last executing test programs: 6m10.976162098s ago: executing program 2 (id=6824): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0xffffffffffffffff, 0x10008000) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) fremovexattr$auto(r0, &(0x7f0000000000)='system.posix_acl_access\x00') r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/oom_adj\x00', 0x8402, 0x0) read$auto(r1, 0x0, 0x3cde) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_open_procfs$namespace(0x0, &(0x7f0000001400)='ns/mnt\x00') 6m10.564963026s ago: executing program 2 (id=6827): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0x1, 0x0, 0x2, 0xd}, 0xacc}, 0x3, 0x10000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0) setfsuid$auto(0xee00) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xf15a}, 0x6, 0x8, 0x5) write$auto(0x3, 0x0, 0xffd8) 6m9.39429129s ago: executing program 2 (id=6833): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4008ae93, 0x0) 6m8.858035257s ago: executing program 2 (id=6835): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(r0, 0x0, 0x400fffd, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x40383d0c, 0x0) 6m5.945543965s ago: executing program 2 (id=6849): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 6m5.202488581s ago: executing program 2 (id=6853): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0x80, 0x0, 0x0) 5m50.073981041s ago: executing program 32 (id=6853): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0x80, 0x0, 0x0) 16.642758244s ago: executing program 1 (id=8419): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) poll$auto(0x0, 0x7f, 0x9) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0xa0900, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xffeb}, 0x1, 0x0, 0x5, 0x7}, 0x8}, 0xffffffff, 0xb00) newfstatat$auto(0xffffffffffffff9c, 0x0, 0x0, 0xf6ff) openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, 0x0, 0x40482, 0x0) shutdown$auto(0x200000003, 0x2) close_range$auto(0x2, 0x8, 0x0) 14.129876868s ago: executing program 1 (id=8428): bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000804) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) read$auto(0x4, 0x0, 0xfdef) 12.500725013s ago: executing program 1 (id=8435): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/cpu0/cache/index3/type\x00', 0x22100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/247, 0xf7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getxattr$auto(&(0x7f00000000c0)='\x00', &(0x7f00000001c0)='--$\'],\x00', 0x0, 0xa7aa) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyt4/power/runtime_suspended_time\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xb8, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40880, 0x0) socket(0x22, 0x2, 0x0) mlockall$auto(0x7) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x105}) 6.420776779s ago: executing program 1 (id=8451): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) write$auto(0x3, 0x0, 0x1000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x800005411, 0x38) syz_genetlink_get_family_id$auto_vdpa(0x0, r0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/ip_tables_names\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000100)=""/60, 0x3c) 5.713804739s ago: executing program 4 (id=8453): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) capset$auto(0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f00000002c0), 0x805aa, 0x0, 0x2e, 0x0, 0x7, 0x80001083}, 0x5}, 0xaf2, 0x100) close_range$auto(0x2, 0x8, 0x0) msgsnd$auto(0x0, &(0x7f0000000040)={0x40000007fc, 0x7}, 0x400, 0x2) r0 = socket(0xa, 0x2, 0x0) r1 = socket(0x2, 0x3, 0x9) close_range$auto(0x2, 0x8000, 0x0) open(0x0, 0xa22c0, 0x155) r2 = socket(0x11, 0x80003, 0x3ff) setsockopt$auto(r2, 0x107, 0xf, 0x0, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x48080}, 0x4004) sendmmsg$auto(r1, &(0x7f0000000080)={{&(0x7f0000000040), 0x9fd, &(0x7f0000000100)={&(0x7f0000000200), 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x1df}, 0x2, 0x5) 4.995884502s ago: executing program 0 (id=8456): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r0 = socket(0x22, 0x2, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x129000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) fstat$auto(r0, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 4.514059398s ago: executing program 0 (id=8457): read$auto(0xffffffffffffffff, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS2(0xffffffffffffffff, 0xc2604111, &(0x7f0000000600)={0x10001, [{[0x4, 0x9, 0x1, 0x80000001, 0x1, 0x1, 0x3, 0x5]}, {[0xffffffff, 0x8, 0xffffffff, 0x200, 0xfffffffa, 0xffff8000, 0x3, 0x2]}, {[0x1334000, 0x1, 0x7, 0x1, 0xcb0, 0x4, 0x5, 0x8]}], [{[0x63, 0x8, 0x9, 0x3, 0x3, 0x2, 0x781, 0x6]}, {[0x3, 0x200, 0x514be123, 0x1, 0x1, 0x7, 0x4, 0x81]}, {[0x5, 0x8001, 0x4, 0x7, 0x5, 0x80, 0x1, 0x9]}, {[0x6124, 0x8, 0x4, 0x800, 0x10001, 0x7, 0x3, 0x7fffffff]}, {[0x6, 0x5, 0x5, 0x104, 0x4, 0x0, 0x3]}], [{0x7f, 0x315e, 0x1, 0x0, 0x1}, {0x35b22e9c, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x2, 0x79e2, 0x1, 0x0, 0x0, 0x1}, {0x400, 0x18, 0x1, 0x0, 0x0, 0x1}, {0x2, 0x3, 0x0, 0x0, 0x1}, {0x9, 0x6, 0x0, 0x0, 0x1, 0x1}, {0xa, 0x0, 0x0, 0x1, 0x0, 0x1}, {0xffffffff, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x3, 0x8, 0x0, 0x1}, {0x1, 0x3, 0x0, 0x1, 0x1, 0x1}, {0x9, 0xfcfa, 0x0, 0x1, 0x1, 0x1}, {0x401, 0x401, 0x0, 0x1, 0x0, 0x1}], [{0x0, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x3}, {0x0, 0x81, 0x0, 0x1, 0x1, 0x1}, {0x1df, 0x3, 0x0, 0x1, 0x1, 0x1}, {0x2, 0x5, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, {0xffff0001, 0x8, 0x1, 0x1, 0x1}, {0x2, 0xdad4, 0x1, 0x0, 0x1}, {0x0, 0x7, 0x0, 0x1, 0x0, 0x1}], 0x101, 0x9, 0x7, 0x2, 0x6, 0x7, 0x1000, "4053c497e8da8420f7601310f6ca3464", "ebd82fd2742103b4779e2c8334ab7ecfd1c4fc6197b76b5cf37ed3776f42a82b829c87af8c19d402cbf98aa045e1f364"}) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0xfffffc96) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b) bpf$auto_BPF_OBJ_GET_INFO_BY_FD(0xf, &(0x7f0000000340)=@test={r0, 0xf, 0x3, 0xb, 0xf65, 0x8000000000000001, 0x7fffffff, 0x3ff, 0x6, 0xfffffffe, 0x8000000000000001, 0x9, 0x80, 0x6, 0xff}, 0x151) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x220000, 0x0) 4.424495329s ago: executing program 4 (id=8458): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x401, r2, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9f, 0x7, 0x8}, 0x9) 3.834015888s ago: executing program 4 (id=8461): mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) socket(0x2, 0x801, 0x106) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535", @raw=0xfffffffe}, 0x1, @integer=@value=[0x6d, 0x7, 0x0, 0xbb, 0x4, 0x80000000, 0x1, 0x7ff, 0x1, 0x400000000009, 0xc4, 0x9, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x4, 0x401, 0x6, 0x0, 0xa0, 0x5, 0x2, 0x3, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb75, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x1, 0xd, 0x1, 0x71, 0x0, 0x8, 0x2, 0x3, 0xffffffffffffffff, 0x2d7, 0x1, 0x1, 0x6, 0x2, 0x800000001, 0x6, 0x7, 0x0, 0x6, 0x4, 0x3, 0x40a, 0xd, 0x3fd, 0x8, 0x7, 0xffff, 0x50ce0883, 0xbd9, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x1, 0x46e, 0xa5cf, 0x8, 0x7, 0xc16b, 0x6, 0x9, 0x6, 0x8000002, 0x8, 0x1, 0x3, 0x3, 0x5, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x8, 0x4, 0x2, 0x2000000003, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x14b, 0x2, 0x45f3, 0x0, 0x0, 0x4, 0x100, 0x8001, 0x0, 0x1, 0x7, 0x9, 0x1, 0x3, 0x0, 0x4, 0x7, 0x6, 0x25e2, 0xc9a, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x7, 0x9, 0xfffffffffffffff8, 0x40], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0xb}}) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x10, 0x2, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0) 3.636663224s ago: executing program 3 (id=8462): mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) r0 = socket(0x11, 0x80003, 0x200300) setsockopt$auto(r0, 0x107, 0x18, 0x0, 0x9) 3.532372591s ago: executing program 1 (id=8463): mmap$auto(0x0, 0x835, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x100001000000032, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0) io_uring_setup$auto(0x7, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) 3.423823052s ago: executing program 0 (id=8464): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vhci_hcd.4/usb17/power/active_duration\x00', 0x208800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/mq/0/nr_tags\x00', 0x20000, 0x0) mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0xff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/admmidi2\x00', 0x1, 0x0) bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=@bpf_attr_7={@start_id=0x7, 0x2, 0x10000, r0}, 0xac) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x6) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/icmp/ratemask\x00', 0xa0202, 0x0) unshare$auto(0x40000080) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/36u\x00', 0x26040, 0x0) close_range$auto(0x2, 0x8, 0x0) 3.194663867s ago: executing program 3 (id=8465): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x4000804) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) unshare$auto(0x4) socket(0x25, 0x1, 0x5) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0xfffffffffffffeee, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x80) 2.897976751s ago: executing program 4 (id=8466): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) close_range$auto(0x0, 0xfffffffffffff000, 0x2) getcwd$auto(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x40000, 0x0) getdents$auto(r0, 0x0, 0x802) 2.249751334s ago: executing program 1 (id=8467): prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) syz_clone(0x8000400, &(0x7f0000000840)="1f7ae026d45c74adaa9af8be5a9bf04d55bb9f8912cd8b55ba629c1f93087838d679ec19ab25bda7c33800eb77af5ae2f9de647892fa149fe4f718156a38f4da8c027960d605e6733b5b06228ccc260f265495f471b6dd8bdbfef3f918f7a6b39c3b9e695b6ff77ba73ad1cce9a8891647140310aec31d6a54611767554081b007bfb560ed361f307b5171669bf1bb905c22eb66939a4870834575dc21fb12ec6f9cdbff02e59809db2000d5bbbc3e7e1d14fed4ee9bfd384e9b054b765c3ddb7b34e52fb81c4b943e21c43de214c9b0c62842c3def76b8b1086c6b28dd71511bf93f4fd216f5ab306f057e0ed53da9ab205001b59f0f450cc2bbe75cc6f0f6e62bc3bb02c9c843575fb18439c37f59d26e08e9fe993b1bb26693348d2d0240a41816dc4b5269c76f6714b2e131fde84477c618c7298933c7af7ee02d86d06988e02f80d7ca04ab3dfb79ace2d51b3b61f92329d6d95745e27a45d6408edf563be3e195dd7f2b972ea673dcbce40fbe34c7e66cfbe215c70e43fabf5599a863b17ad99a59ec45c962dc463cf08e9bcbae6f281a8714637704aadc9c72db48284703bb0259b723f7425aaa3f2d597f42d5db5394625d2fcb2c32726a592a9a86f361eb3b88f16468701de9e982ed63ec608ed8276a8edcecf203d634eca0cf3790fcf19c80a57b13faf868d2434e00791c4d9d9f6d0b3d823d028c433385ee8ae3efbe4f035b9a065b20bfdd644d604e627c2dc014141372d55f1e210430e9ed081d97bd20baf658db590a8b4e0db0bd8d3d9e262578a47c4f98a92c7c6ec43069f3b377499c793143679a6ecd813b76ad0dc3d44bef1839ff4b34fa7113729d23000b907fae2431ff91f62b8fff83b4b1e5dc72b2b634773d58786d1d34679d15c389711f47bc81fa9e52b23a5b37c80197c252b9fb264408d46d9ce07fcc449bd5f5357ad57b972cb50d0569454c3a8d9062f22db78fd1a7219a3bcea7c4a9069fc1e94b61d4da3ec94f40f4e1cbfef83392e617bad809be81945f4d9b0864585be4e70acc81e492091a4ff40859d509bfb35ac6353c735842462af2046cd772e9fd8dcdc69bdb444d0fe80ef77dd06c33dcfd38c33f2ef00b757733282b1801a0df1941d8cd6764e192fc5240dbe65f9c39c5ac9763b76147b43358bf5eccb6bc8d703d2b23d4eb5506b801aa187f60c9f5691658e17603ff4ee725ce88219260b8c69e14227f99a0df6ebdf06d54fb2be9fa29aac9e69882d68358824037dcc8c227d52c8da3de520b69af1b2cac04dbdc50aaa87b8431798e80391ab4b0a821289a1cbea6644f82815061fbbb3e3dbeffdc1ed22b6e01729b5d84489b882e7f264071495ebe882afe472fce55f970fd0cbdcb6128d32e2978a4ea9d557d79c1cdfcd26d744ae5f4be84edd966b6c380766bfb6e43868f6ea58d1b3c20a0d8c4c20d11fa2c7eddf2717374614742a2c67e6feaed81c80dc6a76902a97e7132576f55fead3baf3cd9f5086497049ba6d9d849982eb5cf6b4b268f9d21886ce34138ca6b17bb6eafca1a077169387b1a444bfa8b7abd50d767983a4de0350c5f2f1908b4b06f3ca6b3dcb334861ceaadb030dceab19707ceb7d1d3afa7ed756282e90ab51ff3953fa30e1481093fcd756aeef7a079a8dd3c878e77d8734b86afb85315ed13e9cefbcbd85c01648151ce7bf5747934f895bf747cf263e488ee4e494f6f7a33041b00079e1b5d17fd4d7e0af1e906a5c09c06f0980b8b976b6bbcfa6e2bf587f3237170dbb300126557154c1487f808b18d1f53819f04ba1df29cc", 0x501, 0x0, 0x0, 0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) getsockopt$auto(r1, 0x84, 0x18, 0x0, &(0x7f0000000000)=0x7ffe) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) 2.093751888s ago: executing program 4 (id=8468): unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x101041, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x745500, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x42000, 0x0) io_uring_setup$auto(0x59, 0x0) openat$auto_lsm_ops_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "f99c0301d407000000e50400"}, 0x55) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) sendfile$auto(r1, r1, 0x0, 0x2) ioctl$auto_SNAPSHOT_FREE(r0, 0x3314, 0x0) 1.926649034s ago: executing program 0 (id=8469): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000140)='./file0\x00', 0xaa4c0, 0x40) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) socket(0x2, 0x1, 0x0) socket(0x2, 0x801, 0x106) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x541c, r2) 1.844917091s ago: executing program 3 (id=8470): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) mmap$auto(0x0, 0x2020009, 0x10000000000000a, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, 0x0, 0x40850) io_uring_setup$auto(0x9, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) fcntl$auto(0x8000000000000001, 0x5, 0x8) 1.406579187s ago: executing program 3 (id=8471): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x9) open(&(0x7f0000000000)='./file0\x00', 0x101800, 0x181) pipe2$auto(0x0, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x121940, 0x0) 975.823116ms ago: executing program 0 (id=8472): socket(0x2, 0x5, 0x100) waitid$auto_P_PID(0x1, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x7) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r2, 0x80045439, 0x0) io_uring_setup$auto(0x1, 0x0) r3 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r3, 0x65, 0x7, 0x0, 0x4) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) 975.659893ms ago: executing program 3 (id=8473): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000080), 0x6b) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x18, 0x5, 0x0) socket(0xa, 0x2, 0x73) socket(0x2, 0x80002, 0x73) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) fsconfig$auto(0xffffffffffffffff, 0x2, &(0x7f0000000080)='I\xee\"\xe3\xb7\xcfD\xe5\xb1\x05\x1e#\xff1<\xd9h[e\xdf\xc0M\xa2\x00\v\x97\xb5\xd4\x94\x99u\x9e\xf4O\x1a\xb1\x05\xb8\xcb\x96X\a\xc8\xb7\x97\xc7M\x83\'^\xc9\x9e\xccAsv\xce8sw\v\xac\xcd\xa2B\xf8.\xce\xe6n\xfe\xd6\xc8^W>Rz`C+\x0e\x8c<\xc5\x8f\xe6\x0f\x14\xfa\x9ea4>\xd8O[{\xede\xfd\xbc\xc7\xbd4_\xbc\xc6\x06\xe5h\x9e\xf5/4\xe8\xcfc\x95\xbb~\xd9.\xb3\x84\xb8K\xa7\xca\xda\xc8\x11u\xa1\x1d\x9d\xe1%\xc0m\xf6%1\xba\xe7^\xed0\xdc\x86\xeaG)?p,Up \xe9\b\x14\xaf\xbf\xd9\xc3,\xb8\x17\x10\x9f\x92\x95@),A\xb4\x92Q\x86\xbe\xed=p\x9c\xbd\xba#_]K\xce.\x00\x00\x00\x8eDv\x0fl\xed\x93ey\xf9\x19\xf0\x9d\xf5\xfe\xed\xc7Q\xc0ZJ\xc9*7\xf2\x1a\xa7\xb3\xc6v\v\xe1u\x16:\x15\xefel\xf0\x8c/\xa2\x95\xc1\xacd\xc9\a\xe5\x888F\xaa\xce\x94\xa2:sx\xea\x96\x7f~]\xdbj\xd1#\x94K\xcf\x11l\xe5Z\xec\xa6B\x90\xb6\xa3`\x88\xd4\x87\x17\x8a\x00\x00x\x95#\x83\x99\x00\xc6Z\x1au\x8e\xa7}\xa7\xe9\x83X\xa3\xad\xe2T\xea\xa0\xba\xd7R8T\x8e0h\x8ck4\x15\xf3sh0\xd3\x1e\xedU@\xab\xc0g\xeeT\xc5\x8d\x9b\x188x)\xf0i]\xdcf\xdd\xf9\xffA\"ZQ\x8d\x15\xff\xf3\xb36\x1d\x8e7\xb2d3\xe8\xf4\x1e3\xec\xfe\xbf\xbbo\xbb\xd2Z\x89:\xa2\xc8n8k\xa8\xba\xa5E\x9f\xbe>3,\xcb\xa2\xa7q \xe2P\x8a\xb1Vh\x94$\xe9\xea\x0f!G\xb9\xb3\x11\xe1\xae\tg\xc2?8\x8e8\xce\xbf\x01W\xbc\x8b\xab\xa9\x91j\xcd\xb9`F\x02\'\x05\xb1d\xff\xedB\xa5W(q\xfa\xad\x9be\xbfX\x14\xb9\xf8\x1a\xe9\xed\xe6\x1a', 0x0, 0x0) bind$auto(0x3, &(0x7f0000000080), 0x6b) 650.438154ms ago: executing program 3 (id=8474): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x27) setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 245.590969ms ago: executing program 0 (id=8475): socket(0x2, 0x2, 0x1) setresuid$auto(0x8, 0x8, 0x0) r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x801, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) fsopen$auto(0x0, 0x1) r2 = epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) epoll_ctl$auto(r2, 0x40008, r1, 0x0) 0s ago: executing program 4 (id=8476): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80000, 0x0) unshare$auto(0x40000080) write$auto(0xca, &(0x7f0000000580)='\x04>\x01\x01\x00\x00\x00\x00\x01T\x9eQ\xcc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc7\xa1\x90s\x1d\xfe\x04\b\xacO\x99\x96\xbdf\x05z4~I<@B\x1d]\xbabB\xdc\xff\x03\x00\x00\x00\x00\x00\x00\xa5\xd86\x14\xe5\xfa\x88XCu\x17\xd0\xc58\xa9\xcc\x03I\xff\x13]\xe0\x10\x83hN\x04\xaf\xa8\xfe;$\x81\xb5\'?\xbc\x82\xf6-\xe0\x97\xbe\xba(\xf3\xf4h\x85\xfb\x97\xcd\xb9JS\xf3a\x01\xca\xdb\xb6\xf5\x96\x04\x00\x00\x00\x00\x00\x00\x92\xfc\xe4\xd7\xf4\xaeU\xae\x1aB\xee\xfeTL\xfa\x17Y\xacz\xda\xd4\x9d\xecX@\x1e\x1e\xd2\xc1^\x1d\x80\x10\xca=F\xeb(\x16\xa0B\x1e\xfb\xaa\x87RVdVc:\xb0\x9e\x05\x10\xe1YLP\xe0\xa0\x1d\x8b\x13U\x16\xd9\xde\x8d\xd61\xaef\x9aZ\xecyb\xa4<\x11K\x8dG*\xbb\x06\xb7\x80\xe4\xf8eS\xf4\xd0\x96\x7f\xeaK\xff}O:\x15x\x11\xc1\v\xffW\xeb\xf6\x7f\xd6\xcc\xc8\x99\x92\x8b\x9cg\xf7#\xc8\x0e\x98\xe4\x83\xd0;?\x00\x00\x00\x00\x00\xca_\x05\")7\xdb\xff];oI,\\Y\xd6eL\x90\rb\xe5\xf4\x116O\xd1\x92C\n\x14\xac\x95\xf4m\x92\xb2\xe0\x89O\fdO\x86\x96r\xaa\xcf,\x90\xb0\xcds\x85\xbc\xbc)(\xaa_\x0f\xa6\x8e\x17\x88\xb0\x1c\x15\xbc)\xcc\xcb\xf6\x91\x11\xa9\xe7\xc9 H\xcel\xe9\xcdm/H\x83gJ%I\xd1 q\x92f\xd8f\xa8\x1b\xd7\x1c\x8aMeP\xc1\xfb\xfd\x85\x86\xc4r\xe4!\x06?\x12\xb0:\x88\\)d+\xfa`.