0x10 [ 815.705219][T19707] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 815.705262][T19707] do_dentry_open+0x741/0x1c10 [ 815.705288][T19707] ? __pfx_chrdev_open+0x10/0x10 [ 815.705319][T19707] vfs_open+0x82/0x3f0 [ 815.705354][T19707] path_openat+0x1e5e/0x2d40 [ 815.705387][T19707] ? __pfx_path_openat+0x10/0x10 [ 815.705417][T19707] do_filp_open+0x20b/0x470 [ 815.705440][T19707] ? __pfx_do_filp_open+0x10/0x10 [ 815.705484][T19707] ? alloc_fd+0x471/0x7d0 [ 815.705529][T19707] do_sys_openat2+0x11b/0x1d0 [ 815.705561][T19707] ? __pfx_do_sys_openat2+0x10/0x10 [ 815.705604][T19707] __x64_sys_openat+0x174/0x210 [ 815.705637][T19707] ? __pfx___x64_sys_openat+0x10/0x10 [ 815.705672][T19707] ? rcu_is_watching+0x12/0xc0 [ 815.705703][T19707] do_syscall_64+0xcd/0x230 [ 815.705740][T19707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.705768][T19707] RIP: 0033:0x7f4cd9b8e969 [ 815.705787][T19707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 815.705811][T19707] RSP: 002b:00007f4cdaa8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 815.705834][T19707] RAX: ffffffffffffffda RBX: 00007f4cd9db5fa0 RCX: 00007f4cd9b8e969 [ 815.705851][T19707] RDX: 0000000000080382 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 815.705867][T19707] RBP: 00007f4cd9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 815.705883][T19707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 815.705898][T19707] R13: 0000000000000000 R14: 00007f4cd9db5fa0 R15: 00007ffe584fbd58 [ 815.705928][T19707] [ 815.996272][ C1] vkms_vblank_simulate: vblank timer overrun [ 817.289496][T19749] FAULT_INJECTION: forcing a failure. [ 817.289496][T19749] name failslab, interval 1, probability 0, space 0, times 0 [ 817.378819][T19749] CPU: 1 UID: 0 PID: 19749 Comm: syz.3.5376 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 817.378854][T19749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 817.378870][T19749] Call Trace: [ 817.378878][T19749] [ 817.378887][T19749] dump_stack_lvl+0x16c/0x1f0 [ 817.378927][T19749] should_fail_ex+0x512/0x640 [ 817.378961][T19749] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 817.378993][T19749] should_failslab+0xc2/0x120 [ 817.379023][T19749] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 817.379060][T19749] ? d_instantiate+0x77/0x90 [ 817.379086][T19749] ? alloc_empty_file+0x55/0x1e0 [ 817.379121][T19749] alloc_empty_file+0x55/0x1e0 [ 817.379152][T19749] alloc_file_pseudo+0x13a/0x230 [ 817.379187][T19749] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 817.379219][T19749] ? alloc_fd+0x471/0x7d0 [ 817.379261][T19749] sock_alloc_file+0x50/0x210 [ 817.379293][T19749] __sys_socket+0x1c0/0x260 [ 817.379331][T19749] ? __pfx___sys_socket+0x10/0x10 [ 817.379368][T19749] ? rcu_is_watching+0x12/0xc0 [ 817.379397][T19749] __x64_sys_socket+0x72/0xb0 [ 817.379431][T19749] ? lockdep_hardirqs_on+0x7c/0x110 [ 817.379463][T19749] do_syscall_64+0xcd/0x230 [ 817.379500][T19749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.379525][T19749] RIP: 0033:0x7f4611d8e969 [ 817.379543][T19749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 817.379567][T19749] RSP: 002b:00007f4612c2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 817.379590][T19749] RAX: ffffffffffffffda RBX: 00007f4611fb5fa0 RCX: 00007f4611d8e969 [ 817.379611][T19749] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000029 [ 817.379625][T19749] RBP: 00007f4611e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 817.379640][T19749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 817.379655][T19749] R13: 0000000000000000 R14: 00007f4611fb5fa0 R15: 00007fff072ca708 [ 817.379685][T19749] [ 817.615306][ C1] vkms_vblank_simulate: vblank timer overrun [ 818.303887][T19760] FAULT_INJECTION: forcing a failure. [ 818.303887][T19760] name failslab, interval 1, probability 0, space 0, times 0 [ 818.365669][T19755] FAULT_INJECTION: forcing a failure. [ 818.365669][T19755] name