last executing test programs: 5m35.611606889s ago: executing program 3 (id=6775): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) semctl$auto(0x7, 0x2, 0x13, 0x1) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socketpair$auto(0xffffffff, 0xa, 0x4000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r0, 0x7, 0x4) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000180)=""/250, 0xfa) 5m35.435612172s ago: executing program 3 (id=6778): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = epoll_create$auto(0x8800001) epoll_ctl$auto(r1, 0x1, r0, 0x0) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 5m35.228118861s ago: executing program 3 (id=6780): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xc040aed5, 0x0) 5m34.953119217s ago: executing program 3 (id=6783): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 5m34.568267889s ago: executing program 3 (id=6786): close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x73) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, 0x0, 0x8880) shutdown$auto(0x200000003, 0x0) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x40, 0xe, 0xd59, 0x101, 0xff, 0x0, 0x9]}, 0x0, 0x0) 5m33.875799232s ago: executing program 3 (id=6793): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000002200)="972e51fe7285a86f3fe36136c8535f593331280bb0b4ba01dd7932ab185cca064833fda24d0f81d1b16c3cca5b2611827c2f1ca88bb01e672131ac62d346b5601f538ccf285e7aac854a18b76ff16e4cab4b61107cdae019761b2830", 0x5c) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000880)='/dev/input/event0\x00', 0x40100, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9}) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/input/event0\x00', 0x0, 0x0) 5m33.646986861s ago: executing program 32 (id=6793): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000002200)="972e51fe7285a86f3fe36136c8535f593331280bb0b4ba01dd7932ab185cca064833fda24d0f81d1b16c3cca5b2611827c2f1ca88bb01e672131ac62d346b5601f538ccf285e7aac854a18b76ff16e4cab4b61107cdae019761b2830", 0x5c) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000880)='/dev/input/event0\x00', 0x40100, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9}) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/input/event0\x00', 0x0, 0x0) 4m49.597347588s ago: executing program 0 (id=7170): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0x1, 0x0, 0x2, 0xd}, 0xacc}, 0x3, 0x10000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0) setfsuid$auto(0xee00) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xf15a}, 0x6, 0x8, 0x5) write$auto(0x3, 0x0, 0xffd8) 4m49.38216079s ago: executing program 0 (id=7172): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) 4m49.058115627s ago: executing program 0 (id=7178): pipe$auto(0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x0, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) r0 = socket(0x2, 0x1, 0x0) io_getevents$auto(0x24, 0xffffffff, 0x4, 0x0, 0xfffffffffffffffd) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)={0x14, r2, 0xf25, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x4044054) 4m48.907792643s ago: executing program 0 (id=7189): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 4m48.55847392s ago: executing program 0 (id=7184): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffedf, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) statmount$auto(0x0, 0x0, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x10, 0x2, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='j'], 0x1ac}}, 0x20000040) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0x0) 4m47.96946578s ago: executing program 0 (id=7187): clock_adjtime$auto(0x0, &(0x7f0000000040)={0x9, 0x0, 0x7f, 0xfffffffff7fffffe, 0x521d, 0x4, 0x7, 0x0, 0x7, 0x8, 0x833, {0x8, 0x8000000000000400}, 0xfff7fffffffffffa, 0x200000a5, 0xa, 0x13c, 0x0, 0xc3, 0x8000000000000001, 0x800000000000007, 0x5, 0x90, 0xfffffff5}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000080)={0xd5}) 4m47.5415916s ago: executing program 33 (id=7187): clock_adjtime$auto(0x0, &(0x7f0000000040)={0x9, 0x0, 0x7f, 0xfffffffff7fffffe, 0x521d, 0x4, 0x7, 0x0, 0x7, 0x8, 0x833, {0x8, 0x8000000000000400}, 0xfff7fffffffffffa, 0x200000a5, 0xa, 0x13c, 0x0, 0xc3, 0x8000000000000001, 0x800000000000007, 0x5, 0x90, 0xfffffff5}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000080)={0xd5}) 3m11.385675449s ago: executing program 2 (id=7845): r0 = socket$nl_generic(0x10, 0x3, 0x10) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) pidfd_open$auto(0x0, 0xfffffffa) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002f40), 0xffffffffffffffff) recvmmsg$auto(0x3, 0x0, 0x7, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000001b00)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="ffff2b2c9e088fdbdf250b0000001800018014000200776731"], 0x2c}, 0x1, 0x0, 0x0, 0x20004800}, 0x0) 3m10.893449632s ago: executing program 2 (id=7848): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x4d0, 0x400, 0x2}]}) 3m10.537876032s ago: executing program 2 (id=7852): set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7f, 0x9) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) sysfs$auto(0x2, 0x4d, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto_EROFS_MOUNT_DAX_NEVER(r1, 0x4, &(0x7f0000000100)='\x00', &(0x7f0000000140), 0xffffff9c) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff000}}) 3m10.16114432s ago: executing program 2 (id=7853): capget$auto(0x0, 0xfffffffffffffffe) ioctl$auto(0xffffffffffffffff, 0x4bfa, 0xffffffffffffffff) write$auto_drm_edid_fops_drm_debugfs(0xffffffffffffffff, &(0x7f0000000580)="b7a53caf1b305860206af11a0ec35e7e5c46caffe279de8e9945d6e37dfaf9058103dbe387321e23d5f21c271069baa482db442a5748c1fec17e92c29d2df967f9c1ce0bd79ec3d67c9f0aff55674e238d4b83e2372ae3a03950aaa641f736e6f9065e5b9af9e2de49f8a01693aa28b5e53dd7d970575e42c6720cff2f6f9bf902791bf83abd9acf9dc3968a36b1851ffc6497e410d51f340b92b74f972cd68de180f42bcfc5ac64a8977e242b9ca63c58d603fea4fad558f0071db6e24de9bda2b835957f69a06c0d0000000000000000d4b8db86be62388110e03ef34b1fadaffc761c3fa220dac9bf9e94d03a0fe70ca30710a7", 0xf5) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) madvise$auto(0x2, 0x2000040080000004, 0xe) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0xfffffc96) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone(0xa00c2000, 0x0, 0x0, 0x0, 0x0, 0x0) 3m9.012393133s ago: executing program 2 (id=7861): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 3m8.52375825s ago: executing program 2 (id=7868): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) io_uring_setup$auto(0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x2, 0x2, 0x1) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xffeb}, 0x1, 0x0, 0x5, 0x7}, 0x8}, 0xffffffff, 0xb00) 3m7.240167056s ago: executing program 5 (id=7881): close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101080, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae90, &(0x7f0000000300)={0x6, 0x0, [{0x8000001, 0x7ff, 0x8}, {0x10002, 0x5, 0xffffffff}, {0x1400, 0x0, 0xd}]}) 3m7.054458743s ago: executing program 5 (id=7883): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000240)={0xc7, 0x0, [{0x2, 0x3ff, 0x7f}]}) 3m6.819991095s ago: executing program 5 (id=7884): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0xc0000103, 0x400, 0x718c1257}]}) 3m6.489234772s ago: executing program 5 (id=7886): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000083, 0x402}]}) 3m6.00105655s ago: executing program 5 (id=7889): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 3m5.823669241s ago: executing program 5 (id=7890): mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) madvise$auto(0x1000, 0x400050, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0) 2m53.035715635s ago: executing program 34 (id=7868): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) io_uring_setup$auto(0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x2, 0x2, 0x1) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xffeb}, 0x1, 0x0, 0x5, 0x7}, 0x8}, 0xffffffff, 0xb00) 2m50.337265422s ago: executing program 35 (id=7890): mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) madvise$auto(0x1000, 0x400050, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0) 3.46022494s ago: executing program 6 (id=9232): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x7, 0x0, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9}) write$auto(0x3, 0x0, 0x4fffffdf2) 3.405152513s ago: executing program 1 (id=9233): madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) io_cancel$auto(0x6, 0x0, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x1, 0x3968, 0x1, 0x1, 0x1}, "654c6dbc7a4d30983899a7e1325bc5d82b3f184410ba9f74e82a3fa6c3ccf1bf"}) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, 0x0) sendmsg$auto_VDPA_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x40000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x6) ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, 0x0) 3.325741011s ago: executing program 4 (id=9234): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) getsockname$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@name={0x1e, 0x2, 0x2, {{0x42}, 0x103}}, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x11) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x101d0, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.149852104s ago: executing program 1 (id=9235): close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8301, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff) 2.632835746s ago: executing program 1 (id=9236): mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open$dir(&(0x7f00000001c0)='./file0\x00', 0x201, 0x14) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) open(&(0x7f00000002c0)='./file0\x00', 0x40a00, 0x1c7) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) pidfd_open$auto(0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0x7, 0x9, 0x1, 0x948d, 0x1ff, 0x15f4da07, 0x3, 0x8003, 0x65, 0x8000001f, 0x1000, 0x100000000006d3e, 0x9, 0x1, 0x8]}, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x7, 0x4, 0x0, 0x4000000000003, 0x4303, 0x1, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, 0x0) 2.492742719s ago: executing program 6 (id=9237): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x4, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(0x0, 0x9, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) ioctl$auto(0xffffffffffffffff, 0xc0045627, 0xffffffffffffffff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kfence/parameters/sample_interval\x00', 0x102, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) 2.456561321s ago: executing program 1 (id=9238): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xffeb}, 0x1, 0x0, 0x5, 0x7}, 0x8}, 0xffffffff, 0xb00) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x2e, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.35770338s ago: executing program 7 (id=9239): socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x261c2, 0x84) r0 = socket(0x18, 0x2, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000007c0), r0) sendmsg$auto_SMC_NETLINK_FLUSH_UEID(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000800)={0x14, r1, 0x1, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20008041}, 0x80) 2.316070467s ago: executing program 4 (id=9240): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x2, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20008841) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0) 2.192294622s ago: executing program 7 (id=9241): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x1d, 0x2, 0x1fc7) bind$auto(r1, 0x0, 0x6a) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) statmount$auto(0x0, 0x0, 0x5, 0x2) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) 2.050496738s ago: executing program 6 (id=9242): mmap$auto(0x0, 0x4, 0x3, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mknod$auto(0x0, 0x20e9, 0x103) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msync$auto(0xeb9, 0x4, 0x4) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 1.968158547s ago: executing program 4 (id=9243): ioperm$auto(0x3, 0xe, 0x2000000000000149) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0x7f, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x10000c5, 0x0, 0x40eb2, 0x402, 0x300000000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x5, 0x0) listen$auto(0x3, 0x83) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 1.737456344s ago: executing program 7 (id=9244): msgsnd$auto(0xfffffffc, 0x0, 0x1, 0x963) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) read$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffffff, 0x0, 0x0) socket(0xa, 0x5, 0x84) close_range$auto(0x2, 0xa, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/tty6\x00', 0x0, 0x0) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) setgroups$auto(0xe32, 0x0) 1.504735171s ago: executing program 4 (id=9245): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x11, 0x80000, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6\x00\x00\x00', 0x0, 0x0) fspick$auto(0xffffffffffffffff, 0x0, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open(0x0, 0x161342, 0x130) r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) pread64$auto(r0, 0x0, 0x101, 0x103) read$auto_mon_fops_text_t_mon_text(r0, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) 1.494681586s ago: executing program 6 (id=9246): madvise$auto(0x0, 0xffffffffffff0005, 0x17) socketcall$auto_SYS_SOCKETPAIR(0x8, 0x0) openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f00000000c0), 0x642, 0x0) write$auto(0x3, 0x0, 0xffd8) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r0, &(0x7f0000000040)='@-[!\x00', 0x9) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) futex$auto(0x0, 0x9, 0x3e, 0x0, &(0x7f00000000c0)=0x4, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20443, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000080)) 1.406045581s ago: executing program 1 (id=9247): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="04"], 0x14}, 0x1, 0x0, 0x0, 0x48891}, 0x20) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000200)={0x38, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}, @NET_SHAPER_A_LEAVES={0x10, 0xa, 0x0, 0x1, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x2}]}]}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r3}]}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x14) 1.358259346s ago: executing program 6 (id=9248): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/can/rcvlist_all\x00', 0x2080, 0x0) pipe$auto(&(0x7f0000001480)=0xffffffffffffffff) vmsplice$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x5, 0x1) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x23, 0x80805, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x37, 0xa, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x7, 0x3, 0x800, 0x80000023, 0x200000000000007, 0x6d42, 0xc, 0x2495dae0, 0x6]}, 0x0) vmsplice$auto(0x4, &(0x7f0000000040)={0x0, 0x2}, 0x2, 0x5) 1.075700153s ago: executing program 7 (id=9249): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x10, 0x80002, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) timerfd_settime$auto(r0, 0x3, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 956.380133ms ago: executing program 7 (id=9250): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"}) ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, &(0x7f0000000000)={0x6, 0x3, 0x200, 0xba44, 0x2, 0xb, "e00026e8fdffdbcd2c02d3c293faa80c2f5336d79fc5b8202cb37f6b6d22c42432352deb58e78afdbae70400"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0xffffffffffff0006, 0x17) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) mmap$auto(0x1, 0x8d4, 0x6, 0x6f52, 0xffffffffffffffff, 0x8000) 956.185833ms ago: executing program 1 (id=9251): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x2, 0x3) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) fchdir$auto(r0) mmap$auto(0x0, 0x2, 0x3, 0x15, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) unshare$auto(0x8000000) semget$auto(0x0, 0x2e4a, 0x8000) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x36ec}, 0x1f4, 0x0) unshare$auto(0x8000400) 783.055751ms ago: executing program 4 (id=9252): close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';') mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) r3 = epoll_create$auto(0x8800001) epoll_ctl$auto(r3, 0x1, r0, 0x0) 86.980158ms ago: executing program 7 (id=9253): mmap$auto(0x0, 0x4, 0x3, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mknod$auto(0x0, 0x20e9, 0x103) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msync$auto(0xeb9, 0x4, 0x4) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 86.485262ms ago: executing program 6 (id=9254): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r1, &(0x7f0000000180)="0a1b9a5c7d00006e163bb154d7886d8edeea371cadb848770dc8f745d1c76eedba12b9232044e6bcf3401910000000000060000023b5d40a", 0x38) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x0, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x4, 0x64, 0x80000020, 0x1000, 0xb, 0x400000000009, 0x2, 0x8]}, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fa, 0x4020000000007, 0x1, 0xbc1, 0x7fe, 0x3, 0x8, 0x10001, 0x400000000003, 0x3, 0xffffffffffffffff, 0xfffffffffffffffd, 0x20000000000004, 0x9, 0xfffffffffffdff81, 0x4]}, 0x0) 0s ago: executing program 4 (id=9255): r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) recvmsg$auto(r0, &(0x7f0000000140)={&(0x7f0000000040)="5c44c805205a118441f0ee3ab1c4d86a58ecae4cbf855e778b6423f451c99a48b0c8bbd97887397740fef1671007dcba937f88c1a3a2c584182f385fc22dc5eeecb7d7c29f43c79b752a61f7673550a91d83eebecff8e525d0ade3", 0x1, &(0x7f0000000100)={&(0x7f00000000c0)="014efa41cf56f9c69e855c093054afd156de506b64d8a08b2485a2f438b8faa62c128c54b93e4fe6742b847ce2", 0x2}, 0x8, &(0x7f0000000300)="0b6c49708a2ca52ab8c34a8224117a62a197a037b548f4fc9325967fc64ae99ca3e7be1d4e859321ed2975b7bf10f6cf3bc2f07bd9d9cf37356669b02bf606a41ae16779566e3bbc7daf10215540", 0x8, 0xc04}, 0xb) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000380), 0x10d040, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) r2 = gettid() readv$auto(0x3, 0x0, 0x1) tkill$auto(r2, 0x7) io_uring_setup$auto(0x401, 0x0) kernel console output (not intermixed with test programs): 000.267715][T28778] [ 1000.267726][T28778] dump_stack_lvl+0x100/0x190 [ 1000.267773][T28778] should_fail_ex.cold+0x5/0xa [ 1000.267807][T28778] should_failslab+0xc2/0x120 [ 1000.267847][T28778] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1000.267883][T28778] ? drm_atomic_get_connector_state+0x270/0x8f0 [ 1000.267934][T28778] krealloc_node_align_noprof+0x30a/0x3e0 [ 1000.267977][T28778] drm_atomic_get_connector_state+0x270/0x8f0 [ 1000.268027][T28778] drm_atomic_add_affected_connectors+0x2e0/0x3f0 [ 1000.268075][T28778] ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10 [ 1000.268121][T28778] ? modeset_lock+0x114/0x6d0 [ 1000.268166][T28778] __drm_atomic_helper_set_config+0x5f6/0xee0 [ 1000.268216][T28778] ? __pfx___drm_atomic_helper_set_config+0x10/0x10 [ 1000.268265][T28778] ? drm_client_rotation+0x451/0x6a0 [ 1000.268318][T28778] drm_client_modeset_commit_atomic+0x53d/0x7e0 [ 1000.268375][T28778] ? __mutex_lock+0x26a/0x1b90 [ 1000.268420][T28778] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1000.268469][T28778] ? trace_contention_end+0xd6/0x110 [ 1000.268504][T28778] ? drm_master_internal_acquire+0x21/0x80 [ 1000.268586][T28778] drm_client_modeset_commit_locked+0x14d/0x580 [ 1000.268648][T28778] drm_client_modeset_commit+0x4f/0x80 [ 1000.268680][T28778] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1000.268736][T28778] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1000.268787][T28778] drm_fbdev_client_restore+0x1b/0x30 [ 1000.268826][T28778] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1000.268865][T28778] drm_client_dev_restore+0x205/0x2a0 [ 1000.268919][T28778] drm_release+0x2c6/0x360 [ 1000.268963][T28778] ? __pfx_drm_release+0x10/0x10 [ 1000.269007][T28778] __fput+0x3ff/0xb40 [ 1000.269059][T28778] task_work_run+0x150/0x240 [ 1000.269096][T28778] ? __pfx_task_work_run+0x10/0x10 [ 1000.269144][T28778] exit_to_user_mode_loop+0x100/0x4a0 [ 