\x8e\x8e\x1b\xba1\x13\x10\xd9n\xea0\x11\xc1l\xb10K\r\x13C#tj', 0x7) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x20000004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0) mmap$auto(0x0, 0x3, 0x1000000000001, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c040}, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_ct_limit(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r1, 0x0, 0x4000) socket$nl_generic(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): ][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1038.399624][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1038.456400][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1038.567297][ T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1038.896603][T24852] zswap: compressor not available [ 1039.049292][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1039.090950][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1039.265130][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1039.302368][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1039.396029][T24870] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6988'. [ 1039.470831][T24610] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 1039.842276][T24694] mkiss: ax0: crc mode is auto. [ 1040.561778][T24886] kvm: kvm [24885]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000012) [ 1041.131071][T24893] ERROR: Out of memory at tomoyo_memory_ok. [ 1041.248456][T24899] i2c i2c-0: Invalid 7-bit I2C address 0x00 [ 1043.381023][T24930] zswap: compressor not available [ 1046.516394][T24996] netlink: 314 bytes leftover after parsing attributes in process `syz.0.7029'. [ 1047.830046][T25021] FAULT_INJECTION: forcing a failure. [ 1047.830046][T25021] name failslab, interval 1, probability 0, space 0, times 0 [ 1047.982167][T25021] CPU: 0 UID: 0 PID: 25021 Comm: syz.3.7036 Tainted: G L syzkaller #0 PREEMPT(full) [ 1047.982210][T25021] Tainted: [L]=SOFTLOCKUP [ 1047.982219][T25021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1047.982235][T25021] Call Trace: [ 1047.982245][T25021] [ 1047.982255][T25021] dump_stack_lvl+0x100/0x190 [ 1047.982297][T25021] should_fail_ex.cold+0x5/0xa [ 1047.982327][T25021] should_failslab+0xc2/0x120 [ 1047.982366][T25021] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 1047.982402][T25021] ? __alloc_skb+0x140/0x710 [ 1047.982443][T25021] __alloc_skb+0x140/0x710 [ 1047.982476][T25021] ? __alloc_skb+0x5b7/0x710 [ 1047.982510][T25021] ? __pfx___alloc_skb+0x10/0x10 [ 1047.982553][T25021] ? netlink_has_listeners+0x20f/0x430 [ 1047.982592][T25021] ? netlink_has_listeners+0x20f/0x430 [ 1047.982636][T25021] alloc_uevent_skb+0x7d/0x210 [ 1047.982668][T25021] kobject_uevent_env+0xd2d/0x18b0 [ 1047.982702][T25021] ? bus_to_subsys+0x114/0x150 [ 1047.982745][T25021] device_del+0x605/0x9b0 [ 1047.982780][T25021] ? __pfx_device_del+0x10/0x10 [ 1047.982807][T25021] ? put_device+0x24/0x30 [ 1047.982846][T25021] ? nfc_llcp_local_put.part.0+0x80/0xd0 [ 1047.982884][T25021] ? __pfx_virtual_ncidev_close+0x10/0x10 [ 1047.982924][T25021] nfc_remove_device+0x9d/0xc0 [ 1047.982962][T25021] virtual_ncidev_close+0x4b/0xa0 [ 1047.983000][T25021] __fput+0x3ff/0xb40 [ 1047.983031][T25021] task_work_run+0x150/0x240 [ 1047.983068][T25021] ? __pfx_task_work_run+0x10/0x10 [ 1047.983111][T25021] exit_to_user_mode_loop+0x100/0x4a0 [ 1047.983146][T25021] do_syscall_64+0x668/0xf80 [ 1047.983187][T25021] ? clear_bhb_loop+0x40/0x90 [ 1047.983219][T25021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1047.983246][T25021] RIP: 0033:0x7f3b8ad9c139 [ 1047.983268][T25021] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1047.983293][T25021] RSP: 002b:00007f3b88ff6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1047.983317][T25021] RAX: 0000000000000000 RBX: 00007f3b8b015fa0 RCX: 00007f3b8ad9c139 [ 1047.983334][T25021] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1047.983364][T25021] RBP: 00007f3b8ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1047.983380][T25021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1047.983396][T25021] R13: 00007f3b8b016038 R14: 00007f3b8b015fa0 R15: 00007ffe99276538 [ 1047.983429][T25021] [ 1049.817048][T25042] netlink: 186 bytes leftover after parsing attributes in process `syz.3.7042'. [ 1050.587771][T25050] serio: Serial port pty6 [ 1051.250209][T25057] zswap: compressor û not available [ 1051.793582][T24893] mkiss: ax0: crc mode is auto. [ 1052.992478][T25099] ERROR: Out of memory at tomoyo_memory_ok. [ 1053.350493][T25107] netlink: 252 bytes leftover after parsing attributes in process `syz.4.7060'. [ 1053.406718][T25107] unsupported nla_type 65535 [ 1053.682678][T25114] netlink: 354 bytes leftover after parsing attributes in process `syz.1.7063'. [ 1054.055777][T25113] sd 0:0:1:0: device reset [ 1054.383662][T25134] random: crng reseeded on system resumption [ 1054.533358][T25134] RDS: rds_bind could not find a transport for fe80::736d:2f73:7461:626c, load rds_tcp or rds_rdma? [ 1054.633917][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.640246][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.509945][T25142] serio: Serial port pty6 [ 1057.267404][T25183] netlink: 'syz.4.7079': attribute type 10 has an invalid length. [ 1057.320965][T25183] netlink: 330 bytes leftover after parsing attributes in process `syz.4.7079'. [ 1060.817214][T25251] netlink: 25 bytes leftover after parsing attributes in process `syz.1.7097'. [ 1061.539341][T25268] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7102'. [ 1061.606651][T25268] netlink: 354 bytes leftover after parsing attributes in process `syz.1.7102'. [ 1061.975373][T25273] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7103'. [ 1062.079671][T25275] netlink: 338 bytes leftover after parsing attributes in process `syz.3.7104'. [ 1062.213467][T25276] netlink: 338 bytes leftover after parsing attributes in process `syz.3.7104'. [ 1062.340166][T25275] netlink: 170 bytes leftover after parsing attributes in process `syz.3.7104'. [ 1062.741405][T25288] [U] [ 1062.744260][T25288] [U] [ 1062.747060][T25288] [U] [ 1062.749773][T25288] [U] [ 1062.804956][T25288] [U] [ 1062.807833][T25288] [U] [ 1062.810546][T25288] [U] [ 1062.813258][T25288] [U] [ 1062.871141][T25287] [U] [ 1063.338574][T25295] netlink: 25 bytes leftover after parsing attributes in process `syz.3.7110'. [ 1063.363881][T25290] Process accounting paused [ 1063.458109][T25099] mkiss: ax0: crc mode is auto. [ 1063.624424][T25302] sd 0:0:1:0: PR command failed: 1026 [ 1063.646264][T25302] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1063.694078][T25302] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1064.003206][T25305] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1064.724198][T25316] ERROR: Out of memory at tomoyo_memory_ok. [ 1065.209282][T25321] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1068.141539][T25355] zswap: compressor not available [ 1068.264029][T25364] i2c i2c-0: new_device: Extra parameters [ 1071.066043][T25400] netlink: 290 bytes leftover after parsing attributes in process `syz.1.7145'. [ 1071.445661][T25406] netlink: 248 bytes leftover after parsing attributes in process `syz.4.7148'. [ 1074.279588][T25455] netlink: 'syz.1.7167': attribute type 1 has an invalid length. [ 1074.318956][T25455] netlink: 306 bytes leftover after parsing attributes in process `syz.1.7167'. [ 1074.943928][T25316] mkiss: ax0: crc mode is auto. [ 1075.019705][T25470] netlink: 346 bytes leftover after parsing attributes in process `syz.3.7173'. [ 1075.343025][T25476] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1075.363776][T25476] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1075.378630][T25476] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1075.407639][T25476] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1075.429541][T25476] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1075.459480][T25476] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1076.123413][T25494] ERROR: Out of memory at tomoyo_memory_ok. [ 1077.357617][T22058] Bluetooth: hci0: command 0x0406 tx timeout [ 1077.435951][T22058] Bluetooth: hci4: command 0x0c1a tx timeout [ 1077.442189][ T5822] Bluetooth: hci1: command 0x0406 tx timeout [ 1077.448736][ T5822] Bluetooth: hci3: command 0x0406 tx timeout [ 1078.728394][T25527] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1078.838767][T25527] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1078.895461][T25527] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1078.949919][T25527] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1079.500312][T25521] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 1079.995095][T25521] Bluetooth: hci0: command 0x0406 tx timeout [ 1080.004205][T25565] FAULT_INJECTION: forcing a failure. [ 1080.004205][T25565] name failslab, interval 1, probability 0, space 0, times 0 [ 1080.055609][T25565] CPU: 0 UID: 0 PID: 25565 Comm: syz.4.7208 Tainted: G L syzkaller #0 PREEMPT(full) [ 1080.055658][T25565] Tainted: [L]=SOFTLOCKUP [ 1080.055668][T25565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1080.055685][T25565] Call Trace: [ 1080.055693][T25565] [ 1080.055703][T25565] dump_stack_lvl+0x100/0x190 [ 1080.055745][T25565] should_fail_ex.cold+0x5/0xa [ 1080.055780][T25565] should_failslab+0xc2/0x120 [ 1080.055821][T25565] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1080.055858][T25565] ? v9fs_init_fs_context+0x133/0x590 [ 1080.055894][T25565] kstrdup+0x51/0xe0 [ 1080.055930][T25565] v9fs_init_fs_context+0x133/0x590 [ 1080.055965][T25565] alloc_fs_context+0x60c/0xf40 [ 1080.056012][T25565] __x64_sys_fsopen+0xed/0x220 [ 1080.056041][T25565] do_syscall_64+0x106/0xf80 [ 1080.056079][T25565] ? clear_bhb_loop+0x40/0x90 [ 1080.056110][T25565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1080.056136][T25565] RIP: 0033:0x7fe61479c139 [ 1080.056158][T25565] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1080.056182][T25565] RSP: 002b:00007fe615684028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 1080.056207][T25565] RAX: ffffffffffffffda RBX: 00007fe614a15fa0 RCX: 00007fe61479c139 [ 1080.056224][T25565] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1080.056239][T25565] RBP: 00007fe6148327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1080.056255][T25565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1080.056270][T25565] R13: 00007fe614a16038 R14: 00007fe614a15fa0 R15: 00007ffe70193588 [ 1080.056302][T25565] [ 1080.875751][T25521] Bluetooth: hci3: command 0x0406 tx timeout [ 1080.959282][T25521] Bluetooth: hci4: command 0x0c1a tx timeout [ 1080.970231][ T5829] Bluetooth: hci1: command 0x0406 tx timeout [ 1083.036459][T25521] Bluetooth: hci4: command 0x0c1a tx timeout [ 1083.532053][T25618] sp0: Synchronizing with TNC [ 1084.954801][T25650] mkiss: ax1: crc mode is auto. [ 1085.760522][T25664] sp0: Synchronizing with TNC [ 1086.381027][T25494] mkiss: ax0: crc mode is auto. [ 1087.536903][T25683] ERROR: Out of memory at tomoyo_memory_ok. [ 1087.688903][T25687] sp0: Synchronizing with TNC [ 1088.534360][T25706] netlink: 326 bytes leftover after parsing attributes in process `syz.0.7255'. [ 1088.572739][T25699] mkiss: ax1: crc mode is auto. [ 1088.652047][T25709] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7257'. [ 1089.003694][T25717] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7259'. [ 1089.117302][T25721] netlink: 342 bytes leftover after parsing attributes in process `syz.1.7261'. [ 1089.187741][T25721] netlink: 342 bytes leftover after parsing attributes in process `syz.1.7261'. [ 1089.239148][T25721] netlink: 34 bytes leftover after parsing attributes in process `syz.1.7261'. [ 1089.544015][T25728] FAULT_INJECTION: forcing a failure. [ 1089.544015][T25728] name failslab, interval 1, probability 0, space 0, times 0 [ 1089.599958][T25728] CPU: 0 UID: 0 PID: 25728 Comm: syz.1.7264 Tainted: G L syzkaller #0 PREEMPT(full) [ 1089.600006][T25728] Tainted: [L]=SOFTLOCKUP [ 1089.600015][T25728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1089.600032][T25728] Call Trace: [ 1089.600040][T25728] [ 1089.600050][T25728] dump_stack_lvl+0x100/0x190 [ 1089.600093][T25728] should_fail_ex.cold+0x5/0xa [ 1089.600123][T25728] should_failslab+0xc2/0x120 [ 1089.600162][T25728] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1089.600197][T25728] ? __d_alloc+0x34/0xa80 [ 1089.600236][T25728] ? make_vfsgid+0xf1/0x140 [ 1089.600269][T25728] __d_alloc+0x34/0xa80 [ 1089.600307][T25728] ? bpf_lsm_inode_permission+0x9/0x10 [ 1089.600343][T25728] d_alloc+0x4a/0x1e0 [ 1089.600384][T25728] vfs_tmpfile+0x148/0x9a0 [ 1089.600429][T25728] path_openat+0x164e/0x31a0 [ 1089.600466][T25728] ? kasan_save_stack+0x3f/0x50 [ 1089.600500][T25728] ? kasan_save_stack+0x30/0x50 [ 1089.600532][T25728] ? __kasan_slab_alloc+0x89/0x90 [ 1089.600568][T25728] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1089.600600][T25728] ? do_getname+0x35/0x390 [ 1089.600626][T25728] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1089.600656][T25728] ? __pfx_path_openat+0x10/0x10 [ 1089.600705][T25728] do_file_open+0x20e/0x430 [ 1089.600745][T25728] ? __pfx_do_file_open+0x10/0x10 [ 1089.600804][T25728] ? _raw_spin_unlock+0x28/0x50 [ 1089.600838][T25728] ? alloc_fd+0x476/0x790 [ 1089.600882][T25728] do_sys_openat2+0x10d/0x1e0 [ 1089.600911][T25728] ? __pfx_do_sys_openat2+0x10/0x10 [ 1089.600941][T25728] ? __fget_files+0x21f/0x3d0 [ 1089.600990][T25728] __x64_sys_open+0xfe/0x1d0 [ 1089.601019][T25728] ? __pfx___x64_sys_open+0x10/0x10 [ 1089.601059][T25728] do_syscall_64+0x106/0xf80 [ 1089.601097][T25728] ? clear_bhb_loop+0x40/0x90 [ 1089.601128][T25728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1089.601154][T25728] RIP: 0033:0x7f700099c139 [ 1089.601175][T25728] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1089.601199][T25728] RSP: 002b:00007f7001930028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 1089.601223][T25728] RAX: ffffffffffffffda RBX: 00007f7000c15fa0 RCX: 00007f700099c139 [ 1089.601240][T25728] RDX: 0000000000000408 RSI: 0000000000591002 RDI: 0000200000000100 [ 1089.601256][T25728] RBP: 00007f7000a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1089.601272][T25728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1089.601287][T25728] R13: 00007f7000c16038 R14: 00007f7000c15fa0 R15: 00007ffdd5d058e8 [ 1089.601320][T25728] [ 1092.837632][T25779] random: crng reseeded on system resumption [ 1093.311808][T25783] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7282'. [ 1093.747497][T25791] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1093.943759][T25791] Process accounting resumed [ 1095.000158][T25820] netlink: 342 bytes leftover after parsing attributes in process `syz.1.7295'. [ 1095.054293][T25820] netlink: 214 bytes leftover after parsing attributes in process `syz.1.7295'. [ 1095.721488][ T29] audit: type=1800 audit(4294980106.201:29): pid=25833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.7300" name="dbroot" dev="configfs" ino=100901 res=0 errno=0 [ 1096.053131][T25839] random: crng reseeded on system resumption [ 1096.708735][T25850] netlink: 330 bytes leftover after parsing attributes in process `syz.0.7306'. [ 1096.757143][T25850] –õ\­: renamed from lo [ 1097.111061][T25521] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 1097.673181][T25683] mkiss: ax0: crc mode is auto. [ 1097.991094][T25870] netlink: 'syz.0.7314': attribute type 1 has an invalid length. [ 1098.022695][T25870] netlink: 'syz.0.7314': attribute type 6 has an invalid length. [ 1098.703976][T25885] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7320'. [ 1098.753428][T25885] netlink: 13 bytes leftover after parsing attributes in process `syz.4.7320'. [ 1098.769239][T25887] netlink: 'syz.0.7321': attribute type 5 has an invalid length. [ 1098.793489][T25887] netlink: 314 bytes leftover after parsing attributes in process `syz.0.7321'. [ 1098.859827][T25888] ERROR: Out of memory at tomoyo_memory_ok. [ 1099.055640][T25892] netlink: 146 bytes leftover after parsing attributes in process `syz.0.7323'. [ 1099.893259][T25903] sp0: Synchronizing with TNC [ 1100.264590][T25914] netlink: 'syz.3.7330': attribute type 33 has an invalid length. [ 1100.292906][T25914] netlink: 322 bytes leftover after parsing attributes in process `syz.3.7330'. [ 1102.044784][T25907] kexec: Could not allocate control_code_buffer [ 1102.394446][T25946] netlink: 'syz.1.7339': attribute type 1 has an invalid length. [ 1102.425256][T25946] netlink: 306 bytes leftover after parsing attributes in process `syz.1.7339'. [ 1102.489227][T25946] netlink: 'syz.1.7339': attribute type 1 has an invalid length. [ 1102.532348][T25946] netlink: 306 bytes leftover after parsing attributes in process `syz.1.7339'. [ 1102.842138][T25957] mkiss: ax1: crc mode is auto. [ 1103.501414][T25973] random: crng reseeded on system resumption [ 1105.419074][T26001] netlink: 54 bytes leftover after parsing attributes in process `syz.1.7357'. [ 1106.595784][T26018] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7363'. [ 1107.285466][T26031] FAULT_INJECTION: forcing a failure. [ 1107.285466][T26031] name failslab, interval 1, probability 0, space 0, times 0 [ 1107.367536][T26031] CPU: 0 UID: 0 PID: 26031 Comm: syz.3.7369 Tainted: G L syzkaller #0 PREEMPT(full) [ 1107.367578][T26031] Tainted: [L]=SOFTLOCKUP [ 1107.367588][T26031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1107.367626][T26031] Call Trace: [ 1107.367634][T26031] [ 1107.367645][T26031] dump_stack_lvl+0x100/0x190 [ 1107.367688][T26031] should_fail_ex.cold+0x5/0xa [ 1107.367717][T26031] should_failslab+0xc2/0x120 [ 1107.367772][T26031] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1107.367801][T26031] ? tomoyo_init_log+0x1a0/0x20c0 [ 1107.367846][T26031] tomoyo_init_log+0x1a0/0x20c0 [ 1107.367885][T26031] ? __pfx_format_decode+0x10/0x10 [ 1107.367920][T26031] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1107.367967][T26031] ? __pfx_tomoyo_init_log+0x10/0x10 [ 1107.368014][T26031] tomoyo_write_log2+0x2ed/0xbc0 [ 1107.368058][T26031] tomoyo_supervisor+0x15e/0x1340 [ 1107.368090][T26031] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 1107.368130][T26031] ? kasan_quarantine_put+0x104/0x240 [ 1107.368168][T26031] ? tomoyo_check_path_acl+0x141/0x210 [ 1107.368202][T26031] ? tomoyo_check_acl+0x1f7/0x410 [ 1107.368236][T26031] tomoyo_path_permission+0x270/0x3b0 [ 1107.368273][T26031] tomoyo_check_open_permission+0x34d/0x3c0 [ 1107.368313][T26031] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1107.368378][T26031] ? do_raw_spin_lock+0x128/0x260 [ 1107.368415][T26031] ? path_get+0x61/0x80 [ 1107.368459][T26031] tomoyo_file_open+0x6b/0x90 [ 1107.368493][T26031] security_file_open+0xb5/0x1e0 [ 1107.368537][T26031] do_dentry_open+0x5aa/0x1660 [ 1107.368577][T26031] ? security_inode_permission+0xbf/0x250 [ 1107.368616][T26031] vfs_open+0x82/0x3f0 [ 1107.368647][T26031] path_openat+0x208c/0x31a0 [ 1107.368695][T26031] ? __pfx_path_openat+0x10/0x10 [ 1107.368744][T26031] do_file_open+0x20e/0x430 [ 1107.368784][T26031] ? __pfx_do_file_open+0x10/0x10 [ 1107.368844][T26031] ? alloc_fd+0x476/0x790 [ 1107.368883][T26031] ? do_getname+0x191/0x390 [ 1107.368912][T26031] do_sys_openat2+0x10d/0x1e0 [ 1107.368940][T26031] ? __pfx_do_sys_openat2+0x10/0x10 [ 1107.368969][T26031] ? find_held_lock+0x2b/0x80 [ 1107.369007][T26031] ? __fget_files+0x215/0x3d0 [ 1107.369049][T26031] __x64_sys_openat+0x12d/0x210 [ 1107.369079][T26031] ? __pfx___x64_sys_openat+0x10/0x10 [ 1107.369119][T26031] do_syscall_64+0x106/0xf80 [ 1107.369157][T26031] ? clear_bhb_loop+0x40/0x90 [ 1107.369188][T26031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1107.369215][T26031] RIP: 0033:0x7f3b8ad9c139 [ 1107.369236][T26031] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1107.369262][T26031] RSP: 002b:00007f3b88ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1107.369286][T26031] RAX: ffffffffffffffda RBX: 00007f3b8b015fa0 RCX: 00007f3b8ad9c139 [ 1107.369304][T26031] RDX: 0000000000000801 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1107.369321][T26031] RBP: 00007f3b8ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1107.369337][T26031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1107.369353][T26031] R13: 00007f3b8b016038 R14: 00007f3b8b015fa0 R15: 00007ffe99276538 [ 1107.369385][T26031] [ 1110.233990][ C0] vcan0: j1939_tp_rxtimer: 0xffff888048bf2000: rx timeout, send abort [ 1110.244608][ C0] vcan0: j1939_tp_rxtimer: 0xffff888048bf1c00: rx timeout, send abort [ 1110.253384][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888048bf2000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1110.270553][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888048bf1c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1110.341299][T25888] mkiss: ax0: crc mode is auto. [ 1111.568595][T26059] ERROR: Out of memory at tomoyo_memory_ok. [ 1111.739226][T26064] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7380'. [ 1112.863162][T26082] netlink: 266 bytes leftover after parsing attributes in process `syz.4.7386'. [ 1112.919516][T26082] IPv6: NLM_F_CREATE should be specified when creating new route [ 1113.592857][T26079] FAULT_INJECTION: forcing a failure. [ 1113.592857][T26079] name failslab, interval 1, probability 0, space 0, times 0 [ 1113.807876][T26079] CPU: 0 UID: 0 PID: 26079 Comm: syz.3.7384 Tainted: G L syzkaller #0 PREEMPT(full) [ 1113.807917][T26079] Tainted: [L]=SOFTLOCKUP [ 1113.807927][T26079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1113.807944][T26079] Call Trace: [ 1113.807952][T26079] [ 1113.807962][T26079] dump_stack_lvl+0x100/0x190 [ 1113.808009][T26079] should_fail_ex.cold+0x5/0xa [ 1113.808039][T26079] should_failslab+0xc2/0x120 [ 1113.808078][T26079] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1113.808106][T26079] ? allocate_file_region_entries+0x1a0/0x620 [ 1113.808147][T26079] allocate_file_region_entries+0x1a0/0x620 [ 1113.808193][T26079] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 1113.808238][T26079] region_chg+0x85/0x140 [ 1113.808271][T26079] __vma_reservation_common+0x376/0x720 [ 1113.808309][T26079] ? __pfx___vma_reservation_common+0x10/0x10 [ 1113.808344][T26079] ? filemap_get_entry+0x1a7/0x3b0 [ 1113.808388][T26079] alloc_hugetlb_folio+0x6de/0x1590 [ 1113.808435][T26079] ? __pfx_alloc_hugetlb_folio+0x10/0x10 [ 1113.808480][T26079] ? __filemap_get_folio_mpol+0x3ba/0xe70 [ 1113.808524][T26079] hugetlb_no_page+0xfe7/0x1b30 [ 1113.808560][T26079] hugetlb_fault+0x5df/0x1500 [ 1113.808591][T26079] ? __pfx_hugetlb_fault+0x10/0x10 [ 1113.808635][T26079] ? find_vma+0xbf/0x140 [ 1113.808671][T26079] ? __pfx_find_vma+0x10/0x10 [ 1113.808711][T26079] handle_mm_fault+0x5f1/0xa20 [ 1113.808747][T26079] do_user_addr_fault+0x74c/0x12f0 [ 1113.808797][T26079] exc_page_fault+0x6f/0xd0 [ 1113.808836][T26079] asm_exc_page_fault+0x26/0x30 [ 1113.808862][T26079] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 1113.808892][T26079] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 1113.808917][T26079] RSP: 0018:ffffc90003897a20 EFLAGS: 00050246 [ 1113.808938][T26079] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008 [ 1113.808954][T26079] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90003897c68 [ 1113.808970][T26079] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff52000712f8d [ 1113.808986][T26079] R10: ffffc90003897c6f R11: 0000000000000000 R12: 0000000000000000 [ 1113.809002][T26079] R13: ffffc90003897c68 R14: 0000000000000000 R15: 1ffff92000712f59 [ 1113.809050][T26079] _copy_from_user+0x98/0xd0 [ 1113.809087][T26079] sctp_getsockopt+0x96b/0x7080 [ 1113.809119][T26079] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 1113.809159][T26079] ? futex_unqueue+0x13d/0x2c0 [ 1113.809193][T26079] ? __pfx_sctp_getsockopt+0x10/0x10 [ 1113.809221][T26079] ? __futex_wait+0x256/0x300 [ 1113.809260][T26079] ? __pfx___futex_wait+0x10/0x10 [ 1113.809294][T26079] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1113.809341][T26079] ? __lock_acquire+0x4a5/0x2630 [ 1113.809373][T26079] ? find_held_lock+0x2b/0x80 [ 1113.809416][T26079] ? aa_sk_perm+0x2de/0xb40 [ 1113.809473][T26079] ? __might_fault+0xc5/0x140 [ 1113.809517][T26079] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 1113.809551][T26079] do_sock_getsockopt+0x259/0x3d0 [ 1113.809580][T26079] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 1113.809622][T26079] __sys_getsockopt+0x133/0x1d0 [ 1113.809668][T26079] ? __x64_sys_getsockopt+0xbd/0x160 [ 1113.809704][T26079] __x64_sys_getsockopt+0xbd/0x160 [ 1113.809740][T26079] ? do_syscall_64+0x95/0xf80 [ 1113.809777][T26079] ? lockdep_hardirqs_on+0x78/0x100 [ 1113.809815][T26079] do_syscall_64+0x106/0xf80 [ 1113.809852][T26079] ? clear_bhb_loop+0x40/0x90 [ 1113.809883][T26079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1113.809910][T26079] RIP: 0033:0x7f3b8ad9c139 [ 1113.809930][T26079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1113.809956][T26079] RSP: 002b:00007f3b88fd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 1113.809980][T26079] RAX: ffffffffffffffda RBX: 00007f3b8b016090 RCX: 00007f3b8ad9c139 [ 1113.809998][T26079] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003 [ 1113.810014][T26079] RBP: 00007f3b8ae327e0 R08: 0000200000000280 R09: 0000000000000000 [ 1113.810031][T26079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1113.810046][T26079] R13: 00007f3b8b016128 R14: 00007f3b8b016090 R15: 00007ffe99276538 [ 1113.810080][T26079] [ 1114.430773][T26088] kexec: Could not allocate control_code_buffer [ 1115.047411][T26099] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7391'. [ 1116.005342][T26103] netlink: 146 bytes leftover after parsing attributes in process `syz.1.7393'. [ 1116.108458][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.124895][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.964007][T26106] zswap: compressor  not available [ 1117.621959][T26133] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7401'. [ 1117.703182][T26133] veth1_vlan: entered allmulticast mode [ 1118.177130][T26136] FAULT_INJECTION: forcing a failure. [ 1118.177130][T26136] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1118.268152][T26136] CPU: 0 UID: 0 PID: 26136 Comm: syz.1.7404 Tainted: G L syzkaller #0 PREEMPT(full) [ 1118.268191][T26136] Tainted: [L]=SOFTLOCKUP [ 1118.268200][T26136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1118.268216][T26136] Call Trace: [ 1118.268225][T26136] [ 1118.268235][T26136] dump_stack_lvl+0x100/0x190 [ 1118.268277][T26136] should_fail_ex.cold+0x5/0xa [ 1118.268302][T26136] ? prepare_alloc_pages+0x16d/0x5f0 [ 1118.268346][T26136] should_fail_alloc_page+0xeb/0x140 [ 1118.268388][T26136] prepare_alloc_pages+0x1f0/0x5f0 [ 1118.268434][T26136] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1118.268475][T26136] ? __pfx_folios_put_refs+0x10/0x10 [ 1118.268514][T26136] ? mark_held_locks+0x40/0x70 [ 1118.268552][T26136] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1118.268590][T26136] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1118.268633][T26136] ? __lock_acquire+0x4a5/0x2630 [ 1118.268674][T26136] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1118.268716][T26136] ? policy_nodemask+0xed/0x4f0 [ 1118.268757][T26136] alloc_pages_mpol+0x1fb/0x550 [ 1118.268798][T26136] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1118.268838][T26136] ? swap_entry_swapped+0x1ff/0x2b0 [ 1118.268876][T26136] ? __pfx_swap_entry_swapped+0x10/0x10 [ 1118.268918][T26136] folio_alloc_mpol_noprof+0x36/0x340 [ 1118.268946][T26136] swap_cache_alloc_folio+0x1a8/0x300 [ 1118.268980][T26136] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 1118.269011][T26136] ? __pfx_get_swap_device+0x10/0x10 [ 1118.269048][T26136] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1118.269090][T26136] read_swap_cache_async+0xd9/0x480 [ 1118.269127][T26136] ? __pfx_read_swap_cache_async+0x10/0x10 [ 1118.269159][T26136] ? find_held_lock+0x2b/0x80 [ 1118.269198][T26136] ? find_held_lock+0x2b/0x80 [ 1118.269236][T26136] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1118.269278][T26136] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 1118.269325][T26136] swapin_walk_pmd_entry+0x2fd/0x640 [ 1118.269374][T26136] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1118.269423][T26136] ? debug_object_activate+0x331/0x490 [ 1118.269456][T26136] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 1118.269500][T26136] walk_pgd_range+0xc04/0x1eb0 [ 1118.269562][T26136] ? __pfx_walk_pgd_range+0x10/0x10 [ 1118.269599][T26136] ? set_next_entity+0x11b/0x9c0 [ 1118.269637][T26136] __walk_page_range+0x163/0x820 [ 1118.269673][T26136] ? __lock_acquire+0x4a5/0x2630 [ 1118.269703][T26136] ? find_held_lock+0x2b/0x80 [ 1118.269751][T26136] walk_page_range_vma_unsafe+0x209/0x8f0 [ 1118.269792][T26136] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 1118.269830][T26136] ? finish_task_switch.isra.0+0x200/0xb80 [ 1118.269878][T26136] walk_page_range_vma+0x63/0x90 [ 1118.269916][T26136] madvise_vma_behavior+0x1cbc/0x2ec0 [ 1118.269949][T26136] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 1118.269990][T26136] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1118.270016][T26136] ? mas_prev+0x9b/0xf0 [ 1118.270039][T26136] ? __pfx_mas_prev+0x10/0x10 [ 1118.270069][T26136] ? find_vma_prev+0xd8/0x150 [ 1118.270107][T26136] ? futex_unqueue+0x133/0x2c0 [ 1118.270136][T26136] ? __pfx_find_vma_prev+0x10/0x10 [ 1118.270184][T26136] ? __futex_wait+0x256/0x300 [ 1118.270226][T26136] madvise_walk_vmas+0x2fe/0xa90 [ 1118.270256][T26136] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1118.270289][T26136] madvise_do_behavior+0x1ea/0x510 [ 1118.270317][T26136] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1118.270342][T26136] ? down_read+0x13b/0x460 [ 1118.270381][T26136] do_madvise+0x195/0x240 [ 1118.270404][T26136] ? __pfx_do_madvise+0x10/0x10 [ 1118.270428][T26136] ? do_futex+0x192/0x350 [ 1118.270489][T26136] ? __fget_files+0x21f/0x3d0 [ 1118.270552][T26136] __x64_sys_madvise+0xa9/0x110 [ 1118.270577][T26136] ? lockdep_hardirqs_on+0x78/0x100 [ 1118.270615][T26136] do_syscall_64+0x106/0xf80 [ 1118.270653][T26136] ? clear_bhb_loop+0x40/0x90 [ 1118.270685][T26136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1118.270711][T26136] RIP: 0033:0x7f700099c139 [ 1118.270734][T26136] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1118.270760][T26136] RSP: 002b:00007f7001930028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1118.270785][T26136] RAX: ffffffffffffffda RBX: 00007f7000c15fa0 RCX: 00007f700099c139 [ 1118.270803][T26136] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 1118.270819][T26136] RBP: 00007f7000a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1118.270835][T26136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1118.270850][T26136] R13: 00007f7000c16038 R14: 00007f7000c15fa0 R15: 00007ffdd5d058e8 [ 1118.270883][T26136] [ 1119.129528][T26148] netlink: 110 bytes leftover after parsing attributes in process `syz.3.7410'. [ 1119.141204][T26148] netlink: 290 bytes leftover after parsing attributes in process `syz.3.7410'. [ 1121.757711][T26205] random: crng reseeded on system resumption [ 1122.082325][T26059] mkiss: ax0: crc mode is auto. [ 1123.335123][T26219] ERROR: Out of memory at tomoyo_memory_ok. [ 1124.443072][T26242] netlink: 266 bytes leftover after parsing attributes in process `syz.1.7435'. [ 1124.542772][T26242] IPv6: NLM_F_CREATE should be specified when creating new route [ 1125.475258][T26260] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7440'. [ 1126.590697][T26279] netlink: 18 bytes leftover after parsing attributes in process `syz.3.7446'. [ 1126.679532][T26284] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7447'. [ 1126.754561][T26284] netlink: 13 bytes leftover after parsing attributes in process `syz.4.7447'. [ 1127.403327][T26299] openvswitch: netlink: IP tunnel dst address not specified [ 1128.937766][T26328] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7458'. [ 1129.029893][T26328] netlink: 354 bytes leftover after parsing attributes in process `syz.4.7458'. [ 1130.953979][T26355] netlink: 138 bytes leftover after parsing attributes in process `syz.1.7465'. [ 1131.220804][T26357] random: crng reseeded on system resumption [ 1131.500246][T26360] sp0: Synchronizing with TNC [ 1132.049486][T26372] FAULT_INJECTION: forcing a failure. [ 1132.049486][T26372] name failslab, interval 1, probability 0, space 0, times 0 [ 1132.171043][T26372] CPU: 0 UID: 0 PID: 26372 Comm: syz.4.7469 Tainted: G L syzkaller #0 PREEMPT(full) [ 1132.171084][T26372] Tainted: [L]=SOFTLOCKUP [ 1132.171094][T26372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1132.171109][T26372] Call Trace: [ 1132.171118][T26372] [ 1132.171129][T26372] dump_stack_lvl+0x100/0x190 [ 1132.171173][T26372] should_fail_ex.cold+0x5/0xa [ 1132.171202][T26372] should_failslab+0xc2/0x120 [ 1132.171242][T26372] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1132.171275][T26372] ? __proc_create+0x2cb/0x8c0 [ 1132.171316][T26372] __proc_create+0x2cb/0x8c0 [ 1132.171361][T26372] ? __pfx___proc_create+0x10/0x10 [ 1132.171402][T26372] ? _raw_write_unlock+0x28/0x50 [ 1132.171443][T26372] proc_create_reg+0x75/0x170 [ 1132.171482][T26372] proc_create_net_data+0x8e/0x1c0 [ 1132.171520][T26372] ? __pfx_proc_create_net_data+0x10/0x10 [ 1132.171559][T26372] ? __pfx_proc_create_net_data+0x10/0x10 [ 1132.171595][T26372] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1132.171625][T26372] ? __pfx_dev_proc_net_init+0x10/0x10 [ 1132.171659][T26372] wext_proc_init+0x53/0x80 [ 1132.171699][T26372] dev_proc_net_init+0x112/0x230 [ 1132.171735][T26372] ops_init+0x1e2/0x5f0 [ 1132.171777][T26372] setup_net+0x118/0x3a0 [ 1132.171816][T26372] ? __pfx_setup_net+0x10/0x10 [ 1132.171854][T26372] ? lockdep_init_map_type+0x5c/0x250 [ 1132.171887][T26372] ? mutex_init_lockep+0x110/0x150 [ 1132.171924][T26372] copy_net_ns+0x46f/0x7c0 [ 1132.171951][T26372] create_new_namespaces+0x3ea/0xac0 [ 1132.172002][T26372] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1132.172030][T26372] ksys_unshare+0x455/0xab0 [ 1132.172069][T26372] ? __pfx_ksys_unshare+0x10/0x10 [ 1132.172111][T26372] __x64_sys_unshare+0x31/0x40 [ 1132.172142][T26372] do_syscall_64+0x106/0xf80 [ 1132.172180][T26372] ? clear_bhb_loop+0x40/0x90 [ 1132.172212][T26372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1132.172239][T26372] RIP: 0033:0x7fe61479c139 [ 1132.172261][T26372] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1132.172286][T26372] RSP: 002b:00007fe615684028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1132.172310][T26372] RAX: ffffffffffffffda RBX: 00007fe614a15fa0 RCX: 00007fe61479c139 [ 1132.172333][T26372] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1132.172349][T26372] RBP: 00007fe6148327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1132.172366][T26372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1132.172382][T26372] R13: 00007fe614a16038 R14: 00007fe614a15fa0 R15: 00007ffe70193588 [ 1132.172415][T26372] [ 1133.549472][T26390] netlink: 266 bytes leftover after parsing attributes in process `syz.0.7474'. [ 1133.595219][T26390] IPv6: NLM_F_CREATE should be specified when creating new route [ 1134.287917][T26219] mkiss: ax0: crc mode is auto. [ 1135.613752][T26419] ERROR: Out of memory at tomoyo_memory_ok. [ 1136.383469][T26437] netlink: 25 bytes leftover after parsing attributes in process `syz.0.7485'. [ 1139.968311][T26479] FAULT_INJECTION: forcing a failure. [ 1139.968311][T26479] name failslab, interval 1, probability 0, space 0, times 0 [ 1140.166583][T26479] CPU: 0 UID: 0 PID: 26479 Comm: syz.3.7499 Tainted: G L syzkaller #0 PREEMPT(full) [ 1140.166637][T26479] Tainted: [L]=SOFTLOCKUP [ 1140.166646][T26479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1140.166663][T26479] Call Trace: [ 1140.166671][T26479] [ 1140.166680][T26479] dump_stack_lvl+0x100/0x190 [ 1140.166724][T26479] should_fail_ex.cold+0x5/0xa [ 1140.166753][T26479] should_failslab+0xc2/0x120 [ 1140.166797][T26479] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1140.166825][T26479] ? madvise_collapse+0x1b5/0xbe0 [ 1140.166857][T26479] madvise_collapse+0x1b5/0xbe0 [ 1140.166885][T26479] ? lock_acquire+0x1cf/0x380 [ 1140.166916][T26479] ? find_held_lock+0x2b/0x80 [ 1140.166954][T26479] ? finish_task_switch.isra.0+0x200/0xb80 [ 1140.166980][T26479] ? finish_task_switch.isra.0+0x200/0xb80 [ 1140.167006][T26479] ? rcu_is_watching+0x12/0xc0 [ 1140.167044][T26479] ? __pfx_madvise_collapse+0x10/0x10 [ 1140.167076][T26479] ? mtree_range_walk+0x6ce/0xcd0 [ 1140.167118][T26479] madvise_vma_behavior+0x172d/0x2ec0 [ 1140.167144][T26479] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 1140.167185][T26479] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1140.167211][T26479] ? mas_prev+0x9b/0xf0 [ 1140.167232][T26479] ? __pfx_mas_prev+0x10/0x10 [ 1140.167263][T26479] ? find_vma_prev+0xd8/0x150 [ 1140.167301][T26479] ? futex_unqueue+0x133/0x2c0 [ 1140.167329][T26479] ? __pfx_find_vma_prev+0x10/0x10 [ 1140.167377][T26479] ? __futex_wait+0x256/0x300 [ 1140.167419][T26479] madvise_walk_vmas+0x2fe/0xa90 [ 1140.167448][T26479] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1140.167482][T26479] madvise_do_behavior+0x1ea/0x510 [ 1140.167509][T26479] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1140.167535][T26479] ? down_read+0x13b/0x460 [ 1140.167573][T26479] do_madvise+0x195/0x240 [ 1140.167596][T26479] ? __pfx_do_madvise+0x10/0x10 [ 1140.167643][T26479] ? do_futex+0x192/0x350 [ 1140.167694][T26479] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 1140.167734][T26479] __x64_sys_madvise+0xa9/0x110 [ 1140.167758][T26479] ? lockdep_hardirqs_on+0x78/0x100 [ 1140.167796][T26479] do_syscall_64+0x106/0xf80 [ 1140.167833][T26479] ? clear_bhb_loop+0x40/0x90 [ 1140.167864][T26479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1140.167895][T26479] RIP: 0033:0x7f3b8ad9c139 [ 1140.167921][T26479] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1140.167946][T26479] RSP: 002b:00007f3b88ff6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1140.167971][T26479] RAX: ffffffffffffffda RBX: 