failslab, interval 1, probability 0, space 0, times 0 [ 818.388171][T19760] CPU: 1 UID: 0 PID: 19760 Comm: syz.4.5388 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 818.388206][T19760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 818.388222][T19760] Call Trace: [ 818.388230][T19760] [ 818.388247][T19760] dump_stack_lvl+0x16c/0x1f0 [ 818.388285][T19760] should_fail_ex+0x512/0x640 [ 818.388320][T19760] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 818.388363][T19760] should_failslab+0xc2/0x120 [ 818.388394][T19760] __kmalloc_cache_noprof+0x6a/0x3e0 [ 818.388436][T19760] ? __do_sys_memfd_create+0x17b/0x8a0 [ 818.388475][T19760] __do_sys_memfd_create+0x17b/0x8a0 [ 818.388511][T19760] do_syscall_64+0xcd/0x230 [ 818.388548][T19760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 818.388573][T19760] RIP: 0033:0x7f4cd9b8e969 [ 818.388592][T19760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 818.388616][T19760] RSP: 002b:00007f4cdaa8e038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 818.388638][T19760] RAX: ffffffffffffffda RBX: 00007f4cd9db5fa0 RCX: 00007f4cd9b8e969 [ 818.388655][T19760] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 818.388670][T19760] RBP: 00007f4cd9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 818.388685][T19760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 818.388700][T19760] R13: 0000000000000000 R14: 00007f4cd9db5fa0 R15: 00007ffe584fbd58 [ 818.388729][T19760] [ 818.639201][T19755] CPU: 1 UID: 0 PID: 19755 Comm: syz.2.5379 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 818.639250][T19755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 818.639265][T19755] Call Trace: [ 818.639272][T19755] [ 818.639281][T19755] dump_stack_lvl+0x16c/0x1f0 [ 818.639318][T19755] should_fail_ex+0x512/0x640 [ 818.639352][T19755] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 818.639395][T19755] should_failslab+0xc2/0x120 [ 818.639424][T19755] __kmalloc_cache_noprof+0x6a/0x3e0 [ 818.639483][T19755] ? v4l2_fh_open+0x4c/0xc0 [ 818.639521][T19755] v4l2_fh_open+0x4c/0xc0 [ 818.639554][T19755] v4l2_open+0x222/0x490 [ 818.639583][T19755] ? __pfx_v4l2_open+0x10/0x10 [ 818.639611][T19755] chrdev_open+0x231/0x6a0 [ 818.639637][T19755] ? __pfx_apparmor_file_open+0x10/0x10 [ 818.639668][T19755] ? __pfx_chrdev_open+0x10/0x10 [ 818.639696][T19755] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 818.639739][T19755] do_dentry_open+0x741/0x1c10 [ 818.639764][T19755] ? __pfx_chrdev_open+0x10/0x10 [ 818.639795][T19755] vfs_open+0x82/0x3f0 [ 818.639829][T19755] path_openat+0x1e5e/0x2d40 [ 818.639862][T19755] ? __pfx_path_openat+0x10/0x10 [ 818.639893][T19755] do_filp_open+0x20b/0x470 [ 818.639916][T19755] ? __pfx_do_filp_open+0x10/0x10 [ 818.639960][T19755] ? alloc_fd+0x471/0x7d0 [ 818.640005][T19755] do_sys_openat2+0x11b/0x1d0 [ 818.640037][T19755] ? __pfx_do_sys_openat2+0x10/0x10 [ 818.640089][T19755] __x64_sys_openat+0x174/0x210 [ 818.640123][T19755] ? __pfx___x64_sys_openat+0x10/0x10 [ 818.640157][T19755] ? rcu_is_watching+0x12/0xc0 [ 818.640192][T19755] do_syscall_64+0xcd/0x230 [ 818.640228][T19755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 818.640255][T19755] RIP: 0033:0x7f2e09b8e969 [ 818.640273][T19755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 818.640297][T19755] RSP: 002b:00007f2e0aa08038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 818.640319][T19755] RAX: ffffffffffffffda RBX: 00007f2e09db5fa0 RCX: 00007f2e09b8e969 [ 818.640336][T19755] RDX: 0000000000080382 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 818.640351][T19755] RBP: 00007f2e09c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 818.640367][T19755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 818.640381][T19755] R13: 0000000000000000 R14: 00007f2e09db5fa0 R15: 00007fff6cb64f78 [ 818.640410][T19755] [ 818.961932][T19765] netlink: 504 bytes leftover after parsing attributes