1000.269175][T28778] ? rcu_is_watching+0x12/0xc0 [ 1000.269215][T28778] do_syscall_64+0x668/0xf80 [ 1000.269254][T28778] ? clear_bhb_loop+0x40/0x90 [ 1000.269291][T28778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1000.269321][T28778] RIP: 0033:0x7f471c99bf79 [ 1000.269348][T28778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1000.269375][T28778] RSP: 002b:00007f471d8d8028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1000.269402][T28778] RAX: 0000000000000000 RBX: 00007f471cc15fa0 RCX: 00007f471c99bf79 [ 1000.269422][T28778] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1000.269439][T28778] RBP: 00007f471ca327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1000.269457][T28778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1000.269473][T28778] R13: 00007f471cc16038 R14: 00007f471cc15fa0 R15: 00007ffd7b10fde8 [ 1000.269511][T28778] [ 1000.541692][T28790] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8057'. [ 1000.542961][T28790] netlink: 25 bytes leftover after parsing attributes in process `syz.6.8057'. [ 1000.785050][T28794] zswap: compressor not available [ 1000.868334][T28792] sp0: Synchronizing with TNC [ 1001.346601][T28810] FAULT_INJECTION: forcing a failure. [ 1001.346601][T28810] name failslab, interval 1, probability 393216, space 0, times 0 [ 1001.364596][T28810] CPU: 1 UID: 0 PID: 28810 Comm: syz.1.8063 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1001.364646][T28810] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1001.364660][T28810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1001.364679][T28810] Call Trace: [ 1001.364689][T28810] [ 1001.364701][T28810] dump_stack_lvl+0x100/0x190 [ 1001.364749][T28810] should_fail_ex.cold+0x5/0xa [ 1001.364785][T28810] should_failslab+0xc2/0x120 [ 1001.364826][T28810] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1001.364853][T28810] ? vkms_plane_duplicate_state+0x87/0x130 [ 1001.364901][T28810] vkms_plane_duplicate_state+0x87/0x130 [ 1001.364940][T28810] drm_atomic_get_plane_state+0x279/0x760 [ 1001.364987][T28810] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 1001.365034][T28810] ? rcu_is_watching+0x12/0xc0 [ 1001.365081][T28810] ? __mutex_lock+0x26a/0x1b90 [ 1001.365123][T28810] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1001.365172][T28810] ? trace_contention_end+0xd6/0x110 [ 1001.365205][T28810] ? drm_master_internal_acquire+0x21/0x80 [ 1001.365286][T28810] drm_client_modeset_commit_locked+0x14d/0x580 [ 1001.365351][T28810] drm_client_modeset_commit+0x4f/0x80 [ 1001.365382][T28810] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1001.365435][T28810] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1001.365488][T28810] drm_fbdev_client_restore+0x1b/0x30 [ 1001.365527][T28810] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1001.365564][T28810] drm_client_dev_restore+0x205/0x2a0 [ 1001.365618][T28810] drm_release+0x2c6/0x360 [ 1001.365662][T28810] ? __pfx_drm_release+0x10/0x10 [ 1001.365704][T28810] __fput+0x3ff/0xb40 [ 1001.365756][T28810] task_work_run+0x150/0x240 [ 1001.365792][T28810] ? __pfx_task_work_run+0x10/0x10 [ 1001.365839][T28810] exit_to_user_mode_loop+0x100/0x4a0 [ 1001.365871][T28810] ? rcu_is_watching+0x12/0xc0 [ 1001.365910][T28810] do_syscall_64+0x668/0xf80 [ 1001.365951][T28810] ? clear_bhb_loop+0x40/0x90 [ 1001.365987][T28810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1001.366016][T28810] RIP: 0033:0x7f724a39bf79 [ 1001.366041][T28810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1001.366070][T28810] RSP: 002b:00007f724b32c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1001.366098][T28810] RAX: 0000000000000000 RBX: 00007f724a615fa0 RCX: 00007f724a39bf79 [ 1001.366116][T28810] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1001.366134][T28810] RBP: 00007f724a4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1001.366152][T28810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1001.366169][T28810] R13: 00007f724a616038 R14: 00007f724a615fa0 R15: 00007fffbc9b5d78 [ 1001.366211][T28810] [ 1002.272278][T28823] netlink: 342 bytes leftover after parsing attributes in process `syz.6.8069'. [ 1002.301115][T28823] netlink: 342 bytes leftover after parsing attributes in process `syz.6.8069'. [ 1002.311216][T28823] netlink: 342 bytes leftover after parsing attributes in process `syz.6.8069'. [ 1002.324482][T28823] netlink: 342 bytes leftover after parsing attributes in process `syz.6.8069'. [ 1002.355391][T28826] netlink: 'syz.6.8069': attribute type 2 has an invalid length. [ 1002.366919][T28826] netlink: 'syz.6.8069': attribute type 3 has an invalid length. [ 1002.381543][T28826] netlink: 218 bytes leftover after parsing attributes in process `syz.6.8069'. [ 1002.444743][T28828] sp0: Synchronizing with TNC [ 1002.956802][T28846] random: crng reseeded on system resumption [ 1004.641711][T28858] kexec: Could not allocate control_code_buffer [ 1005.202523][T28893] FAULT_INJECTION: forcing a failure. [ 1005.202523][T28893] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1005.266610][T28893] CPU: 1 UID: 0 PID: 28893 Comm: syz.4.8087 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1005.266665][T28893] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1005.266679][T28893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1005.266697][T28893] Call Trace: [ 1005.266708][T28893] [ 1005.266721][T28893] dump_stack_lvl+0x100/0x190 [ 1005.266773][T28893] should_fail_ex.cold+0x5/0xa [ 1005.266802][T28893] ? prepare_alloc_pages+0x16d/0x5f0 [ 1005.266847][T28893] should_fail_alloc_page+0xeb/0x140 [ 1005.266889][T28893] prepare_alloc_pages+0x1f0/0x5f0 [ 1005.266931][T28893] ? workingset_test_recent+0x42d/0xe90 [ 1005.266981][T28893] __alloc_frozen_pages_noprof+0x19a/0x2ae0 [ 1005.267019][T28893] ? workingset_test_recent+0x143/0xe90 [ 1005.267065][T28893] ? __lock_acquire+0x4a5/0x2630 [ 1005.267098][T28893] ? mod_memcg_lruvec_state+0x1a6/0x5d0 [ 1005.267147][T28893] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1005.267192][T28893] ? __lock_acquire+0x4a5/0x2630 [ 1005.267231][T28893] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1005.267268][T28893] ? policy_nodemask+0xed/0x4f0 [ 1005.267305][T28893] alloc_pages_mpol+0x1fb/0x550 [ 1005.267340][T28893] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1005.267374][T28893] ? swap_entry_swapped+0x1ff/0x2b0 [ 1005.267406][T28893] ? __pfx_swap_entry_swapped+0x10/0x10 [ 1005.267451][T28893] folio_alloc_mpol_noprof+0x36/0x340 [ 1005.267495][T28893] swap_cache_alloc_folio+0x1a8/0x300 [ 1005.267525][T28893] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 1005.267550][T28893] ? __pfx_get_swap_device+0x10/0x10 [ 1005.267580][T28893] ? mpol_shared_policy_lookup+0xf6/0x150 [ 1005.267611][T28893] ? __pfx_shmem_get_policy+0x10/0x10 [ 1005.267649][T28893] read_swap_cache_async+0xd9/0x480 [ 1005.267676][T28893] ? __pfx_read_swap_cache_async+0x10/0x10 [ 1005.267704][T28893] ? find_held_lock+0x2b/0x80 [ 1005.267736][T28893] ? madvise_vma_behavior+0x2059/0x2ec0 [ 1005.267771][T28893] ? madvise_vma_behavior+0x2059/0x2ec0 [ 1005.267811][T28893] madvise_vma_behavior+0x2095/0x2ec0 [ 1005.267851][T28893] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1005.267886][T28893] ? mas_prev+0x9b/0xf0 [ 1005.267933][T28893] ? futex_unqueue+0x133/0x2c0 [ 1005.267967][T28893] ? __pfx_find_vma_prev+0x10/0x10 [ 1005.268012][T28893] ? __futex_wait+0x256/0x300 [ 1005.268050][T28893] madvise_walk_vmas+0x2fe/0xa90 [ 1005.268092][T28893] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1005.268137][T28893] madvise_do_behavior+0x1ea/0x510 [ 1005.268175][T28893] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1005.268212][T28893] ? down_read+0x13b/0x460 [ 1005.268249][T28893] do_madvise+0x195/0x240 [ 1005.268283][T28893] ? __pfx_do_madvise+0x10/0x10 [ 1005.268317][T28893] ? do_futex+0x192/0x350 [ 1005.268348][T28893] ? __fget_files+0x21f/0x3d0 [ 1005.268388][T28893] ? xfd_validate_state+0x129/0x190 [ 1005.268426][T28893] __x64_sys_madvise+0xa9/0x110 [ 1005.268461][T28893] ? lockdep_hardirqs_on+0x78/0x100 [ 1005.268495][T28893] do_syscall_64+0x106/0xf80 [ 1005.268529][T28893] ? clear_bhb_loop+0x40/0x90 [ 1005.268558][T28893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.268583][T28893] RIP: 0033:0x7f645c59bf79 [ 1005.268606][T28893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1005.268631][T28893] RSP: 002b:00007f645d38e028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1005.268656][T28893] RAX: ffffffffffffffda RBX: 00007f645c815fa0 RCX: 00007f645c59bf79 [ 1005.268674][T28893] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 1005.268690][T28893] RBP: 00007f645c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1005.268706][T28893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1005.268721][T28893] R13: 00007f645c816038 R14: 00007f645c815fa0 R15: 00007ffe48f60b88 [ 1005.268755][T28893] [ 1005.679615][T28901] ERROR: Out of memory at tomoyo_memory_ok. [ 1006.473111][T28919] zswap: compressor not available [ 1006.655895][T28921] FAULT_INJECTION: forcing a failure. [ 1006.655895][T28921] name failslab, interval 1, probability 393216, space 0, times 0 [ 1006.710652][T28921] CPU: 1 UID: 0 PID: 28921 Comm: syz.6.8094 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1006.710705][T28921] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1006.710718][T28921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1006.710741][T28921] Call Trace: [ 1006.710752][T28921] [ 1006.710764][T28921] dump_stack_lvl+0x100/0x190 [ 1006.710808][T28921] should_fail_ex.cold+0x5/0xa [ 1006.710842][T28921] should_failslab+0xc2/0x120 [ 1006.710882][T28921] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1006.710916][T28921] ? v9fs_init_fs_context+0xf1/0x590 [ 1006.710962][T28921] kstrdup+0x51/0xe0 [ 1006.710996][T28921] v9fs_init_fs_context+0xf1/0x590 [ 1006.711037][T28921] alloc_fs_context+0x60c/0xf40 [ 1006.711095][T28921] __x64_sys_fsopen+0xed/0x220 [ 1006.711124][T28921] do_syscall_64+0x106/0xf80 [ 1006.711163][T28921] ? clear_bhb_loop+0x40/0x90 [ 1006.711196][T28921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1006.711225][T28921] RIP: 0033:0x7f471c99bf79 [ 1006.711249][T28921] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1006.711278][T28921] RSP: 002b:00007f471d8d8028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 1006.711307][T28921] RAX: ffffffffffffffda RBX: 00007f471cc15fa0 RCX: 00007f471c99bf79 [ 1006.711327][T28921] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1006.711344][T28921] RBP: 00007f471ca327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1006.711361][T28921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1006.711376][T28921] R13: 00007f471cc16038 R14: 00007f471cc15fa0 R15: 00007ffd7b10fde8 [ 1006.711413][T28921] [ 1007.679519][T28957] random: crng reseeded on system resumption [ 1007.793872][T28965] __nla_validate_parse: 2 callbacks suppressed [ 1007.793896][T28965] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8104'. [ 1007.861442][T28965] netlink: 13 bytes leftover after parsing attributes in process `syz.6.8104'. [ 1007.885646][T28965] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8104'. [ 1008.161573][T28977] FAULT_INJECTION: forcing a failure. [ 1008.161573][T28977] name failslab, interval 1, probability 393216, space 0, times 0 [ 1008.180741][T28977] CPU: 0 UID: 0 PID: 28977 Comm: syz.1.8108 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1008.180795][T28977] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1008.180808][T28977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1008.180827][T28977] Call Trace: [ 1008.180838][T28977] [ 1008.180849][T28977] dump_stack_lvl+0x100/0x190 [ 1008.180899][T28977] should_fail_ex.cold+0x5/0xa [ 1008.180935][T28977] should_failslab+0xc2/0x120 [ 1008.180976][T28977] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1008.181012][T28977] ? alloc_empty_file+0x55/0x1c0 [ 1008.181065][T28977] alloc_empty_file+0x55/0x1c0 [ 1008.181110][T28977] alloc_file_pseudo+0x13a/0x230 [ 1008.181157][T28977] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1008.181202][T28977] ? alloc_fd+0x476/0x790 [ 1008.181241][T28977] ? do_raw_spin_unlock+0x145/0x1e0 [ 1008.181283][T28977] __anon_inode_getfile+0xe8/0x280 [ 1008.181331][T28977] anon_inode_getfile_fmode+0x37/0xa0 [ 1008.181377][T28977] __do_sys_timerfd_create+0x2d6/0x3f0 [ 1008.181423][T28977] ? do_syscall_64+0x95/0xf80 [ 1008.181468][T28977] do_syscall_64+0x106/0xf80 [ 1008.181508][T28977] ? clear_bhb_loop+0x40/0x90 [ 1008.181543][T28977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1008.181574][T28977] RIP: 0033:0x7f724a39bf79 [ 1008.181600][T28977] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1008.181633][T28977] RSP: 002b:00007f724b32c028 EFLAGS: 00000246 ORIG_RAX: 000000000000011b [ 1008.181663][T28977] RAX: ffffffffffffffda RBX: 00007f724a615fa0 RCX: 00007f724a39bf79 [ 1008.181694][T28977] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 1008.181714][T28977] RBP: 00007f724a4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1008.181734][T28977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1008.181755][T28977] R13: 00007f724a616038 R14: 00007f724a615fa0 R15: 00007fffbc9b5d78 [ 1008.181791][T28977] [ 1008.532219][T28984] syz.1.8109 (28984): /proc/28984/oom_adj is deprecated, please use /proc/28984/oom_score_adj instead. [ 1009.289001][T29004] netlink: 248 bytes leftover after parsing attributes in process `syz.1.8114'. [ 1009.428255][T29009] netlink: 21 bytes leftover after parsing attributes in process `syz.6.8116'. [ 1009.722006][T29017] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8118'. [ 1010.409000][T29034] netlink: 338 bytes leftover after parsing attributes in process `syz.7.8125'. [ 1010.908984][T29044] zswap: compressor not available [ 1010.949653][T29051] FAULT_INJECTION: forcing a failure. [ 1010.949653][T29051] name failslab, interval 1, probability 393216, space 0, times 0 [ 1011.028439][T29051] CPU: 1 UID: 0 PID: 29051 Comm: syz.6.8129 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1011.028490][T29051] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1011.028502][T29051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1011.028520][T29051] Call Trace: [ 1011.028528][T29051] [ 1011.028536][T29051] dump_stack_lvl+0x100/0x190 [ 1011.028566][T29051] should_fail_ex.cold+0x5/0xa [ 1011.028585][T29051] should_failslab+0xc2/0x120 [ 1011.028607][T29051] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1011.028622][T29051] ? __do_sys_timerfd_create+0xee/0x3f0 [ 1011.028644][T29051] ? bpf_lsm_capable+0x9/0x10 [ 1011.028664][T29051] ? security_capable+0x80/0x260 [ 1011.028685][T29051] __do_sys_timerfd_create+0xee/0x3f0 [ 1011.028707][T29051] ? do_syscall_64+0x95/0xf80 [ 1011.028737][T29051] do_syscall_64+0x106/0xf80 [ 1011.028758][T29051] ? clear_bhb_loop+0x40/0x90 [ 1011.028777][T29051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1011.028793][T29051] RIP: 0033:0x7f471c99bf79 [ 1011.028806][T29051] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1011.028821][T29051] RSP: 002b:00007f471d8d8028 EFLAGS: 00000246 ORIG_RAX: 000000000000011b [ 1011.028837][T29051] RAX: ffffffffffffffda RBX: 00007f471cc15fa0 RCX: 00007f471c99bf79 [ 1011.028847][T29051] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 1011.028856][T29051] RBP: 00007f471ca327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1011.028865][T29051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1011.028874][T29051] R13: 00007f471cc16038 R14: 00007f471cc15fa0 R15: 00007ffd7b10fde8 [ 1011.028894][T29051] [ 1012.042105][T29075] netlink: 330 bytes leftover after parsing attributes in process `syz.4.8134'. [ 1012.099234][T29075] –õ\­: renamed from lo [ 1012.442622][T29085] netlink: 338 bytes leftover after parsing attributes in process `syz.1.8139'. [ 1012.635189][T29089] FAULT_INJECTION: forcing a failure. [ 1012.635189][T29089] name failslab, interval 1, probability 393216, space 0, times 0 [ 1012.673841][T29089] CPU: 0 UID: 0 PID: 29089 Comm: syz.4.8141 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1012.673872][T29089] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1012.673879][T29089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1012.673889][T29089] Call Trace: [ 1012.673895][T29089] [ 1012.673901][T29089] dump_stack_lvl+0x100/0x190 [ 1012.673931][T29089] should_fail_ex.cold+0x5/0xa [ 1012.673949][T29089] should_failslab+0xc2/0x120 [ 1012.673971][T29089] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1012.673985][T29089] ? __v4l2_subdev_state_alloc+0x53/0x410 [ 1012.674008][T29089] __v4l2_subdev_state_alloc+0x53/0x410 [ 1012.674029][T29089] subdev_open+0xa6/0x510 [ 1012.674048][T29089] v4l2_open+0x1d2/0x490 [ 1012.674063][T29089] ? __pfx_v4l2_open+0x10/0x10 [ 1012.674078][T29089] chrdev_open+0x234/0x6a0 [ 1012.674097][T29089] ? __pfx_apparmor_file_open+0x10/0x10 [ 1012.674123][T29089] ? __pfx_chrdev_open+0x10/0x10 [ 1012.674144][T29089] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1012.674170][T29089] do_dentry_open+0x6d8/0x1660 [ 1012.674189][T29089] ? __pfx_chrdev_open+0x10/0x10 [ 1012.674213][T29089] vfs_open+0x82/0x3f0 [ 1012.674238][T29089] path_openat+0x208c/0x31a0 [ 1012.674261][T29089] ? futex_unqueue+0x13d/0x2c0 [ 1012.674276][T29089] ? stack_depot_save_flags+0x27/0x9d0 [ 1012.674308][T29089] ? __pfx_path_openat+0x10/0x10 [ 1012.674332][T29089] ? kasan_save_stack+0x3f/0x50 [ 1012.674348][T29089] ? kasan_save_stack+0x30/0x50 [ 1012.674364][T29089] ? kasan_save_track+0x14/0x30 [ 1012.674380][T29089] ? __kasan_slab_alloc+0x89/0x90 [ 1012.674398][T29089] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1012.674414][T29089] ? do_getname+0x35/0x390 [ 1012.674437][T29089] do_file_open+0x20e/0x430 [ 1012.674458][T29089] ? __pfx_do_file_open+0x10/0x10 [ 1012.674493][T29089] ? find_held_lock+0x2b/0x80 [ 1012.674513][T29089] ? __might_fault+0xc5/0x140 [ 1012.674528][T29089] ? __might_fault+0xc5/0x140 [ 1012.674559][T29089] file_open_name+0x198/0x3b0 [ 1012.674574][T29089] ? __pfx_file_open_name+0x10/0x10 [ 1012.674593][T29089] ? do_getname+0x191/0x390 [ 1012.674617][T29089] acct_on+0xa4/0x9e0 [ 1012.674637][T29089] ? __pfx_acct_on+0x10/0x10 [ 1012.674654][T29089] ? bpf_lsm_capable+0x9/0x10 [ 1012.674674][T29089] ? security_capable+0x80/0x260 [ 1012.674695][T29089] __x64_sys_acct+0x81/0x1e0 [ 1012.674713][T29089] ? lockdep_hardirqs_on+0x78/0x100 [ 1012.674734][T29089] do_syscall_64+0x106/0xf80 [ 1012.674754][T29089] ? clear_bhb_loop+0x40/0x90 [ 1012.674773][T29089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1012.674789][T29089] RIP: 0033:0x7f645c59bf79 [ 1012.674803][T29089] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1012.674818][T29089] RSP: 002b:00007f645d38e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 1012.674834][T29089] RAX: ffffffffffffffda RBX: 00007f645c815fa0 RCX: 00007f645c59bf79 [ 1012.674845][T29089] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100 [ 1012.674855][T29089] RBP: 00007f645c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1012.674865][T29089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1012.674874][T29089] R13: 00007f645c816038 R14: 00007f645c815fa0 R15: 00007ffe48f60b88 [ 1012.674895][T29089] [ 1012.675830][T29085] netlink: 338 bytes leftover after parsing attributes in process `syz.1.8139'. [ 1013.081016][T29087] netlink: 134 bytes leftover after parsing attributes in process `syz.1.8139'. [ 1014.472689][T29122] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1014.504848][T29122] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1014.530219][T29122] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1014.542619][T29122] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1014.576358][T29122] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1014.610417][T29122] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1014.617754][T29122] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1014.633101][T29122] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1015.148052][T29144] netlink: 326 bytes leftover after parsing attributes in process `syz.7.8162'. [ 1015.165448][T29144] IPv6: NLM_F_CREATE