00007f3b8b015fa0 RCX: 00007f3b8ad9c139 [ 1140.167988][T26479] RDX: 0000000000000019 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 1140.168004][T26479] RBP: 00007f3b8ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1140.168020][T26479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1140.168036][T26479] R13: 00007f3b8b016038 R14: 00007f3b8b015fa0 R15: 00007ffe99276538 [ 1140.168068][T26479] [ 1141.119020][T26489] netlink: 338 bytes leftover after parsing attributes in process `syz.0.7503'. [ 1142.070264][T26510] netlink: 252 bytes leftover after parsing attributes in process `syz.0.7511'. [ 1142.874944][T26518] FAULT_INJECTION: forcing a failure. [ 1142.874944][T26518] name failslab, interval 1, probability 0, space 0, times 0 [ 1143.130713][T26518] CPU: 0 UID: 0 PID: 26518 Comm: syz.1.7514 Tainted: G L syzkaller #0 PREEMPT(full) [ 1143.130754][T26518] Tainted: [L]=SOFTLOCKUP [ 1143.130763][T26518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1143.130779][T26518] Call Trace: [ 1143.130788][T26518] [ 1143.130798][T26518] dump_stack_lvl+0x100/0x190 [ 1143.130841][T26518] should_fail_ex.cold+0x5/0xa [ 1143.130870][T26518] ? tomoyo_encode2+0xfb/0x3c0 [ 1143.130908][T26518] should_failslab+0xc2/0x120 [ 1143.130947][T26518] __kmalloc_noprof+0xe0/0x850 [ 1143.130987][T26518] tomoyo_encode2+0xfb/0x3c0 [ 1143.131030][T26518] tomoyo_encode+0x29/0x50 [ 1143.131068][T26518] tomoyo_mount_acl+0x388/0x8b0 [ 1143.131104][T26518] ? is_bpf_text_address+0x8a/0x1a0 [ 1143.131142][T26518] ? bpf_ksym_find+0x124/0x1c0 [ 1143.131173][T26518] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 1143.131208][T26518] ? kernel_text_address+0x8d/0x100 [ 1143.131246][T26518] ? unwind_get_return_address+0x59/0xa0 [ 1143.131300][T26518] ? tomoyo_domain+0xb2/0x150 [ 1143.131325][T26518] ? tomoyo_profile+0x47/0x60 [ 1143.131353][T26518] tomoyo_mount_permission+0x214/0x460 [ 1143.131389][T26518] ? tomoyo_mount_permission+0x1f6/0x460 [ 1143.131428][T26518] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 1143.131493][T26518] security_sb_mount+0xdd/0x270 [ 1143.131526][T26518] path_mount+0x158/0x23d0 [ 1143.131555][T26518] ? __pfx_path_mount+0x10/0x10 [ 1143.131577][T26518] ? lockdep_hardirqs_on+0x78/0x100 [ 1143.131619][T26518] ? putname+0xb1/0x110 [ 1143.131656][T26518] ? kmem_cache_free+0x124/0x6a0 [ 1143.131695][T26518] ? __x64_sys_mount+0x293/0x310 [ 1143.131717][T26518] __x64_sys_mount+0x293/0x310 [ 1143.131746][T26518] ? __pfx___x64_sys_mount+0x10/0x10 [ 1143.131779][T26518] do_syscall_64+0x106/0xf80 [ 1143.131816][T26518] ? clear_bhb_loop+0x40/0x90 [ 1143.131848][T26518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1143.131875][T26518] RIP: 0033:0x7f700099c139 [ 1143.131895][T26518] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1143.131921][T26518] RSP: 002b:00007f7001930028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1143.131944][T26518] RAX: ffffffffffffffda RBX: 00007f7000c15fa0 RCX: 00007f700099c139 [ 1143.131962][T26518] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 0000000000000000 [ 1143.131978][T26518] RBP: 00007f7000a327e0 R08: 0000200000001580 R09: 0000000000000000 [ 1143.131994][T26518] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000 [ 1143.132010][T26518] R13: 00007f7000c16038 R14: 00007f7000c15fa0 R15: 00007ffdd5d058e8 [ 1143.132042][T26518] [ 1145.002390][T26531] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1145.037916][T26531] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1145.076377][T26531] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1145.127811][T26531] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1145.208670][T26544] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 1146.030647][T26419] mkiss: ax0: crc mode is auto. [ 1146.239215][T26565] netlink: 342 bytes leftover after parsing attributes in process `syz.0.7532'. [ 1146.319079][T26565] netlink: 302 bytes leftover after parsing attributes in process `syz.0.7532'. [ 1146.429263][T25521] Bluetooth: hci0: command 0x0406 tx timeout [ 1146.700350][T26572] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7535'. [ 1147.068471][T25521] Bluetooth: hci3: command 0x0406 tx timeout [ 1147.150924][T25521] Bluetooth: hci4: command 0x0c1a tx timeout [ 1147.157855][ T5829] Bluetooth: hci1: command 0x0406 tx timeout [ 1147.217221][T26575] ERROR: Out of memory at tomoyo_memory_ok. [ 1151.042698][T26622] netlink: 338 bytes leftover after parsing attributes in process `syz.3.7552'. [ 1151.125356][T26622] netlink: 338 bytes leftover after parsing attributes in process `syz.3.7552'. [ 1151.397544][T26625] netlink: 170 bytes leftover after parsing attributes in process `syz.3.7552'. [ 1153.780507][T26660] usb usb3: usbfs: interface 0 claimed by hub while 'syz.1.7565' sets config #16 [ 1157.644403][T26575] mkiss: ax0: crc mode is auto. [ 1158.939032][T26735] ERROR: Out of memory at tomoyo_memory_ok. [ 1159.689299][T26720] kexec: Could not allocate control_code_buffer [ 1161.094990][T26763] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1161.126201][T26761] sp0: Synchronizing with TNC [ 1162.157478][T26780] netlink: 202 bytes leftover after parsing attributes in process `syz.1.7600'. [ 1163.030472][T26789] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0 [ 1164.270312][T26795] zswap: compressor not available [ 1164.755449][T26811] sp0: Synchronizing with TNC [ 1167.007689][T26835] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7613'. [ 1167.140499][T26835] bridge0: port 4(bond0) entered disabled state [ 1167.191359][T26835] bond0 (unregistering): left allmulticast mode [ 1167.243581][T26835] bond_slave_0: left allmulticast mode [ 1167.302797][T26835] bond_slave_1: left allmulticast mode [ 1167.340982][T26835] bond0 (unregistering): left promiscuous mode [ 1167.362549][T26835] bond_slave_0: left promiscuous mode [ 1167.393743][T26835] bond_slave_1: left promiscuous mode [ 1167.462116][T26835] bridge0: port 4(bond0) entered disabled state [ 1167.541799][T26835] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1167.601646][T26835] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1167.669060][T26835] bond0 (unregistering): Released all slaves [ 1169.543761][T26735] mkiss: ax0: crc mode is auto. [ 1170.818311][T26882] ERROR: Out of memory at tomoyo_memory_ok. [ 1175.806681][T26953] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7655'. [ 1175.827769][T26951] Loading of unsigned module is rejected [ 1176.335343][T26962] netlink: 330 bytes leftover after parsing attributes in process `syz.0.7657'. [ 1177.569165][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.575689][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.894361][T26982] netlink: 334 bytes leftover after parsing attributes in process `syz.3.7665'. [ 1178.305984][T26994] FAULT_INJECTION: forcing a failure. [ 1178.305984][T26994] name failslab, interval 1, probability 0, space 0, times 0 [ 1178.381846][T26994] CPU: 0 UID: 0 PID: 26994 Comm: syz.3.7668 Tainted: G L syzkaller #0 PREEMPT(full) [ 1178.381888][T26994] Tainted: [L]=SOFTLOCKUP [ 1178.381897][T26994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1178.381914][T26994] Call Trace: [ 1178.381923][T26994] [ 1178.381934][T26994] dump_stack_lvl+0x100/0x190 [ 1178.381976][T26994] should_fail_ex.cold+0x5/0xa [ 1178.382006][T26994] should_failslab+0xc2/0x120 [ 1178.382045][T26994] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1178.382074][T26994] ? shrinker_alloc+0xf5/0xbc0 [ 1178.382116][T26994] shrinker_alloc+0xf5/0xbc0 [ 1178.382155][T26994] ? mark_held_locks+0x40/0x70 [ 1178.382193][T26994] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1178.382233][T26994] ? rcu_is_watching+0x12/0xc0 [ 1178.382272][T26994] ? __pfx_shrinker_alloc+0x10/0x10 [ 1178.382313][T26994] ? lockdep_init_map_type+0x5c/0x250 [ 1178.382345][T26994] ? lockdep_init_map_type+0x5c/0x250 [ 1178.382385][T26994] ? __raw_spin_lock_init+0x3a/0x110 [ 1178.382420][T26994] ? __init_rwsem+0x12d/0x1b0 [ 1178.382457][T26994] alloc_super+0x7c7/0xd20 [ 1178.382494][T26994] ? __pfx_mqueue_fill_super+0x10/0x10 [ 1178.382520][T26994] sget_fc+0x117/0xc70 [ 1178.382553][T26994] ? __pfx_set_anon_super_fc+0x10/0x10 [ 1178.382585][T26994] ? __pfx_mqueue_fill_super+0x10/0x10 [ 1178.382611][T26994] get_tree_nodev+0x28/0x190 [ 1178.382647][T26994] mqueue_get_tree+0xf1/0x130 [ 1178.382674][T26994] vfs_get_tree+0x92/0x320 [ 1178.382704][T26994] fc_mount_longterm+0x1a/0x270 [ 1178.382738][T26994] mq_init_ns+0x482/0x820 [ 1178.382771][T26994] copy_ipcs+0x3dd/0x7e0 [ 1178.382810][T26994] create_new_namespaces+0x20a/0xac0 [ 1178.382852][T26994] ? security_capable+0x80/0x260 [ 1178.382885][T26994] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1178.382913][T26994] ksys_unshare+0x455/0xab0 [ 1178.382946][T26994] ? __pfx_ksys_unshare+0x10/0x10 [ 1178.382988][T26994] __x64_sys_unshare+0x31/0x40 [ 1178.383018][T26994] do_syscall_64+0x106/0xf80 [ 1178.383056][T26994] ? clear_bhb_loop+0x40/0x90 [ 1178.383087][T26994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1178.383113][T26994] RIP: 0033:0x7f3b8ad9c139 [ 1178.383134][T26994] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1178.383159][T26994] RSP: 002b:00007f3b88ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1178.383183][T26994] RAX: ffffffffffffffda RBX: 00007f3b8b015fa0 RCX: 00007f3b8ad9c139 [ 1178.383200][T26994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 1178.383215][T26994] RBP: 00007f3b8ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1178.383231][T26994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1178.383246][T26994] R13: 00007f3b8b016038 R14: 00007f3b8b015fa0 R15: 00007ffe99276538 [ 1178.383278][T26994] [ 1181.158137][T26882] mkiss: ax0: crc mode is auto. [ 1182.412927][T27033] ERROR: Out of memory at tomoyo_memory_ok. [ 1182.460071][T27038] netlink: 'syz.1.7681': attribute type 21 has an invalid length. [ 1182.474986][T27039] netlink: 326 bytes leftover after parsing attributes in process `syz.0.7682'. [ 1182.532759][T27038] netlink: 326 bytes leftover after parsing attributes in process `syz.1.7681'. [ 1186.482799][T27091] netlink: 186 bytes leftover after parsing attributes in process `syz.3.7699'. [ 1186.567194][T27091] netlink: 186 bytes leftover after parsing attributes in process `syz.3.7699'. [ 1187.383782][T27104] netlink: 244 bytes leftover after parsing attributes in process `syz.1.7704'. [ 1190.920507][T27153] nvme_fabrics: missing parameter 'transport=%s' [ 1191.006565][T27153] nvme_fabrics: missing parameter 'nqn=%s' [ 1192.810311][T27033] mkiss: ax0: crc mode is auto. [ 1193.428997][T27191] netlink: 342 bytes leftover after parsing attributes in process `syz.0.7735'. [ 1193.513308][T27191] netlink: 302 bytes leftover after parsing attributes in process `syz.0.7735'. [ 1194.084527][T27198] ERROR: Out of memory at tomoyo_memory_ok. [ 1196.430364][T27221] FAULT_INJECTION: forcing a failure. [ 1196.430364][T27221] name failslab, interval 1, probability 0, space 0, times 0 [ 1196.527170][T27221] CPU: 0 UID: 0 PID: 27221 Comm: syz.1.7744 Tainted: G L syzkaller #0 PREEMPT(full) [ 1196.527212][T27221] Tainted: [L]=SOFTLOCKUP [ 1196.527222][T27221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1196.527239][T27221] Call Trace: [ 1196.527247][T27221] [ 1196.527257][T27221] dump_stack_lvl+0x100/0x190 [ 1196.527299][T27221] should_fail_ex.cold+0x5/0xa [ 1196.527328][T27221] ? vhost_dev_set_owner+0x20c/0xa30 [ 1196.527355][T27221] should_failslab+0xc2/0x120 [ 1196.527394][T27221] __kmalloc_noprof+0xe0/0x850 [ 1196.527434][T27221] vhost_dev_set_owner+0x20c/0xa30 [ 1196.527470][T27221] vhost_dev_ioctl+0x521/0xe20 [ 1196.527496][T27221] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1196.527539][T27221] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 1196.527577][T27221] vhost_vsock_dev_ioctl+0x320/0xb60 [ 1196.527601][T27221] ? __fget_files+0x215/0x3d0 [ 1196.527636][T27221] ? hook_file_ioctl_common+0x146/0x410 [ 1196.527672][T27221] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 1196.527701][T27221] ? __fget_files+0x21f/0x3d0 [ 1196.527741][T27221] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 1196.527769][T27221] __x64_sys_ioctl+0x18e/0x210 [ 1196.527803][T27221] do_syscall_64+0x106/0xf80 [ 1196.527840][T27221] ? clear_bhb_loop+0x40/0x90 [ 1196.527880][T27221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1196.527907][T27221] RIP: 0033:0x7f700099c139 [ 1196.527928][T27221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1196.527953][T27221] RSP: 002b:00007f7001930028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1196.527977][T27221] RAX: ffffffffffffffda RBX: 00007f7000c15fa0 RCX: 00007f700099c139 [ 1196.527994][T27221] RDX: 0000000000000000 RSI: 000000000000af01 RDI: 0000000000000003 [ 1196.528009][T27221] RBP: 00007f7000a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1196.528025][T27221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1196.528040][T27221] R13: 00007f7000c16038 R14: 00007f7000c15fa0 R15: 00007ffdd5d058e8 [ 1196.528072][T27221] [ 1197.386245][T27226] netlink: 330 bytes leftover after parsing attributes in process `syz.0.7746'. [ 1198.396660][T27231] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1198.435135][T27231] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1198.465663][T27231] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1198.514237][T27231] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1198.593486][T27237] ERROR: Out of memory at tomoyo_memory_ok. [ 1199.248978][T27248] vivid-007: ================= START STATUS ================= [ 1199.310139][T27248] vivid-007: Generate PTS: true [ 1199.332191][T27248] vivid-007: Generate SCR: true [ 1199.365781][T27248] tpg source WxH: 320x240 (Y'CbCr) [ 1199.426091][T27248] tpg field: 1 [ 1199.429514][T27248] tpg crop: (0,0)/320x240 [ 1199.513384][T27248] tpg compose: (0,0)/320x240 [ 1199.552098][T27248] tpg colorspace: 8 [ 1199.592684][T27248] tpg transfer function: 0/0 [ 1199.615680][T27248] tpg Y'CbCr encoding: 0/0 [ 1199.659008][T27248] tpg quantization: 0/0 [ 1199.679498][T27248] tpg RGB range: 0/2 [ 1199.725509][T27248] vivid-007: ================== END STATUS ================== [ 1200.455277][T25521] Bluetooth: hci3: command 0x0406 tx timeout [ 1200.461511][ T5829] Bluetooth: hci0: command 0x0406 tx timeout [ 1200.510510][T27270] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7762'. [ 1200.546651][T25521] Bluetooth: hci4: command 0x0c1a tx timeout [ 1200.552810][T25521] Bluetooth: hci1: command 0x0406 tx timeout [ 1200.676252][T27268] Process accounting resumed [ 1200.937506][T27276] netlink: 342 bytes leftover after parsing attributes in process `syz.3.7764'. [ 1201.528108][T27281] vhci_hcd: not connected 4 [ 1204.437018][T27198] mkiss: ax0: crc mode is auto. [ 1205.320674][T27321] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7779'. [ 1205.421959][T27327] netlink: 'syz.4.7779': attribute type 1 has an invalid length. [ 1205.580824][T27327] netlink: 13 bytes leftover after parsing attributes in process `syz.4.7779'. [ 1205.680206][T27328] ERROR: Out of memory at tomoyo_memory_ok. [ 1206.098834][T27333] FAULT_INJECTION: forcing a failure. [ 1206.098834][T27333] name failslab, interval 1, probability 0, space 0, times 0 [ 1206.179739][T27333] CPU: 0 UID: 0 PID: 27333 Comm: syz.1.7784 Tainted: G L syzkaller #0 PREEMPT(full) [ 1206.179780][T27333] Tainted: [L]=SOFTLOCKUP [ 1206.179789][T27333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1206.179805][T27333] Call Trace: [ 1206.179814][T27333] [ 1206.179824][T27333] dump_stack_lvl+0x100/0x190 [ 1206.179867][T27333] should_fail_ex.cold+0x5/0xa [ 1206.179897][T27333] should_failslab+0xc2/0x120 [ 1206.179936][T27333] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1206.179969][T27333] ? cred_alloc_blank+0x1c/0xa0 [ 1206.180006][T27333] ? __x64_sys_futex+0x34f/0x4d0 [ 1206.180051][T27333] ? __x64_sys_futex+0x358/0x4d0 [ 1206.180085][T27333] cred_alloc_blank+0x1c/0xa0 [ 1206.180123][T27333] keyctl_session_to_parent+0x55/0xae0 [ 1206.180162][T27333] __do_sys_keyctl+0x2b1/0x5a0 [ 1206.180200][T27333] do_syscall_64+0x106/0xf80 [ 1206.180239][T27333] ? clear_bhb_loop+0x40/0x90 [ 1206.180270][T27333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1206.180298][T27333] RIP: 0033:0x7f700099c139 [ 1206.180318][T27333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1206.180343][T27333] RSP: 002b:00007f7001930028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1206.180367][T27333] RAX: ffffffffffffffda RBX: 00007f7000c15fa0 RCX: 00007f700099c139 [ 1206.180385][T27333] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 1206.180402][T27333] RBP: 00007f7000a327e0 R08: 0000000000000001 R09: 0000000000000000 [ 1206.180417][T27333] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 1206.180433][T27333] R13: 00007f7000c16038 R14: 00007f7000c15fa0 R15: 00007ffdd5d058e8 [ 1206.180466][T27333] [ 1210.675734][T27369] netlink: 338 bytes leftover after parsing attributes in process `syz.1.7796'. [ 1210.720172][T27369] team_slave_0: entered allmulticast mode [ 1210.963541][T27362] netlink: 330 bytes leftover after parsing attributes in process `syz.4.7794'. [ 1213.241680][T27386] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7803'. [ 1214.017863][T27395] busy [ 1216.112829][T27328] mkiss: ax0: crc mode is auto. [ 1217.333578][T27419] ERROR: Out of memory at tomoyo_memory_ok. [ 1217.822935][T27427] netlink: 342 bytes leftover after parsing attributes in process `syz.3.7815'. [ 1221.160292][T27454] mkiss: ax1: crc mode is auto. [ 1222.297249][T27465] mkiss: ax1: crc mode is auto. [ 1222.888796][T27480] netlink: 252 bytes leftover after parsing attributes in process `syz.0.7830'. [ 1222.957522][T27481] netlink: 252 bytes leftover after parsing attributes in process `syz.0.7830'. [ 1223.049102][T27483] lo: entered allmulticast mode [ 1223.090839][T27483] lo: left allmulticast mode [ 1223.594590][T27484] zswap: compressor û not available [ 1223.628186][T27486] Setting dangerous option i915.mitigations - tainting kernel [ 1223.721352][T27483] Setting dangerous option i915.mitigations - tainting kernel [ 1225.367489][T27510] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7837'. [ 1225.439218][T27510] netlink: 25 bytes leftover after parsing attributes in process `syz.3.7837'. [ 1225.663298][T27514] FAULT_INJECTION: forcing a failure. [ 1225.663298][T27514] name failslab, interval 1, probability 0, space 0, times 0 [ 1225.850764][T27514] CPU: 0 UID: 0 PID: 27514 Comm: syz.4.7836 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1225.850807][T27514] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1225.850817][T27514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1225.850844][T27514] Call