in process `syz.1.5382'. [ 818.973684][T19765] netlink: 504 bytes leftover after parsing attributes in process `syz.1.5382'. [ 819.207368][T19772] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN [ 820.533629][T19796] validate_nla: 1 callbacks suppressed [ 820.533648][T19796] netlink: 'syz.4.5395': attribute type 27 has an invalid length. [ 820.609839][T19796] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5395'. [ 820.702072][T19799] FAULT_INJECTION: forcing a failure. [ 820.702072][T19799] name failslab, interval 1, probability 0, space 0, times 0 [ 820.825221][T19803] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5397'. [ 820.845071][T19799] CPU: 1 UID: 0 PID: 19799 Comm: syz.1.5396 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 820.845107][T19799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 820.845123][T19799] Call Trace: [ 820.845131][T19799] [ 820.845141][T19799] dump_stack_lvl+0x16c/0x1f0 [ 820.845180][T19799] should_fail_ex+0x512/0x640 [ 820.845215][T19799] ? fs_reclaim_acquire+0xae/0x150 [ 820.845255][T19799] ? tomoyo_encode2+0x100/0x3e0 [ 820.845287][T19799] should_failslab+0xc2/0x120 [ 820.845317][T19799] __kmalloc_noprof+0xd2/0x510 [ 820.845343][T19799] ? d_absolute_path+0x136/0x1a0 [ 820.845377][T19799] tomoyo_encode2+0x100/0x3e0 [ 820.845415][T19799] tomoyo_encode+0x29/0x50 [ 820.845447][T19799] tomoyo_realpath_from_path+0x18f/0x6e0 [ 820.845490][T19799] tomoyo_check_open_permission+0x2ab/0x3c0 [ 820.845521][T19799] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 820.845581][T19799] ? do_raw_spin_lock+0x12c/0x2b0 [ 820.845627][T19799] tomoyo_file_open+0x6b/0x90 [ 820.845666][T19799] security_file_open+0x84/0x1e0 [ 820.845700][T19799] do_dentry_open+0x596/0x1c10 [ 820.845734][T19799] vfs_open+0x82/0x3f0 [ 820.845769][T19799] path_openat+0x1e5e/0x2d40 [ 820.845814][T19799] ? __pfx_path_openat+0x10/0x10 [ 820.845845][T19799] do_filp_open+0x20b/0x470 [ 820.845869][T19799] ? __pfx_do_filp_open+0x10/0x10 [ 820.845914][T19799] ? alloc_fd+0x471/0x7d0 [ 820.845959][T19799] do_sys_openat2+0x11b/0x1d0 [ 820.845992][T19799] ? __pfx_do_sys_openat2+0x10/0x10 [ 820.846037][T19799] __x64_sys_openat+0x174/0x210 [ 820.846071][T19799] ? __pfx___x64_sys_openat+0x10/0x10 [ 820.846111][T19799] ? rcu_is_watching+0x12/0xc0 [ 820.846142][T19799] do_syscall_64+0xcd/0x230 [ 820.846178][T19799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.846204][T19799] RIP: 0033:0x7ff5f9b8e969 [ 820.846223][T19799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 820.846248][T19799] RSP: 002b:00007ff5faa45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 820.846270][T19799] RAX: ffffffffffffffda RBX: 00007ff5f9db5fa0 RCX: 00007ff5f9b8e969 [ 820.846286][T19799] RDX: 000000000002ab01 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 820.846302][T19799] RBP: 00007ff5f9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 820.846317][T19799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 820.846332][T19799] R13: 0000000000000000 R14: 00007ff5f9db5fa0 R15: 00007ffe19058ca8 [ 820.846363][T19799] [ 821.466736][T19799] ERROR: Out of memory at tomoyo_realpath_from_path. [ 823.473028][T19832] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #239: comm syz.3.5408: No space for directory leaf checksum. Please run e2fsck -D. [ 823.553356][T19832] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #239: comm syz.3.5408: checksumming directory block 0 [ 823.637931][T19832] platform regulatory.0: loading /lib/firmware/updates/6.15.0-rc4-syzkaller-00291-g2a239ffbebb5/regulatory.db failed with error -74 [ 823.738927][T19832] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #239: comm syz.3.5408: No space for directory leaf checksum. Please run e2fsck -D. [ 823.822409][T19832] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #239: comm syz.3.5408: checksumming directory block 0 [ 823.905233][T19832] platform