should be specified when creating new route [ 1015.906878][T29172] FAULT_INJECTION: forcing a failure. [ 1015.906878][T29172] name failslab, interval 1, probability 393216, space 0, times 0 [ 1015.920639][T29172] CPU: 0 UID: 0 PID: 29172 Comm: syz.1.8173 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1015.920689][T29172] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1015.920701][T29172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1015.920719][T29172] Call Trace: [ 1015.920730][T29172] [ 1015.920740][T29172] dump_stack_lvl+0x100/0x190 [ 1015.920789][T29172] should_fail_ex.cold+0x5/0xa [ 1015.920822][T29172] should_failslab+0xc2/0x120 [ 1015.920865][T29172] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1015.920902][T29172] ? __d_alloc+0x34/0xa80 [ 1015.920942][T29172] ? make_vfsgid+0xf1/0x140 [ 1015.920976][T29172] __d_alloc+0x34/0xa80 [ 1015.921013][T29172] ? bpf_lsm_inode_permission+0x9/0x10 [ 1015.921050][T29172] d_alloc+0x4a/0x1e0 [ 1015.921090][T29172] vfs_tmpfile+0x148/0x9a0 [ 1015.921136][T29172] path_openat+0x164e/0x31a0 [ 1015.921172][T29172] ? kasan_save_stack+0x3f/0x50 [ 1015.921203][T29172] ? kasan_save_stack+0x30/0x50 [ 1015.921236][T29172] ? __kasan_slab_alloc+0x89/0x90 [ 1015.921270][T29172] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1015.921301][T29172] ? do_getname+0x35/0x390 [ 1015.921353][T29172] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1015.921387][T29172] ? __pfx_path_openat+0x10/0x10 [ 1015.921439][T29172] do_file_open+0x20e/0x430 [ 1015.921479][T29172] ? __pfx_do_file_open+0x10/0x10 [ 1015.921543][T29172] ? _raw_spin_unlock+0x28/0x50 [ 1015.921578][T29172] ? alloc_fd+0x476/0x790 [ 1015.921624][T29172] do_sys_openat2+0x10d/0x1e0 [ 1015.921651][T29172] ? __pfx_do_sys_openat2+0x10/0x10 [ 1015.921699][T29172] ? __fget_files+0x21f/0x3d0 [ 1015.921742][T29172] __x64_sys_open+0xfe/0x1d0 [ 1015.921774][T29172] ? __pfx___x64_sys_open+0x10/0x10 [ 1015.921799][T29172] ? xfd_validate_state+0x129/0x190 [ 1015.921851][T29172] do_syscall_64+0x106/0xf80 [ 1015.921890][T29172] ? clear_bhb_loop+0x40/0x90 [ 1015.921925][T29172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1015.921953][T29172] RIP: 0033:0x7f724a39bf79 [ 1015.921975][T29172] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1015.922004][T29172] RSP: 002b:00007f724b32c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 1015.922033][T29172] RAX: ffffffffffffffda RBX: 00007f724a615fa0 RCX: 00007f724a39bf79 [ 1015.922054][T29172] RDX: 0000000000000408 RSI: 0000000000591002 RDI: 0000200000000100 [ 1015.922072][T29172] RBP: 00007f724a4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1015.922089][T29172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1015.922107][T29172] R13: 00007f724a616038 R14: 00007f724a615fa0 R15: 00007fffbc9b5d78 [ 1015.922146][T29172] [ 1015.925293][T29170] netlink: 314 bytes leftover after parsing attributes in process `syz.4.8172'. [ 1016.299055][T29178] futex_wake_op: syz.7.8175 tries to shift op by -2048; fix this program [ 1016.318403][T29178] futex_wake_op: syz.7.8175 tries to shift op by -2048; fix this program [ 1016.510237][T24765] Bluetooth: hci2: command 0x0406 tx timeout [ 1016.516337][T25655] Bluetooth: hci3: command 0x0c1a tx timeout [ 1016.590473][T25655] Bluetooth: hci4: command 0x0c1a tx timeout [ 1016.679255][T25655] Bluetooth: hci1: command 0x0c1a tx timeout [ 1016.690982][T29190] netlink: 'syz.4.8180': attribute type 33 has an invalid length. [ 1016.698861][T29190] netlink: 322 bytes leftover after parsing attributes in process `syz.4.8180'. [ 1016.898490][T29198] ERROR: Out of memory at tomoyo_memory_ok. [ 1017.091492][T29200] mkiss: ax0: crc mode is auto. [ 1017.193142][T29200] mkiss: ax0: crc mode is auto. [ 1018.262345][T29235] ERROR: Out of memory at tomoyo_memory_ok. [ 1018.681786][T25655] Bluetooth: hci4: command 0x0c1a tx timeout [ 1018.694689][T29248] futex_wake_op: syz.7.8199 tries to shift op by -2048; fix this program [ 1018.713459][T29248] futex_wake_op: syz.7.8199 tries to shift op by -2048; fix this program [ 1018.752000][T25655] Bluetooth: hci1: command 0x0c1a tx timeout [ 1019.791875][T25655] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 1020.752466][T25655] Bluetooth: hci4: command 0x0c1a tx timeout [ 1020.842187][T25655] Bluetooth: hci1: command 0x0c1a tx timeout [ 1021.486005][T29309] FAULT_INJECTION: forcing a failure. [ 1021.486005][T29309] name failslab, interval 1, probability 393216, space 0, times 0 [ 1021.531571][T29309] CPU: 0 UID: 0 PID: 29309 Comm: syz.7.8230 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1021.531622][T29309] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1021.531634][T29309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1021.531652][T29309] Call Trace: [ 1021.531662][T29309] [ 1021.531673][T29309] dump_stack_lvl+0x100/0x190 [ 1021.531721][T29309] should_fail_ex.cold+0x5/0xa [ 1021.531755][T29309] should_failslab+0xc2/0x120 [ 1021.531805][T29309] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1021.531833][T29309] ? io_uring_alloc_task_context+0x1a6/0x54b [ 1021.531874][T29309] ? __percpu_counter_init_many+0x2c1/0x3b0 [ 1021.531921][T29309] io_uring_alloc_task_context+0x1a6/0x54b [ 1021.531964][T29309] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 1021.532006][T29309] ? alloc_file_pseudo+0x1a5/0x230 [ 1021.532053][T29309] __io_uring_add_tctx_node.cold+0x10/0x195 [ 1021.532098][T29309] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 1021.532137][T29309] ? __anon_inode_getfile+0x17c/0x280 [ 1021.532180][T29309] io_uring_setup.cold+0x1a25/0x1cb9 [ 1021.532225][T29309] ? __pfx_io_uring_setup+0x10/0x10 [ 1021.532258][T29309] ? __pfx_do_futex+0x10/0x10 [ 1021.532306][T29309] ? xfd_validate_state+0x129/0x190 [ 1021.532346][T29309] __x64_sys_io_uring_setup+0xc2/0x170 [ 1021.532374][T29309] do_syscall_64+0x106/0xf80 [ 1021.532410][T29309] ? clear_bhb_loop+0x40/0x90 [ 1021.532445][T29309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1021.532472][T29309] RIP: 0033:0x7f12c9d9bf79 [ 1021.532496][T29309] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1021.532525][T29309] RSP: 002b:00007f12cac58028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1021.532553][T29309] RAX: ffffffffffffffda RBX: 00007f12ca015fa0 RCX: 00007f12c9d9bf79 [ 1021.532574][T29309] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1021.532588][T29309] RBP: 00007f12c9e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1021.532605][T29309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1021.532623][T29309] R13: 00007f12ca016038 R14: 00007f12ca015fa0 R15: 00007ffeb524f948 [ 1021.532662][T29309] [ 1021.872644][T25655] Bluetooth: hci3: command 0x0c1a tx timeout [ 1023.829376][T29341] zswap: compressor  not available [ 1023.863696][T29345] FAULT_INJECTION: forcing a failure. [ 1023.863696][T29345] name failslab, interval 1, probability 393216, space 0, times 0 [ 1023.933632][T29345] CPU: 1 UID: 0 PID: 29345 Comm: syz.1.8234 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1023.933684][T29345] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1023.933695][T29345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1023.933710][T29345] Call Trace: [ 1023.933719][T29345] [ 1023.933730][T29345] dump_stack_lvl+0x100/0x190 [ 1023.933777][T29345] should_fail_ex.cold+0x5/0xa [ 1023.933805][T29345] ? sk_prot_alloc+0x10b/0x2a0 [ 1023.933835][T29345] should_failslab+0xc2/0x120 [ 1023.933875][T29345] __kmalloc_noprof+0xe0/0x850 [ 1023.933916][T29345] sk_prot_alloc+0x10b/0x2a0 [ 1023.933946][T29345] sk_alloc+0x36/0xe80 [ 1023.933981][T29345] tap_open+0x2ed/0x1180 [ 1023.934023][T29345] ? __pfx_tap_open+0x10/0x10 [ 1023.934062][T29345] chrdev_open+0x234/0x6a0 [ 1023.934098][T29345] ? __pfx_apparmor_file_open+0x10/0x10 [ 1023.934135][T29345] ? __pfx_chrdev_open+0x10/0x10 [ 1023.934174][T29345] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1023.934217][T29345] do_dentry_open+0x6d8/0x1660 [ 1023.934253][T29345] ? __pfx_chrdev_open+0x10/0x10 [ 1023.934299][T29345] vfs_open+0x82/0x3f0 [ 1023.934345][T29345] path_openat+0x208c/0x31a0 [ 1023.934403][T29345] ? __pfx_path_openat+0x10/0x10 [ 1023.934454][T29345] do_file_open+0x20e/0x430 [ 1023.934494][T29345] ? __pfx_do_file_open+0x10/0x10 [ 1023.934557][T29345] ? alloc_fd+0x476/0x790 [ 1023.934595][T29345] ? do_getname+0x191/0x390 [ 1023.934638][T29345] do_sys_openat2+0x10d/0x1e0 [ 1023.934664][T29345] ? __pfx_do_sys_openat2+0x10/0x10 [ 1023.934708][T29345] ? find_held_lock+0x2b/0x80 [ 1023.934746][T29345] ? __fget_files+0x215/0x3d0 [ 1023.934789][T29345] __x64_sys_openat+0x12d/0x210 [ 1023.934818][T29345] ? __pfx___x64_sys_openat+0x10/0x10 [ 1023.934842][T29345] ? xfd_validate_state+0x129/0x190 [ 1023.934890][T29345] do_syscall_64+0x106/0xf80 [ 1023.934936][T29345] ? clear_bhb_loop+0x40/0x90 [ 1023.934971][T29345] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1023.934999][T29345] RIP: 0033:0x7f724a39bf79 [ 1023.935023][T29345] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1023.935049][T29345] RSP: 002b:00007f724b32c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1023.935077][T29345] RAX: ffffffffffffffda RBX: 00007f724a615fa0 RCX: 00007f724a39bf79 [ 1023.935094][T29345] RDX: 0000000000000801 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1023.935113][T29345] RBP: 00007f724a4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1023.935130][T29345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1023.935147][T29345] R13: 00007f724a616038 R14: 00007f724a615fa0 R15: 00007fffbc9b5d78 [ 1023.935182][T29345] [ 1024.344430][T25655] Bluetooth: hci3: command 0x0c1a tx timeout [ 1024.438651][T29354] futex_wake_op: syz.4.8238 tries to shift op by -2048; fix this program [ 1024.486538][T29354] futex_wake_op: syz.4.8238 tries to shift op by -2048; fix this program [ 1025.029796][T29371] zswap: compressor  not available [ 1025.064485][T29370] mkiss: ax1: crc mode is auto. [ 1025.245498][T29367] netlink: 'syz.1.8242': attribute type 1 has an invalid length. [ 1025.253326][T29367] netlink: 314 bytes leftover after parsing attributes in process `syz.1.8242'. [ 1025.890492][T29395] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8251'. [ 1025.912625][T24765] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1025.933243][T29395] unsupported nlmsg_type 40 [ 1026.524548][T29412] binder: 29411:29412 ioctl c0306201 2000000000c0 returned -14 [ 1027.315535][T24765] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 1027.955724][T24765] Bluetooth: hci1: command 0x0c1a tx timeout [ 1028.504623][T29235] mkiss: ax0: crc mode is auto. [ 1028.635473][T29472] sd 0:0:1:0: PR command failed: 1026 [ 1028.641104][T29472] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1028.651884][T29472] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1028.873996][T29481] netlink: 146 bytes leftover after parsing attributes in process `syz.6.8281'. [ 1028.926449][T29477] sd 0:0:1:0: PR command failed: 1026 [ 1028.933786][T29477] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1028.950713][T29477] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1029.396515][ T5827] Bluetooth: hci4: command 0x0c1a tx timeout [ 1029.467467][T29499] netlink: 25 bytes leftover after parsing attributes in process `syz.7.8288'. [ 1029.597613][T29500] ERROR: Out of memory at tomoyo_memory_ok. [ 1029.891784][T29511] kvm: user requested TSC rate below hardware speed [ 1030.036916][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout [ 1030.796039][T29543] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1030.817593][T29543] FAULT_INJECTION: forcing a failure. [ 1030.817593][T29543] name failslab, interval 1, probability 393216, space 0, times 0 [ 1030.861017][T29543] CPU: 0 UID: 0 PID: 29543 Comm: syz.7.8306 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1030.861066][T29543] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1030.861079][T29543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1030.861096][T29543] Call Trace: [ 1030.861105][T29543] [ 1030.861117][T29543] dump_stack_lvl+0x100/0x190 [ 1030.861164][T29543] should_fail_ex.cold+0x5/0xa [ 1030.861202][T29543] should_failslab+0xc2/0x120 [ 1030.861241][T29543] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1030.861283][T29543] ? parse_pred+0x2d4/0x3070 [ 1030.861322][T29543] kmemdup_nul+0x49/0xd0 [ 1030.861359][T29543] parse_pred+0x2d4/0x3070 [ 1030.861456][T29543] ? __pfx_parse_pred+0x10/0x10 [ 1030.861512][T29543] ? trace_kmalloc+0x83/0xb0 [ 1030.861549][T29543] ? __kmalloc_noprof+0x320/0x850 [ 1030.861588][T29543] process_preds+0x6a0/0x1e10 [ 1030.861628][T29543] ? create_filter_start.constprop.0+0x134/0x310 [ 1030.861666][T29543] create_filter+0x140/0x210 [ 1030.861701][T29543] ? __pfx_create_filter+0x10/0x10 [ 1030.861740][T29543] ? find_held_lock+0x2b/0x80 [ 1030.861797][T29543] apply_event_filter+0x220/0x500 [ 1030.861835][T29543] ? __pfx_apply_event_filter+0x10/0x10 [ 1030.861882][T29543] event_filter_write+0x16d/0x290 [ 1030.861928][T29543] vfs_write+0x2aa/0x1070 [ 1030.861967][T29543] ? __pfx_event_filter_write+0x10/0x10 [ 1030.862014][T29543] ? __pfx_vfs_write+0x10/0x10 [ 1030.862047][T29543] ? __fget_files+0x215/0x3d0 [ 1030.862090][T29543] ? __fget_files+0x21f/0x3d0 [ 1030.862134][T29543] ksys_write+0x12a/0x250 [ 1030.862168][T29543] ? __pfx_ksys_write+0x10/0x10 [ 1030.862214][T29543] do_syscall_64+0x106/0xf80 [ 1030.862254][T29543] ? clear_bhb_loop+0x40/0x90 [ 1030.862290][T29543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.862319][T29543] RIP: 0033:0x7f12c9d9bf79 [ 1030.862344][T29543] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1030.862372][T29543] RSP: 002b:00007f12cac58028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1030.862398][T29543] RAX: ffffffffffffffda RBX: 00007f12ca015fa0 RCX: 00007f12c9d9bf79 [ 1030.862417][T29543] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1030.862435][T29543] RBP: 00007f12c9e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1030.862452][T29543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1030.862468][T29543] R13: 00007f12ca016038 R14: 00007f12ca015fa0 R15: 00007ffeb524f948 [ 1030.862508][T29543] [ 1031.482974][ T5827] Bluetooth: hci4: command 0x0c1a tx timeout [ 1031.731417][T29577] netlink: 'syz.4.8320': attribute type 10 has an invalid length. [ 1031.740647][T29577] netlink: 330 bytes leftover after parsing attributes in process `syz.4.8320'. [ 1031.892332][T29583] mkiss: ax1: crc mode is auto. [ 1031.988526][T29585] ERROR: Out of memory at tomoyo_memory_ok. [ 1033.253043][T29620] FAULT_INJECTION: forcing a failure. [ 1033.253043][T29620] name failslab, interval 1, probability 393216, space 0, times 0 [ 1033.332874][T29620] CPU: 0 UID: 0 PID: 29620 Comm: syz.1.8343 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1033.332904][T29620] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1033.332911][T29620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1033.332921][T29620] Call Trace: [ 1033.332927][T29620] [ 1033.332933][T29620] dump_stack_lvl+0x100/0x190 [ 1033.332961][T29620] should_fail_ex.cold+0x5/0xa [ 1033.332979][T29620] should_failslab+0xc2/0x120 [ 1033.333000][T29620] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1033.333020][T29620] ? parse_pred+0x2d4/0x3070 [ 1033.333042][T29620] kmemdup_nul+0x49/0xd0 [ 1033.333062][T29620] parse_pred+0x2d4/0x3070 [ 1033.333084][T29620] ? __pfx_parse_pred+0x10/0x10 [ 1033.333113][T29620] ? trace_kmalloc+0x83/0xb0 [ 1033.333132][T29620] ? __kmalloc_noprof+0x320/0x850 [ 1033.333153][T29620] process_preds+0x6a0/0x1e10 [ 1033.333175][T29620] ? create_filter_start.constprop.0+0x134/0x310 [ 1033.333197][T29620] create_filter+0x140/0x210 [ 1033.333216][T29620] ? __pfx_create_filter+0x10/0x10 [ 1033.333236][T29620] ? find_held_lock+0x2b/0x80 [ 1033.333259][T29620] apply_event_filter+0x220/0x500 [ 1033.333279][T29620] ? __pfx_apply_event_filter+0x10/0x10 [ 1033.333303][T29620] event_filter_write+0x16d/0x290 [ 1033.333328][T29620] vfs_write+0x2aa/0x1070 [ 1033.333346][T29620] ? __pfx_event_filter_write+0x10/0x10 [ 1033.333371][T29620] ? __pfx_vfs_write+0x10/0x10 [ 1033.333388][T29620] ? __fget_files+0x215/0x3d0 [ 1033.333411][T29620] ? __fget_files+0x21f/0x3d0 [ 1033.333434][T29620] ksys_write+0x12a/0x250 [ 1033.333452][T29620] ? __pfx_ksys_write+0x10/0x10 [ 1033.333476][T29620] do_syscall_64+0x106/0xf80 [ 1033.333497][T29620] ? clear_bhb_loop+0x40/0x90 [ 1033.333517][T29620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1033.333533][T29620] RIP: 0033:0x7f724a39bf79 [ 1033.333547][T29620] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1033.333563][T29620] RSP: 002b:00007f724b32c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1033.333578][T29620] RAX: ffffffffffffffda RBX: 00007f724a615fa0 RCX: 00007f724a39bf79 [ 1033.333590][T29620] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1033.333600][T29620] RBP: 00007f724a4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1033.333609][T29620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1033.333618][T29620] R13: 00007f724a616038 R14: 00007f724a615fa0 R15: 00007fffbc9b5d78 [ 1033.333639][T29620] [ 1033.855905][T29631] FAULT_INJECTION: forcing a failure. [ 1033.855905][T29631] name failslab, interval 1, probability 393216, space 0, times 0 [ 1033.909468][T29631] CPU: 1 UID: 0 PID: 29631 Comm: syz.4.8336 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1033.909518][T29631] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1033.909529][T29631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1033.909547][T29631] Call Trace: [ 1033.909556][T29631] [ 1033.909567][T29631] dump_stack_lvl+0x100/0x190 [ 1033.909613][T29631] should_fail_ex.cold+0x5/0xa [ 1033.909646][T29631] ? kobject_get_path+0xcf/0x2c0 [ 1033.909688][T29631] should_failslab+0xc2/0x120 [ 1033.909727][T29631] __kmalloc_noprof+0xe0/0x850 [ 1033.909766][T29631] kobject_get_path+0xcf/0x2c0 [ 1033.909824][T29631] kobject_uevent_env+0x287/0x18b0 [ 1033.909864][T29631] ? bus_to_subsys+0x114/0x150 [ 1033.909913][T29631] device_del+0x605/0x9b0 [ 1033.909950][T29631] ? __pfx_device_del+0x10/0x10 [ 1033.909983][T29631] ? put_device+0x24/0x30 [ 1033.910006][T29631] ? nfc_llcp_local_put.part.0+0x80/0xd0 [ 1033.910046][T29631] ? __pfx_virtual_ncidev_close+0x10/0x10 [ 1033.910091][T29631] nfc_remove_device+0x9d/0xc0 [ 1033.910132][T29631] virtual_ncidev_close+0x4b/0xa0 [ 1033.910176][T29631] __fput+0x3ff/0xb40 [ 1033.910228][T29631] task_work_run+0x150/0x240 [ 1033.910262][T29631] ? __pfx_task_work_run+0x10/0x10 [ 1033.910306][T29631] exit_to_user_mode_loop+0x100/0x4a0 [ 1033.910337][T29631] ? rcu_is_watching+0x12/0xc0 [ 1033.910375][T29631] do_syscall_64+0x668/0xf80 [ 1033.910414][T29631] ? clear_bhb_loop+0x40/0x90 [ 1033.910447][T29631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1033.910472][T29631] RIP: 0033:0x7f645c59bf79 [ 1033.910500][T29631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1033.910528][T29631] RSP: 002b:00007f645d38e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1033.910555][T29631] RAX: 0000000000000000 RBX: 00007f645c815fa0 RCX: 00007f645c59bf79 [ 1033.910572][T29631] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1033.910588][T29631] RBP: 00007f645c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1033.910606][T29631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1033.910624][T29631] R13: 00007f645c816038 R14: 00007f645c815fa0 R15: 00007ffe48f60b88 [ 1033.910658][T29631] [ 1034.269910][T29640] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8340'. [ 1035.534690][T29668] FAULT_INJECTION: forcing a failure. [ 1035.534690][T29668] name failslab, interval 1, probability 393216, space 0, times 0 [ 1035.574323][T29668] CPU: 1 UID: 0 PID: 29668 Comm: syz.4.8349 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1035.574353][T29668] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1035.574362][T29668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1035.574372][T29668] Call Trace: [ 1035.574379][T29668] [ 1035.574386][T29668] dump_stack_lvl+0x100/0x190 [ 1035.574414][T29668] should_fail_ex.cold+0x5/0xa [ 1035.574432][T29668] ? process_preds+0x4bc/0x1e10 [ 