Trace: [ 1225.850853][T27514] [ 1225.850863][T27514] dump_stack_lvl+0x100/0x190 [ 1225.850906][T27514] should_fail_ex.cold+0x5/0xa [ 1225.850934][T27514] ? __register_sysctl_table+0xbe4/0x1650 [ 1225.850971][T27514] should_failslab+0xc2/0x120 [ 1225.851010][T27514] __kmalloc_noprof+0xe0/0x850 [ 1225.851049][T27514] __register_sysctl_table+0xbe4/0x1650 [ 1225.851092][T27514] ? __pfx___register_sysctl_table+0x10/0x10 [ 1225.851127][T27514] ? is_module_address+0x69/0xf0 [ 1225.851158][T27514] ? register_net_sysctl_sz+0x222/0x430 [ 1225.851186][T27514] ? __asan_memcpy+0x3c/0x60 [ 1225.851217][T27514] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 1225.851260][T27514] nf_lwtunnel_net_init+0x60/0xf0 [ 1225.851301][T27514] ops_init+0x1e2/0x5f0 [ 1225.851343][T27514] setup_net+0x118/0x3a0 [ 1225.851384][T27514] ? __pfx_setup_net+0x10/0x10 [ 1225.851421][T27514] ? lockdep_init_map_type+0x5c/0x250 [ 1225.851454][T27514] ? mutex_init_lockep+0x110/0x150 [ 1225.851492][T27514] copy_net_ns+0x46f/0x7c0 [ 1225.851519][T27514] create_new_namespaces+0x3ea/0xac0 [ 1225.851569][T27514] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1225.851598][T27514] ksys_unshare+0x455/0xab0 [ 1225.851638][T27514] ? __pfx_ksys_unshare+0x10/0x10 [ 1225.851680][T27514] __x64_sys_unshare+0x31/0x40 [ 1225.851712][T27514] do_syscall_64+0x106/0xf80 [ 1225.851750][T27514] ? clear_bhb_loop+0x40/0x90 [ 1225.851785][T27514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1225.851812][T27514] RIP: 0033:0x7fe61479c139 [ 1225.851833][T27514] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1225.851857][T27514] RSP: 002b:00007fe615684028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1225.851881][T27514] RAX: ffffffffffffffda RBX: 00007fe614a15fa0 RCX: 00007fe61479c139 [ 1225.851899][T27514] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1225.851914][T27514] RBP: 00007fe6148327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1225.851930][T27514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1225.851946][T27514] R13: 00007fe614a16038 R14: 00007fe614a15fa0 R15: 00007ffe70193588 [ 1225.851978][T27514] [ 1226.363452][T27514] sysctl could not get directory: /net -12 [ 1227.642103][T27419] mkiss: ax0: crc mode is auto. [ 1227.752512][T27530] netlink: 186 bytes leftover after parsing attributes in process `syz.0.7844'. [ 1228.179363][T27540] FAULT_INJECTION: forcing a failure. [ 1228.179363][T27540] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1228.276285][T27540] CPU: 0 UID: 0 PID: 27540 Comm: syz.3.7848 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1228.276327][T27540] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1228.276338][T27540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1228.276355][T27540] Call Trace: [ 1228.276363][T27540] [ 1228.276373][T27540] dump_stack_lvl+0x100/0x190 [ 1228.276414][T27540] should_fail_ex.cold+0x5/0xa [ 1228.276439][T27540] ? prepare_alloc_pages+0x16d/0x5f0 [ 1228.276483][T27540] should_fail_alloc_page+0xeb/0x140 [ 1228.276525][T27540] prepare_alloc_pages+0x1f0/0x5f0 [ 1228.276572][T27540] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1228.276606][T27540] ? __print_lock_name+0x21/0x80 [ 1228.276646][T27540] ? is_bpf_text_address+0x8a/0x1a0 [ 1228.276682][T27540] ? is_bpf_text_address+0x8a/0x1a0 [ 1228.276718][T27540] ? bpf_ksym_find+0x124/0x1c0 [ 1228.276745][T27540] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1228.276789][T27540] ? is_bpf_text_address+0x94/0x1a0 [ 1228.276824][T27540] ? kernel_text_address+0x8d/0x100 [ 1228.276861][T27540] ? __kernel_text_address+0xd/0x30 [ 1228.276897][T27540] ? unwind_get_return_address+0x59/0xa0 [ 1228.276924][T27540] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1228.276971][T27540] ? __pfx_stack_trace_save+0x10/0x10 [ 1228.277013][T27540] ? stack_depot_save_flags+0x27/0x9d0 [ 1228.277051][T27540] ? find_held_lock+0x2b/0x80 [ 1228.277092][T27540] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1228.277149][T27540] ? policy_nodemask+0xed/0x4f0 [ 1228.277191][T27540] alloc_pages_mpol+0x1fb/0x550 [ 1228.277232][T27540] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1228.277279][T27540] alloc_pages_noprof+0x131/0x390 [ 1228.277320][T27540] kimage_alloc_pages+0x72/0x380 [ 1228.277363][T27540] kimage_alloc_control_pages+0x157/0xa20 [ 1228.277411][T27540] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 1228.277455][T27540] ? kasan_save_track+0x14/0x30 [ 1228.277493][T27540] do_kexec_load+0x6c1/0x810 [ 1228.277520][T27540] ? __pfx_do_kexec_load+0x10/0x10 [ 1228.277548][T27540] ? _copy_from_user+0x59/0xd0 [ 1228.277585][T27540] __x64_sys_kexec_load+0x1bf/0x230 [ 1228.277613][T27540] do_syscall_64+0x106/0xf80 [ 1228.277652][T27540] ? clear_bhb_loop+0x40/0x90 [ 1228.277684][T27540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1228.277710][T27540] RIP: 0033:0x7f3b8ad9c139 [ 1228.277731][T27540] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1228.277756][T27540] RSP: 002b:00007f3b88ff6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 1228.277780][T27540] RAX: ffffffffffffffda RBX: 00007f3b8b015fa0 RCX: 00007f3b8ad9c139 [ 1228.277797][T27540] RDX: 0000200000000040 RSI: 0000000000000001 RDI: 0000200000000007 [ 1228.277814][T27540] RBP: 00007f3b8ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1228.277830][T27540] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 1228.277845][T27540] R13: 00007f3b8b016038 R14: 00007f3b8b015fa0 R15: 00007ffe99276538 [ 1228.277878][T27540] [ 1228.277889][T27540] kexec: Could not allocate swap buffer [ 1229.015679][T27546] ERROR: Out of memory at tomoyo_memory_ok. [ 1229.609360][T25521] Bluetooth: hci0: unexpected event 0x07 length: 435 > 255 [ 1229.732771][ T49] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1229.886174][ T49] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1230.001779][ T49] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1230.209230][ T49] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1230.798062][ T5829] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1230.811226][ T5829] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1230.825955][ T5829] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1230.848734][ T5829] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1230.858271][ T5829] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1231.015935][ T49] bridge_slave_1: left allmulticast mode [ 1231.043167][ T49] bridge_slave_1: left promiscuous mode [ 1231.073395][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 1231.175293][ T49] bridge_slave_0: left allmulticast mode [ 1231.224076][ T49] bridge_slave_0: left promiscuous mode [ 1231.230363][T27575] Process accounting paused [ 1231.259913][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 1231.407198][T27588] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7866'. [ 1231.997540][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1232.021720][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1232.083805][ T49] bond0 (unregistering): Released all slaves [ 1232.959048][ T5829] Bluetooth: hci2: command tx timeout [ 1233.154305][ T49] hsr_slave_0: left promiscuous mode [ 1233.222137][ T49] hsr_slave_1: left promiscuous mode [ 1233.264910][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1233.312606][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1233.340722][T27611] netlink: 18 bytes leftover after parsing attributes in process `syz.1.7870'. [ 1233.366117][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1233.432230][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1233.553078][ T49] veth1_macvtap: left promiscuous mode [ 1233.558796][ T49] veth0_macvtap: left promiscuous mode [ 1233.646016][ T49] veth1_vlan: left promiscuous mode [ 1233.651370][ T49] veth0_vlan: left promiscuous mode [ 1234.402590][ T49] team0 (unregistering): Port device team_slave_1 removed [ 1234.462415][ T49] team0 (unregistering): Port device team_slave_0 removed [ 1235.032307][ T5829] Bluetooth: hci2: command tx timeout [ 1235.260450][T27573] chnl_net:caif_netlink_parms(): no params data found [ 1235.903516][T27573] bridge0: port 1(bridge_slave_0) entered blocking state [ 1235.941831][T27573] bridge0: port 1(bridge_slave_0) entered disabled state [ 1235.993603][T27573] bridge_slave_0: entered allmulticast mode [ 1236.044815][T27573] bridge_slave_0: entered promiscuous mode [ 1236.078875][T27573] bridge0: port 2(bridge_slave_1) entered blocking state [ 1236.139120][T27573] bridge0: port 2(bridge_slave_1) entered disabled state [ 1236.192289][T27573] bridge_slave_1: entered allmulticast mode [ 1236.223041][T27573] bridge_slave_1: entered promiscuous mode [ 1236.603915][T27573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1236.679628][T27573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1237.005258][T27573] team0: Port device team_slave_0 added [ 1237.045966][T27573] team0: Port device team_slave_1 added [ 1237.115710][ T5829] Bluetooth: hci2: command tx timeout [ 1237.222338][T27573] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1237.247529][T27573] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1237.371523][T27573] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1237.449939][T27573] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1237.485446][T27573] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1237.601782][T27573] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1238.036035][T27573] hsr_slave_0: entered promiscuous mode [ 1238.066153][T27573] hsr_slave_1: entered promiscuous mode [ 1238.100888][T27679] netlink: 290 bytes leftover after parsing attributes in process `syz.3.7885'. [ 1239.067787][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1239.082017][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1239.194496][ T5829] Bluetooth: hci2: command tx timeout [ 1239.325137][T27546] mkiss: ax0: crc mode is auto. [ 1240.577205][T27709] ERROR: Out of memory at tomoyo_memory_ok. [ 1240.676391][T27573] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1240.757123][T27573] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1240.873198][T27573] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1240.899807][T27715] netlink: 330 bytes leftover after parsing attributes in process `syz.0.7893'. [ 1241.008855][T27573] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1241.555305][T27737] netlink: 342 bytes leftover after parsing attributes in process `syz.0.7897'. [ 1241.584630][T27573] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1241.622082][T27737] netlink: 274 bytes leftover after parsing attributes in process `syz.0.7897'. [ 1241.711925][T27573] 8021q: adding VLAN 0 to HW filter on device team0 [ 1241.797528][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 1241.804709][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1241.896307][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 1241.903526][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1242.962515][T27573] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1244.394455][T27573] veth0_vlan: entered promiscuous mode [ 1244.482060][T27573] veth1_vlan: entered promiscuous mode [ 1244.615486][T27573] veth0_macvtap: entered promiscuous mode [ 1244.699029][T27573] veth1_macvtap: entered promiscuous mode [ 1244.803254][T27573] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1244.863635][T27573] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1244.918385][T27780] FAULT_INJECTION: forcing a failure. [ 1244.918385][T27780] name failslab, interval 1, probability 0, space 0, times 0 [ 1244.966201][T22413] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1244.987271][T22413] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1245.054422][T22413] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1245.103545][T22413] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1245.127413][T27780] CPU: 0 UID: 0 PID: 27780 Comm: syz.3.7903 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1245.127455][T27780] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1245.127466][T27780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1245.127481][T27780] Call Trace: [ 1245.127489][T27780] [ 1245.127499][T27780] dump_stack_lvl+0x100/0x190 [ 1245.127543][T27780] should_fail_ex.cold+0x5/0xa [ 1245.127572][T27780] should_failslab+0xc2/0x120 [ 1245.127612][T27780] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1245.127646][T27780] ? sock_alloc_inode+0x25/0x1c0 [ 1245.127670][T27780] ? copy_net_ns+0x46f/0x7c0 [ 1245.127693][T27780] ? unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1245.127717][T27780] ? ksys_unshare+0x455/0xab0 [ 1245.127758][T27780] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1245.127785][T27780] sock_alloc_inode+0x25/0x1c0 [ 1245.127810][T27780] alloc_inode+0x68/0x250 [ 1245.127838][T27780] sock_alloc+0x44/0x280 [ 1245.127877][T27780] ? security_socket_create+0x7f/0x250 [ 1245.127909][T27780] sock_create_lite+0x82/0x120 [ 1245.127953][T27780] __netlink_kernel_create+0xbd/0x750 [ 1245.127996][T27780] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1245.128037][T27780] ? find_held_lock+0x2b/0x80 [ 1245.128076][T27780] ? audit_net_init+0x190/0x440 [ 1245.128106][T27780] ? audit_net_init+0x190/0x440 [ 1245.128141][T27780] audit_net_init+0x1ae/0x440 [ 1245.128172][T27780] ? __pfx_audit_net_init+0x10/0x10 [ 1245.128201][T27780] ? rcu_is_watching+0x12/0xc0 [ 1245.128239][T27780] ? __pfx_audit_receive+0x10/0x10 [ 1245.128274][T27780] ? __pfx_audit_multicast_bind+0x10/0x10 [ 1245.128310][T27780] ? __pfx_audit_multicast_unbind+0x10/0x10 [ 1245.128347][T27780] ? __kmalloc_noprof+0x320/0x850 [ 1245.128385][T27780] ? __pfx_audit_net_init+0x10/0x10 [ 1245.128414][T27780] ops_init+0x1e2/0x5f0 [ 1245.128461][T27780] setup_net+0x118/0x3a0 [ 1245.128501][T27780] ? __pfx_setup_net+0x10/0x10 [ 1245.128538][T27780] ? lockdep_init_map_type+0x5c/0x250 [ 1245.128571][T27780] ? mutex_init_lockep+0x110/0x150 [ 1245.128608][T27780] copy_net_ns+0x46f/0x7c0 [ 1245.128635][T27780] create_new_namespaces+0x3ea/0xac0 [ 1245.128685][T27780] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1245.128713][T27780] ksys_unshare+0x455/0xab0 [ 1245.128751][T27780] ? __pfx_ksys_unshare+0x10/0x10 [ 1245.128793][T27780] __x64_sys_unshare+0x31/0x40 [ 1245.128824][T27780] do_syscall_64+0x106/0xf80 [ 1245.128862][T27780] ? clear_bhb_loop+0x40/0x90 [ 1245.128894][T27780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1245.128921][T27780] RIP: 0033:0x7f3b8ad9c139 [ 1245.128943][T27780] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1245.128968][T27780] RSP: 002b:00007f3b88ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1245.128992][T27780] RAX: ffffffffffffffda RBX: 00007f3b8b015fa0 RCX: 00007f3b8ad9c139 [ 1245.129009][T27780] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1245.129026][T27780] RBP: 00007f3b8ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1245.129042][T27780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1245.129058][T27780] R13: 00007f3b8b016038 R14: 00007f3b8b015fa0 R15: 00007ffe99276538 [ 1245.129099][T27780] [ 1245.129185][T27780] audit: cannot initialize netlink socket in namespace [ 1245.520749][T27798] netlink: 338 bytes leftover after parsing attributes in process `syz.0.7906'. [ 1246.062721][T27793] sp0: Synchronizing with TNC [ 1246.432858][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1246.470625][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1246.623132][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1246.646261][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1247.923883][T27825] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7911'. [ 1249.491620][T27854] netlink: 93 bytes leftover after parsing attributes in process `syz.0.7921'. [ 1249.596143][T27850] netlink: 93 bytes leftover after parsing attributes in process `syz.0.7921'. [ 1250.748557][T27709] mkiss: ax0: crc mode is auto. [ 1251.503293][T27887] sp0: Synchronizing with TNC [ 1251.549034][T27891] sp0: Found TNC [ 1251.954202][T27892] ERROR: Out of memory at tomoyo_memory_ok. [ 1254.071198][T27925] netlink: 'syz.3.7946': attribute type 1 has an invalid length. [ 1254.143354][T27925] netlink: 330 bytes leftover after parsing attributes in process `syz.3.7946'. [ 1255.422858][T27947] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7950'. [ 1255.721374][T27947] team0 (unregistering): Port device team_slave_0 removed [ 1255.827532][T27947] team0 (unregistering): Port device team_slave_1 removed [ 1256.574077][T27954] netlink: 194 bytes leftover after parsing attributes in process `syz.0.7951'. [ 1259.872440][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807ec38c00: rx timeout, send abort [ 1260.248235][T27996] [U] ^\ [ 1260.386499][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807ec38c00: abort rx timeout. Force session deactivation [ 1261.116523][T28010] netlink: 504 bytes leftover after parsing attributes in process `syz.0.7967'. [ 1261.128585][T28012] netlink: 86 bytes leftover after parsing attributes in process `syz.1.7968'. [ 1262.110236][T28027] Â: entered promiscuous mode [ 1262.326435][T28015] Process accounting resumed [ 1262.434635][T27892] mkiss: ax0: crc mode is auto. [ 1263.676679][T28056] ERROR: Out of memory at tomoyo_memory_ok. [ 1264.852951][T28062] sp0: Synchronizing with TNC [ 1267.403630][T28119] sg_write: data in/out 16348/1438 bytes for SCSI command 0x0-- guessing data in; [ 1267.403630][T28119] program syz.1.8004 not setting count and/or reply_len properly [ 1267.741715][T28128] netlink: 'syz.4.8007': attribute type 10 has an invalid length. [ 1267.774733][T28128] netlink: 'syz.4.8007': attribute type 13 has an invalid length. [ 1268.450539][T28142] ERROR: Out of memory at tomoyo_memory_ok. [ 1273.010202][T28197] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8031'. [ 1273.072031][T28197] mac80211_hwsim hwsim12 wlan1: entered promiscuous mode [ 1273.108537][T28197] mac80211_hwsim hwsim12 wlan1: entered allmulticast mode [ 1273.966629][T28056] mkiss: ax0: crc mode is auto. [ 1274.380779][T28222] vivid-007: ================= START STATUS ================= [ 1274.475104][T28222] vivid-007: Enable Output Cropping: true grabbed [ 1274.526754][T28222] vivid-007: Enable Output Composing: true grabbed [ 1274.702236][T28222] vivid-007: Enable Output Scaler: true grabbed [ 1274.769294][ T5829] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1274.806903][T28222] vivid-007: Tx RGB Quantization Range: Automatic grabbed [ 1274.889714][T28222] vivid-007: Transmit Mode: HDMI grabbed [ 1274.957594][T28222] vivid-007: Hotplug