regulatory.0: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 824.027174][T19832] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #239: comm syz.3.5408: No space for directory leaf checksum. Please run e2fsck -D. [ 824.107341][T19832] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #239: comm syz.3.5408: checksumming directory block 0 [ 824.181081][T19832] platform regulatory.0: loading /lib/firmware/6.15.0-rc4-syzkaller-00291-g2a239ffbebb5/regulatory.db failed with error -74 [ 824.305849][T19832] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #239: comm syz.3.5408: No space for directory leaf checksum. Please run e2fsck -D. [ 824.428747][T19837] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 824.458847][T19837] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 824.489196][T19832] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #239: comm syz.3.5408: checksumming directory block 0 [ 824.544702][T19837] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 824.570377][T19837] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 824.599752][T19832] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -74 [ 824.644650][T19837] CPU0 is offline. [ 824.665842][T19832] platform regulatory.0: Direct firmware load for regulatory.db failed with error -74 [ 824.726709][T19832] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 825.236643][T19856] netlink: 'syz.3.5417': attribute type 17 has an invalid length. [ 825.288580][T19856] netlink: 326 bytes leftover after parsing attributes in process `syz.3.5417'. [ 825.626868][T19864] ERROR: Out of memory at tomoyo_memory_ok. [ 826.144132][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 826.234854][T19858] FAULT_INJECTION: forcing a failure. [ 826.234854][T19858] name failslab, interval 1, probability 0, space 0, times 0 [ 826.460382][T19858] CPU: 1 UID: 0 PID: 19858 Comm: syz.1.5415 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 826.460428][T19858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 826.460443][T19858] Call Trace: [ 826.460451][T19858] [ 826.460461][T19858] dump_stack_lvl+0x16c/0x1f0 [ 826.460500][T19858] should_fail_ex+0x512/0x640 [ 826.460535][T19858] ? fs_reclaim_acquire+0xae/0x150 [ 826.460575][T19858] should_failslab+0xc2/0x120 [ 826.460605][T19858] __kmalloc_cache_noprof+0x6a/0x3e0 [ 826.460647][T19858] ? tomoyo_write_log2+0x33d/0xc10 [ 826.460698][T19858] tomoyo_write_log2+0x33d/0xc10 [ 826.460730][T19858] ? tomoyo_domain_quota_is_ok+0x200/0x5a0 [ 826.460763][T19858] tomoyo_supervisor+0x15e/0x13b0 [ 826.460808][T19858] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 826.460860][T19858] ? lockdep_hardirqs_on+0x7c/0x110 [ 826.460897][T19858] ? tomoyo_check_path_acl+0xad/0x210 [ 826.460926][T19858] ? tomoyo_check_acl+0x1f7/0x410 [ 826.460955][T19858] tomoyo_path_permission+0x270/0x3b0 [ 826.460986][T19858] tomoyo_check_open_permission+0x349/0x3c0 [ 826.461017][T19858] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 826.461077][T19858] ? do_raw_spin_lock+0x12c/0x2b0 [ 826.461123][T19858] tomoyo_file_open+0x6b/0x90 [ 826.461163][T19858] security_file_open+0x84/0x1e0 [ 826.461197][T19858] do_dentry_open+0x596/0x1c10 [ 826.461231][T19858] vfs_open+0x82/0x3f0 [ 826.461266][T19858] path_openat+0x1e5e/0x2d40 [ 826.461300][T19858] ? __pfx_path_openat+0x10/0x10 [ 826.461331][T19858] do_filp_open+0x20b/0x470 [ 826.461354][T19858] ? __pfx_do_filp_open+0x10/0x10 [ 826.461399][T19858] ? alloc_fd+0x471/0x7d0 [ 826.461452][T19858] do_sys_openat2+0x11b/0x1d0 [ 826.461485][T19858] ? __pfx_do_sys_openat2+0x10/0x10 [ 826.461529][T19858] __x64_sys_openat+0x174/0x210 [ 826.461564][T19858] ? __pfx___x64_sys_openat+0x10/0x10 [ 826.461599][T19858] ? rcu_is_watching+0x12/0xc0 [ 826.461630][T19858] do_syscall_64+0xcd/0x230 [ 826.461667][T19858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 826.461695][T19858] RIP: 0033:0x7ff5f9b8e969 [ 826.461714][T19858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 