1035.574450][T29668] should_failslab+0xc2/0x120 [ 1035.574473][T29668] __kmalloc_noprof+0xe0/0x850 [ 1035.574494][T29668] process_preds+0x4bc/0x1e10 [ 1035.574517][T29668] ? create_filter_start.constprop.0+0x134/0x310 [ 1035.574538][T29668] create_filter+0x140/0x210 [ 1035.574557][T29668] ? __pfx_create_filter+0x10/0x10 [ 1035.574577][T29668] ? find_held_lock+0x2b/0x80 [ 1035.574600][T29668] apply_event_filter+0x220/0x500 [ 1035.574627][T29668] ? __pfx_apply_event_filter+0x10/0x10 [ 1035.574653][T29668] event_filter_write+0x16d/0x290 [ 1035.574679][T29668] vfs_write+0x2aa/0x1070 [ 1035.574698][T29668] ? __pfx_event_filter_write+0x10/0x10 [ 1035.574723][T29668] ? __pfx_vfs_write+0x10/0x10 [ 1035.574741][T29668] ? __fget_files+0x215/0x3d0 [ 1035.574763][T29668] ? __fget_files+0x21f/0x3d0 [ 1035.574787][T29668] ksys_write+0x12a/0x250 [ 1035.574804][T29668] ? __pfx_ksys_write+0x10/0x10 [ 1035.574828][T29668] do_syscall_64+0x106/0xf80 [ 1035.574850][T29668] ? clear_bhb_loop+0x40/0x90 [ 1035.574869][T29668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1035.574886][T29668] RIP: 0033:0x7f645c59bf79 [ 1035.574900][T29668] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1035.574915][T29668] RSP: 002b:00007f645d38e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1035.574930][T29668] RAX: ffffffffffffffda RBX: 00007f645c815fa0 RCX: 00007f645c59bf79 [ 1035.574940][T29668] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1035.574949][T29668] RBP: 00007f645c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1035.574958][T29668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1035.574968][T29668] R13: 00007f645c816038 R14: 00007f645c815fa0 R15: 00007ffe48f60b88 [ 1035.574989][T29668] [ 1036.034480][T29674] FAULT_INJECTION: forcing a failure. [ 1036.034480][T29674] name failslab, interval 1, probability 393216, space 0, times 0 [ 1036.037221][T29672] netlink: 252 bytes leftover after parsing attributes in process `syz.7.8351'. [ 1036.048637][T29674] CPU: 1 UID: 0 PID: 29674 Comm: syz.4.8352 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1036.048685][T29674] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1036.048697][T29674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1036.048715][T29674] Call Trace: [ 1036.048725][T29674] [ 1036.048736][T29674] dump_stack_lvl+0x100/0x190 [ 1036.048780][T29674] should_fail_ex.cold+0x5/0xa [ 1036.048812][T29674] ? sk_prot_alloc+0x10b/0x2a0 [ 1036.048836][T29674] should_failslab+0xc2/0x120 [ 1036.048875][T29674] __kmalloc_noprof+0xe0/0x850 [ 1036.048916][T29674] sk_prot_alloc+0x10b/0x2a0 [ 1036.048946][T29674] sk_alloc+0x36/0xe80 [ 1036.048982][T29674] mISDN_sock_create+0x267/0x420 [ 1036.049019][T29674] __sock_create+0x339/0x860 [ 1036.049055][T29674] __sys_socket+0x14d/0x260 [ 1036.049086][T29674] ? __pfx___sys_socket+0x10/0x10 [ 1036.049114][T29674] ? xfd_validate_state+0x129/0x190 [ 1036.049159][T29674] __x64_sys_socket+0x72/0xb0 [ 1036.049188][T29674] ? lockdep_hardirqs_on+0x78/0x100 [ 1036.049228][T29674] do_syscall_64+0x106/0xf80 [ 1036.049266][T29674] ? clear_bhb_loop+0x40/0x90 [ 1036.049301][T29674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1036.049329][T29674] RIP: 0033:0x7f645c59bf79 [ 1036.049352][T29674] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1036.049380][T29674] RSP: 002b:00007f645d38e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1036.049408][T29674] RAX: ffffffffffffffda RBX: 00007f645c815fa0 RCX: 00007f645c59bf79 [ 1036.049427][T29674] RDX: 0000000000000024 RSI: 0000000000000002 RDI: 0000000000000022 [ 1036.049444][T29674] RBP: 00007f645c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1036.049462][T29674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1036.049479][T29674] R13: 00007f645c816038 R14: 00007f645c815fa0 R15: 00007ffe48f60b88 [ 1036.049516][T29674] [ 1037.670596][T29717] FAULT_INJECTION: forcing a failure. [ 1037.670596][T29717] name failslab, interval 1, probability 393216, space 0, times 0 [ 1037.725096][T29717] CPU: 1 UID: 0 PID: 29717 Comm: syz.4.8370 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1037.725147][T29717] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1037.725159][T29717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1037.725177][T29717] Call Trace: [ 1037.725186][T29717] [ 1037.725199][T29717] dump_stack_lvl+0x100/0x190 [ 1037.725253][T29717] should_fail_ex.cold+0x5/0xa [ 1037.725285][T29717] ? tomoyo_realpath_from_path+0xb6/0x690 [ 1037.725315][T29717] should_failslab+0xc2/0x120 [ 1037.725355][T29717] __kmalloc_noprof+0xe0/0x850 [ 1037.725400][T29717] tomoyo_realpath_from_path+0xb6/0x690 [ 1037.725438][T29717] tomoyo_mount_acl+0x1b6/0x8b0 [ 1037.725479][T29717] ? is_bpf_text_address+0x8a/0x1a0 [ 1037.725514][T29717] ? bpf_ksym_find+0x124/0x1c0 [ 1037.725558][T29717] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1037.725603][T29717] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 1037.725644][T29717] ? kernel_text_address+0x8d/0x100 [ 1037.725682][T29717] ? unwind_get_return_address+0x59/0xa0 [ 1037.725760][T29717] ? tomoyo_domain+0xb2/0x150 [ 1037.725791][T29717] ? tomoyo_profile+0x47/0x60 [ 1037.725826][T29717] tomoyo_mount_permission+0x214/0x460 [ 1037.725869][T29717] ? tomoyo_mount_permission+0x1f6/0x460 [ 1037.725915][T29717] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 1037.725981][T29717] security_sb_mount+0xdd/0x270 [ 1037.726021][T29717] path_mount+0x158/0x23d0 [ 1037.726069][T29717] ? __pfx_path_mount+0x10/0x10 [ 1037.726106][T29717] ? lockdep_hardirqs_on+0x78/0x100 [ 1037.726151][T29717] ? putname+0xb1/0x110 [ 1037.726186][T29717] ? kmem_cache_free+0x124/0x670 [ 1037.726233][T29717] ? __x64_sys_mount+0x293/0x310 [ 1037.726274][T29717] __x64_sys_mount+0x293/0x310 [ 1037.726317][T29717] ? __pfx___x64_sys_mount+0x10/0x10 [ 1037.726362][T29717] ? trace_irq_enable.constprop.0+0x2d/0x110 [ 1037.726413][T29717] do_syscall_64+0x106/0xf80 [ 1037.726451][T29717] ? clear_bhb_loop+0x40/0x90 [ 1037.726486][T29717] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1037.726514][T29717] RIP: 0033:0x7f645c59bf79 [ 1037.726538][T29717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1037.726565][T29717] RSP: 002b:00007f645d38e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1037.726593][T29717] RAX: ffffffffffffffda RBX: 00007f645c815fa0 RCX: 00007f645c59bf79 [ 1037.726613][T29717] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 0000000000000000 [ 1037.726632][T29717] RBP: 00007f645c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1037.726649][T29717] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000 [ 1037.726668][T29717] R13: 00007f645c816038 R14: 00007f645c815fa0 R15: 00007ffe48f60b88 [ 1037.726707][T29717] [ 1037.998468][T29717] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1038.833070][T29712] mkiss: ax1: crc mode is auto. [ 1038.993985][T29742] netlink: 186 bytes leftover after parsing attributes in process `syz.4.8381'. [ 1039.009594][T29742] netlink: 186 bytes leftover after parsing attributes in process `syz.4.8381'. [ 1039.754735][T29500] mkiss: ax0: crc mode is auto. [ 1039.817371][T29756] netlink: 138 bytes leftover after parsing attributes in process `syz.1.8385'. [ 1040.222781][T29771] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8393'. [ 1040.252177][T29771] bridge0: port 2(bridge_slave_1) entered disabled state [ 1040.293178][T29771] bridge_slave_1 (unregistering): left allmulticast mode [ 1040.322918][T29771] bridge_slave_1 (unregistering): left promiscuous mode [ 1040.340042][T29771] bridge0: port 2(bridge_slave_1) entered disabled state [ 1040.439625][T29777] netlink: 18 bytes leftover after parsing attributes in process `syz.4.8397'. [ 1040.942231][T29785] ERROR: Out of memory at tomoyo_memory_ok. [ 1042.354373][T29816] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8411'. [ 1044.307265][T25655] block nbd1: Receive control failed (result -32) [ 1044.965320][T29874] netlink: 138 bytes leftover after parsing attributes in process `syz.6.8431'. [ 1045.402135][T29881] netlink: 326 bytes leftover after parsing attributes in process `syz.7.8432'. [ 1045.673992][T29890] FAULT_INJECTION: forcing a failure. [ 1045.673992][T29890] name failslab, interval 1, probability 393216, space 0, times 0 [ 1045.708528][T29890] CPU: 1 UID: 0 PID: 29890 Comm: syz.7.8436 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1045.708586][T29890] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1045.708599][T29890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1045.708616][T29890] Call Trace: [ 1045.708627][T29890] [ 1045.708639][T29890] dump_stack_lvl+0x100/0x190 [ 1045.708688][T29890] should_fail_ex.cold+0x5/0xa [ 1045.708722][T29890] ? tomoyo_encode2+0xfb/0x3c0 [ 1045.708749][T29890] should_failslab+0xc2/0x120 [ 1045.708787][T29890] __kmalloc_noprof+0xe0/0x850 [ 1045.708828][T29890] tomoyo_encode2+0xfb/0x3c0 [ 1045.708861][T29890] tomoyo_encode+0x29/0x50 [ 1045.708888][T29890] tomoyo_mount_acl+0x388/0x8b0 [ 1045.708930][T29890] ? is_bpf_text_address+0x8a/0x1a0 [ 1045.708966][T29890] ? bpf_ksym_find+0x124/0x1c0 [ 1045.709015][T29890] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 1045.709056][T29890] ? kernel_text_address+0x8d/0x100 [ 1045.709095][T29890] ? unwind_get_return_address+0x59/0xa0 [ 1045.709174][T29890] ? tomoyo_domain+0xb2/0x150 [ 1045.709206][T29890] ? tomoyo_profile+0x47/0x60 [ 1045.709241][T29890] tomoyo_mount_permission+0x214/0x460 [ 1045.709284][T29890] ? tomoyo_mount_permission+0x1f6/0x460 [ 1045.709331][T29890] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 1045.709396][T29890] security_sb_mount+0xdd/0x270 [ 1045.709435][T29890] path_mount+0x158/0x23d0 [ 1045.709483][T29890] ? __pfx_path_mount+0x10/0x10 [ 1045.709522][T29890] ? lockdep_hardirqs_on+0x78/0x100 [ 1045.709575][T29890] ? putname+0xb1/0x110 [ 1045.709613][T29890] ? kmem_cache_free+0x124/0x670 [ 1045.709654][T29890] ? __x64_sys_mount+0x293/0x310 [ 1045.709690][T29890] __x64_sys_mount+0x293/0x310 [ 1045.709731][T29890] ? __pfx___x64_sys_mount+0x10/0x10 [ 1045.709783][T29890] do_syscall_64+0x106/0xf80 [ 1045.709822][T29890] ? clear_bhb_loop+0x40/0x90 [ 1045.709858][T29890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1045.709888][T29890] RIP: 0033:0x7f12c9d9bf79 [ 1045.709912][T29890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1045.709940][T29890] RSP: 002b:00007f12cac58028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1045.709970][T29890] RAX: ffffffffffffffda RBX: 00007f12ca015fa0 RCX: 00007f12c9d9bf79 [ 1045.709990][T29890] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 0000000000000000 [ 1045.710009][T29890] RBP: 00007f12c9e327e0 R08: 0000200000001580 R09: 0000000000000000 [ 1045.710028][T29890] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000 [ 1045.710045][T29890] R13: 00007f12ca016038 R14: 00007f12ca015fa0 R15: 00007ffeb524f948 [ 1045.710080][T29890] [ 1046.321631][T29894] FAULT_INJECTION: forcing a failure. [ 1046.321631][T29894] name failslab, interval 1, probability 393216, space 0, times 0 [ 1046.356243][T29894] CPU: 1 UID: 0 PID: 29894 Comm: syz.6.8438 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1046.356296][T29894] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1046.356308][T29894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1046.356327][T29894] Call Trace: [ 1046.356337][T29894] [ 1046.356349][T29894] dump_stack_lvl+0x100/0x190 [ 1046.356396][T29894] should_fail_ex.cold+0x5/0xa [ 1046.356430][T29894] should_failslab+0xc2/0x120 [ 1046.356471][T29894] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1046.356510][T29894] ? security_inode_alloc+0x3b/0x2c0 [ 1046.356550][T29894] ? lockdep_init_map_type+0x5c/0x250 [ 1046.356587][T29894] security_inode_alloc+0x3b/0x2c0 [ 1046.356629][T29894] inode_init_always_gfp+0xced/0x1040 [ 1046.356674][T29894] alloc_inode+0x8e/0x250 [ 1046.356703][T29894] iget_locked+0x1d9/0x6d0 [ 1046.356731][T29894] ? __pfx_iget_locked+0x10/0x10 [ 1046.356755][T29894] ? kernfs_root+0xee/0x2a0 [ 1046.356798][T29894] ? kernfs_root+0xee/0x2a0 [ 1046.356849][T29894] kernfs_get_inode+0x46/0x470 [ 1046.356893][T29894] kernfs_iop_lookup+0x1a7/0x2d0 [ 1046.356942][T29894] lookup_open.isra.0+0x631/0x11b0 [ 1046.356982][T29894] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1046.357021][T29894] ? __pfx___might_resched+0x10/0x10 [ 1046.357054][T29894] ? mnt_get_write_access+0x52/0x2f0 [ 1046.357106][T29894] ? __pfx_down_write+0x10/0x10 [ 1046.357149][T29894] ? mnt_get_write_access+0x1e9/0x2f0 [ 1046.357203][T29894] path_openat+0x2291/0x31a0 [ 1046.357253][T29894] ? __pfx_path_openat+0x10/0x10 [ 1046.357304][T29894] do_file_open+0x20e/0x430 [ 1046.357344][T29894] ? __pfx_do_file_open+0x10/0x10 [ 1046.357428][T29894] ? alloc_fd+0x476/0x790 [ 1046.357471][T29894] ? do_getname+0x191/0x390 [ 1046.357525][T29894] do_sys_openat2+0x10d/0x1e0 [ 1046.357554][T29894] ? __pfx_do_sys_openat2+0x10/0x10 [ 1046.357612][T29894] __x64_sys_openat+0x12d/0x210 [ 1046.357640][T29894] ? __pfx___x64_sys_openat+0x10/0x10 [ 1046.357665][T29894] ? ksys_read+0x1ac/0x250 [ 1046.357712][T29894] do_syscall_64+0x106/0xf80 [ 1046.357750][T29894] ? clear_bhb_loop+0x40/0x90 [ 1046.357785][T29894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1046.357814][T29894] RIP: 0033:0x7f471c99bf79 [ 1046.357839][T29894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1046.357867][T29894] RSP: 002b:00007f471d8d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1046.357895][T29894] RAX: ffffffffffffffda RBX: 00007f471cc15fa0 RCX: 00007f471c99bf79 [ 1046.357914][T29894] RDX: 0000000000028442 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1046.357933][T29894] RBP: 00007f471ca327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1046.357950][T29894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1046.357967][T29894] R13: 00007f471cc16038 R14: 00007f471cc15fa0 R15: 00007ffd7b10fde8 [ 1046.358006][T29894] [ 1046.848361][T29902] netlink: 146 bytes leftover after parsing attributes in process `syz.6.8440'. [ 1048.948057][T29956] binder: 29955:29956 ioctl 5309 38 returned -22 [ 1048.974081][T29956] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8463'. [ 1049.000450][T29956] binder: 29955:29956 ioctl ae41 ffffffffffffffff returned -22 [ 1049.074683][T29958] zswap: compressor not available [ 1049.436080][T29972] netlink: 18 bytes leftover after parsing attributes in process `syz.7.8467'. [ 1049.768111][T29981] FAULT_INJECTION: forcing a failure. [ 1049.768111][T29981] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1049.856658][T29981] CPU: 1 UID: 0 PID: 29981 Comm: syz.1.8470 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1049.856708][T29981] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1049.856719][T29981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1049.856734][T29981] Call Trace: [ 1049.856744][T29981] [ 1049.856755][T29981] dump_stack_lvl+0x100/0x190 [ 1049.856803][T29981] should_fail_ex.cold+0x5/0xa [ 1049.856835][T29981] get_futex_key+0x1d2/0x1620 [ 1049.856878][T29981] ? __pfx_get_futex_key+0x10/0x10 [ 1049.856916][T29981] ? trace_ignore_this_task+0x56/0x100 [ 1049.856953][T29981] ? trace_ignore_this_task+0x56/0x100 [ 1049.856997][T29981] futex_wait_setup+0x81/0x500 [ 1049.857039][T29981] __futex_wait+0x19f/0x300 [ 1049.857074][T29981] ? __pfx___futex_wait+0x10/0x10 [ 1049.857101][T29981] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1049.857161][T29981] ? lockdep_hardirqs_on+0x78/0x100 [ 1049.857214][T29981] ? __pfx_futex_wake_mark+0x10/0x10 [ 1049.857253][T29981] ? find_held_lock+0x2b/0x80 [ 1049.857290][T29981] ? futex_wake+0x456/0x530 [ 1049.857333][T29981] futex_wait+0xed/0x380 [ 1049.857369][T29981] ? __pfx_futex_wait+0x10/0x10 [ 1049.857418][T29981] ? proc_id_connector+0x2ed/0x650 [ 1049.857465][T29981] do_futex+0x1ef/0x350 [ 1049.857496][T29981] ? __pfx_do_futex+0x10/0x10 [ 1049.857526][T29981] ? find_held_lock+0x2b/0x80 [ 1049.857575][T29981] __x64_sys_futex+0x34f/0x4d0 [ 1049.857610][T29981] ? __pfx___x64_sys_futex+0x10/0x10 [ 1049.857645][T29981] ? __sys_setresgid+0x645/0x12f0 [ 1049.857696][T29981] do_syscall_64+0x106/0xf80 [ 1049.857736][T29981] ? clear_bhb_loop+0x40/0x90 [ 1049.857772][T29981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1049.857800][T29981] RIP: 0033:0x7f724a39bf79 [ 1049.857825][T29981] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1049.857854][T29981] RSP: 002b:00007f724b32c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1049.857882][T29981] RAX: ffffffffffffffda RBX: 00007f724a615fa8 RCX: 00007f724a39bf79 [ 1049.857902][T29981] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f724a615fa8 [ 1049.857921][T29981] RBP: 00007f724a615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1049.857939][T29981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1049.857956][T29981] R13: 00007f724a616038 R14: 00007fffbc9b5c90 R15: 00007fffbc9b5d78 [ 1049.857994][T29981] [ 1051.132753][T29785] mkiss: ax0: crc mode is auto. [ 1051.356866][T30007] mkiss: ax1: crc mode is auto. [ 1051.773745][T30011] zswap: compressor not available [ 1052.299821][T30027] netlink: 202 bytes leftover after parsing attributes in process `syz.7.8484'. [ 1052.311802][T30024] ERROR: Out of memory at tomoyo_memory_ok. [ 1053.515006][T30061] zswap: compressor not available [ 1054.303512][T30082] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 1054.445617][T30085] FAULT_INJECTION: forcing a failure. [ 1054.445617][T30085] name failslab, interval 1, probability 393216, space 0, times 0 [ 1054.462954][T30087] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8503'. [ 1054.472763][T30085] CPU: 1 UID: 0 PID: 30085 Comm: syz.7.8511 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1054.472813][T30085] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1054.472824][T30085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1054.472840][T30085] Call Trace: [ 1054.472849][T30085] [ 1054.472861][T30085] dump_stack_lvl+0x100/0x190 [ 1054.472907][T30085] should_fail_ex.cold+0x5/0xa [ 1054.472939][T30085] should_failslab+0xc2/0x120 [ 1054.472976][T30085] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1054.473009][T30085] ? seq_open+0x55/0x170 [ 1054.473033][T30085] ? lockdep_init_map_type+0x5c/0x250 [ 1054.473072][T30085] seq_open+0x55/0x170 [ 1054.473109][T30085] kernfs_fop_open+0x590/0xd50 [ 1054.473156][T30085] do_dentry_open+0x6d8/0x1660 [ 1054.473193][T30085] ? __pfx_kernfs_fop_open+0x10/0x10 [ 1054.473233][T30085] vfs_open+0x82/0x3f0 [ 1054.473279][T30085] path_openat+0x208c/0x31a0 [ 1054.473323][T30085] ? __pfx_path_openat+0x10/0x10 [ 1054.473374][T30085] do_file_open+0x20e/0x430 [ 1054.473415][T30085] ? __pfx_do_file_open+0x10/0x10 [ 1054.473476][T30085] ? alloc_fd+0x476/0x790 [ 1054.473515][T30085] ? do_getname+0x191/0x390 [ 1054.473562][T30085] do_sys_openat2+0x10d/0x1e0 [ 1054.473589][T30085] ? __pfx_do_sys_openat2+0x10/0x10 [ 1054.473648][T30085] __x64_sys_openat+0x12d/0x210 [ 1054.473677][T30085] ? __pfx___x64_sys_openat+0x10/0x10 [ 1054.473704][T30085] ? xfd_validate_state+0x129/0x190 [ 1054.473753][T30085] do_syscall_64+0x106/0xf80 [ 1054.473792][T30085] ? clear_bhb_loop+0x40/0x90 [ 1054.473828][T30085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1054.473856][T30085] RIP: 0033:0x7f12c9d9bf79 [ 1054.473880][T30085] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1054.473908][T30085] RSP: 002b:00007f12cac58028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1054.473935][T30085] RAX: ffffffffffffffda RBX: 00007f12ca015fa0 RCX: 00007f12c9d9bf79 [ 1054.473956][T30085] RDX: 0000000000028442 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1054.473975][T30085] RBP: 00007f12c9e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1054.473993][T30085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1054.474010][T30085] R13: 00007f12ca016038 R14: 00007f12ca015fa0 R15: 00007ffeb524f948 [ 1054.474049][T30085] [ 1054.752788][T30087] bridge0: port 2(bridge_slave_1) entered disabled state [ 1054.789917][T30087] bridge_slave_1 (unregistering): left allmulticast mode [ 1054.819270][T30087] bridge_slave_1 (unregistering): left promiscuous mode [ 1054.862082][T30087] bridge0: port 2(bridge_slave_1) entered disabled state [ 1056.181759][T30106] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1056.188347][T30106] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1056.194818][T30106] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1056.210161][T30106] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1057.422717][T30148] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8520'. [ 1057.500490][T25655] Bluetooth: hci2: command 0x0406 tx timeout [ 1057.882801][T30162] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8527'. [ 1057.902110][T30162] netlink: 25 bytes leftover after parsing attributes in process `syz.4.8527'. [ 1057.946718][T30164] FAULT_INJECTION: forcing a failure. [ 1057.946718][T30164] name failslab, interval 1, probability 393216, space 0, times 0 [ 1057.988896][T30164] CPU: 1 UID: 0 PID: 30164 Comm: syz.7.8528 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1057.988948][T30164] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1057.988960][T30164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1057.988977][T30164] Call Trace: [ 1057.988987][T30164] [ 1057.989000][T30164] dump_stack_lvl+0x100/0x190 [ 1057.989049][T30164] should_fail_ex.cold+0x5/0xa [ 1057.989082][T30164] should_failslab+0xc2/0x120 [ 1057.989121][T30164] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1057.989148][T30164] ? madvise_collapse+0x1b5/0xbe0 [ 1057.989198][T30164] madvise_collapse+0x1b5/0xbe0 [ 1057.989239][T30164] ? lock_acquire+0x17c/0x330 [ 1057.989269][T30164] ? find_held_lock+0x2b/0x80 [ 1057.989308][T30164] ? finish_task_switch.isra.0+0x200/0xb80 [ 1057.989351][T30164] ? finish_task_switch.isra.0+0x200/0xb80 [ 1057.989397][T30164] ? rcu_is_watching+0x12/0xc0 [ 1057.989433][T30164] ? __pfx_madvise_collapse+0x10/0x10 [ 1057.989484][T30164] ? mtree_range_walk+0x6ce/0xcd0 [ 1057.989537][T30164] madvise_vma_behavior+0x172d/0x2ec0 [ 1057.989582][T30164] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 1057.989628][T30164] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1057.989670][T30164] ? mas_prev+0x9b/0xf0 [ 1057.989712][T30164] ? __pfx_mas_prev+0x10/0x10 [ 1057.989754][T30164] ? find_vma_prev+0xd8/0x150 [ 1057.989789][T30164] ? futex_unqueue+0x133/0x2c0 [ 1057.989816][T30164] ? __pfx_find_vma_prev+0x10/0x10 [ 1057.989865][T30164] ? __futex_wait+0x256/0x300 [ 1057.989903][T30164] madvise_walk_vmas+0x2fe/0xa90 [ 1057.989950][T30164] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1057.989998][T30164] madvise_do_behavior+0x1ea/0x510 [ 1057.990038][T30164] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1057.990078][T30164] ? down_read+0x13b/0x460 [ 1057.990122][T30164] do_madvise+0x195/0x240 [ 1057.990163][T30164] ? __pfx_do_madvise+0x10/0x10 [ 1057.990204][T30164] ? do_futex+0x192/0x350 [ 1057.990253][T30164] ? xfd_validate_state+0x129/0x190 [ 1057.990286][T30164] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 1057.990327][T30164] __x64_sys_madvise+0xa9/0x110 [ 1057.990368][T30164] ? lockdep_hardirqs_on+0x78/0x100 [ 1057.990406][T30164] do_syscall_64+0x106/0xf80 [ 1057.990443][T30164] ? clear_bhb_loop+0x40/0x90 [ 1057.990475][T30164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1057.990513][T30164] RIP: 0033:0x7f12c9d9bf79 [ 1057.990537][T30164] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1057.990569][T30164] RSP: 002b:00007f12cac58028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1057.990594][T30164] RAX: ffffffffffffffda RBX: 00007f12ca015fa0 RCX: 00007f12c9d9bf79 [ 1057.990612][T30164] RDX: 0000000000000019 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 1057.990628][T30164] RBP: 00007f12c9e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1057.990645][T30164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1057.990660][T30164] R13: 00007f12ca016038 R14: 00007f12ca015fa0 R15: 00007ffeb524f948 [ 1057.990696][T30164] [ 1058.324198][T25655] Bluetooth: hci4: command 0x0c1a tx timeout [ 1058.330990][T25655] Bluetooth: hci3: command 0x0c1a tx timeout [ 1058.337170][T25655] Bluetooth: hci1: command 0x0c1a tx timeout [ 1058.449750][T30172] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8530'. [ 1058.560297][T30166] zswap: compressor not available [ 1058.793157][T30181] netlink: 17 bytes leftover after parsing attributes in process `syz.1.8534'. [ 1058.812258][T30181] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8534'. [ 1059.102510][T30188] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input30 [ 1059.116297][ T5173] ERROR: Out of memory at tomoyo_memory_ok. [ 1059.579485][T30204] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8542'. [ 1059.638294][T30204] netlink: 13 bytes leftover after parsing attributes in process `syz.1.8542'. [ 1059.664485][T30197] zswap: compressor not available [ 1059.740124][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 1059.747120][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 1061.497074][T30257] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8560'. [ 1061.516912][T30257] netlink: 354 bytes leftover after parsing attributes in process `syz.4.8560'. [ 1062.067788][T30275] netlink: 'syz.7.8567': attribute type 7 has an invalid length. [ 1062.254147][T30283] netlink: 'syz.6.8571': attribute type 1 has an invalid length. [ 1062.269475][T30283] netlink: 'syz.6.8571': attribute type 6 has an invalid length. [ 1062.436799][T30024] mkiss: ax0: crc mode is auto. [ 1062.730436][T30299] __nla_validate_parse: 5 callbacks suppressed [ 1062.730461][T30299] netlink: 330 bytes leftover after parsing attributes in process `syz.1.8575'. [ 1062.786239][T30299] gretap0: refused to change device tx_queue_len [ 1063.539592][T30320] ERROR: Out of memory at tomoyo_memory_ok. [ 1064.040405][T30333] netlink: 266 bytes leftover after parsing attributes in process `syz.4.8588'. [ 1064.067969][T30333] IPv6: NLM_F_CREATE should be specified when creating new route [ 1064.180706][T30337] sp0: Synchronizing with TNC [ 1065.664152][T30365] FAULT_INJECTION: forcing a failure. [ 1065.664152][T30365] name failslab, interval 1, probability 393216, space 0, times 0 [ 1065.681547][T30365] CPU: 0 UID: 0 PID: 30365 Comm: syz.7.8607 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1065.681597][T30365] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1065.681611][T30365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1065.681631][T30365] Call Trace: [ 1065.681642][T30365] [ 1065.681654][T30365] dump_stack_lvl+0x100/0x190 [ 1065.681701][T30365] should_fail_ex.cold+0x5/0xa [ 1065.681736][T30365] should_failslab+0xc2/0x120 [ 1065.681781][T30365] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1065.681809][T30365] ? acpi_ds_create_walk_state+0x95/0x300 [ 1065.681851][T30365] ? acpi_ut_status_exit+0x111/0x1c0 [ 1065.681897][T30365] acpi_ds_create_walk_state+0x95/0x300 [ 1065.681943][T30365] acpi_ds_call_control_method+0x226/0xab0 [ 1065.681987][T30365] acpi_ps_parse_aml+0xacd/0x1120 [ 1065.682035][T30365] acpi_ps_execute_method+0x5c4/0xe90 [ 1065.682086][T30365] acpi_ns_evaluate+0x640/0x1670 [ 1065.682131][T30365] acpi_evaluate_object+0x420/0xe00 [ 1065.682169][T30365] ? kasan_save_stack+0x30/0x50 [ 1065.682202][T30365] ? kasan_save_track+0x14/0x30 [ 1065.682242][T30365] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1065.682289][T30365] ? __pfx___might_resched+0x10/0x10 [ 1065.682332][T30365] acpi_evaluate_integer+0xdf/0x220 [ 1065.682367][T30365] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1065.682417][T30365] ? __pfx_status_show+0x10/0x10 [ 1065.682454][T30365] status_show+0xa0/0x120 [ 1065.682492][T30365] ? __pfx_status_show+0x10/0x10 [ 1065.682540][T30365] dev_attr_show+0x52/0xa0 [ 1065.682582][T30365] ? __pfx_dev_attr_show+0x10/0x10 [ 1065.682621][T30365] sysfs_kf_seq_show+0x217/0x3a0 [ 1065.682672][T30365] seq_read_iter+0x32f/0x1270 [ 1065.682723][T30365] kernfs_fop_read_iter+0x46c/0x610 [ 1065.682761][T30365] ? rw_verify_area+0xce/0x6d0 [ 1065.682792][T30365] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 1065.682831][T30365] vfs_read+0x825/0xb30 [ 1065.682870][T30365] ? __pfx_vfs_read+0x10/0x10 [ 1065.682931][T30365] ksys_read+0x12a/0x250 [ 1065.682966][T30365] ? __pfx_ksys_read+0x10/0x10 [ 1065.683013][T30365] do_syscall_64+0x106/0xf80 [ 1065.683054][T30365] ? clear_bhb_loop+0x40/0x90 [ 1065.683091][T30365] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1065.683127][T30365] RIP: 0033:0x7f12c9d9bf79 [ 1065.683152][T30365] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1065.683182][T30365] RSP: 002b:00007f12cac58028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1065.683211][T30365] RAX: ffffffffffffffda RBX: 00007f12ca015fa0 RCX: 00007f12c9d9bf79 [ 1065.683232][T30365] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000005 [ 1065.683250][T30365] RBP: 00007f12c9e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1065.683270][T30365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1065.683287][T30365] R13: 00007f12ca016038 R14: 00007f12ca015fa0 R15: 00007ffeb524f948 [ 1065.683328][T30365] [ 1066.014154][T30365] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 1068.340082][T30436] netlink: 266 bytes leftover after parsing attributes in process `syz.6.8624'. [ 1068.375934][T30436] IPv6: NLM_F_CREATE should be specified when creating new route [ 1068.554217][T30440] ERROR: Out of memory at tomoyo_memory_ok. [ 1068.557601][T30444] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8627'. [ 1068.913278][T30454] mkiss: ax1: crc mode is auto. [ 1071.045162][T30500] FAULT_INJECTION: forcing a failure. [ 1071.045162][T30500] name failslab, interval 1, probability 393216, space 0, times 0 [ 1071.074781][T30500] CPU: 1 UID: 0 PID: 30500 Comm: syz.6.8649 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1071.074837][T30500] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1071.074850][T30500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1071.074869][T30500] Call Trace: [ 1071.074878][T30500] [ 1071.074890][T30500] dump_stack_lvl+0x100/0x190 [ 1071.074939][T30500] should_fail_ex.cold+0x5/0xa [ 1071.074973][T30500] ? sk_prot_alloc+0x10b/0x2a0 [ 1071.075000][T30500] should_failslab+0xc2/0x120 [ 1071.075040][T30500] __kmalloc_noprof+0xe0/0x850 [ 1071.075075][T30500] ? lockdep_init_map_type+0x5c/0x250 [ 1071.075110][T30500] sk_prot_alloc+0x10b/0x2a0 [ 1071.075141][T30500] sk_alloc+0x36/0xe80 [ 1071.075181][T30500] pppoe_create+0x32/0x360 [ 1071.075221][T30500] pppox_create+0x15c/0x2c0 [ 1071.075262][T30500] __sock_create+0x339/0x860 [ 1071.075300][T30500] __sys_socket+0x14d/0x260 [ 1071.075359][T30500] ? __fget_files+0x21f/0x3d0 [ 1071.075401][T30500] ? __pfx___sys_socket+0x10/0x10 [ 1071.075433][T30500] ? xfd_validate_state+0x129/0x190 [ 1071.075481][T30500] __x64_sys_socket+0x72/0xb0 [ 1071.075512][T30500] ? lockdep_hardirqs_on+0x78/0x100 [ 1071.075554][T30500] do_syscall_64+0x106/0xf80 [ 1071.075593][T30500] ? clear_bhb_loop+0x40/0x90 [ 1071.075628][T30500] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.075658][T30500] RIP: 0033:0x7f471c99bf79 [ 1071.075684][T30500] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1071.075712][T30500] RSP: 002b:00007f471d8d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1071.075741][T30500] RAX: ffffffffffffffda RBX: 00007f471cc15fa0 RCX: 00007f471c99bf79 [ 1071.075761][T30500] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000018 [ 1071.075780][T30500] RBP: 00007f471ca327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1071.075799][T30500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1071.075816][T30500] R13: 00007f471cc16038 R14: 00007f471cc15fa0 R15: 00007ffd7b10fde8 [ 1071.075857][T30500] [ 1071.119344][T30498] netlink: 186 bytes leftover after parsing attributes in process `syz.1.8650'. [ 1071.656519][T30519] serio: Serial port pty6 [ 1071.749815][T30523] netlink: 330 bytes leftover after parsing attributes in process `syz.7.8656'. [ 1072.245902][T30535] mkiss: ax1: crc mode is auto. [ 1072.633753][T30549] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8667'. [ 1072.829093][T30553] Falling back ldisc for pty66. [ 1072.988049][T30557] ======================================================= [ 1072.988049][T30557] WARNING: The mand mount option has been deprecated and [ 1072.988049][T30557] and is ignored by this kernel. Remove the mand [ 1072.988049][T30557] option from the mount to silence this warning. [ 1072.988049][T30557] ======================================================= [ 1073.274362][T30569] netlink: 266 bytes leftover after parsing attributes in process `syz.7.8676'. [ 1073.356119][T30569] IPv6: NLM_F_CREATE should be specified when creating new route [ 1073.588325][T30581] netlink: 'syz.1.8681': attribute type 1 has an invalid length. [ 1073.596594][T30581] netlink: 'syz.1.8681': attribute type 6 has an invalid length. [ 1073.693568][T30320] mkiss: ax0: crc mode is auto. [ 1074.858231][T30606] ERROR: Out of memory at tomoyo_memory_ok. [ 1076.205455][T30642] netlink: 142 bytes leftover after parsing attributes in process `syz.1.8699'. [ 1078.304749][T30683] netlink: 342 bytes leftover after parsing attributes in process `syz.7.8714'. [ 1080.057269][T30714] zswap: compressor not available [ 1081.495555][T30746] netlink: 'syz.4.8732': attribute type 7 has an invalid length. [ 1081.523846][T30746] netlink: 17 bytes leftover after parsing attributes in process `syz.4.8732'. [ 1081.597326][T30751] futex_wake_op: syz.6.8734 tries to shift op by -2048; fix this program [ 1081.631907][T30751] futex_wake_op: syz.6.8734 tries to shift op by -2048; fix this program [ 1082.356492][T30770] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0 [ 1082.520207][T30778] ERROR: Out of memory at tomoyo_memory_ok. [ 1085.030441][T30606] mkiss: ax0: crc mode is auto. [ 1085.542103][T30852] FAULT_INJECTION: forcing a failure. [ 1085.542103][T30852] name failslab, interval 1, probability 393216, space 0, times 0 [ 1085.561584][T30852] CPU: 1 UID: 0 PID: 30852 Comm: syz.7.8767 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1085.561635][T30852] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1085.561647][T30852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1085.561663][T30852] Call Trace: [ 1085.561673][T30852] [ 1085.561684][T30852] dump_stack_lvl+0x100/0x190 [ 1085.561728][T30852] should_fail_ex.cold+0x5/0xa [ 1085.561764][T30852] should_failslab+0xc2/0x120 [ 1085.561802][T30852] __kvmalloc_node_noprof+0xfa/0xa00 [ 1085.561831][T30852] ? alloc_fdtable+0x110/0x2d0 [ 1085.561868][T30852] alloc_fdtable+0x110/0x2d0 [ 1085.561898][T30852] dup_fd+0x995/0xd10 [ 1085.561938][T30852] __do_sys_close_range+0x327/0x740 [ 1085.561976][T30852] ? __pfx___do_sys_close_range+0x10/0x10 [ 1085.562019][T30852] do_syscall_64+0x106/0xf80 [ 1085.562055][T30852] ? clear_bhb_loop+0x40/0x90 [ 1085.562087][T30852] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1085.562112][T30852] RIP: 0033:0x7f12c9d9bf79 [ 1085.562135][T30852] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1085.562161][T30852] RSP: 002b:00007f12cac58028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1085.562186][T30852] RAX: ffffffffffffffda RBX: 00007f12ca015fa0 RCX: 00007f12c9d9bf79 [ 1085.562205][T30852] RDX: 0000000000000002 RSI: 0000000000000008 RDI: 0000000000000004 [ 1085.562221][T30852] RBP: 00007f12c9e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1085.562238][T30852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1085.562254][T30852] R13: 00007f12ca016038 R14: 00007f12ca015fa0 R15: 00007ffeb524f948 [ 1085.562288][T30852] [ 1086.191428][T30861] ERROR: Out of memory at tomoyo_memory_ok. [ 1088.253925][T30921] sp0: Synchronizing with TNC [ 1088.381128][T30925] sp0: Synchronizing with TNC [ 1088.563355][T30930] netlink: 342 bytes leftover after parsing attributes in process `syz.7.8792'. [ 1088.590907][T30930] netlink: 306 bytes leftover after parsing attributes in process `syz.7.8792'. [ 1088.718607][T30936] FAULT_INJECTION: forcing a failure. [ 1088.718607][T30936] name failslab, interval 1, probability 393216, space 0, times 0 [ 1088.755156][T30936] CPU: 0 UID: 0 PID: 30936 Comm: syz.7.8796 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1088.755204][T30936] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1088.755216][T30936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1088.755232][T30936] Call Trace: [ 1088.755242][T30936] [ 1088.755252][T30936] dump_stack_lvl+0x100/0x190 [ 1088.755298][T30936] should_fail_ex.cold+0x5/0xa [ 1088.755333][T30936] should_failslab+0xc2/0x120 [ 1088.755372][T30936] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1088.755400][T30936] ? create_filter_start.constprop.0+0x1c4/0x310 [ 1088.755439][T30936] ? __asan_memcpy+0x3c/0x60 [ 1088.755476][T30936] create_filter_start.constprop.0+0x1c4/0x310 [ 1088.755516][T30936] create_filter+0xb5/0x210 [ 1088.755549][T30936] ? __pfx_create_filter+0x10/0x10 [ 1088.755585][T30936] ? find_held_lock+0x2b/0x80 [ 1088.755630][T30936] apply_event_filter+0x220/0x500 [ 1088.755668][T30936] ? __pfx_apply_event_filter+0x10/0x10 [ 1088.755716][T30936] event_filter_write+0x16d/0x290 [ 1088.755761][T30936] vfs_write+0x2aa/0x1070 [ 1088.755797][T30936] ? __pfx_event_filter_write+0x10/0x10 [ 1088.755854][T30936] ? __pfx_vfs_write+0x10/0x10 [ 1088.755887][T30936] ? __fget_files+0x215/0x3d0 [ 1088.755931][T30936] ? __fget_files+0x21f/0x3d0 [ 1088.755975][T30936] ksys_write+0x12a/0x250 [ 1088.756005][T30936] ? __pfx_ksys_write+0x10/0x10 [ 1088.756049][T30936] do_syscall_64+0x106/0xf80 [ 1088.756088][T30936] ? clear_bhb_loop+0x40/0x90 [ 1088.756123][T30936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1088.756152][T30936] RIP: 0033:0x7f12c9d9bf79 [ 1088.756177][T30936] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1088.756205][T30936] RSP: 002b:00007f12cac58028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1088.756234][T30936] RAX: ffffffffffffffda RBX: 00007f12ca015fa0 RCX: 00007f12c9d9bf79 [ 1088.756254][T30936] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1088.756272][T30936] RBP: 00007f12c9e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1088.756288][T30936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1088.756305][T30936] R13: 00007f12ca016038 R14: 00007f12ca015fa0 R15: 00007ffeb524f948 [ 1088.756346][T30936] [ 1088.871785][T30933] netlink: 330 bytes leftover after parsing attributes in process `syz.4.8794'. [ 1090.337584][T30963] netlink: 25 bytes leftover after parsing attributes in process `syz.4.8805'. [ 1090.889036][T30986] netlink: 334 bytes leftover after parsing attributes in process `syz.1.8815'. [ 1091.215656][T31001] netlink: 334 bytes leftover after parsing attributes in process `syz.7.8821'. [ 1093.105935][T31053] netlink: 25 bytes leftover after parsing attributes in process `syz.7.8846'. [ 1093.122446][T31054] netlink: 334 bytes leftover after parsing attributes in process `syz.6.8839'. [ 1093.313800][T31060] netlink: 'syz.6.8842': attribute type 21 has an invalid length. [ 1093.327417][T31060] netlink: 326 bytes leftover after parsing attributes in process `syz.6.8842'. [ 1093.569733][T31071] zero sized request [ 1093.828268][T31078] FAULT_INJECTION: forcing a failure. [ 1093.828268][T31078] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1093.884621][T31078] CPU: 0 UID: 0 PID: 31078 Comm: syz.7.8849 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1093.884667][T31078] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1093.884675][T31078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1093.884685][T31078] Call Trace: [ 1093.884691][T31078] [ 1093.884698][T31078] dump_stack_lvl+0x100/0x190 [ 1093.884726][T31078] should_fail_ex.cold+0x5/0xa [ 1093.884741][T31078] ? prepare_alloc_pages+0x16d/0x5f0 [ 1093.884765][T31078] should_fail_alloc_page+0xeb/0x140 [ 1093.884786][T31078] prepare_alloc_pages+0x1f0/0x5f0 [ 1093.884807][T31078] ? workingset_test_recent+0x42d/0xe90 [ 1093.884828][T31078] __alloc_frozen_pages_noprof+0x19a/0x2ae0 [ 1093.884846][T31078] ? workingset_test_recent+0x143/0xe90 [ 1093.884865][T31078] ? local_lock_release+0x99/0x130 [ 1093.884889][T31078] ? __lock_acquire+0x4a5/0x2630 [ 