Present: 0x00000000 [ 1275.030604][T28222] vivid-007: RxSense Present: 0x00000000 [ 1275.119679][T28222] vivid-007: EDID Present: 0x00000000 [ 1275.262860][T28222] vivid-007: ================== END STATUS ================== [ 1275.280686][T28231] ERROR: Out of memory at tomoyo_memory_ok. [ 1276.228462][T28246] netlink: 246 bytes leftover after parsing attributes in process `syz.1.8048'. [ 1279.721502][T28289] netlink: 62 bytes leftover after parsing attributes in process `syz.0.8063'. [ 1280.379038][T28302] netlink: 252 bytes leftover after parsing attributes in process `syz.4.8068'. [ 1280.416490][T28302] netlink: 252 bytes leftover after parsing attributes in process `syz.4.8068'. [ 1280.774226][T25521] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 1282.057661][T28324] FAULT_INJECTION: forcing a failure. [ 1282.057661][T28324] name failslab, interval 1, probability 0, space 0, times 0 [ 1282.199625][T28324] CPU: 0 UID: 0 PID: 28324 Comm: syz.3.8072 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1282.199676][T28324] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1282.199686][T28324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1282.199701][T28324] Call Trace: [ 1282.199710][T28324] [ 1282.199720][T28324] dump_stack_lvl+0x100/0x190 [ 1282.199766][T28324] should_fail_ex.cold+0x5/0xa [ 1282.199795][T28324] ? lsm_blob_alloc+0x68/0x90 [ 1282.199817][T28324] should_failslab+0xc2/0x120 [ 1282.199857][T28324] __kmalloc_noprof+0xe0/0x850 [ 1282.199889][T28324] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1282.199934][T28324] lsm_blob_alloc+0x68/0x90 [ 1282.199959][T28324] security_prepare_creds+0x2d/0x290 [ 1282.200000][T28324] prepare_creds+0x5d6/0x950 [ 1282.200040][T28324] lookup_user_key+0xfb2/0x1300 [ 1282.200077][T28324] ? __pfx_lookup_user_key+0x10/0x10 [ 1282.200114][T28324] ? do_raw_spin_lock+0x128/0x260 [ 1282.200153][T28324] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1282.200192][T28324] ? _raw_spin_unlock_irq+0x2e/0x50 [ 1282.200227][T28324] ? do_sigaltstack.constprop.0+0x4c0/0x670 [ 1282.200267][T28324] keyctl_restrict_keyring+0x99/0x250 [ 1282.200299][T28324] ? __pfx_keyctl_restrict_keyring+0x10/0x10 [ 1282.200342][T28324] __do_sys_keyctl+0x2e8/0x5a0 [ 1282.200375][T28324] do_syscall_64+0x106/0xf80 [ 1282.200412][T28324] ? clear_bhb_loop+0x40/0x90 [ 1282.200443][T28324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1282.200469][T28324] RIP: 0033:0x7f3b8ad9c139 [ 1282.200490][T28324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1282.200515][T28324] RSP: 002b:00007f3b88ff6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1282.200539][T28324] RAX: ffffffffffffffda RBX: 00007f3b8b015fa0 RCX: 00007f3b8ad9c139 [ 1282.200556][T28324] RDX: 0000000000000002 RSI: fffffffffffffffd RDI: 000000000000001d [ 1282.200574][T28324] RBP: 00007f3b8ae327e0 R08: fffffffffffffffd R09: 0000000000000000 [ 1282.200590][T28324] R10: 0000000000000628 R11: 0000000000000246 R12: 0000000000000000 [ 1282.200606][T28324] R13: 00007f3b8b016038 R14: 00007f3b8b015fa0 R15: 00007ffe99276538 [ 1282.200645][T28324] [ 1282.733408][T28335] vivid-007: ================= START STATUS ================= [ 1282.773083][T28335] vivid-007: Generate PTS: true [ 1282.793131][T28335] vivid-007: Generate SCR: true [ 1282.811931][T28335] tpg source WxH: 320x240 (Y'CbCr) [ 1282.817122][T28335] tpg field: 1 [ 1282.844371][T28335] tpg crop: (0,0)/320x240 [ 1282.870030][T28335] tpg compose: (0,0)/320x240 [ 1282.874671][T28335] tpg colorspace: 8 [ 1282.894274][T28335] tpg transfer function: 0/0 [ 1282.916165][T28335] tpg Y'CbCr encoding: 0/0 [ 1282.935294][T28335] tpg quantization: 0/0 [ 1282.955525][T28335] tpg RGB range: 0/2 [ 1283.042582][T28335] vivid-007: ================== END STATUS ================== [ 1284.223656][T28355] netlink: 25 bytes leftover after parsing attributes in process `syz.4.8079'. [ 1285.607564][T28231] mkiss: ax0: crc mode is auto. [ 1285.984082][T28387] netlink: 338 bytes leftover after parsing attributes in process `syz.4.8090'. [ 1286.811743][T28401] ERROR: Out of memory at tomoyo_memory_ok. [ 1289.749347][T28445] bond0: option all_slaves_active: invalid value () [ 1290.311178][T28458] FAULT_INJECTION: forcing a failure. [ 1290.311178][T28458] name failslab, interval 1, probability 0, space 0, times 0 [ 1290.351301][T28459] netlink: 54 bytes leftover after parsing attributes in process `syz.4.8110'. [ 1290.378894][T28458] CPU: 0 UID: 0 PID: 28458 Comm: syz.3.8111 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1290.378938][T28458] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1290.378949][T28458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1290.378965][T28458] Call Trace: [ 1290.378973][T28458] [ 1290.378983][T28458] dump_stack_lvl+0x100/0x190 [ 1290.379026][T28458] should_fail_ex.cold+0x5/0xa [ 1290.379056][T28458] should_failslab+0xc2/0x120 [ 1290.379095][T28458] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 1290.379131][T28458] ? __alloc_skb+0x140/0x710 [ 1290.379171][T28458] __alloc_skb+0x140/0x710 [ 1290.379204][T28458] ? __alloc_skb+0x5b7/0x710 [ 1290.379238][T28458] ? __pfx___alloc_skb+0x10/0x10 [ 1290.379278][T28458] ? aa_label_sk_perm+0x194/0x5f0 [ 1290.379319][T28458] alloc_skb_with_frags+0xe0/0x810 [ 1290.379363][T28458] ? __lock_acquire+0x4a5/0x2630 [ 1290.379397][T28458] sock_alloc_send_pskb+0x801/0x980 [ 1290.379440][T28458] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1290.379475][T28458] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1290.379515][T28458] caif_stream_sendmsg+0x446/0x800 [ 1290.379563][T28458] ? __pfx_caif_stream_sendmsg+0x10/0x10 [ 1290.379603][T28458] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1290.379637][T28458] sock_write_iter+0x566/0x610 [ 1290.379666][T28458] ? __pfx_sock_write_iter+0x10/0x10 [ 1290.379692][T28458] ? futex_unqueue+0x133/0x2c0 [ 1290.379719][T28458] ? futex_unqueue+0x133/0x2c0 [ 1290.379755][T28458] ? __futex_wait+0x256/0x300 [ 1290.379797][T28458] do_iter_readv_writev+0x6ee/0x920 [ 1290.379832][T28458] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1290.379869][T28458] ? common_file_perm+0x1ab/0x4f0 [ 1290.379908][T28458] ? bpf_lsm_file_permission+0x9/0x10 [ 1290.379944][T28458] ? security_file_permission+0x76/0x210 [ 1290.379983][T28458] ? rw_verify_area+0xce/0x6d0 [ 1290.380017][T28458] vfs_writev+0x360/0xe10 [ 1290.380058][T28458] ? __pfx_vfs_writev+0x10/0x10 [ 1290.380111][T28458] ? __fget_files+0x21f/0x3d0 [ 1290.380155][T28458] ? do_writev+0x28a/0x340 [ 1290.380185][T28458] do_writev+0x28a/0x340 [ 1290.380219][T28458] ? __pfx_do_writev+0x10/0x10 [ 1290.380260][T28458] do_syscall_64+0x106/0xf80 [ 1290.380298][T28458] ? clear_bhb_loop+0x40/0x90 [ 1290.380329][T28458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1290.380356][T28458] RIP: 0033:0x7f3b8ad9c139 [ 1290.380377][T28458] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1290.380403][T28458] RSP: 002b:00007f3b88ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1290.380427][T28458] RAX: ffffffffffffffda RBX: 00007f3b8b015fa0 RCX: 00007f3b8ad9c139 [ 1290.380444][T28458] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 1290.380460][T28458] RBP: 00007f3b8ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1290.380476][T28458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1290.380492][T28458] R13: 00007f3b8b016038 R14: 00007f3b8b015fa0 R15: 00007ffe99276538 [ 1290.380524][T28458] [ 1290.965096][T28461] netlink: 186 bytes leftover after parsing attributes in process `syz.0.8112'. [ 1291.000262][T28461] netlink: 186 bytes leftover after parsing attributes in process `syz.0.8112'. [ 1292.111276][T28479] netlink: 'syz.4.8116': attribute type 10 has an invalid length. [ 1292.197862][T28479] netlink: 230 bytes leftover after parsing attributes in process `syz.4.8116'. [ 1292.328047][T28479] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 1292.402106][T28481] Process accounting paused [ 1296.071158][T28549] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8140'. [ 1296.109869][T28549] netlink: 25 bytes leftover after parsing attributes in process `syz.1.8140'. [ 1297.039919][T28401] mkiss: ax0: crc mode is auto. [ 1297.309870][T28573] netlink: 54 bytes leftover after parsing attributes in process `syz.1.8146'. [ 1297.431814][T28575] zswap: compressor û not available [ 1297.598741][ T29] audit: type=1800 audit(4294967329.980:30): pid=28583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.8148" name="features" dev="configfs" ino=167157 res=0 errno=0 [ 1298.184782][T28597] ERROR: Out of memory at tomoyo_memory_ok. [ 1300.498511][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.504966][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1301.551543][T28632] ima: policy update failed [ 1301.591765][ T29] audit: type=1802 audit(4294967333.970:31): pid=28632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.8164" res=0 errno=0 [ 1301.804286][T28647] netlink: 25 bytes leftover after parsing attributes in process `syz.4.8169'. [ 1303.087254][T28672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8175'. [ 1303.139748][T28672] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8175'. [ 1303.185656][T28652] Process accounting resumed [ 1304.475197][T28690] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8183'. [ 1304.609852][T28692] FAULT_INJECTION: forcing a failure. [ 1304.609852][T28692] name failslab, interval 1, probability 0, space 0, times 0 [ 1304.731010][T28692] CPU: 0 UID: 0 PID: 28692 Comm: syz.4.8181 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1304.731054][T28692] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1304.731064][T28692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1304.731080][T28692] Call Trace: [ 1304.731089][T28692] [ 1304.731099][T28692] dump_stack_lvl+0x100/0x190 [ 1304.731142][T28692] should_fail_ex.cold+0x5/0xa [ 1304.731172][T28692] should_failslab+0xc2/0x120 [ 1304.731212][T28692] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1304.731250][T28692] ? kstrdup_const+0x63/0x80 [ 1304.731285][T28692] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1304.731326][T28692] kstrdup+0x51/0xe0 [ 1304.731362][T28692] kstrdup_const+0x63/0x80 [ 1304.731397][T28692] kvasprintf_const+0x10f/0x1a0 [ 1304.731437][T28692] kobject_set_name_vargs+0x5a/0x140 [ 1304.731465][T28692] dev_set_name+0xc7/0x100 [ 1304.731506][T28692] ? __pfx_dev_set_name+0x10/0x10 [ 1304.731544][T28692] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1304.731587][T28692] ? lockdep_init_map_type+0x5c/0x250 [ 1304.731620][T28692] ? __init_waitqueue_head+0xca/0x150 [ 1304.731664][T28692] netdev_register_kobject+0xc5/0x3d0 [ 1304.731694][T28692] register_netdevice+0x12e0/0x2210 [ 1304.731741][T28692] ? __pfx_register_netdevice+0x10/0x10 [ 1304.731790][T28692] internal_dev_create+0x2d3/0x520 [ 1304.731833][T28692] ovs_vport_add+0x147/0x4d0 [ 1304.731873][T28692] new_vport+0x16/0x1d0 [ 1304.731912][T28692] ovs_dp_cmd_new+0x65d/0xdf0 [ 1304.731953][T28692] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 1304.731995][T28692] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 1304.732025][T28692] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 1304.732060][T28692] genl_family_rcv_msg_doit+0x214/0x300 [ 1304.732092][T28692] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1304.732120][T28692] ? genl_get_cmd+0x3ef/0x720 [ 1304.732152][T28692] ? bpf_lsm_capable+0x9/0x10 [ 1304.732191][T28692] ? security_capable+0x80/0x260 [ 1304.732220][T28692] ? ns_capable+0xd2/0xf0 [ 1304.732263][T28692] genl_rcv_msg+0x560/0x800 [ 1304.732293][T28692] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1304.732321][T28692] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 1304.732364][T28692] netlink_rcv_skb+0x159/0x420 [ 1304.732404][T28692] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1304.732433][T28692] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1304.732486][T28692] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1304.732530][T28692] genl_rcv+0x28/0x40 [ 1304.732553][T28692] netlink_unicast+0x5aa/0x870 [ 1304.732598][T28692] ? __pfx_netlink_unicast+0x10/0x10 [ 1304.732650][T28692] netlink_sendmsg+0x8b0/0xda0 [ 1304.732696][T28692] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1304.732735][T28692] ? __import_iovec+0x1d2/0x640 [ 1304.732774][T28692] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1304.732808][T28692] ____sys_sendmsg+0xa54/0xc30 [ 1304.732839][T28692] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1304.732873][T28692] ? __pfx_futex_wake_mark+0x10/0x10 [ 1304.732919][T28692] ___sys_sendmsg+0x190/0x1e0 [ 1304.732951][T28692] ? __pfx____sys_sendmsg+0x10/0x10 [ 1304.733017][T28692] __sys_sendmsg+0x170/0x220 [ 1304.733056][T28692] ? __pfx___sys_sendmsg+0x10/0x10 [ 1304.733093][T28692] ? __x64_sys_futex+0x34f/0x4d0 [ 1304.733141][T28692] do_syscall_64+0x106/0xf80 [ 1304.733179][T28692] ? clear_bhb_loop+0x40/0x90 [ 1304.733210][T28692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1304.733237][T28692] RIP: 0033:0x7f29af99c139 [ 1304.733258][T28692] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1304.733284][T28692] RSP: 002b:00007f29b08fd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1304.733309][T28692] RAX: ffffffffffffffda RBX: 00007f29afc15fa0 RCX: 00007f29af99c139 [ 1304.733326][T28692] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000007 [ 1304.733343][T28692] RBP: 00007f29afa327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1304.733359][T28692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1304.733375][T28692] R13: 00007f29afc16038 R14: 00007f29afc15fa0 R15: 00007ffc95c6f628 [ 1304.733408][T28692] [ 1305.587740][T28697] netlink: 'syz.0.8184': attribute type 10 has an invalid length. [ 1305.598443][T28697] netlink: 230 bytes leftover after parsing attributes in process `syz.0.8184'. [ 1306.021435][T28704] netlink: 226 bytes leftover after parsing attributes in process `syz.0.8188'. [ 1306.042183][T28702] FAULT_INJECTION: forcing a failure. [ 1306.042183][T28702] name failslab, interval 1, probability 0, space 0, times 0 [ 1306.058928][T28704] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8188'. [ 1306.085760][T28704] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 1306.158544][T28702] CPU: 0 UID: 0 PID: 28702 Comm: syz.3.8187 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1306.158589][T28702] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1306.158599][T28702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1306.158615][T28702] Call Trace: [ 1306.158624][T28702] [ 1306.158634][T28702] dump_stack_lvl+0x100/0x190 [ 1306.158677][T28702] should_fail_ex.cold+0x5/0xa [ 1306.158707][T28702] should_failslab+0xc2/0x120 [ 1306.158751][T28702] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1306.158779][T28702] ? pagemap_read+0x225/0x830 [ 1306.158803][T28702] ? bpf_lsm_capable+0x9/0x10 [ 1306.158843][T28702] ? security_capable+0x80/0x260 [ 1306.158875][T28702] pagemap_read+0x225/0x830 [ 1306.158904][T28702] ? common_file_perm+0x1ab/0x4f0 [ 1306.158938][T28702] ? __pfx_pagemap_read+0x10/0x10 [ 1306.158970][T28702] ? rw_verify_area+0xce/0x6d0 [ 1306.159002][T28702] ? __pfx_pagemap_read+0x10/0x10 [ 1306.159029][T28702] vfs_read+0x1e4/0xb30 [ 1306.159067][T28702] ? __pfx_vfs_read+0x10/0x10 [ 1306.159101][T28702] ? __fget_files+0x215/0x3d0 [ 1306.159143][T28702] ? __fget_files+0x21f/0x3d0 [ 1306.159187][T28702] ksys_read+0x12a/0x250 [ 1306.159221][T28702] ? __pfx_ksys_read+0x10/0x10 [ 1306.159265][T28702] do_syscall_64+0x106/0xf80 [ 1306.159303][T28702] ? clear_bhb_loop+0x40/0x90 [ 1306.159334][T28702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1306.159361][T28702] RIP: 0033:0x7f3b8ad9c139 [ 1306.159382][T28702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1306.159407][T28702] RSP: 002b:00007f3b88fd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1306.159431][T28702] RAX: ffffffffffffffda RBX: 00007f3b8b016090 RCX: 00007f3b8ad9c139 [ 1306.159448][T28702] RDX: 00000000000039b8 RSI: 0000000000000000 RDI: 0000000000000005 [ 1306.159464][T28702] RBP: 00007f3b8ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1306.159479][T28702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1306.159494][T28702] R13: 00007f3b8b016128 R14: 00007f3b8b016090 R15: 00007ffe99276538 [ 1306.159532][T28702] [ 1307.795197][T28720] netlink: 330 bytes leftover after parsing attributes in process `syz.3.8194'. [ 1308.312980][T28597] mkiss: ax0: crc mode is auto. [ 1309.207200][T28744] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8201'. [ 1309.246936][T28744] netlink: 25 bytes leftover after parsing attributes in process `syz.3.8201'. [ 1309.536996][T28746] ERROR: Out of memory at tomoyo_memory_ok. [ 1311.117860][T28769] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8208'. [ 1312.080138][T28792] netlink: 342 bytes leftover after parsing attributes in process `syz.1.8215'. [ 1312.115806][T28791] FAULT_INJECTION: forcing a failure. [ 1312.115806][T28791] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1312.314215][T28791] CPU: 0 UID: 0 PID: 28791 Comm: syz.3.8214 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1312.314258][T28791] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1312.314268][T28791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1312.314284][T28791] Call Trace: [ 1312.314293][T28791] [ 1312.314303][T28791] dump_stack_lvl+0x100/0x190 [ 1312.314345][T28791] should_fail_ex.cold+0x5/0xa [ 1312.314375][T28791] get_futex_key+0x1d2/0x1620 [ 1312.314406][T28791] ? __pfx_get_futex_key+0x10/0x10 [ 1312.314445][T28791] futex_wake+0xea/0x530 [ 1312.314482][T28791] ? __pfx_futex_wake+0x10/0x10 [ 1312.314521][T28791] ? putname+0xb1/0x110 [ 1312.314559][T28791] ? kmem_cache_free+0x124/0x6a0 [ 1312.314595][T28791] do_futex+0x32b/0x350 [ 1312.314624][T28791] ? __pfx_do_futex+0x10/0x10 [ 1312.314652][T28791] ? __pfx_do_sys_openat2+0x10/0x10 [ 1312.314683][T28791] ? __fget_files+0x21f/0x3d0 [ 1312.314722][T28791] __x64_sys_futex+0x34f/0x4d0 [ 1312.314759][T28791] ? __x64_sys_openat+0x12d/0x210 [ 1312.314788][T28791] ? __pfx___x64_sys_futex+0x10/0x10 [ 1312.314830][T28791] do_syscall_64+0x106/0xf80 [ 1312.314868][T28791] ? clear_bhb_loop+0x40/0x90 [ 1312.314899][T28791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1312.314925][T28791] RIP: 0033:0x7f3b8ad9c139 [ 1312.314947][T28791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1312.314973][T28791] RSP: 002b:00007f3b88fb40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1312.314997][T28791] RAX: ffffffffffffffda RBX: 00007f3b8b016188 RCX: 00007f3b8ad9c139 [ 1312.315021][T28791] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3b8b01618c [ 1312.315037][T28791] RBP: 00007f3b8b016180 R08: 0000000000000000 R09: 0000000000000000 [ 1312.315053][T28791] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 1312.315068][T28791] R13: 00007f3b8b016218 R14: 00007ffe99276450 R15: 00007ffe99276538 [ 1312.315101][T28791] [ 1312.815415][ T29] audit: type=1326 audit(4294967344.930:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28785 comm="syz.3.8214" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3b8ad9c139 code=0x0 [ 1313.338623][T28805] netlink: 13 bytes leftover after parsing attributes in process `syz.4.8220'. [ 1313.981428][T28820] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8226'. [ 1314.502982][T28823] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8227'. [ 1314.547313][T28823] vlan1: entered promiscuous mode [ 1314.580166][T28823] vlan1: entered allmulticast mode [ 1314.604995][T28823] veth0_vlan: entered allmulticast mode [ 1315.327085][T28837] netlink: 342 bytes leftover after parsing attributes in process `syz.1.8232'. [ 1316.159413][T28851] netlink: 186 bytes leftover after parsing attributes in process `syz.3.8237'. [ 1316.681543][T28861] netlink: 62 bytes leftover after parsing attributes in process `syz.4.8241'. [ 1316.733529][T28856] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8239'. [ 1318.024280][T28879] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8247'. [ 1318.118704][T28879] bridge0: port 3(vlan0) entered disabled state [ 1318.207918][T28879] vlan0 (unregistering): left allmulticast mode [ 1318.256152][T28879] vlan0 (unregistering): left promiscuous mode [ 1318.297979][T28879] bridge0: port 3(vlan0) entered disabled state [ 1319.040988][T28893] netlink: 334 bytes leftover after parsing attributes in process `syz.4.8253'. [ 1319.187170][T28898] FAULT_INJECTION: forcing a failure. [ 1319.187170][T28898] name failslab, interval 1, probability 0, space 0, times 0 [ 1319.270073][T28898] CPU: 0 UID: 0 PID: 28898 Comm: syz.1.8256 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1319.270117][T28898] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1319.270127][T28898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1319.270143][T28898] Call Trace: [ 1319.270153][T28898] [ 1319.270162][T28898] dump_stack_lvl+0x100/0x190 [ 1319.270205][T28898] should_fail_ex.cold+0x5/0xa [ 1319.270235][T28898] should_failslab+0xc2/0x120 [ 1319.270275][T28898] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1319.270308][T28898] ? __proc_create+0x2cb/0x8c0 [ 1319.270349][T28898] __proc_create+0x2cb/0x8c0 [ 1319.270385][T28898] ? __pfx___proc_create+0x10/0x10 [ 1319.270426][T28898] ? _raw_write_unlock+0x28/0x50 [ 1319.270475][T28898] proc_create_reg+0x75/0x170 [ 1319.270515][T28898] proc_create_net_data+0x8e/0x1c0 [ 1319.270553][T28898] ? __pfx_proc_create_net_data+0x10/0x10 [ 1319.270591][T28898] ? __pfx_proc_create_net_data+0x10/0x10 [ 1319.270627][T28898] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1319.270659][T28898] ? __pfx_dev_proc_net_init+0x10/0x10 [ 1319.270693][T28898] wext_proc_init+0x53/0x80 [ 1319.270734][T28898] dev_proc_net_init+0x112/0x230 [ 1319.270768][T28898] ops_init+0x1e2/0x5f0 [ 1319.270811][T28898] setup_net+0x118/0x3a0 [ 1319.270851][T28898] ? __pfx_setup_net+0x10/0x10 [ 1319.270888][T28898] ? lockdep_init_map_type+0x5c/0x250 [ 1319.270921][T28898] ? mutex_init_lockep+0x110/0x150 [ 1319.270958][T28898] copy_net_ns+0x46f/0x7c0 [ 1319.270985][T28898] create_new_namespaces+0x3ea/0xac0 [ 1319.271035][T28898] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1319.271064][T28898] ksys_unshare+0x455/0xab0 [ 1319.271100][T28898] ? __pfx_ksys_unshare+0x10/0x10 [ 1319.271142][T28898] __x64_sys_unshare+0x31/0x40 [ 1319.271173][T28898] do_syscall_64+0x106/0xf80 [ 1319.271211][T28898] ? clear_bhb_loop+0x40/0x90 [ 1319.271242][T28898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1319.271268][T28898] RIP: 0033:0x7f700099c139 [ 1319.271289][T28898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1319.271314][T28898] RSP: 002b:00007f700190f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1319.271338][T28898] RAX: ffffffffffffffda RBX: 00007f7000c16090 RCX: 00007f700099c139 [ 1319.271355][T28898] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1319.271370][T28898] RBP: 00007f7000a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1319.271386][T28898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1319.271402][T28898] R13: 00007f7000c16128 R14: 00007f7000c16090 R15: 00007ffdd5d058e8 [ 1319.271435][T28898] [ 1320.399305][T28746] mkiss: ax0: crc mode is auto. [ 1321.237377][T28927] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8265'. [ 1321.572509][T28929] ERROR: Out of memory at tomoyo_memory_ok. [ 1321.802759][T28933] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 1322.757471][T28934] Process accounting resumed [ 1324.003039][T28966] FAULT_INJECTION: forcing a failure. [ 1324.003039][T28966] name failslab, interval 1, probability 0, space 0, times 0 [ 1324.069337][T28966] CPU: 0 UID: 0 PID: 28966 Comm: syz.1.8279 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1324.069380][T28966] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1324.069390][T28966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1324.069407][T28966] Call Trace: [ 1324.069415][T28966] [ 1324.069425][T28966] dump_stack_lvl+0x100/0x190 [ 1324.069467][T28966] should_fail_ex.cold+0x5/0xa [ 1324.069496][T28966] ? tomoyo_init_log+0x1224/0x20c0 [ 1324.069535][T28966] should_failslab+0xc2/0x120 [ 1324.069573][T28966] __kmalloc_noprof+0xe0/0x850 [ 1324.069628][T28966] tomoyo_init_log+0x1224/0x20c0 [ 1324.069679][T28966] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1324.069736][T28966] ? __pfx_tomoyo_init_log+0x10/0x10 [ 1324.069791][T28966] tomoyo_write_log2+0x2ed/0xbc0 [ 1324.069836][T28966] tomoyo_supervisor+0x15e/0x1340 [ 1324.069868][T28966] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 1324.069908][T28966] ? kasan_quarantine_put+0x104/0x240 [ 1324.069946][T28966] ? tomoyo_check_path_acl+0x141/0x210 [ 1324.069980][T28966] ? tomoyo_check_acl+0x1f7/0x410 [ 1324.070024][T28966] tomoyo_path_permission+0x270/0x3b0 [ 1324.070064][T28966] tomoyo_check_open_permission+0x37f/0x3c0 [ 1324.070101][T28966] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1324.070172][T28966] ? lock_acquire+0x1cf/0x380 [ 1324.070202][T28966] ? find_held_lock+0x2b/0x80 [ 1324.070249][T28966] tomoyo_file_open+0x6b/0x90 [ 1324.070283][T28966] security_file_open+0xb5/0x1e0 [ 1324.070322][T28966] do_dentry_open+0x5aa/0x1660 [ 1324.070369][T28966] vfs_open+0x82/0x3f0 [ 1324.070399][T28966] path_openat+0x208c/0x31a0 [ 1324.070447][T28966] ? __pfx_path_openat+0x10/0x10 [ 1324.070497][T28966] do_file_open+0x20e/0x430 [ 1324.070537][T28966] ? __pfx_do_file_open+0x10/0x10 [ 1324.070597][T28966] ? alloc_fd+0x476/0x790 [ 1324.070636][T28966] ? do_getname+0x191/0x390 [ 1324.070665][T28966] do_sys_openat2+0x10d/0x1e0 [ 1324.070693][T28966] ? __pfx_do_sys_openat2+0x10/0x10 [ 1324.070723][T28966] ? __fget_files+0x21f/0x3d0 [ 1324.070765][T28966] __x64_sys_openat+0x12d/0x210 [ 1324.070794][T28966] ? __pfx___x64_sys_openat+0x10/0x10 [ 1324.070835][T28966] do_syscall_64+0x106/0xf80 [ 1324.070872][T28966] ? clear_bhb_loop+0x40/0x90 [ 1324.070904][T28966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1324.070930][T28966] RIP: 0033:0x7f700099c139 [ 1324.070952][T28966] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1324.070977][T28966] RSP: 002b:00007f7001930028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1324.071000][T28966] RAX: ffffffffffffffda RBX: 00007f7000c15fa0 RCX: 00007f700099c139 [ 1324.071018][T28966] RDX: 00000000000c0802 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1324.071035][T28966] RBP: 00007f7000a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1324.071050][T28966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1324.071066][T28966] R13: 00007f7000c16038 R14: 00007f7000c15fa0 R15: 00007ffdd5d058e8 [ 1324.071099][T28966] [ 1326.493054][T28996] FAULT_INJECTION: forcing a failure. [ 1326.493054][T28996] name failslab, interval 1, probability 0, space 0, times 0 [ 1326.628841][T28996] CPU: 0 UID: 0 PID: 28996 Comm: syz.4.8288 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1326.628884][T28996] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1326.628894][T28996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1326.628910][T28996] Call Trace: [ 1326.628919][T28996] [ 1326.628930][T28996] dump_stack_lvl+0x100/0x190 [ 1326.628972][T28996] should_fail_ex.cold+0x5/0xa [ 1326.629001][T28996] should_failslab+0xc2/0x120 [ 1326.629041][T28996] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1326.629076][T28996] ? __d_alloc+0x34/0xa80 [ 1326.629116][T28996] ? node_tag_clear+0x110/0x270 [ 1326.629154][T28996] __d_alloc+0x34/0xa80 [ 1326.629199][T28996] d_alloc_pseudo+0x1c/0xc0 [ 1326.629230][T28996] alloc_file_pseudo+0xcf/0x230 [ 1326.629258][T28996] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1326.629288][T28996] ? _raw_spin_unlock+0x28/0x50 [ 1326.629320][T28996] ? alloc_fd+0x476/0x790 [ 1326.629358][T28996] __anon_inode_getfile+0xe8/0x280 [ 1326.629404][T28996] __anon_inode_getfd+0x5c/0xe0 [ 1326.629432][T28996] map_create+0x17fc/0x2ba0 [ 1326.629470][T28996] ? preempt_schedule_thunk+0x16/0x30 [ 1326.629511][T28996] ? __pfx_map_create+0x10/0x10 [ 1326.629547][T28996] ? __might_fault+0xc5/0x140 [ 1326.629577][T28996] ? __might_fault+0xc5/0x140 [ 1326.629619][T28996] __sys_bpf+0x2091/0x4b90 [ 1326.629642][T28996] ? futex_private_hash_put+0x107/0x1c0 [ 1326.629673][T28996] ? __pfx___sys_bpf+0x10/0x10 [ 1326.629701][T28996] ? __pfx_futex_wake+0x10/0x10 [ 1326.629739][T28996] ? ksys_write+0x190/0x250 [ 1326.629788][T28996] ? do_futex+0x192/0x350 [ 1326.629835][T28996] ? xfd_validate_state+0x129/0x190 [ 1326.629879][T28996] __x64_sys_bpf+0x7b/0xc0 [ 1326.629904][T28996] ? lockdep_hardirqs_on+0x78/0x100 [ 1326.629943][T28996] do_syscall_64+0x106/0xf80 [ 1326.629979][T28996] ? clear_bhb_loop+0x40/0x90 [ 1326.630010][T28996] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1326.630037][T28996] RIP: 0033:0x7f29af99c139 [ 1326.630058][T28996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1326.630084][T28996] RSP: 002b:00007f29b08dc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1326.630108][T28996] RAX: ffffffffffffffda RBX: 00007f29afc16090 RCX: 00007f29af99c139 [ 1326.630126][T28996] RDX: 000000000000000f RSI: 00002000000001c0 RDI: 0000000000000000 [ 1326.630142][T28996] RBP: 00007f29afa327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1326.630158][T28996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1326.630174][T28996] R13: 00007f29afc16128 R14: 00007f29afc16090 R15: 00007ffc95c6f628 [ 1326.630207][T28996] [ 1328.256218][T29012] futex_wake_op: syz.4.8293 tries to shift op by -2048; fix this program [ 1328.377739][T29014] netlink: 'syz.3.8294': attribute type 28 has an invalid length. [ 1328.412860][T29014] netlink: 'syz.3.8294': attribute type 3 has an invalid length. [ 1328.463516][T29014] netlink: 306 bytes leftover after parsing attributes in process `syz.3.8294'. [ 1328.594397][T29018] netlink: 'syz.1.8295': attribute type 19 has an invalid length. [ 1328.642238][T29018] netlink: 226 bytes leftover after parsing attributes in process `syz.1.8295'. [ 1328.756592][T29020] netlink: 342 bytes leftover after parsing attributes in process `syz.3.8297'. [ 1329.227514][T29027] ERROR: Out of memory at tomoyo_memory_ok. [ 1329.835092][T29046] zswap: compressor not available [ 1332.327853][T29094] netlink: 'syz.1.8322': attribute type 15 has an invalid length. [ 1332.353638][T29094] netlink: 'syz.1.8322': attribute type 16 has an invalid length. [ 1332.385665][T29094] netlink: 194 bytes leftover after parsing attributes in process `syz.1.8322'. [ 1332.797262][T29106] ERROR: Out of memory at tomoyo_memory_ok. [ 1333.350428][ T29] audit: type=1107 audit(4294967365.738:33): pid=29108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1333.373370][ T29] audit: type=1107 audit(4294967365.758:34): pid=29108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1333.902553][T29116] Process accounting paused [ 1333.933146][T29114] FAULT_INJECTION: forcing a failure. [ 1333.933146][T29114] name failslab, interval 1, probability 0, space 0, times 0 [ 1334.009267][T29114] CPU: 0 UID: 0 PID: 29114 Comm: syz.1.8329 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1334.009312][T29114] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1334.009322][T29114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1334.009338][T29114] Call Trace: [ 1334.009347][T29114] [ 1334.009357][T29114] dump_stack_lvl+0x100/0x190 [ 1334.009408][T29114] should_fail_ex.cold+0x5/0xa [ 1334.009438][T29114] should_failslab+0xc2/0x120 [ 1334.009477][T29114] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1334.009506][T29114] ? fscontext_alloc_log+0x4a/0x1b0 [ 1334.009534][T29114] ? v9fs_init_fs_context+0x43d/0x590 [ 1334.009568][T29114] fscontext_alloc_log+0x4a/0x1b0 [ 1334.009598][T29114] __x64_sys_fsopen+0x159/0x220 [ 1334.009627][T29114] do_syscall_64+0x106/0xf80 [ 1334.009665][T29114] ? clear_bhb_loop+0x40/0x90 [ 1334.009695][T29114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1334.009722][T29114] RIP: 0033:0x7f700099c139 [ 1334.009742][T29114] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1334.009767][T29114] RSP: 002b:00007f7001930028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 1334.009795][T29114] RAX: ffffffffffffffda RBX: 00007f7000c15fa0 RCX: 00007f700099c139 [ 1334.009812][T29114] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1334.009828][T29114] RBP: 00007f7000a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1334.009843][T29114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1334.009858][T29114] R13: 00007f7000c16038 R14: 00007f7000c15fa0 R15: 00007ffdd5d058e8 [ 1334.009890][T29114] [ 1334.205603][T29126] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8334'. [ 1334.409872][T29131] netlink: 186 bytes leftover after parsing attributes in process `syz.4.8337'. [ 1336.021590][T29163] HfR: entered promiscuous mode [ 1336.126119][T29165] netlink: 504 bytes leftover after parsing attributes in process `syz.1.8346'. [ 1336.184443][T29165] netlink: 504 bytes leftover after parsing attributes in process `syz.1.8346'. [ 1336.301273][T29169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8348'. [ 1336.352442][T29173] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8348'. [ 1336.771629][T29176] sp0: Synchronizing with TNC [ 1338.966945][T29214] sp0: Synchronizing with TNC [ 1340.526276][T29235] ERROR: Out of memory at tomoyo_memory_ok. [ 1340.797318][T29245] netlink: 25 bytes leftover after parsing attributes in process `syz.1.8372'. [ 1341.217753][T29249] netlink: 226 bytes leftover after parsing attributes in process `syz.1.8373'. [ 1341.769124][T29255] futex_wake_op: syz.1.8375 tries to shift op by -2048; fix this program [ 1341.858907][T29258] queue_state_write: unsupported operation '' [ 1341.865715][T29258] queue_state_write: use 'run', 'start' or 'kick' [ 1346.408058][T29305] sp0: Synchronizing with TNC [ 1348.004080][T29332] FAULT_INJECTION: forcing a failure. [ 1348.004080][T29332] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1348.103471][T29332] CPU: 0 UID: 0 PID: 29332 Comm: syz.4.8397 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1348.103514][T29332] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1348.103524][T29332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1348.103540][T29332] Call Trace: [ 1348.103549][T29332] [ 1348.103559][T29332] dump_stack_lvl+0x100/0x190 [ 1348.103601][T29332] should_fail_ex.cold+0x5/0xa [ 1348.103626][T29332] ? prepare_alloc_pages+0x16d/0x5f0 [ 1348.103670][T29332] should_fail_alloc_page+0xeb/0x140 [ 1348.103711][T29332] prepare_alloc_pages+0x1f0/0x5f0 [ 1348.103752][T29332] ? rcu_is_watching+0x12/0xc0 [ 1348.103793][T29332] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1348.103827][T29332] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 1348.103863][T29332] ? __pfx_css_rstat_updated+0x10/0x10 [ 1348.103897][T29332] ? find_held_lock+0x2b/0x80 [ 1348.103937][T29332] ? rcu_read_unlock+0x17/0x60 [ 1348.103990][T29332] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1348.104023][T29332] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1348.104057][T29332] ? page_counter_charge+0x1d2/0x240 [ 1348.104086][T29332] ? rcu_is_watching+0x12/0xc0 [ 1348.104123][T29332] ? trace_mm_page_alloc+0x17a/0x1d0 [ 1348.104176][T29332] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1348.104217][T29332] ? policy_nodemask+0xed/0x4f0 [ 1348.104258][T29332] alloc_pages_mpol+0x1fb/0x550 [ 1348.104299][T29332] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1348.104339][T29332] ? do_raw_spin_lock+0x128/0x260 [ 1348.104374][T29332] ? find_held_lock+0x2b/0x80 [ 1348.104412][T29332] ? __pud_alloc+0x575/0x760 [ 1348.104439][T29332] alloc_pages_noprof+0x131/0x390 [ 1348.104480][T29332] __pmd_alloc+0x3b/0x9c0 [ 1348.104503][T29332] ? __pud_alloc+0x57a/0x760 [ 1348.104528][T29332] walk_to_pmd+0x3a3/0x4c0 [ 1348.104556][T29332] get_locked_pte+0x25/0xc0 [ 1348.104582][T29332] map_ldt_struct+0x3c1/0xa70 [ 1348.104632][T29332] ? __pfx_map_ldt_struct+0x10/0x10 [ 1348.104674][T29332] ? alloc_pages_noprof+0x233/0x390 [ 1348.104719][T29332] write_ldt+0x6d3/0xd40 [ 1348.104771][T29332] ? __pfx_write_ldt+0x10/0x10 [ 1348.104814][T29332] ? xfd_validate_state+0x129/0x190 [ 1348.104858][T29332] __x64_sys_modify_ldt+0xb1/0x170 [ 1348.104884][T29332] do_syscall_64+0x106/0xf80 [ 1348.104922][T29332] ? clear_bhb_loop+0x40/0x90 [ 1348.104959][T29332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1348.104986][T29332] RIP: 0033:0x7f29af99c139 [ 1348.105007][T29332] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1348.105032][T29332] RSP: 002b:00007f29b08fd028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 1348.105056][T29332] RAX: ffffffffffffffda RBX: 00007f29afc15fa0 RCX: 00007f29af99c139 [ 1348.105073][T29332] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001 [ 1348.105090][T29332] RBP: 00007f29afa327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1348.105106][T29332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1348.105121][T29332] R13: 00007f29afc16038 R14: 00007f29afc15fa0 R15: 00007ffc95c6f628 [ 1348.105154][T29332] [ 1348.875843][ T29] audit: type=1800 audit(4294967381.198:35): pid=29337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.8397" name="trace_marker" dev="tracefs" ino=742 res=0 errno=0 [ 1349.252858][T29340] netlink: 330 bytes leftover