826.461738][T19858] RSP: 002b:00007ff5faa45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 826.461760][T19858] RAX: ffffffffffffffda RBX: 00007ff5f9db5fa0 RCX: 00007ff5f9b8e969 [ 826.461777][T19858] RDX: 0000000000080382 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 826.461792][T19858] RBP: 00007ff5f9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 826.461807][T19858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 826.461822][T19858] R13: 0000000000000000 R14: 00007ff5f9db5fa0 R15: 00007ffe19058ca8 [ 826.461852][T19858] [ 827.304693][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 827.312003][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout [ 827.320100][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 830.795691][T19910] Process accounting resumed [ 831.341525][T19923] mkiss: ax0: crc mode is auto. [ 832.924592][T19957] netlink: 'syz.4.5453': attribute type 4 has an invalid length. [ 832.984251][T19957] netlink: 314 bytes leftover after parsing attributes in process `syz.4.5453'. [ 833.817679][T19977] netlink: 186 bytes leftover after parsing attributes in process `syz.1.5459'. [ 834.720333][T19990] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5463'. [ 835.065684][T19998] netlink: 342 bytes leftover after parsing attributes in process `syz.2.5468'. [ 836.002995][T20018] FAULT_INJECTION: forcing a failure. [ 836.002995][T20018] name failslab, interval 1, probability 0, space 0, times 0 [ 836.081406][T20018] CPU: 1 UID: 0 PID: 20018 Comm: syz.4.5475 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 836.081443][T20018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 836.081459][T20018] Call Trace: [ 836.081467][T20018] [ 836.081476][T20018] dump_stack_lvl+0x16c/0x1f0 [ 836.081516][T20018] should_fail_ex+0x512/0x640 [ 836.081551][T20018] ? __kvmalloc_node_noprof+0x122/0x600 [ 836.081580][T20018] should_failslab+0xc2/0x120 [ 836.081610][T20018] __kvmalloc_node_noprof+0x135/0x600 [ 836.081636][T20018] ? __pfx_net_ctl_permissions+0x10/0x10 [ 836.081673][T20018] ? proc_sys_call_handler+0x2a6/0x5c0 [ 836.081705][T20018] ? proc_sys_call_handler+0x2a6/0x5c0 [ 836.081730][T20018] proc_sys_call_handler+0x2a6/0x5c0 [ 836.081758][T20018] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 836.081798][T20018] ? rw_verify_area+0xcf/0x680 [ 836.081838][T20018] vfs_read+0x8c8/0xc70 [ 836.081864][T20018] ? __pfx___mutex_lock+0x10/0x10 [ 836.081899][T20018] ? __pfx_vfs_read+0x10/0x10 [ 836.081940][T20018] ksys_read+0x12a/0x240 [ 836.081962][T20018] ? __pfx_ksys_read+0x10/0x10 [ 836.081983][T20018] ? xfd_validate_state+0x5d/0x180 [ 836.082030][T20018] do_syscall_64+0xcd/0x230 [ 836.082067][T20018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 836.082092][T20018] RIP: 0033:0x7f4cd9b8e969 [ 836.082111][T20018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 836.082134][T20018] RSP: 002b:00007f4cdaa6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 836.082156][T20018] RAX: ffffffffffffffda RBX: 00007f4cd9db6080 RCX: 00007f4cd9b8e969 [ 836.082173][T20018] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005 [ 836.082187][T20018] RBP: 00007f4cd9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 836.082202][T20018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 836.082216][T20018] R13: 0000000000000000 R14: 00007f4cd9db6080 R15: 00007ffe584fbd58 [ 836.082246][T20018] [ 836.327736][ C1] vkms_vblank_simulate: vblank timer overrun [ 836.699199][T20026] ================================================================== [ 836.708911][T20026] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 836.718187][T20026] Read of size 8 at addr ffff888029edfc18 by task syz.1.5478/20026 [ 836.727647][T20026] [ 836.730430][T20026] CPU: 1 UID: 0 PID: 20026 Comm: syz.1.5478 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 836.730462][T20026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 