1093.884905][T31078] ? mod_memcg_lruvec_state+0x1a6/0x5d0 [ 1093.884930][T31078] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1093.884953][T31078] ? __lock_acquire+0x4a5/0x2630 [ 1093.884975][T31078] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1093.884997][T31078] ? policy_nodemask+0xed/0x4f0 [ 1093.885018][T31078] alloc_pages_mpol+0x1fb/0x550 [ 1093.885039][T31078] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1093.885059][T31078] ? swap_entry_swapped+0x1ff/0x2b0 [ 1093.885078][T31078] ? __pfx_swap_entry_swapped+0x10/0x10 [ 1093.885100][T31078] folio_alloc_mpol_noprof+0x36/0x340 [ 1093.885124][T31078] swap_cache_alloc_folio+0x1a8/0x300 [ 1093.885141][T31078] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 1093.885157][T31078] ? __pfx_get_swap_device+0x10/0x10 [ 1093.885175][T31078] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1093.885197][T31078] read_swap_cache_async+0xd9/0x480 [ 1093.885214][T31078] ? __pfx_read_swap_cache_async+0x10/0x10 [ 1093.885231][T31078] ? find_held_lock+0x2b/0x80 [ 1093.885250][T31078] ? find_held_lock+0x2b/0x80 [ 1093.885270][T31078] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1093.885290][T31078] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1093.885315][T31078] swapin_walk_pmd_entry+0x2fd/0x640 [ 1093.885338][T31078] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1093.885359][T31078] ? tomoyo_path_perm+0x29c/0x460 [ 1093.885379][T31078] ? kasan_save_stack+0x3f/0x50 [ 1093.885405][T31078] ? kasan_save_stack+0x30/0x50 [ 1093.885422][T31078] ? kasan_save_track+0x14/0x30 [ 1093.885439][T31078] ? __kasan_slab_free+0x5f/0x80 [ 1093.885457][T31078] ? kfree+0x1aa/0x670 [ 1093.885469][T31078] ? tomoyo_path_perm+0x29c/0x460 [ 1093.885489][T31078] ? security_file_truncate+0xb5/0x1e0 [ 1093.885513][T31078] ? path_openat+0x1c6e/0x31a0 [ 1093.885531][T31078] ? do_file_open+0x20e/0x430 [ 1093.885550][T31078] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1093.885572][T31078] walk_pgd_range+0xc04/0x1eb0 [ 1093.885603][T31078] ? __pfx_walk_pgd_range+0x10/0x10 [ 1093.885626][T31078] __walk_page_range+0x163/0x820 [ 1093.885653][T31078] ? __lock_acquire+0x4a5/0x2630 [ 1093.885679][T31078] walk_page_range_vma_unsafe+0x209/0x8f0 [ 1093.885713][T31078] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 1093.885764][T31078] walk_page_range_vma+0x63/0x90 [ 1093.885800][T31078] madvise_vma_behavior+0x1cbc/0x2ec0 [ 1093.885823][T31078] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 1093.885847][T31078] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1093.885868][T31078] ? mas_prev+0x9b/0xf0 [ 1093.885889][T31078] ? __pfx_mas_prev+0x10/0x10 [ 1093.885918][T31078] ? find_vma_prev+0xd8/0x150 [ 1093.885939][T31078] ? __pfx_find_vma_prev+0x10/0x10 [ 1093.885959][T31078] ? __pfx___schedule+0x10/0x10 [ 1093.885989][T31078] madvise_walk_vmas+0x2fe/0xa90 [ 1093.886014][T31078] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1093.886041][T31078] madvise_do_behavior+0x1ea/0x510 [ 1093.886062][T31078] ? futex_private_hash_put+0x107/0x1c0 [ 1093.886087][T31078] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1093.886109][T31078] ? down_read+0x13b/0x460 [ 1093.886132][T31078] do_madvise+0x195/0x240 [ 1093.886153][T31078] ? __pfx_do_madvise+0x10/0x10 [ 1093.886174][T31078] ? do_futex+0x192/0x350 [ 1093.886193][T31078] ? __fget_files+0x21f/0x3d0 [ 1093.886217][T31078] ? xfd_validate_state+0x129/0x190 [ 1093.886241][T31078] __x64_sys_madvise+0xa9/0x110 [ 1093.886263][T31078] ? lockdep_hardirqs_on+0x78/0x100 [ 1093.886283][T31078] do_syscall_64+0x106/0xf80 [ 1093.886303][T31078] ? clear_bhb_loop+0x40/0x90 [ 1093.886322][T31078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1093.886338][T31078] RIP: 0033:0x7f12c9d9bf79 [ 1093.886353][T31078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1093.886368][T31078] RSP: 002b:00007f12cac58028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1093.886383][T31078] RAX: ffffffffffffffda RBX: 00007f12ca015fa0 RCX: 00007f12c9d9bf79 [ 1093.886401][T31078] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 1093.886411][T31078] RBP: 00007f12c9e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1093.886421][T31078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1093.886431][T31078] R13: 00007f12ca016038 R14: 00007f12ca015fa0 R15: 00007ffeb524f948 [ 1093.886452][T31078] [ 1094.881167][T31093] kvm_intel: kvm [31092]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xfffffffffffffffe [ 1095.173508][T31107] FAULT_INJECTION: forcing a failure. [ 1095.173508][T31107] name failslab, interval 1, probability 393216, space 0, times 0 [ 1095.236587][T31107] CPU: 1 UID: 8 PID: 31107 Comm: syz.4.8862 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1095.236619][T31107] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1095.236625][T31107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1095.236635][T31107] Call Trace: [ 1095.236642][T31107] [ 1095.236649][T31107] dump_stack_lvl+0x100/0x190 [ 1095.236677][T31107] should_fail_ex.cold+0x5/0xa [ 1095.236696][T31107] should_failslab+0xc2/0x120 [ 1095.236717][T31107] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1095.236734][T31107] ? key_alloc+0x3c5/0x1310 [ 1095.236755][T31107] ? mark_held_locks+0x40/0x70 [ 1095.236775][T31107] key_alloc+0x3c5/0x1310 [ 1095.236805][T31107] ? __pfx_key_alloc+0x10/0x10 [ 1095.236826][T31107] ? __pfx_key_default_cmp+0x10/0x10 [ 1095.236842][T31107] ? __pfx_keyring_search_iterator+0x10/0x10 [ 1095.236860][T31107] keyring_alloc+0x44/0xc0 [ 1095.236878][T31107] look_up_user_keyrings+0x508/0x790 [ 1095.236903][T31107] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 1095.236923][T31107] ? futex_wake+0x1ad/0x530 [ 1095.236943][T31107] ? __pfx_futex_wake+0x10/0x10 [ 1095.236964][T31107] lookup_user_key+0xbb1/0x1300 [ 1095.236986][T31107] ? __pfx_lookup_user_key+0x10/0x10 [ 1095.237012][T31107] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1095.237036][T31107] ? __x64_sys_futex+0x34f/0x4d0 [ 1095.237051][T31107] ? __x64_sys_futex+0x358/0x4d0 [ 1095.237070][T31107] keyctl_session_to_parent+0x28/0xae0 [ 1095.237094][T31107] __do_sys_keyctl+0x2b1/0x5a0 [ 1095.237114][T31107] do_syscall_64+0x106/0xf80 [ 1095.237135][T31107] ? clear_bhb_loop+0x40/0x90 [ 1095.237156][T31107] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1095.237171][T31107] RIP: 0033:0x7f645c59bf79 [ 1095.237186][T31107] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1095.237200][T31107] RSP: 002b:00007f645d38e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1095.237216][T31107] RAX: ffffffffffffffda RBX: 00007f645c815fa0 RCX: 00007f645c59bf79 [ 1095.237226][T31107] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 1095.237236][T31107] RBP: 00007f645c6327e0 R08: 0000000000000001 R09: 0000000000000000 [ 1095.237245][T31107] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 1095.237254][T31107] R13: 00007f645c816038 R14: 00007f645c815fa0 R15: 00007ffe48f60b88 [ 1095.237275][T31107] [ 1096.120055][T31124] netlink: 342 bytes leftover after parsing attributes in process `syz.1.8866'. [ 1096.311807][T31124] netlink: 306 bytes leftover after parsing attributes in process `syz.1.8866'. [ 1096.326480][T31130] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1096.416686][T30861] mkiss: ax0: crc mode is auto. [ 1096.596267][T31136] netlink: 186 bytes leftover after parsing attributes in process `syz.4.8871'. [ 1096.619385][T31136] netlink: 186 bytes leftover after parsing attributes in process `syz.4.8871'. [ 1096.666194][T31141] openvswitch: netlink: IP tunnel dst address not specified [ 1097.038411][T31147] [U] [ 1097.358162][T31152] nvme_fabrics: missing parameter 'transport=%s' [ 1097.372082][T31152] nvme_fabrics: missing parameter 'nqn=%s' [ 1097.526610][T31167] ERROR: Out of memory at tomoyo_memory_ok. [ 1099.158208][T31181] netlink: 334 bytes leftover after parsing attributes in process `syz.4.8884'. [ 1099.847941][ C1] vcan0: j1939_tp_rxtimer: 0xffff88802a391400: rx timeout, send abort [ 1099.858576][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805b198000: rx timeout, send abort [ 1099.868715][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802a391400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1099.887383][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805b198000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1102.705503][T31270] netlink: 342 bytes leftover after parsing attributes in process `syz.1.8919'. [ 1103.399420][T31287] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8923'. [ 1103.515346][T31287] veth1_vlan: entered allmulticast mode [ 1105.553332][T31340] netlink: 338 bytes leftover after parsing attributes in process `syz.7.8943'. [ 1105.573029][T31340] bond_slave_0: entered allmulticast mode [ 1105.991205][T31345] FAULT_INJECTION: forcing a failure. [ 1105.991205][T31345] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1106.018783][T31345] CPU: 0 UID: 0 PID: 31345 Comm: syz.6.8944 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1106.018833][T31345] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1106.018843][T31345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1106.018858][T31345] Call Trace: [ 1106.018867][T31345] [ 1106.018877][T31345] dump_stack_lvl+0x100/0x190 [ 1106.018924][T31345] should_fail_ex.cold+0x5/0xa [ 1106.018951][T31345] ? prepare_alloc_pages+0x16d/0x5f0 [ 1106.018997][T31345] should_fail_alloc_page+0xeb/0x140 [ 1106.019039][T31345] prepare_alloc_pages+0x1f0/0x5f0 [ 1106.019076][T31345] ? workingset_test_recent+0x42d/0xe90 [ 1106.019114][T31345] __alloc_frozen_pages_noprof+0x19a/0x2ae0 [ 1106.019151][T31345] ? workingset_test_recent+0x143/0xe90 [ 1106.019188][T31345] ? local_lock_release+0x99/0x130 [ 1106.019233][T31345] ? __lock_acquire+0x4a5/0x2630 [ 1106.019263][T31345] ? mod_memcg_lruvec_state+0x1a6/0x5d0 [ 1106.019312][T31345] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1106.019354][T31345] ? __lock_acquire+0x4a5/0x2630 [ 1106.019396][T31345] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1106.019439][T31345] ? policy_nodemask+0xed/0x4f0 [ 1106.019479][T31345] alloc_pages_mpol+0x1fb/0x550 [ 1106.019519][T31345] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1106.019555][T31345] ? swap_entry_swapped+0x1ff/0x2b0 [ 1106.019592][T31345] ? __pfx_swap_entry_swapped+0x10/0x10 [ 1106.019651][T31345] folio_alloc_mpol_noprof+0x36/0x340 [ 1106.019697][T31345] swap_cache_alloc_folio+0x1a8/0x300 [ 1106.019732][T31345] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 1106.019762][T31345] ? __pfx_get_swap_device+0x10/0x10 [ 1106.019798][T31345] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1106.019841][T31345] read_swap_cache_async+0xd9/0x480 [ 1106.019874][T31345] ? __pfx_read_swap_cache_async+0x10/0x10 [ 1106.019906][T31345] ? find_held_lock+0x2b/0x80 [ 1106.019945][T31345] ? find_held_lock+0x2b/0x80 [ 1106.019980][T31345] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1106.020021][T31345] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1106.020069][T31345] swapin_walk_pmd_entry+0x2fd/0x640 [ 1106.020115][T31345] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1106.020155][T31345] ? tomoyo_path_perm+0x29c/0x460 [ 1106.020196][T31345] ? kasan_save_stack+0x3f/0x50 [ 1106.020227][T31345] ? kasan_save_stack+0x30/0x50 [ 1106.020256][T31345] ? kasan_save_track+0x14/0x30 [ 1106.020288][T31345] ? __kasan_slab_free+0x5f/0x80 [ 1106.020318][T31345] ? kfree+0x1aa/0x670 [ 1106.020341][T31345] ? tomoyo_path_perm+0x29c/0x460 [ 1106.020377][T31345] ? security_file_truncate+0xb5/0x1e0 [ 1106.020422][T31345] ? path_openat+0x1c6e/0x31a0 [ 1106.020457][T31345] ? do_file_open+0x20e/0x430 [ 1106.020495][T31345] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1106.020539][T31345] walk_pgd_range+0xc04/0x1eb0 [ 1106.020596][T31345] ? __pfx_walk_pgd_range+0x10/0x10 [ 1106.020641][T31345] ? set_next_entity+0x11b/0x9c0 [ 1106.020681][T31345] __walk_page_range+0x163/0x820 [ 1106.020720][T31345] ? __lock_acquire+0x4a5/0x2630 [ 1106.020746][T31345] ? find_held_lock+0x2b/0x80 [ 1106.020789][T31345] walk_page_range_vma_unsafe+0x209/0x8f0 [ 1106.020827][T31345] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 1106.020865][T31345] ? finish_task_switch.isra.0+0x200/0xb80 [ 1106.020921][T31345] walk_page_range_vma+0x63/0x90 [ 1106.020961][T31345] madvise_vma_behavior+0x1cbc/0x2ec0 [ 1106.021006][T31345] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 1106.021052][T31345] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1106.021096][T31345] ? mas_prev+0x9b/0xf0 [ 1106.021139][T31345] ? __pfx_mas_prev+0x10/0x10 [ 1106.021193][T31345] ? find_vma_prev+0xd8/0x150 [ 1106.021231][T31345] ? futex_unqueue+0x133/0x2c0 [ 1106.021260][T31345] ? __pfx_find_vma_prev+0x10/0x10 [ 1106.021312][T31345] ? __futex_wait+0x256/0x300 [ 1106.021356][T31345] madvise_walk_vmas+0x2fe/0xa90 [ 1106.021406][T31345] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1106.021460][T31345] madvise_do_behavior+0x1ea/0x510 [ 1106.021507][T31345] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1106.021551][T31345] ? down_read+0x13b/0x460 [ 1106.021597][T31345] do_madvise+0x195/0x240 [ 1106.021645][T31345] ? __pfx_do_madvise+0x10/0x10 [ 1106.021688][T31345] ? do_futex+0x192/0x350 [ 1106.021726][T31345] ? __fget_files+0x21f/0x3d0 [ 1106.021775][T31345] ? xfd_validate_state+0x129/0x190 [ 1106.021821][T31345] __x64_sys_madvise+0xa9/0x110 [ 1106.021864][T31345] ? lockdep_hardirqs_on+0x78/0x100 [ 1106.021905][T31345] do_syscall_64+0x106/0xf80 [ 1106.021944][T31345] ? clear_bhb_loop+0x40/0x90 [ 1106.021981][T31345] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1106.022011][T31345] RIP: 0033:0x7f471c99bf79 [ 1106.022037][T31345] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1106.022064][T31345] RSP: 002b:00007f471d8d8028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1106.022093][T31345] RAX: ffffffffffffffda RBX: 00007f471cc15fa0 RCX: 00007f471c99bf79 [ 1106.022114][T31345] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 1106.022133][T31345] RBP: 00007f471ca327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1106.022151][T31345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1106.022169][T31345] R13: 00007f471cc16038 R14: 00007f471cc15fa0 R15: 00007ffd7b10fde8 [ 1106.022210][T31345] [ 1107.466014][T31350] netlink: 'syz.4.8946': attribute type 17 has an invalid length. [ 1107.504120][T31350] netlink: 326 bytes leftover after parsing attributes in process `syz.4.8946'. [ 1107.836333][T31167] mkiss: ax0: crc mode is auto. [ 1108.960490][T31379] ERROR: Out of memory at tomoyo_memory_ok. [ 1110.907259][T31412] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1110.929185][T31412] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1110.948585][T31412] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1110.982891][T31412] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1112.040291][T31447] netlink: 334 bytes leftover after parsing attributes in process `syz.7.8977'. [ 1112.352730][ T5827] Bluetooth: hci2: command 0x0406 tx timeout [ 1112.412429][T31464] netlink: 330 bytes leftover after parsing attributes in process `syz.4.8982'. [ 1112.978569][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout [ 1112.978585][T25655] Bluetooth: hci4: command 0x0c1a tx timeout [ 1112.984649][ T5827] Bluetooth: hci3: command 0x0c1a tx timeout [ 1113.335216][ T5827] Bluetooth: hci3: unexpected event 0x08 length: 435 > 4 [ 1116.906852][T31583] netlink: 266 bytes leftover after parsing attributes in process `syz.7.9024'. [ 1119.395756][T31379] mkiss: ax0: crc mode is auto. [ 1120.028393][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b0b6400: rx timeout, send abort [ 1120.037188][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b0b4400: rx timeout, send abort [ 1120.046334][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805b0b6400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1120.060859][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805b0b4400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1120.461619][T31640] ERROR: Out of memory at tomoyo_memory_ok. [ 1120.573851][T31646] netlink: 326 bytes leftover after parsing attributes in process `syz.1.9043'. [ 1121.111644][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 1121.118050][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 1121.572554][T31672] FAULT_INJECTION: forcing a failure. [ 1121.572554][T31672] name failslab, interval 1, probability 393216, space 0, times 0 [ 1121.590072][T31672] CPU: 1 UID: 0 PID: 31672 Comm: syz.6.9053 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1121.590123][T31672] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1121.590134][T31672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1121.590160][T31672] Call Trace: [ 1121.590170][T31672] [ 1121.590182][T31672] dump_stack_lvl+0x100/0x190 [ 1121.590226][T31672] should_fail_ex.cold+0x5/0xa [ 1121.590258][T31672] should_failslab+0xc2/0x120 [ 1121.590297][T31672] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1121.590324][T31672] ? drm_edid_alloc+0x8f/0x120 [ 1121.590362][T31672] drm_edid_alloc+0x8f/0x120 [ 1121.590393][T31672] drm_edid_override_set+0x27/0x2c0 [ 1121.590432][T31672] edid_write+0xe3/0x180 [ 1121.590467][T31672] full_proxy_write+0x135/0x1a0 [ 1121.590506][T31672] vfs_write+0x2aa/0x1070 [ 1121.590543][T31672] ? __pfx_full_proxy_write+0x10/0x10 [ 1121.590583][T31672] ? __pfx_vfs_write+0x10/0x10 [ 1121.590616][T31672] ? __fget_files+0x215/0x3d0 [ 1121.590656][T31672] ? __fget_files+0x21f/0x3d0 [ 1121.590696][T31672] ksys_write+0x12a/0x250 [ 1121.590730][T31672] ? __pfx_ksys_write+0x10/0x10 [ 1121.590776][T31672] do_syscall_64+0x106/0xf80 [ 1121.590816][T31672] ? clear_bhb_loop+0x40/0x90 [ 1121.590849][T31672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1121.590875][T31672] RIP: 0033:0x7f471c99bf79 [ 1121.590898][T31672] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1121.590926][T31672] RSP: 002b:00007f471d8d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1121.590955][T31672] RAX: ffffffffffffffda RBX: 00007f471cc15fa0 RCX: 00007f471c99bf79 [ 1121.590975][T31672] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1121.590993][T31672] RBP: 00007f471ca327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1121.591011][T31672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1121.591029][T31672] R13: 00007f471cc16038 R14: 00007f471cc15fa0 R15: 00007ffd7b10fde8 [ 1121.591098][T31672] [ 1122.366071][T31682] lo: entered allmulticast mode [ 1122.414573][T31682] lo: left allmulticast mode [ 1122.541958][T31684] zswap: compressor û not available [ 1122.548171][T31682] Setting dangerous option i915.mitigations - tainting kernel [ 1122.581850][T31688] Setting dangerous option i915.mitigations - tainting kernel [ 1122.654079][T31693] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1126.589002][T31790] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9090'. [ 1128.245482][T31818] FAULT_INJECTION: forcing a failure. [ 1128.245482][T31818] name failslab, interval 1, probability 393216, space 0, times 0 [ 1128.267483][T31818] CPU: 0 UID: 0 PID: 31818 Comm: syz.6.9100 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1128.267532][T31818] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1128.267544][T31818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1128.267570][T31818] Call Trace: [ 1128.267580][T31818] [ 1128.267590][T31818] dump_stack_lvl+0x100/0x190 [ 1128.267621][T31818] should_fail_ex.cold+0x5/0xa [ 1128.267640][T31818] ? snd_midi_event_new+0xa1/0x210 [ 1128.267662][T31818] should_failslab+0xc2/0x120 [ 1128.267685][T31818] __kmalloc_noprof+0xe0/0x850 [ 1128.267707][T31818] snd_midi_event_new+0xa1/0x210 [ 1128.267731][T31818] snd_virmidi_output_open+0x106/0x670 [ 1128.267749][T31818] open_substream+0x480/0x9e0 [ 1128.267769][T31818] rawmidi_open_priv+0x595/0x6f0 [ 1128.267791][T31818] snd_rawmidi_open+0x4c9/0xba0 [ 1128.267815][T31818] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1128.267836][T31818] ? __pfx_default_wake_function+0x10/0x10 [ 1128.267860][T31818] ? kobject_get_unless_zero+0x156/0x200 [ 