after parsing attributes in process `syz.3.8401'. [ 1349.494837][T29343] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8402'. [ 1349.527303][T29343] netlink: 13 bytes leftover after parsing attributes in process `syz.4.8402'. [ 1349.839937][ T5829] Bluetooth: hci2: Malformed Event: 0x02 [ 1350.143767][T29349] vhci_hcd vhci_hcd.2: invalid port number 255 [ 1350.354520][T29354] FAULT_INJECTION: forcing a failure. [ 1350.354520][T29354] name failslab, interval 1, probability 0, space 0, times 0 [ 1350.491742][T29354] CPU: 0 UID: 0 PID: 29354 Comm: syz.3.8406 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1350.491784][T29354] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1350.491794][T29354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1350.491819][T29354] Call Trace: [ 1350.491828][T29354] [ 1350.491838][T29354] dump_stack_lvl+0x100/0x190 [ 1350.491880][T29354] should_fail_ex.cold+0x5/0xa [ 1350.491911][T29354] should_failslab+0xc2/0x120 [ 1350.491950][T29354] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1350.491985][T29354] ? __d_alloc+0x34/0xa80 [ 1350.492031][T29354] __d_alloc+0x34/0xa80 [ 1350.492078][T29354] d_alloc+0x4a/0x1e0 [ 1350.492119][T29354] lookup_one_qstr_excl+0x175/0x250 [ 1350.492150][T29354] start_dirop+0x59/0xb0 [ 1350.492186][T29354] simple_start_creating+0xf9/0x110 [ 1350.492222][T29354] ? __pfx_simple_start_creating+0x10/0x10 [ 1350.492260][T29354] ? mntput+0x70/0xa0 [ 1350.492292][T29354] ? simple_pin_fs+0xa3/0x190 [ 1350.492324][T29354] debugfs_start_creating.part.0+0x82/0x170 [ 1350.492360][T29354] __debugfs_create_file+0xb3/0x4f0 [ 1350.492397][T29354] debugfs_create_file_full+0x41/0x60 [ 1350.492434][T29354] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 1350.492474][T29354] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 1350.492536][T29354] ? __kvmalloc_node_noprof+0x37b/0xa00 [ 1350.492570][T29354] ? alloc_netdev_mqs+0xd7/0x14f0 [ 1350.492609][T29354] ? lockdep_init_map_type+0x5c/0x250 [ 1350.492645][T29354] ? __pfx_sl_setup+0x10/0x10 [ 1350.492683][T29354] alloc_netdev_mqs+0x314/0x14f0 [ 1350.492729][T29354] slip_open+0x367/0x1120 [ 1350.492771][T29354] ? __pfx___might_resched+0x10/0x10 [ 1350.492812][T29354] ? find_held_lock+0x2b/0x80 [ 1350.492852][T29354] ? __pfx_slip_open+0x10/0x10 [ 1350.492890][T29354] ? tty_set_ldisc+0x2b1/0x740 [ 1350.492935][T29354] ? __pfx_slip_open+0x10/0x10 [ 1350.492974][T29354] tty_ldisc_open+0xa2/0x120 [ 1350.493014][T29354] tty_set_ldisc+0x325/0x740 [ 1350.493058][T29354] tty_ioctl+0x695/0x1690 [ 1350.493085][T29354] ? __pfx_tty_ioctl+0x10/0x10 [ 1350.493119][T29354] ? find_held_lock+0x2b/0x80 [ 1350.493158][T29354] ? __fget_files+0x215/0x3d0 [ 1350.493192][T29354] ? hook_file_ioctl_common+0x146/0x410 [ 1350.493234][T29354] ? __fget_files+0x21f/0x3d0 [ 1350.493274][T29354] ? __pfx_tty_ioctl+0x10/0x10 [ 1350.493300][T29354] __x64_sys_ioctl+0x18e/0x210 [ 1350.493334][T29354] do_syscall_64+0x106/0xf80 [ 1350.493372][T29354] ? clear_bhb_loop+0x40/0x90 [ 1350.493405][T29354] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1350.493431][T29354] RIP: 0033:0x7f3b8ad9c139 [ 1350.493453][T29354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1350.493479][T29354] RSP: 002b:00007f3b88fd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1350.493503][T29354] RAX: ffffffffffffffda RBX: 00007f3b8b016090 RCX: 00007f3b8ad9c139 [ 1350.493521][T29354] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000005 [ 1350.493537][T29354] RBP: 00007f3b8ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1350.493553][T29354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1350.493569][T29354] R13: 00007f3b8b016128 R14: 00007f3b8b016090 R15: 00007ffe99276538 [ 1350.493602][T29354] [ 1352.491141][T29369] ERROR: Out of memory at tomoyo_memory_ok. [ 1353.772914][T25521] Bluetooth: hci2: command 0x0406 tx timeout [ 1353.818108][T29390] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1354.202356][T29371] Process accounting paused [ 1357.031725][T29444] random: crng reseeded on system resumption [ 1357.966410][T29456] netlink: 'syz.3.8424': attribute type 16 has an invalid length. [ 1358.036081][T29456] netlink: 226 bytes leftover after parsing attributes in process `syz.3.8424'. [ 1358.117332][T29456] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8424'. [ 1358.826564][T29460] netlink: 186 bytes leftover after parsing attributes in process `syz.3.8425'. [ 1358.886974][T29460] netlink: 186 bytes leftover after parsing attributes in process `syz.3.8425'. [ 1359.488924][T29468] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 1359.792834][ T5177] ERROR: Out of memory at tomoyo_memory_ok. [ 1359.800326][T29470] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8429'. [ 1359.894835][T29470] netlink: 25 bytes leftover after parsing attributes in process `syz.4.8429'. [ 1361.494375][T29485] netlink: 306 bytes leftover after parsing attributes in process `syz.0.8434'. [ 1361.934608][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.941127][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1363.775305][T29508] ERROR: Out of memory at tomoyo_memory_ok. [ 1365.150437][T29510] Process accounting resumed [ 1366.006365][T29519] FAULT_INJECTION: forcing a failure. [ 1366.006365][T29519] name failslab, interval 1, probability 0, space 0, times 0 [ 1366.101915][T29519] CPU: 0 UID: 0 PID: 29519 Comm: syz.3.8447 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1366.101958][T29519] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1366.101969][T29519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1366.101985][T29519] Call Trace: [ 1366.101994][T29519] [ 1366.102004][T29519] dump_stack_lvl+0x100/0x190 [ 1366.102047][T29519] should_fail_ex.cold+0x5/0xa [ 1366.102076][T29519] should_failslab+0xc2/0x120 [ 1366.102116][T29519] __kvmalloc_node_noprof+0xfa/0xa00 [ 1366.102151][T29519] ? bucket_table_alloc.isra.0+0x88/0x460 [ 1366.102191][T29519] bucket_table_alloc.isra.0+0x88/0x460 [ 1366.102225][T29519] rhashtable_init_noprof+0x43b/0x7d0 [ 1366.102255][T29519] ? __init_waitqueue_head+0xca/0x150 [ 1366.102296][T29519] rhltable_init_noprof+0x20/0x60 [ 1366.102328][T29519] sta_info_init+0x27/0x160 [ 1366.102373][T29519] ieee80211_alloc_hw_nm+0x836/0x22a0 [ 1366.102412][T29519] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 1366.102457][T29519] ? __asan_memset+0x23/0x50 [ 1366.102487][T29519] ? __nla_validate_parse+0x1e7/0x28b0 [ 1366.102513][T29519] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1366.102552][T29519] hwsim_new_radio_nl+0xc1f/0x1340 [ 1366.102584][T29519] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1366.102622][T29519] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 1366.102652][T29519] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 1366.102688][T29519] genl_family_rcv_msg_doit+0x214/0x300 [ 1366.102719][T29519] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1366.102747][T29519] ? genl_get_cmd+0x3ef/0x720 [ 1366.102779][T29519] ? bpf_lsm_capable+0x9/0x10 [ 1366.102819][T29519] ? security_capable+0x80/0x260 [ 1366.102848][T29519] ? ns_capable+0xd2/0xf0 [ 1366.102891][T29519] genl_rcv_msg+0x560/0x800 [ 1366.102921][T29519] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1366.102955][T29519] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1366.102995][T29519] netlink_rcv_skb+0x159/0x420 [ 1366.103036][T29519] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1366.103065][T29519] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1366.103119][T29519] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1366.103163][T29519] genl_rcv+0x28/0x40 [ 1366.103185][T29519] netlink_unicast+0x5aa/0x870 [ 1366.103231][T29519] ? __pfx_netlink_unicast+0x10/0x10 [ 1366.103283][T29519] netlink_sendmsg+0x8b0/0xda0 [ 1366.103328][T29519] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1366.103368][T29519] ? __import_iovec+0x1d2/0x640 [ 1366.103429][T29519] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1366.103463][T29519] ____sys_sendmsg+0xa54/0xc30 [ 1366.103502][T29519] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1366.103535][T29519] ? try_to_wake_up+0x644/0x1a80 [ 1366.103582][T29519] ___sys_sendmsg+0x190/0x1e0 [ 1366.103613][T29519] ? __pfx____sys_sendmsg+0x10/0x10 [ 1366.103643][T29519] ? futex_private_hash_put+0x107/0x1c0 [ 1366.103704][T29519] __sys_sendmsg+0x170/0x220 [ 1366.103743][T29519] ? __pfx___sys_sendmsg+0x10/0x10 [ 1366.103780][T29519] ? __x64_sys_futex+0x34f/0x4d0 [ 1366.103828][T29519] do_syscall_64+0x106/0xf80 [ 1366.103866][T29519] ? clear_bhb_loop+0x40/0x90 [ 1366.103897][T29519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1366.103924][T29519] RIP: 0033:0x7f3b8ad9c139 [ 1366.103946][T29519] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1366.103972][T29519] RSP: 002b:00007f3b88ff6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1366.103997][T29519] RAX: ffffffffffffffda RBX: 00007f3b8b015fa0 RCX: 00007f3b8ad9c139 [ 1366.104014][T29519] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 1366.104030][T29519] RBP: 00007f3b8ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1366.104047][T29519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1366.104063][T29519] R13: 00007f3b8b016038 R14: 00007f3b8b015fa0 R15: 00007ffe99276538 [ 1366.104096][T29519] [ 1366.488127][T29523] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8448'. [ 1366.498239][T29523] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8448'. [ 1367.289205][T29530] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8450'. [ 1370.172074][T29559] netlink: 62 bytes leftover after parsing attributes in process `syz.4.8461'. [ 1370.799947][T29567] HfR: entered promiscuous mode [ 1372.059921][T29580] random: crng reseeded on system resumption [ 1373.429530][T29582] ================================================================== [ 1373.429560][T29582] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60 [ 1373.429591][T29582] Write of size 8 at addr ffffc900040290a0 by task syz.1.8467/29582 [ 1373.429612][T29582] [ 1373.429630][T29582] CPU: 0 UID: 0 PID: 29582 Comm: syz.1.8467 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1373.429667][T29582] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1373.429677][T29582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1373.429693][T29582] Call Trace: [ 1373.429701][T29582] [ 1373.429711][T29582] dump_stack_lvl+0x100/0x190 [ 1373.429747][T29582] print_report+0x156/0x4c9 [ 1373.429781][T29582] ? _raw_spin_lock_irqsave+0x52/0x60 [ 1373.429825][T29582] ? __virt_addr_valid+0x81/0x620 [ 1373.429858][T29582] ? sys_imageblit+0x19fb/0x1d60 [ 1373.429881][T29582] kasan_report+0xdf/0x1e0 [ 1373.429918][T29582] ? sys_imageblit+0x19fb/0x1d60 [ 1373.429944][T29582] sys_imageblit+0x19fb/0x1d60 [ 1373.429969][T29582] ? _prb_read_valid+0x72a/0x880 [ 1373.430001][T29582] ? __pfx_sys_imageblit+0x10/0x10 [ 1373.430026][T29582] ? __pfx__prb_read_valid+0x10/0x10 [ 1373.430056][T29582] ? __asan_memcpy+0x3c/0x60 [ 1373.430086][T29582] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 1373.430136][T29582] soft_cursor+0x524/0xa10 [ 1373.430174][T29582] ? fb_get_color_depth+0x120/0x250 [ 1373.430209][T29582] bit_cursor+0xe58/0x16f0 [ 1373.430248][T29582] ? __pfx_bit_cursor+0x10/0x10 [ 1373.430288][T29582] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1373.430328][T29582] ? get_color+0x1da/0x450 [ 1373.430357][T29582] ? __pfx_bit_cursor+0x10/0x10 [ 1373.430391][T29582] fbcon_cursor+0x43c/0x5e0 [ 1373.430424][T29582] hide_cursor+0x87/0x230 [ 1373.430461][T29582] do_con_write+0x23fe/0x8540 [ 1373.430488][T29582] ? rcu_is_watching+0x12/0xc0 [ 1373.430524][T29582] ? trace_contention_end+0x140/0x180 [ 1373.430557][T29582] ? __mutex_lock+0x26a/0x1b90 [ 1373.430596][T29582] ? find_held_lock+0x2b/0x80 [ 1373.430635][T29582] ? n_tty_write+0x512/0x12d0 [ 1373.430665][T29582] ? n_tty_write+0x47e/0x12d0 [ 1373.430697][T29582] ? __pfx_do_con_write+0x10/0x10 [ 1373.430722][T29582] ? __pfx___mutex_lock+0x10/0x10 [ 1373.430772][T29582] ? __mutex_unlock_slowpath+0x15c/0x790 [ 1373.430838][T29582] ? __pfx_console_unlock+0x10/0x10 [ 1373.430876][T29582] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1373.430920][T29582] con_write+0x23/0xb0 [ 1373.430944][T29582] do_output_char+0x63b/0x850 [ 1373.430974][T29582] n_tty_write+0x528/0x12d0 [ 1373.431012][T29582] ? __pfx_n_tty_write+0x10/0x10 [ 1373.431044][T29582] ? __pfx_woken_wake_function+0x10/0x10 [ 1373.431082][T29582] ? __pfx___might_resched+0x10/0x10 [ 1373.431119][T29582] ? __pfx_n_tty_write+0x10/0x10 [ 1373.431151][T29582] file_tty_write.isra.0+0x4d2/0x890 [ 1373.431180][T29582] redirected_tty_write+0xd4/0x120 [ 1373.431206][T29582] vfs_write+0x6ac/0x1070 [ 1373.431240][T29582] ? __pfx_redirected_tty_write+0x10/0x10 [ 1373.431268][T29582] ? __pfx_vfs_write+0x10/0x10 [ 1373.431312][T29582] ? find_held_lock+0x2b/0x80 [ 1373.431359][T29582] ksys_write+0x12a/0x250 [ 1373.431392][T29582] ? __pfx_ksys_write+0x10/0x10 [ 1373.431430][T29582] do_syscall_64+0x106/0xf80 [ 1373.431465][T29582] ? clear_bhb_loop+0x40/0x90 [ 1373.431493][T29582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1373.431518][T29582] RIP: 0033:0x7f700099c139 [ 1373.431537][T29582] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1373.431562][T29582] RSP: 002b:00007f7001930028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1373.431585][T29582] RAX: ffffffffffffffda RBX: 00007f7000c15fa0 RCX: 00007f700099c139 [ 1373.431603][T29582] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000006 [ 1373.431618][T29582] RBP: 00007f7000a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1373.431634][T29582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1373.431650][T29582] R13: 00007f7000c16038 R14: 00007f7000c15fa0 R15: 00007ffdd5d058e8 [ 1373.431675][T29582] [ 1373.431684][T29582] [ 1373.431692][T29582] The buggy address belongs to a vmalloc virtual mapping [ 1373.431730][T29582] Memory state around the buggy address: [ 1373.431744][T29582] ffffc90004028f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1373.431763][T29582] ffffc90004029000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1373.431782][T29582] >ffffc90004029080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1373.431803][T29582] ^ [ 1373.431817][T29582] ffffc90004029100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1373.431835][T29582] ffffc90004029180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1373.431850][T29582] ================================================================== [ 1373.522506][T29582] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1373.522532][T29582] CPU: 0 UID: 0 PID: 29582 Comm: syz.1.8467 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1373.522573][T29582] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1373.522584][T29582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1373.522600][T29582] Call Trace: [ 1373.522610][T29582] [ 1373.522620][T29582] dump_stack_lvl+0x100/0x190 [ 1373.522661][T29582] vpanic+0x552/0x970 [ 1373.522685][T29582] ? __pfx_vpanic+0x10/0x10 [ 1373.522714][T29582] ? sys_imageblit+0x19fb/0x1d60 [ 1373.522738][T29582] panic+0xd1/0xe0 [ 1373.522761][T29582] ? __pfx_panic+0x10/0x10 [ 1373.522793][T29582] ? sys_imageblit+0x19fb/0x1d60 [ 1373.522818][T29582] ? preempt_schedule_common+0x42/0xc0 [ 1373.522860][T29582] check_panic_on_warn.cold+0x19/0x34 [ 1373.522888][T29582] end_report.part.0+0x3a/0x90 [ 1373.522924][T29582] kasan_report.cold+0xe/0x18 [ 1373.522961][T29582] ? sys_imageblit+0x19fb/0x1d60 [ 1373.522989][T29582] sys_imageblit+0x19fb/0x1d60 [ 1373.523014][T29582] ? _prb_read_valid+0x72a/0x880 [ 1373.523048][T29582] ? __pfx_sys_imageblit+0x10/0x10 [ 1373.523074][T29582] ? __pfx__prb_read_valid+0x10/0x10 [ 1373.523105][T29582] ? __asan_memcpy+0x3c/0x60 [ 1373.523137][T29582] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 1373.523170][T29582] soft_cursor+0x524/0xa10 [ 1373.523209][T29582] ? fb_get_color_depth+0x120/0x250 [ 1373.523244][T29582] bit_cursor+0xe58/0x16f0 [ 1373.523284][T29582] ? __pfx_bit_cursor+0x10/0x10 [ 1373.523324][T29582] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1373.523364][T29582] ? get_color+0x1da/0x450 [ 1373.523393][T29582] ? __pfx_bit_cursor+0x10/0x10 [ 1373.523428][T29582] fbcon_cursor+0x43c/0x5e0 [ 1373.523461][T29582] hide_cursor+0x87/0x230 [ 1373.523499][T29582] do_con_write+0x23fe/0x8540 [ 1373.523525][T29582] ? rcu_is_watching+0x12/0xc0 [ 1373.523567][T29582] ? trace_contention_end+0x140/0x180 [ 1373.523601][T29582] ? __mutex_lock+0x26a/0x1b90 [ 1373.523640][T29582] ? find_held_lock+0x2b/0x80 [ 1373.523679][T29582] ? n_tty_write+0x512/0x12d0 [ 1373.523711][T29582] ? n_tty_write+0x47e/0x12d0 [ 1373.523743][T29582] ? __pfx_do_con_write+0x10/0x10 [ 1373.523768][T29582] ? __pfx___mutex_lock+0x10/0x10 [ 1373.523818][T29582] ? __mutex_unlock_slowpath+0x15c/0x790 [ 1373.523859][T29582] ? __pfx_console_unlock+0x10/0x10 [ 1373.523897][T29582] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1373.523942][T29582] con_write+0x23/0xb0 [ 1373.523966][T29582] do_output_char+0x63b/0x850 [ 1373.523997][T29582] n_tty_write+0x528/0x12d0 [ 1373.524035][T29582] ? __pfx_n_tty_write+0x10/0x10 [ 1373.524067][T29582] ? __pfx_woken_wake_function+0x10/0x10 [ 1373.524106][T29582] ? __pfx___might_resched+0x10/0x10 [ 1373.524143][T29582] ? __pfx_n_tty_write+0x10/0x10 [ 1373.524176][T29582] file_tty_write.isra.0+0x4d2/0x890 [ 1373.524205][T29582] redirected_tty_write+0xd4/0x120 [ 1373.524231][T29582] vfs_write+0x6ac/0x1070 [ 1373.524267][T29582] ? __pfx_redirected_tty_write+0x10/0x10 [ 1373.524294][T29582] ? __pfx_vfs_write+0x10/0x10 [ 1373.524328][T29582] ? find_held_lock+0x2b/0x80 [ 1373.524376][T29582] ksys_write+0x12a/0x250 [ 1373.524411][T29582] ? __pfx_ksys_write+0x10/0x10 [ 1373.524451][T29582] do_syscall_64+0x106/0xf80 [ 1373.524488][T29582] ? clear_bhb_loop+0x40/0x90 [ 1373.524518][T29582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1373.524545][T29582] RIP: 0033:0x7f700099c139 [ 1373.524567][T29582] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1373.524595][T29582] RSP: 002b:00007f7001930028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1373.524622][T29582] RAX: ffffffffffffffda RBX: 00007f7000c15fa0 RCX: 00007f700099c139 [ 1373.524642][T29582] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000006 [ 1373.524660][T29582] RBP: 00007f7000a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1373.524678][T29582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1373.524695][T29582] R13: 00007f7000c16038 R14: 00007f7000c15fa0 R15: 00007ffdd5d058e8 [ 1373.524721][T29582] [ 1373.524802][T29582] Kernel Offset: disabled