836.730476][T20026] Call Trace: [ 836.730486][T20026] [ 836.730497][T20026] dump_stack_lvl+0x116/0x1f0 [ 836.730533][T20026] print_report+0xc3/0x670 [ 836.730562][T20026] ? __virt_addr_valid+0x5e/0x590 [ 836.730594][T20026] ? __phys_addr+0xc6/0x150 [ 836.730625][T20026] ? dvb_device_open+0x36a/0x3b0 [ 836.730658][T20026] kasan_report+0xe0/0x110 [ 836.730686][T20026] ? dvb_device_open+0x36a/0x3b0 [ 836.730722][T20026] ? __pfx_dvb_device_open+0x10/0x10 [ 836.730756][T20026] dvb_device_open+0x36a/0x3b0 [ 836.730794][T20026] ? __pfx_dvb_device_open+0x10/0x10 [ 836.730828][T20026] chrdev_open+0x231/0x6a0 [ 836.730854][T20026] ? __pfx_apparmor_file_open+0x10/0x10 [ 836.730886][T20026] ? __pfx_chrdev_open+0x10/0x10 [ 836.730913][T20026] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 836.730954][T20026] do_dentry_open+0x741/0x1c10 [ 836.730979][T20026] ? __pfx_chrdev_open+0x10/0x10 [ 836.731007][T20026] vfs_open+0x82/0x3f0 [ 836.731040][T20026] path_openat+0x1e5e/0x2d40 [ 836.731068][T20026] ? __pfx_path_openat+0x10/0x10 [ 836.731095][T20026] do_filp_open+0x20b/0x470 [ 836.731121][T20026] ? __pfx_do_filp_open+0x10/0x10 [ 836.731154][T20026] ? alloc_fd+0x471/0x7d0 [ 836.731194][T20026] do_sys_openat2+0x11b/0x1d0 [ 836.731226][T20026] ? __pfx_do_sys_openat2+0x10/0x10 [ 836.731258][T20026] ? __pfx_do_sys_openat2+0x10/0x10 [ 836.731291][T20026] ? __pfx___might_resched+0x10/0x10 [ 836.731321][T20026] __x64_sys_openat+0x174/0x210 [ 836.731354][T20026] ? __pfx___x64_sys_openat+0x10/0x10 [ 836.731388][T20026] ? rcu_is_watching+0x12/0xc0 [ 836.731414][T20026] do_syscall_64+0xcd/0x230 [ 836.731450][T20026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 836.731475][T20026] RIP: 0033:0x7ff5f9b8e969 [ 836.731495][T20026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 836.731520][T20026] RSP: 002b:00007ff5faa45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 836.731542][T20026] RAX: ffffffffffffffda RBX: 00007ff5f9db5fa0 RCX: 00007ff5f9b8e969 [ 836.731559][T20026] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 836.731576][T20026] RBP: 00007ff5f9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 836.731592][T20026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 836.731607][T20026] R13: 0000000000000000 R14: 00007ff5f9db5fa0 R15: 00007ffe19058ca8 [ 836.731630][T20026] [ 836.731638][T20026] [ 837.040964][T20026] Allocated by task 19807: [ 837.046251][T20026] kasan_save_stack+0x33/0x60 [ 837.051865][T20026] kasan_save_track+0x14/0x30 [ 837.057473][T20026] __kasan_kmalloc+0xaa/0xb0 [ 837.062972][T20026] __kmalloc_noprof+0x223/0x510 [ 837.068808][T20026] __register_sysctl_table+0xea2/0x1900 [ 837.075461][T20026] mpls_dev_sysctl_register+0x185/0x2a0 [ 837.082119][T20026] mpls_dev_notify+0x4ab/0xa20 [ 837.087849][T20026] notifier_call_chain+0xb9/0x410 [ 837.093877][T20026] call_netdevice_notifiers_info+0xbe/0x140 [ 837.100954][T20026] register_netdevice+0x182e/0x2270 [ 837.107202][T20026] register_netdev+0x34/0x50 [ 837.112711][T20026] vti6_init_net+0x28f/0x490 [ 837.118230][T20026] ops_init+0x1df/0x5f0 [ 837.123215][T20026] setup_net+0x21e/0x850 [ 837.128306][T20026] copy_net_ns+0x2a6/0x5f0 [ 837.133607][T20026] create_new_namespaces+0x3ea/0xad0 [ 837.139968][T20026] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 837.146725][T20026] ksys_unshare+0x45b/0xa40 [ 837.152142][T20026] __x64_sys_unshare+0x31/0x40 [ 837.157862][T20026] do_syscall_64+0xcd/0x230 [ 837.163269][T20026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 837.170333][T20026] [ 837.173108][T20026] Freed by task 1108: [ 837.177868][T20026] kasan_save_stack+0x33/0x60 [ 837.183475][T20026] kasan_save_track+0x14/0x30 [ 837.189090][T20026] kasan_save_free_info+0x3b/0x60 [ 837.195125][T20026] __kasan_slab_free+0x51/0x70 [ 837.200836][T20026] kmem_cache_free_bulk.part.0+0x38d/0x7f0 [ 837.207796][T20026] kvfree_rcu_bulk+0x1bb/0x1f0 [ 