1128.267886][T31818] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1128.267905][T31818] snd_open+0x22d/0x4c0 [ 1128.267922][T31818] ? __pfx_snd_open+0x10/0x10 [ 1128.267937][T31818] chrdev_open+0x234/0x6a0 [ 1128.267957][T31818] ? __pfx_apparmor_file_open+0x10/0x10 [ 1128.267977][T31818] ? __pfx_chrdev_open+0x10/0x10 [ 1128.267997][T31818] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1128.268022][T31818] do_dentry_open+0x6d8/0x1660 [ 1128.268040][T31818] ? __pfx_chrdev_open+0x10/0x10 [ 1128.268064][T31818] vfs_open+0x82/0x3f0 [ 1128.268089][T31818] path_openat+0x208c/0x31a0 [ 1128.268116][T31818] ? __pfx_path_openat+0x10/0x10 [ 1128.268142][T31818] do_file_open+0x20e/0x430 [ 1128.268163][T31818] ? __pfx_do_file_open+0x10/0x10 [ 1128.268197][T31818] ? alloc_fd+0x476/0x790 [ 1128.268217][T31818] ? do_getname+0x191/0x390 [ 1128.268241][T31818] do_sys_openat2+0x10d/0x1e0 [ 1128.268256][T31818] ? __pfx_do_sys_openat2+0x10/0x10 [ 1128.268280][T31818] ? __fget_files+0x21f/0x3d0 [ 1128.268303][T31818] __x64_sys_openat+0x12d/0x210 [ 1128.268318][T31818] ? __pfx___x64_sys_openat+0x10/0x10 [ 1128.268331][T31818] ? xfd_validate_state+0x129/0x190 [ 1128.268357][T31818] do_syscall_64+0x106/0xf80 [ 1128.268377][T31818] ? clear_bhb_loop+0x40/0x90 [ 1128.268395][T31818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1128.268410][T31818] RIP: 0033:0x7f471c99bf79 [ 1128.268425][T31818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1128.268439][T31818] RSP: 002b:00007f471d8d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1128.268455][T31818] RAX: ffffffffffffffda RBX: 00007f471cc15fa0 RCX: 00007f471c99bf79 [ 1128.268466][T31818] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1128.268476][T31818] RBP: 00007f471ca327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1128.268486][T31818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1128.268495][T31818] R13: 00007f471cc16038 R14: 00007f471cc15fa0 R15: 00007ffd7b10fde8 [ 1128.268517][T31818] [ 1130.425673][T31849] netlink: 86 bytes leftover after parsing attributes in process `syz.6.9109'. [ 1130.531559][T31640] mkiss: ax0: crc mode is auto. [ 1131.649665][T31875] FAULT_INJECTION: forcing a failure. [ 1131.649665][T31875] name failslab, interval 1, probability 393216, space 0, times 0 [ 1131.694917][T31879] ERROR: Out of memory at tomoyo_memory_ok. [ 1131.720379][T31875] CPU: 0 UID: 0 PID: 31875 Comm: syz.4.9119 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1131.720428][T31875] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1131.720440][T31875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1131.720457][T31875] Call Trace: [ 1131.720466][T31875] [ 1131.720479][T31875] dump_stack_lvl+0x100/0x190 [ 1131.720516][T31875] should_fail_ex.cold+0x5/0xa [ 1131.720535][T31875] should_failslab+0xc2/0x120 [ 1131.720557][T31875] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1131.720572][T31875] ? acpi_ds_create_walk_state+0x95/0x300 [ 1131.720599][T31875] acpi_ds_create_walk_state+0x95/0x300 [ 1131.720623][T31875] acpi_ps_execute_method+0x2c1/0xe90 [ 1131.720652][T31875] acpi_ns_evaluate+0x640/0x1670 [ 1131.720672][T31875] acpi_evaluate_object+0x420/0xe00 [ 1131.720691][T31875] ? kasan_save_stack+0x30/0x50 [ 1131.720708][T31875] ? kasan_save_track+0x14/0x30 [ 1131.720729][T31875] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1131.720751][T31875] ? __pfx___might_resched+0x10/0x10 [ 1131.720774][T31875] acpi_evaluate_integer+0xdf/0x220 [ 1131.720793][T31875] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1131.720819][T31875] ? __pfx_status_show+0x10/0x10 [ 1131.720837][T31875] status_show+0xa0/0x120 [ 1131.720856][T31875] ? __pfx_status_show+0x10/0x10 [ 1131.720881][T31875] dev_attr_show+0x52/0xa0 [ 1131.720902][T31875] ? __pfx_dev_attr_show+0x10/0x10 [ 1131.720922][T31875] sysfs_kf_seq_show+0x217/0x3a0 [ 1131.720947][T31875] seq_read_iter+0x32f/0x1270 [ 1131.720974][T31875] kernfs_fop_read_iter+0x46c/0x610 [ 1131.720993][T31875] ? rw_verify_area+0xce/0x6d0 [ 1131.721010][T31875] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 1131.721029][T31875] vfs_read+0x825/0xb30 [ 1131.721049][T31875] ? __pfx_vfs_read+0x10/0x10 [ 1131.721080][T31875] ksys_read+0x12a/0x250 [ 1131.721098][T31875] ? __pfx_ksys_read+0x10/0x10 [ 1131.721122][T31875] do_syscall_64+0x106/0xf80 [ 1131.721143][T31875] ? clear_bhb_loop+0x40/0x90 [ 1131.721162][T31875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1131.721178][T31875] RIP: 0033:0x7f645c59bf79 [ 1131.721274][T31875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1131.721298][T31875] RSP: 002b:00007f645d38e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1131.721314][T31875] RAX: ffffffffffffffda RBX: 00007f645c815fa0 RCX: 00007f645c59bf79 [ 1131.721326][T31875] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000004 [ 1131.721342][T31875] RBP: 00007f645c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1131.721352][T31875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1131.721361][T31875] R13: 00007f645c816038 R14: 00007f645c815fa0 R15: 00007ffe48f60b88 [ 1131.721386][T31875] [ 1132.733098][T31898] lo: entered allmulticast mode [ 1132.753329][T31898] lo: left allmulticast mode [ 1133.525128][T31921] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9135'. [ 1133.537073][T31923] lo: entered allmulticast mode [ 1133.544621][T31921] netlink: 13 bytes leftover after parsing attributes in process `syz.4.9135'. [ 1133.552540][T31923] lo: left allmulticast mode [ 1133.703135][T31923] zswap: compressor û not available [ 1133.709663][T31931] Setting dangerous option i915.mitigations - tainting kernel [ 1133.731736][T31927] Setting dangerous option i915.mitigations - tainting kernel [ 1135.260433][T31974] –õ\­: entered allmulticast mode [ 1135.269319][T31974] –õ\­: left allmulticast mode [ 1135.422730][T31974] zswap: compressor û not available [ 1135.428930][T31980] Setting dangerous option i915.mitigations - tainting kernel [ 1135.442818][T31978] Setting dangerous option i915.mitigations - tainting kernel [ 1135.626564][T31987] lo: entered allmulticast mode [ 1135.633950][T31987] lo: left allmulticast mode [ 1135.846483][T31987] zswap: compressor û not available [ 1135.853756][T31993] Setting dangerous option i915.mitigations - tainting kernel [ 1135.868846][T31995] Setting dangerous option i915.mitigations - tainting kernel [ 1138.715664][T32048] FAULT_INJECTION: forcing a failure. [ 1138.715664][T32048] name failslab, interval 1, probability 393216, space 0, times 0 [ 1138.739414][T32041] zswap: compressor not available [ 1138.770821][T32048] CPU: 1 UID: 0 PID: 32048 Comm: syz.6.9173 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1138.770871][T32048] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1138.770883][T32048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1138.770900][T32048] Call Trace: [ 1138.770910][T32048] [ 1138.770921][T32048] dump_stack_lvl+0x100/0x190 [ 1138.770975][T32048] should_fail_ex.cold+0x5/0xa [ 1138.771010][T32048] should_failslab+0xc2/0x120 [ 1138.771051][T32048] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1138.771084][T32048] ? seq_open+0x55/0x170 [ 1138.771109][T32048] ? rcu_is_watching+0x12/0xc0 [ 1138.771153][T32048] seq_open+0x55/0x170 [ 1138.771181][T32048] __seq_open_private+0x3e/0xd0 [ 1138.771213][T32048] sysvipc_proc_open+0x2b/0x5b0 [ 1138.771258][T32048] ? __pfx_sysvipc_proc_open+0x10/0x10 [ 1138.771306][T32048] proc_reg_open+0x137/0x5f0 [ 1138.771338][T32048] do_dentry_open+0x6d8/0x1660 [ 1138.771375][T32048] ? __pfx_proc_reg_open+0x10/0x10 [ 1138.771412][T32048] vfs_open+0x82/0x3f0 [ 1138.771460][T32048] path_openat+0x208c/0x31a0 [ 1138.771508][T32048] ? __pfx_path_openat+0x10/0x10 [ 1138.771555][T32048] do_file_open+0x20e/0x430 [ 1138.771594][T32048] ? __pfx_do_file_open+0x10/0x10 [ 1138.771654][T32048] ? alloc_fd+0x476/0x790 [ 1138.771694][T32048] ? do_getname+0x191/0x390 [ 1138.771739][T32048] do_sys_openat2+0x10d/0x1e0 [ 1138.771773][T32048] ? __pfx_do_sys_openat2+0x10/0x10 [ 1138.771830][T32048] __x64_sys_openat+0x12d/0x210 [ 1138.771863][T32048] ? __pfx___x64_sys_openat+0x10/0x10 [ 1138.771889][T32048] ? xfd_validate_state+0x129/0x190 [ 1138.771937][T32048] do_syscall_64+0x106/0xf80 [ 1138.771982][T32048] ? clear_bhb_loop+0x40/0x90 [ 1138.772019][T32048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1138.772048][T32048] RIP: 0033:0x7f471c99bf79 [ 1138.772073][T32048] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1138.772101][T32048] RSP: 002b:00007f471d8d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1138.772128][T32048] RAX: ffffffffffffffda RBX: 00007f471cc15fa0 RCX: 00007f471c99bf79 [ 1138.772148][T32048] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1138.772167][T32048] RBP: 00007f471ca327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1138.772184][T32048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1138.772202][T32048] R13: 00007f471cc16038 R14: 00007f471cc15fa0 R15: 00007ffd7b10fde8 [ 1138.772240][T32048] [ 1140.301891][T32058] mkiss: ax1: crc mode is auto. [ 1141.531713][T32085] Process accounting resumed [ 1141.794537][T31879] mkiss: ax0: crc mode is auto. [ 1142.917726][T32110] ERROR: Out of memory at tomoyo_memory_ok. [ 1143.005022][T32117] FAULT_INJECTION: forcing a failure. [ 1143.005022][T32117] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1143.023454][T32117] CPU: 0 UID: 0 PID: 32117 Comm: syz.4.9193 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1143.023510][T32117] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1143.023522][T32117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1143.023539][T32117] Call Trace: [ 1143.023550][T32117] [ 1143.023561][T32117] dump_stack_lvl+0x100/0x190 [ 1143.023606][T32117] should_fail_ex.cold+0x5/0xa [ 1143.023632][T32117] ? prepare_alloc_pages+0x16d/0x5f0 [ 1143.023677][T32117] should_fail_alloc_page+0xeb/0x140 [ 1143.023718][T32117] prepare_alloc_pages+0x1f0/0x5f0 [ 1143.023759][T32117] ? arch_stack_walk+0xa6/0xf0 [ 1143.023804][T32117] __alloc_frozen_pages_noprof+0x19a/0x2ae0 [ 1143.023848][T32117] ? stack_trace_save+0x8e/0xc0 [ 1143.023888][T32117] ? __pfx_stack_trace_save+0x10/0x10 [ 1143.023930][T32117] ? stack_depot_save_flags+0x27/0x9d0 [ 1143.023980][T32117] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1143.024014][T32117] ? kasan_save_stack+0x3f/0x50 [ 1143.024046][T32117] ? kasan_save_stack+0x30/0x50 [ 1143.024079][T32117] ? __kasan_slab_alloc+0x89/0x90 [ 1143.024113][T32117] ? __pmd_alloc+0xbf/0x9c0 [ 1143.024152][T32117] ? move_page_tables+0x3224/0x4500 [ 1143.024181][T32117] ? copy_vma_and_data+0x25c/0x7c0 [ 1143.024210][T32117] ? move_vma+0x51b/0x1890 [ 1143.024237][T32117] ? mremap_to+0x1b7/0x450 [ 1143.024264][T32117] ? do_mremap+0xb76/0x2130 [ 1143.024292][T32117] ? __do_sys_mremap+0x126/0x170 [ 1143.024321][T32117] ? do_syscall_64+0x106/0xf80 [ 1143.024359][T32117] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1143.024404][T32117] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1143.024447][T32117] ? policy_nodemask+0xed/0x4f0 [ 1143.024488][T32117] alloc_pages_mpol+0x1fb/0x550 [ 1143.024537][T32117] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1143.024587][T32117] alloc_pages_noprof+0x131/0x390 [ 1143.024630][T32117] pte_alloc_one+0x1e/0x3e0 [ 1143.024665][T32117] __pte_alloc+0x6d/0x3f0 [ 1143.024703][T32117] ? __pfx___pte_alloc+0x10/0x10 [ 1143.024741][T32117] ? _raw_spin_unlock+0x28/0x50 [ 1143.024778][T32117] ? __pmd_alloc+0x6aa/0x9c0 [ 1143.024823][T32117] move_page_tables+0x257e/0x4500 [ 1143.024857][T32117] ? __pfx_copy_vma+0x10/0x10 [ 1143.024903][T32117] ? __pfx_move_page_tables+0x10/0x10 [ 1143.024963][T32117] copy_vma_and_data+0x25c/0x7c0 [ 1143.024999][T32117] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1143.025047][T32117] ? __vma_start_write+0x17f/0x280 [ 1143.025075][T32117] ? __pfx___vma_start_write+0x10/0x10 [ 1143.025113][T32117] move_vma+0x51b/0x1890 [ 1143.025151][T32117] ? __pfx_move_vma+0x10/0x10 [ 1143.025186][T32117] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 1143.025229][T32117] ? cap_mmap_addr+0x4b/0x120 [ 1143.025261][T32117] ? bpf_lsm_mmap_addr+0x9/0x30 [ 1143.025295][T32117] ? security_mmap_addr+0x71/0x1e0 [ 1143.025340][T32117] ? __get_unmapped_area+0x255/0x3e0 [ 1143.025384][T32117] ? vrm_set_new_addr+0x204/0x290 [ 1143.025418][T32117] mremap_to+0x1b7/0x450 [ 1143.025452][T32117] do_mremap+0xb76/0x2130 [ 1143.025500][T32117] ? __pfx_do_mremap+0x10/0x10 [ 1143.025548][T32117] ? ksys_write+0x190/0x250 [ 1143.025595][T32117] __do_sys_mremap+0x126/0x170 [ 1143.025627][T32117] ? __pfx___do_sys_mremap+0x10/0x10 [ 1143.025658][T32117] ? rcu_is_watching+0x12/0xc0 [ 1143.025695][T32117] ? kfree+0x2a0/0x670 [ 1143.025726][T32117] ? __x64_sys_futex+0x34f/0x4d0 [ 1143.025779][T32117] do_syscall_64+0x106/0xf80 [ 1143.025819][T32117] ? clear_bhb_loop+0x40/0x90 [ 1143.025854][T32117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1143.025884][T32117] RIP: 0033:0x7f645c59bf79 [ 1143.025909][T32117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1143.025938][T32117] RSP: 002b:00007f645a7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1143.025967][T32117] RAX: ffffffffffffffda RBX: 00007f645c816090 RCX: 00007f645c59bf79 [ 1143.025987][T32117] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 1143.026005][T32117] RBP: 00007f645c6327e0 R08: 0000000100000000 R09: 0000000000000000 [ 1143.026024][T32117] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1143.026040][T32117] R13: 00007f645c816128 R14: 00007f645c816090 R15: 00007ffe48f60b88 [ 1143.026080][T32117] [ 1145.014097][T32150] netlink: 330 bytes leftover after parsing attributes in process `syz.6.9204'. [ 1146.946869][T32193] FAULT_INJECTION: forcing a failure. [ 1146.946869][T32193] name failslab, interval 1, probability 393216, space 0, times 0 [ 1146.976048][T32193] CPU: 1 UID: 0 PID: 32193 Comm: syz.7.9217 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1146.976096][T32193] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1146.976107][T32193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1146.976123][T32193] Call Trace: [ 1146.976133][T32193] [ 1146.976145][T32193] dump_stack_lvl+0x100/0x190 [ 1146.976180][T32193] should_fail_ex.cold+0x5/0xa [ 1146.976199][T32193] should_failslab+0xc2/0x120 [ 1146.976222][T32193] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1146.976248][T32193] ? __anon_vma_prepare+0x344/0x5e0 [ 1146.976268][T32193] __anon_vma_prepare+0x344/0x5e0 [ 1146.976283][T32193] ? rcu_read_unlock+0x2d/0xb0 [ 1146.976301][T32193] __vmf_anon_prepare+0x11f/0x250 [ 1146.976324][T32193] do_wp_page+0xe4d/0x4f00 [ 1146.976352][T32193] ? __pfx_do_wp_page+0x10/0x10 [ 1146.976376][T32193] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1146.976400][T32193] __handle_mm_fault+0x1ac8/0x2b60 [ 1146.976421][T32193] ? __pfx___handle_mm_fault+0x10/0x10 [ 1146.976438][T32193] ? pte_offset_map_lock+0x174/0x320 [ 1146.976456][T32193] ? vm_normal_page+0x1b6/0x330 [ 1146.976476][T32193] ? find_held_lock+0x2b/0x80 [ 1146.976503][T32193] ? follow_page_pte+0x5b3/0x1400 [ 1146.976528][T32193] handle_mm_fault+0x36d/0xa20 [ 1146.976547][T32193] __get_user_pages+0xf9c/0x34d0 [ 1146.976575][T32193] ? __pfx___get_user_pages+0x10/0x10 [ 1146.976602][T32193] populate_vma_page_range+0x267/0x3f0 [ 1146.976626][T32193] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1146.976647][T32193] ? __pfx_find_vma_intersection+0x10/0x10 [ 1146.976668][T32193] ? do_mmap+0x93f/0x12f0 [ 1146.976691][T32193] __mm_populate+0x107/0x3a0 [ 1146.976714][T32193] ? __pfx___mm_populate+0x10/0x10 [ 1146.976737][T32193] ? up_write+0x290/0x4f0 [ 1146.976757][T32193] vm_mmap_pgoff+0x37f/0x470 [ 1146.976781][T32193] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1146.976800][T32193] ? __fget_files+0x215/0x3d0 [ 1146.976822][T32193] ? __fget_files+0x21f/0x3d0 [ 1146.976843][T32193] ksys_mmap_pgoff+0x328/0x5b0 [ 1146.976867][T32193] __x64_sys_mmap+0x125/0x190 [ 1146.976889][T32193] do_syscall_64+0x106/0xf80 [ 1146.976911][T32193] ? clear_bhb_loop+0x40/0x90 [ 1146.976934][T32193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1146.976951][T32193] RIP: 0033:0x7f12c9d9bf79 [ 1146.976966][T32193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1146.976981][T32193] RSP: 002b:00007f12cac37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1146.976996][T32193] RAX: ffffffffffffffda RBX: 00007f12ca016090 RCX: 00007f12c9d9bf79 [ 1146.977006][T32193] RDX: 0000000000000003 RSI: 0000000000000009 RDI: 0000000000000000 [ 1146.977015][T32193] RBP: 00007f12c9e327e0 R08: 0000000000000003 R09: 0000000000008000 [ 1146.977025][T32193] R10: 0000000000008012 R11: 0000000000000246 R12: 0000000000000000 [ 1146.977035][T32193] R13: 00007f12ca016128 R14: 00007f12ca016090 R15: 00007ffeb524f948 [ 1146.977055][T32193] [ 1147.907692][T32208] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9222'. [ 1147.959047][T32208] vlan0: left allmulticast mode [ 1147.978780][T32208] veth0_vlan: left allmulticast mode [ 1148.001621][T32208] vlan0: left promiscuous mode [ 1148.022011][T32208] bridge0: port 3(vlan0) entered disabled state [ 1148.081804][T32208] bridge_slave_0: left allmulticast mode [ 1148.116669][T32208] bridge_slave_0: left promiscuous mode [ 1148.146672][T32208] bridge0: port 1(bridge_slave_0) entered disabled state [ 1148.465723][T32211] FAULT_INJECTION: forcing a failure. [ 1148.465723][T32211] name failslab, interval 1, probability 393216, space 0, times 0 [ 1148.499174][T32211] CPU: 1 UID: 0 PID: 32211 Comm: syz.4.9223 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1148.499219][T32211] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1148.499231][T32211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1148.499246][T32211] Call Trace: [ 1148.499255][T32211] [ 1148.499265][T32211] dump_stack_lvl+0x100/0x190 [ 1148.499307][T32211] should_fail_ex.cold+0x5/0xa [ 1148.499342][T32211] should_failslab+0xc2/0x120 [ 1148.499382][T32211] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1148.499410][T32211] ? kvm_uevent_notify_change.part.0+0x2a6/0x450 [ 1148.499454][T32211] kvm_uevent_notify_change.part.0+0x2a6/0x450 [ 1148.499491][T32211] ? __pfx_kvm_vm_release+0x10/0x10 [ 1148.499521][T32211] kvm_put_kvm+0xe4/0xb10 [ 1148.499551][T32211] ? lockdep_hardirqs_on+0x78/0x100 [ 1148.499592][T32211] ? _raw_spin_unlock_irq+0x2e/0x50 [ 1148.499631][T32211] ? __pfx_kvm_vm_release+0x10/0x10 [ 1148.499662][T32211] kvm_vm_release+0x3c/0x50 [ 1148.499690][T32211] __fput+0x3ff/0xb40 [ 1148.499739][T32211] task_work_run+0x150/0x240 [ 1148.499776][T32211] ? __pfx_task_work_run+0x10/0x10 [ 1148.499820][T32211] exit_to_user_mode_loop+0x100/0x4a0 [ 1148.499850][T32211] ? rcu_is_watching+0x12/0xc0 [ 1148.499890][T32211] do_syscall_64+0x668/0xf80 [ 1148.499929][T32211] ? clear_bhb_loop+0x40/0x90 [ 1148.499964][T32211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1148.499993][T32211] RIP: 0033:0x7f645c59bf79 [ 1148.500018][T32211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1148.500056][T32211] RSP: 002b:00007f645d38e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1148.500084][T32211] RAX: 0000000000000000 RBX: 00007f645c815fa0 RCX: 00007f645c59bf79 [ 1148.500103][T32211] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 1148.500120][T32211] RBP: 00007f645c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1148.500139][T32211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1148.500156][T32211] R13: 00007f645c816038 R14: 00007f645c815fa0 R15: 00007ffe48f60b88 [ 1148.500193][T32211] [ 1150.552773][T32261] netlink: 342 bytes leftover after parsing attributes in process `syz.4.9240'. [ 1150.629412][T32256] zswap: compressor not available [ 1150.641271][T32261] netlink: 274 bytes leftover after parsing attributes in process `syz.4.9240'. [ 1150.864229][T32270] smpboot: CPU 1 is now offline [ 1151.002323][T32272] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1152.877169][T32308] smpboot: CPU 1 is now offline [ 1152.968453][T32310] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1153.007126][T32305] ------------[ cut here ]------------ [ 1153.008971][T32305] [ 1153.008978][T32305] ====================================================== [ 1153.008984][T32305] WARNING: possible circular locking dependency detected [ 1153.008992][T32305] syzkaller #0 Tainted: G U L [ 1153.009000][T32305] ------------------------------------------------------ [ 1153.009004][T32305] syz.6.9254/32305 is trying to acquire lock: [ 1153.009012][T32305] ffffffff8e6f35e0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x61/0x80 [ 1153.009055][T32305] [ 1153.009055][T32305] but task is already holding lock: [ 1153.009060][T32305] ffff8880b843b0e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 1153.009094][T32305] [ 1153.009094][T32305] which lock already depends on the new lock. [ 1153.009094][T32305] [ 1153.009099][T32305] [ 1153.009099][T32305] the existing dependency chain (in reverse order) is: [ 1153.009103][T32305] [ 1153.009103][T32305] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 1153.009120][T32305] _raw_spin_lock_nested+0x31/0x40 [ 1153.009138][T32305] raw_spin_rq_lock_nested+0x2c/0x140 [ 1153.009156][T32305] _task_rq_lock+0xcf/0x490 [ 1153.009174][T32305] cgroup_move_task+0x81/0x2b0 [ 1153.009194][T32305] css_set_move_task+0x285/0x600 [ 1153.009213][T32305] cgroup_post_fork+0x202/0x9b0 [ 1153.009231][T32305] copy_process+0x5f26/0x79b0 [ 1153.009244][T32305] kernel_clone+0xfc/0x930 [ 1153.009255][T32305] user_mode_thread+0xcc/0x110 [ 1153.009267][T32305] rest_init+0x21/0x260 [ 1153.009280][T32305] start_kernel+0x47f/0x480 [ 1153.009294][T32305] x86_64_start_reservations+0x24/0x30 [ 1153.009309][T32305] x86_64_start_kernel+0x12b/0x130 [ 1153.009323][T32305] common_startup_64+0x13e/0x148 [ 1153.009343][T32305] [ 1153.009343][T32305] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 1153.009359][T32305] _raw_spin_lock_irqsave+0x3a/0x60 [ 1153.009375][T32305] try_to_wake_up+0xb2/0x1a80 [ 1153.009393][T32305] autoremove_wake_function+0x16/0x150 [ 1153.009421][T32305] __wake_up_common+0x135/0x1f0 [ 1153.009434][T32305] __wake_up+0x31/0x60 [ 1153.009452][T32305] tty_port_default_wakeup+0x47/0x60 [ 1153.009468][T32305] serial8250_tx_chars+0x68f/0x860 [ 1153.009482][T32305] serial8250_handle_irq+0x73e/0xcb0 [ 1153.009497][T32305] serial8250_default_handle_irq+0x9e/0x270 [ 1153.009513][T32305] serial8250_interrupt+0xf8/0x1d0 [ 1153.009529][T32305] __handle_irq_event_percpu+0x232/0x800 [ 1153.009548][T32305] handle_irq_event+0xab/0x1e0 [ 1153.009565][T32305] handle_edge_irq+0x375/0x970 [ 1153.009582][T32305] __common_interrupt+0xd8/0x2f0 [ 1153.009596][T32305] common_interrupt+0x60/0xe0 [ 1153.009609][T32305] asm_common_interrupt+0x26/0x40 [ 1153.009623][T32305] handle_softirqs+0x1ad/0x910 [ 1153.009642][T32305] __irq_exit_rcu+0xef/0x150 [ 1153.009663][T32305] irq_exit_rcu+0x9/0x30 [ 1153.009682][T32305] sysvec_apic_timer_interrupt+0xa3/0xc0 [ 1153.009700][T32305] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1153.009714][T32305] finish_task_switch.isra.0+0x20e/0xb80 [ 1153.009733][T32305] __schedule+0xff6/0x6020 [ 1153.009749][T32305] schedule+0xdd/0x390 [ 1153.009764][T32305] futex_do_wait+0x88/0x180 [ 1153.009779][T32305] __futex_wait+0x1c4/0x300 [ 1153.009794][T32305] futex_wait+0xed/0x380 [ 1153.009809][T32305] do_futex+0x1ef/0x350 [ 1153.009820][T32305] __x64_sys_futex+0x34f/0x4d0 [ 1153.009833][T32305] do_syscall_64+0x106/0xf80 [ 1153.009851][T32305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1153.009864][T32305] [ 1153.009864][T32305] -> #2 (&tty->write_wait){-.-.}-{3:3}: [ 1153.009881][T32305] _raw_spin_lock_irqsave+0x3a/0x60 [ 1153.009897][T32305] __wake_up+0x1c/0x60 [ 1153.009916][T32305] tty_port_default_wakeup+0x47/0x60 [ 1153.009930][T32305] serial8250_tx_chars+0x68f/0x860 [ 1153.009943][T32305] serial8250_handle_irq+0x73e/0xcb0 [ 1153.009958][T32305] serial8250_default_handle_irq+0x9e/0x270 [ 1153.009974][T32305] serial8250_interrupt+0xf8/0x1d0 [ 1153.009991][T32305] __handle_irq_event_percpu+0x232/0x800 [ 1153.010008][T32305] handle_irq_event+0xab/0x1e0 [ 1153.010025][T32305] handle_edge_irq+0x375/0x970 [ 1153.010041][T32305] __common_interrupt+0xd8/0x2f0 [ 1153.010054][T32305] common_interrupt+0xb9/0xe0 [ 1153.010067][T32305] asm_common_interrupt+0x26/0x40 [ 1153.010079][T32305] _raw_spin_unlock_irqrestore+0x31/0x80 [ 1153.010096][T32305] uart_write+0x29d/0xb20 [ 1153.010108][T32305] n_tty_write+0x44f/0x12d0 [ 1153.010124][T32305] file_tty_write.isra.0+0x4d2/0x890 [ 1153.010137][T32305] redirected_tty_write+0xd4/0x120 [ 1153.010149][T32305] vfs_write+0x6ac/0x1070 [ 1153.010165][T32305] ksys_write+0x12a/0x250 [ 1153.010179][T32305] do_syscall_64+0x106/0xf80 [ 1153.010197][T32305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1153.010210][T32305] [ 1153.010210][T32305] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 1153.010226][T32305] _raw_spin_lock_irqsave+0x3a/0x60 [ 1153.010242][T32305] serial8250_console_write+0x17e/0x1900 [ 1153.010258][T32305] console_flush_one_record+0x790/0xe50 [ 1153.010276][T32305] console_unlock+0x103/0x260 [ 1153.010292][T32305] vprintk_emit+0x407/0x6b0 [ 1153.010309][T32305] _printk+0xcf/0x110 [ 1153.010320][T32305] register_console.cold+0xc0/0x248 [ 1153.010333][T32305] univ8250_console_init+0x6f/0x80 [ 1153.010352][T32305] console_init+0x371/0x520 [ 1153.010368][T32305] start_kernel+0x305/0x480 [ 1153.010380][T32305] x86_64_start_reservations+0x24/0x30 [ 1153.010394][T32305] x86_64_start_kernel+0x12b/0x130 [ 1153.010417][T32305] common_startup_64+0x13e/0x148 [ 1153.010436][T32305] [ 1153.010436][T32305] -> #0 (console_owner){-.-.}-{0:0}: [ 1153.010453][T32305] __lock_acquire+0x14b8/0x2630 [ 1153.010466][T32305] lock_acquire+0x17c/0x330 [ 1153.010478][T32305] console_lock_spinning_enable+0x72/0x80 [ 1153.010495][T32305] console_flush_one_record+0x739/0xe50 [ 1153.010513][T32305] console_unlock+0x103/0x260 [ 1153.010529][T32305] vprintk_emit+0x407/0x6b0 [ 1153.010546][T32305] _printk+0xcf/0x110 [ 1153.010557][T32305] __report_bug.cold+0x15/0x137 [ 1153.010574][T32305] report_bug+0xb2/0x220 [ 1153.010590][T32305] handle_bug+0x166/0x2a0 [ 1153.010600][T32305] exc_invalid_op+0x17/0x50 [ 1153.010611][T32305] asm_exc_invalid_op+0x1a/0x20 [ 1153.010623][T32305] update_rq_clock+0x40a/0xd20 [ 1153.010642][T32305] __schedule+0x1b19/0x6020 [ 1153.010660][T32305] schedule+0xdd/0x390 [ 1153.010675][T32305] do_nanosleep+0x206/0x560 [ 1153.010688][T32305] hrtimer_nanosleep+0x156/0x360 [ 1153.010705][T32305] common_nsleep+0xa1/0xd0 [ 1153.010717][T32305] __x64_sys_clock_nanosleep+0x336/0x480 [ 1153.010734][T32305] do_syscall_64+0x106/0xf80 [ 1153.010752][T32305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1153.010765][T32305] [ 1153.010765][T32305] other info that might help us debug this: [ 1153.010765][T32305] [ 1153.010769][T32305] Chain exists of: [ 1153.010769][T32305] console_owner --> &p->pi_lock --> &rq->__lock [ 1153.010769][T32305] [ 1153.010789][T32305] Possible unsafe locking scenario: [ 1153.010789][T32305] [ 1153.010793][T32305] CPU0 CPU1 [ 1153.010797][T32305] ---- ---- [ 1153.010800][T32305] lock(&rq->__lock); [ 1153.010808][T32305] lock(&p->pi_lock); [ 1153.010817][T32305] lock(&rq->__lock); [ 1153.010827][T32305] lock(console_owner); [ 1153.010835][T32305] [ 1153.010835][T32305] *** DEADLOCK *** [ 1153.010835][T32305] [ 1153.010838][T32305] 3 locks held by syz.6.9254/32305: [ 1153.010846][T32305] #0: ffff8880b843b0e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 1153.010882][T32305] #1: ffffffff8e7d3a20 (console_lock){+.+.}-{0:0}, at: _printk+0xcf/0x110 [ 1153.010911][T32305] #2: ffffffff8e7d3a98 (console_srcu){....}-{0:0}, at: console_flush_one_record+0xfd/0xe50 [ 1153.010945][T32305] [ 1153.010945][T32305] stack backtrace: [ 1153.010955][T32305] CPU: 0 UID: 0 PID: 32305 Comm: syz.6.9254 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1153.010977][T32305] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1153.010982][T32305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1153.010992][T32305] Call Trace: [ 1153.010997][T32305] [ 1153.011003][T32305] dump_stack_lvl+0x100/0x190 [ 1153.011021][T32305] print_circular_bug.cold+0x178/0x1c7 [ 1153.011043][T32305] check_noncircular+0x146/0x160 [ 1153.011067][T32305] __lock_acquire+0x14b8/0x2630 [ 1153.011084][T32305] lock_acquire+0x17c/0x330 [ 1153.011097][T32305] ? console_lock_spinning_enable+0x61/0x80 [ 1153.011115][T32305] ? console_lock_spinning_enable+0x4a/0x80 [ 1153.011134][T32305] console_lock_spinning_enable+0x72/0x80 [ 1153.011151][T32305] ? console_lock_spinning_enable+0x61/0x80 [ 1153.011169][T32305] console_flush_one_record+0x739/0xe50 [ 1153.011188][T32305] ? __pfx_console_flush_one_record+0x10/0x10 [ 1153.011209][T32305] ? is_printk_cpu_sync_owner+0x32/0x40 [ 1153.011230][T32305] console_unlock+0x103/0x260 [ 1153.011247][T32305] ? __pfx_console_unlock+0x10/0x10 [ 1153.011265][T32305] ? do_raw_spin_unlock+0x145/0x1e0 [ 1153.011282][T32305] ? _printk+0xcf/0x110 [ 1153.011296][T32305] vprintk_emit+0x407/0x6b0 [ 1153.011313][T32305] ? __pfx_vprintk_emit+0x10/0x10 [ 1153.011331][T32305] ? __lock_acquire+0x4a5/0x2630 [ 1153.011344][T32305] ? __pfx_css_rstat_updated+0x10/0x10 [ 1153.011366][T32305] _printk+0xcf/0x110 [ 1153.011379][T32305] ? __pfx__printk+0x10/0x10 [ 1153.011393][T32305] ? __report_bug.cold+0x5/0x137 [ 1153.011416][T32305] ? __report_bug+0x377/0x3d0 [ 1153.011433][T32305] __report_bug.cold+0x15/0x137 [ 1153.011449][T32305] ? update_rq_clock+0x40a/0xd20 [ 1153.011469][T32305] ? __pfx___report_bug+0x10/0x10 [ 1153.011485][T32305] ? __pfx_css_rstat_updated+0x10/0x10 [ 1153.011505][T32305] ? kvm_sched_clock_read+0x11/0x20 [ 1153.011526][T32305] ? update_rq_clock+0x40a/0xd20 [ 1153.011546][T32305] report_bug+0xb2/0x220 [ 1153.011562][T32305] ? update_rq_clock+0x40a/0xd20 [ 1153.011581][T32305] handle_bug+0x166/0x2a0 [ 1153.011593][T32305] exc_invalid_op+0x17/0x50 [ 1153.011605][T32305] asm_exc_invalid_op+0x1a/0x20 [ 1153.011618][T32305] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 1153.011639][T32305] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d8 7b ac 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 1153.011655][T32305] RSP: 0018:ffffc9000b067a78 EFLAGS: 00010046 [ 1153.011667][T32305] RAX: 0000000000000000 RBX: ffff8880b853b080 RCX: 0000000000000001 [ 1153.011676][T32305] RDX: 0000000000000046 RSI: ffffffff8de4ddbd RDI: ffffffff8c1ad620 [ 1153.011685][T32305] RBP: ffffc9000b067c20 R08: 0000000000000001 R09: 0000000000000001 [ 1153.011694][T32305] R10: ffff88801f3a0080 R11: 00000000000002a8 R12: ffffffff90d928d4 [ 1153.011703][T32305] R13: ffff8880b853bec0 R14: ffff8880277b9e40 R15: ffff8880b853b080 [ 1153.011717][T32305] ? update_rq_clock+0x9c/0xd20 [ 1153.011736][T32305] ? pick_task_fair+0x85/0x350 [ 1153.011756][T32305] __schedule+0x1b19/0x6020 [ 1153.011772][T32305] ? __lock_acquire+0x4a5/0x2630 [ 1153.011790][T32305] ? __pfx___schedule+0x10/0x10 [ 1153.011806][T32305] ? find_held_lock+0x2b/0x80 [ 1153.011824][T32305] ? schedule+0x2bf/0x390 [ 1153.011842][T32305] schedule+0xdd/0x390 [ 1153.011857][T32305] do_nanosleep+0x206/0x560 [ 1153.011873][T32305] ? __pfx_do_nanosleep+0x10/0x10 [ 1153.011888][T32305] ? __asan_memset+0x23/0x50 [ 1153.011901][T32305] ? __hrtimer_setup+0x178/0x280 [ 1153.011917][T32305] hrtimer_nanosleep+0x156/0x360 [ 1153.011934][T32305] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 1153.011952][T32305] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 1153.011967][T32305] ? get_timespec64+0x136/0x1b0 [ 1153.011987][T32305] ? __pfx_get_timespec64+0x10/0x10 [ 1153.012008][T32305] common_nsleep+0xa1/0xd0 [ 1153.012021][T32305] __x64_sys_clock_nanosleep+0x336/0x480 [ 1153.012039][T32305] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 1153.012060][T32305] do_syscall_64+0x106/0xf80 [ 1153.012078][T32305] ? clear_bhb_loop+0x40/0x90 [ 1153.012093][T32305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1153.012107][T32305] RIP: 0033:0x7f471c95c84e [ 1153.012118][T32305] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1153.012132][T32305] RSP: 002b:00007ffd7b10fec8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 [ 1153.012144][T32305] RAX: ffffffffffffffda RBX: 000055558e409500 RCX: 00007f471c95c84e [ 1153.012153][T32305] RDX: 00007ffd7b10ff20 RSI: 0000000000000000 RDI: 0000000000000000 [ 1153.012162][T32305] RBP: 00007f471cc17da0 R08: 0000000000000000 R09: 0000000000000000 [ 1153.012170][T32305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000119a43 [ 1153.012178][T32305] R13: 00007f471cc1618c R14: 00000000001197ae R15: 00007ffd7b110050 [ 1153.012192][T32305] [ 1154.253768][T32305] debug_locks && !(lock_is_held(&(__rq_lockp(rq))->dep_map) != 0) [ 1154.253804][T32305] WARNING: kernel/sched/sched.h:1600 at update_rq_clock+0x40a/0xd20, CPU#0: syz.6.9254/32305 [ 1154.271725][T32305] Modules linked in: [ 1154.275608][T32305] CPU: 0 UID: 0 PID: 32305 Comm: syz.6.9254 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1154.286530][T32305] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1154.291702][T32305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1154.301743][T32305] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 1154.307284][T32305] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d8 7b ac 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 1154.326878][T32305] RSP: 0018:ffffc9000b067a78 EFLAGS: 00010046 [ 1154.332930][T32305] RAX: 0000000000000000 RBX: ffff8880b853b080 RCX: 0000000000000001 [ 1154.340881][T32305] RDX: 0000000000000046 RSI: ffffffff8de4ddbd RDI: ffffffff8c1ad620 [ 1154.348837][T32305] RBP: ffffc9000b067c20 R08: 0000000000000001 R09: 0000000000000001 [ 1154.356792][T32305] R10: ffff88801f3a0080 R11: 00000000000002a8 R12: ffffffff90d928d4 [ 1154.364749][T32305] R13: ffff8880b853bec0 R14: ffff8880277b9e40 R15: ffff8880b853b080 [ 1154.372706][T32305] FS: 000055558e409500(0000) GS:ffff888124392000(0000) knlGS:0000000000000000 [ 1154.381625][T32305] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1154.388196][T32305] CR2: 000020000037a000 CR3: 0000000026cce000 CR4: 00000000003526f0 [ 1154.396168][T32305] Call Trace: [ 1154.399441][T32305] [ 1154.402366][T32305] ? pick_task_fair+0x85/0x350 [ 1154.407139][T32305] __schedule+0x1b19/0x6020 [ 1154.411642][T32305] ? __lock_acquire+0x4a5/0x2630 [ 1154.416575][T32305] ? __pfx___schedule+0x10/0x10 [ 1154.421410][T32305] ? find_held_lock+0x2b/0x80 [ 1154.426075][T32305] ? schedule+0x2bf/0x390 [ 1154.430394][T32305] schedule+0xdd/0x390 [ 1154.434453][T32305] do_nanosleep+0x206/0x560 [ 1154.438944][T32305] ? __pfx_do_nanosleep+0x10/0x10 [ 1154.443951][T32305] ? __asan_memset+0x23/0x50 [ 1154.448525][T32305] ? __hrtimer_setup+0x178/0x280 [ 1154.453452][T32305] hrtimer_nanosleep+0x156/0x360 [ 1154.458382][T32305] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 1154.463828][T32305] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 1154.469014][T32305] ? get_timespec64+0x136/0x1b0 [ 1154.473855][T32305] ? __pfx_get_timespec64+0x10/0x10 [ 1154.479049][T32305] common_nsleep+0xa1/0xd0 [ 1154.483453][T32305] __x64_sys_clock_nanosleep+0x336/0x480 [ 1154.489076][T32305] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 1154.495221][T32305] do_syscall_64+0x106/0xf80 [ 1154.499802][T32305] ? clear_bhb_loop+0x40/0x90 [ 1154.504467][T32305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1154.510344][T32305] RIP: 0033:0x7f471c95c84e [ 1154.514742][T32305] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1154.534332][T32305] RSP: 002b:00007ffd7b10fec8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 [ 1154.542731][T32305] RAX: ffffffffffffffda RBX: 000055558e409500 RCX: 00007f471c95c84e [ 1154.550688][T32305] RDX: 00007ffd7b10ff20 RSI: 0000000000000000 RDI: 0000000000000000 [ 1154.558644][T32305] RBP: 00007f471cc17da0 R08: 0000000000000000 R09: 0000000000000000 [ 1154.566599][T32305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000119a43 [ 1154.574556][T32305] R13: 00007f471cc1618c R14: 00000000001197ae R15: 00007ffd7b110050 [ 1154.582522][T32305] [ 1154.585523][T32305] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1154.592788][T32305] CPU: 0 UID: 0 PID: 32305 Comm: syz.6.9254 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1154.603712][T32305] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1154.608887][T32305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1154.618924][T32305] Call Trace: [ 1154.622190][T32305] [ 1154.625216][T32305] dump_stack_lvl+0x100/0x190 [ 1154.629906][T32305] vpanic+0x552/0x970 [ 1154.633883][T32305] ? __pfx_vpanic+0x10/0x10 [ 1154.638453][T32305] ? lock_release+0x21e/0x2e0 [ 1154.643117][T32305] panic+0xd1/0xe0 [ 1154.646826][T32305] ? __pfx_panic+0x10/0x10 [ 1154.651231][T32305] ? check_panic_on_warn+0x1f/0x90 [ 1154.656336][T32305] check_panic_on_warn.cold+0x19/0x34 [ 1154.661695][T32305] ? update_rq_clock+0x40a/0xd20 [ 1154.666623][T32305] __warn.cold+0x191/0x2f8 [ 1154.671026][T32305] __report_bug+0x296/0x3d0 [ 1154.675520][T32305] ? update_rq_clock+0x40a/0xd20 [ 1154.680448][T32305] ? __pfx___report_bug+0x10/0x10 [ 1154.685461][T32305] ? __pfx_css_rstat_updated+0x10/0x10 [ 1154.690912][T32305] ? kvm_sched_clock_read+0x11/0x20 [ 1154.696106][T32305] ? update_rq_clock+0x40a/0xd20 [ 1154.701033][T32305] report_bug+0xb2/0x220 [ 1154.705264][T32305] ? update_rq_clock+0x40a/0xd20 [ 1154.710192][T32305] handle_bug+0x166/0x2a0 [ 1154.714505][T32305] exc_invalid_op+0x17/0x50 [ 1154.718990][T32305] asm_exc_invalid_op+0x1a/0x20 [ 1154.723824][T32305] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 1154.729358][T32305] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d8 7b ac 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 1154.748953][T32305] RSP: 0018:ffffc9000b067a78 EFLAGS: 00010046 [ 1154.755011][T32305] RAX: 0000000000000000 RBX: ffff8880b853b080 RCX: 0000000000000001 [ 1154.762969][T32305] RDX: 0000000000000046 RSI: ffffffff8de4ddbd RDI: ffffffff8c1ad620 [ 1154.770926][T32305] RBP: ffffc9000b067c20 R08: 0000000000000001 R09: 0000000000000001 [ 1154.778879][T32305] R10: ffff88801f3a0080 R11: 00000000000002a8 R12: ffffffff90d928d4 [ 1154.786837][T32305] R13: ffff8880b853bec0 R14: ffff8880277b9e40 R15: ffff8880b853b080 [ 1154.794804][T32305] ? update_rq_clock+0x9c/0xd20 [ 1154.799649][T32305] ? pick_task_fair+0x85/0x350 [ 1154.804401][T32305] __schedule+0x1b19/0x6020 [ 1154.808892][T32305] ? __lock_acquire+0x4a5/0x2630 [ 1154.813817][T32305] ? __pfx___schedule+0x10/0x10 [ 1154.818656][T32305] ? find_held_lock+0x2b/0x80 [ 1154.823325][T32305] ? schedule+0x2bf/0x390 [ 1154.827642][T32305] schedule+0xdd/0x390 [ 1154.831699][T32305] do_nanosleep+0x206/0x560 [ 1154.836190][T32305] ? __pfx_do_nanosleep+0x10/0x10 [ 1154.841204][T32305] ? __asan_memset+0x23/0x50 [ 1154.845783][T32305] ? __hrtimer_setup+0x178/0x280 [ 1154.850714][T32305] hrtimer_nanosleep+0x156/0x360 [ 1154.855642][T32305] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 1154.861093][T32305] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 1154.866283][T32305] ? get_timespec64+0x136/0x1b0 [ 1154.871126][T32305] ? __pfx_get_timespec64+0x10/0x10 [ 1154.876319][T32305] common_nsleep+0xa1/0xd0 [ 1154.880723][T32305] __x64_sys_clock_nanosleep+0x336/0x480 [ 1154.886347][T32305] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 1154.892493][T32305] do_syscall_64+0x106/0xf80 [ 1154.897072][T32305] ? clear_bhb_loop+0x40/0x90 [ 1154.901732][T32305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1154.907611][T32305] RIP: 0033:0x7f471c95c84e [ 1154.912011][T32305] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1154.931606][T32305] RSP: 002b:00007ffd7b10fec8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 [ 1154.940015][T32305] RAX: ffffffffffffffda RBX: 000055558e409500 RCX: 00007f471c95c84e [ 1154.947982][T32305] RDX: 00007ffd7b10ff20 RSI: 0000000000000000 RDI: 0000000000000000 [ 1154.955938][T32305] RBP: 00007f471cc17da0 R08: 0000000000000000 R09: 0000000000000000 [ 1154.963891][T32305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000119a43 [ 1154.971844][T32305] R13: 00007f471cc1618c R14: 00000000001197ae R15: 00007ffd7b110050 [ 1154.979804][T32305] [ 1154.983031][T32305] Kernel Offset: disabled [ 1154.987346][T32305] Rebooting in 86400 seconds..