837.213509][T20026] kfree_rcu_monitor+0x1d0/0x2f0 [ 837.219426][T20026] process_one_work+0x9cc/0x1b70 [ 837.225355][T20026] worker_thread+0x6c8/0xf10 [ 837.230867][T20026] kthread+0x3c2/0x780 [ 837.235752][T20026] ret_from_fork+0x45/0x80 [ 837.241060][T20026] ret_from_fork_asm+0x1a/0x30 [ 837.246784][T20026] [ 837.249591][T20026] Last potentially related work creation: [ 837.256449][T20026] kasan_save_stack+0x33/0x60 [ 837.262075][T20026] kasan_record_aux_stack+0xb8/0xd0 [ 837.268330][T20026] kvfree_call_rcu+0x76/0x470 [ 837.273943][T20026] drop_sysctl_table+0x355/0x5f0 [ 837.279866][T20026] unregister_sysctl_table+0x41/0x60 [ 837.286228][T20026] mpls_dev_notify+0x70c/0xa20 [ 837.291964][T20026] notifier_call_chain+0xb9/0x410 [ 837.297994][T20026] call_netdevice_notifiers_info+0xbe/0x140 [ 837.305074][T20026] unregister_netdevice_many_notify+0xf9a/0x26f0 [ 837.312668][T20026] cleanup_net+0x596/0xb30 [ 837.317968][T20026] process_one_work+0x9cc/0x1b70 [ 837.323904][T20026] worker_thread+0x6c8/0xf10 [ 837.329417][T20026] kthread+0x3c2/0x780 [ 837.334326][T20026] ret_from_fork+0x45/0x80 [ 837.339656][T20026] ret_from_fork_asm+0x1a/0x30 [ 837.345388][T20026] [ 837.348374][T20026] The buggy address belongs to the object at ffff888029edfc00 [ 837.348374][T20026] which belongs to the cache kmalloc-256 of size 256 [ 837.365243][T20026] The buggy address is located 24 bytes inside of [ 837.365243][T20026] freed 256-byte region [ffff888029edfc00, ffff888029edfd00) [ 837.381818][T20026] [ 837.384603][T20026] The buggy address belongs to the physical page: [ 837.392287][T20026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29ede [ 837.402809][T20026] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 837.413027][T20026] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 837.422622][T20026] page_type: f5(slab) [ 837.427396][T20026] raw: 00fff00000000040 ffff88801b441b40 ffffea00018e9780 0000000000000005 [ 837.437758][T20026] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 837.448178][T20026] head: 00fff00000000040 ffff88801b441b40 ffffea00018e9780 0000000000000005 [ 837.458606][T20026] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 837.469010][T20026] head: 00fff00000000001 ffffea0000a7b781 00000000ffffffff 00000000ffffffff [ 837.479406][T20026] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 837.489805][T20026] page dumped because: kasan: bad access detected [ 837.497491][T20026] page_owner tracks the page as allocated [ 837.504336][T20026] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24761581498, free_ts 0 [ 837.527984][T20026] post_alloc_hook+0x181/0x1b0 [ 837.533697][T20026] get_page_from_freelist+0x135c/0x3920 [ 837.540352][T20026] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 837.547422][T20026] alloc_pages_mpol+0x1fb/0x550 [ 837.553241][T20026] new_slab+0x244/0x340 [ 837.558237][T20026] ___slab_alloc+0xd9c/0x1940 [ 837.563858][T20026] __slab_alloc.constprop.0+0x56/0xb0 [ 837.570313][T20026] __kmalloc_cache_noprof+0xfb/0x3e0 [ 837.576666][T20026] bus_add_driver+0x92/0x690 [ 837.582167][T20026] driver_register+0x15c/0x4b0 [ 837.587880][T20026] usb_register_driver+0x216/0x4d0 [ 837.594013][T20026] do_one_initcall+0x120/0x6e0 [ 837.599736][T20026] kernel_init_freeable+0x5c2/0x900 [ 837.606002][T20026] kernel_init+0x1c/0x2b0 [ 837.611191][T20026] ret_from_fork+0x45/0x80 [ 837.616518][T20026] ret_from_fork_asm+0x1a/0x30 [ 837.622264][T20026] page_owner free stack trace missing [ 837.628701][T20026] [ 837.631487][T20026] Memory state around the buggy address: [ 837.638234][T20026] ffff888029edfb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 837.647900][T20026] ffff888029edfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 837.657586][T20026] >ffff888029edfc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 837.667249][T20026] ^ [ 837.673053][T20026] ffff888029edfc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 837.682724][T20026] ffff888029edfd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 837.692400][T20026] ================================================================== [ 837.702166][ C1] vkms_vblank_simulate: vblank timer overrun SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 838.856262][ T5827] Process accounting resumed [ 838.869458][T20028] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 839.033061][T20028] EXT4-fs error (device sda1): htree_dirblock_to_tree:1053: inode #243: comm dhcpcd-run-hook: Directory block failed checksum [ 839.105374][T20028] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 839.210623][T20028] EXT4-fs error (device sda1): __ext4_find_entry:1626: inode #243: comm dhcpcd-run-hook: checksumming directory block 0 [ 839.449268][T20029] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:376: inode #243: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 839.472984][ T3554] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 839.586699][T20026] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 839.595375][T20026] CPU: 1 UID: 0 PID: 20026 Comm: syz.1.5478 Not tainted 6.15.0-rc4-syzkaller-00291-g2a239ffbebb5 #0 PREEMPT(full) [ 839.609868][T20026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 839.621951][T20026] Call Trace: [ 839.625891][T20026] [ 839.629415][T20026] dump_stack_lvl+0x3d/0x1f0 [ 839.634942][T20026] panic+0x71c/0x800 [ 839.639632][T20026] ? __pfx_panic+0x10/0x10 [ 839.644945][T20026] ? mark_held_locks+0x49/0x80 [ 839.650673][T20026] ? preempt_schedule_thunk+0x16/0x30 [ 839.657134][T20026] ? dvb_device_open+0x36a/0x3b0 [ 839.663063][T20026] ? preempt_schedule_common+0x44/0xc0 [ 839.669621][T20026] ? dvb_device_open+0x36a/0x3b0 [ 839.675555][T20026] check_panic_on_warn+0xab/0xb0 [ 839.681491][T20026] end_report+0x107/0x170 [ 839.686693][T20026] kasan_report+0xee/0x110 [ 839.691993][T20026] ? dvb_device_open+0x36a/0x3b0 [ 839.697948][T20026] ? __pfx_dvb_device_open+0x10/0x10 [ 839.704298][T20026] dvb_device_open+0x36a/0x3b0 [ 839.710043][T20026] ? __pfx_dvb_device_open+0x10/0x10 [ 839.716391][T20026] chrdev_open+0x231/0x6a0 [ 839.721695][T20026] ? __pfx_apparmor_file_open+0x10/0x10 [ 839.728352][T20026] ? __pfx_chrdev_open+0x10/0x10 [ 839.734298][T20026] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 839.742438][T20026] do_dentry_open+0x741/0x1c10 [ 839.748157][T20026] ? __pfx_chrdev_open+0x10/0x10 [ 839.754081][T20026] vfs_open+0x82/0x3f0 [ 839.758987][T20026] path_openat+0x1e5e/0x2d40 [ 839.764519][T20026] ? __pfx_path_openat+0x10/0x10 [ 839.770454][T20026] do_filp_open+0x20b/0x470 [ 839.775868][T20026] ? __pfx_do_filp_open+0x10/0x10 [ 839.781902][T20026] ? alloc_fd+0x471/0x7d0 [ 839.787111][T20026] do_sys_openat2+0x11b/0x1d0 [ 839.792748][T20026] ? __pfx_do_sys_openat2+0x10/0x10 [ 839.799001][T20026] ? __pfx_do_sys_openat2+0x10/0x10 [ 839.805247][T20026] ? __pfx___might_resched+0x10/0x10 [ 839.811596][T20026] __x64_sys_openat+0x174/0x210 [ 839.817423][T20026] ? __pfx___x64_sys_openat+0x10/0x10 [ 839.823983][T20026] ? rcu_is_watching+0x12/0xc0 [ 839.829717][T20026] do_syscall_64+0xcd/0x230 [ 839.835144][T20026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 839.842226][T20026] RIP: 0033:0x7ff5f9b8e969 [ 839.847525][T20026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 839.871059][T20026] RSP: 002b:00007ff5faa45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 839.881153][T20026] RAX: ffffffffffffffda RBX: 00007ff5f9db5fa0 RCX: 00007ff5f9b8e969 [ 839.890717][T20026] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 839.900276][T20026] RBP: 00007ff5f9c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 839.909856][T20026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 839.919417][T20026] R13: 0000000000000000 R14: 00007ff5f9db5fa0 R15: 00007ffe19058ca8 [ 839.928988][T20026] [ 839.932658][T20026] Kernel Offset: disabled [ 839.937842][T20026] Rebooting in 86400 seconds..